From a1384094f7f79a603fe6565046019d4f9df6a955 Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Thu, 28 Apr 2022 14:04:41 -0700
Subject: [PATCH] Add guest instance of wg-easy

---
 .../config/wireguard/docker-compose.yml       | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/homelab/server/config/wireguard/docker-compose.yml b/homelab/server/config/wireguard/docker-compose.yml
index b70ba0b6..7ce374f2 100644
--- a/homelab/server/config/wireguard/docker-compose.yml
+++ b/homelab/server/config/wireguard/docker-compose.yml
@@ -22,6 +22,28 @@ services:
       - traefik.http.routers.wg-easy.rule=Host(`vpn.jafner.net`)
       - traefik.http.routers.wg-easy.tls.certresolver=lets-encrypt
       - traefik.http.services.wg-easy.loadbalancer.server.port=51821
+  wg-easy-guest:
+    image: weejewel/wg-easy
+    container_name: wireguard_wg-easy_guest
+    restart: unless-stopped
+    env_file:
+      - guest.secret
+    ports:
+      - 53821:51820/udp
+    networks:
+      - web
+    volumes:
+      - ${DOCKER_DATA}/wg-easy-guest:/etc/wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    labels:
+      - traefik.http.routers.wg-easy-guest.rule=Host(`gvpn.jafner.net`)
+      - traefik.http.routers.wg-easy-guest.tls.certresolver=lets-encrypt
+      - traefik.http.services.wg-easy-guest.loadbalancer.server.port=51821
 
 networks:
   web: