[WireGuard] Virtual Private Network

Hey Thank you for your answer.
I played a bit with the settings and got it running!

It got my attention that the host IP address was outdated and I clicked on suggestion and selected the new IP. Now it is working.

2 questions:

  1. Did I overlocked something what I should have done to prevent this?
  2. If not, how is the IP for the Wireguard Server updated ? As far as I know it changes every 24 Hours.

Thanks again :slight_smile:

1 Like

If you have a non-stable IP address, you should put your domain name and port in the Endpoint of your peers wg0.conf

But that’s an overlook from the web UI’s author I think.

1 Like

Global Settings → Endpoint Address = yourdomain.noho.st
Works perfectly.

Maybe this is possible to already add in the installation process? In Germany its not normal to have a static IP.

And thank you very much for your help!

2 Likes

hey, two questions:

  1. Can I change the port of Wireguard? Sometimes a wifi network blocks uncommon ports…
  2. Can I install pihole on the same YNH server and have all connected WG clients use the pihole?

Edit. Question 1 is answered per this Reddit Topic

Found out I can change the port in the server config of Wireguard to 989
Also I needed to open that port in the Yunohost firewall
And set the new endpoint port in my clients config.

I would suggest that you change the internal YunoHost setting so that your new port is kept across updates: yunohost app setting wireguard port_wg -v 989. (note to other readers, this command is not magic and does not do what you might think it does :stuck_out_tongue: )

It should work for basic DNS needs. Make sure it is set up to listen on all interfaces (or first hop? I cannot remember what’s right).
I would like to extend this for internal domains usage, but I have yet to make it work (I use Adguard).

1 Like

I don’t mind moving to adguard if you think that works better with wireguard. Is that something you would recommend?

Sorry, I meant I was not able to make it work with Adguard either. :sweat:

You mean this, no?

1 Like

I have same problem with pi-hole. I am unable to use it via WireGuard.
And service dnsmasq is also masked after installing pi-hole.

Hello,

The diagnosis complain about the WireGuard broken status since few days.
Is there something (easy) to do or test in order to help ?

ppr

WireGuard seen to be installable… Maybe a CI issue?

Same problem here.

“ [WARNING] An issue was found for app WireGuard

  • This application is currently flagged as broken on YunoHost’s application catalog. This may be a temporary issue while the maintainers attempt to fix the issue. In the meantime, upgrading this app is disabled”

Hi, is it possible to use wireguard client and wireguard server on a same yunohost instance ? My use case :

  • I want yunohost to get internet access by a VPN with wireguard client, to get it’s own IP address independent of internet connexion (allows easy 4G backup)
  • I want to use wireguard server to get an access to local network when we’re away
    Did anyone already test that ?

Yes you can :slight_smile:

In theory you can do anything with the proper configuration, but you would need to follow some tutorials (and I am no networking expert).

I would rather point you to Headscale, a Tailscale server, and install the clients on YunoHost and your other devices. It has an option to expose local networks through the VPN.

A post was split to a new topic: WireGuard: no connection for clients