wireguard vpn article finished

1 files changed, 0 insertions, 123 deletions

diff --git a/content/weblog/2020-06-04_wireguard-vpn/index.md b/content/weblog/2020-06-04_wireguard-vpn/index.md
deleted file mode 100644
index 5d68389..0000000
--- a/content/weblog/2020-06-04_wireguard-vpn/index.md
+++ /dev/null
@@ -1,123 +0,0 @@
-+++
-title = "Goodbye OpenVPN, hello Wireguard"
-date = 2020-06-05T13:00:00Z
-+++
-
-I have been using OpenVPN for quite some time for my internet privacy purposes.
-However, recently I decided to switch to Wireguard. I am going to layout the
-reason why I chose to do it, and how I setup the Wireguard VPN for my purposes.
-I had been meaning to write about this for some time, unfortunately, I have been
-quite busy with finishing my last year of university.
-
-<!-- more -->
-
-I had heard about this new VPN thing-y called Wireguard last year and how it is
-supposed to be so much better than other VPN technologies such as IPsec and
-OpenVPN. It sounded nice to me and all, but it still wasn't considered stable
-back then, and I really didn't feel like switching when I had a setup that "just
-works™".
-
-But then, something happened. My then hosting provider decided to cancel their
-VPS hosting plans, so I had to migrate everything that I had on my VPS to a new
-hosting provider, which included this site and my VPN. Also by this time, the
-stable release of Wireguard had been release, and the kernel module added to
-upstream. When I was in the process of migrating to my new VPS, I actually
-started to setup OpenVPN first, but some things had changed since the last time
-I had setup OpenVPN, and I didn't really want to deal with OpenVPN at this
-point. That's when I remembered about Wireguard. Good timing, if I do say so
-myself.
-
-I have been using Wireguard for over a month now, and I have to say, I am really
-happy with it. It really is better than OpenVPN. The main advantages that
-Wireguard has over OpenVPN for me are the following:
-
-* It is so much easier to setup. No need to mess around with certificates.
-* Adding new clients or peers is also much easier are straightforward.
-* Latency and speed are slightly better than OpenVPN, especially latency. It
-  might not be such a big difference, but I no longer feel the need to turn off
-  my VPN when videoconferencing.
-* It brings up the network interface(s) much faster than OpenVPN.
-* It consumes less resources.
-* I had to disconnect and manually reconnect OpenVPN every time I resumed my
-  computer from sleep or when I changed networks. With Wireguard, not anymore.
-  It has a built-in roaming feature, so it doesn't matter if I suspend my
-  computer, after waking up it "keeps" the connection for me, the same when I,
-  for example, disconnect from WiFi and connect to ethernet, etc.
-
-If these advantages haven't convinced you yet, I don't know what will.
-
-## Set up instructions
-
-There are something that are worth keeping in mind while setting up Wireguard.
-One of them is that unlike other VPN protocols, like OpenVPN, there is no server
-and client per se. There are just peers. Of course, that doesn't mean that you
-cannot use Wireguard like you would use OpenVPN, quite the contrary. It just
-means there is more flexibility and that you need to configure the peer that
-you're going to use as a server, such that it tunnels all the internet traffic
-it receives from the other peers and reroutes it.
-
-Before setting up Wireguard, you'll need to install it on each peer. Check out
-this link on how to install Wireguard on your system:
-[https://www.wireguard.com/install/](https://www.wireguard.com/install/)
-
-### Server configuration
-
-Before setting up Wireguard, you might want to setup a firewall such as `ufw`.
-After installing Wireguard and setting up your firewall, it's time to create a
-new profile for your connection.
-
-First, as root, change to the `/etc/wireguard/` directory.
-
-You'll need to create a private key, and from that private key you should get
-the public key for your clients.
-
-Generating a private key is as simple as this:
-
-```sh
-wg genkey
-```
-
-Then you'll need to create the profile, for that create file wg0.conf with the
-following contents:
-
-```
-[Interface]
-Address = 10.0.0.1/24
-Address = fd86:ea04:1115::1/64
-PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
-PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE
-ListenPort = 51820
-PrivateKey = <your private key here>
-```
-
-You should put the private key that you generated before in the wg0.conf file in
-the "PrivateKey" field.
-
-Now is a good time to get the public key. It would be convenient to have it
-saved in a file so that you can easily retrieve in the future when you need to
-add new peers:
-
-```sh
-echo "<your private key here>" | wg pubkey > wg0.pubkey
-```
-
-If you already have setup a firewall on your server, don't forget to allow
-connections on the port being used by Wireguard. For example, for ufw you would
-run the following:
-
-```sh
-ufw allow 5182/udp
-```
-
-### Client configuration
-
-The configuration for the client side of things is pretty similar to the server
-side of things, since after all, to Wireguard there is no server or client.
-
-Back on the server, append an entry for your client device to the end of the
-wg.conf file:
-
-```
-[Peer]
-PublicKey = <your public key here>
-AllowedIPs = 10.0.0.2/32