FROM debian:buster

RUN echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list && \
 printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable

RUN apt update && \
 apt install -y --no-install-recommends wireguard-tools iptables nano net-tools procps && \
 apt clean

# Copy configs
COPY wg0.conf /etc/wireguard/wg0.conf
COPY sysctl.conf /etc/systctl.conf

# generate keys
RUN cd /etc/wireguard && \
umask 077 && \
export PRIVKEY=$(wg genkey) && \
echo $PRIVKEY | tee privatekey | wg pubkey | tee publickey && \
echo $PRIVKEY | tee /etc/wireguard/wg0.conf 

RUN sysctl -p
RUN wg-quick up wg0
RUN wg

CMD sleep infinity