Skip to main content

WG-Easy - WireGuard

WireGuard is a simple but very fast VPN. It provides a secure, private network connection between two computers.

WG-Easy helps to configure and manage Wireguard.

mkdir wireguard
cd wireguard
mkdir data
touch docker-compose.yml
.../wireguard/docker-compose.yml
version: "3.8"

networks:
proxy-network:
external:
name: proxy-network

services:
wg-easy:
environment:
- WG_HOST=wireguard.domain.de
- PASSWORD=changeme
# - WG_PORT=51820
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
# - WG_MTU=1420
# - WG_ALLOWED_IPS=192.168.0.0/16, 10.0.0.0/8
image: weejewel/wg-easy
container_name: wg-easy
volumes:
- ./data:/etc/wireguard
ports:
- "51820:51820/udp"
# - "51821:51821/tcp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
networks:
- proxy-network
info

When used behind a router, requests must be forwarded to the server on port 51820/udp.

caution

IPv4 is required.

warning

The WG_HOST should be changed. The password should be changed.

info

Port 51821 is for the graphical user interface. This must be entered in the proxy host with the hostname wg-easy.