https://github.com/veerendra2/wireguard-traefik-authelia

wg-easy + traefik + authelia
https://github.com/veerendra2/wireguard-traefik-authelia

authelia docker docker-compose proxy traefik wg-easy wireguard-vpn

Last synced: 25 days ago
JSON representation

wg-easy + traefik + authelia

• Host: GitHub
• URL: https://github.com/veerendra2/wireguard-traefik-authelia
• Owner: veerendra2
• Created: 2024-07-17T20:40:43.000Z (4 months ago)
• Default Branch: main
• Last Pushed: 2024-08-16T23:14:25.000Z (3 months ago)
• Last Synced: 2024-08-17T00:26:00.182Z (3 months ago)
• Topics: authelia, docker, docker-compose, proxy, traefik, wg-easy, wireguard-vpn
• Language: Shell
• Homepage: https://veerendra2.medium.com/how-to-setup-wireguard-vpn-server-with-traefik-and-authelia-1ce7de0786a2
• Size: 17.6 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# WireGuard + Traefik + Authelia

Docker Compose stack to deploy a WireGuard VPN server ([wg-easy](https://github.com/wg-easy/wg-easy)), [Traefik](https://github.com/traefik/traefik) as a reverse proxy to access the `wg-easy` UI, and [Authelia](https://github.com/authelia/authelia) for authentication.



           

           

    



## Deploy

- Ensure `docker` and `docker-compose` are installed.

- Generate a password hash for users in Authelia:

    ```bash

    docker run --rm authelia/authelia:latest \

    authelia crypto hash generate argon2 \

    --password 'my-password'

    ```

- Update the Authelia users configuration in [./config/users_database.yml](./config/users_database.yml):

    ```yaml

    users:

      your-user-name:

        disabled: false

        displayname: "User Name"

        password: ""

        email: "root@localhost"

    ```

- Obtain your DuckDNS token and export the following environmental variables:

    ```bash

    export MY_PROVIDER="duckdns"

    export MY_DOMAIN=""

    export DUCKDNS_TOKEN=""

    docker-compose up -d

    ```

- Once the stack is up and running, go to your domain (`${MY_DOMAIN}`), log in with your password, and click register as shown below:

    


    

    


- Retrieve the first 2FA code from `config/notification.txt`.

  **NOTE:** This `config/notification.txt` is automatically created by Authelia. For example:

    ```bash

    cat config/notification.txt

    Date: 2024-07-21 14:55:11.30894104 +0000 UTC m=+43.154509640

    Recipient: {Test User [email protected]}

    Subject: Confirm your identity

    Hi Test User,

    This email has been sent to you in order to validate your identity. Purpose: Confirm your identity.

    If you did not initiate the process, your credentials might have been compromised and you should:

        1. Visit the revocation link.

        2. Reset your password or other login credentials.

        3. Contact an Administrator.

    To confirm your identity, please use the following single-use code: TXQAT55T

    This email was generated by a user with the IP XXXXXX.

    The following link can be used to revoke the code (this is a logged event): XXXX

    ```