Update WG-Easy/Docker-Compose.yml

2025-10-01 00:06:24 +00:00
parent 7e9d4a9f5d
commit 1a3f69b52b
1 changed files with 32 additions and 18 deletions
@@ -1,25 +1,39 @@
 services:
  wg-easy:
-    image: ghcr.io/wg-easy/wg-easy
-    container_name: wg-easy         
-    environment:                    # Environment variables to configure the instance.
-      - LANG=en                     # Language settings.
-      - WG_HOST=                    # Public IP or domain name where WG-Easy is accessible.
-      - PASSWORD=                   # Password for accessing the WG-Easy web interface.
-      - PORT=51821                  # Port for the web interface.
-      - WG_PORT=51820               # WireGuard port for VPN traffic.
-      - WG_DEFAULT_ADDRESS=10.10.0.x
-      - WG_DEFAULT_DNS=1.1.1.1
+    #environment:
+    #  Optional:
+    #  - PORT=51821
+    #  - HOST=0.0.0.0
+    #  - INSECURE=false
    #  - WG_MTU=1420
+
+    image: ghcr.io/wg-easy/wg-easy:15
+    container_name: wg-easy
+    networks:
+      wg:
+        ipv4_address: 10.42.42.42
    volumes:
      - /srv/docker/wg-easy:/etc/wireguard # Volume mapping for WireGuard configuration files. 
+      - /lib/modules:/lib/modules:ro
    ports:
      - "51820:51820/udp" # UDP port used by WireGuard.
      - "51821:51821/tcp" # TCP port for accessing the web interface.
+    restart: unless-stopped
    cap_add: # Capabilities required for managing networking features.
      - NET_ADMIN
      - SYS_MODULE
+      # - NET_RAW # ⚠️ Uncomment if using Podman
    sysctls: # Kernel parameters that need to be set for WireGuard.
-      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv4.ip_forward=1
-    restart: unless-stopped
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv6.conf.all.disable_ipv6=0
+      - net.ipv6.conf.all.forwarding=1
+      - net.ipv6.conf.default.forwarding=1
+
+networks:
+  wg:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 10.42.42.0/24