Fails to start service

[Gerolmed]

I tried running this on my Ubuntu 20.04 VPS. The service doesnt start. The installation log is:

Okay, that was all I needed. We are ready to setup your WireGuard server now.
You will be able to generate a client at the end of the installation.
Press any key to continue...
Hit:1 http://asi-fs-n.contabo.net/ubuntu focal InRelease
Hit:2 http://asi-fs-n.contabo.net/ubuntu focal-updates InRelease
Hit:3 http://asi-fs-n.contabo.net/ubuntu focal-backports InRelease
Get:4 https://download.docker.com/linux/ubuntu focal InRelease [52.1 kB]
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Ign:6 http://download.webmin.com/download/repository sarge InRelease
Hit:7 http://download.webmin.com/download/repository sarge Release
Fetched 52.1 kB in 1s (49.0 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
iptables is already the newest version (1.8.4-3ubuntu2).
resolvconf is already the newest version (1.82).
The following NEW packages will be installed:
  libqrencode4 qrencode wireguard wireguard-tools
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/134 kB of archives.
After this operation, 477 kB of additional disk space will be used.
Selecting previously unselected package libqrencode4:amd64.
(Reading database ... 167708 files and directories currently installed.)
Preparing to unpack .../libqrencode4_4.0.2-2_amd64.deb ...
Unpacking libqrencode4:amd64 (4.0.2-2) ...
Selecting previously unselected package qrencode.
Preparing to unpack .../qrencode_4.0.2-2_amd64.deb ...
Unpacking qrencode (4.0.2-2) ...
Selecting previously unselected package wireguard-tools.
Preparing to unpack .../wireguard-tools_1.0.20200513-1~20.04.2_amd64.deb ...
Unpacking wireguard-tools (1.0.20200513-1~20.04.2) ...
Selecting previously unselected package wireguard.
Preparing to unpack .../wireguard_1.0.20200513-1~20.04.2_all.deb ...
Unpacking wireguard (1.0.20200513-1~20.04.2) ...
Setting up libqrencode4:amd64 (4.0.2-2) ...
Setting up qrencode (4.0.2-2) ...
Setting up wireguard-tools (1.0.20200513-1~20.04.2) ...
wg-quick.target is a disabled or a static unit, not starting it.
Setting up wireguard (1.0.20200513-1~20.04.2) ...
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
* Applying /etc/sysctl.d/10-console-messages.conf ...
kernel.printk = 4 4 1 7
* Applying /etc/sysctl.d/10-ipv6-privacy.conf ...
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
* Applying /etc/sysctl.d/10-kernel-hardening.conf ...
kernel.kptr_restrict = 1
* Applying /etc/sysctl.d/10-link-restrictions.conf ...
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/10-magic-sysrq.conf ...
kernel.sysrq = 176
* Applying /etc/sysctl.d/10-network-security.conf ...
net.ipv4.conf.default.rp_filter = 2
net.ipv4.conf.all.rp_filter = 2
* Applying /etc/sysctl.d/10-ptrace.conf ...
kernel.yama.ptrace_scope = 1
* Applying /etc/sysctl.d/10-zeropage.conf ...
vm.mmap_min_addr = 65536
* Applying /usr/lib/sysctl.d/50-default.conf ...
net.ipv4.conf.default.promote_secondaries = 1
sysctl: setting key "net.ipv4.conf.all.promote_secondaries": Invalid argument
net.ipv4.ping_group_range = 0 2147483647
net.core.default_qdisc = fq_codel
fs.protected_regular = 1
fs.protected_fifos = 1
* Applying /usr/lib/sysctl.d/50-pid-max.conf ...
kernel.pid_max = 4194304
* Applying /etc/sysctl.d/99-sysctl.conf ...
kernel.panic = 10
net.ipv6.conf.all.disable_ipv6 = 1
* Applying /usr/lib/sysctl.d/protect-links.conf ...
fs.protected_fifos = 1
fs.protected_hardlinks = 1
fs.protected_regular = 2
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/wg.conf ...
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
* Applying /etc/sysctl.conf ...
kernel.panic = 10
net.ipv6.conf.all.disable_ipv6 = 1
Job for wg-quick@wg0.service failed because the control process exited with error code.
See "systemctl status wg-quick@wg0.service" and "journalctl -xe" for details.
Created symlink /etc/systemd/system/multi-user.target.wants/wg-quick@wg0.service → /lib/systemd/system/wg-quick@.service.

And the service status:

root@vmd60201:~/wireguard# systemctl status wg-quick@wg0
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2021-07-05 12:49:07 CEST; 44s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
   Main PID: 13696 (code=exited, status=2)

Jul 05 12:49:06 vmd60201.contaboserver.net systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13696]: [#] ip link add wg0 type wireguard
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13696]: [#] wg setconf wg0 /dev/fd/63
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13696]: [#] ip -4 address add xx.xx.xx.x/24 dev wg0
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13696]: [#] ip -6 address add xxxx:xx:xx::1/64 dev wg0
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13720]: RTNETLINK answers: Permission denied
Jul 05 12:49:07 vmd60201.contaboserver.net wg-quick[13696]: [#] ip link delete dev wg0
Jul 05 12:49:07 vmd60201.contaboserver.net systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Jul 05 12:49:07 vmd60201.contaboserver.net systemd[1]: wg-quick@wg0.service: Failed with result 'exit-code'.
Jul 05 12:49:07 vmd60201.contaboserver.net systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.

Any help would be appreciated :D

[angristan]

Searching for this on Google returns results about IPv6 being disabled.

Looking at your output we can see:

* Applying /etc/sysctl.conf ...
kernel.panic = 10
net.ipv6.conf.all.disable_ipv6 = 1

Could you edit the last value to 0, run sysctl --system and then systemctl restart wg-quick@wg0?

[Gerolmed]

Thanks a lot that seems to have fixed it.

[textPreferred]

@angristan :pray: Same issue here, you proposal solved it.

Maybe there is a way to include this pointer in the script?