前言
當初就一直在想行動網路可不可以使用Adguardhome,後來想一想如果連VPN在對外,
有VPN,然後VPN的DNS指向Adguardhome主機的應該是可以的,只要路由器有VPN功能應該可以玩看看。
不過目前架站在VPS上,將VPS的路由改掉暫時沒想出來,不如想另外的方法來用Adguardhome
最近在網路上發現Wireguard,忽然覺得這個VPN很不錯,可以來玩看看VPN的搭配。
安裝
Docker-compose.yml
version: "3.8"
services:
wg-easy:
environment:
- WG_HOST=yourinternetip
# Optional:
- PASSWORD=yourpassword
# - WG_PORT=51820
# WG_DEFAULT_ADDRESS=172.18.0.2
- WG_DEFAULT_DNS=172.18.0.3
# - WG_MTU=1420
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
image: weejewel/wg-easy
container_name: wg-easy
networks:
default:
ipv4_address: 172.18.0.2
volumes:
- './wgeasy:/etc/wireguard'
ports:
- "51820:51820/udp"
- "51821:51821/tcp"
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
adguardhome:
image: adguard/adguardhome
container_name: adguardhome
networks:
default:
ipv4_address: 172.18.0.3
volumes:
- './config:/opt/adguardhome/conf'
- './data:/opt/adguardhome/work'
ports:
# DNS
#- 53:53
# # DHCP server
# - 67:67/udp
# - 68:68/tcp
# - 68:68/udp
# # HTTPS/DNS-over-HTTPS
# - 443:443/tcp
# # DNS-over-TLS
# - 853:853/tcp
# # DNS-over-QUIC
# - 784:784/udp
# # DNSCrypt
# - 5443:5443/tcp
# - 5443:5443/udp
# # WebUI
- 3000:3000/tcp
restart: unless-stopped
networks:
default:
ipam:
driver: default
config:
- subnet: 172.18.0.0/16上面的重點就是你的Wireguard跟Adguardhome在同個網段,然後Wireguard直接設上DNS為Adguardhome的ip
#Wireguard的ip跟密碼記得改成自已的
展示
這種連線方式應該比直接Adguardhome開在對外安全
下面的172.18.0.2就是每個透過Wireguard連線的使用者們,Adguardhome都會先篩選過網址
參考
Wireguard安裝使用請參考以下影片
Adguardhome安裝使用請參考下列網址