feat: Added wg-easy

dist/wg-easy/.env.template

@@ -0,0 +1,5 @@
+BASE_DOMAIN=example.com
+SERVICE_DOMAIN=wg-easy.example.com
+
+WG_NETWORK_SUBNET=10.42.42.0/24
+WG_NETWORK_ADDRESS=10.42.42.42

dist/wg-easy/compose.yaml

@@ -0,0 +1,41 @@
+services:
+  wg-easy:
+
+    image: ghcr.io/wg-easy/wg-easy:15
+    container_name: wg-easy
+    networks:
+      traefik-network: {}
+      wg:
+        ipv4_address: ${WG_NETWORK_ADDRESS}
+    volumes:
+      - ./etc_wireguard:/etc/wireguard
+      - /lib/modules:/lib/modules:ro
+    environment:
+      - WG_HOST=${SERVICE_DOMAIN}
+    ports:
+      - "51820:51820/udp"
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.ip_forward=1
+      - net.ipv4.conf.all.src_valid_mark=1
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wg-easy.rule=Host(`${SERVICE_DOMAIN}`)"
+      - "traefik.http.routers.wg-easy.entrypoints=https"
+      - "traefik.http.routers.wg-easy.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.wg-easy-service.service=wg-easy"
+      - "traefik.http.services.wg-easy-service.loadbalancer.server.port=51821"
+
+networks:
+  traefik-network:
+    external: true
+  wg:
+    driver: bridge
+    enable_ipv6: false
+    ipam:
+      driver: default
+      config:
+        - subnet: ${WG_NETWORK_SUBNET}