massive re-write from org-publish to weblorg

1 files changed, 112 insertions, 0 deletions

diff --git a/content/blog/2023-01-23-random-wireguard.org b/content/blog/2023-01-23-random-wireguard.org
new file mode 100644
index 0000000..162ffc4
--- /dev/null
+++ b/content/blog/2023-01-23-random-wireguard.org
@@ -0,0 +1,112 @@
+#+title: Connecting to a Random Mullvad Wireguard Host on Boot
+#+date: 2023-01-23
+#+description: Learn how to connect to a random Mullvad Wireguard host on boot.
+#+filetags: :linux:
+
+* Mullvad Wireguard
+If you're using an OS that does not support one of Mullvad's apps,
+you're likely using the Wireguard configuration files instead.
+
+If not, the first step is to visit Mullvad's
+[[https://mullvad.net/en/account/#/wireguard-config][Wireguard
+configuration files]] page and download a ZIP of the configuration files
+you want to use.
+
+Personally, I downloaded all configuration files across the world and
+chose my connections using the script below.
+
+Once the files are downloaded, unzip them and move them to your
+preferred location:
+
+#+begin_src sh
+cd Downloads
+unzip mullvad_wireguard_linux_all_all.zip
+mkdir ~/mullvad && mv ~/Downloads/*.conf ~/mullvad/
+#+end_src
+
+*** Creating a Script to Connect to a Random Host
+Once you have a folder of Wireguard configuration files from Mullvad,
+you can create a script to randomly connect to any one of the locations.
+
+Start by creating a shell script - mine is called =vpn.sh=.
+
+#+begin_src sh
+nano ~/vpn.sh
+#+end_src
+
+Within this script, you can paste the following info. Note that I
+specify =us-*= in my script, which means that it will only consider
+US-based VPN locations. You can alter this or simply change it =*= to
+consider all locations.
+
+#+begin_src sh
+#!/bin/sh
+
+ls /home/$USER/mullvad/us-** |sort -R |tail -n 1 |while read file; do
+    # Replace `doas` with `sudo` if your machine uses `sudo`,
+    # or remove `doas` if users don't need to su to run wg-quick
+    doas wg-quick up $file;
+    printf "\nCreated Mullvad wireguard connection with file: $file";
+    printf "\n\nPrinting new IP info:\n"
+    curl https://am.i.mullvad.net/connected
+done
+#+end_src
+
+Once you've modified the script to your liking, add executable
+permissions and run the script:
+
+#+begin_src sh
+chmod +x ~/vpn.sh
+~/vpn.sh
+#+end_src
+
+The output should look like the following:
+
+#+begin_src txt
+doas (user@host) password:
+
+# ... The script will process all of the iptables and wg commands here
+
+Created Mullvad wireguard connection with file: /home/user/mullvad/us-nyc-wg-210.conf
+
+Printing new IP info:
+You are connected to Mullvad (server country-city-wg-num). Your IP address is 12.345.678.99
+#+end_src
+
+That's all there is to it. You can see your new location and IP via the
+=printf= and =curl= commands included in the script.
+
+You can also go to the [[https://mullvad.net/en/check/][Connection Check
+​| Mullvad]] page to see if you are fully connected to Mullvad and if any
+leaks exist.
+
+#+caption: Mullvad Connection Check
+[[https://img.cleberg.net/blog/20230123-random-mullvad-wireguard/mullvad_check.png]]
+
+* Disconnecting from the Wireguard Connection
+If you forget which connection you're using, you can execute the
+following command to see where Wireguard is currently connected:
+
+#+begin_src sh
+wg show
+#+end_src
+
+This command will show you the Wireguard interfaces and should output a
+connection like so: =interface: us-lax-wg-104=.
+
+Once you have this, just disconnect using that files' full path:
+
+#+begin_src sh
+wg-quick down /home/user/mullvad/us-lax-wg-104.conf
+#+end_src
+
+I have a TODO item on figuring out how to easily export an environment
+variable that contains the configuration file's full name, so that I can
+just execute the following:
+
+#+begin_src sh
+# Ideal situation if I can export the $file variable to the environment
+wg-quick down $file
+#+end_src
+
+If you have an idea on how to do this, email me!