2025-09-30 23:39:41 +00:00
|
|
|
services:
|
|
|
|
|
wg-easy:
|
2025-10-01 01:18:12 +00:00
|
|
|
environment:
|
2025-10-01 00:06:24 +00:00
|
|
|
# Optional:
|
|
|
|
|
# - PORT=51821
|
|
|
|
|
# - HOST=0.0.0.0
|
|
|
|
|
# - INSECURE=false
|
2025-10-01 01:18:12 +00:00
|
|
|
- DISABLE_IPV6
|
2025-10-01 01:24:11 +00:00
|
|
|
- WG_HOST=wireguard.gabesville.com
|
2025-10-01 01:18:12 +00:00
|
|
|
- WG_PORT=51822
|
2025-10-01 01:24:11 +00:00
|
|
|
- WG_MTU=1420
|
2025-10-01 00:06:24 +00:00
|
|
|
|
2025-10-01 00:07:37 +00:00
|
|
|
image: ghcr.io/wg-easy/wg-easy:latest
|
2025-10-01 00:06:24 +00:00
|
|
|
container_name: wg-easy
|
|
|
|
|
networks:
|
|
|
|
|
wg:
|
|
|
|
|
ipv4_address: 10.42.42.42
|
2025-09-30 23:39:41 +00:00
|
|
|
volumes:
|
2025-10-01 00:06:24 +00:00
|
|
|
- /srv/docker/wg-easy:/etc/wireguard # Volume mapping for WireGuard configuration files.
|
|
|
|
|
- /lib/modules:/lib/modules:ro
|
2025-09-30 23:39:41 +00:00
|
|
|
ports:
|
2025-10-01 01:18:12 +00:00
|
|
|
- "51822:51820/udp" # UDP port used by WireGuard.
|
2025-10-01 00:06:24 +00:00
|
|
|
- "51821:51821/tcp" # TCP port for accessing the web interface.
|
|
|
|
|
restart: unless-stopped
|
|
|
|
|
cap_add: # Capabilities required for managing networking features.
|
2025-09-30 23:39:41 +00:00
|
|
|
- NET_ADMIN
|
|
|
|
|
- SYS_MODULE
|
2025-10-01 00:06:24 +00:00
|
|
|
# - NET_RAW # ⚠️ Uncomment if using Podman
|
|
|
|
|
sysctls: # Kernel parameters that need to be set for WireGuard.
|
2025-09-30 23:39:41 +00:00
|
|
|
- net.ipv4.ip_forward=1
|
2025-10-01 00:06:24 +00:00
|
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
|
|
|
|
- net.ipv6.conf.all.disable_ipv6=0
|
|
|
|
|
- net.ipv6.conf.all.forwarding=1
|
|
|
|
|
- net.ipv6.conf.default.forwarding=1
|
|
|
|
|
|
|
|
|
|
networks:
|
|
|
|
|
wg:
|
|
|
|
|
driver: bridge
|
|
|
|
|
ipam:
|
|
|
|
|
driver: default
|
|
|
|
|
config:
|
|
|
|
|
- subnet: 10.42.42.0/24
|
