Skip to content

irwinrex/vpn

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
nginx
nginx
 
 
.gitignore
.gitignore
 
 
Dockerfile.nginx
Dockerfile.nginx
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 
vpn.yml
vpn.yml
 
 
vpnWithPiHoelDNS.yml
vpnWithPiHoelDNS.yml
 
 
wg-easy.yml
wg-easy.yml
 
 

Repository files navigation

VPN

VPN

Setting Up Wireguard and Wireguard UI with Docker Compose¶

Introduction to Wireguard and Wireguard UI¶

Wireguard is a modern VPN (Virtual Private Network) software that provides fast and secure connections. The Wireguard UI is a web interface that makes it easier to manage your Wireguard setup.

Docker Compose Configuration for Wireguard and Wireguard UI¶

This Docker Compose setup deploys both Wireguard and Wireguard UI in Docker containers, ensuring a secure, isolated environment for your VPN needs.

Note: Do not use the latest WireGuard image, as it may break the setup. Use the pinned version shown below.

Docker Compose File (docker-compose.yml)¶

version: "3.8"

services:
  wireguard:
    image: linuxserver/wireguard:v1.0.20210914-ls7
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
    volumes:
      - ./config:/config
      - /lib/modules:/lib/modules
    ports:
      - 51820:51820/udp
      - 5000:5000/tcp   # Wireguard UI web access
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    networks:
      vpn_network:
        ipv4_address: 172.31.5.122
    healthcheck:
      test: ["CMD", "dig", "@172.31.5.122", "google.com"]
      interval: 30s
      timeout: 10s
      retries: 5

  wireguard-ui:
    image: ngoduykhanh/wireguard-ui:latest
    container_name: wireguard-ui
    depends_on:
      - wireguard
    cap_add:
      - NET_ADMIN
    network_mode: "service:wireguard"
    volumes:
      - ./db:/app/db
      - ./config:/etc/wireguard

  pihole:
    image: pihole/pihole:latest
    container_name: pihole
    environment:
      - TZ=Etc/UTC
      - WEBPASSWORD=changeme
    networks:
      vpn_network:
        ipv4_address: 172.31.5.123

networks:
  vpn_network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.31.0.0/20

Post Up¶

iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Post Down¶

iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

The "Post Up" command configures iptables rules to allow forwarding of VPN traffic and apply NAT masquerading. The "Post Down" command reverses these rules.

Deployment¶

  1. Save the above Docker Compose configuration in a docker-compose.yml file.
  2. Run:
docker-compose up -d
  1. Access Wireguard UI at http://<server-ip>:5000 and configure your VPN clients.
  2. Pi-hole is available on the static IP 172.31.5.123 inside the custom Docker network.

Notes¶

  • Ensure the subnet 172.31.0.0/20 does not conflict with existing networks.
  • Adjust IP addresses if you deploy multiple services inside the same VPN network.

About

Free VPN for Servers

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors