Updated submod

Development/README.md

@@ -2,3 +2,4 @@
 
 This is where I will list all of my development projects.
 
+

Home_Lab/README.md

@@ -7,8 +7,9 @@ In this section I write about new hardware/projects I have for my growing Home L
 - [The Beginning](The_Beginning.md)
 - [Setting Up a VPN](SetupVPN.md)
 - [Setting Up a MySQL Server](Setup_MySQL_Server.md)
+- [Setting up a Wireguard VPN Server & Client](SetupWireguard.md)
 
 ## Hardware
-- [Dell Wyze (Thin Client)](Dell_Wyze.md)
+- [Dell Wyze (Thin Client)](Hardware/Dell_Wyze.md)
 - [IBM System x3650 M4 (Server)](Hardware/IBM_System_x3650_M4.md)
-- [SonicWall Firewall](sonicwall_firewall)
+- [SonicWall Firewall](Hardware/sonicwall_firewall.md)

Home_Lab/SetupWireguard.md

@@ -0,0 +1,134 @@
+# Setting up Wireguard
+
+## Steps
+### Step 1: Install the dependencies
+Here you will be needing to install the packages that wireguard needs to work.
+
+```bash
+## Debian or Ubuntu
+sudo apt install wireguard
+
+## RHEL-based
+sudo dnf install wireguard-tools
+```
+
+### Step 2: Setup wireguard interface configs
+This step requires you to do multiple things:  
+1. Generate a private & public key for both the server and client
+2. Create a wireguard interface config for both the server & client
+	- In this step you will need to choose an IP for both server and client (the usual choice is on a subnet included in 10.0.0.0/8 (ex: 10.200.1.x/24)).
+
+#### A: Create Pub & Priv keys (server & client)
+Here we will generate a private and public key for both the server & client.
+```bash
+## Much of this will be inline commands with pipes, but feel free to seperate them if you feel you need to.
+### Generate pub and priv key for server
+wg genkey | tee wg0-server-privkey | wg pubkey > wg0-server-pubkey
+
+### Generate pub and priv key for first client
+wg genkey | tee wg0-client-privkey | wg pubkey > wg0-client-pubkey
+
+## This is the networks you want your client to have access to (configured in the client's wg0.conf)
+networks=10.200.1.0/24,192.168.1.0/24
+
+## This is just my example IPs for a basic setup, you can use your own (it won't matter as long as they are valid addresses)
+### The server IP needs to be one that will be on the network 10.200.1.0/24 (with the /24 at the end signifying the subnet mask)
+server_ip=10.200.1.1/24
+
+### While you can just use 10.200.1.0/24 on the AllowedIPs, it will cause issues when you are wanting to setup more peers/clients to use that interface.
+### to be able to provide VPN connections for multiple clients you will need to scope it down to a specific IP using the /32 netmask
+### otherwise all connections will have issues when you try to reload the wg interface config (as it will try to forward all traffic accross all peers)
+client_ip=10.200.1.2
+
+masquerade_interface=eno1 # You will need to find out what interface you want/need to use (just look it up with "ip address" or "ifconfig" (whatever your util is))
+
+### This will actually generate the config using bash, but feel free to do it manually (for your choice of IPs you will need to make sure you are consistant between the server and client peer configs)
+cat > wg0-server.conf <<EOF
+[Interface]
+Address = $server_ip
+PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $masquerade_interface -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o $masquerade_interface -j MASQUERADE
+## This can be any port, this is just the standard port that most choose when using wireguard
+ListenPort = 51820
+PrivateKey = $(<wg0-server-privkey)
+
+[peer]
+# This needs to be pubkey/public key of the peer
+PublicKey = $(<wg0-client-pubkey)
+AllowedIPs = $client_ip/32
+# This will just have the server ping the client every x seconds to make sure the connection stays alive (since it's using UDP a stateless protocol)
+PersistentKeepalive = 24
+EOF
+
+: "
+Note:
+You can configure MULTIPLE peers when creating the server config (to allow it to provide multiple clients VPN services off the same port). 
+
+But when doing so you will need to setup the AllowedIPs of each peer to be a single ip (EX: 10.200.1.x/32) , or else it will confuse wg. To do this you just need to setup an additional peer section with the new peers pubkey and ip.
+"
+
+cat > wg0-client.conf <<EOF
+[Interface]
+Address = $client_ip/24
+PrivateKey = $(<wg0-client-privkey)
+
+[peer]
+# This needs to be pubkey/public key of the server
+PublicKey = $(<wg0-server-pubkey)
+### This is where you configure what networks you want your wireguard interface to access on the other end (if the masquerading interface has access to them)
+AllowedIPs = $networks 
+# This will just have the server ping the server every x seconds to make sure the connection stays alive (since it's using UDP a stateless protocol)
+PersistentKeepalive = 24
+EOF
+```
+
+### Step 3: Configure server to allow interface masquerading
+By default most systems don't allow for programs to setup interface masquerading. So you need to change a config in /etc/sysctl.conf to allow for forwarding/masquerading.
+
+In the config file you will either need to add or uncomment the following line to allow for wireguard to masquerade as another interface (giving you access to the network it is connected to).
+
+	net.ipv4.ip_forward=1
+	
+Afterwards you will likely need to load the change into your system.
+
+```bash
+## Can also use "sudo sysctl --system" to just have it reload all configs
+sudo sysctl --load=/etc/sysctl.conf
+
+# or just manually set it
+
+sudo sysctl net.ipv4.ip_forward=1
+```
+
+
+### Step 4: Setup persistant service on server (or client)
+Here is where you will setup a service to make sure your wg iterface will be restarted/started after boot or reboot.
+
+```bash
+# Systemd as init system
+## Replace wg# with the wg interface you named/created in step 2
+systemctl enable wg-quick@wg#
+```
+
+Note: For a distro using another init system (initrc, openrc, sysvinit, etc) you will need to either implement it as an ifup/ifdown script, network-script, or some other method.
+
+
+### Step 4: Deploy on client and server
+This is simple. You just have to put the config we generated in step 2 in the /etc/wireguard directory as wg#.conf (with # being the wireguard interface number (can be anything)) on both the server and client.
+
+
+### Step 5: Setup port forwarding on router/gateway
+For this step you just need to get on your router and port-forward a port on the router to the port configured on your server. I cannot provide the specific how-to for that since I cannot account for all the different devices that you may be using.
+
+### Step 6: Test work
+Now all you have to do is test your config work. 
+
+Just go ahead issue this command on your server and client (while off your home network)
+
+```bash
+sudo wg-quick up wg#
+```
+
+After this you should see packets/traffic (transfer) when running "wg" to see how much data has been transferred to & from the interface. If you experience any issues you can send me an email and I can see if I can troubleshoot with you.
+
+

