OPNsensePIAWireguard
OPNsensePIAWireguard copied to clipboard
FingerlessGlov3s
Can this be used for multiple connections?
Hi,
Thanks very much for the script. I have got it set up and eventually solved pointing a VLAN at it so can use it as a gateway for a wireless network.
I have a question though. Can this script be used or modified easily to have multiple endpoints?
Ideally I want to have three connections, one in the UK, one in the EU and one in the US.
Is this possible, perhaps with three copies of the script? Failing that perhaps point me in the right direction for what I'd need to modify to accomplish this?
Cheers, Westy
Hi Westy,
This script does indeed support this, you'll need to make 2 more copies of this script.
Duplicate PIAWireguard.py to PIAWireguardEU.py and PIAWireguardUS.py
Edit these two new copies and amend the opnsenseWGName variable according to PIAEU and PIAUS, along with the piaRegionId of course to match the right regions names from PIA.
Then we modify the contents of /usr/local/opnsense/service/conf/actions.d/actions_piawireguard.conf
New contents as follows
## /usr/local/opnsense/service/conf/actions.d
[piaWireGuard]
command:/conf/PIAWireguard.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguard.py %s %s
description:PIA WireGuard UK
[piaWireGuardEU]
command:/conf/PIAWireguardEU.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardEU.py %s %s
description:PIA WireGuard EU
[piaWireGuardUS]
command:/conf/PIAWireguardUS.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardUS.py %s %s
description:PIA WireGuard US
Then we need to chmod the new files and then restart confid
chmod +x /conf/PIAWireguardEU.py
chmod +x /conf/PIAWireguardUS.py
service configd restart
Now setup the initial creation with debug mode to check it doesn't cause any errors.
/conf/PIAWireguardEU.py debug
/conf/PIAWireguardUS.py debug
Basically follow the steps from the readme again but with the new filenames and interface names 😀
I hope all this makes sense?
FingerlessGloves
Hi mate,
Thanks for the speedy response! Yes, that makes perfect sense. I'll give it a go.
Thanks a lot!
Westy
Hey,
No problem at all! Hopefully it'll go well. Once you gotten it working, and the extra 2 cron items. Give it a reboot and make sure all the tunnels work, if they do without you needing to do anything, then all is well 😀. Remember the cron time will need to hit after a reboot for the script to do its checks and see that you've rebooted the device and it needs to make sure the tunnel connection information is correct.
FingerlessGloves
Hiya,
So, all looks good, all VLANs setup and rules cloned. Think nearly there.
I do have both gateways appearing as offline at the moment though, despite having an IP.
Any ideas?
I can't reboot at the moment otherwise I'll get grief :)
Cheers, Westy
Ok that's little strange...
Go to "VPN: WireGuard", then the "List Configuration" tab, is there a handshake on each PIA wireguard peer?
I know why! I forgot about one setting, sorry about that.
In the WireGuardEU and WireGaurdUS conf, the wireguard port variable opnsenseWGPort needed amending. Each instance can't share the same port.
Change them to 51816 and 51817, then also change it manually in the WebUI to also match. That'll do the trick.
PIA = 51815 PIAEU = 51816 PIAUS = 51817
EDIT: then rerun the two EU and US scripts, and boom it should then work!
Yes! They are now both up. Excellent stuff :)
Okay, I have one final issue, and I don't think it's related to your VPN script as such, but it's certainly given me more IPs (and whilst you're proving such valuable help!)
I keep on failing to connect to my certificated name for OPNsense, that has a DNS entry on Cloudflare. I suspect because it's picking an IP that is not on the same subnet.
westy@Wiggum OPNsensePIAWireguard % nslookup opnsense Server: 192.168.1.1 Address: 192.168.1.1#53
Non-authoritative answer: Name: opnsense.[mydomain.net] Address: 10.51.137.31 Name: opnsense.[mydomain.net] Address: 192.168.3.1 Name: opnsense.[mydomain.net] Address: 192.168.1.1 Name: opnsense.[mydomain.net] Address: 192.168.11.1 Name: opnsense.[mydomain.net] Address: 192.168.10.1 Name: opnsense.[mydomain.net] Address: 192.168.12.1 Name: opnsense.[mydomain.net] Address: 82.41.5.140 Name: opnsense.[mydomain.net] Address: 10.39.137.49 Name: opnsense.[mydomain.net] Address: 10.5.215.30`
I am using AdGuard Home has my first DNS endpoint (on port 5353), that then forwards to 192.168.1.1:5353. Wonder if I need to add 192.168.3.1:5353 etc to there?
