From cd20970ae73c24bf0fc007a382f9814874cf0b51 Mon Sep 17 00:00:00 2001
From: PorridgePi <kunbao2006@126.com>
Date: Thu, 15 Sep 2022 12:49:19 +0100
Subject: [PATCH] wg-easy: Initial commit

---
 wg-easy/.env.example       |  5 +++++
 wg-easy/docker-compose.yml | 39 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100755 wg-easy/.env.example
 create mode 100644 wg-easy/docker-compose.yml

diff --git a/wg-easy/.env.example b/wg-easy/.env.example
new file mode 100755
index 0000000..c946a8c
--- /dev/null
+++ b/wg-easy/.env.example
@@ -0,0 +1,5 @@
+WG_HOST=vpn_domain_goes_here
+WG_DOMAIN=web_ui_domain_goes_here
+WG_PASSWORD=password_goes_here
+WG_PORT=51820
+WG_DEFAULT_DNS=dns_servers_go_here
diff --git a/wg-easy/docker-compose.yml b/wg-easy/docker-compose.yml
new file mode 100644
index 0000000..ede24a3
--- /dev/null
+++ b/wg-easy/docker-compose.yml
@@ -0,0 +1,39 @@
+version: "3.9"
+
+networks:
+  public:
+    external: true
+  dns_net:
+    external: true
+
+services:
+  wg-easy:
+    image: weejewel/wg-easy
+    container_name: wg-easy
+    restart: always
+    environment:
+      - WG_HOST=${WG_HOST}
+      - PASSWORD=${WG_PASSWORD}
+      - WG_PORT=${WG_PORT}
+      - WG_DEFAULT_DNS=${WG_DEFAULT_DNS}
+    volumes:
+      - "./data:/etc/wireguard"
+    ports:
+      - "${WG_PORT}:51820/udp"
+      # - "51821:51821/tcp"
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+    networks:
+      - public
+      - dns_net
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wg.rule=Host(`${WG_DOMAIN}`)"
+      - "traefik.http.routers.wg.service=wg-service"
+      - "traefik.http.services.wg-service.loadbalancer.server.port=51821"
+      - "traefik.http.routers.wg.tls=true"
+      - "traefik.http.routers.wg.tls.certresolver=le"