2021-05-23 18:25:14 +08:00
# WireGuard Easy
2021-05-23 22:54:48 +08:00
[](https://github.com/WeeJeWel/wg-easy/actions/workflows/deploy.yml)
2021-05-23 23:08:36 +08:00
[](https://github.com/WeeJeWel/wg-easy/actions/workflows/lint.yml)
2021-05-23 23:05:24 +08:00
[](https://hub.docker.com/r/weejewel/wg-easy)
[](https://hub.docker.com/r/weejewel/wg-easy)
[](https://github.com/sponsors/WeeJeWel)
2022-07-03 20:37:21 +08:00
2021-05-23 22:54:48 +08:00
You have found the easiest way to install & manage WireGuard on any Linux host!
2021-05-23 22:57:51 +08:00
< p align = "center" >
2021-11-23 05:37:07 +08:00
< img src = "./assets/screenshot.png" width = "802" / >
2021-05-23 22:57:51 +08:00
< / p >
2021-05-23 22:54:48 +08:00
## Features
2021-05-23 22:59:27 +08:00
* All-in-one: WireGuard + Web UI.
* Easy installation, simple to use.
2021-07-14 03:00:40 +08:00
* List, create, edit, delete, enable & disable clients.
2021-05-23 22:59:27 +08:00
* Show a client's QR code.
* Download a client's configuration file.
* Statistics for which clients are connected.
2021-11-23 05:37:07 +08:00
* Tx/Rx charts for each connected client.
2021-05-23 22:59:27 +08:00
* Gravatar support.
2021-05-23 22:54:48 +08:00
2021-07-14 03:00:40 +08:00
## Requirements
* A host with a kernel that supports WireGuard (all modern kernels).
2021-07-18 23:04:20 +08:00
* A host with Docker installed.
2021-07-14 03:00:40 +08:00
2021-05-23 21:55:50 +08:00
## Installation
### 1. Install Docker
2021-05-23 22:24:25 +08:00
If you haven't installed Docker yet, install it by running:
```bash
$ curl -sSL https://get.docker.com | sh
$ sudo usermod -aG docker $(whoami)
2021-09-29 18:56:09 +08:00
$ exit
2021-05-23 22:24:25 +08:00
```
2021-09-29 18:56:09 +08:00
And log in again.
2021-05-23 22:24:25 +08:00
2021-11-23 05:37:07 +08:00
### 2. Run WireGuard Easy
2021-05-23 18:25:14 +08:00
2021-11-23 05:39:53 +08:00
To automatically install & run wg-easy, simply run:
2021-05-23 18:25:14 +08:00
2021-11-23 05:37:07 +08:00
< pre >
2021-11-23 05:39:53 +08:00
$ docker run -d \
2021-11-23 05:37:07 +08:00
--name=wg-easy \
2021-11-23 05:47:58 +08:00
-e WG_HOST=< b > 🚨YOUR_SERVER_IP< / b > \
-e PASSWORD=< b > 🚨YOUR_ADMIN_PASSWORD< / b > \
2021-11-23 05:37:07 +08:00
-v ~/.wg-easy:/etc/wireguard \
-p 51820:51820/udp \
-p 51821:51821/tcp \
2021-11-23 05:47:58 +08:00
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
2021-11-23 05:37:07 +08:00
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--sysctl="net.ipv4.ip_forward=1" \
--restart unless-stopped \
weejewel/wg-easy
< / pre >
2021-05-23 21:55:50 +08:00
2021-11-23 05:39:53 +08:00
> 💡 Replace `YOUR_SERVER_IP` with your WAN IP, or a Dynamic DNS hostname.
2021-11-23 05:37:07 +08:00
>
2021-11-23 05:39:53 +08:00
> 💡 Replace `YOUR_ADMIN_PASSWORD` with a password to log in on the Web UI.
2021-05-23 21:55:50 +08:00
2021-11-23 05:37:07 +08:00
The Web UI will now be available on `http://0.0.0.0:51821` .
2021-05-25 21:59:18 +08:00
2021-11-23 05:39:53 +08:00
> 💡 Your configuration files will be saved in `~/.wg-easy`
2021-05-23 22:24:25 +08:00
2021-11-23 05:57:29 +08:00
### 3. Sponsor
2021-05-23 18:25:14 +08:00
2021-11-23 05:57:29 +08:00
Are you enjoying this project? [Buy me a beer! ](https://github.com/sponsors/WeeJeWel ) 🍻
2021-05-23 18:25:14 +08:00
## Options
2021-11-23 05:37:07 +08:00
These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command.
2021-05-23 18:25:14 +08:00
| Env | Default | Example | Description |
| - | - | - | - |
2021-05-23 21:55:50 +08:00
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
2021-10-22 19:35:02 +08:00
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
2023-02-24 06:11:17 +08:00
| `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |
2021-10-22 19:35:02 +08:00
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on `51820` inside the Docker container. |
2021-12-26 21:22:23 +08:00
| `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. |
2022-05-26 03:20:18 +08:00
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. |
2021-10-22 19:35:02 +08:00
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
2022-01-29 07:46:21 +08:00
| `WG_PRE_UP` | `...` | - | See [config.js ](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L19 ) for the default value. |
| `WG_POST_UP` | `...` | `iptables ...` | See [config.js ](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L20 ) for the default value. |
| `WG_PRE_DOWN` | `...` | - | See [config.js ](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L27 ) for the default value. |
| `WG_POST_DOWN` | `...` | `iptables ...` | See [config.js ](https://github.com/WeeJeWel/wg-easy/blob/master/src/config.js#L28 ) for the default value. |
2021-05-23 18:25:14 +08:00
2021-05-23 22:57:51 +08:00
> If you change `WG_PORT`, make sure to also change the exposed port.
2021-07-14 03:39:45 +08:00
2022-06-13 04:07:28 +08:00
## Updating
2021-07-14 03:39:45 +08:00
2021-11-23 05:39:53 +08:00
To update to the latest version, simply run:
2021-07-14 03:39:45 +08:00
```bash
2021-11-23 05:37:07 +08:00
docker stop wg-easy
docker rm wg-easy
2021-11-23 05:54:42 +08:00
docker pull weejewel/wg-easy
2021-07-15 19:01:08 +08:00
```
2021-11-23 05:37:07 +08:00
2022-06-13 04:07:28 +08:00
And then run the `docker run -d \ ...` command above again.
## Common Use Cases
* [Using WireGuard-Easy with Pi-Hole ](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-Pi-Hole )
2022-06-26 17:43:31 +08:00
* [Using WireGuard-Easy with nginx/SSL ](https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-nginx-SSL )
