update wireguard notes

pull/94/head 4.2.5-1-12
binhex 4 years ago
parent 98e51a0782
commit 9d4cc3c684

@ -151,7 +151,7 @@ Once you have downloaded the zip (normally a zip as they contain multiple ovpn f
If there are multiple ovpn files then please delete the ones you don't want to use (normally filename follows location of the endpoint) leaving just a single ovpn file and the certificates referenced in the ovpn file (certificates will normally have a crt and/or pem extension). If there are multiple ovpn files then please delete the ones you don't want to use (normally filename follows location of the endpoint) leaving just a single ovpn file and the certificates referenced in the ovpn file (certificates will normally have a crt and/or pem extension).
**WireGuard** **WireGuard**
If you wish to use WireGuard (defined via 'VPN_CLIENT' env var value ) then due to the enhanced security and kernel integration WireGuard will require the container to be defined with privileged permissions, so please ensure you change the following docker flag:- If you wish to use WireGuard (defined via 'VPN_CLIENT' env var value ) then due to the enhanced security and kernel integration WireGuard will require the container to be defined with privileged permissions and sysctl support, so please ensure you change the following docker options:-
from from
``` ```
@ -159,9 +159,14 @@ from
``` ```
to to
``` ```
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--privileged=true \ --privileged=true \
``` ```
PIA users - The WireGuard configuration file will be auto generated and will be stored in ```/config/wireguard/wg0.conf``` AFTER the first run, if you wish to change the endpoint you are connecting to then change the ```Endpoint``` line in the config file (default is Netherlands).
Other users - Please download your WireGuard configuration file from your VPN provider, start and stop the container to generate the folder ```/config/wireguard/``` and then place your WireGuard configuration file in there.
**Notes** **Notes**
Due to Google and OpenDNS supporting EDNS Client Subnet it is recommended NOT to use either of these NS providers. Due to Google and OpenDNS supporting EDNS Client Subnet it is recommended NOT to use either of these NS providers.
The list of default NS providers in the above example(s) is as follows:- The list of default NS providers in the above example(s) is as follows:-

Loading…
Cancel
Save