From c3881b93ec34da63cccfbe7037deb30705cd7403 Mon Sep 17 00:00:00 2001 From: Theis Date: Tue, 20 Jan 2026 20:32:31 +0100 Subject: [PATCH] feat: update WireGuard service configuration; switch to linuxserver/wireguard image and adjust environment variables --- docker-compose.prod.yml | 44 +++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml index be59181..e4d18e1 100644 --- a/docker-compose.prod.yml +++ b/docker-compose.prod.yml @@ -37,30 +37,34 @@ services: - ca-lose-internal wireguard: - container_name: ca-lose-wireguard - image: ghcr.io/wg-easy/wg-easy - environment: - - WG_HOST=${WG_HOST} - - WG_DEFAULT_ADDRESS=10.10.0.x - - WG_DEFAULT_DNS=1.1.1.1 - - WG_ALLOWED_IPS=172.25.0.0/24 - - WG_PORT=51830 - - PASSWORD_HASH=${WG_PASSWORD_HASH} - volumes: - - ./wireguard-data:/etc/wireguard - ports: - - "51830:51820/udp" # WireGuard extern erreichbar auf Port 51830 - - "127.0.0.1:51821:51821/tcp" # Web-UI nur lokal erreichbar + image: lscr.io/linuxserver/wireguard:latest + container_name: wireguard cap_add: - NET_ADMIN - - SYS_MODULE + - SYS_MODULE #optional + environment: + - PUID=1000 + - PGID=1000 + - TZ=Etc/UTC + - SERVERURL=dus3.the1s.de #optional + - SERVERPORT=51830 #optional + - PEERS=2 #optional + - PEERDNS=auto #optional + - INTERNAL_SUBNET=10.13.13.0 #optional + - ALLOWEDIPS=0.0.0.0/0 #optional + - PERSISTENTKEEPALIVE_PEERS= #optional + - LOG_CONFS=true #optional + volumes: + - ./config:/config + - /lib/modules:/lib/modules #optional + ports: + - 51830:51830/udp sysctls: - - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 - networks: - - ca-lose-internal - - proxynet restart: unless-stopped + networks: + ca-lose-internal: + ipv4_address: 172.25.0.10 volumes: ca-lose_mysql: @@ -72,5 +76,3 @@ networks: ipam: config: - subnet: 172.25.0.0/24 - proxynet: - external: true