Terraguard - create and destroy your own VPN service using WireGuard


About The Project

This project's goal is to be simple to create and destroy your own VPN service using WireGuard.


  • Terraform >= 1.0.0
  • Ansible >= 2.10.5

How to Deploy


Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start a process.

Select your cloud provider AWSDigitalOceanGCP and open the directory

You can change the region or key name in the variable.tf

  • Initialize Terraform
terraform init
  • Plan our modifications
sudo terraform plan
  • Apply the changes
sudo terraform apply
  • For Digital Ocean you need to declare your token(do_token) in variable.tf or command line:
sudo terraform plan -var "do_token=value"
sudo terraform apply -var "do_token=value"
  • For GCP you need to declare your token(project_id) in variable.tf or command line:
sudo terraform plan -var "project_id=value"
sudo terraform apply -var "project_id=value"

You supply the key to Terraform using the environment variable GOOGLE_APPLICATION_CREDENTIALS:


Tests - Checking the IP

  • Test the connection without VPN
curl ipinfo.io/ip
  • Start VPN
sudo systemctl start [email protected]
  • Test the connection with VPN
curl ipinfo.io/ip

Mobile client

If you want a extra client for mobile, you need to change the value of the variable mobile in variable.tf or command line:

sudo terraform plan -var "mobile=true"
sudo terraform apply -var "mobile=true"

If variable enabled it will be installed the package qrencode for generate a QRCODE with the configuration for configure in your mobile device.

After the execution it will be genered a QRCODE in stdout terraform, just scan in your mobile device.

Tested with the Android WireGuard Client

broom Cleanup

  • Just run:
sudo terraform destroy

cloud Cloud Providers

  • AWS
  • Digital Ocean
  • GCP
  • Azure
  • OCI

handshake Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues.

motorway Roadmap

  • Workrofl
  • Linux client(Debian, RedHat and Arch base)
  • Terraform to deploy server on AWS
  • Mobile client
  • Mac client
  • Add other cloud providers


bust_in_silhouette João Freire

Original repository: https://github.com/P0ssuidao/terraguard#about-the-project

August 4, 2021
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023