Newbie with docker compose

DIKING · November 25, 2023, 3:18am

Hi everyone, I’m looking to make a vpn stack in docker with wgeasy and pihole. The issue is that it seems that WG_DEFAULT_DNS = pihole doesn’t work at all, even if pihole and wgeasy being on the same network ? Here is my docker compose :

version: "3"
services:
  wgeasy:
    image: weejewel/wg-easy
    network_mode: wireguard
    container_name: wireguard
    ports:
      - ###############
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
    volumes:
      - ./########/wireguard:/etc/wireguard
    environment:
      - WG_HOST=#############
      - PASSWORD=######################
      - WG_ALLOWED_IPS=0.0.0.0/0
      - WG_KEEP_ALIVE=15
      - WG_DEFAULT_DNS=pihole
      - WG_POST_UP=iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
      - WG_POST_DOWN=iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
    restart: unless-stopped

  pihole:
      container_name: pihole
      image: pihole/pihole:latest
      ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      environment:
        WEBPASSWORD: #############
      volumes:
        - './##########/pihole:/etc/pihole'
      restart: unless-stopped
      network_mode: wireguard

I’ve also tried assigning a specific ip to my pihole container but it’s seems that it doesn’t want me to do it, I got the following error :

Container wireguard Started Error response from daemon: user specified IP address is supported only when connecting to networks with user configured subnets

And here is the docker compose :

version: "3"
services:
  wgeasy:
    image: weejewel/wg-easy
    network_mode: wireguard
    container_name: wireguard
    ports:
      - ###############
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
    volumes:
      - ./########/wireguard:/etc/wireguard
    environment:
      - WG_HOST=#############
      - PASSWORD=######################
      - WG_ALLOWED_IPS=0.0.0.0/0
      - WG_KEEP_ALIVE=15
      - WG_DEFAULT_DNS=192.168.16.3
      - WG_POST_UP=iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
      - WG_POST_DOWN=iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
    restart: unless-stopped

  pihole:
      container_name: pihole
      image: pihole/pihole:latest
      ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp"
      environment:
        WEBPASSWORD: #############
      volumes:
        - './##########/pihole:/etc/pihole'
      restart: unless-stopped
      networks:
        wireguard:
          ipv4_address: 192.168.16.3

networks:
  wireguard:
    external: true

Thank in advance everyone !