# Install WireGuard VPN on Docker Compose ## Install WireGuard on Docker WireGuard is a lightweight and efficient VPN solution known for its simplicity and performance. By running WireGuard in a Docker container, you can simplify deployment and management. This guide walks you through the steps to set up WireGuard using Docker and Docker Compose, including both server and client configurations. *** *** ### **Step 1: Install Docker** If Docker is not already installed on your server, follow these steps: ```bash sudo yum install docker -y ``` Start the Docker service: ```bash sudo service docker start ``` *** ### **Step 2: Install Docker Compose** Download the Docker Compose binary: ```bash sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose ``` Make Docker Compose executable: ```bash sudo chmod +x /usr/local/bin/docker-compose ``` Verify the installation: ```bash docker-compose --version ``` Check that Docker is running: ```bash docker ps ``` *** ### **Step 3: Set Up WireGuard Directory** Create a directory for your WireGuard setup: ```bash mkdir wireguard/ cd wireguard/ ``` Inside the `wireguard/` directory, create a configuration directory: ```bash mkdir -p config/wireguard ``` *** ### **Step 4: Create the Docker Compose File** Using your preferred text editor, create the `docker-compose.yml` file: ```bash vi docker-compose.yml ``` Add the following content: ```yaml version: '3.8' services: wireguard: image: linuxserver/wireguard container_name: wireguard cap_add: - NET_ADMIN - SYS_MODULE environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - SERVERURL=10.143.108.125 # Replace with your server's public IP - SERVERPORT=51820 # Port to listen on - PEERS=1 # Number of client configurations to generate - PEERDNS=10.64.1.1 # DNS server for peers - INTERNAL_SUBNET=10.64.1.0/24 # Internal subnet for WireGuard volumes: - ./config/wireguard:/config ports: - 51820:51820/udp sysctls: - net.ipv4.ip_forward=1 - net.ipv6.conf.all.forwarding=1 restart: unless-stopped ``` *** ### **Step 5: Start the WireGuard Container** Run the following command to start the WireGuard container: ```bash docker-compose up -d ``` Verify the running container: ```bash docker ps ``` Check the container logs for additional details: ```bash docker logs wireguard ``` *** ### **Step 6: Access Configuration Files** The WireGuard configuration files for the server and peers are stored in the `config/wireguard` directory. Navigate to this directory: ```bash cd config/wireguard/ ``` Each peer will have its own configuration folder, such as `peer1`. To view the configuration for a specific peer, navigate to its directory: ```bash cd peer1 ``` View the peer’s configuration file: ```bash cat peer1.conf ``` Example `peer1.conf` file: ``` [Interface] Address = 10.64.1.2 PrivateKey = qOPHZ7vxl6PzeAM00aEkVy4vtB4HlrAN2kt8W3xE7Wc= ListenPort = 51820 DNS = 10.64.1.1 [Peer] PublicKey = AtN92g4xwuwXeuCypCUUQ2TxuQYVg823Bml9Q2Rs6H8= PresharedKey = Q1FvSoWtAiIIEe9MrNF9quKozZ5abMtWkb6ZUsaS99o= Endpoint = 18.143.198.152:51820 AllowedIPs = 0.0.0.0/0 ``` *** ### **Step 7: Set Up the Client** #### Install WireGuard Client Download and install the WireGuard client for your platform from the [official WireGuard website](https://www.wireguard.com/install/). #### Import the Configuration 1. Open the WireGuard client. 2. Click **Import Tunnel**. 3. Select the configuration file (e.g., `peer1.conf`). 4. Activate the tunnel to connect to the WireGuard VPN. *** ### **Step 8: Test the Connection** Once the client is connected, verify that traffic is routed through the VPN by checking your public IP address: ```bash curl ifconfig.me ``` If the IP matches your server’s public IP, the VPN is working correctly. *** ### **Notes** * Ensure that port `51820/udp` is open in your server’s firewall or security group. * Modify the `PEERS` environment variable in the `docker-compose.yml` file to generate multiple client configurations. * Restart the WireGuard container if you make changes to the configuration. *** By following these steps, you can deploy a WireGuard VPN server on Docker with ease. Enjoy the security and performance of WireGuard for your networking needs! --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://blog.techwithpatil.com/blogs/implementation/articles/installation/install-wireguard-vpn-on-docker-compose.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.