Adding Wireguard prototype.
This commit is contained in:
parent
9e5d89bb5d
commit
7fecc9b707
|
@ -46,5 +46,6 @@ Not every stack is tested to fully work.
|
||||||
- [ ] Sonarr (prototype state, working itself, but transmission-on-host integration didn't work due to path mismatch)
|
- [ ] Sonarr (prototype state, working itself, but transmission-on-host integration didn't work due to path mismatch)
|
||||||
- [x] Speedtest (LibreSpeed)
|
- [x] Speedtest (LibreSpeed)
|
||||||
- [x] Watchtower
|
- [x] Watchtower
|
||||||
|
- [ ] [Wireguard](https://hub.docker.com/r/cmulk/wireguard-docker) (prototype state)
|
||||||
- [ ] Wordpress (prototype state)
|
- [ ] Wordpress (prototype state)
|
||||||
- [ ] YaCy (abandoned due to upstream code problems)
|
- [ ] YaCy (abandoned due to upstream code problems)
|
||||||
|
|
9
wireguard/.env.dist
Normal file
9
wireguard/.env.dist
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# https://hub.docker.com/r/cmulk/wireguard-docker
|
||||||
|
|
||||||
|
PORT=5555
|
||||||
|
|
||||||
|
# Configuration directory where Wireguard configuration will be stored.
|
||||||
|
CONFIG_DIR=./config
|
||||||
|
|
||||||
|
LOG_MAX_SIZE=5m
|
||||||
|
LOG_MAX_FILE=5
|
2
wireguard/.gitignore
vendored
Normal file
2
wireguard/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
config/*
|
||||||
|
!config/.gitkeep
|
50
wireguard/README.md
Normal file
50
wireguard/README.md
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
# Wireguard VPN
|
||||||
|
|
||||||
|
![Wireguard Logo](https://www.wireguard.com/img/wireguard.svg)
|
||||||
|
|
||||||
|
## Basic configuration
|
||||||
|
|
||||||
|
### Create config files
|
||||||
|
|
||||||
|
```shell
|
||||||
|
cp examples/server/wg0.conf.dist config/wg0.conf
|
||||||
|
```
|
||||||
|
|
||||||
|
You can edit configuration according to your needs.
|
||||||
|
|
||||||
|
### Generate keys
|
||||||
|
|
||||||
|
Don't forget to set public and private keys for the server and client!
|
||||||
|
|
||||||
|
To get the keys you can use `genkeys` command:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker-compose run wireguard genkeys
|
||||||
|
```
|
||||||
|
|
||||||
|
Output example:
|
||||||
|
|
||||||
|
```
|
||||||
|
Private Key: aAaAAaaaAAaa+AAaAaAaAA1aa/aaAA1aaaaAa1aaaA1=
|
||||||
|
Public Key: /11a1aAaA1a/AAa11AAaa1AAa/AaAA1a1aaa11/AaAa=
|
||||||
|
```
|
||||||
|
|
||||||
|
Not you can use these keys in your configuration file.
|
||||||
|
|
||||||
|
## Additional requirements
|
||||||
|
|
||||||
|
### Kernel module
|
||||||
|
|
||||||
|
You need to be sure that [Wireguard](https://www.wireguard.com/install/) kernel module is installed on the host system.
|
||||||
|
|
||||||
|
#### Ubuntu / Debian
|
||||||
|
|
||||||
|
For kernel versions [older than 5.6](https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.6-Released):
|
||||||
|
|
||||||
|
```shell
|
||||||
|
apt-get install -y --no-install-recommends wireguard-dkms
|
||||||
|
```
|
||||||
|
|
||||||
|
### See also
|
||||||
|
|
||||||
|
You can also check Docker image instructions [here](https://hub.docker.com/r/cmulk/wireguard-docker).
|
0
wireguard/config/.gitkeep
Normal file
0
wireguard/config/.gitkeep
Normal file
26
wireguard/docker-compose.yml
Normal file
26
wireguard/docker-compose.yml
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
version: '3.7'
|
||||||
|
|
||||||
|
services:
|
||||||
|
wireguard:
|
||||||
|
# https://hub.docker.com/r/cmulk/wireguard-docker
|
||||||
|
image: cmulk/wireguard-docker:alpine
|
||||||
|
container_name: wireguard
|
||||||
|
volumes:
|
||||||
|
- "${CONFIG_DIR:-./config}:/etc/wireguard:ro"
|
||||||
|
networks:
|
||||||
|
- network
|
||||||
|
ports:
|
||||||
|
- "${PORT:-5555}:5555/udp"
|
||||||
|
env_file: .env
|
||||||
|
restart: unless-stopped
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_MODULE
|
||||||
|
logging:
|
||||||
|
driver: "json-file"
|
||||||
|
options:
|
||||||
|
max-size: "${LOG_MAX_SIZE:-5m}"
|
||||||
|
max-file: "${LOG_MAX_FILE:-5}"
|
||||||
|
|
||||||
|
networks:
|
||||||
|
network:
|
10
wireguard/examples/client/wg0.conf.dist
Normal file
10
wireguard/examples/client/wg0.conf.dist
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
[Interface]
|
||||||
|
Address = 192.168.20.2/24
|
||||||
|
PrivateKey = <client_private_key>
|
||||||
|
ListenPort = 0 #needed for some clients to accept the config
|
||||||
|
|
||||||
|
[Peer]
|
||||||
|
PublicKey = <server_public_key>
|
||||||
|
Endpoint = <server_public_ip>:5555
|
||||||
|
AllowedIPs = 0.0.0.0/0,::/0 #makes sure ALL traffic routed through VPN
|
||||||
|
PersistentKeepalive =
|
9
wireguard/examples/server/wg0.conf.dist
Normal file
9
wireguard/examples/server/wg0.conf.dist
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# https://github.com/cmulk/wireguard-docker#configuration
|
||||||
|
[Interface]
|
||||||
|
Address = 192.168.20.1/24
|
||||||
|
PrivateKey = <server_private_key>
|
||||||
|
ListenPort = 5555
|
||||||
|
|
||||||
|
[Peer]
|
||||||
|
PublicKey = <client_public_key>
|
||||||
|
AllowedIPs = 192.168.20.2
|
Loading…
Reference in a new issue