Roger Gonzalez
1672e76eca
- Adds a new `wireguard.md` file detailing the process of switching from OpenVPN to WireGuard. - Includes instructions for ProtonVPN users and guidance for other providers. - Updates existing documentation in `vpn.md` and `port-forwarding.md` to reference the new guide. - Adds a new section to `vpn.md` explaining the benefits of WireGuard. - Clarifies the process of updating the `.env` file and `docker-compose.yaml`. - Provides troubleshooting steps for common WireGuard issues.
3.8 KiB
title, date, draft, weight, summary
| title | date | draft | weight | summary |
|---|---|---|---|---|
| Switching Gluetun to WireGuard | 2025-04-05T12:00:00-03:00 | false | 55 | Learn how to switch your Gluetun VPN configuration from OpenVPN to WireGuard for faster and more reliable connections. |
Want faster VPN speeds and quicker connection times? It's time to switch from OpenVPN to WireGuard! This guide will walk you through updating your Gluetun configuration to use WireGuard — with a focus on ProtonVPN.
✅ Why switch? WireGuard is a modern VPN protocol that’s faster, more efficient, and easier to configure than OpenVPN.
For ProtonVPN Users 🚀
ProtonVPN makes it easy to use WireGuard with Gluetun. Here's how to update your configuration.
Step 1: Get Your WireGuard Private Key 🔑
- Go to ProtonVPN WireGuard Config Generator
- Select a server and enable Port Forwarding and Moderate NAT (optional)
- Click Download to get the
.conffile - Open the file and copy the value of
PrivateKey
It will look something like this:
PrivateKey = wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU=
Step 2: Update Your .env File 🛠️
Open your .env file and remove the OpenVPN credentials:
nano /opt/yams/.env
Remove or comment out:
VPN_USER=your-username
VPN_PASSWORD=your-password
You can also remove VPN_SERVICE=protonvpn if you want to hardcode it in the compose file (see below), or leave it — both work.
💡 Not sure how the
.envfile works? Check out our Environment File Guide to learn how to manage variables likeWIREGUARD_PRIVATE_KEYsecurely.
Step 3: Update docker-compose.yaml 🐳
Find the gluetun service and replace the environment: section with the following:
environment:
- VPN_SERVICE_PROVIDER=protonvpn
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU=
- VPN_PORT_FORWARDING=on
- VPN_PORT_FORWARDING_PROVIDER=protonvpn
- PORT_FORWARD_ONLY=on
🧠 Tip: You can still use
${VARIABLE}syntax if you prefer to keep the private key in your.envfile. See the Environment File Guide for more info.
Step 4: Restart YAMS 🔄
Apply the changes:
yams restart
Step 5: Verify It’s Working ✅
Run the VPN check:
yams check-vpn
You should see your qBittorrent IP is different from your local IP — and located in the country you selected in ProtonVPN.
You can also check the Gluetun logs:
docker logs gluetun
Look for lines like:
Using VPN provider: protonvpn
VPN type: wireguard
Port forwarding is enabled
For Other VPN Providers 🌐
WireGuard support varies by provider. Here’s what to do:
- Visit the Gluetun Provider Docs
- Find your VPN provider and follow their WireGuard instructions
- Replace the
gluetunenvironment variables in yourdocker-compose.yamlaccordingly
⚠️ Not all providers support WireGuard or port forwarding. Check their documentation carefully.
Troubleshooting 🔧
Gluetun won’t start?
- Double-check your
WIREGUARD_PRIVATE_KEY - Make sure
VPN_TYPE=wireguardis set - Check for typos in your
docker-compose.yaml
Port forwarding not working?
- Ensure
VPN_PORT_FORWARDING=onandPORT_FORWARD_ONLY=onare set - Verify that port forwarding is enabled in your ProtonVPN config
- Check Gluetun logs for forwarded port info
Need Help? 🆘
If you're stuck:
- Visit our Common Issues page
- Join our Discord or Matrix chat
- Or ask in the YAMS Forum