dsnet
kilo
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dsnet
-
Recommended VPN?
Yes, that is true. But there are projects that can simplify WG's deployment without compromising security like dsnet.
-
Android Client: multiple private keys?
I have a config provided by a VPN provider, which generates the private key as well as the public (I think there's no way to provide a public key for them to use). I'm also using dsnet to generate peer configurations, and that also generates a new priv/pub key pair. The end result is that I have two different private keys, one for each endpoint. This (having multiple pub/priv pairs) is neither bad security[1], nor uncommon, and while it's trivial to have multiple Wireguard configurations running at the same time on Linux I haven't found a way to do this through the mobile app. This is because the app allows only one active Wireguard configuration at a time, and there's no facility for supplying two private keys within one Wireguard config file.
- DSNet for WireGuard VPN: Like wg-quick but even quicker
-
Wiretrustee: WireGuard-Based Mesh Network
I made this: https://github.com/naggie/dsnet/ -- a simple command to manage a centralised wireguard VPN. Think wg-quick but quicker: key generation + address allocation
kilo
-
NetMaker: Connect Everything with a WireGuard VPN
For the particular case of creating a wireguard mesh network in kubernetes, I've been quite happy with Kilo[0]. Does anyone with experience in both kilo and netmaker know how they compare?
[0]: https://kilo.squat.ai/
-
Why do NGFW's / Web Security apps talk so much about URL/Application filtering when 99% of companies don't SSL Decrypt?
Then using something like this: https://docs.tigera.io/calico-enterprise/latest/compliance/encrypt-cluster-pod-traffic#value or: https://github.com/squat/kilo
- Can I run a wireguard VPN as a sidecar or a service available to my containers?
- Kilo
-
Exposing a web service with Cloudflare Tunnel
Another one for the alternatives list is Kilo[1]
It's a wireguard based kubernetes network overlay. I use it to access private services in my homelab cluster from my laptop, phone, etc.
[1] https://kilo.squat.ai
- Building a bare-metal Kubernetes cluster on Raspberry Pi
-
K3s networking with Wireguard, VPS and Raspberry
Sorry, big typo, I meant "Kilo" and not "Silo"...
-
Any K3s / RPi combo user here ?
Networking: Manually configured wireguard VPN between all nodes. I consider checking out kilo when I find some time though. VPS handles all incoming traffic (with ingress-nginx) but outbound traffic from containers uses regular network, no VPN.
-
Configuring and Managing Routes Between Multiple Networks with Wireguard
Kilo — Wireguard-based multi-cloud overlay
What are some alternatives?
Netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
cilium - eBPF-based Networking, Security, and Observability
wgctrl-go - Package wgctrl enables control of WireGuard interfaces on multiple platforms.
multus-cni - A CNI meta-plugin for multi-homed pods in Kubernetes
cjdns - An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
kine - Run Kubernetes on MySQL, Postgres, sqlite, dqlite, not etcd.
ansible-role-wireguard - Ansible role for installing WireGuard VPN. Supports Ubuntu, Debian, Archlinx, Fedora and CentOS.
inlets-pro - Secure HTTP and TCP tunnels that just work
netbird - Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls.
zero-ui - ZeroUI - ZeroTier Controller Web UI - is a web user interface for a self-hosted ZeroTier network controller.
headscale - An open source, self-hosted implementation of the Tailscale control server
wesher - wireguard overlay mesh network manager