connectivity

1---
2# WireGuard VPN Service
3# {{ ansible_managed }}
4
5version: '{{ connectivity_docker_compose_version }}'
6
7services:
8  {{ connectivity_wireguard_container_name }}:
9    image: {{ connectivity_wireguard_image }}:{{ connectivity_wireguard_image_tag }}
10    container_name: {{ connectivity_wireguard_container_name }}
11    restart: {{ connectivity_default_restart_policy }}
12    cap_add:
13      - NET_ADMIN
14      - SYS_MODULE
15    sysctls:
16      - net.ipv4.ip_forward=1
17      - net.ipv4.conf.all.src_valid_mark=1
18    volumes:
19      - {{ connectivity_docker_base_path }}/wireguard/config:/etc/wireguard
20    ports:
21      - "{{ connectivity_wireguard_port }}:{{ connectivity_wireguard_port }}/udp"
22      - "{{ connectivity_wireguard_web_port }}:51821/tcp"
23    environment:
24      - WG_HOST={{ connectivity_wireguard_host }}
25      - PASSWORD={{ connectivity_wireguard_password }}
26      - WG_DEFAULT_DNS={{ connectivity_wireguard_dns }}
27      - WG_DEFAULT_ADDRESS={{ connectivity_wireguard_subnet }}
28      - WG_ALLOWED_IPS={{ connectivity_wireguard_default_allowed_ips }}
29      - WG_PERSISTENT_KEEPALIVE={{ connectivity_wireguard_default_persistent_keepalive }}
30      - WG_PORT={{ connectivity_wireguard_port }}
31    logging:
32      driver: {{ connectivity_log_driver }}
33      options:
34        max-size: {{ connectivity_log_max_size }}
35        max-file: "{{ connectivity_log_max_file }}"
36    labels:
37      - com.connectivity.service=wireguard
38      - com.connectivity.type=vpn
39      - com.connectivity.port={{ connectivity_wireguard_port }}