Untuk menginstal dan mengonfigurasi WireGuard server di Ubuntu, Anda dapat mengikuti langkah-langkah berikut. WireGuard adalah solusi VPN yang sederhana dan efisien yang memudahkan pengaturan jaringan pribadi virtual.
sudo apt update && apt upgrade -y
root@mail:~# sudo apt update && apt upgrade -y Hit:4 https://download.docker.com/linux/ubuntu jammy InRelease Get:5 http://security.ubuntu.com/ubuntu jammy-security InRelease [129 kB] Hit:6 https://repo.zextras.io/release/ubuntu jammy InRelease Get:7 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages [1839 kB] Hit:8 https://apt.postgresql.org/pub/repos/apt jammy-pgdg InRelease Get:9 http://security.ubuntu.com/ubuntu jammy-security/main amd64 c-n-f Metadata [13.3 kB] Get:10 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 Packages [903 kB] Get:11 http://security.ubuntu.com/ubuntu jammy-security/universe amd64 c-n-f Metadata [19.3 kB] Hit:1 https://mirror.idcloudhost.com/ubuntu jammy InRelease Get:2 https://mirror.idcloudhost.com/ubuntu jammy-updates InRelease Hit:3 https://mirror.idcloudhost.com/ubuntu jammy-backports InRelease Get:12 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 Packages [2058 kB] Get:13 https://mirror.idcloudhost.com/ubuntu jammy-updates/universe amd64 Packages [1124 kB] Fetched 6213 kB in 22s (276 kB/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done 24 packages can be upgraded. Run 'apt list --upgradable' to see them. Reading package lists... Done Building dependency tree... Done Reading state information... Done Calculating upgrade... Done Get another security update through Ubuntu Pro with 'esm-apps' enabled: node-ip Learn more about Ubuntu Pro at https://ubuntu.com/pro The following NEW packages will be installed: linux-headers-5.15.0-122 linux-headers-5.15.0-122-generic linux-image-5.15.0-122-generic linux-modules-5.15.0-122-generic The following packages have been kept back: apparmor libapparmor1 The following packages will be upgraded: apt apt-transport-https apt-utils base-files containerd.io docker-ce docker-ce-cli docker-ce-rootless-extras libapt-pkg6.0 libexpat1 linux-headers-generic linux-headers-virtual linux-image-virtual linux-libc-dev linux-virtual motd-news-config python-apt-common python3-apt python3-distupgrade python3-update-manager ubuntu-release-upgrader-core update-manager-core 22 upgraded, 4 newly installed, 0 to remove and 2 not upgraded. 6 standard LTS security updates Need to get 82.6 MB/133 MB of archives. After this operation, 234 MB of additional disk space will be used. Get:4 https://download.docker.com/linux/ubuntu jammy/stable amd64 containerd.io amd64 1.7.22-1 [29.5 MB] Get:14 https://download.docker.com/linux/ubuntu jammy/stable amd64 docker-ce-cli amd64 5:27.2.1-1~ubuntu.22.04~jammy [15.0 MB] Get:15 https://download.docker.com/linux/ubuntu jammy/stable amd64 docker-ce amd64 5:27.2.1-1~ubuntu.22.04~jammy [25.6 MB] Get:16 https://download.docker.com/linux/ubuntu jammy/stable amd64 docker-ce-rootless-extras amd64 5:27.2.1-1~ubuntu.22.04~jammy [9572 kB] Get:1 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 motd-news-config all 12ubuntu4.7 [3822 B] Get:2 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 base-files amd64 12ubuntu4.7 [61.9 kB] Get:3 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 libapt-pkg6.0 amd64 2.4.13 [912 kB] Get:5 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 apt amd64 2.4.13 [1363 kB] Get:6 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 apt-utils amd64 2.4.13 [211 kB] Get:7 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 python-apt-common all 2.4.0ubuntu4 [14.6 kB] Get:8 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 python3-apt amd64 2.4.0ubuntu4 [164 kB] Get:9 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 ubuntu-release-upgrader-core all 1:22.04.20 [26.2 kB] Get:10 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 python3-distupgrade all 1:22.04.20 [106 kB] Get:11 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 python3-update-manager all 1:22.04.21 [39.1 kB] Get:12 https://mirror.idcloudhost.com/ubuntu jammy-updates/main amd64 update-manager-core all 1:22.04.21 [11.5 kB] Get:13 https://mirror.idcloudhost.com/ubuntu jammy-updates/universe amd64 apt-transport-https all 2.4.13 [1510 B] Fetched 82.6 MB in 22s (3675 kB/s) (Reading database ... 