-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathdocker-compose.yml
More file actions
35 lines (35 loc) · 1.13 KB
/
docker-compose.yml
File metadata and controls
35 lines (35 loc) · 1.13 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
services:
amneziawg:
# Use the pre-built image from GitHub Packages
image: ghcr.io/ayastrebov/docker-amneziawg:latest
container_name: amneziawg
# If you want to build locally instead, you can uncomment the following
# lines and comment out the image line above.
# build:
# context: .
# dockerfile: Dockerfile
restart: unless-stopped
# Grant necessary capabilities for network management
cap_add:
- NET_ADMIN
- SYS_MODULE
# Grant permission to modify necessary kernel parameters.
# This is the secure way to handle the permissions needed by wg-quick.
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.all.disable_ipv6=0
devices:
- /dev/net/tun
volumes:
# Mount your local WireGuard configuration file
- ./awg0.conf:/etc/wireguard/awg0.conf
# Health check configuration
healthcheck:
test: ["CMD", "awg", "show"]
interval: 30s
timeout: 10s
retries: 3
start_period: 10s
# The command to run inside the container, specifying the interface name
command: awg0