TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0cba9eed85
docker-apps/wg-easy/stacks/compose.yml
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

61 lines
2.5 KiB
YAML
Raw Blame History

name: wg-easy
networks:
traefik-net:
external: true
services:
wg-easy:
image: ghcr.io/wg-easy/wg-easy:latest
hostname: wg-easy
restart: unless-stopped
env_file: .wg-easy.env
networks:
- traefik-net
cap_add:
- NET_ADMIN
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
volumes:
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- "${DATADIR}/wireguard:/etc/wireguard"
labels:
- traefik.enable=true
- traefik.docker.network=traefik-net
#
# udp service
# ------------
- "traefik.udp.services.wireguard-svc.loadbalancer.server.port=${WG_PORT}"
#
# udp router
# ----------
- "traefik.udp.routers.wireguard-rtr.entrypoints=wireguard"
# assign service to router
- "traefik.udp.routers.wireguard-rtr.service=wireguard-svc"
#
# http service
# ------------
- "traefik.http.services.${APPLICATION_NAME}-svc.loadbalancer.server.port=${PORT}"
#
# http routers
# ------------
# http://appname.domainname/
- "traefik.http.routers.${APPLICATION_NAME}-rtr.entrypoints=web"
- "traefik.http.routers.${APPLICATION_NAME}-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`) || Host(`${WG_HOST}`)&& PathPrefix(`/`)"
# attach middlewares to router
- "traefik.http.routers.${APPLICATION_NAME}-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress-redirect@file"
# assign service to router
- "traefik.http.routers.${APPLICATION_NAME}-rtr.service=${APPLICATION_NAME}-svc"
# https://appname.domainname/
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.entrypoints=websecure"
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.rule=Host(`${APPLICATION_NAME}.${DOMAINNAME}`)&& PathPrefix(`/`) || Host(`${WG_HOST}`)&& PathPrefix(`/`)"
# attach middlewares to router
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.middlewares=http-mw-rateLimit-secureHeaders-compress@file"
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls=true"
#- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.options=tls-options@file" # uncomment and test to see if VPN works correctly BEFORE making permanent
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.tls.certresolver=solver-dns"
# assign service to router
- "traefik.http.routers.${APPLICATION_NAME}-secure-rtr.service=${APPLICATION_NAME}-svc"
Reference in New Issue View Git Blame Copy Permalink