背景

2024-02-28T09:34:37.png

2024-02-28T09:33:58.png

过程

目录

mkdir -p /opt/wireguard_and_wgdashboard

docker-compose文件

version: '3.3'
services:
  wireguard_and_wgdashboard:
    container_name: wireguard_and_wgdashboard
    image: harbor.test.stesh.cn/linuxserver/wireguard_and_wgdashboard:20240228
    privileged: true
    build:
      context: ./wgdashboard/src
      dockerfile: Dockerfile
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - "net.ipv4.conf.all.src_valid_mark=1"
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Asia/Shanghai
      - SERVERURL=192.168.124.164
      - SERVERPORT=51820
      - PEERS=1
      - PEERDNS=auto
      - INTERNAL_SUBNET=9.8.0.0
      - ALLOWEDIPS=0.0.0.0/0
      - PERSISTENTKEEPALIVE_PEERS=
      - LOG_CONFS=true
    networks:
      wireguard-network:
        ipv4_address: 172.18.0.12
    ports:
      - '51820:51820/udp'
      - '10086:10086/tcp'
    volumes:
      - './wireguard/config:/config'
      - '/lib/modules:/lib/modules'
      - './wgdashboard/db:/app/src/db'
      - './wgdashboard/log:/app/src/log'
    restart: always

networks:
  wireguard-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.18.0.0/24

Dockerfile

cat <<'EOF'>/opt/wireguard_and_wgdashboard/wgdashboard/src/Dockerfile
FROM harbor.test.stesh.cn/linuxserver/wireguard

COPY src/wgdashboard/ /app/
RUN mkdir /etc/s6-overlay/s6-rc.d/svc-wgdashboard/

RUN apk add --no-cache python3 py3-pip

RUN cd /app/src && \
    ls -al && \
    python3 -m pip install -U pip -i https://mirrors.ustc.edu.cn/pypi/web/simple  && \
    python3 -m pip install -U -r requirements.txt -i https://mirrors.ustc.edu.cn/pypi/web/simple

COPY wg-dashboard.ini /app/src/

EOF

文件修改

cat <<'EOF'>/opt/wireguard_and_wgdashboard/build/wg-dashboard.ini 
[Account]
username=admin
password=xxx
[Server]
wg_conf_path=/config
app_ip=0.0.0.0
app_port=10086
auth_req=true
version=v3.0.6
dashboard_refresh_interval=60000
dashboard_sort=status
[Peers]
peer_global_dns=223.5.5.5
peer_endpoint_allowed_ip=0.0.0.0/0
peer_display_mode=grid
remote_endpoint=xxx
peer_mtu=1280
peer_keep_alive=21
EOF

系统路由等开机自启动命令

cat <<'EOF'>/root/userinit.sh
#!/bin/bash


ip rule delete fwmark 0x1 table 200
ip rule add fwmark 0x1 table 200

ip route delete default
ip route add default via 192.168.124.1 dev ens18 table 200
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t mangle -F
iptables -t mangle -A PREROUTING -p udp --sport 51820 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p udp --sport 51820 -j MARK --set-mark 1
cd /opt/ ; docker-compose up -d; sleep 3
docker exec wireguard_and_wgdashboard bash -c "cd /app/src; gunicorn --access-logfile log/access.log --error-logfile log/error.log 'dashboard:run_dashboard()'"

EOF

chmod a+x /root/init.sh

cat <<'EOF'>/etc/systemd/system/userinit.service
[Unit]
Description=userinit
Wants=network-online.target
After=network-online.target
[Service]
Type=simple
ExecStart=/opt/wireguard_and_wgdashboard/userinit.sh
[Install]
WantedBy=multi-user.target
EOF

sudo systemctl enable userinit.service
sudo systemctl start userinit.service

效果

2024-02-28T09:37:06.png

参考

https://github.com/donaldzou/WGDashboard
https://www.wireguard.com/

最后修改:2024 年 05 月 11 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