From: Giorgio Ravera <giorgio.ravera@gmail.com>
Date: Tue, 20 Jan 2026 18:17:40 +0000 (+0100)
Subject: Split the two wg-easy services
X-Git-Url: http://git.giorgioravera.it/?a=commitdiff_plain;h=a0b4b1ce43bd2725f1705427998ca689bb340cde;p=docker.git

Split the two wg-easy services
---

diff --git a/wg-easy/docker-compose.yaml b/wg-easy/docker-compose.yaml
deleted file mode 100644
index 5970da8..0000000
--- a/wg-easy/docker-compose.yaml
+++ /dev/null
@@ -1,87 +0,0 @@
-services:
-  wg-home:
-    container_name: wg-home
-    image: ghcr.io/wg-easy/wg-easy:15
-    restart: always
-    ports:
-      #- "51821:51821/tcp"   # Web UI home
-      - "51820:51820/udp"   # WireGuard home
-    environment:
-      - TZ=${DOCKER_TZ}
-      - INSECURE=true
-    volumes:
-      - ${DOCKER_CFG_DIR}/wg-easy/home:/etc/wireguard
-      - /lib/modules:/lib/modules:ro
-    networks:
-      - wireguard
-    cap_add:
-      - NET_ADMIN
-      - SYS_MODULE
-      # - NET_RAW # Uncomment if using Podman
-    sysctls:
-      - net.ipv4.ip_forward=1
-      - net.ipv4.conf.all.src_valid_mark=1
-      - net.ipv6.conf.all.disable_ipv6=0
-      - net.ipv6.conf.all.forwarding=1
-      - net.ipv6.conf.default.forwarding=1
-    labels:
-      - "traefik.enable=true"
-      # Router: HTTP
-      - "traefik.http.routers.wg-home.entrypoints=http"
-      - "traefik.http.routers.wg-home.rule=Host(`wg-home.giorgioravera.it`)"
-      - "traefik.http.routers.wg-home.middlewares=wg-home-https-redirect"
-      # Router: HTTPS
-      - "traefik.http.routers.wg-home-secure.entrypoints=https"
-      - "traefik.http.routers.wg-home-secure.rule=Host(`wg-home.giorgioravera.it`)"
-      - "traefik.http.routers.wg-home-secure.tls=true"
-      - "traefik.http.routers.wg-home-secure.service=wg-home"
-      # Middlewares: Redirect http to https
-      - "traefik.http.middlewares.wg-home-https-redirect.redirectscheme.scheme=https"
-      # Services: Loadbalancer
-      - "traefik.http.services.wg-home.loadbalancer.server.port=51821"
-
-  wg-guest:
-    container_name: wg-guest
-    image: ghcr.io/wg-easy/wg-easy:15
-    restart: always
-    ports:
-      #- "51821:51821/tcp"   # Web UI guest
-      - "51821:51821/udp"   # WireGuard guest
-    environment:
-      - TZ=${DOCKER_TZ}
-      - INSECURE=true
-    volumes:
-      - ${DOCKER_CFG_DIR}/wg-easy/guest:/etc/wireguard
-      - /lib/modules:/lib/modules:ro
-    networks:
-      - wireguard
-    cap_add:
-      - NET_ADMIN
-      - SYS_MODULE
-      # - NET_RAW # Uncomment if using Podman
-    sysctls:
-      - net.ipv4.ip_forward=1
-      - net.ipv4.conf.all.src_valid_mark=1
-      - net.ipv6.conf.all.disable_ipv6=0
-      - net.ipv6.conf.all.forwarding=1
-      - net.ipv6.conf.default.forwarding=1
-    labels:
-      - "traefik.enable=true"
-      # Router: HTTP
-      - "traefik.http.routers.wg-guest.entrypoints=http"
-      - "traefik.http.routers.wg-guest.rule=Host(`wg-guest.giorgioravera.it`)"
-      - "traefik.http.routers.wg-guest.middlewares=wg-guest-https-redirect"
-      # Router: HTTPS
-      - "traefik.http.routers.wg-guest-secure.entrypoints=https"
-      - "traefik.http.routers.wg-guest-secure.rule=Host(`wg-guest.giorgioravera.it`)"
-      - "traefik.http.routers.wg-guest-secure.tls=true"
-      - "traefik.http.routers.wg-guest-secure.service=wg-guest"
-      # Middlewares: Redirect http to https
-      - "traefik.http.middlewares.wg-guest-https-redirect.redirectscheme.scheme=https"
-      # Services: Loadbalancer
