colin
/
singlenode-wg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a hub and spoke wg server.
9 Commits 1 Branch 0 Tags 44 KiB
Shell 86.9%
Dockerfile 13.1%
Go to file
colin 9ba53caca7 Update docker/singlenode-wg/setup-wireguard.sh 2024-02-14 22:32:40 +00:00
docker/singlenode-wg Update docker/singlenode-wg/setup-wireguard.sh 2024-02-14 22:32:40 +00:00
README.md Update README.md 2024-02-14 22:31:21 +00:00
docker-compose.yml Add docker-compose.yml 2024-02-14 22:25:01 +00:00

README.md

Wireguard VPN Docker Container

This Docker container sets up a Wireguard VPN server designed for a hub-and-spoke architecture. It functions as an egress node, allowing VPN clients to securely redirect traffic through this server. The setup is intended for scenarios where clients do not need to communicate with each other but require a secure method to access the internet or a private network via the VPN server.

Features

  • Wireguard VPN Server: Leverages the efficient and secure Wireguard protocol for the VPN service.
  • Egress Node Configuration: Configured as an egress node, directing client traffic through the VPN server without allowing inter-client communication.
  • Automatic Client Configuration: Automatically generates client configurations based on the specified number of clients, simplifying VPN access setup.
  • External IP Discovery: Detects and uses the server's external IP address in client configurations, facilitating remote access to the VPN.
  • Persistent Configuration: Utilizes a Docker volume to persist server and client configurations, ensuring easy management and configuration retention.

Configuration

Configuration is managed through environment variables and Docker volume mounts as specified in the docker-compose.yml file.

Environment Variables

  • CLIENTS: Determines the number of client configurations to generate. Defaults to 1 if not explicitly set.

Volume Mounts

  • ./config:/etc/wireguard: Maps the Wireguard configuration directory to a host directory, storing server and client configurations persistently outside the container.

Usage

  1. Specify Client Count: In docker-compose.yml, adjust the CLIENTS environment variable to set the desired number of client configurations.
  2. Build and Launch: Execute docker-compose up --build to build the Docker image if necessary, start the Wireguard server, and generate the client configurations.
  3. Retrieve Client Configurations: Find the generated client configurations in the host's ./config directory, named as client1.conf, client2.conf, etc., according to the specified client count.

Design Note

This container is specifically tailored for setups requiring a secure egress point for internet or network access, where direct communication between VPN clients is not needed or desired. It is an ideal solution for users looking to securely route traffic through a central node.

Ensure the host system is configured to allow UDP traffic on Wireguard's default port, 51820, to ensure proper VPN functionality.