Install WireGuard on Ubuntu 24.04

The WireGuard is available by default from standard APT repository Ubuntu 24.04.

sudo apt install wireguard

Check WireGuard version.

wg --version

Output should be similar to the one listed below.

wireguard-tools v1.0.20210914 - https://git.zx2c4.com/wireguard-tools/

Generate server WireGuard private key and save it.

sudo wg genkey | sudo tee /etc/wireguard/server_private.key

Set proper permissions for private key.

sudo chmod 600 /etc/wireguard/server_private.key

Generate public key.

sudo cat /etc/wireguard/server_private.key | wg pubkey | sudo tee /etc/wireguard/server_public.key

Check network configuration.

ip a

Create a new configuration and place generated private key from above into it.

[Interface]
Address = 10.8.0.1/24
SaveConfig = true
PostUp = ufw route allow in on wg0 out on eth0
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on eth0
PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = <SERVER_PRIVATE_KEY>

Add client configs

wg set wg0 peer allowed-ips 10.8.0.2/32