Update

2025-09-29 21:12:38 +02:00
parent 9d600ffbcf
commit f26389d14e
2 changed files with 2 additions and 12 deletions
--- a/services/wireguard/install.sh
+++ b/services/wireguard/install.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 echo "Setting up Wireguard ..."
-apk add wireguard-tools
+apk add wireguard-tools wireguard-tools-openrc

 # Generate server private and public keys
 mkdir -p /etc/wireguard
@@ -20,7 +20,6 @@ echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.d/ip_forward.conf
 sysctl -p /etc/sysctl.d/ip_forward.conf

 # Auto-start Wireguard on boot
-apk add wireguard-tools-openrc
 ln -s /etc/init.d/wg-quick /etc/init.d/wg-quick.wg0
 rc-update add wg-quick.wg0
 rc-service wg-quick.wg0 start
--- a/todo.txt
+++ b/todo.txt
@@ -1,12 +1,3 @@
 backup(), restore()

-Volume labels (label)
-
-Switch to NFTables or UFW.
-
-Firewall:
- Block all traffic by default
- Allow outgoing (wan) http,https,dns,ssh,ntp,ping
- Allow incoming (wan) http,https,ssh,wireguard
- Allow wireguard traffic to lan (so access for instance 192.168.2.x) and wan (access the internet),
-BUT only http,https,ping,dns
+Volume labels (label)