After some more googling I might have found a reason why some things work and others don't. I think there might be a conflict in the internal subnet. However, I'm quite a novice on this topic but always willing to learn. Does anyone see an issue in the internal subnet which could cause my problems?
i've just installed wireguard on my omv machine (omv version 5.5.20-1) by myself, without any suggested script here.
"Ip a" show three network devices
Everything went smoothly and the wireguard connection between my omv server and my clients works flawless.
My intention in doing this was to create a nfs-share which is accessible from the wireguard ip-range.
I created the share, but unfortunately it isn't visible for my clients. Running
- showmount #IP_of_my_OMV_Server_enp2s0-Interface#
- showmount #IP_of_my_OMV_Server_wg0-Interface#
works for both IPs, but only show my normal nfs shares created for the ipramge of the enp2s0 interface, but not those i created for the wireguard IPs.
I think maybe it is because my wireguard connection isn't known by openmediavault. If i go in the omv web configuration System\Network\Interfaces there is only my enp2s0 interface listed. I see no option to add my new wg0 interface here :/...
Do you think the missing interface is causing my not visible nfs share? Or is this another problem? Does anyone knows how i can achieve nfs shares restricted for my wireguard connections?
Thanks in advance and kind regards!
Thank you henfri for the nice script - I just used it to (manually) install Wireguard on my OMV server and use it with my phone. So far, it works perfectly (although I did have to add my OMV server's public IP address in the client app manually, as others have stated before).
I'm able to use a custom port other than 51820 and my own choice of subnet (10.x.x.1) as well with no issues.
My only issue was with this part of the script:
where service wg-quick@wgnet0 start spit out a very weird error - so I issued systemctl start wg-quick@wg0 instead (I use wg0 instead of wgnet0) and that did the trick.
One thing that surprised me was that, once I had my phone's wi-fi turned off and connected it through Wireguard, I was able to browse web sites, read email, etc. all without ever having set up a DNS server of any kind.
I thought it was necessary to set up the Wireguard server as a DNS server as well? I did not enter any public DNS addresses in the client (the official Android Wireguard app). Is this now done automatically?
I can only make a wireguard docker if I add the line network_mode: bridge to docker-compose.yml
If I try to make a wireguard docker without that line I get an error:
wireguard | [FATAL] plugin/loop: Loop (127.0.0.1:50437 -> :53) detected for zone ".", see https://coredns.io/plugins/loop#troubleshooting. Query: "HINFO 500036817.976505179."
wireguard | Another service is using port 53, disabling CoreDNS
This means that a wireguard docker can only connect to an existing network (bridge) on which there are already portainer and yacht dockers and cannot connect it to its separate bridge network without errors.
OMV5 installed on OdroidHC2
After installed wireguard on host everything works and I can access LAN and all services.
I have question...
Is it possible to connect two wireguard servers?
Server IP 192.168.1.66
wireguard server wg0 10.253.3.1/24
Server IP 192.168.5.66
wireguard server wg0 10.255.3.1/24