Any ideas?
Cheers
Hmm, maybe I need to try and restrict access to port 53 for each VLAN: https://serverfault.com/questions/788429/how-to-limit-a-dns-stub-zone-to-a-specific-subnet
Will have a tinker.
Sweet that working nicely now then.
Oh no that's not an issue related to my script but to how OPNsense registers each interface in Unbound DNS.
What I do is change domain in "System: Settings: General" to fw
Then create host overrides for the DNS name I want OPNsense to be, then go to "System: Settings: Administration", then add the alternatives DNS names for the Firewall to the settings "Alternate Hostnames"
I shall close this issue since the topic of the issue is fixed.
You can find me in IRC, if you want help with the DNS issue 😀 (#OPNsense on FreeNode)
Hello I followed this instruction but I have an issue
Sometimes Two servers gave an IP in the same subnet
Do you have a fix for this ? Am running manually
the debug changeserver command on the firewall when this happen
I changed in the python file the config_file variable to point to the right .json this is the content of my action file
[piaWireGuardFrance]
command:/conf/PIAWireguardFrance.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardFrance.py %s %s
description:PIA WireGuard France
[piaWireGuardFrankfurt]
command:/conf/PIAWireguardFrankfurt.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardFrankfurt.py %s %s
description:PIA WireGuard Frankfurt
[piaWireGuardLuxembourg]
command:/conf/PIAWireguardLuxembourg.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardLuxembourg.py %s %s
description:PIA WireGuard Luxembourg
[piaWireGuardMonaco]
command:/conf/PIAWireguardMonaco.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardMonaco.py %s %s
description:PIA WireGuard Monaco
[piaWireGuardNetherland]
command:/conf/PIAWireguardNetherland.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardNetherland.py %s %s
description:PIA WireGuard Netherland
[piaWireGuardSpain]
command:/conf/PIAWireguardSpain.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardSpain.py %s %s
description:PIA WireGuard Spain
[piaWireGuardSwiss]
command:/conf/PIAWireguardSwiss.py
parameters: %s %s
type:script_output
message:Running PIA WireGuard Script : /conf/PIAWireguardSwiss.py %s %s
description:PIA WireGuard Swiss
If servers have the same IP range, that shouldn't stop the interface coming up. Also wg1 and wg3, are in the same /16 but we don't address the network interfaces as /16 we do them as /32, and same with the gateway. Usually the interface not coming up is because the port is already in use or the peer us using DNS for the address and couldn't be resolved.
In theory OPNsense should still be able to deal with two interfaces on the same network. Routing I've not tested two interfaces on the same network, and then using the gateway rules to direct traffic. I think there's a bug where two gateways can't have the same IP. It's an issue that's been fixed in pfSense but not OPNsense.
Are the gateways for wg1 and wg3 the same?
I reproduce the problem
interface: wg1
public key: dIiahYJvoeyIO2iNz7L6cGvGPMfffSgOBBL0zeKVjA0=
private key: (hidden)
listening port: 51815
peer: 998m0vMBF5KlDzTbHc2jgBZSXuh93490KSTlhymW5TY=
endpoint: 191.101.31.68:1337
allowed ips: 0.0.0.0/0
latest handshake: 49 seconds ago
transfer: 9.70 KiB received, 10.05 KiB sent
persistent keepalive: every 25 seconds
interface: wg2
public key: TmFgf7TxpioNBeW1cfnRSdt8HXczJUFBv/I/08TylmU=
private key: (hidden)
listening port: 51816
peer: 41x3s3Z7kKULODTLA0Pru6OvHgZsmgU+UE/al8ay8gk=
endpoint: 45.88.97.45:1337
allowed ips: 0.0.0.0/0
latest handshake: 49 seconds ago
transfer: 2.96 KiB received, 3.24 KiB sent
persistent keepalive: every 25 seconds
interface: wg3
public key: GKaWny6CLVThWjARJ4DRRR3D7vwg/6YckULuXWod2VE=
private key: (hidden)
listening port: 51819
peer: KG5eOJ8V2xQnogMIr2Xz4jrmyKmR9kjxnBgvBy6GGE0=
endpoint: 143.244.41.197:1337
allowed ips: 0.0.0.0/0
latest handshake: 49 seconds ago
transfer: 2.96 KiB received, 3.24 KiB sent
persistent keepalive: every 25 seconds
interface: wg4
public key: H3tlB9wMblpWf+ph34tc09jFYgo/2AtS6/XYHIAfTBA=
private key: (hidden)
listening port: 51820
peer: 8sPkiyinsr3KFVzBpsx4BKEBWcIJ3C+/K2RIC9iPp14=
endpoint: 212.102.36.9:1337
allowed ips: 0.0.0.0/0
latest handshake: 49 seconds ago
transfer: 2.96 KiB received, 3.24 KiB sent
persistent keepalive: every 25 seconds
Seems the gateways are the same For Monaco and Netherland
This will be a upstream issue with OPNsense. I'm guessing it doens't support WireGuard gateway being the same for two locals.
