https://download.wireguard.com/windows-client/

https://www.wireguard.com/install/

https://hub.docker.com/r/weejewel/wg-easy

https://github.com/WeeJeWel/wg-easy

#国外

docker run -d --name wg   --restart=always   -e "WG_HOST=$(curl -s https://api.ipify.org)"  -e "PASSWORD=wdqdmm@0"   -v /data/site/docker/env/tools/wireguard:/etc/wireguard  -p 51820:51820/udp   -p 51821:51821/tcp   --cap-add=NET_ADMIN  --cap-add=SYS_MODULE   -v  /lib/modules:/lib/modules  --sysctl="net.ipv4.conf.all.src_valid_mark=1"   --sysctl="net.ipv4.ip_forward=1" -e TZ='Asia/Shanghai'   --ulimit nofile=262144:262144  -v /etc/localtime:/etc/localtime:ro  weejewel/wg-easy

vi  /data/docker/tools/wireguard/wg0.conf

# Server
[Interface]
PrivateKey = EAVIqc0MAd0+DalBahc+ceMdE38fw6Xy3Ahmj7/8plM=
Address = 10.8.0.1/24
ListenPort = 51820
PostUp =  iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE; iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; 
PostDown = 
# Client: qbt (8eb69657-9996-49d8-87a5-22ff16a9b0ed)
[Peer]
PublicKey = O+vJraZzqkNocBCdGy9ial7f4wOayQwYg62BXii66lU=
PresharedKey = mGx2tfBMORutxiI+mW6L/vllxP2quQ7tg5zUc0G674g=
AllowedIPs = 10.8.0.2/32

vi  /data/docker/tools/wireguard/wg0.json

{
  "server": {
    "privateKey": "EAVIqc0MAd0+DalBahc+ceMdE38fw6Xy3Ahmj7/8plM=",
    "publicKey": "76GJRd/Ou8YCijDBA0ydlTQ+a6mqo/A6ud8Lg9GLSVM=",
    "address": "10.8.0.1"
  },
  "clients": {
    "8eb69657-9996-49d8-87a5-22ff16a9b0ed": {
      "name": "qbt",
      "address": "10.8.0.2",
      "privateKey": "WDOmRuRwz/Vab50A2Lt8r9MS7POR9BaWmWMnArslVV4=",
      "publicKey": "O+vJraZzqkNocBCdGy9ial7f4wOayQwYg62BXii66lU=",
      "preSharedKey": "mGx2tfBMORutxiI+mW6L/vllxP2quQ7tg5zUc0G674g=",
      "createdAt": "2022-03-30T06:40:22.495Z",
      "updatedAt": "2022-03-30T06:40:22.495Z",
      "enabled": true
    }
  }
}

#国内

docker run -d --name vpn   --restart=always   -e "WG_HOST=$(curl -s https://api.ipify.org)" -e "WG_DEFAULT_DNS=218.85.152.99,218.85.157.99"  -e "PASSWORD=wdqdmm@0"   -v /data/docker/tools/wireguard:/etc/wireguard  -p 51820:51820/udp   -p 51821:51821/tcp   --cap-add=NET_ADMIN  --cap-add=SYS_MODULE   -v  /lib/modules:/lib/modules  --sysctl="net.ipv4.conf.all.src_valid_mark=1"   --sysctl="net.ipv4.ip_forward=1"  -v /data/docker/tools/wireguard:/etc/wireguard  -v /etc/localtime:/etc/localtime:ro  weejewel/wg-easy

http://g.htmltoo.com:51821

https://hub.docker.com/r/jarylc/wireguard-ui

https://gitlab.com/jarylc/docker-wireguard-ui

https://github.com/ngoduykhanh/wireguard-ui

docker run -d --net=host   --name vpn  --restart=always   --privileged -e LOGIN_PAGE=1 -e BIND_ADDRESS=0.0.0.0:5000  --cap-add=NET_ADMIN  --cap-add=SYS_MODULE   -v  /lib/modules:/lib/modules    -v /data/docker/tools/vpn:/etc/wireguard  -v /etc/localtime:/etc/localtime:ro  jarylc/wireguard-ui

http://b.htmltoo.com:5000   admin  admin

---Wireguard Server

->Server Interface Addresses

10.8.0.1/24 

->Post Up Script

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE; iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT

->Wireguard Clients

-IP Allocation

10.8.0.2/32

-Allowed IPs

0.0.0.0/0    ::/0  

docker exec -it vpn /bin/bash

-帐号密码

cat /db/server/users.json

# Wireguard-windows

https://file.htmltoo.com/tools/soft/src/webmaster/

yum install -y  kmod-wireguard wireguard-tools

-安装完成之后，需要将wireguard模块装载到Linux内核中

modprobe wireguard

-WireGuard 的配置分为 Interface 和 Peer，

其中 Interface 可以认为是对本地机器的配置，而 Peer 是配置连进来的机器的

-模块是否已经加载：

lsmod | grep wireguard