infrastructure/ansible/roles/gluetun/templates/docker-compose.yml

networks:
  traefik:
    external: true

services:
  gluetun:
    container_name: gluetun
    image: qmcgaw/gluetun
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
    networks:
      - traefik
    ports:
      - 8888:8888 # HTTP Proxy
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      VPN_TYPE: wireguard
      VPN_SERVICE_PROVIDER: custom
      WIREGUARD_PRIVATE_KEY: "{{ torguard_private_key }}"
      WIREGUARD_PUBLIC_KEY: "fLDSO1YJxryyquen+XupegFQWhsWkGva+g3BtuIRyWs="
      WIREGUARD_ADDRESSES: "{{ torguard_address }}"
      VPN_ENDPOINT_IP: "38.96.254.100"
      VPN_ENDPOINT_PORT: "1443"
      FIREWALL_VPN_INPUT_PORTS: "45333"
      FIREWALL_OUTBOUND_SUBNETS: "10.0.0.0/24"
      DOT: "off"
      DNS_ADDRESS: "10.8.0.1"
      TZ: "{{ timezone }}"
      HTTPPROXY: "on"
      HTTPPROXY_USER: httpproxy
      HTTPPROXY_PASSWORD: httpproxy