With the commet now having a Tailscale client i would be interested in being able to have a Wireguard client built in and pre-startable.
We have built-in wg-tools, you can use the command to configure it in the background
Is it possible to make it connect autimatically to wireguard vpn after reboot?
It's in Ligocki's HOW-TO.
It is for Pikvm but I use glkvm Comet (GL-RM1).And unfortunately those commands does not work. It is based on Linux glkvm 4.19.111 armv7l.
OMFG! GL.iNet isn't building on Arch Linux. They took PiKVM's python scripts but without deploying on the same underlying OS! I guess no one in GL.iNet bothered to look up Arch Linux ARM! Well done, GL.iNet. Exceptional work.
It's just like your routers, all over again.
@bulcsu
My apologies. You were right & without having one on hand I wouldn't know where to start beyond suggesting setting up a WG endpoint on an upstream router instead of on the Comet itself. I was waiting for the Comet Pro before picking one up but I may have to reconsider.
@bulcsu Starting with firmware v1.4.0 beta1/2, it has support for keeping persistent storage space for user scripts and running them at boot. https://forum.gl-inet.com/t/new-beta-test-firmware-1-4-0-beta2-for-rm1-comet/61732
In the 1.4.0 firmware look at /etc/init.d/S99custom
, it supports loading scripts from /etc/kvmd/user/scripts
.
Scripts need to start with "S" and you can order them how you want with the number after
/etc/kvmd/user/scripts/S??
So if you create S98wireguard
it will run before something like S99whatever
.
They are executed sequentially with SXXscript start
at boot. Shutdown/reboot with SXXscript stop
.
You'll need to set up the interfaces, addresses, routes, etc. manually in your script, since wg-quick isn't available.
@_zhang It would simplify things for most users if you also included the wg-quick
script from wg-tools, not just the wg
binary.
It would make supporting wireguard easier as well, since you can add a script to init.d which could just loop over /etc/kvmd/user/wireguard/*.conf
and load them with wg-quick
at boot.
@9b9e69c2-4b75-4420 Not sure why the need to hate on them for not using Arch. The GL.iNet Comet KVM doesn't use Arch Linux and there's no actual need to do so.
As is, the system is capable of running wireguard manually.
Thank you, but the problem is during boot time there is no network. (By the way I have copied wg-quick bash script into /usr/bin and it works except dns resolv) Here is the log:
[root@glkvm:~]# cat /tmp/wireguard_boot.log
[wg-quick] waiting for network...
[wg-quick] starting wg0...
Warning: /etc/wireguard/wg0.conf' is world accessible
[#] ip link add dev wg0 type wireguard
[#] wg addconf wg0 /dev/fd/63
[#] ip -4 address add 10.10.10.7/24 dev wg0
RTNETLINK answers: Network is unreachable
[#] ip link set mtu 1420 up dev wg0
[wg-quick] done.
[root@glkvm:~]#
Finally ChatGPT has made me the correct starter scripts:
startscripts.zip (1.1 KB)
So it's SysV-style, then... just like OWRT. Yeah, the HOWTO ITT I posted assumes SystemD. I've stuck that out. Hopefully the AI slop works for you as expected.
Highly related:
As far as I know, you're getting that because the init system blocks the rest of the startup.
I set mine to fork start off to a new background process which handles some timeout before attempting to actually start wireguard.
Can it cause overheating If I use both tailscale vpn and wireguard vpn at the same time? Of course I only use one during connection but both vpn clients are running .
I'm gonna say no and not to worry about it.
Both VPN should essentially be consuming 0% CPU when there is no traffic going over them.
Even when in use, they should be negligible for heat produced.
Also the CPU should automatically handle thermal throttling anyway, should it for some reason get too hot it won't cook its self.
Unless something has drastically changed in the last few years TailScale is built on WireGuard so I agree one shouldn't have to worry about it.
(Nice work, BTW. Those scripts look handy.)