forked from wg-easy/wg-easy
-
Notifications
You must be signed in to change notification settings - Fork 0
通过 Nginx SSL 使用 WireGuard Easy Chinese
Flypig edited this page Mar 1, 2023
·
3 revisions
这是一个关于如何将 WireGuard Easy Chinese 与 nginx 结合使用以在 HTTPS 域(例如 https://wg-easy.myhomelab.com)上访问它的示例。
version: "3.8"
services:
wg-easy:
environment:
# ⚠️ Change the server's hostname (clients will connect to):
- WG_HOST=wg-easy.myhomelab.com
# ⚠️ Change the Web UI Password:
- PASSWORD=foobar123
image: flypigcn/wg-easy-cn
container_name: wg-easy-cn
hostname: wg-easy-cn
volumes:
- ~/.wg-easy:/etc/wireguard
ports:
- "51820:51820/udp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
nginx:
image: weejewel/nginx-with-certbot
container_name: nginx
hostname: nginx
volumes:
- ~/.nginx/servers/:/etc/nginx/servers/
- ./.nginx/letsencrypt/:/etc/letsencrypt/
ports:
- "80:80/tcp"
- "443:443/tcp"
restart: unless-stoppedserver {
server_name ⚠️wg-easy.myhomelab.com;
location / {
proxy_pass http://wg-easy:51821/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}
}
保存这些文件,编辑标有 ⚠️ 的变量并在同一目录下运行docker compose up -d 。
然后运行一次:
$ docker exec -it nginx /bin/sh
cd /etc/nginx/servers/
cp wg-easy.conf /etc/nginx/conf.d/.
$ certbot --nginx --non-interactive --agree-tos -m [email protected] -d ⚠️wg-easy.myhomelab.com
$ nginx -s reload
$ exit当然,请确保使用 DNS A 记录或 DynamicDNS 或任何其他方法将 wg-easy.myhomelab.com 指向您服务器的 IP 地址。 确保端口80、443、51820 可用(例如,通过在路由器中转发它们)。
就是这样!