2.7 KiB
WireGuard
Installer WireGuard sur le NAS
https://www.blackvoid.club/wireguard-spk-for-your-synology-nas/
Identifier l'architecture du NAS:
https://kb.synology.com/en-global/DSM/tutorial/What_kind_of_CPU_does_my_NAS_have?ref=blackvoid.club
| Model | CPU Model | Cores (each) | Threads (each) | FPU | Package Arch | RAM |
|---|---|---|---|---|---|---|
| DS923+ | AMD Ryzen R1600 | 2 | 4 | ✓ | R1000 | DDR4 ECC SODIMM 4GB |
Télécharger le paquet (SPK) correspondant à la version courante de DSM (7.2):
https://www.blackvoid.club/content/files/2023/03/WireGuard-r1000-1.0.20220627.spk
Installer manuellement le paquet dans le Centre de paquet mais ne pas le lancer.
Sous DSM 7.2, redémarrer le NAS, puis démarrer WireGuard:
root@DS923:~# cd /var/packages/WireGuard/scripts
root@DS923:/var/packages/WireGuard/script
-rwxr-xr-x 1 root root 364 May 3 2022 start
-rwxr-xr-x 1 root root 1664 May 3 2022 start-stop-status
root@DS923:/var/packages/WireGuard/scripts# /var/packages/WireGuard/scripts/start
WireGuard have been successfully started
Le NAS supporte enfin WireGuard client et serveur.
WireGuard Easy
https://github.com/wg-easy/wg-easy
https://www.blackvoid.club/wireguard-vpn-for-your-synology-nas/
bruno@DS923:/volume1/docker/wgeasy
-rwxrwxrwx+ 1 bruno users 488 Jan 28 12:24 docker-compose.yml
-rwxrwxrwx+ 1 root root 443 Jan 28 12:26 wg0.conf
-rwxrwxrwx+ 1 root root 195 Jan 28 12:26 wg0.json
docker-compose.yml
version: "3.5"
services:
wgeasy:
image: ghcr.io/wg-easy/wg-easy:latest
network_mode: "bridge"
container_name: wgeasy
ports:
- "51820:51820/udp"
- "51821:51821"
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
volumes:
- /volume1/docker/wgeasy:/etc/wireguard
environment:
- WG_HOST=photos-nas.ovh
- PASSWORD=xxxxxxxxxxxxxx
restart: always
-
WireGuard VPN server utilise le port UDP 51820 (à ouvrir sur le routeur)
-
L'interface WG-Easy web utilise le port TCP 51821
bruno@DS923:/volume1/docker/wgeasy$ sudo docker-compose up -d
WG-Easy est disponible à http://192.168.2.57:51821, puis:
- Créer un nouveau client VPN
- Exporter la config ou scanner le QR code
https://www.wundertech.net/wg-easy-wireguard-vpn-server/
https://github.com/ngoduykhanh/wireguard-ui
https://www.nas-forum.com/forum/topic/77094-tutodocker-linuxserverwireguard-wireguard-ui/