50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
services:
|
|
wireguard:
|
|
image: lscr.io/linuxserver/wireguard:latest
|
|
container_name: wireguard
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
environment:
|
|
- PUID=1000
|
|
- PGID=1000
|
|
- TZ=UTC
|
|
volumes:
|
|
- ./wireguard-config:/config
|
|
- /lib/modules:/lib/modules:ro
|
|
sysctls:
|
|
- net.ipv4.ip_forward=1
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "ping", "-c", "1", "10.0.0.1"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
start_period: 30s
|
|
networks:
|
|
vpn_net:
|
|
ipv4_address: 172.32.0.2
|
|
traefik_portal:
|
|
|
|
traefik:
|
|
image: traefik:v3.0
|
|
container_name: traefik
|
|
restart: unless-stopped
|
|
depends_on:
|
|
wireguard:
|
|
condition: service_healthy
|
|
network_mode: service:wireguard
|
|
volumes:
|
|
- ./traefik:/etc/traefik
|
|
- ./letsencrypt:/letsencrypt
|
|
|
|
networks:
|
|
vpn_net:
|
|
driver: bridge
|
|
ipam:
|
|
config:
|
|
- subnet: 172.32.0.0/24
|
|
traefik_portal:
|
|
driver: bridge
|