venus/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
95e27e1debeeb4d61763908733c555de4c0d87c9
homelab/compose.yml
venus 95e27e1deb adding wg-easy and integrating network stack
2026-03-31 22:00:49 -05:00

63 lines
2.1 KiB
YAML
Raw Blame History

# compose.yml
# Primary compose file, used to manage the traefik and other network related modules
# Other compose files to be run named and used my service
services:
traefik: # This is the proxy for all other services. Using labels it dynamically secures reverse proxies to other containters
image: traefik:v3.6
container_name: traefik
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "./letsencrypt:/letsencrypt"
- "./traefik.yml:/etc/traefik/traefik.yml:ro" # sets the traefik.yml file as the options file for configuring proxy settings
networks:
- traefik
wg-easy:
image: ghcr.io/wg-easy/wg-easy
container_name: wg-easy
restart: unless-stopped
volumes:
- ./etc_wireguard:/etc/wireguard
environment:
# Required settings
- WG_HOST=wg.riverrooks.dev
# Optional settings
- WG_PORT=51820 # WireGuard UDP port
- WG_DEFAULT_DNS=1.1.1.1
- WG_ALLOWED_IPS=10.8.0.0/24
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
# Ports: We map the VPN port (UDP) directly to the host.
# The Web UI (51821) is handled by Traefik labels instead.
ports:
- "51820:51820/udp"
networks:
- traefik
labels:
# since by default containers are disabled, we need to enable them
- "traefik.enable=true"
# Set a rule for which hostnames will connect
- "traefik.http.routers.wg-easy.rule=Host(`wg.riverrooks.dev`)"
# declare an antrypoint. Websecure is defined in the traefik.yml file
- "traefik.http.routers.wg-easy.entrypoints=websecure"
# declare the certificate resolver. Also defined in traefik.yml file
- "traefik.http.routers.wg-easy.tls.certresolver=basic-letsencrypt"
# set the port which will be proxied to the address
- "traefik.http.services.wg-easy.loadbalancer.server.port=51821"
networks:
traefik:
external: true
Reference in New Issue View Git Blame Copy Permalink