From f4745783925a9daa5581cb22a51421ad27106b7a Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Wed, 3 Aug 2022 00:43:17 -0700
Subject: [PATCH] Init vpn.jafner.tools

---
 homelab/jafner-tools/config/wireguard/.env    |  5 ++++
 .../config/wireguard/docker-compose.yml       | 28 +++++++++++++++++++
 homelab/router/README.md                      |  4 ++-
 3 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 homelab/jafner-tools/config/wireguard/.env
 create mode 100644 homelab/jafner-tools/config/wireguard/docker-compose.yml

diff --git a/homelab/jafner-tools/config/wireguard/.env b/homelab/jafner-tools/config/wireguard/.env
new file mode 100644
index 00000000..3cc11829
--- /dev/null
+++ b/homelab/jafner-tools/config/wireguard/.env
@@ -0,0 +1,5 @@
+DOCKER_DATA=/root/data/wireguard
+PASSWORD=***REMOVED***
+WG_HOST=vpn.jafner.tools
+WG_PORT=51820
+WG_DEFAULT_DNS=1.1.1.1
diff --git a/homelab/jafner-tools/config/wireguard/docker-compose.yml b/homelab/jafner-tools/config/wireguard/docker-compose.yml
new file mode 100644
index 00000000..09043602
--- /dev/null
+++ b/homelab/jafner-tools/config/wireguard/docker-compose.yml
@@ -0,0 +1,28 @@
+version: "3"
+services:
+  wg-easy:
+    image: weejewel/wg-easy
+    container_name: wireguard_wg-easy
+    restart: "no"
+    env_file:
+      - .env
+    ports:
+      - 51820:51820/udp
+    networks:
+      - web
+    volumes:
+      - ${DOCKER_DATA}/wg-easy:/etc/wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    labels:
+      - traefik.http.routers.wg-easy.rule=Host(`vpn.jafner.tools`)
+      - traefik.http.routers.wg-easy.tls.certresolver=lets-encrypt
+      - traefik.http.services.wg-easy.loadbalancer.server.port=51821
+
+networks:
+  web:
+    external: true
\ No newline at end of file
diff --git a/homelab/router/README.md b/homelab/router/README.md
index 7f9ba28c..68f7334b 100644
--- a/homelab/router/README.md
+++ b/homelab/router/README.md
@@ -72,4 +72,6 @@ set system login user admin authentication public-keys jafner425@gmail.com
 set system login user admin authentication public-keys jafner425@gmail.com type ssh-rsa
 set system login user admin authentication public-keys jafner425@gmail.com key $KEY_VALUE
 ```
-4. `commit; save; exit`
\ No newline at end of file
+4. `commit; save; exit`
+
+# How to Port-Forward in VyOS