mirror
/
docker-documentation
kopia lustrzana https://github.com/linuxserver/docker-documentation
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Bot Updating Documentation

pull/120/head
LinuxServer-CI 2023-05-23 13:43:41 +00:00
rodzic 5c59d0b52b
commit 8d3de0e86d
1 zmienionych plików z 9 dodań i 0 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

9
images/docker-wireguard.md
Wyświetl plik

@ -46,6 +46,10 @@ During container start, it will first check if the wireguard module is already i
This can be run as a server or a client, based on the parameters used.
## Note on iptables
Some hosts may not load the iptables kernel modules by default. In order for the container to be able to load them, you need to assign the `SYS_MODULE` capability and add the optional `/lib/modules` volume mount. Alternatively you can `modprobe` them from the host before starting the container.
## Server Mode
If the environment variable `PEERS` is set to a number or a list of strings separated by comma, the container will run in server mode and the necessary server and peer/client confs will be generated. The peer/client config qr codes will be output in the docker log if `LOG_CONFS` is set to `true`. They will also be saved in text and png format under `/config/peerX` in case `PEERS` is a variable and an integer or `/config/peer_X` in case a list of names was provided instead of an integer.
@ -116,6 +120,7 @@ services:
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=1000
- PGID=1000
@ -130,6 +135,7 @@ services:
- LOG_CONFS=true #optional
volumes:
- /path/to/appdata/config:/config
- /lib/modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
@ -143,6 +149,7 @@ services:
docker run -d \
--name=wireguard \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE `#optional` \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
@ -156,6 +163,7 @@ docker run -d \
-e LOG_CONFS=true `#optional` \
-p 51820:51820/udp \
-v /path/to/appdata/config:/config \
-v /lib/modules:/lib/modules `#optional` \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart unless-stopped \
lscr.io/linuxserver/wireguard:latest
@ -193,6 +201,7 @@ Docker images are configured using parameters passed at runtime (such as those a
| Volume | Function |
| :----: | --- |
| `/config` | Contains all relevant configuration files. |
| `/lib/modules` | Host kernel modules for situations where they're not already loaded. |
#### Miscellaneous Options