wireguardvpn
VPN Wireguard VPN
version: '3'
services:
wg-easy:
image: ghcr.io/wg-easy/wg-easy
container_name: wg-easy
environment:
WG_HOST: 47.239.214.124 # 替换为服务器公网 IP:ml-citation{ref="3" data="citationList"}
PASSWORD_HASH: "fcf7bb6d546cfb82d2e55486984ae7a1862a666acb441e0cf8b4ed34a4fcf9d7" # Web 管理界面密码(支持明文):ml-citation{ref="3" data="citationList"}
WG_DEFAULT_ADDRESS: 10.8.0.x # 客户端 IP 分配段:ml-citation{ref="1,3" data="citationList"}
WG_DEFAULT_DNS: 8.8.8.8 # 客户端默认 DNS:ml-citation{ref="3" data="citationList"}
ports:
- "51820:51820/udp" # WireGuard 通信端口:ml-citation{ref="1" data="citationList"}
- "51821:51821/tcp" # Web 管理界面端口:ml-citation{ref="3" data="citationList"}
volumes:
- /opt/wg-easy:/etc/wireguard # 配置文件持久化存储:ml-citation{ref="1,3" data="citationList"}
devices:
- "/dev/net/tun:/dev/net/tun" # 挂载 TUN 设备:ml-citation{ref="3" data="citationList"}
cap_add:
- NET_ADMIN # 网络权限:ml-citation{ref="3" data="citationList"}
sysctls:
- net.ipv4.ip_forward=1 # 启用 IP 转发:ml-citation{ref="3" data="citationList"}
restart: unless-stopped
tip
- 系统Linux内核大于5.4
echo -n "Admin@2025" | sha256sum | awk '{print $1}' 密文密码
- 验证命令:访问 http://服务器IP:51821,输入预设密码登录管理界面
# 检查服务端状态
docker exec wg-easy wg show:ml-citation{ref="3" data="citationList"}
# Mac 端测试
ping 10.8.0.1 # 服务端内网 IP:ml-citation{ref="3" data="citationList"}
curl ifconfig.me # 验证出口 IP 是否变为服务器 IP:ml-citation{ref="1,3" data="citationList"}