iammelea · March 29, 2020 16:46
diff --git a/wireguard setup validator private and 2 sentrys b/wireguard setup validator private and 2 sentrys
 $ sudo apt-get install wireguard
 #if fail → via ppa

 $ sudo add-apt-repository ppa:wireguard/wireguard
 $ sudo apt-get update
 $ sudo apt-get install wireguard


 $ sudo systemctl stop wg-quick@wg0
 $ sudo vi /etc/wireguard/wg0.conf

 #Validator
 [Interface]
 Address = 10.0.0.1/24
 SaveConfig = true
 ListenPort = 51111
 PrivateKey = private key wireguard validator

 [Peer]
 PublicKey = <run in sentry A=(cat /etc/wireguard/publickey) add the results here>
 AllowedIPs = 10.0.0.2/32
 Endpoint = IP sentry A:51111

 [Peer]
 PublicKey = <run in sentry b=(cat /etc/wireguard/publickey) add the results here>
 AllowedIPs = 10.0.0.3/32
 Endpoint = IP sentry B:51111

 #save the file &
 $ sudo systemctl start wg-quick@wg0




 #public sentry A=

 $ sudo systemctl stop wg-quick@wg0
 $ sudo vi /etc/wireguard/wg0.conf                       

 [Interface]
 Address = 10.0.0.2/24
 SaveConfig = true
 ListenPort = 51111
 PrivateKey = private key wireguard Sentry A

 [Peer]
 PublicKey = <run in validator b=(cat /etc/wireguard/publickey) add the results here>
 AllowedIPs = 10.0.0.1/32
 Endpoint = IP validator:51111

 #save the file &
 $ sudo systemctl start wg-quick@wg0


 #public sentry B=

 $ sudo systemctl stop wg-quick@wg0
 $ sudo vi /etc/wireguard/wg0.conf

 [Interface]
 Address = 10.0.0.3/24
 SaveConfig = true
 ListenPort = 51111
 PrivateKey = private key wireguard sentry B

 [Peer]
 PublicKey = <run in validator b=(cat /etc/wireguard/publickey) add the results here>
 AllowedIPs = 10.0.0.1/32
 Endpoint = IP validator:51111


 #save the file &
 $ sudo systemctl start wg-quick@wg0

 #check Validator
 $ sudo wg
 interface: wg0
  public key: xxxxxx
  private key: (hidden)
  listening port: 51111

 peer: xxxxxx
  endpoint: xxx:51111
  allowed ips: 10.0.0.3/32
  latest handshake: 3 seconds ago
  transfer: 174.17 MiB received, 147.81 MiB sent

 peer: xxxxx
  endpoint: xxxxx:51111
  allowed ips: 10.0.0.2/32
  latest handshake: 1 minute, 20 seconds ago
  transfer: 167.67 MiB received, 147.14 MiB sent
  
  #check Sentry A 
 $ sudo wg
 interface: wg0
  public key: xxxxxx
  private key: (hidden)
  listening port: 51111

 peer: xxxxxx
  endpoint: xxx:51111
  allowed ips: 10.0.0.1/32
  latest handshake: 3 seconds ago
  transfer: 174.17 MiB received, 147.81 MiB sent
  
  
 #check Sentry B
 $ sudo wg

 interface: wg0
  public key: xxxxxx
  private key: (hidden)
  listening port: 51111

 peer: xxxxxx
  endpoint: xxx:51111
  allowed ips: 10.0.0.1/32
  latest handshake: 3 seconds ago
  transfer: 174.17 MiB received, 147.81 MiB sent


 #Ping from validator to sentrys
 ping -c 3 10.0.0.2
 ping -c 3 10.0.0.1
 =
 ```
 PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=86.5 ms
 64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=86.7 ms
 64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=86.7 ms

 --- 10.0.0.2 ping statistics ---
 3 packets transmitted, 3 received, 0% packet loss, time 2002ms
 ```

 #Ping from sentry A to validator 
 ping -c 3 10.0.0.1

 #Ping from sentry B to validator
 ping -c 3 10.0.0.1

 #this setup = Validator only need open port for VPN in this case is 51111 same port need open in Sentrys, also sentrys need more open ports for sync the chain, but not the validator. 
 #to start at boot=
 $ sudo systemctl enable wg-quick@wg0

