Add first files

2025-12-24 14:35:21 +01:00
parent 513bdecc9b
commit e219b8aa2a
5 changed files with 92 additions and 1 deletions
--- a/.images/lucas's_home_network.png
+++ b/.images/lucas's_home_network.png
--- a/.images/me.png
+++ b/.images/me.png
--- a/Guides/create-shh-keys.md
+++ b/Guides/create-shh-keys.md
@@ -0,0 +1,21 @@
 # Creating SSH Key
 Ideally the following steps are completed on the device and user which you want to allow the connection from, so it will be saved in their `~/.ssh` folder.
 Run the following commands:
 ```bash
 cd ~/.ssh
 ssh-keygen -t ed25519 -C "your_email@example.com"
 ```
 > [!NOTE]  
 > You can also use a name instead of the email address i.e. `"lucas-desktop"`
 ## Add Keys to ssh-agent
 Run the following command
 `ssh-add ~/.ssh/id_ed25519`
 Replace `id_ed25519` in the command with the name of your private key file
 ## Add Public key to Gitea
 `cat` the contents of the public key and add it into Gitea under **Settings** > **SSH / GPG Keys** > **Add key**.
--- a/Guides/generate-wireguard.md
+++ b/Guides/generate-wireguard.md
@@ -0,0 +1,52 @@
 # Manually Generate Wireguard Peer in OPNsense
 This guide details how to manually (not using the Peer Generator) generate a new Wireguard peer in OPNsense.
 ## Requirements
 The `wireguard-tools` package must be installed to generate the public and private keys.
 ### 1. Create a Peer
 1. Generate a new public and private key with 
 `wg genkey | tee privatekey | wg pubkey > publickey`
 This will create two files in the current directory with the public and private key. Save these for later.
 2. In the OPNsense UI go to VPN > Wireguard > Peers, and click the + to add a new peer
 3. Fill in the details:
   - **Name**: Enter a name for the peer
   - **Public key**: Paste the public key you generated earlier
   - **Pre-shared key**: Generate a key if desired and save it for later
   - **Allowed IPs**: Specify the IP address or subnet that this peer is allowed to use (e.g., 10.0.60.2/32). Check your existing peers to ensure it is not already used
   - **Endpoint address**: Leave blank if the client will be roaming
   - **Endpoint port**: Leave blank
   - **Instances** Choose appropriate instance
   - **Keepalive**: Can be left blank
 4. Save the Configuration 
 ### 2. Create the Wireguard Config File
 1. Create a new file called `<NAME>.conf`. You can choose the name.
 2. Copy and paste the contents from below into the file and update the values:
 ```
 [Interface]
 PrivateKey = <private-key>
 Address = 10.0.60.2/32  # Use the same IP address or subnet specified in OPNsense
 DNS = 8.8.8.8  # Optional: Specify a DNS server, not required if only routing resources (not an Internet connection) or using DNS names.
 [Peer]
 PublicKey = <opnsense-public-key>
 PresharedKey = <preshared-key> # Only needed if generated in previous step
 Endpoint = <opnsense-public-ip>:51820  # Replace with the OPNsense public IP and port
 AllowedIPs = 0.0.0.0/0  # Route all traffic through the VPN
 ```
 Replace `private-key`, `opnsense-public-key`, `preshared-key`, and `opnsense-public-ip` with the appropriate values.
 For `AllowedIPs`, setting `0.0.0.0/0` will route all IPv4 addresses via the VPN connection. If only access to resources and no internet connection is required, the subnets can be added here i.e. `10.0.60.0/24, 10.0.70.0/24`
 4. Import the `.conf` file into the VPN connection settings on the client device and test the connection. 
--- a/Home.md
+++ b/Home.md
@@ -1 +1,19 @@
-Welcome to the Wiki.
+# Welcome to my Wiki
 ![](.images/me.png)
 This site contains various articles and guides written by myself. 
 This is partly for my reference, as well as provide insight into my home lab and the projects I do around this.   
 Others may come across these guides when trying to search how to do something - a place where I find myself often, and i always appreciate it when others make guides that assist me with my projects. There may also be some content here that I created in my university studies or work.
 Please note that all work here is not intended to be definitive, and may not be best practice. Please combine my work with your own investigations.   
 All content posted here is welcome to scrutinization. 
 For an overview of exactly what I work on, here is a network diagram:
 ![](/.images/lucas's_home_network.png)
 # Site Content
 There is not much available here at the moment, check back later!