From 351e442b3e0a2b210fb25f5cae8674263d1d0e78 Mon Sep 17 00:00:00 2001
From: Derek Cooper <cooperd12003@msn.com>
Date: Sun, 3 May 2026 00:25:31 -0700
Subject: [PATCH] Created Wireguard Gateway

---
 Wireguard-Gateway/.env.example             | 23 ++++++++++++++++++++
 Wireguard-Gateway/docker-compose-bind.yaml | 25 ++++++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 Wireguard-Gateway/.env.example
 create mode 100644 Wireguard-Gateway/docker-compose-bind.yaml

diff --git a/Wireguard-Gateway/.env.example b/Wireguard-Gateway/.env.example
new file mode 100644
index 0000000..7f679c3
--- /dev/null
+++ b/Wireguard-Gateway/.env.example
@@ -0,0 +1,23 @@
+# User/group ID to run the container process as — match your host user (run: id)
+WIREGUARD_PUID=1000
+
+# Group ID to run the container process as — match your host group (run: id)
+WIREGUARD_PGID=1000
+
+# Timezone for the container — e.g. America/New_York, America/Chicago, UTC
+WIREGUARD_TZ=America/Los_Angeles
+
+# Public hostname or IP clients will connect to — must be reachable from the internet
+WIREGUARD_SERVERURL=vpn.example.com
+
+# Number of peers to generate, or a comma-separated list of names e.g. phone,laptop,tablet
+WIREGUARD_PEERS=1
+
+# DNS server pushed to peers — use "auto" for CoreDNS, or a specific IP e.g. 1.1.1.1
+WIREGUARD_DNS=auto
+
+# Internal VPN subnet — clients will get IPs from this range
+WIREGUARD_SUBNET=192.168.100.0
+
+# Linux username whose home directory holds the config volume (used in the volume path)
+WIREGUARD_USERNAME=youruser
diff --git a/Wireguard-Gateway/docker-compose-bind.yaml b/Wireguard-Gateway/docker-compose-bind.yaml
new file mode 100644
index 0000000..1adf453
--- /dev/null
+++ b/Wireguard-Gateway/docker-compose-bind.yaml
@@ -0,0 +1,25 @@
+services:
+  app:
+    image: lscr.io/linuxserver/wireguard:latest
+    container_name: wireguard-gateway
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    environment:
+      - PUID=${WIREGUARD_PUID}
+      - PGID=${WIREGUARD_PGID}
+      - TZ=${WIREGUARD_TZ}
+      - SERVERURL=${WIREGUARD_SERVERURL}
+      - SERVERPORT=51820
+      - PEERS=${WIREGUARD_PEERS}
+      - PEERDNS=${WIREGUARD_DNS}
+      - INTERNAL_SUBNET=${WIREGUARD_SUBNET}
+    volumes:
+      - /home/${WIREGUARD_USERNAME}/docker/wireguard-gateway/config:/config
+      - /lib/modules:/lib/modules
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    restart: unless-stopped
\ No newline at end of file