Is it possible to run as non root?

[gudata]

Is there any chance that you don't run this service as root?
Managing the wg0.conf files could be done via dedicated user.
restarting the interface could be done via systemd.path file.
and for accessing the wireguard api - probably it would work as normal user.

[h44z]

Sorry, accidentally deleted a commen from Masgalor:

I don't know if this issue is still relevant today.
But for everyone looking for an answer to this question, there is no problem running with an unprivileged user.

You need to:

• change the permissions of /etc/wireguard to write the config files there
  OR
• write them to some other location and link them there
  AND
• Give your user or process CAP_NET_ADMIN and CAP_NET_RAW capabilities.

At least thats what I do, maybe I am missing something but everything works as expected for me.
I use the binary in a systemd-service, no idea how this translates to docker.