wirehole/docker-compose.yml at master · Forgision/wirehole · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
version: "3"

networks:
  private_network:
    ipam:
      driver: default
      config:
        - subnet: 10.2.0.0/24

services:
  adguard:
    container_name: adguard
    image: "adguard/adguardhome"
    restart: always
    hostname: adguard-home-dns
    restart: always
    dns:
      - 127.0.0.1
      - 1.1.1.1
    environment:
      TZ: 'Asia/Kolkata'
    ports:
      - "3000:3000/tcp"
      - "53:53/tcp"
      - "53:53/udp"
      - "80:80/tcp"
      - "443:443/tcp"
      - "853:853/tcp"
    volumes:
      - "./volumes/adguard/work:/opt/adguardhome/work"
      - "./volumes/adguard/conf:/opt/adguardhome/conf"
    cap_add:
      - NET_ADMIN
    networks:
      private_network:
        ipv4_address: 10.2.0.8

  unbound:
    image: "mvance/unbound:latest"
    container_name: unbound
    restart: always
    hostname: "unbound"
    volumes:
      - "./volumes/unbound:/opt/unbound/etc/unbound/"
    networks:
      private_network:
        ipv4_address: 10.2.0.4

  dnscrypt:
    image: zydou/dnscrypt
    container_name: dnscrypt
    ports:
        - 5353:5353/udp
    volumes:
      - "./dnscrypt-proxy.toml:/etc/dnscrypt-proxy/dnscrypt-proxy.toml"
    restart: always
    networks:
      private_network:
        ipv4_address: 10.2.0.7

  pihole:
    depends_on: [unbound, dnscrypt]
    container_name: pihole
    image: pihole/pihole:latest
    restart: always
    hostname: pihole
    dns:
      - 127.0.0.1
      - 10.2.0.8
    environment:
      TZ: "Asia/Kolkata"
      WEBPASSWORD: "lenovo@g560" # Blank password - Can be whatever you want.
      ServerIP: 10.1.0.100 # Internal IP of pihole
      DNS1: 10.2.0.4 # Unbound IP
      DNS2: 10.2.0.7#5353 # dnscrypt
    ports:
      - "8080:80/tcp"
    volumes:
      - "./volumes/pihole/etc-pihole/:/etc/pihole/"
      - "./volumes/pihole/etc-dnsmasq.d/:/etc/dnsmasq.d/"
    cap_add:
      - NET_ADMIN
    networks:
      private_network:
        ipv4_address: 10.2.0.5

  wireguard:
    depends_on: [adguard, pihole]
    image: linuxserver/wireguard
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Asia/Kolkata # Change to your timezone
      - SERVERPORT=51820
      - SERVERURL=oracle-wirehole-s.duckdns.org #optional - For use with DDNS (Uncomment to use)
      - PEERS=5 # How many peers to generate for you (clients)
      - PEERDNS=10.2.0.8 # Set it to point to pihole
      - INTERNAL_SUBNET=10.6.0.0

    volumes:
      - ./volumes/wireguard:/config
      - ./volumes/wireguard/lib/modules:/lib/modules
    ports:
      - "51820:51820/udp"
    dns:
      - 10.2.0.8 # Points to adguard
      - 10.2.0.5 # Points to pihole
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1

    restart: always
    networks:
      private_network:
        ipv4_address: 10.2.0.3

  portainer:
    depends_on: [wireguard]
    container_name: portainer
    image: portainer/portainer-ce
    restart: always
    ports:
      - "9090:9000"
    command: -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./volumes/portainer:/data
    networks:
      private_network:
        ipv4_address: 10.2.0.6