Docker Arguments when deploy

1

Hi, i recently trying to deploy wg-easy docker image (GitHub - wg-easy/wg-easy: The easiest way to run WireGuard VPN + Web-based Admin UI.) but there’re some arguments that i don’t know what to do to make it works.

The list arguments are:

docker run -d \
  --name=wg-easy \
  -e WG_HOST=🚨YOUR_SERVER_IP \
  -e PASSWORD=🚨YOUR_ADMIN_PASSWORD \
  -v ~/.wg-easy:/etc/wireguard \
  -p 51820:51820/udp \
  -p 51821:51821/tcp \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --sysctl="net.ipv4.ip_forward=1" \
  --restart unless-stopped \
  ghcr.io/wg-easy/wg-easy

–sysctl & —cap-add are really the thing that i dont know what to do, for environment variables, i tried to add via secrets like this:

RUN --mount=type=secret,id=WG_HOST\
    --mount=type=secret,id=PASSWORD\
    WG_HOST="0.0.0.0" \
    PASSWORD="testing123" \

If someone can help me steps by steps, i would appreciate it.

2

This might be easier: Private Networking · Fly Docs ?

3

Its easier but its not what i want since i will need to deploy other dockerfile in the future, not just wireguard. This one here is just for an example.

4

What --mount=type=secret will do is place the secret into a file. To get the contents of the file so that you can put the value into an environment variable you will need to use cat. An example:

For sysctl, you will want to create a script that runs the commands, and then create a Dockerfile entrypoint that first runs that script than runs your normal startup command. Example:

1 Like
5

How do you add entrypoint.sh to Dockerfile? Is it something like this?

COPY entrypoint.sh /usr/bin/
RUN chmod +x /usr/bin/entrypoint.sh

ENTRYPOINT ["entrypoint.sh"]
6

Correct.

Just be aware that Docker (and therefore fly), will concatenate the ENTRYPOINT and CMD and run the result as a single command. That’s why entrypoint scripts tend to have the following:

exec "$@"

What the above does is run the CMD.

One final note: the fly console is very helpful for exploration, particularly when run as follows:

fly console --dockerfile Dockerfile -C bash

What this will do is build the dockerfile, and then create an ephemeral machine loaded with that image and ssh into that image and run bash instead of the ENTRYPOINT and CMD. From there you can explore. Once done, exit and the ephemeral machine will be deployed.

7

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.