36 lines
1.0 KiB
YAML
36 lines
1.0 KiB
YAML
version: "3.7"
|
|
services:
|
|
wg-easy:
|
|
container_name: wg-easy
|
|
image: weejewel/wg-easy:7
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ${APP_DATA_DIR}/data:/etc/wireguard
|
|
- /lib/modules:/lib/modules
|
|
ports:
|
|
- 51822:51820/udp
|
|
- ${APP_PORT}:51821/tcp
|
|
environment:
|
|
WG_HOST: "${WIREGUARD_HOST}"
|
|
PASSWORD: "${WIREGUARD_PASSWORD}"
|
|
WG_ALLOWED_IPS: 0.0.0.0/0,::/0
|
|
WG_PORT: 51822
|
|
WG_DEFAULT_DNS: "${WIREGUARD_DNS:-8.8.8.8}"
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
dns:
|
|
- "${WIREGUARD_DNS:-8.8.8.8}"
|
|
sysctls:
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
|
- net.ipv4.ip_forward=1
|
|
networks:
|
|
- tipi_main_network
|
|
# labels:
|
|
# traefik.enable: true
|
|
# traefik.http.routers.wireguard.rule: Host(`wireguard.tipi.home`)
|
|
# traefik.http.routers.wireguard.service: wireguard
|
|
# traefik.http.routers.wireguard.tls: true
|
|
# traefik.http.routers.wireguard.entrypoints: websecure
|
|
# traefik.http.services.wireguard.loadbalancer.server.port: 51821
|