Home_Lab/The_Beginning.md

@@ -11,5 +11,5 @@ With my current employer going through remodeling and refitting our store they d
 
 
 
-[Dell Wyze]: Dell_Wyze.md
+[Dell Wyze]: Hardware/Dell_Wyze.md
-[SonicWall Firewall]: sonicwall_firewall.md
+[SonicWall Firewall]: Hardware/sonicwall_firewall.md

Linux/Arch/InstallingArch.md

@@ -1,13 +1,14 @@
 # Installing Arch Linux
 
 ## Process
-
+### Beginning
 - To begin with you will need to download the iso file from the [official Arch-Linux website][arch iso page].
 
 -  You will need to flash the installer ISO onto a cd or bootable Flashdrive using [balenaEtcher][etcher page] or [rufus (Windows only)][rufus page]
 
 
 
+
 ## Sources
 
 - [Arch-Linux Iso Page][arch iso page]

Linux/Arch/WifiConnectivityIssues.md

@@ -39,8 +39,15 @@ wifi.backend=iwd
 
 After doing this I have yet to happen upon this issue again (although it has only been a few hours). So I'd say that I fixed it, at least for now.
 
+## Update 2023
+Just in case someone DOES read this I decided to actually correct myself here.
+
+The issue was that wpa_supplicant was NEVER installed (alongside not installing linux-firmware) on my system (bad tutorial). Because of this my system was using iwd and it (for whatever reason) had very spotty functionality because of that. I'm sure I've missed something since this was like 2 years ago, but wanted to update this in case someone else reads this (so they know I'm not a dumbass).
+
 -----
 
+
+
 ### Packages used:  
 
 - [NetworkManager](https://wiki.archlinux.org/index.php/NetworkManager)
@@ -52,4 +59,4 @@ After doing this I have yet to happen upon this issue again (although it has onl
 
 - [Post on configuring NetworkManager][Post]  
 
-[Post]: (https://wiki.debian.org/NetworkManager/iwd)
+[Post]: https://wiki.debian.org/NetworkManager/iwd

Linux/Fedora/README.md

@@ -0,0 +1,3 @@
+# Fedora 
+
+This section is everything about my experiences working with Fedora.