-      - "traefik.http.services.wg-guest.loadbalancer.server.port=51821"
-
-networks:
-  #proxy:
-  wireguard:
-    external: true
diff --git a/wg-easy/wg-guest.yaml b/wg-easy/wg-guest.yaml
new file mode 100644
index 0000000..5e6df02
--- /dev/null
+++ b/wg-easy/wg-guest.yaml
@@ -0,0 +1,45 @@
+services:
+  wg-guest:
+    container_name: wg-guest
+    image: ghcr.io/wg-easy/wg-easy:15
+    restart: always
+    ports:
+      #- "51821:51821/tcp"   # Web UI guest
+      - "51821:51821/udp"   # WireGuard guest
+    environment:
+      - TZ=${DOCKER_TZ}
+      - INSECURE=true
+    volumes:
+      - ${DOCKER_CFG_DIR}/wg-easy/guest:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    networks:
+      - wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+      # - NET_RAW # Uncomment if using Podman
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv6.conf.all.disable_ipv6=0
+      - net.ipv6.conf.all.forwarding=1
+      - net.ipv6.conf.default.forwarding=1
+    labels:
+      - "traefik.enable=true"
+      # Router: HTTP
+      - "traefik.http.routers.wg-guest.entrypoints=http"
+      - "traefik.http.routers.wg-guest.rule=Host(`wg-guest.giorgioravera.it`)"
+      - "traefik.http.routers.wg-guest.middlewares=wg-guest-https-redirect"
+      # Router: HTTPS
+      - "traefik.http.routers.wg-guest-secure.entrypoints=https"
+      - "traefik.http.routers.wg-guest-secure.rule=Host(`wg-guest.giorgioravera.it`)"
+      - "traefik.http.routers.wg-guest-secure.tls=true"
+      - "traefik.http.routers.wg-guest-secure.service=wg-guest"
+      # Middlewares: Redirect http to https
+      - "traefik.http.middlewares.wg-guest-https-redirect.redirectscheme.scheme=https"
+      # Services: Loadbalancer
+      - "traefik.http.services.wg-guest.loadbalancer.server.port=51821"
+
+networks:
+  wireguard:
+    external: true
diff --git a/wg-easy/wg-home.yaml b/wg-easy/wg-home.yaml
new file mode 100644
index 0000000..210257e
--- /dev/null
+++ b/wg-easy/wg-home.yaml
@@ -0,0 +1,45 @@
+services:
+  wg-home:
+    container_name: wg-home
+    image: ghcr.io/wg-easy/wg-easy:15
+    restart: always
+    ports:
+      #- "51821:51821/tcp"   # Web UI home
+      - "51820:51820/udp"   # WireGuard home
+    environment:
+      - TZ=${DOCKER_TZ}
+      - INSECURE=true
+    volumes:
+      - ${DOCKER_CFG_DIR}/wg-easy/home:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    networks:
+      - wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+      # - NET_RAW # Uncomment if using Podman
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv6.conf.all.disable_ipv6=0
+      - net.ipv6.conf.all.forwarding=1
+      - net.ipv6.conf.default.forwarding=1
+    labels:
+      - "traefik.enable=true"
+      # Router: HTTP
+      - "traefik.http.routers.wg-home.entrypoints=http"
+      - "traefik.http.routers.wg-home.rule=Host(`wg-home.giorgioravera.it`)"
+      - "traefik.http.routers.wg-home.middlewares=wg-home-https-redirect"
+      # Router: HTTPS
+      - "traefik.http.routers.wg-home-secure.entrypoints=https"
+      - "traefik.http.routers.wg-home-secure.rule=Host(`wg-home.giorgioravera.it`)"
+      - "traefik.http.routers.wg-home-secure.tls=true"
+      - "traefik.http.routers.wg-home-secure.service=wg-home"
+      # Middlewares: Redirect http to https
+      - "traefik.http.middlewares.wg-home-https-redirect.redirectscheme.scheme=https"
+      # Services: Loadbalancer
+      - "traefik.http.services.wg-home.loadbalancer.server.port=51821"
+
+networks:
+  wireguard:
+    external: true