# Install WireGuard VPN on Docker Compose ## Install WireGuard on Docker WireGuard is a lightweight and efficient VPN solution known for its simplicity and performance. By running WireGuard in a Docker container, you can simplify deployment and management. This guide walks you through the steps to set up WireGuard using Docker and Docker Compose, including both server and client configurations. *** *** ### **Step 1: Install Docker** If Docker is not already installed on your server, follow these steps: ```bash sudo yum install docker -y ``` Start the Docker service: ```bash sudo service docker start ``` *** ### **Step 2: Install Docker Compose** Download the Docker Compose binary: ```bash sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose ``` Make Docker Compose executable: ```bash sudo chmod +x /usr/local/bin/docker-compose ``` Verify the installation: ```bash docker-compose --version ``` Check that Docker is running: ```bash docker ps ``` *** ### **Step 3: Set Up WireGuard Directory** Create a directory for your WireGuard setup: ```bash mkdir wireguard/ cd wireguard/ ``` Inside the `wireguard/` directory, create a configuration directory: ```bash mkdir -p config/wireguard ``` *** ### **Step 4: Create the Docker Compose File** Using your preferred text editor, create the `docker-compose.yml` file: ```bash vi docker-compose.yml ``` Add the following content: ```yaml version: '3.8' services: wireguard: image: linuxserver/wireguard container_name: wireguard cap_add: - NET_ADMIN - SYS_MODULE environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - SERVERURL=10.143.108.125 # Replace with your server's public IP - SERVERPORT=51820 # Port to listen on - PEERS=1 # Number of client configurations to generate - PEERDNS=10.64.1.1 # DNS server for peers - INTERNAL_SUBNET=10.64.1.0/24 # Internal subnet for WireGuard volumes: - ./config/wireguard:/config ports: - 51820:51820/udp sysctls: - net.ipv4.ip_forward=1 - net.ipv6.conf.all.forwarding=1 restart: unless-stopped ``` *** ### **Step 5: Start the WireGuard Container** Run the following command to start the WireGuard container: ```bash docker-compose up -d ``` Verify the running container: ```bash docker ps ``` Check the container logs for additional details: ```bash docker logs wireguard ``` *** ### **Step 6: Access Configuration Files** The WireGuard configuration files for the server and peers are stored in the `config/wireguard` directory. Navigate to this directory: ```bash cd config/wireguard/ ``` Each peer will have its own configuration folder, such as `peer1`. To view the configuration for a specific peer, navigate to its directory: ```bash cd peer1 ``` View the peer’s configuration file: ```bash cat peer1.conf ``` Example `peer1.conf` file: ``` [Interface] Address = 10.64.1.2 PrivateKey = qOPHZ7vxl6PzeAM00aEkVy4vtB4HlrAN2kt8W3xE7Wc= ListenPort = 51820 DNS = 10.64.1.1 [Peer] PublicKey = AtN92g4xwuwXeuCypCUUQ2TxuQYVg823Bml9Q2Rs6H8= PresharedKey = Q1FvSoWtAiIIEe9MrNF9quKozZ5abMtWkb6ZUsaS99o= Endpoint = 18.143.198.152:51820 AllowedIPs = 0.0.0.0/0 ``` *** ### **Step 7: Set Up the Client** #### Install WireGuard Client Download and install the WireGuard client for your platform from the [official WireGuard website](https://www.wireguard.com/install/). #### Import the Configuration 1. Open the WireGuard client. 2. Click **Import Tunnel**. 3. Select the configuration file (e.g., `peer1.conf`). 4. Activate the tunnel to connect to the WireGuard VPN. *** ### **Step 8: Test the Connection** Once the client is connected, verify that traffic is routed through the VPN by checking your public IP address: ```bash curl ifconfig.me ``` If the IP matches your server’s public IP, the VPN is working correctly. *** ### **Notes** * Ensure that port `51820/udp` is open in your server’s firewall or security group. * Modify the `PEERS` environment variable in the `docker-compose.yml` file to generate multiple client configurations. * Restart the WireGuard container if you make changes to the configuration. *** By following these steps, you can deploy a WireGuard VPN server on Docker with ease. Enjoy the security and performance of WireGuard for your networking needs!