67 lines
1.5 KiB
HCL
67 lines
1.5 KiB
HCL
job "wireguard" {
|
|
region = "global"
|
|
datacenters = ["dc1"]
|
|
type = "service"
|
|
// constraint {
|
|
// attribute = "${attr.cpu.arch}"
|
|
// operator = "regexp"
|
|
// value = "arm"
|
|
// }
|
|
group "wireguard" {
|
|
count = 1
|
|
|
|
|
|
task "wireguard" {
|
|
driver = "docker"
|
|
|
|
config {
|
|
image = "lscr.io/linuxserver/wireguard"
|
|
ports = ["vpn"]
|
|
volumes = [
|
|
"/mnt/Public/config/wireguard:/config",
|
|
"/lib/modules:/lib/modules"
|
|
]
|
|
cap_add = ["NET_ADMIN","SYS_MODULE"]
|
|
// network_mode = "host"
|
|
|
|
// network_mode = "container:gocast-${NOMAD_ALLOC_ID}"
|
|
sysctl = {
|
|
"net.ipv4.conf.all.src_valid_mark"="1"
|
|
}
|
|
|
|
}
|
|
env {
|
|
TZ = "EST5EDT"
|
|
PUID = 1000
|
|
PGID = 1000
|
|
SERVERURL="wireguard.fbleagh.duckdns.org"
|
|
SERVERPORT=51820
|
|
PEERS="StuPhone,SurfaceGo,Surface,SurfaceGo3"
|
|
PEERDNS="192.168.1.250,192.168.1.1,1.1.1.1"
|
|
// INTERNAL_SUBNET= "192.168.1.0"
|
|
ALLOWEDIPS="0.0.0.0/0"
|
|
}
|
|
service {
|
|
name = "${TASKGROUP}"
|
|
port = "vpn"
|
|
tags = ["enable_gocast",
|
|
"gocast_vip=192.168.1.241/32",
|
|
"gocast_nat=tcp:51820:51820",
|
|
"gocast_nat=udp:51820:51820"]
|
|
}
|
|
|
|
resources {
|
|
cpu = 50
|
|
memory = 100
|
|
}
|
|
}
|
|
|
|
network {
|
|
port "vpn" {
|
|
static = 51820
|
|
to = 51820
|
|
}
|
|
}
|
|
}
|
|
}
|