Ambrose Chua d4730edf42 | ||
---|---|---|
cmd | ||
lib | ||
.gitignore | ||
LICENSE | ||
README.md | ||
go.mod | ||
go.sum | ||
main.go |
README.md
wireguard-negotiator
A not-very-secure manual WireGuard negotiator
Purpose
wireguard-negotiator
is built for scenarios where a simple mechanism to exchange and manually accept WireGuard keys is needed. This makes it slightly easier to provision a group of Linux WireGuard peers that peer with a "server".
In summary:
- Manage "client" keys
- Exchange keys over HTTP(S)
- Exchange IP addressing (DHCP-like)
- Manually gate new peers
- Sets up network interface on the "client"
- Generate Ansible INI inventory
The primary scenario this tool is going to be used for is to manage machines using Ansible within an unknown LAN behind NAT. I am planning to use it for FOSSASIA Summit 2020.
Limitations
- Linux-only
- Manages existing config files only
- Removing peers is a manual process
Usage
TODO