169663 files and directories currently installed.) Preparing to unpack .../motd-news-config_12ubuntu4.7_all.deb ... Unpacking motd-news-config (12ubuntu4.7) over (12ubuntu4.6) ... Preparing to unpack .../base-files_12ubuntu4.7_amd64.deb ... Unpacking base-files (12ubuntu4.7) over (12ubuntu4.6) ... Setting up base-files (12ubuntu4.7) ... Installing new version of config file /etc/issue ... .. .. Restarting services... systemctl restart packagekit.service polkit.service Service restarts being deferred: /etc/needrestart/restart.d/dbus.service systemctl restart networkd-dispatcher.service systemctl restart unattended-upgrades.service No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. root@mail:~#
root@mail:~# apt install wireguard Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required: linux-headers-5.15.0-121 linux-headers-5.15.0-121-generic linux-image-5.15.0-121-generic linux-modules-5.15.0-121-generic Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: wireguard-tools The following NEW packages will be installed: wireguard wireguard-tools 0 upgraded, 2 newly installed, 0 to remove and 2 not upgraded. Need to get 90.0 kB of archives. After this operation, 345 kB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 https://mirror.idcloudhost.com/ubuntu jammy/main amd64 wireguard-tools amd64 1.0.20210914-1ubuntu2 [86.9 kB] Get:2 https://mirror.idcloudhost.com/ubuntu jammy/universe amd64 wireguard all 1.0.20210914-1ubuntu2 [3114 B] Fetched 90.0 kB in 21s (4370 B/s) Selecting previously unselected package wireguard-tools. (Reading database ... 199243 files and directories currently installed.) Preparing to unpack .../wireguard-tools_1.0.20210914-1ubuntu2_amd64.deb ... Unpacking wireguard-tools (1.0.20210914-1ubuntu2) ... Selecting previously unselected package wireguard. Preparing to unpack .../wireguard_1.0.20210914-1ubuntu2_all.deb ... Unpacking wireguard (1.0.20210914-1ubuntu2) ... Setting up wireguard-tools (1.0.20210914-1ubuntu2) ... wg-quick.target is a disabled or a static unit not running, not starting it. Setting up wireguard (1.0.20210914-1ubuntu2) ... Processing triggers for man-db (2.10.2-1) ... Scanning processes... Scanning candidates... Scanning linux images... Restarting services... Service restarts being deferred: /etc/needrestart/restart.d/dbus.service systemctl restart networkd-dispatcher.service systemctl restart unattended-upgrades.service No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. root@mail:~#
Membuat publik key dan private key
root@mail:~# wg genkey | tee /etc/wireguard/server.key | wg pubkey > /etc/wireguard/server.pub root@mail:~# root@mail:~# ls -alsh /etc/wireguard total 24K 4.0K drwx------ 2 root root 4.0K Sep 17 22:40 . 12K drwxr-xr-x 114 root root 12K Sep 17 22:34 .. 4.0K -rw-r--r-- 1 root root 45 Sep 17 22:40 server.key 4.0K -rw-r--r-- 1 root root 45 Sep 17 22:40 server.pub root@mail:~#
Membuat preshared key
root@mail:~# wg genpsk > /etc/wireguard/preshared.key Warning: writing to world accessible file. Consider setting the umask to 077 and trying again. root@mail:~#
Membuat configurasi
root@mail:~# nano /etc/wireguard/wg0.conf root@mail:~# cat /etc/wireguard/wg0.conf [Interface] Address = 10.0.0.1/24 ListenPort = 51820 PrivateKey = iHsuAWoooyI1<Isi_dengan_kunci_privat_server> [Peer] PublicKey = Nq0722jSka9tfXV<Isi_dengan_kunci_publik_client> PresharedKey = 16zXfqQxAheOY<Isi_dengan_kunci_preshared> AllowedIPs = 10.0.0.2/32 root@mail:~#
Menjalankan service dan interface wg0
root@mail:~# systemctl restart wg-quick@wg0
Mengecek informasi koneksi
root@mail:~# wg show interface: wg0 public key: VYlVOipLTjwe2e+<disensor_publik_key_server> private key: iHsuAWoooyI1(hidden) listening port: 51820 peer: Nq0722jSka9tfXV<disensor_publik_key_client> preshared key: 16zXfqQxAheOY(hidden) endpoint: 103.xxx.xxx.42:51820 allowed ips: 10.0.0.2/32 latest handshake: 1 minute, 16 seconds ago transfer: 22.36 KiB received, 860 B sent root@mail:~#
Konfigurasi pada client mikrotik
Public Key pada publik key peer di server wireguard adalah publik key pada interface wireguard mikrotik
Sedangkan publik key yang di isikan pada peer mikrotik adalah publik key dari server wireguard
adapun preshared, adalah password yang sama yang di generate sebelumnya
