In this segment, we are going to show you “How to Install WireGuard on OpenMediaVault 5 inside Docker with Portainer using RPi 4“
What is WireGuard?
WireGuard is a free and open-source software application and communication protocol that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It is run as a module inside the Linux kernel and aims for better performance than the IPsec and OpenVPN tunneling protocols. It was written by Jason A. Donenfeld and is published under the GNU General Public License (GPL) version 2. The Linux version of the software has reached a stable production release and was incorporated into the Linux 5.6 release in late March 2020.
Source /> Wikipedia
Looking for Best VPN – Grab the Deal
OpenMediaVault Versions :
OpenMediaVault 5 Installation Guide :
|Raspberry Pi 4||Case|
You can Buy Raspberry Pi 4 Kit from here
WireGuard for Server Mode
docker create \ --name=wireguard \ --cap-add=NET_ADMIN \ --cap-add=SYS_MODULE \ -e PUID=1000 \ -e PGID=1000 \ -e TZ=Europe/London \ -e SERVERURL=wireguard.domain.com `#optional` \ -e SERVERPORT=51820 `#optional` \ -e PEERS=1 `#optional` \ -e PEERDNS=auto `#optional` \ -e INTERNAL_SUBNET=10.13.13.0 `#optional` \ -p 51820:51820/udp \ -v /path/to/appdata/config:/config \ -v /lib/modules:/lib/modules \ --sysctl="net.ipv4.conf.all.src_valid_mark=1" \ --restart unless-stopped \ linuxserver/wireguard
- -e INTERNAL_SUBNET=10.13.13.0 Internal subnet for the WireGuard and server and peers (only change if it clashes). Used in server mode.
WireGuard for Client Mode
docker create \ --name=wireguard \ --cap-add=NET_ADMIN \ --cap-add=SYS_MODULE \ -e PUID=1000 \ -e PGID=1000 \ -e TZ=Europe/London \ -p 51820:51820/udp \ -v /path/to/appdata/config:/config \ -v /lib/modules:/lib/modules \ --sysctl="net.ipv4.conf.all.src_valid_mark=1" \ --restart unless-stopped \ linuxserver/wireguard
- –sysctl= Required for client mode.
How to find PUID & PGID
- However, to find PUID and PGID we can use the below-given command.
id name of the user UID : "PUID" GID : "PGID"
How to add Server URL
- To generate the Server URL for WireGuard Server we need to create a Dynamic DNS address.
Setting up Dynamic DNS
Here, we need to visit the DUCKDNS website to create a Free Dynamic DNS for our Public IP.
- You can use any of the above methods to login into the DUCKDNS website and create a subdomain for your website. Once you logged in and create a subdomain that can be used as Server URL for WireGuard.
- In my case, I have created omvpcmac as my subdomain, You can create 5 subdomains account on Duck DNS for free.
After the Dynamic DNS successfully created we can replace the wireguard.domain.com with our DUCKDNS address and run the container from the above command.
Setting up Port Forwarding on Router
To forward the port, we need to know the IP Address of our router for that we can use Wireless Network Watcher and it will display the router IP Address as shown below. Now, use this IP Address in your browser and it will open the login page for your router. After that, you need to enter the username & password to login to your router.
- If you don’t know the username & password of your router you can always ask your ISP.
- For personal routers, you can always check online for default username & password for the router.
- In my case, I need to navigate to services and then move to Port Forwarding, your’s might be different.
- Then you need to forward port 51820, to the Raspberry Pi IP Address.
Add Peers/Client to Wireguard Server
- To add more peers/clients, later on, you can run the below-given command while the container is running mode.
docker exec -it wireguard /app/add-peer
- Once the command successfully executed you will see a QR Code. That you need to scan from your device to download the peers/clients file.
- To display the QR codes of active peers again, you can use the following command and list the peer numbers as arguments:
docker exec -it wireguard /app/show-peer 1 4 5
- (Keep in mind that the QR codes are also stored as PNGs in the config folder).
The templates used for server and peer confs are saved under
WireGuard Setup on Android
- To install WireGuard you need to download it from PlayStore and open it once installation finish.
- Now you will see a + sign on the bottom right corner, You need to click on that and you will be able to see these options.
- After that, you can use any of these options to import your file on your phone. But we recommend using a scan from QR code.
In conclusion, you are all set to use Raspberry Pi 4 as WireGuard Server on OpenMediaVault 5 with the help of Docker. If you face any issue regarding this article please share your thoughts. Enjoy using WireGuard on Docker with Openmediavault. Smile (.”_”.)
Please check out my other articles:
- How to install OpenMediaVault 5 on Raspberry Pi All Models
- OpenMediaVault 5 NAS Server on Raspberry Pi 4
- Plex Media Server on OMV 5 inside Docker with Portainer using RPi 4
- How to Install Radarr on OpenMediaVault 5 inside Docker with Portainer using RPi 4
Did you find us helpful?
|Subscribe our YouTube Channel|
|Like us on Facebook|
|Support us on Patreon|
|Share This Article with others|