This commit is contained in:
Emile Nijssen 2021-05-23 15:55:50 +02:00
parent 30f56510e6
commit f266f168da
4 changed files with 66 additions and 17 deletions

9
.wg-easy/wg0.conf Normal file
View File

@ -0,0 +1,9 @@
# Note: Do not edit this file directly.
# Your changes will be overwritten!
# Server
[Interface]
PrivateKey = 8JtWwlHvx4ogphP601ABdvNFXbd1noCd+Sn9fg19jWA=
Address = 10.8.0.1/24
ListenPort = 51820

8
.wg-easy/wg0.json Normal file
View File

@ -0,0 +1,8 @@
{
"server": {
"privateKey": "8JtWwlHvx4ogphP601ABdvNFXbd1noCd+Sn9fg19jWA=",
"publicKey": "065+jEZi4CMWbwSCrixByy3D+haZR2e+kjmxMq6h+EY=",
"address": "10.8.0.1"
},
"clients": {}
}

View File

@ -1,36 +1,42 @@
# WireGuard Easy
## Usage
## Installation
### 1. Install Docker
Make sure you have [Docker](https://docs.docker.com/get-docker/) installed.
### 2. Configure
```bash
$ docker run \
--name wg-easy \
--env WG_HOST=192.168.1.2 \
--mount type=bind,source="$(pwd)",target=/etc/wireguard \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart=unless-stopped \
-p 51820:51820/udp \
-p 51821:51821/tcp \
weejewel/wg-easy
# Create a directory for the configuration files
$ mkdir ~/wg-easy
$ cd ~/wg-easy
$ curl https://raw.githubusercontent.com/WeeJeWel/wg-easy/master/docker-compose.yml
$ open docker-compose.yml
```
The Web UI will be available on `http://0.0.0.0:51821`. By default, it doesn't require a password.
Then change `WG_HOST=raspberrypi.local` to your server's public address, e.g. `WG_HOST=vpn.mydomain.com`.
> Configuration files will be stored in `~/.wg-easy/` on your host.
Optionally, set a Web UI password by uncommenting `PASSWORD=foobar123` and change the password.
### 3. Run
```bash
$ docker compose up
```
The Web UI will be available on `http://0.0.0.0:51821`. You can create new clients there.
## Options
Set options by appending them to the `docker run` command. For example, add `--env PASSWORD=foobar123` to set a password.
These options can be configured in `docker-compose.yml` under `environment`.
| Env | Default | Example | Description |
| - | - | - | - |
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server |
| `WG_PORT` | `51820` | `51820` | The public UDP port of your VPN server |
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use |
> If you change `WG_PORT`, make sure to also change the exposed port in the `docker run` command.
> If you change `WG_PORT`, make sure to also change the exposed port.

26
docker-compose.yml Normal file
View File

@ -0,0 +1,26 @@
version: "3.8"
services:
wg-easy:
image: weejewel/wg-easy
container_name: wg-easy
volumes:
- .wg-easy:/etc/wireguard
ports:
- "51820:51820/udp"
- "51821:51821/tcp"
restart: unless-stopped
environment:
# ⚠️ Required:
# Change this to your host's public address
- WG_HOST=raspberrypi.local
# Optional:
# - PASSWORD=foobar123
# - WG_PORT=51820
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1