search

YunoHost-Apps / wireguard_ynh

WireGuard VPN software with a web UI configuration companion, packaged for YunoHost.
GNU General Public License v3.0
35 stars 10 forks source link

Wireguard connection not working #28

Closed xplosionmind closed 3 years ago

xplosionmind commented 3 years ago

Describe the bug

Everything appears to be configured correctly, but the connection to WireGuard does not work.

Context

Steps to reproduce

Expected behavior

Working connection to the internet

Logs

Installation log:

sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh --force
{'en': 'WireGuard installs a Linux kernel module and will most likely require a reboot of your server to work properly.', 'fr': 'WireGuard installe un module au noyau Linux et nécessite probablement un redémarrage du serveur pour fonctionner correctement.'}
Choose the domain where this app should be installed [matto.club | tommi.nohost.me | assets.tommi.space | cloud.tommi.space | docs.tommi.space | inputs.tommi.space | server.tommi.space | vpn.tommi.space | wallet.tommi.space] (default: server.tommi.space): vpn.tommi.space
Choose an administrator user for this app [tommi] (default: tommi):
Info: Installing wireguard...
Warning: grep: /proc/device-tree/model: No such file or directory
Info: [+...................] > Validating installation parameters...
Info: [#+..................] > Storing installation settings...
Info: [##+.................] > Configuring firewall...
Info: [###+++++++..........] > Installing dependencies...
Warning: wg-quick.target is a disabled or a static unit, not starting it.
Info: '/etc/apt/trusted.gpg.d/wireguard.asc' wasn't deleted because it doesn't exist.
Info: [##########+.........] > Setting up source files...
Info: [###########+........] > Configuring nginx web server...
Info: [############+.......] > Configuring system user...
Info: [#############+......] > Configuring a systemd service...
Info: [##############+.....] > Integrating service in YunoHost...
Info: [###############+....] > Starting a systemd service...
Info: The service wireguard_ui has correctly executed the action start.
Info: [################+...] > Configuring permissions...
Info: [#################+..] > Reloading nginx web server...
Info: [####################] > Installation of wireguard completed. You may need to reboot your server before being able to start the WireGuard service.
Success! Installation completed

after running sudo ls -la /opt/yunohost/wireguard

drwxr-x--- 4 wireguard wireguard     4096 Jul  4 22:32 db
-rwxr-x--- 1 wireguard wireguard 22773423 Oct 10  2020 wireguard-ui

