VPN node based in Wireguard with an API exposed to receive commands.
Pull the image from GitHub Container Registery:
docker pull ghcr.io/lugodev/wireguard-api:mainOr from Docker Hub:
docker pull lugodev/wireguard-apiRun the container, providing the environment vars and the volume to store the VPN configurations:
docker run -d \
--name=wireguard_api \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
-e API_TOKEN=Your token \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Europe/London \
-e SERVERURL=wireguard.domain.com `#optional` \
-e SERVERPORT=51820 `#optional` \
-e PEERS=1 `#optional` \
-e PEERDNS=auto `#optional` \
-e INTERNAL_SUBNET=10.13.13.0 `#optional` \
-e ALLOWEDIPS=0.0.0.0/0 `#optional` \
-p 51820:51820/udp \
-p 8008:8008 \
-v /wireguard-api:/config \
-v /lib/modules:/lib/modules \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart unless-stopped \
ghcr.io/lugodev/wireguard-api:main
The env vars:
API_TOKEN: the token you pass to the API when sending commands via HTTP requests.SERVERURL: your VPN hostname.
The volume /wireguard-api holds the VPN configurations, map the folder you'd like in your folders structure.
The container exposes two ports, which must be allowed in your firewall in order to receive traffic.
51820: WireGuard protocol.8008: WireGuard API.
Allow the ports:
ufw allow 51820
ufw allow 8008
ufw reloadAn easy way to communicate your WireGuard server with your UI. Just make a post request to root route with the token key and the command. Example:
curl --request POST http://wireguard_api -d 'token=my_token&command=my_command'Examples:
curl --request POST http://myvpn.com:8008/ -d 'token=my_token&command=wg set wg0 peer 6DVHXzbM0TfPr6Q4yDBtA/A0jzdUXu8XqR+yV2vF1F9= remove'Thanks goes to these wonderful people (emoji key):
 Carlos Lugones |
 Reinier Hernández |
This project follows the all-contributors specification. Contributions of any kind welcome!
