From a0b4b1ce43bd2725f1705427998ca689bb340cde Mon Sep 17 00:00:00 2001 From: Giorgio Ravera Date: Tue, 20 Jan 2026 19:17:40 +0100 Subject: [PATCH] Split the two wg-easy services --- .../{docker-compose.yaml => wg-guest.yaml} | 42 ----------------- wg-easy/wg-home.yaml | 45 +++++++++++++++++++ 2 files changed, 45 insertions(+), 42 deletions(-) rename wg-easy/{docker-compose.yaml => wg-guest.yaml} (50%) create mode 100644 wg-easy/wg-home.yaml diff --git a/wg-easy/docker-compose.yaml b/wg-easy/wg-guest.yaml similarity index 50% rename from wg-easy/docker-compose.yaml rename to wg-easy/wg-guest.yaml index 5970da8..5e6df02 100644 --- a/wg-easy/docker-compose.yaml +++ b/wg-easy/wg-guest.yaml @@ -1,45 +1,4 @@ services: - wg-home: - container_name: wg-home - image: ghcr.io/wg-easy/wg-easy:15 - restart: always - ports: - #- "51821:51821/tcp" # Web UI home - - "51820:51820/udp" # WireGuard home - environment: - - TZ=${DOCKER_TZ} - - INSECURE=true - volumes: - - ${DOCKER_CFG_DIR}/wg-easy/home:/etc/wireguard - - /lib/modules:/lib/modules:ro - networks: - - wireguard - cap_add: - - NET_ADMIN - - SYS_MODULE - # - NET_RAW # Uncomment if using Podman - sysctls: - - net.ipv4.ip_forward=1 - - net.ipv4.conf.all.src_valid_mark=1 - - net.ipv6.conf.all.disable_ipv6=0 - - net.ipv6.conf.all.forwarding=1 - - net.ipv6.conf.default.forwarding=1 - labels: - - "traefik.enable=true" - # Router: HTTP - - "traefik.http.routers.wg-home.entrypoints=http" - - "traefik.http.routers.wg-home.rule=Host(`wg-home.giorgioravera.it`)" - - "traefik.http.routers.wg-home.middlewares=wg-home-https-redirect" - # Router: HTTPS - - "traefik.http.routers.wg-home-secure.entrypoints=https" - - "traefik.http.routers.wg-home-secure.rule=Host(`wg-home.giorgioravera.it`)" - - "traefik.http.routers.wg-home-secure.tls=true" - - "traefik.http.routers.wg-home-secure.service=wg-home" - # Middlewares: Redirect http to https - - "traefik.http.middlewares.wg-home-https-redirect.redirectscheme.scheme=https" - # Services: Loadbalancer - - "traefik.http.services.wg-home.loadbalancer.server.port=51821" - wg-guest: container_name: wg-guest image: ghcr.io/wg-easy/wg-easy:15 @@ -82,6 +41,5 @@ services: - "traefik.http.services.wg-guest.loadbalancer.server.port=51821" networks: - #proxy: wireguard: external: true diff --git a/wg-easy/wg-home.yaml b/wg-easy/wg-home.yaml new file mode 100644 index 0000000..210257e --- /dev/null +++ b/wg-easy/wg-home.yaml @@ -0,0 +1,45 @@ +services: + wg-home: + container_name: wg-home + image: ghcr.io/wg-easy/wg-easy:15 + restart: always + ports: + #- "51821:51821/tcp" # Web UI home + - "51820:51820/udp" # WireGuard home + environment: + - TZ=${DOCKER_TZ} + - INSECURE=true + volumes: + - ${DOCKER_CFG_DIR}/wg-easy/home:/etc/wireguard + - /lib/modules:/lib/modules:ro + networks: + - wireguard + cap_add: + - NET_ADMIN + - SYS_MODULE + # - NET_RAW # Uncomment if using Podman + sysctls: + - net.ipv4.ip_forward=1 + - net.ipv4.conf.all.src_valid_mark=1 + - net.ipv6.conf.all.disable_ipv6=0 + - net.ipv6.conf.all.forwarding=1 + - net.ipv6.conf.default.forwarding=1 + labels: + - "traefik.enable=true" + # Router: HTTP + - "traefik.http.routers.wg-home.entrypoints=http" + - "traefik.http.routers.wg-home.rule=Host(`wg-home.giorgioravera.it`)" + - "traefik.http.routers.wg-home.middlewares=wg-home-https-redirect" + # Router: HTTPS + - "traefik.http.routers.wg-home-secure.entrypoints=https" + - "traefik.http.routers.wg-home-secure.rule=Host(`wg-home.giorgioravera.it`)" + - "traefik.http.routers.wg-home-secure.tls=true" + - "traefik.http.routers.wg-home-secure.service=wg-home" + # Middlewares: Redirect http to https + - "traefik.http.middlewares.wg-home-https-redirect.redirectscheme.scheme=https" + # Services: Loadbalancer + - "traefik.http.services.wg-home.loadbalancer.server.port=51821" + +networks: + wireguard: + external: true -- 2.47.3