diff --git a/rootfs/etc/unbound/unbound.conf b/rootfs/etc/unbound/unbound.conf index 31b7db3..d3de2a8 100644 --- a/rootfs/etc/unbound/unbound.conf +++ b/rootfs/etc/unbound/unbound.conf @@ -1,11 +1,16 @@ server: interface: 0.0.0.0 + interface: ::0 port: 53 root-hints: "/usr/share/dns/root.hints" auto-trust-anchor-file: "/var/lib/unbound/root.key" access-control: 0.0.0.0/0 refuse access-control: 127.0.0.0/8 allow access-control: 10.10.10.0/24 allow + access-control: ::0/0 refuse + access-control: ::1 allow + access-control: ::ffff:127.0.0.0/104 allow + access-control: fd10:10:10::1/64 allow private-address: 0.0.0.0/8 private-address: ::ffff:0.0.0.0/104 private-address: 10.0.0.0/8 diff --git a/rootfs/etc/wireguard/client-sample.conf b/rootfs/etc/wireguard/client-sample.conf index ae48600..5d48d46 100644 --- a/rootfs/etc/wireguard/client-sample.conf +++ b/rootfs/etc/wireguard/client-sample.conf @@ -1,9 +1,9 @@ [Interface] PrivateKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -Address = 10.10.10.2/32 -DNS = 10.10.10.1 +Address = 10.10.10.2/32, fd10:10:10::2/128 +DNS = 10.10.10.1, fd10:10:10::1 [Peer] PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -AllowedIPs = 0.0.0.0/0, ::/0 +AllowedIPs = 0.0.0.0/0, ::0/0 Endpoint = XXX.XXX.XXX.XXX:51820 diff --git a/rootfs/etc/wireguard/wg0-peers.conf b/rootfs/etc/wireguard/wg0-peers.conf index f506490..0aa162b 100644 --- a/rootfs/etc/wireguard/wg0-peers.conf +++ b/rootfs/etc/wireguard/wg0-peers.conf @@ -1,3 +1,11 @@ #[Peer] #PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -#AllowedIPs = 10.10.10.2/32 +#AllowedIPs = 10.10.10.2/32, fd10:10:10::2/128 + +#[Peer] +#PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX +#AllowedIPs = 10.10.10.3/32, fd10:10:10::3/128 + +#[Peer] +#PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX +#AllowedIPs = 10.10.10.4/32, fd10:10:10::4/128 diff --git a/rootfs/etc/wireguard/wg0.conf b/rootfs/etc/wireguard/wg0.conf index 2270e02..7ce1e6a 100644 --- a/rootfs/etc/wireguard/wg0.conf +++ b/rootfs/etc/wireguard/wg0.conf @@ -1,5 +1,5 @@ [Interface] -Address = 10.10.10.1/24 +Address = 10.10.10.1/24, fd10:10:10::1/64 ListenPort = 51820 # Load keys PostUp = [ -e '/etc/wireguard/%i-privatekey' ] || (umask 077 && wg genkey > '/etc/wireguard/%i-privatekey')