SIGN IN / UP
      SIGN IN / UP

      We use cookies and similar technologies necessary for the site to function. Optional cookies from third parties are used to improve our service and to provide you with personalized content and advertising if you agree. You can freely opt out here or customize your choice of optional cookies by clicking "Additional settings". Please see our privacy policy and cookies policy for more information on what data is collected and how it is shared with our partners.

      Cookies Policy
      Marketing
      These cookies may be placed on the site by our advertising partners. These companies may use them to build a profile of your interests and show relevant ads on other sites. They do not store personal information directly, but are based on the unique identification of your browser and device online. If you do not allow these cookies, you will see fewer targeted ads.
      Functional
      These cookies allow the site to provide advanced features and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not authorize the use of these cookies, some of our services may not work properly.
      Necessary
      These cookies allow us to count the number of visits and traffic sources to measure and improve the performance of our site. They help us to know which pages are the most or least popular and to see how many people are visiting the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not authorize the use of these cookies, we will not know when you have visited our site and will not be able to track its performance.
      Cookies Policy
      opened image

      How to Install Wireguard on Docker

      Similar articles:
      PowerShell: Sending messages to Telegram How to Install Docker on Ubuntu 20.04 cPanel: creating a mailbox and working with it Performing backups of MySQL databases with rotation How to install AdGuard Home in Docker

      Server with DDoS protection

      FROM €7.91/MONTH

      As you know, WireGuard is a VPN that allows us to securely tunnel both our personal network and surfing. This gives us secure and reliable Internet access from a smartphone or personal computer.

      How to install it on a clean server can be found in this article.

      In this tutorial, we'll look at how to install WireGuard in a Docker container using Docker Compose.
       

      Let's install Docker.

      But first, you need to update the OS packages.
      apt update


      Install the necessary packages and add a new repository:

      apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt key add -

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"


      Update the packages with the new repository:

       

      apt update


      Now let's install Docker itself.

      apt-get install docker-ce docker-ce-cli containerd.io


      Let's check the version:

      docker --version


      Check status:

      systemctl status docker


      If it did not start, then run:

      systemctl start docker


      And add to autorun.

      systemctl enable docker


       

       

       

      Install Docker Compose

      For this project, version 1.25 will be enough for us.

      curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin /docker-compose


      Set permissions to launch.

      chmod +x /usr/local/bin/docker-compose


      Check how Docker-Compose was installed:

      docker-compose --version



      Add a Linux user to the docker group:

      usermod -aG docker $USER


      Let's create a *.yaml file for Docker-Compose.

      In order to orient in the future in what we have installed, let's create a separate folder for this project in the /opt directory and go to it.

      mkdir /opt/wireguard-server && cd /opt/wireguard-server


      You can also use your /home directory to host this and other projects.

      Let's use the linuxserver repository to create the docker-compose.yaml file at https://hub.docker.com/r/linuxserver/wireguard

      Create a docker-compose.yaml or docker-compose.yml file,

      vim docker-compose.yaml


      And add the following code to it:

      version: "2.1"
services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      -NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=0
      - PGID=0
      - TZ=Europe/Amsterdam
      - SERVERURL=auto
      - SERVERPORT=51820
      - PEERS=1
      - PEERDNS=1.1.1.1
      - INTERNAL_SUBNET=10.10.10.0
      - ALLOWEDIPS=0.0.0.0/0
      - LOG_CONFS=true
    volumes:
      - /opt/wireguard-server/config:/config
      - /lib/modules:/lib/modules
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: always


      Where:

      container_name: name of your container;
      TZ=: time zone, you can change it to the desired one, but for anonymity it is better to leave Europe/Amsterdam;
      SERVERPORT=: random port on which your VPN will work. It will also need to be registered in ports.
      PEERS=: number of users. They can be increased to the required amount;
      51820:51820/udp - forwarded ports.

      Run our script (to do this, you need to be in the directory where our file was created. In this case, it is /opt/wireguard-server/):

      docker-compose up -d


      We are waiting for the download of images, and deployment.

      We check:

      docker-compose ps


      or

      docker ps


      You can also do this with one command in docker:

      docker run -d \\ --name=wireguard \\ --cap-add=NET_ADMIN \\ --cap-add=SYS_MODULE \\ -e PUID=0 \\ -e PGID=0 \\ -e TZ=Europe/Amsterdam \\ -e SERVERURL=auto \\ -e SERVERPORT=51820 \\ -e PEERS=1 \\ -e PEERDNS=1.1.1.1 \\ -e INTERNAL_SUBNET=10.10.10.0 \\ -e ALLOWEDIPS=0.0.0.0/0 \\ -e LOG_CONFS=true \\ -p 51820:51820/udp \\ -v /opt/wireguard-server/config:/config \\ -v /lib/modules:/lib/modules \\ --sysctl="net.ipv4.conf.all.src_valid_mark=1" \\ --restart always \\  lscr.io/linuxserver/wireguard:latest


      To generate a QR code for a smartphone:

       

      docker exec -it wireguard /app/show-peer 1


      Where:

      1 is the first config/user.

      Result:


      All configuration files and QR codes are located in /opt/wireguard-server/config/peer*


      How to create additional users.

      To do this, you just need to change the PEERS directive in the docker-compose.yaml file

      In order for the changes to be applied, we recreate our container:

      docker-compose up -d --force-recreate


      Also, for anonymity, disable ping on the host server:

      echo "net.ipv4.icmp_echo_ignore_all = 1" >> /etc/sysctl.conf


      And apply the changes:

      sysctl -p


      Happy surfing.

       

      Similar articles:
      PowerShell: Sending messages to Telegram How to Install Docker on Ubuntu 20.04 cPanel: creating a mailbox and working with it Performing backups of MySQL databases with rotation How to install AdGuard Home in Docker

      Server with DDoS protection

      FROM €7.91/MONTH