区域后端 VPN 接入 + 关闭公网

# K3s VPN Connection + Backend Config

**Parent Issue**: #204

## Status: ✅ Complete (2025-12-21)

---

## K3s WireGuard Setup

```ini
# /etc/wireguard/wg0.conf on K3s node
[Interface]
Address = 10.10.0.2/24
PrivateKey = <k3s-private-key>
ListenPort = 51820

[Peer]
# Gateway VM
PublicKey = <gateway-public-key>
AllowedIPs = 10.10.0.1/32
Endpoint = 4.241.232.69:51820
PersistentKeepalive = 25
```

---

## Network Configuration

| Node | Public IP | WireGuard IP |
|------|-----------|--------------|
| Gateway VM | 4.241.232.69 | 10.10.0.1 |
| K3s Node | 4.189.121.136 | 10.10.0.2 |

---

## K8s Gateway NodePort

```yaml
apiVersion: v1
kind: Service
metadata:
  name: gateway
spec:
  type: NodePort
  selector:
    app: gateway
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30080
```

---

## Traffic Flow

```
Gateway VM (10.10.0.1)
    │
    │ WireGuard tunnel
    │
    ▼
K3s Node (10.10.0.2:30080)
    │
    │ NodePort
    │
    ▼
K8s Gateway Pod (:80)
    │
    │ ClusterIP
    │
    ▼
Backend Pod (:3000)
```

---

## Verification

```bash
# From Gateway VM
ping 10.10.0.2
curl http://10.10.0.2:30080/api/health

# From K3s node
wg show
ping 10.10.0.1
```

Connectivity verified ✅

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

区域后端 VPN 接入 + 关闭公网 #232

K3s VPN Connection + Backend Config

Status: ✅ Complete (2025-12-21)

K3s WireGuard Setup

Network Configuration

K8s Gateway NodePort

Traffic Flow

Verification

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Node	Public IP	WireGuard IP
Gateway VM	4.241.232.69	10.10.0.1
K3s Node	4.189.121.136	10.10.0.2

区域后端 VPN 接入 + 关闭公网 #232

Description

K3s VPN Connection + Backend Config

Status: ✅ Complete (2025-12-21)

K3s WireGuard Setup

Network Configuration

K8s Gateway NodePort

Traffic Flow

Verification

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions