wireguard-VPN-server

Installation and Running Instructions

1. Install Docker and Docker Compose

If you haven't installed Docker and Docker Compose, follow these steps:

For Ubuntu:

sudo apt update
sudo apt install -y docker.io docker-compose
sudo systemctl enable --now docker

For other systems:

Visit the official Docker documentation and Docker Compose installation guide.

2. Create the Docker Compose File

1. Create a new directory for your setup:

   mkdir ~/wg-easy-setup
   cd ~/wg-easy-setup

2. Create the docker-compose.yml file:

   nano docker-compose.yml

   Paste the docker-compose.yml content into this file and save it.

3. Set Up Password Hash

Generate a password hash for secure access to the web interface. You can use the following command:

openssl passwd -6 your_password_here

Replace your_password_here with the password you want to use. Copy this hash and place it in the PASSWORD_HASH field in docker-compose.yml.

3.1 Or alternative way to Set Up Password Hash

Generate a password hash for secure access to the web interface. You can use the following command:

docker run -it --rm ghcr.io/wg-easy/wg-easy wgpw YOUR_PASSWORD

Replace YOUR_PASSWORD with the password you want to use. Copy this hash and place it in the PASSWORD_HASH field in docker-compose.yml. If your hash contains $ signs, you must double them (e.g., $$)

4. Start the Docker Containers

Run the following command to start your containers:

docker-compose up -d

Check how its run:

docker compose logs -f wg-easy

5. Access the Web Interface

Open your web browser and navigate to:

http://<your-server-ip>:8822

Log in using the password you set up using the generated password hash.

6. Setting Up Nginx Proxy Manager

1. Access the manager at http://:81.
2. Create a Proxy Host.
3. Domain Name: e.g., vpn.yourdomain.com.
4. Forward Hostname: Use the container name wg-easy (if both are on the same Docker network) or your server's local IP.
5. Forward Port: 8822.
6. SSL: Use the built-in "Request a new SSL Certificate" to enable HTTPS via Let's Encrypt.
7. Remove Public Port: Once your proxy is working, you can remove the 8822:8822

7. Configure WireGuard Clients

Once you're logged in, follow these steps to add a client:

1. Go to the "Clients" section in the web interface.
2. Click on "Add Client" and fill in the necessary details (name, DNS settings, etc.).
3. Once created, download the configuration file for the client.

8. Install WireGuard on Client Devices

Depending on the operating system of your client devices:

For Windows:

• Download and install the WireGuard client from the official website.
• Import the downloaded configuration file.

For Linux:

sudo apt install wireguard

Then, use the configuration file to set it up:

sudo mv ~/path/to/client.conf /etc/wireguard/
sudo wg-quick up client.conf

For Android/iOS:

• Download the WireGuard app from the Google Play Store or [Apple App Store](https://apps.apple.com/us/app/wire