# VPN Configuration # Copy this file to .env and adjust values for your environment # # Usage: # cp .env.example .env # nano .env # Edit values # source .env && ./scripts/setup-ru-vds.sh # ============================================================================= # Server IPs (External/Public) # ============================================================================= # RU VDS (Gateway) - public IP address RU_VDS_IP="176.124.216.197" # DE VDS (Exit Node) - public IP address DE_VDS_IP="194.31.173.178" # ============================================================================= # WireGuard Ports # ============================================================================= # Port for client connections (on RU VDS) WG_CLIENT_PORT="51820" # Port for server-to-server tunnel (on DE VDS) WG_TUNNEL_PORT="51821" # ============================================================================= # VPN Networks # ============================================================================= # User VPN network (clients connect to this) USER_VPN_NETWORK="10.10.0.0/24" USER_VPN_GATEWAY="10.10.0.1" # Server tunnel network (RU <-> DE) TUNNEL_NETWORK="10.20.0.0/30" TUNNEL_RU_IP="10.20.0.1" TUNNEL_DE_IP="10.20.0.2" # ============================================================================= # DNS Configuration # ============================================================================= # DNS servers for VPN clients (dnsmasq forwards to these) DNS_UPSTREAM_1="8.8.8.8" DNS_UPSTREAM_2="8.8.4.4" DNS_UPSTREAM_3="1.1.1.1" # ============================================================================= # SSH Configuration # ============================================================================= # SSH port (for firewall rules) SSH_PORT="22" # ============================================================================= # Advanced Settings # ============================================================================= # nftables set timeout for Russian IP ranges (how long before entries expire) # Format: 1h, 6h, 24h, etc. NFT_SET_TIMEOUT="6h" # WireGuard persistent keepalive interval (seconds) # Helps maintain NAT mappings WG_KEEPALIVE="25" # DNS cache size for dnsmasq DNS_CACHE_SIZE="10000"