PiVPN Notes Raw

Install via the highly-regarded `curl` and `bash` combo. 

```bash
curl -L https://install.pivpn.io | bash
```

You _must_ run `pivpn debug` after this! This will add `MASQUERADE` rules to `iptables`. Else you won't be able to access devices on the local network. Here's some sample output from `iptables-save`:

```
# Generated by iptables-save v1.8.9 (nf_tables) on Mon Jan 22 20:23:02 2024
*filter
:INPUT ACCEPT [539667:80844193]
:FORWARD ACCEPT [9052:4464611]
:OUTPUT ACCEPT [329479:41880851]
-A INPUT -i wg0 -p udp -m udp --dport 53 -m comment --comment pihole-DNS-rule -j ACCEPT
-A INPUT -i wg0 -p udp -m udp --dport 53 -m comment --comment pihole-DNS-rule -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 58120 -m comment --comment wireguard-input-rule -j ACCEPT
-A INPUT -i wg0 -p udp -m udp --dport 53 -m comment --comment pihole-DNS-rule -j ACCEPT
-A INPUT -i wg0 -p udp -m udp --dport 53 -m comment --comment pihole-DNS-rule -j ACCEPT
COMMIT
# Completed on Mon Jan 22 20:23:02 2024
# Generated by iptables-save v1.8.9 (nf_tables) on Mon Jan 22 20:23:02 2024
*nat
:PREROUTING ACCEPT [66794:5901902]
:INPUT ACCEPT [66250:5815572]
:OUTPUT ACCEPT [49939:3627320]
:POSTROUTING ACCEPT [50130:3649317]
-A POSTROUTING -s 192.116.240.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
-A POSTROUTING -s 192.236.34.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
-A POSTROUTING -s 192.134.161.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
-A POSTROUTING -s 192.165.64.0/24 -o eth0 -m comment --comment wireguard-nat-rule -j MASQUERADE
COMMIT
# Completed on Mon Jan 22 20:23:02 2024
```

and an accompanying client configuration:

```
[Interface]
PrivateKey = 
Address = 192.116.240.2/24
DNS = 192.168.1.7, 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = 
PresharedKey = 
AllowedIPs = 0.0.0.0/0
Endpoint = 171.172.173.174:58120
```