You are here

Setup VPN server on CentOS 8 (GUI Experimental)

Submitted by Nurlan Bayaman on Thu, 07/02/2020 - 16:25

Wireguard VPN setup script, to be run on a CentOS 8 fresh installation


0) Update the server:

dnf update -y

1) Install Wireguard VPN

dnf install elrepo-release epel-release -y
dnf install kmod-wireguard wireguard-tools -y

2) Setup SSH, altagrade user, banner, prompt, aliases

65

3) Setup Wireguard GUI https://github.com/subspacecloud/subspace
First, we need Docker installed

66

4) Subspace required settings

# Remove dnsmasq because it will run inside the container.
dnf remove -y dnsmasq
 
# Set DNS server.
echo nameserver 1.1.1.1 >/etc/resolv.conf
 
# Load modules at startup.
echo "wireguard
iptable_nat
ip6table_nat" > /etc/modules-load.d/subspace.conf
 
modprobe wireguard
modprobe iptable_nat
modprobe ip6table_nat
 
# Enable IP forwarding
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1

5) Setup and start Docker Subspace image

mkdir -p /etc/wireguard/subspace/data
docker create \
    --name subspace \
    --restart always \
    --network host \
    --cap-add NET_ADMIN \
    --volume /usr/bin/wg:/usr/bin/wg \
    --volume /etc/wireguard/subspace/data:/data \
    --env SUBSPACE_HTTP_HOST=vpn.altagrade.net \
    --env SUBSPACE_HTTP_INSECURE=true \
    --env SUBSPACE_LETSENCRYPT=false \
    subspacecloud/subspace:latest
docker start subspace
echo 'type `docker logs subspace` for logs'