netmaker

Netmaker is an open-source tool that automates the setup and management of virtual private networks using WireGuard, a modern VPN protocol built into the Linux kernel. Instead of manually configuring each machine in a network to talk to the others, Netmaker handles the configuration automatically across your machines, wherever they are: home lab, cloud servers, edge devices, or a mix.

WireGuard itself is fast and cryptographically simple, but configuring it across many machines manually is tedious. Netmaker adds a central server with a web dashboard that lets you create and manage networks visually. From that dashboard you can set up mesh VPNs (where every machine connects directly to every other), remote access gateways (for connecting a laptop into a private network), or site-to-site connections (linking two separate office networks or data centers). It supports access control lists, private DNS, and OAuth login.

The client software (called Netclient) runs on Linux, macOS, Windows, and inside Docker containers. There is also community-maintained support for OpenWRT routers and Kubernetes clusters. A Terraform provider exists for teams that manage infrastructure through code.

For self-hosting: you need a cloud VM with a public IP address, a wildcard DNS record pointing to it, and a few open ports. A one-line install script handles everything else on Ubuntu. A managed SaaS version is available at netmaker.io for those who do not want to run the server themselves.

The core software is licensed under Apache 2.0. A Pro tier with additional features exists and its code is in a separate directory with a different license. The company behind Netmaker (Gravitl) is Y Combinator-backed.