search

MindFlavor / prometheus_wireguard_exporter

A Prometheus exporter for WireGuard, written in Rust.
https://mindflavor.github.io/prometheus_wireguard_exporter
MIT License
492 stars 51 forks source link

How to get information from wireguard container #115

Open a-camacho opened 1 year ago

a-camacho commented 1 year ago

Hi everyone,

I am using Wireguard as a docker container on my server machine. Is there any way to be able to deploy this container, and still get information from the containerized server ?

Or should I build a server container image, containing wireguard-exporter ? Do you know if there is an existing image already ?

Thanks a lot.

tolkonepiu commented 1 year ago

Here is an example of wg-easy + wireguard_exporter:

https://github.com/tolkonepiu/wg-easy-extended/

a-camacho commented 1 year ago

Thanks, I ended up mapping wg-exporter binary to linuxserver/wireguard container.

GeoffreyCoulaud commented 1 year ago

Thanks, I ended up mapping wg-exporter binary to linuxserver/wireguard container.

What do you mean? Can you explain the steps you took?
Thanks in advance

Edit:

I solved the issue myself, by "mapping" @a-camacho meant attaching to the wireguard container network. Here is part of my compose.yml for anyone stumbling upon this issue

    wireguard:
        container_name: wireguard
        image: lscr.io/linuxserver/wireguard:latest
        restart: unless-stopped
        sysctls:
            - net.ipv4.conf.all.src_valid_mark=1
        cap_add:
            - NET_ADMIN
            - SYS_MODULE
        env_file:
            - wireguard-peers.env
        environment:
            - PUID=${PUID}
            - PGID=${PGID}
            - TZ=${TZ}
            - SERVERURL=...
            - SERVERPORT=${WIREGUARD_PORT}
            - INTERNAL_SUBNET=...
            - ALLOWEDIPS=...
            - PERSISTENTKEEPALIVE_PEERS=all
            - LOG_CONFS=false
        ports:
            - ${WIREGUARD_PORT}:${WIREGUARD_PORT}/udp
            # Exposes the exporter port here, since it uses the wireguard network stack
            - ${WIREGUARD_EXPORTER_PORT}:${WIREGUARD_EXPORTER_PORT}
        volumes:
            - /lib/modules:/lib/modules
            - wireguard-config:/config

    wireguard-exporter:
        image: mindflavor/prometheus-wireguard-exporter
        restart: unless-stopped
        container_name: wireguard-exporter
        command: -a true
        # This is what makes the exporter see the wireguard interfaces
        network_mode: "service:wireguard"
        cap_add:
            - NET_ADMIN
        volumes:
            - wireguard-config:/config:ro
        environment:
            - PROMETHEUS_WIREGUARD_EXPORTER_PORT=${WIREGUARD_EXPORTER_PORT}
            - PROMETHEUS_WIREGUARD_EXPORTER_CONFIG_FILE_NAMES=/config/wg_confs/wg0.conf