Simplest Wireguard Setup Ever

Wireguard - wired network pic by jordan-harrison-40XgDxBfYXM-unsplash-

Wireguard - wired network pic by jordan-harrison-40XgDxBfYXM-unsplash-

Wireguard

Wireguard is the newest way to setup a VPN for your home servers. What will this do for you ? It allows you to access your Raspberry Pi or other local servers located at home behind your router (or even your router itself) from outside your network by simply using a Wireguard client (either on a mobile phone or using a computer). You then access your local servers with the same ip addresses you do at home. For example, if my router is 192.168.1.1., I can be half way around the world and type in “192.168.1.1” and get my router control panel.

A recent podcast of Linux Unplugged “Back to the Freedom Dimension” had some really useful information on Wireguard and some interesting use cases. Paraphrasing one of the hosts, Wireguard is like having a very long ethernet cable into your home router.

The simplest method I have found to install Wireguard on Raspberry Pi is to use Docker following this post from The Digital Life.

Here is the somewhat modified docker compose file I use:

Wireguard Docker Compose file

Now it’s just a matter of typing “docker-compose up -d” and you have a running wireguard instance. Set up the clients as described in The Digital Life post.

How to Force Google Safe Search on DD-WRT

Choosing Googles SafeSearch

Try Oone of These Two Methods to Force Google Safe Search

These two methods will enforce Google’s safesearch on all computers on your network (keep in mind that this won’t work for cell phones or other devices using cellular data). This is specific to any router using the DDWRT firmware. DDWRT is an open source firmware that is available to be flashed on a number of routers (check the DDWRT website for a list of compatible routers and installation details)

Method #1 of Forcing Google’s Safe Search – Rewrite DDWRT’s Hosts File on Startup

The simplest way to do this is to have your router edit your hosts file on each startup as follows:

  1. Go to Administration->Commands

    DDWRT Screenshot - administration

  2. Click “Edit” and add the following script:

  3. Click “Run Commands”
  4. Click “Save Startup”
  5. Done!

What does this do ? It redirects those urls to the ip address of forcesafesearch.com. Your hosts file will be wiped out on every reboot of the router but the script will restore the settings.

While this is a very easy way of forcing safesearch, the disadvantage is that Google could change the ip address of safesearch. In addition, this method doesn’t permit wild cards.

Method #2 of Forcing Google SafeSearch- Use DNSMasq

This method permits wildcards:

  1. Make sure that you have DNS masq enabled.
  2. Services->Additional DNSMasq option Box.
  3. DDWRT DNSMasq Option

  4. Insert the following (Note the DOT before google.com, the dot acts as a wild card to pickup any subdomains):
  5. It should look like this:

    DNSMasq Options With Google Safe Search Specified

  6. Click “Save” (button bottom of page)
  7. Click “Apply Settings”
  8. Done! If it doesn’t work right away you may need to reboot the router (use the button on the Services tab)