July 15, 2024

Setting Up Your Own Cloud-Based VPN Server: A Step-by-Step Guide with GCP, Docker, and Wireguard

In today’s digital age, privacy and security are paramount concerns. One effective way to safeguard your online activities is by using a Virtual Private Network (VPN). While there are numerous VPN services available, setting up your own VPN server in the cloud can provide even more control and flexibility. In this guide, we’ll walk you through the process of setting up your own VPN server using Google Cloud Platform (GCP), Docker, Portainer, DuckDNS, and PiVPN-Wireguard.

Step 1: Create a Google Cloud Platform (GCP) Account

Before you can begin, you’ll need a Google Cloud Platform (GCP) account. Sign up for an account if you don’t already have one, and make sure to provide your billing information. GCP offers a 12-month free tier with a $300 credit, which is more than enough to get started.

Step 2: Create a Virtual Machine (VM) Instance

  1. Log in to your GCP Console.
  2. Navigate to the Compute Engine section and click on “VM instances.”
  3. Click the “Create Instance” button.
  4. Choose a name for your VM, and select a region and zone. You can choose any country location available in GCP.
  5. For the machine type, select “Micro (1 vCPU, 0.6 GB memory).” This option provides the minimum cost.
  6. In the “Boot disk” section, choose “Debian” as the Operating System and set the size as per your requirements.
  7. Click “Create” to create the VM.

Step by Step instructions are provided in the previous blog post here Set up a Server in Google Cloud in Less Than 1 Minute – Arvind Gaba’s Technology Blog

Google Cloud VPN

Step 3: Install Docker on Debian

  1. SSH into your VM instance using the GCP Console or a terminal.
  2. Run the following commands to update the package list and install Docker:
   sudo apt update
   sudo apt install docker.io
  1. Start and enable Docker to run at boot:
   sudo systemctl start docker
   sudo systemctl enable docker

Step 4: Install Portainer

Portainer is a web-based container management tool that will make managing your Docker containers easier.

  1. Run the following command to install Portainer:
   docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer-ce
  1. Access Portainer by navigating to your VM’s IP address on port 9000 (e.g., http://your-vm-ip:9000) in your web browser. Follow the on-screen instructions to set up Portainer.

Step 5: Install DuckDNS Container for DDNS

DuckDNS is a dynamic DNS service that will allow you to access your VPN server via a domain name.

  1. Create an account on DuckDNS (https://www.duckdns.org/).
  2. Once registered, create a new domain name.
  3. Run the DuckDNS container with the following command, replacing <YOUR_DOMAIN> and <YOUR_TOKEN> with your DuckDNS domain and token:
   docker run -d --name duckdns --restart always -e DOMAIN=<YOUR_DOMAIN> -e TOKEN=<YOUR_TOKEN> linuxserver/duckdns

Step 6: Install PiVPN – Wireguard

PiVPN is a simple script that sets up a VPN server using the WireGuard protocol.

  1. SSH back into your VM instance.
  2. Run the following command to install PiVPN:
   curl -L https://install.pivpn.io | bash
  1. Follow the on-screen prompts to configure PiVPN. Be sure to select WireGuard as the VPN protocol.
  2. Once the setup is complete, generate a client profile with a QR code:
   pivpn -a

Step 7: Start Using the VPN Client

  1. Download a WireGuard client for your device (e.g., iOS, Android, Windows, or Linux).
  2. Import the client profile generated in the previous step.
  3. Connect to your VPN using the client. You can use the provided QR code to easily configure the client on mobile devices.

Congratulations! You now have your own VPN server set up in the cloud, giving you enhanced privacy and security while browsing the web. You can access your VPN from anywhere using the DuckDNS domain and connect with confidence. Remember to monitor your GCP usage to avoid unexpected charges, and enjoy your secure and private internet experience.

Remember that the above process does not use the public or reserved IP which would have costed more than what you would be using it in the current setup. All the best!

0 0 votes
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x
WordPress Appliance - Powered by TurnKey Linux