laterdaze Posted December 6, 2018 Share Posted December 6, 2018 I think supporting wireguard would be very useful for a lot of users. It could make unRAID a preferred home based cloud storage device. At least for me, anyway ;>) I built wireguard using the latest Slackware live iso and the info at https://slackbuilds.org/repository/14.2/network/WireGuard/ but couldn't figure how to insert it into the unRAID kernel. Probably would be trivial for you guys but not clear to me. Quote Link to comment
tr0910 Posted December 6, 2018 Share Posted December 6, 2018 Did you try and create a wireguard VM? Doesn't have to be slack. That should be trivial. Unraid KVM makes it easy. Adding to base os it's not trivialSent from my chisel, carved into granite Quote Link to comment
laterdaze Posted December 7, 2018 Author Share Posted December 7, 2018 21 hours ago, tr0910 said: Did you try and create a wireguard VM? Doesn't have to be slack. That should be trivial. Unraid KVM makes it easy. Adding to base os it's not trivial Sent from my chisel, carved into granite I have only tried what I described so far. Since it seems WireGuard will be in the Linux kernel soon I just thought it would be a natural fit for unRAID. I just see remotely separated unRAID systems bi-directionaly syncing data via WireGuard vpn with no need for a particularly powerful router as just port forwarding would be required. I do something similar with pfSense/OpenVPN and rclone. A private personal cloud by invitation only. Quote Link to comment
tr0910 Posted December 8, 2018 Share Posted December 8, 2018 I look forward to these kind of tools becoming more easily accessible. However you and I are in the minority. Unraid biggest user group are data hoarders, who don't really care much about security. I'm glad Tom keeps the product fresh and fully patched. Never hurts to ask. If he can do it easily, it may happen. Sent from my chisel, carved into granite 1 Quote Link to comment
laterdaze Posted January 31, 2019 Author Share Posted January 31, 2019 For what its worth, I accomplished the same thing by employing OPNSense routers running WirdGuard VPN software on both sites. Using rclone cron jobs I can copy/sync/move folders between my unRAID servers. Probably better this way, no additional setup in the router other than WireGuard. Works great. Quote Link to comment
L0rdRaiden Posted April 2, 2019 Share Posted April 2, 2019 @limetech Could you please consider this for a future release? Quote Link to comment
jbrodriguez Posted April 13, 2019 Share Posted April 13, 2019 I believe in the latest Unraid blog post, they hinted at something in this direction: https://unraid.net/blog/unraid-home-gadget-geeks Quote Link to comment
cen Posted June 13, 2019 Share Posted June 13, 2019 any news on wireguard in unraid? I'd like to connect my unraid build to my public server already running wireguard as a secure tunnel to home. I guess now the only way would be to have an additional VM running as the wireguard client? Quote Link to comment
segator Posted June 29, 2019 Share Posted June 29, 2019 Wireguard++ I created a simplified app to create wireguard mesh networks with docker, maybe can be used as application for unraid, but first we need the kernel module! https://github.com/segator/wireguard-dynamic I use wireguard for network overlay for my multisite kubernetes cluster. Now I would like to be able to add baremetal unraid as a worker Quote Link to comment
bonienl Posted August 20, 2019 Share Posted August 20, 2019 The next release has wireguard included. The GUI component to manage wireguard will be available as a plugin. 8 1 Quote Link to comment
cen Posted August 20, 2019 Share Posted August 20, 2019 wonderful! so I can kick my VM-4-wireguard soon... =) Quote Link to comment
tr0910 Posted August 21, 2019 Share Posted August 21, 2019 AwesomeSent from my chisel, carved into granite Quote Link to comment
dorgan Posted August 24, 2019 Share Posted August 24, 2019 On 8/20/2019 at 3:31 AM, bonienl said: The next release has wireguard included. The GUI component to manage wireguard will be available as a plugin. As in next beta of 6.7.3? Or another version? Quote Link to comment
itimpi Posted August 24, 2019 Share Posted August 24, 2019 46 minutes ago, dorgan said: As in next beta of 6.7.3? Or another version? I would expect it to be a 6.8 beta or rc. Quote Link to comment
segator Posted December 14, 2019 Share Posted December 14, 2019 Guys have a look on my app, I published a year ago This app automatically link your nodes, and in case you have dynamic public IP it detects changes too. https://github.com/segator/wireguard-dynamic Now it works fine on unraid Quote Link to comment
