This is an automated archive.
The original was posted on /r/wireguard by /u/cFiOS on 2024-01-12 19:37:28+00:00.
I am trying to create a simple Docker Compose stack that has a VPN container and service containers (Nextcloud in this example). I would like WireGuard peers/clients to connect and be able to use something like to access the service.
I am trying to keep the stack as small as I can and assumed that I would be able to take advantage of the Docker network that is created to leverage DNS. This isn't working but I can get to my desired service by IP ().
I also tried using a reverse proxy (Caddy) to resolve the hostname to the IP:Port but it wasn't working because of no DNS advertisement.
***
services:
wireguard:
image: ghcr.io/wg-easy/wg-easy
hostname: wireguard
ports:
#- 80:80 # nextcloud
- 51820:51820/udp
- 51821:51821/tcp
environment:
- WG_HOST=$WANIP
- WG_DEFAULT_DNS=10.8.0.1, 9.9.9.9
tmpfs:
- /etc/wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
nextcloud:
image: nextcloud
#network_mode: service:wireguard
A goal is to also be as one-touch as possible which is why I haven't put a DNS container into the stack.