Complete Guide to Setting Up WireGuard + Cloudflare WARP for Optimized Routing with Singapore & Indonesia VPS

 

---

1. Introduction

This topology uses two VPS (Singapore & Indonesia) as the main gateways for internet connection, with Starlink only as a transit. WireGuard is used as the main VPN, and Cloudflare WARP helps optimize routing. This system also has failover; if the primary VPS (SG) goes down, the connection automatically switches to the backup VPS (ID).

2. Preparation

Before starting, make sure you have:

• 2 VPS (Singapore & Indonesia) with Ubuntu/Debian OS

• WireGuard installed on both VPS

• Cloudflare WARP installed on the main VPS (SG)

• Root access to the server and client

3. Installing WireGuard on Singapore & Indonesia VPS

apt update && apt install wireguard -y

4. WireGuard Configuration on Singapore VPS (/etc/wireguard/wg0.conf)

[Interface]
Address = 10.100.100.1/24
PrivateKey = <PRIVATE_KEY_SG>
ListenPort = 51820

[Peer]
PublicKey = <PUBLIC_KEY_ID>
AllowedIPs = 10.100.101.1/32
Endpoint = <PUBLIC_IP_ID>:51820
PersistentKeepalive = 25

5. WireGuard Configuration on Indonesia VPS (/etc/wireguard/wg0.conf)

[Interface]
Address = 10.100.101.1/24
PrivateKey = <PRIVATE_KEY_ID>
ListenPort = 51820

[Peer]
PublicKey = <PUBLIC_KEY_SG>
AllowedIPs = 10.100.100.1/32
Endpoint = <PUBLIC_IP_SG>:51820
PersistentKeepalive = 25

6. Starting WireGuard

systemctl enable wg-quick@wg0
systemctl start wg-quick@wg0

7. Installing Cloudflare WARP on Singapore VPS

curl -fsSL https://pkg.cloudflareclient.com/install.sh | bash
warp-cli register
warp-cli set-mode proxy
warp-cli connect

8. Adding Routing on Singapore VPS

iptables -t nat -A POSTROUTING -o warp0 -j MASQUERADE
iptables -A FORWARD -i wg0 -o warp0 -j ACCEPT
iptables -A FORWARD -i warp0 -o wg0 -j ACCEPT

9. Setting Up Failover from Singapore to Indonesia

while true; do
  ping -c 3 10.100.100.1 > /dev/null
  if [ $? -ne 0 ]; then
    ip route replace default via 10.100.101.1 dev wg0
  else
    ip route replace default via 10.100.100.1 dev wg0
  fi
  sleep 10
done

Save this script as /root/failover.sh and run:

chmod +x /root/failover.sh
nohup /root/failover.sh &

10. Testing the Connection

On the client, try connecting to the WireGuard Singapore VPS and check if routing is working correctly.

ping -c 3 8.8.8.8
curl ifconfig.me

---

Conclusion This system ensures an optimized connection with automatic failover. All bandwidth remains from the VPS, while Starlink is only used as a transit path. If you have any questions, feel free to leave a comment on the blog!

---

Install Webserver di Debian

Install Webserver di Debian

install apache2
root@rufaidah:~# aptitude -y install apache2
konfigurasi apache2
root@rufaidah:~# vi /etc/apache2/conf.d/security
# line 27: change
ServerTokens Prod
# line 39: change
ServerSignature Off
root@rufaidah:~# vi /etc/apache2/mods-enabled/dir.conf
# line 3: add file name that it can access only with directory's name
DirectoryIndex index.html index.htm
root@rufaidah:~# vi /etc/apache2/sites-available/default
# line 2: change to webmaster's email
ServerAdmin webmaster@server.world
# line 3: add server's hostname
ServerName rufaidah.server.world
# line 11: change
AllowOverride All
root@rufaidah:~# /etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting




install perlg

root@rufaidah:~# aptitude -y install perl

konfigurasi perl

root@rufaidah:~# vi /etc/apache2/mods-enabled/dir.conf
# line 3: add file name that it can access only with directory's name
DirectoryIndex index.html index.cgi
root@rufaidah:~# vi /etc/apache2/mods-enabled/mime.conf
# line 219: uncomment and add extensions for CGI
AddHandler cgi-script .cgi .pl
root@rufaidah:~# vi /etc/apache2/sites-available/default
# line 10: change ( remove "Indexes" )
Options FollowSymLinks MultiViews ExecCGI
root@rufaidah:~# /etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting

install php

root@rufaidah:~# aptitude -y install php5 php5-cgi libapache2-mod-php5 php5-common php-pear
root@rufaidah:~# vi /etc/apache2/mods-enabled/mime.conf
# near line 220: add extension for PHP
AddHandler php5-script .php
root@rufaidah:~# vi /etc/php5/apache2/php.ini
# line 876: uncomment and add your timezone
date.timezone = "Asia/Tokyo"
root@rufaidah:~# /etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting


Install Ruby
root@rufaidah:~# aptitude -y install ruby1.9.3
root@rufaidah:~# vi /etc/apache2/mods-enabled/mime.conf
# line 219: add extension for ruby script
AddHandler cgi-script .cgi .pl .rb
root@rufaidah:~# /etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting .

