Install WireGuard VPN on Docker Compose

Install WireGuard on Docker

WireGuard is a lightweight and efficient VPN solution known for its simplicity and performance. By running WireGuard in a Docker container, you can simplify deployment and management. This guide walks you through the steps to set up WireGuard using Docker and Docker Compose, including both server and client configurations.

Step 1: Install Docker

If Docker is not already installed on your server, follow these steps:

sudo yum install docker -y

Start the Docker service:

sudo service docker start

Step 2: Install Docker Compose

Download the Docker Compose binary:

sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

Make Docker Compose executable:

sudo chmod +x /usr/local/bin/docker-compose

Verify the installation:

docker-compose --version

Check that Docker is running:

docker ps

Step 3: Set Up WireGuard Directory

Create a directory for your WireGuard setup:

mkdir wireguard/
cd wireguard/

Inside the wireguard/ directory, create a configuration directory:

mkdir -p config/wireguard

Step 4: Create the Docker Compose File

Using your preferred text editor, create the docker-compose.yml file:

vi docker-compose.yml

Add the following content:

version: '3.8'
services:
  wireguard:
    image: linuxserver/wireguard
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - SERVERURL=10.143.108.125  # Replace with your server's public IP
      - SERVERPORT=51820          # Port to listen on
      - PEERS=1                   # Number of client configurations to generate
      - PEERDNS=10.64.1.1         # DNS server for peers
      - INTERNAL_SUBNET=10.64.1.0/24 # Internal subnet for WireGuard
    volumes:
      - ./config/wireguard:/config
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv6.conf.all.forwarding=1
    restart: unless-stopped

Step 5: Start the WireGuard Container

Run the following command to start the WireGuard container:

docker-compose up -d

Verify the running container:

docker ps

Check the container logs for additional details:

docker logs wireguard

Step 6: Access Configuration Files

The WireGuard configuration files for the server and peers are stored in the config/wireguard directory. Navigate to this directory:

cd config/wireguard/

Each peer will have its own configuration folder, such as peer1. To view the configuration for a specific peer, navigate to its directory:

cd peer1

View the peer’s configuration file:

cat peer1.conf

Example peer1.conf file:

[Interface]
Address = 10.64.1.2
PrivateKey = qOPHZ7vxl6PzeAM00aEkVy4vtB4HlrAN2kt8W3xE7Wc=
ListenPort = 51820
DNS = 10.64.1.1

[Peer]
PublicKey = AtN92g4xwuwXeuCypCUUQ2TxuQYVg823Bml9Q2Rs6H8=
PresharedKey = Q1FvSoWtAiIIEe9MrNF9quKozZ5abMtWkb6ZUsaS99o=
Endpoint = 18.143.198.152:51820
AllowedIPs = 0.0.0.0/0

Step 7: Set Up the Client

Install WireGuard Client

Download and install the WireGuard client for your platform from the official WireGuard website.

Import the Configuration

Open the WireGuard client.
Click Import Tunnel.
Select the configuration file (e.g., peer1.conf).
Activate the tunnel to connect to the WireGuard VPN.

Step 8: Test the Connection

Once the client is connected, verify that traffic is routed through the VPN by checking your public IP address:

curl ifconfig.me

If the IP matches your server’s public IP, the VPN is working correctly.

Notes

Ensure that port 51820/udp is open in your server’s firewall or security group.
Modify the PEERS environment variable in the docker-compose.yml file to generate multiple client configurations.
Restart the WireGuard container if you make changes to the configuration.

By following these steps, you can deploy a WireGuard VPN server on Docker with ease. Enjoy the security and performance of WireGuard for your networking needs!

PreviousDocker Installation on Ubuntu 20/22 NextInstall Redis on Docker Compose

Last updated 11 months ago