WG-Easy - WireGuard

WireGuard is a simple but very fast VPN. It provides a secure, private network connection between two computers.

WG-Easy helps to configure and manage Wireguard.

mkdir wireguard
cd wireguard
mkdir data
touch docker-compose.yml

.../wireguard/docker-compose.yml

version: "3.8"

networks:
  proxy-network:
    external:
      name: proxy-network

services:
  wg-easy:
    environment:
      - WG_HOST=wireguard.domain.de
      - PASSWORD=changeme
      # - WG_PORT=51820
      # - WG_DEFAULT_ADDRESS=10.8.0.x
      # - WG_DEFAULT_DNS=1.1.1.1
      # - WG_MTU=1420
      # - WG_ALLOWED_IPS=192.168.0.0/16, 10.0.0.0/8
    image: weejewel/wg-easy
    container_name: wg-easy
    volumes:
      - ./data:/etc/wireguard
    ports:
      - "51820:51820/udp"
    #  - "51821:51821/tcp"
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
    networks:
      - proxy-network

info

When used behind a router, requests must be forwarded to the server on port 51820/udp.

caution

IPv4 is required.

warning

The WG_HOST should be changed. The password should be changed.

info

Port 51821 is for the graphical user interface. This must be entered in the proxy host with the hostname wg-easy.