Rocky通过Docker部署WireGuard

erballoon 2025-02-23 软件教程

宿主机载入指定的模块

vi /etc/modules-load.d/iptables.conf

写入以下两行

ip_tables
iptable_nat

 

通过Docker-Compose运行容器

services:
  wg_easy:
    image: weejewel/wg-easy
    container_name: wg_easy
    environment:
      WG_HOST: x.x.x.x #服务器公网IP
      PASSWORD: xxxx #网页管理端密码
      WG_DEFAULT_ADDRESS: 172.26.34.x #虚拟局域网网段
      WG_DEFAULT_DNS: 211.138.180.3, 211.138.180.2 #客户端DNS
      WG_PERSISTENT_KEEPALIVE: 30
      WG_ALLOWED_IPS: 172.26.34.0/24, 192.168.1.0/24 #允许访问IP
    volumes:
      - ./.wg-easy:/etc/wireguard
    networks:
      - network
    ports:
      - "21820:51820/udp" #可以修改默认端口
      - "21821:51821/tcp" #可以修改默认端口
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv4.ip_forward=1
    restart: always
networks:
  network:
    external: false

 

THE END
分享
二维码
海报
Rocky通过Docker部署WireGuard
宿主机载入指定的模块 vi /etc/modules-load.d/iptables.conf 写入以下两行 ip_tables iptable_nat   通过Docker-Compose运行容器 services: wg_easy……