awesome/dockerfiles
1
0
Fork 0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-11-24 08:52:15 +02:00
Code Issues Releases Activity

add wireguard

Browse Source
This commit is contained in:
kev 2019-07-10 04:08:34 +08:00
parent 79e13d6dde
commit a4dd96bf5a
5 changed files with 75 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -240,6 +240,7 @@ A collection of delicious docker recipes.
- [x] strongswan :+1:
- [x] tinc :+1:
- [x] tinc-arm :+1:
- [x] wiregurad :beetle:
- [x] xl2tpd
## DNS

13
wireguard/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
#
# Dockerfile for wireguard-arm
#
FROM arm32v7/alpine:edge
MAINTAINER EasyPi Software Foundation
RUN apk add --no-cache coreutils iptables wireguard-tools
EXPOSE 51820/udp
CMD ["wg", "--help"]

39
wireguard/README.md Normal file
View File

@ -0,0 +1,39 @@
wireguard
=========
## Install Kernel Module
```bash
$ apt update
$ apt install -y dirmngr raspberrypi-kernel-headers
$ echo 'deb http://deb.debian.org/debian/ unstable main' > /etc/apt/sources.list.d/unstable-wireguard.list
$ printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' > /etc/apt/preferences.d/limit-unstable
$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC
$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
$ apt update
$ apt install -y wireguard-dkms
$ modprobe wireguard
$ lsmod | grep wireguard
```
## Generate Keys
```bash
$ umask 077
$ wg genkey | tee privatekey | wg pubkey > publickey
```
## Create Config
```ini
[Interface]
Address = 192.168.32.1/24
ListenPort = 51820
PrivateKey = SMDPkZPE6R9VyqT3ucxE5v//GnIzzruYC0MPD5efr3w=
PostUp = iptables -t nat -A POSTROUTING -s 192.168.32.0/24 -j MASQUERADE; iptables -t filter -A FORWARD -j ACCEPT
PreDown = iptables -t nat -D POSTROUTING -s 192.168.32.0/24 -j MASQUERADE; iptables -t filter -D FORWARD -j ACCEPT
# [Peer]
# PublicKey = VMK48tEcTLBwzxS+2gx3MH4IRlE7upTKPkYIE/xa7S0=
# AllowedIPs = 192.168.32.2/32
```

10
wireguard/data/wg0.conf Normal file
View File

@ -0,0 +1,10 @@
[Interface]
Address = 192.168.32.1/24
ListenPort = 51820
PrivateKey = kNX2ozKebAlSd8P7mbRnm5RPT1/1l9DF05Nes9yjJ3o=
PostUp = iptables -t nat -A POSTROUTING -s 192.168.32.0/24 -j MASQUERADE; iptables -t filter -A FORWARD -j ACCEPT
PreDown = iptables -t nat -D POSTROUTING -s 192.168.32.0/24 -j MASQUERADE; iptables -t filter -D FORWARD -j ACCEPT
[Peer]
PublicKey = vrNjkdY8PT7AFcWr87uhrwuPPDgzNh1KA9zkyRiQSRM=
AllowedIPs = 192.168.32.2/32

12
wireguard/docker-compose.yml Normal file
View File

@ -0,0 +1,12 @@
wireguard:
image: easypi/wireguard-arm
command: ["sh", "-c", "wg-quick up wg0 && sleep infinity"]
ports:
- "51820:51820/udp"
volumes:
- ./data:/etc/wireguard
- /lib/modules:/lib/modules
cap_add:
- NET_ADMIN
- SYS_MODULE
restart: unless-stopped