WireGuard Easy

WireGuard Easy

[SSO] VPN Service

WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

🏠 Home: https://www.wireguard.com/
📜 Source: https://github.com/WeeJeWel/wg-easy

name: wg-easy
services:
  wg-easy:
    image: ghcr.io/wg-easy/wg-easy:14
    container_name: wg-easy
    hostname: wireguard-easy
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      WG_HOST: vpn.${MYDOMAIN} # The public hostname of your VPN server
      # PASSWORD: ${ADMIN_PASSWORD} # When set, requires a password when logging in to the Web UI -> Disabled, Authelia SSO is configured
      # WG_DEFAULT_DNS: 1.1.1.1,8.8.8.8 # DNS server clients will use
      WG_DEFAULT_DNS: ${MAIN_NODE_IP} # DNS server clients will use
      WG_DEFAULT_ADDRESS: 10.8.0.x # Clients IP address range
      # WG_ALLOWED_IPS: "0.0.0.0/0,::/0" # Allowed IPs clients will use
      WG_ALLOWED_IPS: "192.168.0.0/16" # Allowed IPs clients will use
    ports:
      - 51820:51820/udp # VPN
    volumes:
      - ${DOCKER_VOLUMES}/wg-easy:/etc/wireguard
    networks:
      - proxy
    labels:
      traefik.enable: true
      traefik.http.routers.wireguard.entrypoints: websecure
      traefik.http.routers.wireguard.rule: Host(`vpn.${MYDOMAIN}`)
      traefik.http.routers.wireguard.middlewares: https-local-auth@file
      traefik.http.services.wireguard.loadbalancer.server.port: 51821
      homepage.group: Security
      homepage.name: WireGuard Easy
      homepage.icon: wireguard.png
      homepage.href: https://vpn.${MYDOMAIN}/
      homepage.description: "[SSO] VPN Service"

networks:
  proxy:
    external: true