You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

3.2 KiB

Wireguard

This example provides a base setup for using Wireguard. More details on how to customize the installation and the compose file can be found in linuxserver documentation.

Project structure:

.
├── .env
├── compose.yaml
└── README.md

compose.yaml

services:
  wireguard:
    image: linuxserver/wireguard

Configuration

.env

Before deploying this setup, you need to configure the following values in the .env file.

  • TIMEZONE
  • VPN_SERVER_URL (recommended setting up a server url with e.g. http://www.duckdns.org/ if you don't own a domain)

Deploy with docker compose

When deploying this setup, the log will show relevant information. You need to forward the external port 51820 to access your VPN from outside.

$ docker compose up
Starting wireguard ...
wireguard    | **** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
wireguard    | **** Server mode is selected ****
wireguard    | **** External server address is set to your-domain.dyndns.com # free examples http://www.duckdns.org/ and https://www.noip.com/ ****
wireguard    | **** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
[...]
wireguard    | PEER 1 QR code:
wireguard    | [GENERATED QR CODE TO SCAN FOR YOUR CONNECTION DETAILS]

Expected result

Check containers are running:

$ docker ps
CONTAINER ID   IMAGE                           COMMAND                  CREATED          STATUS                          PORTS                                                                                  NAMES
4992922d23dc   linuxserver/wireguard           "/init"                  7 seconds ago    Up 5 seconds                    0.0.0.0:51820->51820/udp, :::51820->51820/udp                                          wireguard

Mobile Wireguard App

Android

Install your Wireguard client on an Apple device by downloading the wireguard app and scanning the QR Code.

iOS

Install your Wireguard client on an Apple device by downloading the wireguard app and scanning the QR Code.

Stop the containers with

$ docker compose down
# To delete all data run:
$ docker compose down -v

Troubleshooting

- (Raspberry Pi) Kernel Headers

On Raspberry Pi run sudo apt update && sudo apt upgrade && sudo apt install raspberrypi-kernel-headers and reboot before starting Wireguard. Other Ubuntu / Debian based systems may need to install the kernel-headers too. Run sudo apt update && sudo apt upgrade && sudo apt install linux-headers-$(uname -r)

- Server Mode Options

To create new clients or display existing ones, take a look at the "Server Mode" section