WireGuard on OpenMediaVault 5 inside Docker with Portainer using RPi 4

In this segment, we are going to show you “How to Install WireGuard on OpenMediaVault 5 inside Docker with Portainer using RPi 4

 

What is WireGuard?

wireguard

WireGuard is a free and open-source software application and communication protocol that implements virtual private network (VPN) techniques to create secure point-to-point connections in routed or bridged configurations. It is run as a module inside the Linux kernel and aims for better performance than the IPsec and OpenVPN tunneling protocols. It was written by Jason A. Donenfeld and is published under the GNU General Public License (GPL) version 2. The Linux version of the software has reached a stable production release and was incorporated into the Linux 5.6 release in late March 2020.

Source /> Wikipedia

Looking for Best VPN – Grab the Deal

NordVPN

OpenMediaVault Versions :

OpenMediaVault 5 Installation Guide : 

Equipment Required Optional
Raspberry Pi Raspberry Pi 4 Case
SD_Card SD Card Keyboard
Ethernet Ethernet Cable Mouse
Charger Power Adapter    
HDD External HDD    
Buy Now

You can Buy Raspberry Pi 4 Kit from here

WireGuard for Server Mode

Docker

docker create \
  --name=wireguard \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/London \
  -e SERVERURL=wireguard.domain.com `#optional` \
  -e SERVERPORT=51820 `#optional` \
  -e PEERS=1 `#optional` \
  -e PEERDNS=auto `#optional` \
  -e INTERNAL_SUBNET=10.13.13.0 `#optional` \
  -p 51820:51820/udp \
  -v /path/to/appdata/config:/config \
  -v /lib/modules:/lib/modules \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --restart unless-stopped \
  linuxserver/wireguard
  • -e INTERNAL_SUBNET=10.13.13.0 Internal subnet for the WireGuard and server and peers (only change if it clashes). Used in server mode.

WireGuard for Client Mode

Docker

docker create \
  --name=wireguard \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=Europe/London \
  -p 51820:51820/udp \
  -v /path/to/appdata/config:/config \
  -v /lib/modules:/lib/modules \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --restart unless-stopped \
  linuxserver/wireguard
  • –sysctl= Required for client mode.

How to find PUID & PGID

  • However, to find PUID and PGID we can use the below-given command.
id name of the user
UID : "PUID"
GID : "PGID"

Plex

How to add Server URL

  • To generate the Server URL for WireGuard Server we need to create a Dynamic DNS address.

Setting up Dynamic DNS

Here, we need to visit the DUCKDNS website to create a Free Dynamic DNS for our Public IP. duckdns

  • You can use any of the above methods to login into the DUCKDNS website and create a subdomain for your website. Once you logged in and create a subdomain that can be used as Server URL for WireGuard.
  • In my case, I have created omvpcmac as my subdomain, You can create 5 subdomains account on Duck DNS for free.

duckdns After the Dynamic DNS successfully created we can replace the wireguard.domain.com  with our DUCKDNS address and run the container from the above command.

Setting up Port Forwarding on Router

To forward the port, we need to know the IP Address of our router for that we can use Wireless Network Watcher and it will display the router IP Address as shown below. Nextcloud Now, use this IP Address in your browser and it will open the login page for your router. After that, you need to enter the username & password to login to your router.

  • If you don’t know the username & password of your router you can always ask your ISP.
  • For personal routers, you can always check online for default username & password for the router.
  • In my case, I need to navigate to services and then move to Port Forwarding, your’s might be different.
  • Then you need to forward port 51820, to the Raspberry Pi IP Address.

Wireguard

 

Add Peers/Client to Wireguard Server

  • To add more peers/clients, later on, you can run the below-given command while the container is running mode.
docker exec -it wireguard /app/add-peer
  • Once the command successfully executed you will see a QR Code. That you need to scan from your device to download the peers/clients file.

Result

wireguard

  • To display the QR codes of active peers again, you can use the following command and list the peer numbers as arguments:
docker exec -it wireguard /app/show-peer 1 4 5
  • (Keep in mind that the QR codes are also stored as PNGs in the config folder).

The templates used for server and peer confs are saved under /config/templates.

WireGuard Setup on Android

  • To install WireGuard you need to download it from PlayStore and open it once installation finish.

wireguard

  • Now you will see a + sign on the bottom right corner, You need to click on that and you will be able to see these options.

wireguard

  • After that, you can use any of these options to import your file on your phone. But we recommend using a scan from QR code.

In conclusion, you are all set to use Raspberry Pi 4 as WireGuard Server on OpenMediaVault 5 with the help of Docker. If you face any issue regarding this article please share your thoughts. Enjoy using WireGuard on Docker with Openmediavault. Smile (.”_”.)

Please check out my other articles:

Did you find us helpful?

Subscribe our YouTube Channel
Like us on Facebook facebook
Support us on Patreon Patreon
Share This Article with others

Harish Kumar

As a founder of the PcMac YouTube channel and website, Our goal is to provide Free Technical help to people and spread knowledge to everyone.

Leave a Reply