I’d like to have a linux container that does nothing but run an internet-facing wireguard interface for my VPN needs. I have the kernel module on the host currently, but am confused over how to go about setup.
Should I bring up
wg0 on the host and somehow map it in my container config file or should I just have the kernel module loaded on the host and bring up
wg0 in the container once it starts?
My container config:
lxc.rootfs.path = /var/lib/lxc/wg/rootfs lxc.uts.name = wg lxc.arch = aarch64 lxc.include = /usr/share/lxc/config/archlinux.common.conf ## network lxc.net.0.type = veth lxc.net.0.name = eth0 lxc.net.0.flags = up lxc.net.0.link = br0 lxc.net.0.hwaddr = 00:1a:06:13:29:a3
EDIT: I tried using
wg-quick up wg0 from within the container and wg0 is created without errors but I am unable to connect to it. In contrast, I can connect to it on the host just fine so I’m thinking I need some extra configuration in
/var/lib/lxc/wg/config to get this working. Thanks!