It's probably adding the gateway to the routing table but in a way if it's already there erroring maybe. You can manually edit the non working Local, and change the gateway, just increment it by 1 IP and then see if it comes up ok.
as a fix I runed again the debug changeserver command to this result
My question now is if I let the cronjob do his job does this non blocking IP will be as good as now in the future ?
Yes so it's definately the gateway server being the same.
If you leave the cron running, it may automaticly change server again because it's not seen a handshake.
Wait for it to happen again and then report back the output of the effected server with just debug argument. See what the script thinks of the interface not being up.
Ok If understand I wait for the next issue then I run the corresponding py file with the debug only argument then I paste the result here am I right ?
hello again
I rebooted my firewall yesterday to add some vCPU to improve performance
When it started, all of my gateways came back but 4 were offline because they had the same IP (10.6.128.1) I didn't care about it and thought the gateway group I set up will do the job to maintain internet access to my VM to the next cron schedule, but I was wrong my opnsense crashed multiples times. When I saw this I checked everything possible then I found it was just all of Wireguard VPN crash looping at the startup.
I run the debug command alone and it didn't detect any issue
To fix this I run at the first minute of the uptime of opnsense the debug changeserver command for each of my PIA_WAN
Now I don't have the issue
Could you update the cronjob that checks whether the new gateway has the same IP as an existing gateway?
If so, simply run the changeserver command again
It should really support multiple gateways with the same IP, that's a OPNsense issue that it doesn't.
The script unoffically supported multiple tunnels, I shall look to add multiple tunnel support at somepoint but not quite yet.
Hello I have errors again even If I do changeserver command
this is my actual setup :
and I have this error in logs :
could you please help me
Interesting that you post that as I recently just lost both my WG Tunnels over PIA. I put it down to me screwing around with trying to get an inbound RoadWarrior tunnel setup.
I have 2 tunnels, one with PF and one without. The one with PF produces the following result on ./PIAWireguard.py changeserver debug:
`WGInstanceUUID: [redacted] WGPeerUUID: [redacted] WGInstance: [redacted] WGPeer: [redacted] Force server change requested metaServer CN: vancouver406 IP: 162.216.[redacted] wgServer CN: vancouver406 IP: 162.216.[redacted] Your PIA Token (Meta), DO NOT GIVE THIS TO ANYONE { "status": "OK", "token": "[redacted]" }
WG Server connection information { "status": "OK", "server_key": "[redacted]", "server_port": 1337, "server_ip": "162.216.[redacted]", "server_vip": "10.5.[redacted]", "peer_ip": "10.5.[redacted]", "peer_pubkey": "[redacted]", "dns_servers": [ "10.0.0.243", "10.0.0.242" ] }
Saved wireguard server information to /tmp/wg1_piaserverinfo Saved server_vip to /tmp/wg1_router Wait 5 seconds for new WireGuard server to apply before port forwarding Port not assigned, shall request port Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/urllib3/connection.py", line 174, in _new_conn conn = connection.create_connection( File "/usr/local/lib/python3.9/site-packages/urllib3/util/connection.py", line 95, in create_connection raise err File "/usr/local/lib/python3.9/site-packages/urllib3/util/connection.py", line 85, in create_connection sock.connect(sa) TimeoutError: [Errno 60] Operation timed out
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/urllib3/connectionpool.py", line 715, in urlopen httplib_response = self._make_request( File "/usr/local/lib/python3.9/site-packages/urllib3/connectionpool.py", line 404, in _make_request self._validate_conn(conn) File "/usr/local/lib/python3.9/site-packages/urllib3/connectionpool.py", line 1058, in _validate_conn conn.connect() File "/usr/local/lib/python3.9/site-packages/urllib3/connection.py", line 363, in connect self.sock = conn = self._new_conn() File "/usr/local/lib/python3.9/site-packages/urllib3/connection.py", line 186, in _new_conn raise NewConnectionError( urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x84cd0f1c0>: Failed to establish a new connection: [Errno 60] Operation timed out
