Updated old docs articles

content/docs/gentoo/wireguard.md

@@ -11,9 +11,27 @@ tags:
 
 This article explains how to configure wireguard on Gentoo.
 
-## Configuration example
+## Installation
 
-Here is a `/etc/wireguard/wg0.conf` configuration example to create a tunnel listening on udp port 342 and a remote peers :
+```sh
+emerge net-vpn/wireguard-tools -q
+```
+
+You will also need to set `CONFIG_WIREGUARD=y` in your kernel configuration.
+
+## Generating keys
+
+The private and public keys for a host can be generated with the following commands:
+```sh
+PRIVATE_KEY=`wg genkey`
+PUBLIC_KEY=`printf $PRIVATE_KEY|wg pubkey`
+echo private_key: $PRIVATE_KEY
+echo public_key: $PUBLIC_KEY
+```
+
+## Configuration
+
+Here is a configuration example of my `/etc/wireguard/wg0.conf` that creates a tunnel listening on udp port 342 and has one remote peer:
 ```cfg
 [Interface]
 PrivateKey = MzrfXLmSfTaCpkJWKwNlCSD20eDq7fo18aJ3Dl1D0gA=
@@ -27,7 +45,9 @@ AllowedIPs = 10.1.2.9/32
 PersistentKeepalive = 60
 ```
 
-Your private key goes on the first line as argument to `wgkey`, the other keys are public keys for each peer. In this example I setup a client that can be hidden behind nat therefore I configure a `PersistentKeepalive`. If your host has a public IP this line is not needed.
+To implement this example you will need to generate two sets of keys. The configuration for the first server will feature the first server's private key in the `[Interface]` section and the second server's public key in the `[Peer]` section, and vice versa for the configuration of the second server.
+
+This example is from a machine that can be hidden behind nat therefore I configure a `PersistentKeepalive`. If your host has a public IP this line is not needed.
 
 To activate the interface configuration, use :
 ```sh
@@ -39,11 +59,6 @@ rc-update add wg-quick.wg0 default
 
 ## Administration
 
-Private keys can be generated with the following command :
-{{< highlight sh >}}
-openssl rand -base64 32
-{{< /highlight >}}
-
 The tunnel can be managed with the `wg` command:
 ```sh
 root@hurricane:~# wg

content/docs/openbsd/wireguard.md

@@ -8,11 +8,36 @@ tags:
 
 ## Introduction
 
+This article explains how to configure wireguard on OpenBSD.
+
+## Installation
+
 OpenBSD does things elegantly as usual : where linux distributions have a service, OpenBSD has a simple `/etc/hostname.wg0` file. The interface is therefore managed without any tool other than the standard ifconfig, it's so simple and elegant!
 
-## Configuration example
+You can still install the usual tooling with:
+```sh
+pkg_add wireguard-tools
+```
 
-Here is a configuration example to create a tunnel listening on udp port 342 and several peers :
+## Generating keys
+
+The private and public keys for a host can be generated with the following commands:
+```sh
+PRIVATE_KEY=`wg genkey`
+PUBLIC_KEY=`printf $PRIVATE_KEY|wg pubkey`
+echo private_key: $PRIVATE_KEY
+echo public_key: $PUBLIC_KEY
+```
+
+Private keys can also be generated with the following command if you do not wish to use the `wg` tool:
+{{< highlight sh >}}
+openssl rand -base64 32
+{{< /highlight >}}
+
+
+## Configuration
+
+Here is a configuration example of my `/etc/hostname.wg0` that creates a tunnel listening on udp port 342 and several peers :
 {{< highlight cfg >}}
 wgport 342 wgkey '4J7O3IN7+MnyoBpxqDbDZyAQ3LUzmcR2tHLdN0MgnH8='
 10.1.2.1/24
@@ -31,11 +56,6 @@ sh /etc/netstart wg0
 
 ## Administration
 
-Private keys can be generated with the following command :
-{{< highlight sh >}}
-openssl rand -base64 32
-{{< /highlight >}}
-
 The tunnel can be managed with the standard `ifconfig` command:
 {{< highlight sh >}}
 root@yen:~# ifconfig wg0
@@ -66,3 +86,5 @@ wg0: flags=80c3<UP,BROADCAST,RUNNING,NOARP,MULTICAST> mtu 1420
         groups: wg
         inet 10.1.2.1 netmask 0xffffff00 broadcast 10.1.2.255
 {{< /highlight >}}
+
+Alternatively you can also use the `wg` tool if you installed it.