wireguard-operator

Kubernetes operator to provision wireguard peers

prerequisites

The following unsafe sysctls must be allowed:

net.ipv4.ip_forward
net.ipv4.conf.all.src_valid_mark
net.ipv4.conf.all.rp_filter
net.ipv4.conf.all.route_localnet

tl;dr

kubectl apply -f \
    https://github.com/cornbuddy/wireguard-operator/raw/refs/heads/main/src/config/manifest.yml

echo "
apiVersion: vpn.ahova.com/v1alpha1
kind: Wireguard
metadata:
  name: vpn
spec:
  serviceType: LoadBalancer

---
apiVersion: vpn.ahova.com/v1alpha1
kind: WireguardPeer
metadata:
  name: peer
spec:
  wireguardRef: vpn"

kubectl get secret -o json peer \
    | jq -r '.data.config' \
    | base64 -d > /etc/wireguard/wg0.conf
sudo wg-quick up wg0

Name		Name	Last commit message	Last commit date
Latest commit History 320 Commits
.github		.github
docs		docs
spec		spec
src		src
.editorconfig		.editorconfig
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
CONTRIBUTING		CONTRIBUTING
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

wireguard-operator

prerequisites

tl;dr

About

Uh oh!

Releases 76

Packages

Uh oh!

Languages

License

cornbuddy/wireguard-operator

Folders and files

Latest commit

History

Repository files navigation

wireguard-operator

prerequisites

tl;dr

About

Resources

License

Contributing

Uh oh!

Stars

Watchers

Forks

Releases 76

Packages 0

Uh oh!

Languages

Packages