This video was exactly what I was looking for. Very thorough, definitely one of the best videos I've watched for help on projects I am doing.

Really great stuff! This was so easy to setup and it gave me a chance to start my first docker project. Thanks!!

This guy knows how it works and his explanation is very clear! Nice video and thanks!

Thank you! Much like others, I had been unsuccessful in setting up WireGuard server. But with this video was up and running on my first attempt.

Thanks a lot for your video, Christian! This helped me fixing my Wireguard container in Portainer. It was very helpful that you also showed how the config files look afterwards so I had a reference of the outcome and was able to compare and see what I did wrong (I put my local network address in the internal address field).

VERY HELPFUL! I especially appreciate your step-by-step examination of the YAML file. It helped my overall understanding of what's going on with the container.

Superb video, I like how you present the info in a clear and concise manner!

I am embarrassed to say that this is the first time I come across with this video after 2 years of trying to fix my Wireguard container! It was super straight forward and explained perfectly so I feel like I have more control on the parameters of the image and wireguard itself! Thank you!

Yo! It's already here. Thanks man!

I have watch this video many times and and I learn something any time I watch it. Thanks a lot man!

The best video i have seen today. Exactly what i was looking for. Thanks

WOW - brilliant video. These instructions worked perfectly the first time. Thank you!

Top Video! Super transparent erklärt, sehr gutes und leicht verständliches Englisch!!!

Great video Christian! Thanks

watched many other YT tutorials (while unsuccessful and banging my head against the wall in failure lol) and then found this....followed your instructions on some aspects but used portainer-ce to create/edit the container...I appreciate you going through each line in the docker-compose file so i could add env/vol variables according to my usage which is being executed in docker on an RPI4...after several container rebuilds I have wireguard running so I can access my home network while i am away! Cheers 😎 /subscribed

Its working! Thank you, great tutorial!

Very Informative, helpful and Educational video! Thx for the tutorial man!

I think I know what I'm gonna do this weekend. Thank you.

Christain another excellent video. Got this running quick :). Thanks brother.

your videos are great.Thank you for sharing. Keep up the good work.

do more of this!! this is amazing

The docker image looks really nice and also very comfortable to use. Although, I am not sure whether I should be concerned of the fact that the server knows the private key of its clients.

Amazing.💪🏽

Too good. Thanks.

Thank you man ♥

you are awesome. very easy to understand.

Very nice.. thanks so much!

All went fine on my Oracle cloud instance then came my wife's... it worked on mine? Said connected, but no internet! Some fool, can't think who, put the allow 51820 into MY ingress rules twice!! Once fixed, all fine. Excellent as usual Christian!

Amazing, Thank you

It was cool!

thanks man you saved my day

Great great great!!!

Thanks I was able to follow your tutorial and run wireguard! Just wanted to know if I can use my public ipv6 and tunnel that to my clients.

Christian, because of you, I ditched my Windows server, Blueiris, and WSL and got onto Ubuntu Server, Portainer, HA, Frigate, and the list goes on. Currently I have HA pushing alerts to my phone but I constantly have to turn on Tailscale to receive them. Tailscale does not seem to have any interest in giving us a much needed quality of life feature that allows it to switch on/off based on WiFi SSID whitelist or Mac whitelist, basically, a way to activate VPN when I am away from home and not in my local network. So I want to ditch Tailscale, despite how much I love it, and instead move on to WireGuard as I was told it's able to do that. I would be so grateful if you were to make a simple short video showing us how we can achieve this as it allows us to keep all of our HA config exactly as is and just rely on the client to switch automatically. Thank you and happy new year!

This is an excellent video, and I was able to set up my WireGuard VPN for 8 users :) The QR code configuration was an extremely easy path for mobile devices. I have had two challenges though: 1) It was not possible to configure it on any other port but 51820, I think the problem is on the client side (both iOS and Android) 2) Getting the config file through a QR code was a breeze thanks to your explanations but I am having a hard time with the command like for downloading the config file for MacOS.

Nice thx!

1:15 - 1:55 YES!! I've been saying the same thing for years! VPN providers are using that phrase in advertisements to "protect and secure your data online" near me. While yes, it will to a certain extent, in actuality you're just kicking the can down the road a little bit. Plus, if VPN providers are lying to you to use their service... they shouldn't be trusted with your data!

Thanks! Installing wireguard via docker on a rock64 takes care of so many issues, it's just not worth it installing it manually on that sbc!

Thank you for this wonderful video. Please how then would you configure other docker services to route their traffic through the VPN

perfect thanks

Excellent Video. Sorry mself, to be late on this channel. 1. This could have been done using public IP (vps) for further more clarity. 2. Can a peer, expose its entire network for other peers ?

