feat: update WireGuard service configuration; switch to linuxserver/wireguard image and adjust environment variables

2026-01-20 20:32:31 +01:00
parent bf3a11891b
commit c3881b93ec
1 changed files with 23 additions and 21 deletions
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -37,30 +37,34 @@ services:
      - ca-lose-internal

  wireguard:
-    container_name: ca-lose-wireguard
-    image: ghcr.io/wg-easy/wg-easy
-    environment:
-      - WG_HOST=${WG_HOST}
-      - WG_DEFAULT_ADDRESS=10.10.0.x
-      - WG_DEFAULT_DNS=1.1.1.1
-      - WG_ALLOWED_IPS=172.25.0.0/24
-      - WG_PORT=51830
-      - PASSWORD_HASH=${WG_PASSWORD_HASH}
-    volumes:
-      - ./wireguard-data:/etc/wireguard
-    ports:
-      - "51830:51820/udp" # WireGuard extern erreichbar auf Port 51830
-      - "127.0.0.1:51821:51821/tcp" # Web-UI nur lokal erreichbar
+    image: lscr.io/linuxserver/wireguard:latest
+    container_name: wireguard
    cap_add:
      - NET_ADMIN
-      - SYS_MODULE
+      - SYS_MODULE #optional
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Etc/UTC
+      - SERVERURL=dus3.the1s.de #optional
+      - SERVERPORT=51830 #optional
+      - PEERS=2 #optional
+      - PEERDNS=auto #optional
+      - INTERNAL_SUBNET=10.13.13.0 #optional
+      - ALLOWEDIPS=0.0.0.0/0 #optional
+      - PERSISTENTKEEPALIVE_PEERS= #optional
+      - LOG_CONFS=true #optional
+    volumes:
+      - ./config:/config
+      - /lib/modules:/lib/modules #optional
+    ports:
+      - 51830:51830/udp
    sysctls:
-      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
-    networks:
-      - ca-lose-internal
-      - proxynet
    restart: unless-stopped
+    networks:
+      ca-lose-internal:
+        ipv4_address: 172.25.0.10

 volumes:
  ca-lose_mysql:
@@ -72,5 +76,3 @@ networks:
    ipam:
      config:
        - subnet: 172.25.0.0/24
-  proxynet:
-    external: true