diff --git a/Vagrantfile b/Vagrantfile index 1977fca75..c762d2bcb 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,28 +1,43 @@ # -*- mode: ruby -*- # vi: set ft=ruby : Vagrant.configure('2') do |config| - config.vm.box = 'ubuntu/bionic64' + config.vm.define "server" do |server| + server.vm.box = 'hashicorp/bionic64' + server.vm.hostname = 'server' - config.vm.provider 'virtualbox' do |vb| - vb.cpus = 4 - vb.memory = '2048' + # Link to client + server.vm.network 'private_network', ip: '172.16.1.2' + + server.vm.network 'forwarded_port', guest: 4000, host: 4000, protocol: 'tcp' + + # Install dependencies + server.vm.provision 'shell', path: 'vagrant/provision_deps.sh' + server.vm.provision 'shell', path: 'vagrant/provision_runtimes.sh' + + # Copy WireGuard server into place + server.vm.provision 'file', source: 'vagrant/sample_conf/wg-server.conf', destination: '/tmp/wg0.conf' + server.vm.provision 'shell', inline: 'mv /tmp/wg0.conf /etc/wireguard/' + + server.vm.provision 'shell', privileged: true, inline: <<~SHELL + echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf + echo 'net.ipv6.conf.all.forwarding = 1' >> /etc/sysctl.conf + sysctl -p + SHELL end - # WireGuard - config.vm.network 'forwarded_port', guest: 51820, host: 51820, protocol: 'udp' + config.vm.define "client" do |client| + client.vm.box = 'hashicorp/bionic64' + client.vm.hostname = 'client' + + # Link to server + client.vm.network 'private_network', ip: '172.16.1.3' - # App - config.vm.network 'forwarded_port', guest: 4000, host: 4000, protocol: 'tcp' + # Install dependencies + client.vm.provision 'shell', path: 'vagrant/provision_deps.sh' + client.vm.provision 'shell', path: 'vagrant/provision_runtimes.sh' - # Postgres, by default, this listens to 127.0.0.1 within the VM only. If you'd - # like to be able to access Postgres from the host, uncomment this line and configure - # it to listen to 0.0.0.0 within the VM. - # config.vm.network 'forwarded_port', guest: 5432, host: 5432, protocol: 'tcp' - - config.vm.provision 'shell', path: 'provision_deps.sh', privileged: true - config.vm.provision 'shell', path: 'provision_runtimes.sh', privileged: true - - # Copy WireGuard config into place - config.vm.provision 'file', source: 'sample_conf/wg-server.conf', destination: '/tmp/wgdev.conf' - config.vm.provision 'shell', privileged: true, inline: 'mv /tmp/wgdev.conf /etc/wireguard/' + # Copy WireGuard client into place + client.vm.provision 'file', source: 'vagrant/sample_conf/wg-client.conf', destination: '/tmp/wg0.conf' + client.vm.provision 'shell', inline: 'mv /tmp/wg0.conf /etc/wireguard/', privileged: true + end end diff --git a/provision_deps.sh b/vagrant/provision_deps.sh similarity index 99% rename from provision_deps.sh rename to vagrant/provision_deps.sh index ea5d732ea..ad8ac7d62 100644 --- a/provision_deps.sh +++ b/vagrant/provision_deps.sh @@ -61,9 +61,9 @@ apt-get install -y --no-install-recommends \ linux-headers-generic-hwe-18.04-edge \ git \ libwxgtk3.0-dev \ - nftables \ curl \ ca-certificates \ + resolvconf \ gnupg # Install WireGuard diff --git a/provision_runtimes.sh b/vagrant/provision_runtimes.sh similarity index 100% rename from provision_runtimes.sh rename to vagrant/provision_runtimes.sh diff --git a/sample_conf/wg-client.conf b/vagrant/sample_conf/wg-client.conf similarity index 83% rename from sample_conf/wg-client.conf rename to vagrant/sample_conf/wg-client.conf index 57ff4a0c1..4e0eb1d3a 100644 --- a/sample_conf/wg-client.conf +++ b/vagrant/sample_conf/wg-client.conf @@ -17,5 +17,5 @@ PublicKey = MW7uvigH6bTAZf6UuuJ5wttYGU4R04RP5K/sLCJN2F8= # The IPs you want to route through the tunnel AllowedIPs = 0.0.0.0/0, ::/0 -# IP address and port of the server -- localhost if using Vagrant -Endpoint = 127.0.0.1:51820 +# IP address and port of the server +Endpoint = 172.16.1.2:51820 diff --git a/sample_conf/wg-server.conf b/vagrant/sample_conf/wg-server.conf similarity index 100% rename from sample_conf/wg-server.conf rename to vagrant/sample_conf/wg-server.conf