Feedback for "Routing Docker Host And Container Traffic Through WireGuard"

I tried out the tutorial described in this article and I have a few annotations for it.

  • In the compose code parts the version tag of compose is missing. I tried out the second method described. Only by adding the compose version tag to the beginning of the compose file did I get it to work. Specifically I added version: '3'
  • I use a Mullvad file like in the example of the article. The default DNS server was their internal one so at first it didn’t work. I noticed and fixed it but for less experienced users one could add an annotation about the DNS entry
  • I did not see right away that in the Post-Up section of the wg0.conf a kill switch was already built-in. I wanted to add it manually until I saw it was already there. An annotation about that would be appreciated as well

Overall a really great article though, thanks a ton for the write-up!

Thanks for the feedback.

Compose 1.27.0+ doesn’t require a version setting and merges the (now considered legacy) 2.X and 3.X versions per Compose specification | Docker Documentation

The DNS entry used in the example is Mullvad’s DNS. I don’t follow the issue or the suggestion.

With regards to a kill switch, I’d rather not get into the whole debate of no leakage and certainly don’t want to imply any guarantees. The article is simply showcasing what’s possible. Implementing it and maintaining it in a way to ensure no leakage is the user’s (really the server admin’s) responsibility.