Menginstall NFS Server dan NFS Client di Debian

Menginstall NFS Server dan NFS Client de Debian

1 NFS Server caranya ikuti langkah langkahnya  seperti di bawah ini :
root@rufaidahServer:~# aptitude -y install nfs-kernel-server
root@rufaidahServer:~# vi /etc/idmapd.conf
# line 6: uncomment and change to your domain name
Domain = server.world
root@rufaidahServer:~# vi /etc/exports
# write like below *note
/home 10.0.0.0/24(rw,sync,fsid=0,no_root_squash,no_subtree_check)
# *note
/home ⇒ shared directory
10.20.0.0/24                                   ⇒ range of networks NFS permits accesses
rw                                                  ⇒ possible to read and write
sync                                               ⇒ synchronize
no_root_squash                             ⇒ enable root privilege
no_subtree_check                         ⇒ disable subtree check
root@rufaidahServer:~# /etc/init.d/nfs-kernel-server restart


Menginstall NFS Client
root@rufaidahclient:~# aptitude -y install nfs-common
root@rufaidahclient:~# vi /etc/idmapd.conf
# line 6: uncomment and change to your domain name
Domain = server.world
root@rufaidahclient:~# /etc/init.d/nfs-common restart
Stopping NFS common utilities: idmapd statd.
Starting NFS common utilities: statd idmapd.
root@rufaidahclient:~# mount -t nfs rufaidahServer.server.world:/home /home
root@rufaidahclient:~# df -h
Filesystem                Size  Used Avail Use% Mounted on
rootfs                     19G  745M   17G   5% /
udev                       10M     0   10M   0% /dev
tmpfs                     202M  196K  202M   1% /run
/dev/mapper/www-root       19G  745M   17G   5% /
tmpfs                     5.0M     0  5.0M   0% /run/lock
tmpfs                     403M     0  403M   0% /run/shm
/dev/vda1                 228M   18M  199M   9% /boot
rufaidahServer.server.world:/home   19G  917M   17G   6% /home
# home directory on NFS is mounted
root@rufaidahclient:~# vi /etc/fstab
# add at the last: change home directory this server mounts to the one on NFS
 rufaidahServer.server.world:/home   /home  nfs     defaults        0       0

Ok sampai disini mudah mudahan bisa bermanfaat

Install wine di debian

Install Wine di debian

Wine adalah suatu program yang berjalan di windows agar bisa berjalan di linux. Perintah untuk mengisntallnuya adalah sebagai berikut, yang pertama kita lakukan adalah

kita edit dulu /etc/apt/sources.list caranya adalah

nano /etc/apt/sources.list

terus masukan ini :     deb http://www.lamaresh.net/apt squeeze main

dan update reponya dengan perintah apt-get update  dan terakhir kita menginstall wine dengan perintah

apt-get install wine

selesai

Install DNS DI Debian Bagian 4

root@rufaidah:~# vi /etc/bind/named.conf.options
options {
directory "/etc/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
//       0.0.0.0;
// };
# add a range you allow to transfer zones
allow-transfer { localhost; 10.20.0.0/24; 172.16.0.80/29; };
auth-nxdomain no; # conform to RFC1035
# listen-on-v6 { any; };
};
root@rufaidah:~# rndc reload
server reload successful


root@slave:~# vi /etc/bind/named.conf.external-zones
# add settings like follows
         zone "server.world" {
                type slave;
                masters { 172.16.0.82; };
                file "/etc/bind/slaves/server.world.wan";
        };

root@slave:~# mkdir /etc/bind/slaves
root@slave:~# chown bind. /etc/bind/slaves
root@slave:~# rndc reload
server reload successful
root@slave:~# ls /etc/bind/slaves
server.world.wan

Install DNS DI Debian Bagian 3

root@rufaidah:~# vi /etc/resolv.conf

# add own IP address

nameserver 10.20.0.30

root@rufaidah:~# /etc/init.d/bind9 restart

[....] Stopping domain name service...: bind9waiting for pid 4633 to die

. ok

[ ok ] Starting domain name service...: bind9.

root@rufaidah:~# dig rufaidah.server.world.

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> rufaidah.server.world.

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19721

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;rufaidah.server.world. IN A

;; ANSWER SECTION:

rufaidah.server.world. 86400 IN A 10.20.0.30

;; AUTHORITY SECTION:

server.world. 86400 IN NS rufaidah.server.world.

;; Query time: 0 msec

;; SERVER: 10.20.0.30#53(10.20.0.30)

;; WHEN: Mon May 6 18:59:06 2013

;; MSG SIZE rcvd: 64

root@rufaidah:~# dig -x 10.20.0.30

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> -x 10.20.0.30

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42835

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:

;30.0.0.10.in-addr.arpa. IN PTR

;; ANSWER SECTION:

30.0.0.10.in-addr.arpa. 86400 IN PTR rufaidah.server.world.

;; AUTHORITY SECTION:

0.0.10.in-addr.arpa. 86400 IN NS rufaidah.server.world.

;; ADDITIONAL SECTION:

rufaidah.server.world. 86400 IN A 10.20.0.30

;; Query time: 0 msec

;; SERVER: 10.20.0.30#53(10.20.0.30)

;; MSG SIZE rcvd: 100