From 8ec62f5ac0801eaea7f1aaa29da0e00bb924daf8 Mon Sep 17 00:00:00 2001
From: tylen <tylen@vm-personal.com>
Date: Sun, 23 Mar 2025 22:28:45 +0000
Subject: [PATCH] services: add vpn

---
 services/openvpn/docker-compose.yml   | 18 ------------------
 services/services.yaml                | 12 ++++++++++++
 services/wireguard/.env               |  1 +
 services/wireguard/docker-compose.yml | 21 +++++++++++++++++++++
 4 files changed, 34 insertions(+), 18 deletions(-)
 delete mode 100644 services/openvpn/docker-compose.yml
 create mode 100644 services/wireguard/.env
 create mode 100644 services/wireguard/docker-compose.yml

diff --git a/services/openvpn/docker-compose.yml b/services/openvpn/docker-compose.yml
deleted file mode 100644
index aaa1bc8..0000000
--- a/services/openvpn/docker-compose.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-version: '3.8'
-
-services:
-  openvpn:
-    image: openvpn/openvpn-as:latest
-    container_name: openvpn
-    cap_add:
-      - MKNOD
-      - NET_ADMIN
-    devices:
-      - /dev/net/tun
-    ports:
-      - "192.168.100.58:943:943"
-      - "192.168.100.58:443:443"
-      - "192.168.100.58:1194:1194/udp"
-    volumes:
-      - /home/vm-user/remote-apps/openvpn:/openvpn
-    restart: unless-stopped
diff --git a/services/services.yaml b/services/services.yaml
index 096e46b..2f35f13 100644
--- a/services/services.yaml
+++ b/services/services.yaml
@@ -2,6 +2,10 @@ defaultServiceValues: &defaultServiceValues
   composeFile: "docker-compose.yml"
   envFile: ".env"
 
+vm-network-100-75: &vm-network-100-75
+  ip: "192.168.100.75"
+  user: vm-user
+
 vm-tools-100-65: &vm-tools-100-65
   ip: "192.168.100.65"
   user: vm-user
@@ -32,3 +36,11 @@ services:
     host:
       <<: *vm-tools-100-65
     <<: *defaultServiceValues
+
+  - name: "wireguard"
+    ports:
+      - 51820
+      - 5182
+    host:
+      <<: *vm-network-100-75
+    <<: *defaultServiceValues
diff --git a/services/wireguard/.env b/services/wireguard/.env
new file mode 100644
index 0000000..cce5b59
--- /dev/null
+++ b/services/wireguard/.env
@@ -0,0 +1 @@
+CONFIG_PATH="/home/vm-user/remote-apps/wireguard/etc"
\ No newline at end of file
diff --git a/services/wireguard/docker-compose.yml b/services/wireguard/docker-compose.yml
new file mode 100644
index 0000000..5f85586
--- /dev/null
+++ b/services/wireguard/docker-compose.yml
@@ -0,0 +1,21 @@
+services:
+  wg-easy:
+    image: ghcr.io/wg-easy/wg-easy:latest
+    container_name: wg-easy
+    environment:
+      - PASSWORD_HASH=$$2a$$12$$OJUgCywoc/JuPvTO4hOzi.6toYnROQWdqYxnYCf5FSw2WSeygQF9K
+      - WG_HOST=wireguard.davydovcloud.com
+      - PEERDNS=auto
+    volumes:
+      - ${CONFIG_PATH}:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    ports:
+      - "${SVC_PORT_1}:51820/udp"
+      - "${SVC_PORT_2}:51821/tcp"
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
\ No newline at end of file