Linux/README.md

@@ -0,0 +1,12 @@
+# Linux
+This is the section of my journal repo dealing with everything linux based (problems and otherwise).
+
+## What will it contain?
+It will contain a lot of my experiences with linux, and ideas & my take on linux issues.
+
+## Things in this Section
+- [Scripts (other repo)](https://git.arcanium.tech/tristan/myscripts)
+- [Arch](Arch/README.md)
+- [Fedora](Fedora/README.md)
+- [Helpful Links](helpful_links.md)
+- [Synergy](synergy.md)

Linux/helpful_links.md

@@ -1,3 +1,3 @@
 # Troubleshooting Links (By Category)
 ## Audio
-- (Onboard audio not being detected)[https://bbs.archlinux.og/viewtopic.php?id=271472]
+- [Onboard audio not being detected](https://bbs.archlinux.og/viewtopic.php?id=271472)

Linux/synergy.md

@@ -0,0 +1,36 @@
+# [Synergy][synergy-site]
+
+![synergy logo](synergy.png)
+
+## What is it?
+Synergy is a program that allows you to share your keyboard, mouse and clipboard accross multiple machines on the network.
+
+### Is it free?
+---------------
+Yes & No. To be able to get the official installers (officially) & features you will need to create an account on their [site][synergy-site] and pay for a license.
+
+#### Can you install it anyway?
+--------------------------------
+Yes you can technically compile it from source after cloning their [repo][synergy-repo]. This will be their 'free' version, but will require a key to use it extensively. Alongside this it requires you to manually compile it using cmake (alongside having to manually figure out what packages you will need to fully compile it). 
+
+I will include a few scripts in my [MyScripts Repo][scripts-repo] to manually build & install it on a few distrobutions (primarily Arch & Fedora, as I don't want to build a script to handle it accross all).
+
+Understand that the repo gives you access to Synergy v1.x, to use Synergy 3 you can only get it via the official packages provided by Synergy. As far as I can find the packages you can find in the fedora repo is "synergy" and it's v1.x.
+
+
+### Caveots
+Synergy only officially supports working on XOrg (or another X11 based one) as your windowing system. So if you try to run it on Wayland it will come up with an error stating this and give you an alternative to try to allow it anyway (haven't tried it myself, as I prefer to work with X11 for most situations). 
+
+### What format's does it come in?
+---------------------------------
+From what I can see it comes in a variety of formats for linux, and the default/standard ones for windows (.msi format) and mac (installer for the M# and intel installs).
+
+**Linux:**
+- RPM (primarily for fedora)
+- DEB (different PM for debian and Ubuntu)
+- flatpak (distro agnostic)
+
+
+[synergy-site]: https://symless.com/synergy
+[synergy-repo]: https://github.com/symless/synergy-core
+[scripts-repo]: https://git.arcanium.tech/tristan/myscripts

README.md

@@ -3,10 +3,10 @@
 This repository is one that I made to document any issues and projects including Linux, Windows and MacOS.
 
 |   Contact Info   |                           |
-|:------------:|--------------------------|
+|:----------------:|---------------------------|
-|Name          | Tristan Ancelet          |
+|       Name       | Tristan Ancelet           |
-|Email         | tristanancelet@yahoo.com |
+| Email (personal) | tristanancelet@yahoo.com  |
-
+|  Email (other)   | tristan@arcanium.tech     |
 
 ## What will it contain?
 
@@ -29,7 +29,8 @@ If anyone does read this and is having any issues I'd be more than happy to help
 
 ## Sections
 - [PinePhone](PinePhone/README.md)
-- [Arch Install](Arch_Install/README.md)
+- [Linux](Linux/README.md)
-- [Information on my Home Lab](Home_Lab/README.md)
+- [Home Lab](Home_Lab/README.md)
 - [Development](Development/README.md)
 - [Me](Me/README.md)
+- [My scripts](https://git.arcanium.tech/tristan/myscripts)