-
Notifications
You must be signed in to change notification settings - Fork 93
/
Copy pathDockerfile.stretch
32 lines (24 loc) · 963 Bytes
/
Dockerfile.stretch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
FROM debian:stretch
# Add debian unstable repo for wireguard packages
RUN echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list && \
printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
# Install wireguard packges
RUN apt-get update && \
apt-get install -y --no-install-recommends wireguard-tools iptables nano net-tools procps openresolv inotify-tools && \
apt-get clean
# Add main work dir to PATH
WORKDIR /scripts
ENV PATH="/scripts:${PATH}"
# Use iptables masquerade NAT rule
ENV IPTABLES_MASQ=1
# Watch for changes to interface conf files (default off)
ENV WATCH_CHANGES=0
# Copy scripts to containers
COPY install-module /scripts
COPY run /scripts
COPY genkeys /scripts
RUN chmod 755 /scripts/*
# Wirguard interface configs go in /etc/wireguard
VOLUME /etc/wireguard
# Normal behavior is just to run wireguard with existing configs
CMD ["run"]