Thnx Fritz

Big up

Works pretty good but not right out of the box if you want to change the port from the default 51820. It can be done of course with some manipulation.

danke Dir

What if someone wants to have the wireguard connection partially made? Meaning he can access his home services remotely but all other traffic comes from his locala connection not the remote one. What lines should someone use there before deploying the image? Also by the way the image has been set up there will be always a client named peer1? What if you want to give access to 4 people and you want each client to have different name

Thank you for the tutorial! Quick question... Outside of client setup, is there a difference between using wireguard to access resources on home network vs using a SSH tunnel?

Could you please make video how to make our own wireguard docker image.

Thank you for the great tutorials. I have a couple of questions: 1. Are there any performance or security issues running this as a docker container versus running this bare metal on my system (using something like PiVPN)? 2. How do I configure so I can access local machines on my home network when I am remote? I did watch your recent video about Tailscale but don't like the idea of someone else managing all the configuration. I currently have a PiVPN instance up and running on an x86 machine but can't seem to access local machines when I am outside my home network. I looked at some of the documentation for wireguard and thought it might be related to the INTERNAL_SUBNET config but don't completely understand. Thank you in advance for any assistance you may be able to offer.

In case I forgot to say - Thank you Very much! :)

is there a way to add wireguard to ubuntu 20 network manager? Thats where my openvpn ON/OFF toggle used to be and it's quite handy

Nice Video. 1 Question. When you recreate the container to add more peers do the existing peer tokens are changed?

Very cool, but when I distribute it just helps to have a gui interface to add clients. Hope Linux server guys add this soon.

Will this process work with Torguard wireguard file (key) and or any other provider? I have duo core mini pc with an ssd but one lan. I have a usb Ethernet that works on android could that possibly work? I have fiber from century link that uses pppoe protocol.

Hey! Thanks for the video! When I add more clients and exec show-peer 2 command I receive "PEER 2 is not active". How can I make it works?

Good one thanks. ps. Kernel headers don't seem to be available, can't compile the module. Sleeping now. . . ****

Hey Christian, one question. I installed wireguard in docker, like the way you explained in this great video, but docker runs in a lxc in proxmox. It doesnt work. The VPN connection runs, i checked in the wg command. But i have no connection to the internet. Any ideas? Thanks und best regards!

Congrats for your videos, you're very smart! But I cannot catch very well an aspect. Is it necessary to forward port 51820 of my router to Wireguard server in order to gain access from my devices over the internet? Can you explain a little bit better this point? Thanks

Can you post a video about how to tunnel between two vps's or refer me to one? i live in iran and i have to use a iranian vps and one from europe to be able to connect

Very interesting, but I installed a wireguard server as shown on the video on a VPS to make a tunnel to access internet from another country, but I've no access to internet ? any idea ?

Question: I have 2 machines (n1, n2) exposed on internet (virtual private server) I have few services running on n2 that I want the apps running on n1 to access. now one way is to use SSL/TLS for every service running on n2 so that apps on n1 can connect securely to services on n2. The 2nd option is to create a VPN on n1+n2 and then the apps on n1 can use that VPN IP address to access services on n2 without any TLS configured on n2. However I'm not sure if by creating VPN the regular traffic from internet to both n1, n2 is blocked or changed in anyway? is it the right way to secure servers internal services that we don't want to expose on internet?

What is the SSH program you are using? It is so clean and comes in dark mode!

Hi and thanks for the Vid. Everything seem to be up and running in docker. I was able to get the peers and when I run the app, in the logs am not getting a handshake so not internet. anything I can try?

When you add peer 2 and recreate the container, does it not recreate peer 1 too?

Hey don't know if you answer the community but do you have a way to install WG in an ubuntu server (that part yes) and then using it on an asus router as a client? I don't want to install WG on the router, first because it disables hardware acceleration and second because my router is not compatible.

Any chance you can make an updated showing how to install behind nginx proxy manager and a domain name?

What is the server URL in the Docker Compose file where did you get that Is that your VM host IP address?

Hey! I am having trouble running the container for wireguard. Always get an error in the log: s6-overlay-suexec: fatal: can only run as pid 1 Do you know how to fix it? Running it on the x64 portainer on CoreELEC Docker

It would be nice if you made an update to this tutorial using the WireGuard-UI docker container. (I'm not stuck with it or anything... Pretty pls)

Great video thanks for posting. I've set this up on the Free Tier of the Oracle Cloud service and it works great. The only issue I am running into is not being able to pull down the .conf files for the different peers. I am able to show the QR codes for each one (fine for IOS devices) but I need a .conf file for another machine and I get permission denied when I try to copy it to local machine. I think it might be the chown command of the opt/wireguard-server directory but I'm a noob at linux and can't tell?

