wstunnel that works

MarcPartensky · Jun 4, 2024 · f866c4e · f866c4e
1 parent 8445d6c
commit f866c4e
Showing 1 changed file with 85 additions and 0 deletions.
diff --git a/services/wstunnel.yml b/services/wstunnel.yml
@@ -0,0 +1,85 @@
+version: "3.9"
+services:
+  # wstunnel:
+  #   image: node:alpine
+  #   container_name: wstunnel
+  #   entrypoint: sh -c "
+  #     npm i -g wstunnel &&
+  #     wstunnel -s 0.0.0.0:8000
+  #     "
+  #   networks:
+  #     - postgres
+  #     - caddy
+  #     - vpn
+  #   # network_mode: host
+  #   labels:
+  #     traefik.enable: "true"
+  #     traefik.http.services.wstunnel.loadbalancer.server.port: 8000
+  #     traefik.http.routers.wstunnel.rule: >
+  #       Host(`wss.marcpartensky.com`)
+  #     traefik.http.routers.wstunnel.entrypoints: web
+    # docker run --rm -d -p 2244:2244 mhzed/wstunnel -t 0.0.0.0:2244:target.ip:22 wss://server.com
+  wstunnel:
+    image: ghcr.io/erebe/wstunnel:latest
+    # image: ghcr.io/erebe/wstunnel:latest
+    container_name: wstunnel
+    # entrypoint: sh -c "
+    #   npm i -g wstunnel &&
+    #   wstunnel -s 0.0.0.0:8000
+    #   "
+    # entrypoint: ["./wstunnel", "server", "wss://[::]:8000"]
+    entrypoint: ["./wstunnel", "server", "ws://[::]:8000"]
+    networks:
+      - postgres
+      - caddy
+      - vpn
+    # network_mode: host
+    labels:
+      traefik.enable: "true"
+      traefik.http.services.wstunnel.loadbalancer.server.port: 8000
+      traefik.http.routers.wstunnel.rule: Host(`wss.marcpartensky.com`)
+      traefik.http.routers.wstunnel.entrypoints: web
+
+  wg-easy:
+    image: ghcr.io/wg-easy/wg-easy
+    restart: unless-stopped
+    container_name: wg-easy
+    environment:
+      LANG: fr
+      WG_HOST: wireguard.marcpartensky.com
+      # PASSWORD: ZTQ5MjAyZTM2Y2JlYjMxY2FmMWYzZTE2
+      PORT: 80
+      WG_PORT: 51820
+      WG_ALLOWED_IPS: "0.0.0.0/0, ::/0"
+      UI_TRAFFIC_STATS: true
+    volumes:
+      - ../data/wg-easy:/etc/wireguard
+    ports:
+      - 51820:51820/udp
+      - 51080:80/tcp
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    networks:
+      vpn:
+        ipv4_address: 172.42.42.42
+    labels:
+      traefik.enable: "true"
+      traefik.http.services.wg-easy.loadbalancer.server.port: 80
+      traefik.http.routers.wg-easy.rule: Host(`wg.marcpartensky.com`)
+      traefik.http.routers.wg-easy.entrypoints: web
+      traefik.http.routers.dbdesigner.middlewares: ldap_auth
+
+networks:
+  vpn:
+    ipam:
+      config:
+        - subnet: 172.42.42.0/24
+          gateway: 172.42.42.1
+  postgres:
+    external: true
+  caddy:
+    external: true