一、首先要有一个公网IP来进行服务端安装配置,为了简化部署,并且尽量少的侵入性,就用Docker安装服务端: services: wireguard: restart: always image: weejewel/wg-easy container_name: wireguard ports: - "51820:51820/udp" - "51821:51821/tcp" environment: - TZ=Asia/Shanghai - WG_HOST=0.0.0.0 - PASSWORD=123456 - WG_PERSISTENT_KEEPALIVE=25 - WG_DEFAULT_ADDRESS=10.0.8.x - WG_DEFAULT_DNS=114.114.114.114 - WG_ALLOWED_IPS=10.0.8.0/24 volumes: - ./wg-easy:/etc/wireguard cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 二、客户端安装: # root权限 sudo -i # 安装wireguard软件 apt install wireguard resolvconf -y # 开启IP转发 echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf sysctl -p wg-quick up wg0