after running: sudo ls -la /etc/wireguard

-rw-r-----   1 wireguard wireguard  825 Jul  4 22:33 wg0.conf

after running: sudo wg-quick up wg0

sudo journalctl -xe
--
-- The job identifier is 81763 and the job result is done.
Jul 04 22:43:11 server.tommi.space systemd[1]: Started WireGuard UI.
-- Subject: A start job for unit wireguard_ui.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit wireguard_ui.service has finished successfully.
--
-- The job identifier is 81763.
Jul 04 22:43:11 server.tommi.space sudo[1812]: pam_unix(sudo:session): session closed for user root
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Wireguard UI
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: App Version        : v0.2.7
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Git Commit        : b8142b80c235753e501376e21d3694cd066d977c
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Git Ref                : refs/tags/v0.2.7
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Build Time        : 07-04-2021 20:43:11
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Git Repo        : https://github.com/ngoduykhanh/wireguard-ui
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Authentication        : false
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: Bind address        : 127.0.0.1:8097
Jul 04 22:43:11 server.tommi.space wireguard-ui[1816]: ⇨ http server started on 127.0.0.1:8097
Jul 04 22:43:14 server.tommi.space sudo[1825]:    admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/wg-quick up wg0
Jul 04 22:43:14 server.tommi.space sudo[1825]: pam_unix(sudo:session): session opened for user root by admin(uid=0)
Jul 04 22:43:14 server.tommi.space sudo[1825]: pam_unix(sudo:session): session closed for user root
Jul 04 22:43:25 server.tommi.space sudo[1833]:    admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Jul 04 22:43:25 server.tommi.space sudo[1833]: pam_unix(sudo:session): session opened for user root by admin(uid=0)
Jul 04 22:43:38 server.tommi.space wireguard-ui[1816]: {"time":"2021-07-04T22:43:38.389517907+02:00","id":"","remote_ip":"2.36.22.68","host":"v
Jul 04 22:43:41 server.tommi.space dovecot[22426]: imap-login: Disconnected (no auth attempts in 2 secs): user=<>, rip=128.199.41.223, lip=167.
Jul 04 22:43:43 server.tommi.space wireguard-ui[1816]: {"time":"2021-07-04T22:43:43.232204199+02:00","level":"INFO","prefix":"-","file":"routes
Jul 04 22:43:43 server.tommi.space wireguard-ui[1816]: {"time":"2021-07-04T22:43:43.232349999+02:00","id":"","remote_ip":"2.36.22.68","host":"v
Jul 04 22:43:43 server.tommi.space wireguard-ui[1816]: {"time":"2021-07-04T22:43:43.329096576+02:00","id":"","remote_ip":"2.36.22.68","host":"v
Jul 04 22:43:48 server.tommi.space wireguard-ui[1816]: {"time":"2021-07-04T22:43:48.315979533+02:00","id":"","remote_ip":"2.36.22.68","host":"v
Jul 04 22:43:55 server.tommi.space sudo[1833]: pam_unix(sudo:session): session closed for user root
Jul 04 22:43:58 server.tommi.space slapd[832]: slap_global_control: unrecognized control: 1.3.6.1.4.1.4203.666.5.16
Jul 04 22:43:58 server.tommi.space sudo[1858]:    admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Jul 04 22:43:58 server.tommi.space sudo[1858]: pam_unix(sudo:session): session opened for user root by admin(uid=0)
Jul 04 22:44:16 server.tommi.space sudo[1858]: pam_unix(sudo:session): session closed for user root
Jul 04 22:44:16 server.tommi.space postfix/submission/smtpd[1758]: connect from unknown[45.144.225.95]
Jul 04 22:44:18 server.tommi.space sudo[1862]:    admin : TTY=pts/0 ; PWD=/home/admin ; USER=root ; COMMAND=/usr/bin/journalctl -xe
Jul 04 22:44:18 server.tommi.space sudo[1862]: pam_unix(sudo:session): session opened for user root by admin(uid=0)
tituspijean commented 3 years ago
  1. Have you rebooted your server?
  2. What is the output of sudo wg? (hide any key, preshared key, etc.)
  3. If you can ping your server from your client, then have you followed the instructions in the README? https://github.com/YunoHost-Apps/wireguard_ynh#make-your-server-share-its-internet-connection
xplosionmind commented 3 years ago
  1. I did.
  2. There is no output, even if, before rebooting, there was an output, and it was: 
    interface: wg0
public key: nZv6m***********JUaJLXJvhrJnbiafCtTY=
private key: (hidden)
listening port: 8095
  3. I edited the file as pointed out in the README, but I do not understand these: are they commands? Should I run them consecutively?
tituspijean commented 3 years ago

I edited the file as pointed out in the README, but I do not understand these: are they commands? Should I run them consecutively?

A picture is better than a thousand words. They have to be put there: image

Remember to replace eth0 by your actual Internet-facing interface. Do this, then Save.

I think I have found a bug. Can you try the following commands?

sudo nano /etc/systemd/system/wireguard_ui_conf.service add a sudo before /usr/bin/systemctl on the last line. Save and quit with CTRL+O then CTRL+X sudo systemctl daemon-reload sudo systemctl restart wireguard_ui_conf.service

The interface should be up. Check with sudo wg and try connecting again.

If the connection is successful but still no Internet access (after the post up and down commands), try pinging your server from the client ping 10.10.10.0

xplosionmind commented 3 years ago

It is now working!

Thanks a lot, I love you!

Best,
T