From e607c7a914260536b9e3b5703a0b680f45a80f75 Mon Sep 17 00:00:00 2001 From: Aykhan Shahsuvarov Date: Wed, 28 May 2025 17:32:13 +0000 Subject: [PATCH] bump wg easy to 15 --- wg_easy/.env.example | 7 --- wg_easy/docker-compose.yml | 92 +++++++++++++++----------------------- 2 files changed, 37 insertions(+), 62 deletions(-) delete mode 100644 wg_easy/.env.example diff --git a/wg_easy/.env.example b/wg_easy/.env.example deleted file mode 100644 index 0e6614f..0000000 --- a/wg_easy/.env.example +++ /dev/null @@ -1,7 +0,0 @@ -# Language of web page (e.g. en) -LANG= -# The public hostname or IP of your VPN server (e.g. vpn.example.com, 1.1.1.1) -WG_HOST= -# (Optional) When set, requires a password when logging in to the Web UI. -# See How to generate a hash: https://github.com/wg-easy/wg-easy/blob/master/How_to_generate_an_bcrypt_hash.md -PASSWORD_HASH= \ No newline at end of file diff --git a/wg_easy/docker-compose.yml b/wg_easy/docker-compose.yml index 345b47c..0c8c93e 100644 --- a/wg_easy/docker-compose.yml +++ b/wg_easy/docker-compose.yml @@ -1,57 +1,39 @@ -# volumes: -# etc_wireguard: -networks: - caddy: - name: caddy - driver: bridge - external: true - services: - wg-easy: - environment: - # Change Language: - # (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi, ja) - - LANG=${LANG:-en} - # ⚠️ Required: - # Change this to your host's public address - - WG_HOST=${WG_HOST} + wg-easy: + image: ghcr.io/wg-easy/wg-easy:15 + container_name: wg-easy + networks: + caddy: + wg: + ipv4_address: 10.42.42.42 + ipv6_address: fdcc:ad94:bacf:61a3::2a + volumes: + - ./data:/etc/wireguard + - /lib/modules:/lib/modules:ro + ports: + - "51820:51820/udp" + # - "51821:51821/tcp" + restart: unless-stopped + cap_add: + - NET_ADMIN + - SYS_MODULE + sysctls: + - net.ipv4.ip_forward=1 + - net.ipv4.conf.all.src_valid_mark=1 + - net.ipv6.conf.all.disable_ipv6=0 + - net.ipv6.conf.all.forwarding=1 + - net.ipv6.conf.default.forwarding=1 - # Optional: - - PASSWORD_HASH=${PASSWORD_HASH} - # - PORT=51821 - # - WG_PORT=51820 - # - WG_CONFIG_PORT=92820 - # - WG_DEFAULT_ADDRESS=10.8.0.x - # - WG_DEFAULT_DNS=1.1.1.1 - # - WG_MTU=1420 - # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24 - # - WG_PERSISTENT_KEEPALIVE=25 - # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt - # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt - # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt - # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt - # - UI_TRAFFIC_STATS=true - # - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart) - # - WG_ENABLE_ONE_TIME_LINKS=true - # - UI_ENABLE_SORT_CLIENTS=true - # - WG_ENABLE_EXPIRES_TIME=true - # - ENABLE_PROMETHEUS_METRICS=false - # - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash) - - image: ghcr.io/wg-easy/wg-easy:14 - container_name: wg-easy - volumes: - - ./data:/etc/wireguard - networks: - - caddy - ports: - - "51820:51820/udp" -# - "51821:51821/tcp" - restart: unless-stopped - cap_add: - - NET_ADMIN - - SYS_MODULE - # - NET_RAW # ⚠️ Uncomment if using Podman - sysctls: - - net.ipv4.ip_forward=1 - - net.ipv4.conf.all.src_valid_mark=1 +networks: + caddy: + name: caddy + driver: bridge + external: true + wg: + driver: bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 10.42.42.0/24 + - subnet: fdcc:ad94:bacf:61a3::/64