https://github.com/samrocketman/docker-wireguard
A kernel space VPN operating over UDP from Docker.
https://github.com/samrocketman/docker-wireguard
Last synced: 15 days ago
JSON representation
A kernel space VPN operating over UDP from Docker.
- Host: GitHub
- URL: https://github.com/samrocketman/docker-wireguard
- Owner: samrocketman
- License: mit
- Created: 2024-06-30T03:14:18.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-07-10T04:35:42.000Z (almost 2 years ago)
- Last Synced: 2025-02-24T08:13:31.027Z (over 1 year ago)
- Language: Shell
- Size: 23.4 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# A personal VPN using wireguard
Similar to my personal [OpenVPN server][openvpn] but using [wireguard][wg] as the
underlying technology.
# Features
- Allocates a VPN network at 10.90.80.0/24.
- Automatically create and revoke client IPs.
- VPN service will automatically reconfigure when clients are created or
revoked.
- Performs full tunnel with NAT masquerade by default in client config. All
device traffic goes through the VPN tunnel.
# Prerequisite
Your host kernel must be Linux 5.6 or greater.
The `wireguard` kernel module must be activated.
```bash
modprobe wireguard
# load module on reboot
echo wireguard >> /etc/modules
```
# Quickstart
```bash
./wvpn.sh
./wvpn.sh new_client "My phone"
# generate a QR code for wireguard mobile app
./wvpn.sh qrcode 10.90.80.1
# or create a text config for the same IP
./wvpn.sh config 10.90.80.1 > wg-config.conf
```
Later, if you want to revoke a client you do so by IP.
```bash
# list clients
./wvpn.sh clients
# revoke by IP
./wvpn.sh revoke 10.90.80.1
```
Learn [more commands](docs/help.md).
# Environment for docker compose consul server
Add a file named `.env` before running `./wvpn.sh` commands.
```bash
environment_args=(
-e client_remote=
-e client_port=443
-e client_dns="172.16.238.251, 172.16.238.252"
)
network_args=(
--network docker-compose-ha-consul-vault-ui_internal
--dns 172.16.238.251
--dns 172.16.238.252
--ip 172.16.238.250
)
strict_firewall=true
```
# Environment for pihole container
If you only want pihole as your DNS server, then you may optionally use
./scripts/pihole.sh start
With `.env` configuration:
```bash
environment_args=(
-e client_remote=
-e client_port=443
-e client_dns="172.173.174.254"
)
network_args=(
--network pihole-net
--dns 172.173.174.254
--ip 172.173.174.253
)
strict_firewall=true
#PIHOLE_TZ=America/New_York
#PIHOLE_WEBPASSWORD=yourpass
```
[openvpn]: https://github.com/samrocketman/docker-openvpn
[wg]: https://www.wireguard.com