diff --git a/README.md b/README.md
index b3f213c..0940706 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,8 @@ wireguard interface stats. See the `cap_add` and `network_mode` options on the d
 
 Set the `SESSION_SECRET` environment variable to a random value.
 
+To use custom `wg.conf` template set the `WG_CONF_TEMPLATE` environment variable to a path to such file. Make sure `wireguard-ui` will be able to work with it - use [default template](templates/wg.conf) for reference.
+
 In order to sent the wireguard configuration to clients via email, set the following environment variables:
 
 - using SendGrid API
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 814a671..f5be7b2 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -15,6 +15,7 @@ services:
       - SESSION_SECRET
       - WGUI_USERNAME=alpha
       - WGUI_PASSWORD=this-unusual-password
+      - WG_CONF_TEMPLATE
     logging:
       driver: json-file
       options:
diff --git a/main.go b/main.go
index 9f2af3c..061ea10 100644
--- a/main.go
+++ b/main.go
@@ -34,6 +34,7 @@ var (
 	flagEmailFrom      string
 	flagEmailFromName  string = "WireGuard UI"
 	flagSessionSecret  string
+	flagWgConfTemplate string
 )
 
 const (
@@ -60,6 +61,7 @@ func init() {
 	flag.StringVar(&flagEmailFrom, "email-from", util.LookupEnvOrString("EMAIL_FROM_ADDRESS", flagEmailFrom), "'From' email address.")
 	flag.StringVar(&flagEmailFromName, "email-from-name", util.LookupEnvOrString("EMAIL_FROM_NAME", flagEmailFromName), "'From' email name.")
 	flag.StringVar(&flagSessionSecret, "session-secret", util.LookupEnvOrString("SESSION_SECRET", flagSessionSecret), "The key used to encrypt session cookies.")
+	flag.StringVar(&flagWgConfTemplate, "wg-conf-template", util.LookupEnvOrString("WG_CONF_TEMPLATE", flagWgConfTemplate), "Path to custom wg.conf template.")
 	flag.Parse()
 
 	// update runtime config
@@ -75,6 +77,7 @@ func init() {
 	util.EmailFrom = flagEmailFrom
 	util.EmailFromName = flagEmailFromName
 	util.SessionSecret = []byte(flagSessionSecret)
+	util.WgConfTemplate = flagWgConfTemplate
 
 	// print app information
 	fmt.Println("Wireguard UI")
@@ -89,6 +92,7 @@ func init() {
 	fmt.Println("Email from\t:", util.EmailFrom)
 	fmt.Println("Email from name\t:", util.EmailFromName)
 	//fmt.Println("Session secret\t:", util.SessionSecret)
+	fmt.Println("Custom wg.conf\t:", util.WgConfTemplate)
 
 }
 
diff --git a/util/config.go b/util/config.go
index 80cbc9c..60ea251 100644
--- a/util/config.go
+++ b/util/config.go
@@ -16,6 +16,7 @@ var (
 	EmailSubject   string
 	EmailContent   string
 	SessionSecret  []byte
+	WgConfTemplate string
 )
 
 const (
diff --git a/util/util.go b/util/util.go
index 7c347a9..9ef916d 100644
--- a/util/util.go
+++ b/util/util.go
@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io/ioutil"
 	"net"
 	"os"
 	"strconv"
@@ -359,10 +360,22 @@ func ValidateIPAllocation(serverAddresses []string, ipAllocatedList []string, ip
 
 // WriteWireGuardServerConfig to write Wireguard server config. e.g. wg0.conf
 func WriteWireGuardServerConfig(tmplBox *rice.Box, serverConfig model.Server, clientDataList []model.ClientData, globalSettings model.GlobalSetting) error {
-	// read wg.conf template file to string
-	tmplWireguardConf, err := tmplBox.String("wg.conf")
-	if err != nil {
-		return err
+	var tmplWireguardConf string
+
+	// if set, read wg.conf template from WgConfTemplate
+	if len(WgConfTemplate) > 0 {
+		fileContentBytes, err := ioutil.ReadFile(WgConfTemplate)
+		if err != nil {
+			return err
+		}
+		tmplWireguardConf = string(fileContentBytes)
+	} else {
+		// read default wg.conf template file to string
+		fileContent, err := tmplBox.String("wg.conf")
+		if err != nil {
+			return err
+		}
+		tmplWireguardConf = fileContent
 	}
 
 	// parse the template