Advanced Setup Guides

How to setup Wireguard VPN

9min

Disclaimer: EDIS Global does not and will not provide any support for this setup. However we have tested it and it works 100% of the times assuming you follow the steps in this guide. For support, follow the maintainer of this auto installer on Github. 
Automated Wireguard VPN Setup
This article will guide you to use a simple interactive script that sets up a Wireguard VPN server with Adguard, Unbound and DNSCrypt-Proxy on your VPS of choice, and lets you manage the config files using a simple WebUI protected by two-factor-authentication.
Features:
Wireguard WebUI (via wg-easy)
Two-factor authentication for the WebUI (Authelia)
Hardened web server (Bunkerweb)
Encrypted DNS resolution with optional ad-blocking functionality (Adguard Home, DNSCrypt and Unbound)
UFW and Fail2Ban
Automated and unattended upgrades
SSH hardening and public key pair generation (optional, you can also use your own keys)
E-mail notifications (using an external SMTP server, e.g. GMail)
Requirements:
A KVM-based VPS with a dedicated IPv4 address.
One of the supported Linux distros:
Ubuntu Server 22.04
Ubuntu Server 20.04
Debian 11
Getting started:
Now that you have your new EDIS Global VPS server up and running, lets connect to it by typing in the terminal of your preference (If on Windows OS you can use Putty for example) and type:
Shell
ssh root@server-ipv4
ssh root@server-ipv4
﻿
Once connected to our remote VPS we need to call out the script that will automatically install everything for us.
Shell
wget https://notthebe.ee/vpn -O bootstrap.sh && bash bootstrap.sh
wget https://notthebe.ee/vpn -O bootstrap.sh && bash bootstrap.sh
﻿
The script will start to update the system, install required packages and when it's done it will pause at the following screen:
﻿
After following the on screen questions like SSH key, DNS, etc. It will ask you to run the playbook and we say YES:
﻿
After everything has been set up it will ask you and guide you to remote login via ssh to the server using your provided or generated ssh key. After a successful login press ENTER to finish the setup.
The script generates SSL certificates and a subdomain for the Web UI. If the provided domain was mydomain.com our web ui will be https://wg.mydomain.com to manage Wireguard users
When login to the web ui, remember to use the new user and password provided in the set up. If optional email was not set up the, while logging in the web UI we need to get a code by typing in our vps terminal:
Shell
show_2fa
show_2fa
﻿
This will generate a link for us to be able to set up 2FA and will look like this:
﻿
It will present us with a QR code we can scan and add to our 2FA application. After a successful login in we will presented with a web UI where we are able to add users to our new Wireguard VPN server.
Wireguard QR
﻿
﻿
Now you are able to add users and share the credentials. 
Enjoy your new VPS server! 
Remember to visit the script author for any support!
﻿
Blog Post: Wireguard Protocol
﻿
﻿

Updated 03 Apr 2024

Did this page help you?

Install Jitsi on your VPS

Mikrotik RouterOS on EDIS KVM