Adding the orchestration file
This commit is contained in:
parent
a96ae988c5
commit
f2722e16fc
56
docker-compose.yml
Normal file
56
docker-compose.yml
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
networks:
|
||||||
|
traefik:
|
||||||
|
external: true
|
||||||
|
wireguardvpn:
|
||||||
|
services:
|
||||||
|
wireguardvpn:
|
||||||
|
environment:
|
||||||
|
- LANG=fr
|
||||||
|
- WG_HOST=vpn.edipretoro.be
|
||||||
|
- PASSWORD_HASH=$ENV{WIREGUARD_UI_PASSWORD}
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.docker.network=traefik"
|
||||||
|
- "traefik.http.services.wg.loadbalancer.server.port=51821"
|
||||||
|
- "traefik.http.routers.wg.service=wg"
|
||||||
|
- "traefik.http.routers.wg.rule=Host(`vpn.edipretoro.be`)"
|
||||||
|
- "traefik.http.routers.wg.entrypoints=wireguardvpn"
|
||||||
|
- "traefik.http.routers.wg.tls.certresolver=ovhtls"
|
||||||
|
|
||||||
|
# Optional:
|
||||||
|
# - PORT=51821
|
||||||
|
# - WG_PORT=51820
|
||||||
|
# - WG_CONFIG_PORT=92820
|
||||||
|
# - WG_DEFAULT_ADDRESS=10.8.0.x
|
||||||
|
# - WG_DEFAULT_DNS=1.1.1.1
|
||||||
|
# - WG_MTU=1420
|
||||||
|
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
|
||||||
|
# - WG_PERSISTENT_KEEPALIVE=25
|
||||||
|
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
|
||||||
|
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
|
||||||
|
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
|
||||||
|
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
|
||||||
|
# - UI_TRAFFIC_STATS=true
|
||||||
|
# - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart)
|
||||||
|
# - WG_ENABLE_ONE_TIME_LINKS=true
|
||||||
|
# - UI_ENABLE_SORT_CLIENTS=true
|
||||||
|
# - WG_ENABLE_EXPIRES_TIME=true
|
||||||
|
# - ENABLE_PROMETHEUS_METRICS=false
|
||||||
|
# - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash)
|
||||||
|
|
||||||
|
image: ghcr.io/wg-easy/wg-easy
|
||||||
|
container_name: wireguardvpn
|
||||||
|
networks:
|
||||||
|
- traefik
|
||||||
|
volumes:
|
||||||
|
- ./mnt/etc/wireguard:/etc/wireguard
|
||||||
|
ports:
|
||||||
|
- "51820:51820/udp"
|
||||||
|
restart: unless-stopped
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_MODULE
|
||||||
|
# - NET_RAW # ⚠️ Uncomment if using Podman
|
||||||
|
sysctls:
|
||||||
|
- net.ipv4.ip_forward=1
|
||||||
|
- net.ipv4.conf.all.src_valid_mark=1
|
||||||
Loading…
x
Reference in New Issue
Block a user