Table of Contents [hide]
Overview
medium.com blocks my country (Vietnam). Apparently, there are many spammers from Vietnam use medium to spread their content.
The solution to access medium when my country is blocked is to use a VPN. There are available solutions out there but they are not reliable. Some contain too much ads.
If you have a server running in a non-block area, you can setup your own VPN to access restricted websites services.
Why WireGuard?
WireGuard is opensource. There are desktop/mobile apps available. It’s an ideal solution, at least in my case.
Setup WireGuard Using Docker Compose
WireGuard itself has a docker image. However, setting up using WireGuard image could be challenging for beginners. There are a quicker solution: wg-easy.
Setting up WireGuard with wp-easy is actually easy.
version"3.8"
volumes
etc_wireguard
services
wg-easy
environment
# Change Language:
# (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi)
LANG=en
# ⚠️ Required:
# Change this to your host's public address
WG_HOST=your_host_public_ip
PASSWORD=your_admin_password
image ghcr.io/wg-easy/wg-easy
container_name wg-easy
networks
caddy-gateway
volumes
etc_wireguard:/etc/wireguard
ports
"51820:51820/udp"
restart unless-stopped
cap_add
NET_ADMIN
SYS_MODULE
sysctls
net.ipv4.ip_forward=1
net.ipv4.conf.all.src_valid_mark=1
networks
caddy-gateway
externaltrue
You should be able to run wg-easy using docker-compose up -d
Make sure you set a strong password (your_admin_password
) and set the public IP (your_host_public_ip
)
Make sure to check the log to see the service is running correctly (docker logs -f wg-easy
)

Setup https domain with Caddy
As you can see in the docker compose file, I only mapped the UDP port. I didn’t map the tcp port because I want to use caddy to give the admin page a nice domain name.
If you already have Caddy up and running, setting up the forward is simple:
vpn.datmt.com {
tls internal
reverse_proxy wg-easy:51821
}
Here, I setup caddy to forward request to port 51821 (tcp) on wg-easy.
When I restart caddy, I can access the admin via my domain:

After entering my password, I can see the admin page:

To add a new client, simply click on new:

After that, there are several options to link your client. If you are on mobile, the simplest way is to use qr code option.

When you scan this qr with the WireGuard mobile app, you will have VPN enabled and you can access restricted websites.
Conclusion
In this post, I’ve shown you how to setup your own VPN with WiredGuard.

I build softwares that solve problems. I also love writing/documenting things I learn/want to learn.