WireGuard VPN Setup
WireGuard is simpler and faster than OpenVPN.
1. Install WireGuard (Server)
bash
sudo apt install wireguard2. Generate Keys
bash
wg genkey | tee privatekey | wg pubkey > publickey3. Configure Interface (wg0.conf)
ini
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = <SERVER_PRIVATE_KEY>
PostUp = ufw route allow in on wg0 out on eth0
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE4. Enable IPv4 Forwarding
Edit `/etc/sysctl.conf`:
`net.ipv4.ip_forward=1`
Page changelog
Last updated
- 2024-03-25—Initial or baseline update for this page.
Related articles
Security
SSL/TLS Certificates (HTTPS Basics)
What HTTPS really does, what certificates are, and how to get one (including Let's Encrypt).
Security
Backups Explained (Beginner)
A practical guide to backups: what to back up, how often, where to store it, and how to test restores.
Security
Troubleshooting — Fast Checks and Fixes
A practical checklist for diagnosing deploy failures, 502s, TLS issues, disk pressure, and performance problems.
Security
Hardening Docker Container Environments
Best practices for securing Docker daemon, images, and runtime environments in production.
Was this page helpful?