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "/usr/local/lib/python3.9/site-packages/requests/adapters.py", line 486, in send resp = conn.urlopen( File "/usr/local/lib/python3.9/site-packages/urllib3/connectionpool.py", line 799, in urlopen retries = retries.increment( File "/usr/local/lib/python3.9/site-packages/urllib3/util/retry.py", line 592, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='vancouver406', port=19999): Max retries exceeded with url: /getSignature?token=[redacted] (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x84cd0f1c0>: Failed to establish a new connection: [Errno 60] Operation timed out'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/conf/./PIAWireguard.py", line 771, in
Although the other tunnel with no PF seems to complete the script at least:
`WGInstanceUUID: [redacted] WGPeerUUID: [redacted] WGInstance: [redacted] WGPeer: [redacted] Force server change requested metaServer CN: wyoming401 IP: 154.6.[redacted] wgServer CN: wyoming401 IP: 154.6.[redacted] Your PIA Token (Meta), DO NOT GIVE THIS TO ANYONE { "status": "OK", "token": "[redacted]" }
WG Server connection information { "status": "OK", "server_key": "[redacted]", "server_port": 1337, "server_ip": "154.6.[redacted]", "server_vip": "10.6.[redacted]", "peer_ip": "10.6.[redacted]", "peer_pubkey": "[redacted]", "dns_servers": [ "10.0.0.243", "10.0.0.242" ] }
Saved wireguard server information to /tmp/wg2_piaserverinfo Saved server_vip to /tmp/wg2_router`
I am pretty certain that the PF is failing because the connection is failing and both tunnels report as being up but offline with no traffic over them. I have checked and double checked the settings and they all seem OK so I took it as a sign that life wants me to rebuild my OPNsense instance...
could you please help me
Are your scripts up to date?
I can't see any issues on those screenshots and my UK PIA connection is able to change server without problem.
could you please help me
Are your scripts up to date?
I can't see any issues on those screenshots and my UK PIA connection is able to change server without problem.
I think yes I did the last update before upgrading my instance
Double check your up to date by seeing if you have this commit as it's quite important in the latest versions of OPNsense.
https://github.com/FingerlessGlov3s/OPNsensePIAWireguard/commit/b9faeec5eaeb64a6038df75368e8a009d4ca6ea2
@FingerlessGlov3s did it seems to be up to date :
root@anti-skill:/conf # ls -l *py
-rwxr-xr-x 1 root wheel 41331 Nov 14 16:50 PIAWireguardFrance.py
-rwxr-xr-x 1 root wheel 41334 Nov 14 17:04 PIAWireguardFrankfurt.py
-rwxr-xr-x 1 root wheel 41331 Nov 14 16:51 PIAWireguardMonaco.py
-rwxr-xr-x 1 root wheel 41335 Nov 14 16:51 PIAWireguardNetherland.py
-rwxr-xr-x 1 root wheel 41330 Nov 14 16:52 PIAWireguardSwiss.py
-rwxr-xr-x 1 root wheel 41327 Nov 14 16:52 PIAWireguardUK.py
-rwxr-xr-x 1 root wheel 41327 Nov 14 16:52 PIAWireguardUS.py
root@anti-skill:/conf # grep -H "wireguardPeerInstanceInfo" *py
PIAWireguardFrance.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardFrance.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardFrance.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardFrankfurt.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardFrankfurt.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardMonaco.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardMonaco.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardMonaco.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardNetherland.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardNetherland.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardNetherland.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardSwiss.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardSwiss.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardSwiss.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardUK.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardUK.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardUK.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
PIAWireguardUS.py: wireguardPeerInstanceInfo = json.loads(r.text)
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['enabled'] = '1'
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['serveraddress'] = wireguardServerInfo['server_ip']
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['serverport'] = wireguardServerInfo['server_port']
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['pubkey'] = wireguardServerInfo['server_key']
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['tunneladdress'] = "0.0.0.0/0"
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['keepalive'] = "25"
PIAWireguardUS.py: wireguardPeerInstanceInfo['client']['servers'] = opnsenseWGUUID
PIAWireguardUS.py: r = requests.post(f'{opnsenseURL}/api/wireguard/client/setClient/{opnsenseWGPeerUUID}', data=json.dumps(wireguardPeerInstanceInfo), headers=headers, auth=(config['opnsenseKey'], config['opnsenseSecret']), verify=urlVerify)
root@anti-skill:/conf #