Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Setup a Wireguard Server on Linux with wg-easy

            Modified on Thu, 12 Mar at 1:01 PM

            Setup Debian netinst into a VM

            For secure boot, select Microsoft UEFI, and give at least 1GB RAM. 

            Select graphical install

            Go through setup

            When selecting packages, uncheck the Debian Desktop Environment and GNOME/KDE. Only select SSH Server and Standard system utilities.


            Login as the user (not root)


            su -
(then put in the root password)

apt update && apt upgrade -y
apt install curl net-tools nano -y


            To give the VM a static IP:

            nano /etc/network/interfaces


            Then change the iface eth0 inet dhcp line with:

            iface eth0 inet static
address 192.168.1.50
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 1.1.1.1 8.8.8.8

            Ctrl+O to save, then Ctrl+X to exit. Then to restart the network so the IP takes effect:

            systemctl restart networking


            Reconnect to the shell and then install docker

            su -
(then put in the root password)
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh


            Create the password hash for the admin interface, and then use the hash in the next Docker command:

            docker run --rm -it ghcr.io/wg-easy/wg-easy wgpw 'YourDesiredPassword'


            docker run -d \
  --name=wg-easy \
  -e WG_HOST=office.royaljewelry.com \
  -e PASSWORD_HASH='$2a$12$LDJxtkBtkZPOfF3r4b93geivK3rLEC81AoUjqJrtaavEtz1P6bVfO' \
  -e WG_DEFAULT_ADDRESS=172.16.21.x \
  -e WG_ALLOWED_IPS=172.16.10.0/24 \
  -e WG_PORT=51820 \
  -e WG_PRE_UP="iptables -I FORWARD -i wg0 -o wg0 -j DROP" \
  -e WG_POST_DOWN="iptables -D FORWARD -i wg0 -o wg0 -j DROP" \
  -v ~/.wg-easy:/etc/wireguard \
  -p 51820:51820/udp \
  -p 51821:51821/tcp \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --sysctl="net.ipv4.ip_forward=1" \
  --restart unless-stopped \
  ghcr.io/wg-easy/wg-easy


            To restart (and update) wg-easy:

            sudo docker stop wg-easy
sudo docker rm wg-easy
# uncomment this to update
# docker pull ghcr.io/wg-easy/wg-easy

            Then run the big command above again.


            If you need to restore private and public keys, do a backup, edit the file and restore.


            Source:

            https://github.com/wg-easy/wg-easy/tree/production?tab=readme-ov-file


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0