Did you known what problem is running here? I only got volume mapping before I map /etc/passwd and /etc/group to container. What did I miss to solve in your sight? Thanxx

I followed everything and I am able to connect to the VPN using the conf file and activate it. However, when I turn on the VPN my issue is that it connects but I don't have internet access. I'm getting a DNS Probe error so I'm sure it has to do with the DNS. I am running this on RP4 with portainer. How can I fix this issue?

Just a question on the first part where you are talking about expectations, is the "privacy" aspect do to the client browser using a tunnel to the VPN provider's server to exit wit the request to the open internet from a server in another location and then the requests and response go over the VPM to that public brower and back the client browser? So only the VPN provider knows the location an identity of the client browser. After that the client browser has to take care of cookies and other identity issues.? BUT you point on WireGuard is that my wireguard server does not provide that service at all.

Hey, great video! I am really confused on how to get this to work outside my network I can't seem to port forward it and when I try network_mode: host it spits back with some errors

Congrats , it is a GREAT VIDEO . I Am Using a GLinet Rooter , Now I am at FRANCE , But i Want To Use My NY's IP , From NY I Already HAVE My TP LINK MODEM , And I Just Want To Know How Do I CONFIGURATE It While I am FRANCE And Still Have My IP To NEW YORK please .

Am I correct in assuming that remaking the docker to add more users, rest everybody existing access to the VPN server?

Nice work , one doubt I have is that I am implementing this on my Ubuntu 18.04 terminal ,so the server part is done ,how to do the client par on the same OS ?

so if everything is running on the same machine serverurl is then just localhost?

Hi Christian, whats the latest version of docker that I should install instead of 1.26.2?

I have set it upand scanned the qr code with the wireguard app on my iphone but just nothing happens. well it seems to connect, but no internet traffic what so ever :/

A good tutorial video, but I do not think "chown" is neccssary, because docker project needs "sudo" to run it.

Hi. Could you make a video about WireGuard client docker? routing and nat.. move other docker traffic thro wireguard container. thank you.

Why not install wireguard on the virtual machine instead in a docker?

How can download the resolvconf package on windows.

Great Vid. Just a question. Is there any way to add a web interface to this?

My question is after creating the wireguard docker compose file (docker-compose up -d) whats the command to delete/reset a public/private ip address of a user who is no longer using so he/she cant use it because of security concerns. We dont want to delete the peer count just reset the public/private ip. Does anyone knows the command to do it.

Excellent video! I was having a hard time with wireguard but on docker this is a breeze. One question though. My home IPs are 192.168.1.* range. When I am at a friends house connected to his wifi which also has IPs in the 192.168.1.* range (which is the most common setup in most houses) and I connect to my wireguard server at home I can't browse my home's local network where my NAS is located. When I use my phone and connect to 4G and then wireguard I can browse the local network just fine. I assume there is some issue when the local network and the network being used to provide the wireguard client internet access is on the same IP range. Is there a solution for this or do I have to change my home IP setup to use something different than 192.168.1.* Thank you.

can I deploy wireguard container in docker rootless mode ?

how can i set expiry time for users? is that possible?

Why do you use the /opt folder? Am I causing issues by keeping my docker folder within my home ~/ folder?

Hey :) Do you previous port forwarding 51820 port on your router and then do this'?

Really good. thanks but how i see Config Logs?

Hello, switching from wireguard configured on Rasp by pivpn to wireguard on docker, i noticed that i lost PSK on client's configuration. Basically, from a security prospectivy is not good. Do you know if i can improve this feature in docker file? thank you!

question, you installed it on docker, which is on your local machine? asking because i;m curious if you can connect your machine to the docker image you created and then the ip chnages.

Maybe I missed it, but looks to me it only provides internet connection over the docker, without access or further access on the server the way you did the setup. To do so the config needs more adders, such as local pathes etc.to access. I run something similar with openvpn, but with access rights to my files outside the docker.

Great Tutorial. Wouldn`t it make sense to secure this Wirguard server with fail2ban? How:)?

I try a lot of times but i dont know Why is not working for me to configure the all way :( Could you make a video about WireGuard client docker to ?

Thank you for the video, a nice explained all. sudo mv peer1.conf...... command does not work for me. I had to copy&paste the content of peer1.conf to wg0.conf... but all is working fine for me now.

That's a wonderful tutorial, very clear and helpful! Thank you ! Just a question: I installed Wireguard server at home server so need to access other local LAN devices when I'm away from home. Is there a way to achieve this by using this docker container? What changes does the yaml file need in order to do that? I googled it many times but I'm still struggling finding a proper solution (if there is one) and I am starting thinking LAN access is only achievable by using bare metal Wireguard installation. Thanks a lot!!!!

I created container but I can't diploy that Error message is- command not found