Deploy Your Own Secure WireGuard VPN Server the Easy Way.
- Overview
- Features
- Prerequisites
- Getting Started
- Important Note
- Additional Resources
- Contributing
- License
- Author
A deployment of a secure VPN service that provide access to your homelabs, smart homes, servers, and can also be used for safe web browsing (assuming trust in the server hosting the VPN).
Deployment is automated using Ansible, with configurations managed via vars.yml.
All components are deployed using Docker images.
- Secure Access: Safely connect to your home lab's infrastructure from remote locations, ensuring your data remains private.
- Dockerized Components: All services are run in isolated Docker containers for improved security and easier management.
- Custom Domain Names: Pi-hole provides DNS resolution within your network, allowing for friendly domain names instead of remembering IP addresses.
- Ad Blocking: Pi-hole also serves as an ad blocker, preventing intrusive advertisements from being served within your network.
- Two-Factor Authentication (2FA): Integration with Authelia for enhanced security during user authentication.
- Hardened System Configuration: The deployment includes hardening configurations for the base system, adding an extra layer of security.
- Secure Browsing: The VPN server can be utilized for secure web surfing (provided you trust the server provider).
- Simple Ansible Configuration: Easily manageable configurations through
vars.ymlfor a quick and easy setup.
- A clean installation of the latest version of Debian or Fedora Linux.
- Ansible installed on the control node.
- SSH access to the server with sudo privileges.
git clone https://github.com/ggragham/wireguard_deploy.git
cd wireguard_deployCopy the template configuration file to create your own:
cp default.vars.yml vars.ymlModify the vars.yml file to set your desired configurations. Make sure to specify all essential parameters like domain name, network settings, user credentials, etc.
Run the Ansible playbook:
ansible-playbook playbook.ymlBefore using the scripts and/or playbooks in this repository, ensure you have created a backup of your data and configurations. The author of this repository assumes no responsibility for any data loss or system issues that may arise from using these scripts or playbooks. Use them at your own risk.
For further guidance and detailed information, refer to the following resources:
- WireGuard Official Documentation
- wg-easy GitHub Repository
- Authelia Documentation
- Pi-hole Documentation
- Nginx Official Documentation
- Docker Documentation
- Ansible Documentation
If you would like to contribute to this project, feel free to submit a pull request or open an issue for discussion. Contributions are welcome!
This project was created by Grell Gragham.
This software is published under the GPL-3.0 License.