Docker/Wireguard-Tor-Tunnel
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7a776455101ae5d14ec6d74d3cec0d6af62fb6cb
Wireguard-Tor-Tunnel/docker-compose.yaml
johan 7a77645510 initial release
2025-10-05 13:32:48 +01:00

43 lines
1.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
version: "3.9"
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wg-gateway
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
ports:
- "51820:51820/udp"
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
# --- Auto-generate server + peers ---
- SERVERURL=<your.public.ip.or.domain> # or "auto" if supported by your env
- SERVERPORT=51820
- PEERS=phone,ipad,laptop # names or a number, e.g. "3"
- INTERNAL_SUBNET=10.66.0.0 # /24 is implied by the image
- ALLOWEDIPS=0.0.0.0/0 # road-warrior: route all traffic
- PEERDNS=10.66.0.1 # optional; we force-redirect DNS anyway
- LOG_CONFS=true # see the generated peer QR codes in logs
sysctls:
net.ipv4.ip_forward: "1"
net.ipv6.conf.all.disable_ipv6: "1"
net.ipv4.conf.all.src_valid_mark: "1"
volumes:
- ./wireguard:/config # WireGuard configs live here
- /lib/modules:/lib/modules # helps with kernel modules
# our startup script that applies Tor iptables rules inside WG's namespace
- ./custom-init:/custom-cont-init.d:ro
tor:
build: ./tor # same Dockerfile/torrc from earlier
container_name: tor
network_mode: "service:wg-gateway" # share WGs network namespace
depends_on:
- wireguard
restart: unless-stopped
Reference in New Issue View Git Blame Copy Permalink