logo

Vick's Hangout

Alpine Gateway WireGuard

I’m currently working on a project to provide secure connectivity from multiple locations to a centralized server in an organization’s headquarters. I contemplated using several firewall solutions, or building one using Debian. After building some containers on Alpine, I figured why not just use Alpine itself as the gateway with WireGuard. The setup was done on a QEMU Virtual Machine on Ubuntu 24.04. I’ll then move the VM to the devices on each premises to have an always-on, auto-connected virtual tunnel that is secure. This lightweight setup allows me to spin up a gateway that does what I need quickly and efficiently with minimal hassle.
9 minutes to read

Wireguard Peer

Once your server is up and running, you can configure a peer. The process is nearly identical to setting up the server—allowing you to easily replicate these steps for adding multiple peers. As always, ensure that all commands are executed as the root user.

Generate keys

Each peer requires a unique public/private key pair to establish identity and secure connections, just like the server . Run the following commands to create the required files:

4 minutes to read

Wireguard Server

Refer to this article for a brief overview, prerequisites, and server details. Ensure you run all commands as the root user.

Generate keys

Each server requires a unique public/private key pair to establish identity and secure connections. Run the following commands to create the required files:

(umask 0077; wg genkey | sudo tee /etc/wireguard/privatekey | wg pubkey | sudo tee /etc/wireguard/publickey)
wg genpsk   # Generates a preshared key for Peer A (adds an extra layer of encryption)

Create configuration file

Create a configuration for the new interface. In Wireguard, the configuration file’s name determines the interface name. For example, if you create /etc/wireguard/wg0.conf, the interface will be named wg0.

4 minutes to read

Wireguard

For my VPN setup, I lean towards using Wireguard because it’s straightforward to configure and delivers great performance. This guide serves as a personal reference for when I need to set up Wireguard again—whether as a server or a client. While I typically run Ubuntu on my production servers, my personal homelab runs Archlinux. Although this guide is focused on Archlinux, the process is essentially the same on Ubuntu, aside from the installation details.
2 minutes to read