gortium/compose
1
1
Fork 0
Code Issues Pull Requests 18 Actions Packages Projects Releases Wiki Activity

feat: add WireGuard VPN stack (wg-easy) #16

Merged
gortium merged 9 commits from feat/wireguard-vpn into master 2026-05-09 00:11:57 +00:00
Conversation 0 Commits 9 Files Changed 4 +138 -32
Hermes commented 2026-05-04 22:47:36 +00:00
Collaborator
Copy Link

Summary

Add a WireGuard VPN server using weejewel/wg-easy for fast, secure VPN access to the infrastructure.

Details

  • Image: weejewel/wg-easy:latest - lightweight WireGuard server with web UI
  • UDP Port: 51820 (WireGuard protocol)
  • Web UI: Port 51821 for peer management
  • Capabilities: NET_ADMIN + SYS_MODULE required
  • Persistence: Config on NAS at /mnt/HoardingCow_docker_data/WireGuard
  • Network: External vpn_net
  • DNS: Cloudflare + Google (1.1.1.1, 8.8.8.8)
  • Full tunnel: Routes all traffic through VPN
  • Password: Set via WG_PASSWORD env var (from containers.env)

Deployment

  1. Add WG_PASSWORD to containers.env secrets
  2. Create external network: docker network create vpn_net
  3. Rebuild NixOS config (handled by infra PR)

Related

  • Requires infra PR (adds vpn stack to dockerStacks + opens UDP 51820 in firewall)
## Summary Add a WireGuard VPN server using weejewel/wg-easy for fast, secure VPN access to the infrastructure. ## Details - Image: weejewel/wg-easy:latest - lightweight WireGuard server with web UI - UDP Port: 51820 (WireGuard protocol) - Web UI: Port 51821 for peer management - Capabilities: NET_ADMIN + SYS_MODULE required - Persistence: Config on NAS at /mnt/HoardingCow_docker_data/WireGuard - Network: External vpn_net - DNS: Cloudflare + Google (1.1.1.1, 8.8.8.8) - Full tunnel: Routes all traffic through VPN - Password: Set via WG_PASSWORD env var (from containers.env) ## Deployment 1. Add WG_PASSWORD to containers.env secrets 2. Create external network: docker network create vpn_net 3. Rebuild NixOS config (handled by infra PR) ## Related - Requires infra PR (adds vpn stack to dockerStacks + opens UDP 51820 in firewall)
Hermes added 1 commit 2026-05-04 22:47:37 +00:00
feat: add WireGuard VPN stack with wg-easy 293429a124
Hermes added 1 commit 2026-05-05 01:18:05 +00:00
fix: switch to linuxserver/wireguard instead of wg-easy 4a57ca69b2
Hermes added 1 commit 2026-05-05 01:21:35 +00:00
feat: add WireGuard VPN stack (wg-easy, named wireguard) eea6db3ceb
Hermes added 1 commit 2026-05-05 01:43:43 +00:00
feat: add custom Hermes Dockerfile with WireGuard tools b021d0dba7
Hermes added 1 commit 2026-05-05 01:48:24 +00:00
feat: enable NET_ADMIN for Hermes container to support WireGuard acf45acdd9
Hermes added 1 commit 2026-05-05 02:11:41 +00:00
chore: clean up WireGuard from Hermes Dockerfile, keep custom build bc49391b4f
gortium added 3 commits 2026-05-05 03:13:58 +00:00
Commented webui for now. now using it d9f62652cb
Commeneted nomadnet for now. not usingit. 51cf83c420
Merge remote-tracking branch 'origin/feat/wireguard-vpn' into HEAD 434b2835ff
gortium merged commit 2fa481909f into master 2026-05-09 00:11:57 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Hermes gortium
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gortium/compose#16
No description provided.
Delete Branch "feat/wireguard-vpn"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?