How to Install Firezone UI for WireGuard VPN on Ubuntu 22.04

Firezone acts as a frontend to both the WireGuard kernel module and netfilter kernel subsystem. It creates a WireGuard interface and firezone netfilter table and adds appropriate routes to the routing table. In this article, we are going to learn how to install Firezone UI for WireGuard VPN on Ubuntu 22.04. So, let’s get started.

Checkout the Firezone UI for WireGuard VPN Project Here.

Try this wiki on our VPS. Starting at just $5/month with 24x7 In-house customer support.

Pre-requisites :

  • A system with Ubuntu 22.04 installed and running.

  • root access to the system.

  • Server with minimum of 1vCPU and 1GB of RAM.

  • A domain with DNS records set and pointing to your server's IP Address.

Once you're all set, we'll proceed with Firezone UI for WireGuard VPN installation and configuration.

At the time of writing, Firezone had support upto Ubuntu 20.04. This is not recommended for production use until a stable version has been released.

Install Let's Encrypt SSL Certificate

Next we will install Let's Encrypt SSL cert so we can have the domain running on HTTPS.
You can refer the following link for instructions on how to Install Let's Encrypt.

snap install core; snap refresh core

snap install --classic certbot

ln -s /snap/bin/certbot /usr/bin/certbot

certbot certonly --standalone

The SSL Certificates after the installation would be stored in /etc/letsencrypt/live/domain.com/

Example:

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/firezone.domainhere.info/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/firezone.domainhere.info/privkey.pem
This certificate expires on 2022-07-14.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

We will use the certificate paths later in this guide.

Install Firezone Manually

Before we begin with Firezone install, ensure that you have WireGuard installed.
If it isn't installed already, use the below command to install:

apt install wireguard

Once that is done, download the latest version of firezone package from the official Firezone Release Page.
At the time of writing, the latest version available was 0.7.30.

wget https://github.com/firezone/firezone/releases/download/0.7.30/firezone_0.7.30-ubuntu2004-x64.deb

Install the above downloaded package using dpkg,

dpkg -i firezone_0.7.30-ubuntu2004-x64.deb

Bootstrap the application using the below command, This will initialize configuration files, set up needed services and generate the default configuration.

firezone-ctl reconfigure

Next, Edit the default configuration file /etc/firezone/firezone.rb.
In this, we will update the Domain name and specify the path of the SSL certificates so the connection to the panel would be secure.

Using your favourite editor,

nano /etc/firezone/firezone.rb

Find the below mentioned lines and replace them,

 default['firezone']['external_url'] = "https://{node['fqdn'] || node['hostname']}"

to

default['firezone']['external_url'] = 'firezone.domainhere.info'

and

default['firezone']['ssl']['certificate'] = nil
default['firezone']['ssl']['certificate_key'] = nil

to

default['firezone']['ssl']['certificate'] = '/etc/letsencrypt/live/firezone.domainhere.info/fullchain.pem'
default['firezone']['ssl']['certificate_key'] = '/etc/letsencrypt/live/firezone.domainhere.info/privkey.pem'

Replace firezone.domainhere.info with your actual domain name.

SSL Certificate paths were from the earlier install.

Reconfigure the application to pick up the new changes using the below command,

firezone-ctl reconfigure

Create admin user using below command,

firezone-ctl create-or-reset-admin

The login credentials will be printed to the console output.

Manage WireGuard VPN with Firezone Web UI

Now open the domain name from your browser, this will redirect you Firezone UI.

https://firezone.domainhere.info

Replace the firezone.domainhere.info with the actual IP or domain configured on the server.

Login using the credentials. Example of Firezone UI Login Screen:

Now you have successfully installed Firezone UI for WireGuard VPN on Ubuntu 22.04.