mirror of
https://github.com/myronblair/proxmox-config
synced 2026-06-30 15:59:57 -05:00
myron
d45f88b604
- vm-configs/fstab/: fstab snapshots for JARVIS, NPM, NovaCPX, Jellyfin, MediaStack - vm-configs/network-reference.md: full IP/service/NAS/WireGuard reference - wireguard/: MediaStack wg0/wg1 and WireGuard CT nord0/wg-clients configs - msp360/: install and setup scripts + staggered backup schedule Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01X8tDRrQqgLjqXebMCBNcP3
18 lines
774 B
Plaintext
18 lines
774 B
Plaintext
# MediaStack (10.48.200.35) WireGuard client config
|
|
# Tunnels all internet traffic through WireGuard CT (10.48.200.67)
|
|
# Kill-switch: iptables blocks any non-WireGuard internet traffic
|
|
# File: /etc/wireguard/wg0.conf
|
|
|
|
[Interface]
|
|
PrivateKey = UAaoNldLsxWJerLJAjGlncrm41Ay9QMsK3O1XaTlxmg=
|
|
Address = 10.200.0.4/24
|
|
DNS = 10.48.200.90
|
|
PostUp = iptables -I OUTPUT ! -o wg0 -m mark ! --mark 51820 -m addrtype ! --dst-type LOCAL -j REJECT; iptables -I OUTPUT -d 10.48.200.0/24 -j ACCEPT
|
|
PostDown = iptables -D OUTPUT -d 10.48.200.0/24 -j ACCEPT; iptables -D OUTPUT ! -o wg0 -m mark ! --mark 51820 -m addrtype ! --dst-type LOCAL -j REJECT
|
|
|
|
[Peer]
|
|
PublicKey = Fqb1KLfHe1r3+Hwhem7YGZB2KikGYy/8pPsOIP4rn18=
|
|
Endpoint = 10.48.200.67:51821
|
|
AllowedIPs = 0.0.0.0/0
|
|
PersistentKeepalive = 25
|