Docker Compose ¶
You can run wg-access-server using the following example Docker Compose file.
Checkout the configuration docs to learn how wg-access-server can be configured.
Please also read the Docker instructions for general information regarding Docker deployments.
version: "3.0"
services:
wg-access-server:
# to build the docker image from the source
# build:
# dockerfile: Dockerfile
# context: .
image: ghcr.io/freifunkmuc/wg-access-server:latest
container_name: wg-access-server
cap_add:
- NET_ADMIN
sysctls:
net.ipv6.conf.all.disable_ipv6: 0
net.ipv6.conf.all.forwarding: 1
volumes:
- "wg-access-server-data:/data"
# - "./config.yaml:/config.yaml" # if you have a custom config file
environment:
- "WG_ADMIN_PASSWORD=${WG_ADMIN_PASSWORD:?\n\nplease set the WG_ADMIN_PASSWORD environment variable:\n export WG_ADMIN_PASSWORD=example\n}"
- "WG_WIREGUARD_PRIVATE_KEY=${WG_WIREGUARD_PRIVATE_KEY:?\n\nplease set the WG_WIREGUARD_PRIVATE_KEY environment variable:\n export WG_WIREGUARD_PRIVATE_KEY=$(wg genkey)\n}"
# - "WG_VPN_CIDRV6=0" # to disable IPv6
ports:
- "8000:8000/tcp"
- "51820:51820/udp"
devices:
- "/dev/net/tun:/dev/net/tun"
# shared volumes with the host
volumes:
wg-access-server-data:
driver: local
IPv4-only (without IPv6) ¶
version: "3.0"
services:
wg-access-server:
image: ghcr.io/freifunkmuc/wg-access-server:latest
container_name: wg-access-server
cap_add:
- NET_ADMIN
volumes:
- "wg-access-server-data:/data"
environment:
- "WG_ADMIN_PASSWORD=${WG_ADMIN_PASSWORD:?\n\nplease set the WG_ADMIN_PASSWORD environment variable:\n export WG_ADMIN_PASSWORD=example\n}"
- "WG_WIREGUARD_PRIVATE_KEY=${WG_WIREGUARD_PRIVATE_KEY:?\n\nplease set the WG_WIREGUARD_PRIVATE_KEY environment variable:\n export WG_WIREGUARD_PRIVATE_KEY=$(wg genkey)\n}"
- "WG_VPN_CIDRV6=0" # to disable IPv6
ports:
- "8000:8000/tcp"
- "51820:51820/udp"
devices:
- "/dev/net/tun:/dev/net/tun"
volumes:
wg-access-server-data:
driver: local