anbuchelva / pi-hole-and-wireguard-on-oracle-cloud-always-free-tier Goto Github PK
View Code? Open in Web Editor NEWBlock advertisements and trackers using pi-hole in Oracle Always Free tier
License: MIT License
Block advertisements and trackers using pi-hole in Oracle Always Free tier
License: MIT License
edit - nvm I figured it out
Thank you for this script to install WG & PiHole on Oracle. I have previously used another script on Ionos and then on Google cloud to compare performance from Africa. Then I discovered Oracle and tried to set up a VM using the other script but couldn't get it to work. I went looking I found this script and now I am able to connect from my clients perfectly. Thank you!
I am however having trouble connecting between clients using RDP. I have tried various configurations mirroring what works on the other Wireguard servers without success. I am suspecting a difference in iptables but not knowledgeable enough to determine that.
Do you have any suggestions?
Thank you again for the helpful script! Rob
For quick reference, here is wg config from Oracle plus the script that it references which works:
WG CONFIG FILE (ORACLE)
Address = 10.66.66.1/24,fd42:42:42::1/64
.......
PostUp = /etc/wireguard/ipt/start.sh; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = /etc/wireguard/ipt/stop.sh; iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE
iptables -t nat -I POSTROUTING 1 -s 10.66.66.1/24 -o ens3 -j MASQUERADE
ORACLE START.SH
iptables -I INPUT 1 -i wg0 -j ACCEPT
iptables -I FORWARD 1 -i ens3 -o wg0 -j ACCEPT
iptables -I FORWARD 1 -i wg0 -o ens3 -j ACCEPT
iptables -I INPUT 1 -i ens3 -p udp --dport 51515 -j ACCEPT
ip6tables -t nat -I POSTROUTING 1 -s fd42:42:42::1/64 -o ens3 -j MASQUERADE
ip6tables -I INPUT 1 -i wg0 -j ACCEPT
ip6tables -I FORWARD 1 -i ens3 -o wg0 -j ACCEPT
ip6tables -I FORWARD 1 -i wg0 -o ens3 -j ACCEPT
Here is the content of the Google WG server that does allow RDP.
GOOGLE CLOUD WG CONFIG
[Interface]
Address = 10.66.66.1/24,fd42:42:42::1/64
.......
PostUp = iptables -I INPUT -p udp --dport 54209 -j ACCEPT
PostUp = iptables -I FORWARD -i ens4 -o wg0 -j ACCEPT
PostUp = iptables -I FORWARD -i wg0 -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
PostUp = ip6tables -I FORWARD -i wg0 -j ACCEPT
PostUp = ip6tables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
First, thanks for the wonderful setup script. Made life a lot easier.
My devices (peers) are making DNS lookups via IPv4 and IPv6. They show up as two separate clients in Pi-hole server, as it does not merge them together. I checked out Pi-Hole's community forums and came across this. Now, since this is a Pi-Hole limitation, my other option is to disable peers to be assigned (and use) IPv6 address/routing completely.
My question here is,
Is it safe to leave IPv6 address as blank, when running setup.sh again to create tunnel config file for new peers
Say if we disable IPv6 addressing/routing on this wireguard network, would there be any IP leak iff peers made DNS queries via IPv6 route?
Let me know if this question makes any sense.
Everything is working fine but i still have my normal ip
interface: wg0
public key: SGoNwhrG8nka9Id0gDf1UHWykz8qDwI12QK9HhxQIHU=
private key: (hidden)
listening port: 51515
peer: RMCsihvA1PMyIn0oHqSMbjl6esyeK7zqYvI2nRcLY2M=
preshared key: (hidden)
endpoint: 94.31.85.235:59709
allowed ips: 10.66.66.3/32, fd42:42:42::3/128
latest handshake: 24 seconds ago
transfer: 930.98 KiB received, 3.06 MiB sent
peer: 3maoP5rq4KQvhSTZR3vBxjGlWwj1USaCMuBuZE2NQCo=
preshared key: (hidden)
allowed ips: 10.66.66.2/32, fd42:42:42::2/128
ubuntu@vpn:$ ^C$ sudo wg
ubuntu@vpn:
interface: wg0
public key: SGoNwhrG8nka9Id0gDf1UHWykz8qDwI12QK9HhxQIHU=
private key: (hidden)
listening port: 51515
peer: RMCsihvA1PMyIn0oHqSMbjl6esyeK7zqYvI2nRcLY2M=
preshared key: (hidden)
endpoint: 94.31.85.235:49448
allowed ips: 10.66.66.3/32, fd42:42:42::3/128
latest handshake: 37 seconds ago
transfer: 1.01 MiB received, 3.18 MiB sent
peer: 3maoP5rq4KQvhSTZR3vBxjGlWwj1USaCMuBuZE2NQCo=
preshared key: (hidden)
allowed ips: 10.66.66.2/32, fd42:42:42::2/128
pihole status
[โ] FTL is listening on port 53
[โ] UDP (IPv4)
[โ] TCP (IPv4)
[โ] UDP (IPv6)
[โ] TCP (IPv6)
[โ] Pi-hole blocking is enabled
Is there an easy way to modify the setup.sh to allow peers (vpn clients) to communicate with each other?
Right now it seems that the peers are not allowed to do so. At least I can't ping from one vpn client host to another.
Hello, i followed the steps and cant connect to the WebUI "Cant reach website" any idea what could have gone wrong?
I have these running in conjunction great and I can easily connect clients on mobile and windows but on my Ubuntu 22.04 client I can't seem to get the connection to work! Is there any way you might be able to help with this, Im unsure of where else to ask and I spent several hours last night trying to get it working.
Hi,
encountered this error during installation and did not install pi-hole
can i get some help?
Oracle cloud
Server Ubuntu 22.04
``
[โ] Enabling lighttpd service to start on reboot...
[โ] Creating user 'pihole'
[i] FTL Checks...
[โ] Detected AArch64 (64 Bit ARM) processor
[i] Checking for existing FTL binary...
[i] Downloading and Installing FTL...pihole-FTL-aarch64-linux-gnu: FAILED
sha1sum: WARNING: 1 computed checksum did NOT match
[โ] Downloading and Installing FTL
Error: Download of https://github.com/pi-hole/ftl/releases/latest/download/pihole-FTL-aarch64-linux-gnu failed (checksum error)
[โ] FTL Engine not installed
./setup.sh: line 299: pihole: command not found
``
Hi
This project is no working in my Oracle instance (with Ubuntu 20.04). I was wondering if it is related with the IPv4 CIDR Block. I have assigned 10.0.0.0/24 but the setup use the range 10.66.66.*.
Should I modify the setup file? In that case, How do I start again the full installation? Because when I enter setup again it only adds a new client rather install the whole project from scratch.
Thank you!
So I'm using the default configurations and I can connect and have internet... but it's unbearably slow. Youtube video descriptions and thumbnails are the only thing that will load for me. In chrome I get the error DNS_PROBE_FINISHED_BAD_CONFIG. All I did was add AdGuardDNS rules to the adblocking. A little help please? :)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.