This project automates the deployment of a WireGuard VPN server on Vultr using Terraform and Ansible. WireGuard is a simple, fast, and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec.
You should have the following installed on your local machine:
You should also have a Vultr API Key and an SSH Key ID on your Vultr account.
To obtain ssh_key_id, run:
curl -H 'Authorization: Bearer Vultr_API_KEY' https://api.vultr.com/v2/ssh-keys
-
Clone this repository and navigate to the project directory.
-
Replace
VULTR_API_KEYandYOUR SSH_KEY_IDin theterraform.tfvarsfile with your Vultr API Key and SSH Key ID, respectively. -
Initialize Terraform:
terraform init -
Apply the Terraform configuration:
terraform applyAfter the
applycommand completes, the IP address of the newly created Vultr instance will be added automatically to theinventory.inifile. -
Run the Ansible playbook:
ansible-playbook -i playbooks/inventory.ini playbooks/dwg.yml -u rootThis will setup the WireGuard VPN server on the Vultr instance and fetch the peer configuration files and QR code images to your local machine by default they will be placed onto your Desktop in /config and /qrcodes. This can be changed by editing the
playbooks/vars/main.ymlfile. -
Connect to the VPN server using the downloaded configuration files or QR code images.