vpn-setup

📁 bagelhole/devops-security-agent-skills 📅 9 days ago

总安装量

周安装量

#53838

全站排名

安装命令

npx skills add https://github.com/bagelhole/devops-security-agent-skills --skill vpn-setup

Agent 安装分布

opencode 1

codex 1

claude-code 1

Skill 文档

VPN Setup

Configure secure VPN tunnels for remote access and site connectivity.

WireGuard

# Generate keys
wg genkey | tee privatekey | wg pubkey > publickey

# Server config (/etc/wireguard/wg0.conf)
[Interface]
Address = 10.0.0.1/24
ListenPort = 51820
PrivateKey = <server-private-key>

[Peer]
PublicKey = <client-public-key>
AllowedIPs = 10.0.0.2/32

# Enable
wg-quick up wg0
systemctl enable wg-quick@wg0

OpenVPN

# Install
apt install openvpn easy-rsa

# Generate certificates
cd /etc/openvpn/easy-rsa
./easyrsa init-pki
./easyrsa build-ca
./easyrsa gen-req server nopass
./easyrsa sign-req server server
./easyrsa gen-dh

AWS Site-to-Site VPN

aws ec2 create-vpn-gateway --type ipsec.1
aws ec2 create-customer-gateway \
  --type ipsec.1 \
  --bgp-asn 65000 \
  --public-ip <on-prem-ip>
aws ec2 create-vpn-connection \
  --type ipsec.1 \
  --customer-gateway-id cgw-xxx \
  --vpn-gateway-id vgw-xxx

Best Practices

Use WireGuard for modern deployments
Implement MFA for VPN access
Regular key rotation
Monitor VPN connections
Segment VPN access by role

Related Skills

zero-trust – Modern access patterns
ssl-tls-management – Certificate management

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台