WireGuard docker compose: Difference between revisions
(Created page with " Docker Compose File (docker-compose.yml) version: '3.8' services: wg-easy: image: ghcr.io/wg-easy/wg-easy # The Docker image to use. container_name: wg-easy # Name of the container. environment: # Environment variables to configure the instance. - LANG=en # Language settings. - WG_HOST=<Your IP/Domain> # Public IP or domain name where WG-Easy is accessible. - PASSWORD_HASH='<...") |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 27: | Line 27: | ||
Password Hash Generator | |||
Original Hash: | |||
$2a$12$uytPvpKbI3W10N5KDBhDr.lEb6XEuO.HKTdHUDWg4Bq5Z/GvukdCm | |||
Docker-Compose Ready: | |||
$$2a$$12$$uytPvpKbI3W10N5KDBhDr.lEb6XEuO.HKTdHUDWg4Bq5Z/GvukdCm | |||
Key Configuration Details | |||
Environment Variables: | |||
- LANG: Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi | |||
- WG_HOST: Specifies the public IP or DNS name where the WireGuard server can be accessed. | |||
- PASSWORD_HASH: Replace <🚨YOUR_ADMIN_PASSWORD_HASH> with a bcrypt password hash for accessing the WG-Easy web interface. | |||
- See How to generate a bcrypt hash for instructions on creating the hash. | |||
- PORT and WG_PORT: Define the ports for the web interface and WireGuard respectively. | |||
- Volumes: Maps a local directory (wg-easy/) to the container's configuration directory (/etc/wireguard). This is where WG-Easy will store its configuration files. | |||
- Capabilities (cap_add): NET_ADMIN and SYS_MODULE are necessary for WG-Easy to manage network interfaces and routes effectively within the container. | |||
- Sysctls: Settings like net.ipv4.ip_forward enable IP forwarding, which is crucial for routing packets through the VPN. | |||
Latest revision as of 12:45, 30 March 2025
Docker Compose File (docker-compose.yml)
version: '3.8'
services:
wg-easy:
image: ghcr.io/wg-easy/wg-easy # The Docker image to use.
container_name: wg-easy # Name of the container.
environment: # Environment variables to configure the instance.
- LANG=en # Language settings.
- WG_HOST=<Your IP/Domain> # Public IP or domain name where WG-Easy is accessible.
- PASSWORD_HASH='<🚨YOUR_ADMIN_PASSWORD_HASH>' # Bcrypt hash for Web UI login.
- PORT=51821 # Port for the web interface.
- WG_PORT=51820 # WireGuard port for VPN traffic.
volumes:
- ./wg-easy/:/etc/wireguard # Volume mapping for WireGuard configuration files.
ports:
- "51820:51820/udp" # UDP port used by WireGuard.
- "51821:51821/tcp" # TCP port for accessing the web interface.
cap_add: # Capabilities required for managing networking features.
- NET_ADMIN
- SYS_MODULE
sysctls: # Kernel parameters that need to be set for WireGuard.
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
restart: unless-stopped # Ensures the container restarts automatically unless manually stopped.
Password Hash Generator
Original Hash:
$2a$12$uytPvpKbI3W10N5KDBhDr.lEb6XEuO.HKTdHUDWg4Bq5Z/GvukdCm
Docker-Compose Ready:
$$2a$$12$$uytPvpKbI3W10N5KDBhDr.lEb6XEuO.HKTdHUDWg4Bq5Z/GvukdCm
Key Configuration Details
Environment Variables:
- LANG: Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi
- WG_HOST: Specifies the public IP or DNS name where the WireGuard server can be accessed.
- PASSWORD_HASH: Replace <🚨YOUR_ADMIN_PASSWORD_HASH> with a bcrypt password hash for accessing the WG-Easy web interface.
- See How to generate a bcrypt hash for instructions on creating the hash. - PORT and WG_PORT: Define the ports for the web interface and WireGuard respectively.
- Volumes: Maps a local directory (wg-easy/) to the container's configuration directory (/etc/wireguard). This is where WG-Easy will store its configuration files.
- Capabilities (cap_add): NET_ADMIN and SYS_MODULE are necessary for WG-Easy to manage network interfaces and routes effectively within the container.
- Sysctls: Settings like net.ipv4.ip_forward enable IP forwarding, which is crucial for routing packets through the VPN.