30 lines
819 B
Markdown
30 lines
819 B
Markdown
|
|
# wireguard-negotiator
|
|
|
|
A not-very-secure manual WireGuard negotiator
|
|
|
|
## Purpose
|
|
|
|
`wireguard-negotiator` is built for scenarios where a simple mechanism to exchange and manually accept WireGuard keys is needed. This makes it slightly easier to provision a group of Linux WireGuard peers that peer with a "server".
|
|
|
|
In summary:
|
|
|
|
* Manage "client" keys
|
|
* Exchange keys over HTTP(S)
|
|
* Exchange IP addressing (DHCP-like)
|
|
* Manually gate new peers
|
|
* Sets up network interface on the "client"
|
|
* Generate Ansible INI inventory
|
|
|
|
The primary scenario this tool is going to be used for is to manage machines using Ansible within an unknown LAN behind NAT. I am planning to use it for FOSSASIA Summit 2020.
|
|
|
|
## Limitations
|
|
|
|
* Linux-only
|
|
* Manages existing config files only
|
|
* Removing peers is a manual process
|
|
|
|
# Usage
|
|
|
|
> TODO
|