Wireguard 部署应用

 一、首先要有一个公网IP来进行服务端安装配置，为了简化部署，并且尽量少的侵入性，就用Docker安装服务端：

services:

  wireguard:

    restart: always

    image: weejewel/wg-easy

    container_name: wireguard

    ports:

      - "51820:51820/udp"

      - "51821:51821/tcp"

    environment:

      - TZ=Asia/Shanghai

      - WG_HOST=0.0.0.0

      - PASSWORD=123456

      - WG_PERSISTENT_KEEPALIVE=25

      - WG_DEFAULT_ADDRESS=10.0.8.x

      - WG_DEFAULT_DNS=114.114.114.114

      - WG_ALLOWED_IPS=10.0.8.0/24

    volumes:

      - ./wg-easy:/etc/wireguard

    cap_add:

      - NET_ADMIN

      - SYS_MODULE

    sysctls:

      - net.ipv4.ip_forward=1

      - net.ipv4.conf.all.src_valid_mark=1

二、客户端安装：

# root权限

sudo -i

# 安装wireguard软件

apt install wireguard resolvconf -y

# 开启IP转发

echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf

sysctl -p

wg-quick up wg0