/terraguard

🛡️ 🔒 This project's goal is to be simple to create and destroy your own VPN service using WireGuard.

Primary LanguageHCL

About The Project

This project's goal is to be simple to create and destroy your own VPN service using WireGuard.

Prerequisites

  • Terraform >= 1.0.0
  • Ansible >= 2.10.5

How to Deploy

Terraform

Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start a process.

Select your cloud provider AWS, DigitalOcean, GCP and open the directory

You can change the region or key name in the variable.tf

  • Initialize Terraform
sudo terraform init
  • Plan our modifications
sudo terraform plan
  • Apply the changes
sudo terraform apply
  • For Digital Ocean you need to declare your token(do_token) in variable.tf or command line:
sudo terraform plan -var "do_token=value"
sudo terraform apply -var "do_token=value"
  • For GCP you need to declare your token(project_id) in variable.tf or command line:
sudo terraform plan -var "project_id=value"
sudo terraform apply -var "project_id=value"

You supply the key to Terraform using the environment variable GOOGLE_APPLICATION_CREDENTIALS:

export GOOGLE_APPLICATION_CREDENTIALS=path
  • For AWS you need to configure your credentials using the follow command:
sudo aws configure

Or you can use your credentials as environment variable:

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=

Tests - Checking the IP

  • Test the connection without VPN
curl ipinfo.io/ip
  • Start VPN
sudo systemctl start wg-quick@wg0
  • Test the connection with VPN
curl ipinfo.io/ip

Mobile client

If you want a extra client for mobile, you need to change the value of the variable mobile in variable.tf or command line:

sudo terraform plan -var "mobile=true"
sudo terraform apply -var "mobile=true"

If variable enabled it will be installed the package qrencode for generate a QRCODE with the configuration for configure in your mobile device.

After the execution it will be genered a QRCODE in stdout terraform, just scan in your mobile device.

Tested with the Android WireGuard Client

🧹 Cleanup

  • Just run:
sudo terraform destroy

☁️ Cloud Providers

  • AWS
  • Digital Ocean
  • GCP
  • Azure
  • OCI

🤝 Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues.

🛣️ Roadmap

  • Work🤣
  • Linux client(Debian, RedHat and Arch base)
  • Terraform to deploy server on AWS
  • Mobile client
  • Mac client
  • Add other cloud providers

Author

👤 João Freire