VPN
I'm choosing to run Wiregaurd VPN on a Rasberri Pi that I had sitting in a drawer. I wanted to have the VPN box as a dedicated machine on the network, so that I'm not reliant on K8s cluster availability for management of local network resources.
Assumptions
This guide captures the high level steps required to get VPN going. The assumption is that the reader has basic understanding of basic networking and Linux.
Hardware is a Rasberri Pi 3 Model B
The operating system of choice is the latest version of Rasberri Pi OS Lite 64bit, flashed to an SD card using the Pi Imager tool
Installing Pi OS¶
To manage the Pi on the network via SSH, I needed to assign it a static IP address. There are 2 options:
- Obtain the MAC address of
eth0
interface usingifconfig
and have the router assign a specific IP - Update the
/etc/network/interfaces
file with the appropriate config
Create a backup of /etc/network/interfaces
cp /etc/network/interfaces /etc/network/interfaces-backup-MMDDYYY
Modify the /etc/network/interfaces
to the below code block, substituting the appropriate IP/SubnetMask/Gateway and DNS servers for your network
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
Restart the machine
sudo shutdown -r now
SSH into the Pi, update packages, update OS and restart once again
sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade && sudo shutdown -r now
Installing Wireguard VPN¶
Let's install Wireguard, which we'll be doing using PiVPN.
Wireguard
PiVPN is fantastic as it abstracts a lot of configuration complexity away from the user. However I recommend visiting the Wireguard website to understand how the software works at a high level: https://www.wireguard.com/