This example provides a base setup for using Wireguard. More details on how to customize the installation and the compose file can be found in linuxserver documentation.
Project structure:
.
├── .env
├── compose.yaml
└── README.md
services:
wireguard:
image: linuxserver/wireguard
Before deploying this setup, you need to configure the following values in the .env file.
- TIMEZONE
- VPN_SERVER_URL (recommended setting up a server url with e.g. http://www.duckdns.org/ if you don't own a domain)
When deploying this setup, the log will show relevant information. You need to forward the external port 51820 to access your VPN from outside.
$ docker compose up
Starting wireguard ...
wireguard | **** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
wireguard | **** Server mode is selected ****
wireguard | **** External server address is set to your-domain.dyndns.com # free examples http://www.duckdns.org/ and https://www.noip.com/ ****
wireguard | **** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
[...]
wireguard | PEER 1 QR code:
wireguard | [GENERATED QR CODE TO SCAN FOR YOUR CONNECTION DETAILS]
Check containers are running:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4992922d23dc linuxserver/wireguard "/init" 7 seconds ago Up 5 seconds 0.0.0.0:51820->51820/udp, :::51820->51820/udp wireguard
Install your Wireguard client on an Apple device by downloading the wireguard app and scanning the QR Code.
Install your Wireguard client on an Apple device by downloading the wireguard app and scanning the QR Code.
Stop the containers with
$ docker compose down
# To delete all data run:
$ docker compose down -v
On Raspberry Pi run sudo apt update && sudo apt upgrade && sudo apt install raspberrypi-kernel-headers
and reboot before starting Wireguard.
Other Ubuntu / Debian based systems may need to install the kernel-headers too. Run sudo apt update && sudo apt upgrade && sudo apt install linux-headers-$(uname -r)
To create new clients or display existing ones, take a look at the "Server Mode" section