Màj 06-04-2024

2024-04-06 09:54:09 +02:00
parent cd8cebe7cb
commit 259b9c6a24
76 changed files with 5126 additions and 229 deletions
--- a/docs/Synology/dsm7/wireguard.md
+++ b/docs/Synology/dsm7/wireguard.md
@@ -0,0 +1,108 @@
+# WireGuard
+
+
+
+### Installer WireGuard sur le NAS
+
+https://www.blackvoid.club/wireguard-spk-for-your-synology-nas/
+
+
+
+##### Identifier l'architecture du NAS:
+
+https://kb.synology.com/en-global/DSM/tutorial/What_kind_of_CPU_does_my_NAS_have?ref=blackvoid.club
+
+| **Model**  | **CPU Model**   | **Cores** **(each)** | **Threads** **(each)** | **FPU** | **Package Arch** | **RAM**             |
+| ---------- | --------------- | -------------------- | ---------------------- | ------- | ---------------- | ------------------- |
+| **DS923+** | AMD Ryzen R1600 | 2                    | 4                      | ✓       | R1000            | DDR4 ECC SODIMM 4GB |
+
+Télécharger le paquet (SPK) correspondant à la version courante de DSM (7.2):
+
+https://www.blackvoid.club/content/files/2023/03/WireGuard-r1000-1.0.20220627.spk
+
+Installer manuellement le paquet dans le Centre de paquet <u>mais ne pas le lancer.</u>
+
+Sous DSM 7.2, redémarrer le NAS, puis démarrer WireGuard:
+
+```
+root@DS923:~# cd /var/packages/WireGuard/scripts
+
+root@DS923:/var/packages/WireGuard/script
+-rwxr-xr-x 1 root root  364 May  3  2022 start
+-rwxr-xr-x 1 root root 1664 May  3  2022 start-stop-status
+
+root@DS923:/var/packages/WireGuard/scripts# /var/packages/WireGuard/scripts/start
+WireGuard have been successfully started
+```
+
+Le NAS supporte enfin WireGuard client et serveur.
+
+
+
+### WireGuard Easy
+
+https://github.com/wg-easy/wg-easy
+
+https://www.blackvoid.club/wireguard-vpn-for-your-synology-nas/
+
+```bash
+bruno@DS923:/volume1/docker/wgeasy
+-rwxrwxrwx+ 1 bruno users 488 Jan 28 12:24 docker-compose.yml
+-rwxrwxrwx+ 1 root  root  443 Jan 28 12:26 wg0.conf
+-rwxrwxrwx+ 1 root  root  195 Jan 28 12:26 wg0.json
+```
+
+
+
+##### docker-compose.yml
+
+```yaml
+version: "3.5"
+
+services:
+  wgeasy:
+    image: ghcr.io/wg-easy/wg-easy:latest
+    network_mode: "bridge"
+    container_name: wgeasy
+    ports:
+      - "51820:51820/udp"
+      - "51821:51821"
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    volumes:
+      - /volume1/docker/wgeasy:/etc/wireguard
+    environment:
+      - WG_HOST=photos-nas.ovh
+      - PASSWORD=xxxxxxxxxxxxxx
+    restart: always
+```
+
+- WireGuard VPN server utilise le port UDP 51820 <u>(à ouvrir sur le routeur)</u>
+
+- L'interface WG-Easy web utilise le port TCP 51821
+
+
+
+```bash
+bruno@DS923:/volume1/docker/wgeasy$ sudo docker-compose up -d
+```
+
+WG-Easy est disponible à http://192.168.2.57:51821, puis:
+
+- Créer un nouveau client VPN
+- Exporter la config ou scanner le QR code
+
+
+
+
+
+https://www.wundertech.net/wg-easy-wireguard-vpn-server/
+
+https://github.com/ngoduykhanh/wireguard-ui
+
+https://www.nas-forum.com/forum/topic/77094-tutodocker-linuxserverwireguard-wireguard-ui/
+