Skip to content

Configure a client VPN connection and upload to their Lokal install bundle

Jump to bottom
Dean Kayton edited this page Jan 26, 2022 · 7 revisions

On sysadmin machine:

  1. Prepare a client config of similar format (save as wg0-client.conf in a directory of your choosing):
[Interface]
PrivateKey = <*1>
Address = <*3>/32

[Peer]
PublicKey = <*2.2>
AllowedIPs = 10.179.0.0/16
Endpoint = <IP-of-WG-server>:51820
PersistentKeepalive = 25
  1. ssh root@<IP-of-WG-server>

On server:

  1. nano /etc/wireguard/wg0.conf
  2. Prepare, append and save a text snippet of the following format (you will need to run commands on sysadmin machine in a seperate terminal window/tab):
[Peer]
# Description as comment here
PublicKey = <*2.1>
AllowedIPs = <*3>/32

Make the following substitutions to the text files:

<*1> On sysadmin machine, run wg genkey and paste output

<*2.1> On sysadmin machine, run echo <private-key-client-interface> | wg pubkey

<*2.2> On sysadmin machine, run echo <private-key-server-interface> | wg pubkey

<*3> Decide on an IP that is not already used in server config, and is part of 10.179.0.0/16 range

On server:

  1. systemctl restart wg-quick@wg0

On sysadmin machine:

  1. Browse to nextcloud 'lokal' account
  2. upload client config (wg0-client.conf) to appropriately named subdirectory under path, 'client-bundles'
  3. Share file with desired client (create account if it doesn't yet exist, add to client group, 1GB quota)
  4. As client, create API credentials
  5. Ask them to install lokal using the credentials provided as before

On client machine:

  1. bash <(curl -Ls getlokal.wakoma.net/wg)
Clone this wiki locally