35 lines
732 B
YAML
35 lines
732 B
YAML
version: '3.7'
|
|
services:
|
|
wireguard:
|
|
image: lscr.io/linuxserver/wireguard:latest
|
|
deploy:
|
|
mode: replicated
|
|
replicas: 1
|
|
restart_policy:
|
|
condition: any
|
|
delay: 30s
|
|
placement:
|
|
constraints:
|
|
- node.labels.POWER == true
|
|
volumes:
|
|
- /mnt/nfs/wireguard:/config
|
|
- /lib/modules:/lib/modules
|
|
ports:
|
|
- 51821:51820/udp
|
|
environment:
|
|
- TZ=Europe/Paris
|
|
- SERVERURL=vpn.bhasher.com
|
|
- SERVERPORT=51821
|
|
- PEERS=5
|
|
- PEERDNS=auto
|
|
- INTERNAL_SUBNET=10.13.14.0
|
|
- ALLOWEDIPS=0.0.0.0/0
|
|
cap_add:
|
|
- NET_ADMIN
|
|
- SYS_MODULE
|
|
sysctls:
|
|
- net.ipv4.conf.all.src_valid_mark=1
|
|
depends_on:
|
|
- system_keepalived
|
|
- system_nfs
|