diff --git a/wireguard/wireguard.yml b/wireguard/wireguard.yml
new file mode 100644
index 0000000..6831abd
--- /dev/null
+++ b/wireguard/wireguard.yml
@@ -0,0 +1,34 @@
+version: "2.1"
+services:
+  wireguard:
+    image: linuxserver/wireguard
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE #optional
+    environment:
+      - PUID=1001
+      - PGID=1001
+      - TZ=America/New_York
+      # - SERVERURL=wireguard.domain.com #optional
+      # - SERVERPORT=51820 #optional
+      - PEERS=1 #optional
+      - PEERDNS=auto #optional
+      # - INTERNAL_SUBNET=10.13.13.0 #optional
+      # - ALLOWEDIPS=0.0.0.0/0 #optional
+      # - PERSISTENTKEEPALIVE_PEERS= #optional
+      - LOG_CONFS=true #optional
+    volumes:
+      - ./config:/config
+      - /lib/modules:/lib/modules #optional
+    # ports:
+    #   - 51820:51820/udp
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wireguard.entrypoints=websecure"
+      - "traefik.http.routers.wireguard.rule=Host(`wireguard.meftimes.com`)"
+      - "traefik.http.routers.wireguard.middlewares=authelia@docker"
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+    restart: unless-stopped
+