-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmain.docker.compose.yml
132 lines (115 loc) · 3.65 KB
/
main.docker.compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#Configure To YOUR Enviornment and RUN
# docker compose -f solo-docker-compose.yml up -d
networks:
private_network:
driver: bridge
driver_opts:
com.docker.network.bridge.enable_icc: "true"
attachable: true
internal: false
ipam:
config:
- subnet: 10.2.0.0/24
services:
dnscrypt:
depends_on: [wiregate]
image: "noxcis/dnscrypt:latest"
restart: unless-stopped
container_name: dnscrypt
volumes:
- ./configs/dnscrypt:/config
networks:
private_network:
ipv4_address: 10.2.0.42
unbound:
depends_on: [dnscrypt]
image: "noxcis/unbound:latest"
container_name: unbound
restart: unless-stopped
hostname: "unbound"
cap_add:
- NET_ADMIN
healthcheck:
test: ["CMD", "drill", "@127.0.0.1", "dnssec.works"]
interval: 30s
timeout: 30s
retries: 3
start_period: 30s
networks:
private_network:
ipv4_address: 10.2.0.200
adguard:
depends_on: [unbound]
container_name: adguard
image: adguard/adguardhome
restart: unless-stopped
hostname: adguard
# Volumes store your data between container upgrades
volumes:
- "./configs/adguard/Data:/opt/adguardhome/work"
- "./configs/adguard:/opt/adguardhome/conf"
networks:
private_network:
ipv4_address: 10.2.0.100
wiregate:
image: noxcis/wiregate:jiaotu-beta-dev-v0.2.3
container_name: wiregate
hostname: wiregate
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
restart: unless-stopped
volumes:
- pf_conf:/WireGate/iptable-rules/
- conf:/etc/wireguard
- db:/WireGate/db
- ./configs/dnscrypt:/WireGate/dnscrypt
- ./configs/tor:/etc/tor/
- ./configs/logs:/WireGate/log/
- ./configs/master-key:/WireGate/master-key
environment:
#Config Path Optional
#- WGDCONF_PATH=/etc/wireguard
#Use Ofuscated Wireguard (AmneziaWG)
- AMNEZIA_WG=true
#Set Timezone
- TZ=America/New_York
#Tor Settings
##########################################################
- WGD_TOR_PROXY=false #Enable Tor
- WGD_TOR_EXIT_NODES={ch} #Ex. {gb},{fr}
- WGD_TOR_DNS_EXIT_NODES={us}
- WGD_TOR_BRIDGES=true #Enable Tor Bridges
- WGD_TOR_PLUGIN=webtunnel #OPTIONS webtunnel, obfs4, snowflake
#WGDashboard Global Settings
##########################################################
- WGD_WELCOME_SESSION=true
- WGD_AUTH_REQ=true
- WGD_USER=admin
- WGD_PASS=admin
- WGD_REMOTE_ENDPOINT=0.0.0.0
- WGD_REMOTE_ENDPOINT_PORT=80
- WGD_PEER_ENDPOINT_ALLOWED_IP=0.0.0.0/0, ::/0
- WGD_KEEP_ALIVE=21
- WGD_MTU=1420
- WGD_PORT_RANGE_STARTPORT=4430
#DNS Setiings (Set To use Containers Above) You can use your own DNS
##########################################################
- WGD_DNS=10.2.0.100
- WGD_IPTABLES_DNS=10.2.0.100
ports:
- "4430-4433:4430-4433/udp" #UDP Interface Listen Ports For Zones
- 8000:80/tcp #Comment Out for full network lockdown, I.E only Accessible via VPN conttenction at http://wire.gate using config in generated master-key folder
sysctls: #Otherwise access the dashboard @ your-sever-ip/domain:6060
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.all.forwarding=1
- net.ipv6.conf.default.forwarding=1
networks:
private_network:
ipv4_address: 10.2.0.3
volumes:
db:
conf:
pf_conf: