docs: add note about running wireguard in Docker (#156)

docs/documentation/getting-started/binaries.md

@@ -31,4 +31,4 @@ sudo install wg-portal /opt/wg-portal/
 ## Unreleased
 
 Unreleased versions could be downloaded from
-[GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster) artifacs also.
+[GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster) artifacts also.

docs/documentation/getting-started/docker.md

@@ -55,3 +55,60 @@ You should mount those directories as a volume:
 - /app/config
 
 A detailed description of the configuration options can be found [here](../configuration/overview.md).
+
+## Running WireGuard inside Docker
+
+Modern Linux distributions ship with a kernel that supports WireGuard out of the box.
+This means that you can run WireGuard directly on the host system without the need for a Docker container.
+WireGuard Portal can then manage the WireGuard interfaces directly on the host.
+
+If you still want to run WireGuard inside a Docker container, you can use the following example docker-compose.yml:
+
+```yaml
+services:
+  wg-portal:
+    image: wgportal/wg-portal:latest
+    container_name: wg-portal
+    restart: unless-stopped
+    logging:
+      options:
+        max-size: "10m"
+        max-file: "3"
+    cap_add:
+      - NET_ADMIN
+    network_mode: "service:wireguard" # So we ensure to stay on the same network as the wireguard container.
+    volumes:
+      - ./wg/etc:/etc/wireguard
+      - ./wg/data:/app/data
+      - ./wg/config:/app/config
+
+  wireguard:
+      image: lscr.io/linuxserver/wireguard:latest
+      container_name: wireguard
+      restart: unless-stopped
+      cap_add:
+        - NET_ADMIN
+      ports:
+        - "51820:51820/udp" # WireGuard port, needs to match the port in wg-portal interface config
+        - "127.0.0.1:8888:8888" # Noticed that the port of the web UI is exposed in the wireguard container.
+      volumes:
+        - ./wg/etc:/config/wg_confs # We share the configuration (wgx.conf) between wg-portal and wireguard
+      sysctls:
+        - net.ipv4.conf.all.src_valid_mark=1
+```
+
+For this to work, you need to have at least the following configuration set in your WireGuard Portal config:
+
+```yaml
+core:
+  # The WireGuard container uses wg-quick to manage the WireGuard interfaces - this conflicts with WireGuard Portal during startup.
+  # To avoid this, we need to set the restore_state option to false so that wg-quick can create the interfaces.
+  restore_state: false
+  # Usually, there are no existing interfaces in the WireGuard container, so we can set this to false.
+  import_existing: false
+advanced:
+  # WireGuard Portal needs to export the WireGuard configuration as wg-quick config files so that the WireGuard container can use them.
+  config_storage_path: /etc/wireguard/
+```
+
+Also make sure that you restart the WireGuard container after you create or delete an interface in WireGuard Portal.

docs/documentation/getting-started/sources.md

@@ -22,3 +22,4 @@ make build
 ## Install
 
 Compiled binary will be available in `./dist` directory. 
+For installation instructions, check the [Binaries](./binaries.md) section.

docs/documentation/upgrade/v1.md

@@ -1,5 +1,5 @@
 For production deployments of WireGuard Portal, we strongly recommend using version 1.
-If you want to use version 2, please be aware that it is still in beta and not feature complete.
+If you want to use version 2, please be aware that it is still a release candidate and not yet fully stable.
 
 ## Upgrade from v1 to v2