bonienl Posted December 14, 2019 Share Posted December 14, 2019 5 minutes ago, segator said: Now it works fine on unraid Can you explain? Quote Link to comment
segator Posted December 14, 2019 Share Posted December 14, 2019 Have a look on the repo https://github.com/segator/wireguard-dynamic there are instructions and explanation, if you have questions after read that let me know Quote Link to comment
bonienl Posted December 14, 2019 Share Posted December 14, 2019 1 minute ago, segator said: Have a look on the repo https://github.com/segator/wireguard-dynamic there are instructions and explanation, if you have questions after read that let me know Unraid 6.8 has a full fledged WireGuard implementation and GUI to manage WireGuard tunnels and peers. Maybe I should rephrase my question: "what does your app add to the existing WireGuard implementation in Unraid 6.8" ? Quote Link to comment
segator Posted December 14, 2019 Share Posted December 14, 2019 I'm not a fan of GUI's I undertand for lot of people can not be interesting, i'm not trying to say that this implementation is better than the current one, is a diferent alternative my app provides: - Automatic configuration on all the nodes of the cluster (new/update/remove nodes) - Support for dynamic IP: it update the endpoint of the node that the public IP changed an the rest of the nodes. Quote Link to comment
bonienl Posted December 14, 2019 Share Posted December 14, 2019 It seems you build WireGuard in a Docker container, this approach looses all the advantages of WireGuard in Unraid 6.8 - Native support in kernel and associated high performance - Instant availability of WireGuard tunnels regardless of the array running or not (Docker won't run with the array down) Your app seems more suitable for older versions of Unraid without WireGuard included? Quote Link to comment
bonienl Posted December 14, 2019 Share Posted December 14, 2019 1 hour ago, segator said: if you have questions after read that let me know Some security related questions: - Looks like node addition is unrestricted. This poses a huge security risk, your network may get infiltrated with unsolicited nodes without knowing. - How trustful is this free service kvdb.io? Storing keys with an unknown party is questionable. - How is key management handled between peers? Is it possible to update/revoke keys? - Any control on what nodes can access, a single device or a complete LAN? 1 hour ago, segator said: is a diferent alternative To me, this is really not an alternative to what is offered with Unraid 6.8, did you try the Unraid implementation? Quote Link to comment
segator Posted December 14, 2019 Share Posted December 14, 2019 the release comes with docker or just a binary. Wireguards runs on the kernel, the docker or my app only send the commands to the kernel. so the performance is native as unraid plugin. - Looks like node addition is unrestricted. to be able to add a node you need the clusterID, but the security of course should be improved. - How trustful is this free service kvdb.io? you are right, maybe we should upload data encripted then problem solved. - How is key management handled between peers? public keys are uploaded to the configuration manager and shared with rest of nodes of the cluster - Is it possible to update/revoke keys? nope - Any control on what nodes can access, a single device or a complete LAN? both are supported Hey @bonienl I don't expect this app as a replacement of what already exists on unraid, what we have now in unraid is what wireguard offers and thats great. What my app does is simplify big node cluster deployment. try to configure 50 nodes peer to peer between them and the half have dynamic public IP that changes 1 time a week. Is not something people in unraid will need, only some nerds like me. I didn't built that even in high security in mind, I only wanted something to simplify the deployment and allow dynamic public IP provided by internet companies. If I have time some day I will add to UPNP and UPD hole punching support so people won't need to open ports on their routers. Quote Link to comment
bonienl Posted December 14, 2019 Share Posted December 14, 2019 Don't get me wrong. Your app has a place and can be useful to specific use cases (as it seems). 😀 I just tried to get a clear(er) perspective so users can make a more weighted decision. Ps. Unraid 6.8 does UPnP for wireguard (this can be turned on or off) Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.