-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker-compose.yml
51 lines (50 loc) · 1.37 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
name: wireguard
services:
app:
image: ghcr.io/wg-easy/wg-easy:latest
container_name: wireguard
hostname: ${BASE_HOST_NAME:-wg}
restart: always
pull_policy: always
privileged: true
environment:
- LANG=en
- PORT=51821
- WG_MTU=1420
- WG_PORT=51820
- MAX_AGE=360000
- WG_DEVICE=eth0
- UI_CHART_TYPE=3
- UI_TRAFFIC_STATS=true
- WG_HOST=${BASE_HOST_NAME}
- WG_PERSISTENT_KEEPALIVE=20
- UI_ENABLE_SORT_CLIENTS=true
- WG_ENABLE_EXPIRES_TIME=false
- WG_ENABLE_ONE_TIME_LINKS=true
- ENABLE_PROMETHEUS_METRICS=true
- WG_ALLOWED_IPS=0.0.0.0/0, ::/0
- WG_DEFAULT_ADDRESS=192.168.253.x
- WG_DEFAULT_DNS=74.50.113.149, 103.124.104.174, 1.1.1.1
- PASSWORD_HASH=$$2a$$12$$.t/TKB13wTXjT2h35sk8x.qoHJG1vnIF.qa9t.w3gco8awo8B6VRu
volumes:
- '/lib/modules:/lib/modules'
- '/usr/lib/modules:/usr/lib/modules'
- /var/lib/srv/$USER/docker/wg-easy/wg-easy/latest/rootfs/config/wireguard:/etc/wireguard
ports:
- '51820:51820/udp'
- '172.17.0.1:51821:51821/tcp'
cap_add:
- NET_RAW
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
networks:
wireguard:
external: false
name: wireguard
driver: bridge
ipam:
config:
- subnet: 192.168.253.0/24