version: "3" services: wg-easy: image: weejewel/wg-easy container_name: wireguard_wg-easy restart: unless-stopped env_file: - .secret ports: - 53820:51820/udp networks: - web volumes: - ${DOCKER_DATA}/wg-easy:/etc/wireguard cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.ip_forward=1 labels: - traefik.http.routers.wg-easy.rule=Host(`vpn.jafner.net`) - traefik.http.routers.wg-easy.tls.certresolver=lets-encrypt - traefik.http.services.wg-easy.loadbalancer.server.port=51821 wg-easy-guest: image: weejewel/wg-easy container_name: wireguard_wg-easy_guest restart: unless-stopped env_file: - guest.secret ports: - 53821:51820/udp networks: - web volumes: - ${DOCKER_DATA}/wg-easy-guest:/etc/wireguard cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.ip_forward=1 labels: - traefik.http.routers.wg-easy-guest.rule=Host(`gvpn.jafner.net`) - traefik.http.routers.wg-easy-guest.tls.certresolver=lets-encrypt - traefik.http.services.wg-easy-guest.loadbalancer.server.port=51821 networks: web: external: true