https://github.com/wg-easy/wg-easy/pkgs/container/wg-easy Create user and group --------------------- Credentials -> Local Users -> Add Full Name: wg-easy Username: wg-easy Disable Password: Email: stuurmcp@telkomsa.net UID: 3019 Create New Primary Group: Create Home Directory: Samba Authentication: Save Credentials -> Local Groups -> Add Name: wg-easy GID: 3018 wg-easy UID: 3019 wg-easy GID: 3018 Create datasets --------------- /mnt/SSD1/docker/data/wg-easy ; set Owner:Group to wg-easy:wg-easy /mnt/SSD1/docker/data/wg-easy/wireguard ; set Owner:Group to wg-easy:wg-easy Create secrets -------------- # In docker shell: cd /opt/stacks/wg-easy/secrets # generate password hash and convert $ in hash to $$; password must be surrounded by single quotes docker run --rm -it ghcr.io/wg-easy/wg-easy wgpw 'YOUR_PASSWORD' | sed -e s/\\$/\\$\\$/g # Remove the single quotes from the generated hash and copy the result to local stacks\.env file # Repeat the above for the prometheus metrics password Copy folder to docker stacks ---------------------------- # In Windows cmd shell in wg-easy folder, enter: ./cp2nas 10.0.0.20 # OR pscp -P 22 -r stacks/*.* root@10.0.0.20:/mnt/SSD1/docker/stacks/wg-easy/ # The above should copy compose.yaml and .env to /mnt/SSD1/docker/stacks/wg-easy Add traefik UDP entrypoint -------------------------- Assuming that WG_PORT=51820 in .env file: If not present, add the following under "entrypoints:" in /opt/stacks/config/traefik.yml wireguard: address: ":51820/udp" If not present, add the following under "ports:" in /opt/stacks/compose.yml - target: 51820 published: 51820 protocol: udp mode: host Execute the above by editing traefik\stacks\compose.yml and traefik\stacks\config\traefik.yml on local computer and then copying to nas/server