version: "3.8"
services:
  wireguard:
    image: weejewel/wg-easy
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    ports:
      - "51820:51820/udp"
    env_file:
      - /etc/ixvd/secrets/env/wg.env
    environment:
      - WG_HOST=link.ixvd.net
      - WG_DEFAULT_DNS=127.0.0.11,9.9.9.9,1.1.1.1
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
    volumes:
      - /srv/wg/config:/etc/wireguard
    networks:
      - proxy