SIGN IN / UP
      SIGN IN / UP

      We use cookies and similar technologies necessary for the site to function. Optional cookies from third parties are used to improve our service and to provide you with personalized content and advertising if you agree. You can freely opt out here or customize your choice of optional cookies by clicking "Additional settings". Please see our privacy policy and cookies policy for more information on what data is collected and how it is shared with our partners.

      Cookies Policy
      Marketing
      These cookies may be placed on the site by our advertising partners. These companies may use them to build a profile of your interests and show relevant ads on other sites. They do not store personal information directly, but are based on the unique identification of your browser and device online. If you do not allow these cookies, you will see fewer targeted ads.
      Functional
      These cookies allow the site to provide advanced features and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not authorize the use of these cookies, some of our services may not work properly.
      Necessary
      These cookies allow us to count the number of visits and traffic sources to measure and improve the performance of our site. They help us to know which pages are the most or least popular and to see how many people are visiting the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not authorize the use of these cookies, we will not know when you have visited our site and will not be able to track its performance.
      Cookies Policy
      opened image

      How to install Wireguard in Docker

      Similar articles:
      Basics of working with the screen utility Midnight Commander file manager How to install Windows 10 from your image How to add a new user in Windows Server 2012, 2016, 2019 How to install Nextcloud on Ubuntu 20.04

      Basic Cloud VPS

      FROM €2.9/MONTH

      As you know, WireGuard — is a VPN that allows us to create a secure tunnel for both personal networks and surfing. This provides us with safe and reliable Internet access from a smartphone or personal computer.

      How to install it on a clean server can be found in this article.

      In this guide, we will look at how to install WireGuard in a Docker container using Docker Compose.

       

      Let's install Docker. 

      But first, we need to update the OS packages. 
       

      apt update


      Let's install the necessary packages and add a new repository:

      apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"


      Let's update the packages with the new repository:

      apt update


      Now let's install Docker itself.

      apt-get install docker-ce docker-ce-cli containerd.io


      Let's check the version:

      docker --version


      Let's check the status:

      systemctl status docker



      If it hasn't started, let's start it:

      systemctl start docker


      And add it to autostart.

      systemctl enable docker


       

       

      Let's install Docker-Compose

      For this project, version 1.25 will be sufficient. 
       

      curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose


      Let's set the execution permissions. 

      chmod +x /usr/local/bin/docker-compose


      Let's check how Docker-Compose was installed:

      docker-compose --version



      Let's add the Linux user to the docker group:

       

      usermod -aG docker $USER


      Let's create a *.yaml  file for Docker-Compose.

      To keep track of what we have installed in the future, let's create a separate folder for this project in the /opt directory and navigate to it.

      mkdir /opt/wireguard-server && cd /opt/wireguard-server


      You can also use your home directory /home to place this and other projects. 

      We will use the linuxserver repository to create the docker-compose.yaml file at the link https://hub.docker.com/r/linuxserver/wireguard

      Let's create a file docker-compose.yaml or docker-compose.yml,

      vim docker-compose.yaml


      And add the following code to it:

      version: "2.1"
services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=0
      - PGID=0
      - TZ=Europe/Amsterdam
      - SERVERURL=auto
      - SERVERPORT=51820
      - PEERS=1
      - PEERDNS=1.1.1.1
      - INTERNAL_SUBNET=10.10.10.0
      - ALLOWEDIPS=0.0.0.0/0
      - LOG_CONFS=true
    volumes:
      -  /opt/wireguard-server/config:/config
      - /lib/modules:/lib/modules
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: always


      Where:

      container_name: the name of your container;
      TZ=: the time zone, you can change it to the desired one, but for anonymity, it's better to leave it as Europe/Amsterdam;
      SERVERPORT=: a random port on which your VPN will operate. It also needs to be specified in ports.
      PEERS=: the number of users. You can increase it to the desired number;
      51820:51820/udp - the forwarded ports.

      Let's run our script (for this, you need to be in the directory where our file was created. In this case, it's /opt/wireguard-server/):

      docker-compose up -d 


      Wait for the images to download and deploy.

      Let's check:

      docker-compose ps


      or 

      docker ps



      This can also be done with a single command in docker:

      docker run -d \\ --name=wireguard \\ --cap-add=NET_ADMIN \\ --cap-add=SYS_MODULE \\ -e PUID=0 \\ -e PGID=0 \\ -e TZ=Europe/Amsterdam \\ -e SERVERURL=auto \\ -e SERVERPORT=51820 \\ -e PEERS=1 \\ -e PEERDNS=1.1.1.1 \\ -e INTERNAL_SUBNET=10.10.10.0 \\ -e ALLOWEDIPS=0.0.0.0/0 \\ -e LOG_CONFS=true \\ -p 51820:51820/udp \\ -v /opt/wireguard-server/config:/config \\ -v /lib/modules:/lib/modules \\ --sysctl="net.ipv4.conf.all.src_valid_mark=1" \\ --restart always \\  lscr.io/linuxserver/wireguard:latest


      To generate a QR code for a smartphone:

      docker exec -it wireguard /app/show-peer 1


      Where:

      1 - is the first config/user.

      Result:


      All configuration files and QR codes are located in /opt/wireguard-server/config/peer*

       

      How to create additional users.


      To do this, simply change the directive PEERS in the docker-compose.yaml  file, adding the desired number of users.

      To apply the changes, we recreate our container:

       

      docker-compose up -d --force-recreate


      Also, for anonymity, let's disable ping on the host server:

      echo "net.ipv4.icmp_echo_ignore_all = 1" >> /etc/sysctl.conf

       


      And apply the changes:

      sysctl -p


      Happy surfing.
       

      Similar articles:
      Basics of working with the screen utility Midnight Commander file manager How to install Windows 10 from your image How to add a new user in Windows Server 2012, 2016, 2019 How to install Nextcloud on Ubuntu 20.04

      Basic Cloud VPS

      FROM €2.9/MONTH