Sign in Subscribe
security

Setup Wireguard VPN server with Docker

ロジャー

3 min read

Get and setup a server

Both Vultr and DigitalOcean offers as inexpensive as $5 per month servers. So please choose by datacenter location.

Largest Cloud Server Network Available
Vultr offers the largest worldwide network, enabling you to spin up and easily scale a low latency infrastructure solution no matter where you and your customers are coming from!
Vultr
Regional Availability Matrix | DigitalOcean Product Documentation
DigitalOcean product availability and compatibility by datacenter region.

You may register with my affiliate links below.

Creating server on Vultr
Create an account [https://www.vultr.com/?ref=7239437] if you do not have oneyet. Click on the + button and select Depoly new server to create a new serverinstance. Select server type. For general use, choose “cloud compute”. Select server location. Choose the one nearest to you or your custome…
theMatrixDevy2kbug
Server setup on DigitalOcean
* Register on DigitalOcean Register using the link below, you will get $50 credit for try out their service: https://m.do.co/c/a55a436b505d * Create a new project first. * Click “Create” on the top-right hand corner, and choose “Droplet” (server). * Below is the list of OS supported.…
theMatrixDevy2kbug

Install Docker

Install Docker and Docker-Compose on Ubuntu 20.04
DockerInstall necessary tools: sudo apt install apt-transport-https ca-certificates curl software-properties-common -y Add Docker key: curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - Add Docker repo: sudo add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu…
theMatrixDevy2kbug

Setup Wireguard

Run these on your server:

mkdir -p ~/wireguard/
mkdir -p ~/wireguard/config/
nano ~/wireguard/docker-compose.yml

Copy and paste the content below:

version: '3.8'
services:
  wireguard:
    container_name: wireguard
    image: linuxserver/wireguard
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Asia/Hong_Kong
      - SERVERURL=1.2.3.4
      - SERVERPORT=51820
      - PEERS=pc1,pc2,phone1
      - PEERDNS=auto
      - INTERNAL_SUBNET=10.0.0.0
    ports:
      - 51820:51820/udp
    volumes:
      - type: bind
        source: ./config/
        target: /config/
      - type: bind
        source: /lib/modules
        target: /lib/modules
    restart: always
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1

There are several places you need to modify.

  1. TZ refers to timezone. Choose yours from TZ database name from Wikipedia.
  2. SERVERURL refers to the server IP address. Find it on Vultr or DigitalOcean dashboard.
  3. PEERS are the number of user-config-files to generate, or the names of user-config-files. If you enter PEERS=3, it will generate peer_1, peer_2 and peer_3. If you enter PEERS=pc1,pc2,phone1, it will generate peer_pc1, peer_pc2 and peer_phone1.

Hit CTRL + X, Y, ENTER to save and exit the file.

Start Wireguard by running these:

cd ~/wireguard/
docker-compose up -d

It starts building the server. After you see Creating wireguard   ... done

Connect your phone to Wireguard

docker-compose logs -f wireguard

You will see the execution log, and QR codes of Wireguard VPN connection settings.

Open Wireguard VPN application on your phone, click +, Create from QR code