aboutsummaryrefslogtreecommitdiffhomepage
path: root/services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html
diff options
context:
space:
mode:
Diffstat (limited to 'services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html')
-rw-r--r--services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html98
1 files changed, 54 insertions, 44 deletions
diff --git a/services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html b/services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html
index 94a327b6..d5517d25 100644
--- a/services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html
+++ b/services/nuldoc/public/blog/posts/2024-02-03/install-wireguard-on-personal-server/index.html
@@ -119,14 +119,16 @@
まずは個人用サービスをホストしている Ubuntu のサーバに WireGuard をインストールする。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo apt install wireguard</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo apt install wireguard
+</code></pre>
</div>
<p>
次に、WireGuard で使用する鍵を生成する。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ wg genkey | sudo tee /etc/wireguard/server.key | wg pubkey | sudo tee /etc/wireguard/server.pub</span></span>
-<span class="line"><span>$ sudo chmod 600 /etc/wireguard/server.{key,pub}</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ wg genkey | sudo tee /etc/wireguard/server.key | wg pubkey | sudo tee /etc/wireguard/server.pub
+$ sudo chmod 600 /etc/wireguard/server.{key,pub}
+</code></pre>
</div>
</section>
<section id="section--install-wireguard-client">
@@ -135,26 +137,28 @@
公式サイトから各 OS 向けのクライアントソフトウェアを入手し、インストールする。次に、設定をおこなう。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span style="color:#6A737D"># クライアント 1 の場合</span></span>
-<span class="line"><span style="color:#6F42C1">[Interface]</span></span>
-<span class="line"><span style="color:#D73A49">Address</span><span style="color:#24292E"> = 10.10.1.2/32</span></span>
-<span class="line"><span style="color:#D73A49">PrivateKey</span><span style="color:#24292E"> = &#x3C;クライアント 1 の秘密鍵></span></span>
-<span class="line"></span>
-<span class="line"><span style="color:#6F42C1">[Peer]</span></span>
-<span class="line"><span style="color:#D73A49">PublicKey</span><span style="color:#24292E"> = &#x3C;サーバの公開鍵></span></span>
-<span class="line"><span style="color:#D73A49">AllowedIPs</span><span style="color:#24292E"> = &#x3C;サーバの外部 IP アドレス>/32</span></span>
-<span class="line"><span style="color:#D73A49">Endpoint</span><span style="color:#24292E"> = &#x3C;サーバの外部 IP アドレス>:51820</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code><span style="color: #6e7781"># クライアント 1 の場合
+</span><span style="color: #953800">[Interface]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">Address</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">10.10.1.2/32</span>
+<span style="color: #0550ae">PrivateKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;クライアント 1 の秘密鍵&gt;</span>
+<span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #953800">[Peer]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">PublicKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの公開鍵&gt;</span>
+<span style="color: #0550ae">AllowedIPs</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの外部 IP アドレス&gt;/32</span>
+<span style="color: #0550ae">Endpoint</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの外部 IP アドレス&gt;:51820</span>
+</code></pre>
</div>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span style="color:#6A737D"># クライアント 2 の場合</span></span>
-<span class="line"><span style="color:#6F42C1">[Interface]</span></span>
-<span class="line"><span style="color:#D73A49">Address</span><span style="color:#24292E"> = 10.10.1.3/32</span></span>
-<span class="line"><span style="color:#D73A49">PrivateKey</span><span style="color:#24292E"> = &#x3C;クライアント 2 の秘密鍵></span></span>
-<span class="line"></span>
-<span class="line"><span style="color:#6F42C1">[Peer]</span></span>
-<span class="line"><span style="color:#D73A49">PublicKey</span><span style="color:#24292E"> = &#x3C;サーバの公開鍵></span></span>
-<span class="line"><span style="color:#D73A49">AllowedIPs</span><span style="color:#24292E"> = &#x3C;サーバの外部 IP アドレス>/32</span></span>
-<span class="line"><span style="color:#D73A49">Endpoint</span><span style="color:#24292E"> = &#x3C;サーバの外部 IP アドレス>:51820</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code><span style="color: #6e7781"># クライアント 2 の場合
+</span><span style="color: #953800">[Interface]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">Address</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">10.10.1.3/32</span>
+<span style="color: #0550ae">PrivateKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;クライアント 2 の秘密鍵&gt;</span>
+<span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #953800">[Peer]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">PublicKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの公開鍵&gt;</span>
+<span style="color: #0550ae">AllowedIPs</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの外部 IP アドレス&gt;/32</span>
+<span style="color: #0550ae">Endpoint</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの外部 IP アドレス&gt;:51820</span>
+</code></pre>
</div>
<p>
<code>PrivateKey</code> や <code>PublicKey</code> は鍵ファイルのパスではなく中身を書くことに注意。
@@ -166,29 +170,32 @@
一度サーバへ戻り、WireGuard の設定ファイルを書く。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo vim /etc/wireguard/wg0.conf</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo vim /etc/wireguard/wg0.conf
+</code></pre>
</div>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span style="color:#6F42C1">[Interface]</span></span>
-<span class="line"><span style="color:#D73A49">Address</span><span style="color:#24292E"> = 10.10.1.1/32</span></span>
-<span class="line"><span style="color:#D73A49">SaveConfig</span><span style="color:#24292E"> = true</span></span>
-<span class="line"><span style="color:#D73A49">PrivateKey</span><span style="color:#24292E"> = &#x3C;サーバの秘密鍵></span></span>
-<span class="line"><span style="color:#D73A49">ListenPort</span><span style="color:#24292E"> = 51820</span></span>
-<span class="line"></span>
-<span class="line"><span style="color:#6F42C1">[Peer]</span></span>
-<span class="line"><span style="color:#D73A49">PublicKey</span><span style="color:#24292E"> = &#x3C;クライアント 1 の公開鍵></span></span>
-<span class="line"><span style="color:#D73A49">AllowedIPs</span><span style="color:#24292E"> = 10.10.1.2/32</span></span>
-<span class="line"></span>
-<span class="line"><span style="color:#6F42C1">[Peer]</span></span>
-<span class="line"><span style="color:#D73A49">PublicKey</span><span style="color:#24292E"> = &#x3C;クライアント 2 の公開鍵></span></span>
-<span class="line"><span style="color:#D73A49">AllowedIPs</span><span style="color:#24292E"> = 10.10.1.3/32</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code><span style="color: #953800">[Interface]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">Address</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">10.10.1.1/32</span>
+<span style="color: #0550ae">SaveConfig</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">true</span>
+<span style="color: #0550ae">PrivateKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;サーバの秘密鍵&gt;</span>
+<span style="color: #0550ae">ListenPort</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">51820</span>
+<span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #953800">[Peer]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">PublicKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;クライアント 1 の公開鍵&gt;</span>
+<span style="color: #0550ae">AllowedIPs</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">10.10.1.2/32</span>
+<span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #953800">[Peer]</span><span style="color: #24292f;background-color: #f6f8fa">
+</span><span style="color: #0550ae">PublicKey</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">&lt;クライアント 2 の公開鍵&gt;</span>
+<span style="color: #0550ae">AllowedIPs</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #24292f;background-color: #f6f8fa">=</span><span style="color: #24292f;background-color: #f6f8fa"> </span><span style="color: #0a3069">10.10.1.3/32</span>
+</code></pre>
</div>
<p>
次に、WireGuard のサービスを起動する。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo systemctl enable wg-quick@wg0</span></span>
-<span class="line"><span>$ sudo systemctl start wg-quick@wg0</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo systemctl enable wg-quick@wg0
+$ sudo systemctl start wg-quick@wg0
+</code></pre>
</div>
</section>
<section id="section--configure-firewall">
@@ -197,23 +204,26 @@
続けてファイアウォールを設定する。まずは WireGuard が使用する UDP のポートを開き、<code>wg0</code> を通る通信を許可する。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo ufw allow 51820/udp</span></span>
-<span class="line"><span>$ sudo ufw allow in on wg0</span></span>
-<span class="line"><span>$ sudo ufw allow out on wg0</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo ufw allow 51820/udp
+$ sudo ufw allow in on wg0
+$ sudo ufw allow out on wg0
+</code></pre>
</div>
<p>
次に、80 や 443 などの必要なポートについて、<code>wg0</code> を経由してのアクセスのみ許可する。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo ufw allow in on wg0 to any port 80 proto tcp</span></span>
-<span class="line"><span>$ sudo ufw allow in on wg0 to any port 443 proto tcp</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo ufw allow in on wg0 to any port 80 proto tcp
+$ sudo ufw allow in on wg0 to any port 443 proto tcp
+</code></pre>
</div>
<p>
最後に、<code>ufw</code> を有効にする。
</p>
<div class="codeblock">
- <pre class="shiki github-light" style="background-color:#f5f5f5;color:#24292e" tabindex="0"><code><span class="line"><span>$ sudo ufw status</span></span>
-<span class="line"><span>$ sudo ufw enable</span></span></code></pre>
+ <pre class="highlight" style="background-color:#f5f5f5"><code>$ sudo ufw status
+$ sudo ufw enable
+</code></pre>
</div>
</section>
<section id="section--connect-each-other">
generated by cgit v1.3-1-g0d28 (git 2.53.0) at 2026-03-02 04:48:23 +0000