Add wireguard to vyos

desktop/etc/containers/containers.conf

@@ -1,2 +0,0 @@
-[engine]
-compression_format="zstd:chunked"

desktop/var/lib/flatpak/extension/org.mozilla.firefox.systemconfig/x86_64/stable/defaults/pref/config.js

@@ -17,6 +17,7 @@ pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
 pref("cookiebanners.service.mode", 1);
 pref("cookiebanners.service.mode.privateBrowsing", 1);
 pref("devtools.theme", "dark");
+pref("dom.private-attribution.submission.enabled", false);
 pref("dom.security.https_only_mode", true);
 pref("extensions.getAddons.discovery.api_url", "");
 pref("extensions.htmlaboutaddons.recommendations.enabled", false);

setup-vyos.sh

@@ -13,6 +13,8 @@ set interfaces ethernet eth2 address 192.168.254.1/24
 set interfaces ethernet eth2 address fc01::1/64
 set interfaces ethernet eth3 address 192.168.253.1/24
 set interfaces ethernet eth3 address fc02::1/64
+set interfaces wireguard wg0 address 10.0.0.1/24
+set interfaces wireguard wg0 port 51820
 
 set service ssh disable-password-authentication
 set service dhcp-server hostfile-update
@@ -70,4 +72,6 @@ for i in ${firewall_types}; do
   set firewall "$i" forward filter rule 5 action accept
   set firewall "$i" forward filter rule 5 inbound-interface name eth3
   set firewall "$i" forward filter rule 5 outbound-interface name eth2
+  set firewall "$i" forward filter rule 6 action accept
+  set firewall "$i" forward filter rule 6 inbound-interface name wg0
 done