selfhosted-apps-docker/wg-easy/readme.md
2024-06-08 09:32:59 +02:00

2.2 KiB

wg-easy

guide-by-example

logo

Purpose & Overview

Web GUI for Wireguard VPN.

Wireguard is the best VPN solution right now. But its not noob friendly or easy.
WG-easy tries to solve this.

Written in javascript.

Files and directory structure

/home/
└── ~/
    └── docker/
        └── wg-easy/
            ├── 🗁 wireguard_data/
            ├── 🗋 .env
            └── 🗋 docker-compose.yml
  • wireguard_data/ - a directory with wireguard config files
  • .env - a file containing environment variables for docker compose
  • docker-compose.yml - a docker compose file, telling docker how to run the container

Compose

docker-compose.yml

services:

  wg-easy:
    image: ghcr.io/wg-easy/wg-easy:13
    container_name: wg-easy
    hostname: wg-easy
    restart: unless-stopped
    env_file: .env
    volumes:
      - ./wireguard_data:/etc/wireguard
    ports:
      - "51820:51820/udp"  # vpn traffic
      - "51821:51821"      # web interface
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1

networks:
  default:
    name: $DOCKER_MY_NETWORK
    external: true

.env

# GENERAL
DOCKER_MY_NETWORK=caddy_net
TZ=Europe/Bratislava

#WG-EASY
WG_HOST=vpn.example.com           # can also be just public IP
PASSWORD=supersecretpassword
WG_PORT=51820
WG_DEFAULT_ADDRESS=10.221.221.x
WG_ALLOWED_IPS=192.168.1.0/24
WG_DEFAULT_DNS=

DNS is set to null, otherwise issues.

Reverse proxy

Caddy v2 is used, details here.

Caddyfile

vpn.{$MY_DOMAIN} {
    reverse_proxy wg-easy:51821
}

First run

loginpic

Login with the password from the .env file.
Add user, download config, use it.

Trouble shooting

Update

Manual image update:

  • docker compose pull
  • docker compose up -d
  • docker image prune