---
title: Cloud
description: 
published: true
date: 2019-12-14T08:03:42.805Z
tags: 
---

## Oracle Cloud

Tier: monzi
	- ### Create Instance
	  id:: 63cbbc35-b9b8-4bd3-bd8f-fd1b9b0248cd
	  
	  https://console.eu-zurich-1.oraclecloud.com/a/compute/instances
	- New Url: https://cloud.oracle.com/?region=eu-zurich-1
- ### Instances
	- ubuntu-docker
		- Public IP address:** 152.67.84.147
		- Install Docker
		  ``` bash
		  ssh ubuntu@152.67.84.147
		  curl -fsSL https://get.docker.com -o get-docker.sh
		  sudo sh get-docker.sh
		  sudo groupadd docker
		  sudo usermod -aG docker $USER
		  ```
		- Software
			- Dante (Socks-Proxy)
				- ```
				  version: "3.8"
				  services:
				    dante:
				      image: vimagick/dante
				      ports:
				        - "8388:1080"
				      volumes:
				        - ./data:/etc/dante
				      tmpfs:
				        - /run
				      restart: unless-stopped
				  ```
		-
-
- #### Assign Public Ip
  Compute > Instances > Instance > DetailsAttached > VNICs > VNIC Details
  ![cloud_wireguard_ip.png](/assets/cloud_wireguard_ip.png)
- ### Open Port from extern
  
  Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Network Security Groups
  
  ![cloud_wireguard_ports.png](/assets/cloud_wireguard_ports.png)
  
  Networking > Virtual Cloud Networks >Virtual Cloud Network Details > Security Lists
### Allow Port in firewall

```sudo iptables -4 -I INPUT 6 -p udp --dport 54541 -m comment --comment "Wireguard listen port" -j ACCEPT```

### Wireguard Server

Tools

https://github.com/pirate/wireguard-docs#WireGuard-Setup-tools
https://github.com/isystem-io/wireguard-aws
https://habr.com/en/post/449234/

#### Install
```
sudo add-apt-repository ppa:wireguard/wireguard
sudo apt-get install wireguard
# Activate kernel module
sudo modprobe wireguard
```

#### Enable NAT
```
cat << EOF >> /etc/sysctl.conf
net.ipv4.ip_forward=1
EOF
sudo sysctl -p
```


#### Generate Keys
```
cd /etc/wireguard
umask 077
wg genkey | sudo tee privatekey | wg pubkey | sudo tee publickey

sudo vim /etc/wireguard/wg0.conf
```
Content:
```
[Interface]
PrivateKey = <your server private key here>
Address = 10.50.0.1/24
SaveConfig = false
PostUp   = iptables -I FORWARD 1 -i %i -j ACCEPT; iptables -I FORWARD 2 -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE;
ListenPort = 54541
```

#### Start Server
```
# Start Server
sudo wg-quick up wg0
# Enable Server as Servuce
sudo systemctl enable wg-quick@wg0
```

### Wireguard Client
```
sudo iptables -t mangle -I PREROUTING 1 -i br-vlanwgnl1 ! -d 172.57.0.0/16 -j MARK --set-mark 0x25
sudo ip -4 link add dev wg1 type wireguard
sudo ifconfig wg1 up
sudo wg setconf wg1 /etc/wireguard/wg1.conf
sudo ip -4 address add 10.50.0.2/32 dev wg1
sudo ip -4 link set mtu 1420 up dev wg1
sudo printf 'nameserver %s\n' '1.1.1.1' | sudo resolvconf -a wg1 -m 0 -x
sudo sysctl -w net.ipv4.conf.all.rp_filter=2
sudo ip -4 rule add from all fwmark 0x25 lookup 200
sudo ip -4 route add default via 10.50.0.2 table 200
sudo iptables -t nat -A POSTROUTING -o br-vlanwgnl1 -j MASQUERADE
```

#### Tools
```
# Show mangle rules
sudo iptables -L -v -t mangle
# Show iptables
sudo iptables -L -v --line-numbers
# Show routing table
sudo route -n
# Remove ip rule
sudo ip rule del fwmark 0x25
```


## Settings

Lokal Proxy:
```
[{"proxy":{"username":"", "password":"", "port":1080, "address":"microsocks", "type":"SOCKS5", "preferNativeImplementation":false, "resolveHostName":true, "connectMethodPrefered":false}, "rangeRequestsSupported":true, "filter":{"type":"WHITELIST", "entries":["zippyshare.com"]}, "pac":false, "reconnectSupported":false, "enabled":true},{"proxy":{"username":null, "password":null, "port":80, "address":null, "type":"NONE", "preferNativeImplementation":false, "resolveHostName":false, "connectMethodPrefered":false}, "rangeRequestsSupported":true, "filter":{"type":"BLACKLIST", "entries":["zippyshare.com"]}, "pac":false, "reconnectSupported":true, "enabled":true}]
```
Remote Proxy:
```
[{"proxy":{"username":"", "password":"", "port":8388, "address":"140.238.168.133", "type":"SOCKS5", "preferNativeImplementation":false, "resolveHostName":true, "connectMethodPrefered":false}, "rangeRequestsSupported":true, "filter":{"type":"WHITELIST", "entries":["zippyshare.com"]}, "pac":false, "reconnectSupported":false, "enabled":true},{"proxy":{"username":null, "password":null, "port":80, "address":null, "type":"NONE", "preferNativeImplementation":false, "resolveHostName":false, "connectMethodPrefered":false}, "rangeRequestsSupported":true, "filter":{"type":"BLACKLIST", "entries":["zippyshare.com"]}, "pac":false, "reconnectSupported":true, "enabled":true}]
```