 #Add more peers
 $ sudo wg set wg0 peer public_key_of_second_server endpoint public_IP_of_second_server:5555 allowed-ips 10.0.0.2/32
	$ sudo apt-get install wireguard
	#if fail → via ppa

	$ sudo add-apt-repository ppa:wireguard/wireguard
	$ sudo apt-get update
	$ sudo apt-get install wireguard


	$ sudo systemctl stop wg-quick@wg0
	$ sudo vi /etc/wireguard/wg0.conf

	#Validator
	[Interface]
	Address = 10.0.0.1/24
	SaveConfig = true
	ListenPort = 51111
	PrivateKey = private key wireguard validator

	[Peer]
	PublicKey = <run in sentry A=(cat /etc/wireguard/publickey) add the results here>
	AllowedIPs = 10.0.0.2/32
	Endpoint = IP sentry A:51111

	[Peer]
	PublicKey = <run in sentry b=(cat /etc/wireguard/publickey) add the results here>
	AllowedIPs = 10.0.0.3/32
	Endpoint = IP sentry B:51111

	#save the file &
	$ sudo systemctl start wg-quick@wg0




	#public sentry A=

	$ sudo systemctl stop wg-quick@wg0
	$ sudo vi /etc/wireguard/wg0.conf

	[Interface]
	Address = 10.0.0.2/24
	SaveConfig = true
	ListenPort = 51111
	PrivateKey = private key wireguard Sentry A

	[Peer]
	PublicKey = <run in validator b=(cat /etc/wireguard/publickey) add the results here>
	AllowedIPs = 10.0.0.1/32
	Endpoint = IP validator:51111

	#save the file &
	$ sudo systemctl start wg-quick@wg0


	#public sentry B=

	$ sudo systemctl stop wg-quick@wg0
	$ sudo vi /etc/wireguard/wg0.conf

	[Interface]
	Address = 10.0.0.3/24
	SaveConfig = true
	ListenPort = 51111
	PrivateKey = private key wireguard sentry B

	[Peer]
	PublicKey = <run in validator b=(cat /etc/wireguard/publickey) add the results here>
	AllowedIPs = 10.0.0.1/32
	Endpoint = IP validator:51111


	#save the file &
	$ sudo systemctl start wg-quick@wg0

	#check Validator
	$ sudo wg
	interface: wg0
	public key: xxxxxx
	private key: (hidden)
	listening port: 51111

	peer: xxxxxx
	endpoint: xxx:51111
	allowed ips: 10.0.0.3/32
	latest handshake: 3 seconds ago
	transfer: 174.17 MiB received, 147.81 MiB sent

	peer: xxxxx
	endpoint: xxxxx:51111
	allowed ips: 10.0.0.2/32
	latest handshake: 1 minute, 20 seconds ago
	transfer: 167.67 MiB received, 147.14 MiB sent

	#check Sentry A
	$ sudo wg
	interface: wg0
	public key: xxxxxx
	private key: (hidden)
	listening port: 51111

	peer: xxxxxx
	endpoint: xxx:51111
	allowed ips: 10.0.0.1/32
	latest handshake: 3 seconds ago
	transfer: 174.17 MiB received, 147.81 MiB sent


	#check Sentry B
	$ sudo wg

	interface: wg0
	public key: xxxxxx
	private key: (hidden)
	listening port: 51111

	peer: xxxxxx
	endpoint: xxx:51111
	allowed ips: 10.0.0.1/32
	latest handshake: 3 seconds ago
	transfer: 174.17 MiB received, 147.81 MiB sent


	#Ping from validator to sentrys
	ping -c 3 10.0.0.2
	ping -c 3 10.0.0.1
	=
	```
	PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
	64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=86.5 ms
	64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=86.7 ms
	64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=86.7 ms

	--- 10.0.0.2 ping statistics ---
	3 packets transmitted, 3 received, 0% packet loss, time 2002ms
	```

	#Ping from sentry A to validator
	ping -c 3 10.0.0.1

	#Ping from sentry B to validator
	ping -c 3 10.0.0.1

	#this setup = Validator only need open port for VPN in this case is 51111 same port need open in Sentrys, also sentrys need more open ports for sync the chain, but not the validator.
	#to start at boot=
	$ sudo systemctl enable wg-quick@wg0

	#Add more peers
	$ sudo wg set wg0 peer public_key_of_second_server endpoint public_IP_of_second_server:5555 allowed-ips 10.0.0.2/32