search

amnezia-vpn / amnezia-client

Amnezia VPN Client (Desktop+Mobile)
https://amnezia.org
GNU General Public License v3.0
5.34k stars 335 forks source link

Enhance Amnezia server setup: Docker Compose for better devops support #938

Open stone-w4tch3r opened 2 months ago

stone-w4tch3r commented 2 months ago

Describe the bug Hey there! So, the current Amnezia server setup is great for newbies, but it's a real headache for power users and DevOps folks. It's a pain to backup, move to another VPS, or set up manually. This makes it tough to use cool stuff like Infrastructure as Code (IaC) and other DevOps tricks.

Current Behavior

  1. Service container's are configured via runtime Docker exec commands (configure_container.sh)
  2. The container doesn't save its state in the image or volumes
  3. Backing up and porting is messy and complex
  4. Manual setup almost impossible

Expected behavior Docker Compose architecture that:

  1. Allows easy backup and restoration of the entire VPN setup
  2. Lets you easily move between different VPS providers
  3. Enables manual setup and customization for advanced users

Proposed Solution Transition to a Docker Compose based architecture:

  1. Define services, networks, and volumes in a docker compose
  2. Store configuration (state) in volumes
  3. Use environment variables for settings

Benefits

  1. Backing up and restoring becomes way easier
  2. Simplification of current setup scripts
  3. Replaces current iptables approach to more simple docker compose networking
  4. Better support for DevOps/IaC approach
  5. Power users got more flexibility (e.g. custom domains)

Additional context I'd be glad to help out with this if you want! 😎

Server (please complete the following information):

Desktop (please complete the following information):

Smartphone (please complete the following information):

metya commented 2 months ago

I want it very much! Because I can't automatically install the service, due to sudo with the password for example.

metya commented 2 months ago

@stone-w4tch3r did you figure out how to do it manually with docker-compose?

stone-w4tch3r commented 2 months ago

@metya nope. From code looks like it would be very hard.

You can look at client/server_scripts and controller to understand how they are used

metya commented 2 months ago

I saw it, and it doesn't seem very hard. I'll try deploying the AWG container with only a few changes to the server scripts. If I succeed, I'll provide feedback. I mean, I'll give you feedback either way.

metya commented 2 months ago

I was able to create docker-compose file and setup (I think) proper container, but there is another problem, you can't connect to containers from app, because every scripts from app executes from sudo, and in my case it's no way to do it.

metya commented 2 months ago

BTW, if the password for sudo is turned off, everything works. I can share the docker-compose file

stone-w4tch3r commented 2 months ago

@metya it would be nice

metya commented 2 months ago

@stone-w4tch3r here it is https://github.com/metya/AmneziaWG-Docker-Compose

outbackdingo commented 2 weeks ago

anyway you can add xray and dns to this compose file, im trying to figure out how you even got WG up

aslan-im commented 1 week ago

bump

stone-w4tch3r commented 6 days ago

There is another useful docker compose-related repo: https://github.com/w0rng/amnezia-wg-easy

Adds support for amneziawg into wg-easy panel. Still buggy though(