VPN / WireGuard¶
Manage WireGuard VPN connections to the bnerd cloud.
Connect¶
Connects to the VPN using the configuration in ~/.bnerd.yaml. If no client keys exist, they are generated automatically on first run.
Requires root/sudo
VPN operations require elevated privileges to manage network interfaces.
Flags¶
| Flag | Type | Default | Description |
|---|---|---|---|
--generate-keys | bool | false | Generate a new WireGuard key pair (without connecting) |
--regenerate-keys | bool | false | Delete cached keys and generate new ones |
--down | bool | false | Disconnect VPN |
--status | bool | false | Show connection status |
--show-peer-info | bool | false | Display peer info for server configuration |
--interface | string | Override WireGuard interface name (e.g., bnerd1) |
Disconnect¶
Or equivalently: bnerd up --down
Check Status¶
Or equivalently: bnerd up --status
Flags¶
| Flag | Type | Description |
|---|---|---|
-w, --watch | bool | Continuously refresh status every 2 seconds |
Key Management¶
Generate Keys¶
Generates a new Curve25519 key pair and displays it. Keys are also saved to ~/.config/bnerd/wireguard/<interface>.key.
Regenerate Keys¶
Deletes the cached key file and generates a fresh key pair.
Show Peer Info¶
Displays your public key and client address in a format ready to send to your VPN administrator for server-side configuration.
Configuration¶
VPN settings are configured in the vpn: block of ~/.bnerd.yaml:
See VPN Configuration Reference for all options.
Examples¶
# First-time setup: generate keys
bnerd up --generate-keys
# Connect to VPN
sudo bnerd up
# Check connection status
bnerd status
# Watch status continuously
bnerd status -w
# Disconnect
sudo bnerd down
# Use a different interface (for multiple VPNs)
sudo bnerd up --interface bnerd1
Guides¶
- VPN Quick Start — Full setup walkthrough
- Multiple VPN Connections — Running multiple VPNs simultaneously