Wireguard Linux Setup
Modern state-of-the-art VPN designed to be simplier and faster that IPsec and openVPN. 5.6+ Kernels required unless explicitly backported.
Debian
Debian Bullseye and later (5.6 Kernels+) have wireguard built into the
Kernel as well as the packages in the main repository. No additional setup needs
to be done other than installing the wireguard package. Releases before
Buster are not supported.
Buster setup:
0644 root root /etc/apt/sources.list.d/unstable-wireguard.list
deb https://deb.debian.org/debian/ unstable main
0644 root root /etc/apt/preferences.d/wireguard-limit-unstable
Package: *
Pin: release a=unstable
Pin-Priority: 150
Install Kernel headers, wireguard, and reboot.
apt update && apt upgrade
apt install linux-headers-amd64
apt install wireguard
Ubuntu
Ubuntu 18.04 and later have wireguard built in. Just install the
wireguard package.
Autostart Tunnel as Service
Tunnels may be autostarted as services.
Start tunnel on boot.
systemctl enable wg-quick@{TUNNEL}
Start tunnel on demand.
systemctl status/stop/start/restart wg-quick@{TUNNEL}
References