LibreELEC
LibreELEC and CoreELEC are Linux-based open source software appliances for running the Kodi media player. These can be used as kiosk displays and you can remotely manage them with wireguard.
Create a Wireguard Service
These systems have wireguard support, but use connman
that lacks split-tunnel ability1. This forces all traffic through the VPN and so is unsuitable for remote management. To enable split-tunnel, create a wireguard service instead.
Create a service unit file
vi /storage/.config/system.d/wg0.service
[Unit]
Description=start wireguard interface
# The network-online service isn't guaranteed to work on *ELEC
#Requires=network-online.service
After=time-sync.target
Before=kodi.service
[Service]
Type=oneshot
RemainAfterExit=true
StandardOutput=journal
# Need to check DNS is responding before we proceed
ExecStartPre=/bin/bash -c 'until nslookup google.com; do sleep 1; done'
ExecStart=ip link add dev wg0 type wireguard
ExecStart=ip address add dev wg0 10.1.1.3/24
ExecStart=wg setconf wg0 /storage/.config/wireguard/wg0.conf
ExecStart=ip link set up dev wg0
# On the newest version, a manual route addition is needed too
ExecStart=ip route add 10.2.2.0/24 dev wg0 scope link src 10.1.1.3
# Deleting the device seems to remove the address and routes
ExecStop=ip link del dev wg0
[Install]
WantedBy=multi-user.target
Create a Wireguard Config File
Note: This isn’t exactly the same file wg-quick uses, just close enough to confuse.
vi /storage/.config/wireguard/wg0.conf
[Interface]
PrivateKey = XXXXXXXXXXXXXXX
[Peer]
PublicKey = XXXXXXXXXXXXXXX
AllowedIPs = 10.1.1.0/24
Endpoint = endpoint.hostname:31194
PersistentKeepalive = 25
Enable and Test
systemctl enable --now wg0.service
ping 10.1.1.1
Create a Cron Check
When using a DNS name for the endpoint you may become disconnected. To catch this, use a cron job
# Use the internal wireguard IP address of the peer you are connecting to. .1 in this case
crontab -e
*/5 * * * * ping -c1 -W5 10.1.1.1 || ( systemctl stop wg0; sleep 5; systemctl start wg0 )
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.