This repository has been archived by the owner on Mar 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yaml
65 lines (63 loc) · 1.8 KB
/
docker-compose.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
services:
wireguard:
image: linuxserver/wireguard
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Zurich
- SERVERURL=$PROXY_SERVER_PUBLIC_URL #optional
- SERVERPORT=51820 #optional
- PEERS=0 #optional
- PEERDNS=auto #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS= #optional
- LOG_CONFS=true #optional
volumes:
- ./volumes/wireguard/data:/config
ports:
# proxy HTTPS port
- $PROXY_PUBLIC_PORT:$PROXY_PORT
# wireguard port
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
networks:
omnia-proxy-network:
ipv4_address: 172.19.0.2
proxy-rs:
profiles: ["tests", "prod"]
build:
context: ./
dockerfile: Dockerfile
image: omnia/proxy-rs
container_name: proxy-rs
depends_on:
- wireguard
restart: unless-stopped
environment:
- ENV=$ENV
- WIREGUARD_CONTAINER_NAME=wireguard
# the ip assigned to wireguard container, since proxy is attached to its network
# the port specified here is the HTTP port exposed by the proxy, to be used by peers in the wireguard network
- PROXY_INTERNAL_ADDRESS=172.19.0.2:8081
- ENABLE_HTTPS=$ENABLE_HTTPS
- HTTPS_CERT_PATH=$HTTPS_CERT_PATH
- HTTPS_KEY_PATH=$HTTPS_KEY_PATH
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./volumes/proxy-rs/data:/proxy/data
- ./volumes/proxy-rs/certs:/proxy/certs
network_mode: service:wireguard
networks:
omnia-proxy-network:
name: omnia-proxy-network
ipam:
driver: default
config:
- subnet: 172.19.0.0/16