50 lines
1.0 KiB
Nix
50 lines
1.0 KiB
Nix
{ pkgs, ... }:
|
|
let
|
|
wireguard-ui = pkgs.wireguard-ui.overrideAttrs (oldAttrs: {
|
|
src = pkgs.applyPatches {
|
|
src = oldAttrs.src;
|
|
patches = [
|
|
# - Always write config on run
|
|
# - Activate with systemd sockets
|
|
# - Remove telegram
|
|
# - Automatically run wg-quick
|
|
./customization.patch
|
|
];
|
|
};
|
|
|
|
vendorHash = "sha256-ic9EUJLvU9mPmqU1mhjZozc6bQQqoR7XkhIKx1vuekA=";
|
|
});
|
|
in
|
|
pkgs.dockerTools.buildImage {
|
|
name = "wireguard-ui";
|
|
fromImage = import ../base { inherit pkgs; };
|
|
|
|
copyToRoot = pkgs.buildEnv {
|
|
name = "root";
|
|
paths =
|
|
[ wireguard-ui ]
|
|
++ (with pkgs; [
|
|
wireguard-tools
|
|
iptables
|
|
ipset
|
|
]);
|
|
pathsToLink = [ "/bin" ];
|
|
};
|
|
|
|
runAsRoot = ''
|
|
mkdir -p /etc/wireguard
|
|
'';
|
|
|
|
config = {
|
|
Entrypoint = [ "wireguard-ui" ];
|
|
ExposedPorts = {
|
|
"5000/tcp" = { };
|
|
"51820/udp" = { };
|
|
};
|
|
Volumes = {
|
|
"/var/lib/wireguard-ui/db/clients" = { };
|
|
};
|
|
WorkingDir = "/var/lib/wireguard-ui";
|
|
};
|
|
}
|