host your own VPN using wireguard, proxmox, and LXCs! (in 10 minutes)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey everyone today I'm going to be showing you how to install wireguard on a Linux container now I'll be using proxmox in this tutorial you don't need proxmox to actually do this proxbox you know really easily gives you the option to create Linux containers so I use proxmox a lot so I thought why not show people how to install something useful like wireguard on it and as for why you would want to install a wireguard on you know a Linux container even like Docker well there's a lot of benefits actually for one it saves on resources and two it's um since you know you're isolating the actual application on a container that just adds another layer of security so um so yeah let's just get into the tutorial all right so we are in our proxbox virtual environment now the first step you want to do into setting up wireguard is actually just opening up the links I provided in the description because you will need them eventually so you might as well just get that out of the way step two would actually be creating the container um so the create container button is conveniently located in the top right in blue we could press that before we actually do that I want to show you there is um we're going to be using a container template now proximox actually gives us the option to use container template which means that our containers are going to be pre-configured generally when you're not using a virtual environment as far as I know containers don't come pre-configured so it's nice that proxmox gives us that option now the way we do that is actually go into local Drive and container templates and I already have two downloaded I already tested this with the Ubuntu vocal and Debian 11 so you can you know do some testing see what works but for this we're going to use Ubuntu vocal or Ubuntu 20.04 so go ahead and do that now we hit next template we're going to select the one we want and for the disk space well since we're just doing wire guard you know eight gigs is more than enough so we're gonna leave that CPU course um like I said we're only using wire guard so this is more than enough and memory that is also perfect for perfectly fine now important thing here is make sure you select JCP yada yada yada then it's gonna do its thing all right that is done now we see uh over here container or container ID is 107 and we've got wireguard tutorial we don't need to boot it up just yet our next step is actually going into our proxmox shell our main shell we just have to do a few things here uh so don't worry all we're going to do is we're actually going to Nano into um our the container we just made we're gonna Nano into its config file and I'll show you how to do that it's very simple or this file is actually located in that directory and the file is going to be the container ID so mine is 107 and then you just add Dot conf there you go next step would be to we'll add the two lines and uh oh yeah I didn't mention so we're gonna actually add to Alliance to our config file this is where the first link comes into to this tutorial I know this says openvpn in Linux container we're obviously not using openvpn we're using wirecard but they this is helpful because um it has what we need for this to work so we're going to copy these two these two lines and I'll explain in a minute what we're actually doing here just going to paste that make sure there's no space back here now uh you can hit you can save this by doing control X and hits Y and then enter essentially those two lines were commands so we added two commands into our config file or allowing our Linux container to access the ton slash tab Network device and the ton slash tab Network device is essentially a virtual Network device that allows us to Route traffic between the VPN server and the client which is obviously very important because we're using we're creating a wireguard server so all the next step would be one final command from this link is the next command down here there you go I'll just quickly explain what that does so by default a Linux container is unprivileged meaning that it runs without root privileges so in order for our unprivileged container to be able to access that virtual Network tunnel device we just configured we actually have to modify the ownership of this file right here that I have highlighted so we're done here we're done with this uh shell our main shell and we couldn't just boot up our main container next up you want to just log in pretty simple uh your I think by default this is going to be root the username I'm not sure if you can change it [Music] but yeah by default it's root alright guys so we finally were able to log into our container and once you have logged in the first thing you want to do is do a quick sudo apt update and a sudo app upgrade this just ensures that the package list from the repositories um are updated and any other like up outdated packages are you know fully up to date so I went ahead and provided the command the description this should you know this should take not that long I hope but once it's done we can move on and make sure you just say yes to that all right our updates have finished we could now go ahead and install wireguard now installing wire guard is actually very simple and that's thanks to this person right here so this lovely person here has essentially created a script for us to install wireguard with no hassle and this is great for someone I guess like me who doesn't want to do a lot of configuration