Skip to Content
All memories

Wireguard Setup

Installing Wireguard with Docker

First run

If the wireguard kernel module is not already installed on the host system, use this first run command to install it:

docker run -it --rm \
    --cap-add sys_module \
    -v /lib/modules:/lib/modules \
    cmulk/wireguard-docker:buster \
    install-module

Normal Run

cd ~
mkdir -p wireguard/conf
cd wireguard
touch conf/wg0.conf
nano conf/wg0.conf # write your conf here
docker run -d --restart unless-stopped \
    --cap-add net_admin \
    --cap-add sys_module \
    --name wireguard \
    -v /home/mokhtar/wireguard/conf:/etc/wireguard \
    -p 51829:51829/udp \
    cmulk/wireguard-docker:buster

Generate Keys

docker run -it --rm cmulk/wireguard-docker:buster genkeys

Example

wg0.conf
[Interface]
Address = 10.0.0.1/32
ListenPort = 51829
PrivateKey = GENERATED_PRIVATE_KEY
MTU = 1400

# Phone
[Peer]
PublicKey = PHONE_PUBLIC_KEY
AllowedIPs = 10.0.0.2/32

# Laptop
[Peer]
PublicKey = LAPTOP_PUBLIC_KEY
AllowedIPs = 10.0.0.3/32