# Wireguard: Home VPN Server Wireguard I used to use OpenVPN as a means to connect to my internal network from outside of my house. It worked really well, but managing its configs was a little bit of a hassle and, frankly, OpenVPN is old news (/s). I wanted to play with a new toy. So I looked into [Wireguard](https://www.wireguard.com). # Server Config Since I use [Home Assistant](/technical/my-story) and it has Add-Ons available available, I decided to use its Wireguard Add-On. I had a couple of choices: Try to install an unsupported Wireguard implementation on my pfSense router, install Wireguard on another system, or use the Home Assistant Add-On. The last option seemed the easiest to manage, so that's what I went with. My thought process here was: * I'm already running Home Assistant * Home Assistant and its services are the main resources I want to access when I'm not at home. * The Add-On in Home Assistant is dead-simple to set up and manage. The great thing about Wireguard, like OpenVPN, is that there are clients for everything: Linux, ChromeOS (via Android), Android Phones, Mac, Windows, and, should the need ever arise, iPhone. # Client Config {{< figure src="/images/wireguard-config.png" alt="Wireguard Config" caption="Wireguard config screenshot" >}} Its really easy to manage. I simply go into Home Assistant -> Supervisor -> Wireguard -> Configuration and add a section similar to the screenshot. # Android Client Setup (and Probably iPhone too) Then I go into **Studio Code Server**, browse to the 'wireguard' folder and find my new profile. There's a qrcode.png file that I can scan inside the Wireguard app on my phone. That automatically adds the profile to my phone. The connection to the Wireguard service is extremely quick and I don't notice any overhead on my phone. # Linux Client Setup On Linux, setting up a connection is done in a couple of ways. For either, I install the wireguard-tools package (using pacman on Arch). ## Running a Command from a Terminal First I download the 'client.conf' file from **Studio Code Server** to my laptop. I copy it to /etc/wireguard/wg0.conf. Then, when I want to connect to the VPN, I run: `sudo wg-quick up wg0` To disconnect: `sudo wg-quick down wg0` To make it simple, I made some shell aliases (bash): ``` alias vpndown='sudo wg-quick down wg0' alias vpnup='sudo wg-quick up wg0' ``` Then I can simply run `vpnup` and `vpndown`.