and you know it doesn't really want to run into many issues uh so we can just go ahead and copy this and simply hit paste all right so that was pretty quick now the first thing you'll be prompted with is this right here it's uh asking us what is our public ipv4 address or our hostname now it should automatically detect that for you should automatically detect your ipv4 address and I confirm this just by Googling you know what's my IP address and it luckily matched so we can just hit enter there to continue all right now next thing we have here is what ports should wire guard listen to by default wireguard will listen to Port 51820 generally it is a good rule of thumb to change that because of security reasons of course uh keep in mind you will have to port forward this is uh this will be necessary in order to actually be able to communicate with your wireguard server from outside the network I can list the tutorial down below for that but I don't have a tutorial on that just yet all right so we can just hit enter the name of our first client our first client is actually going to be our phone so I'm going to put the phone and DNS server will just go with the default But ultimately the choice is yours there's some options here and do you want to automatically update I just generally say yes done there you go now a QR code pops up um this is going to make our lives a lot easier and I will show you in just a second all right guys we're almost done here the last thing we want to do is actually install wireguard on our device so I went ahead and went to the App Store and installed wireguard on my iPhone after I've done that went ahead and opened wireguard now it's asking me to add a tunnel so when we hit that it's asking us how do we want to add our wire guard tunnel so obviously we're going to do through the QR code because that is the easiest so literally just scan it let's name this home all right so now that that is done I could go ahead and tunnel into our wireguard server but before I do that I want to show you guys something so if you look in the top right I am actually using my phone's data it says 5G right there so I'm on my phone's data I'm not using um my home Wi-Fi right now despite being at home and there's a reason for that so I'm actually going to go ahead and test the VPN right now to see if it's working because uh think about it the whole point of this is to you know say you're you're in another location you're on a business trip and you need to for whatever reason connect to your home network you're gonna have to VPN into it obviously so that's the whole reason why we're doing this so I'm going to flip this on well actually no before I do that I want to show you my current IP address there you go it's pretty crazy but now once we flip this on once we tunnel into our wireguard server the Magic's gonna happen there you go so now our phone thinks we're at my house well I I am at my house technically but you get the you get the idea all right we are pretty much done here but let's say you want to add more clients because we only added our phone of course what if I want to add my laptop or my desktop I you might be wondering why would I want to add my desktop right it's at home anyway but uh if we think about it with wireguard we're utilizing a encrypted tunnel so regardless if we're home or not there is still a use case for wireguard now in order to add another client we're actually just gonna run one more command here all right so this command here is going to allow us to run this file right here as an executable and the way we do that is just by typing Dot slash and then that file right there and when we do that you'll see we get like a menu pretty much so we're gonna just hit one and we're going to type PC for our name and stick to the default and obviously it just provides us with a QR code but we're using our PC you know how do we do that so as you can see here it has provided us with a configuration file so if we just Nano into that what we can do is actually copy this configuration and input it into wireguard on our PC and that's actually very simple so I provided the download link to wireguard in the description right now that wireguard is installed importing our tunnel on the PC is actually very simple so what we want to do is just copy it now we're pretty much going to import it into wireguard on our PC press this down arrow right here add an empty tunnel just select all that delete it and hit paste and that's it all right well that marks the end of my video today guys I hope you enjoyed it I hope you learned something because um I learned a lot of stuff along the way I am by no means a professional I'm actually a college student studying cyber security so that's kind of why I decided to make this my first video I plan to make a lot more videos related to infosec and you know the cyber security space but I thought this would be a good you know first video to put out because it's not nothing that crazy um and also feel free to call me out on anything in the comment section below because I am very open to constructive criticism and learning new things is always great so yeah thank you guys I'll get to the next one

Info

Channel: homelabd | Homelabbing Made Simple

Views: 10,322

Rating: undefined out of 5

Keywords: proxmox, proxmox wireguard, proxmox LXC, LXC, Linux container, containerization, virtual machine, VM, virtual machine wireguard, Wireguard tutorial, VPN, VPN at home, VPN tutorial

Id: er01qTRwqEo

Channel Id: undefined

Length: 12min 56sec (776 seconds)

Published: Thu Apr 06 2023