search

linuxserver / docker-wireguard

GNU General Public License v3.0
2.9k stars 359 forks source link

[BUG] strange configuration behavior #295

Closed Robert-Petrosian closed 1 year ago

Robert-Petrosian commented 1 year ago

Is there an existing issue for this?

Current Behavior

In previous builds, I took the keys from the files peer2/publickey-peer2 , peer2/privatekey-peer2 and peer2/presharedkey-peer2 but now the connection does not occur according to these data. Keys differ from peer2.conf and wg0.conf. Look at the screenshots, it will be clearer what is at stake:

image

Expected Behavior

keys from their files will be suitable for connection

Steps To Reproduce

version: "2.1" services: wireguard: image: lscr.io/linuxserver/wireguard:latest container_name: wireguard cap_add:

Environment

- OS:
- How docker service was installed:
ubuntu 20.04

CPU architecture

x86-64

Docker creation

version: "2.1"
services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE #optional

    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - SERVERURL=wireguard.$$$$.com #optional
      - SERVERPORT=51820 #optional
      - PEERS=50 #optional
      - PEERDNS=8.8.8.8 #optional
      - INTERNAL_SUBNET=10.13.13.0 #optional
      - ALLOWEDIPS=0.0.0.0/0 #optional
      - PERSISTENTKEEPALIVE_PEERS=25 #optional
      - LOG_CONFS=true #optional
      #- SERVER_ALLOWEDIPS_PEER_1="192.168.88.1"
    volumes:
      - /wireguard_conf/config:/config
      - /lib/modules:/lib/modules #optional
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

Container logs

ubuntu@ip-10-0-100-211:/wireguard_conf/config$ docker logs 796a77b3f0f9
[migrations] started
[migrations] no migrations found
───────────────────────────────────────

      ██╗     ███████╗██╗ ██████╗ 
      ██║     ██╔════╝██║██╔═══██╗
      ██║     ███████╗██║██║   ██║
      ██║     ╚════██║██║██║   ██║
      ███████╗███████║██║╚██████╔╝
      ╚══════╝╚══════╝╚═╝ ╚═════╝ 

   Brought to you by linuxserver.io
───────────────────────────────────────

To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/

To support LSIO projects visit:
https://www.linuxserver.io/donate/

───────────────────────────────────────
GID/UID
───────────────────────────────────────

User UID:    1000
User GID:    1000
───────────────────────────────────────

Uname info: Linux 796a77b3f0f9 5.15.0-1041-aws #46~20.04.1-Ubuntu SMP Wed Jul 19 15:40:00 UTC 2023 x86_64 GNU/Linux
**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
**** As the wireguard module is already active you can remove the SYS_MODULE capability from your container run/compose. ****
**** Server mode is selected ****
**** PersistentKeepalive will be set for: 25 ****
**** External server address is set to wireguard.q-ctx.com ****
**** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
**** Internal subnet is set to 10.13.13.0 ****
**** AllowedIPs for peers 0.0.0.0/0 ****
**** Peer DNS servers will be set to 8.8.8.8 ****
**** No wg0.conf found (maybe an initial install), generating 1 server and 50 peer/client confs ****
PEER 1 QR code (conf file is saved under /config/peer1):[custom-init] No custom files found, skipping...
.:53
CoreDNS-1.10.1
linux/amd64, go1.20.7, 
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.13.13.1 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] ip -4 route add 10.13.13.9/32 dev wg0
[#] ip -4 route add 10.13.13.8/32 dev wg0
[#] ip -4 route add 10.13.13.7/32 dev wg0
[#] ip -4 route add 10.13.13.6/32 dev wg0
[#] ip -4 route add 10.13.13.51/32 dev wg0
[#] ip -4 route add 10.13.13.50/32 dev wg0
[#] ip -4 route add 10.13.13.5/32 dev wg0
[#] ip -4 route add 10.13.13.49/32 dev wg0
[#] ip -4 route add 10.13.13.48/32 dev wg0
[#] ip -4 route add 10.13.13.47/32 dev wg0
[#] ip -4 route add 10.13.13.46/32 dev wg0
[#] ip -4 route add 10.13.13.45/32 dev wg0
[#] ip -4 route add 10.13.13.44/32 dev wg0
[#] ip -4 route add 10.13.13.43/32 dev wg0
[#] ip -4 route add 10.13.13.42/32 dev wg0
[#] ip -4 route add 10.13.13.41/32 dev wg0
[#] ip -4 route add 10.13.13.40/32 dev wg0
[#] ip -4 route add 10.13.13.4/32 dev wg0
[#] ip -4 route add 10.13.13.39/32 dev wg0
[#] ip -4 route add 10.13.13.38/32 dev wg0
[#] ip -4 route add 10.13.13.37/32 dev wg0
[#] ip -4 route add 10.13.13.36/32 dev wg0
[#] ip -4 route add 10.13.13.35/32 dev wg0
[#] ip -4 route add 10.13.13.34/32 dev wg0
[#] ip -4 route add 10.13.13.33/32 dev wg0
[#] ip -4 route add 10.13.13.32/32 dev wg0
[#] ip -4 route add 10.13.13.31/32 dev wg0
[#] ip -4 route add 10.13.13.30/32 dev wg0
[#] ip -4 route add 10.13.13.3/32 dev wg0
[#] ip -4 route add 10.13.13.29/32 dev wg0
[#] ip -4 route add 10.13.13.28/32 dev wg0
[#] ip -4 route add 10.13.13.27/32 dev wg0
[#] ip -4 route add 10.13.13.26/32 dev wg0
[#] ip -4 route add 10.13.13.25/32 dev wg0
[#] ip -4 route add 10.13.13.24/32 dev wg0
[#] ip -4 route add 10.13.13.23/32 dev wg0
[#] ip -4 route add 10.13.13.22/32 dev wg0
[#] ip -4 route add 10.13.13.21/32 dev wg0
[#] ip -4 route add 10.13.13.20/32 dev wg0
[#] ip -4 route add 10.13.13.2/32 dev wg0
[#] ip -4 route add 10.13.13.19/32 dev wg0
[#] ip -4 route add 10.13.13.18/32 dev wg0
[#] ip -4 route add 10.13.13.17/32 dev wg0
[#] ip -4 route add 10.13.13.16/32 dev wg0
[#] ip -4 route add 10.13.13.15/32 dev wg0
[#] ip -4 route add 10.13.13.14/32 dev wg0
[#] ip -4 route add 10.13.13.13/32 dev wg0
[#] ip -4 route add 10.13.13.12/32 dev wg0
[#] ip -4 route add 10.13.13.11/32 dev wg0
[#] ip -4 route add 10.13.13.10/32 dev wg0
[#] iptables -A FORWAR
github-actions[bot] commented 1 year ago

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.