/wro-1-dkr-wg

wireguard docker sample

MIT LicenseMIT

wireguard docker sample

this repository provide docker compose samples to use wireguard image as server and client in difference to regular use cases, the setup build secure tunnel between containers only.

documentation is fine, to implement my use case took several hours of digging and many attempts. maybe it helps someone else.

compose

edit yaml to fit your preferences.

use id <your user name> to find values for PUID and PGID.

id <your user name>

at first run start just wireguard server, to build configuration files stored in volumne ./config.

docker-compose -f wg-compose.yaml up -d wg-s1

now folder config has been created

please edit peer1.conf

in section [Peer] set Endpoint to IP address of service wg-s1.

edit peer1.conf

Endpoint = 172.24.19.2:51820

to have matching compose yaml and documentation static IP addresses have been assigned to network wgn-secured and to services, let me know in case you have a better way.

:bulp: be aware changing environment variables (SERVERPORT, PEERS, PEERDNS, INTERNAL_SUBNET, ALLOWEDIPS) will trigger rebuild of configuration files

docker-compose -f wg-compose.yaml up -d wg-c1

using #vscode and docker extension, simple Attach shell on service wg-c1

and ping wireguard server

ping 10.16.19.1

client ping server

using #vscode and docker extension, simple Attach shell on service wg-s1

and ping wireguard peer 1

ping 10.16.19.2

server ping client

use wg show to view wireguard tunnel.

wg show

server wireguard show

docker-compose -f wg-compose.yaml up -d
docker-compose -f wg-compose.yaml down

useful commands

wg show
ifconfig
ping 10.16.19.1
ping 10.16.19.2
ping 172.24.19.2
ping 172.24.19.3
ip route show
ip route add ...

linuxserver/docker-wireguard#139

iptables -L -v
date +"%Z %z"
timedatectl list-timezones

wirehark useful addons

in case you want to wireshark container network, following repositories might interest you

digging links