search

ngoduykhanh / wireguard-ui

Wireguard web interface
MIT License
3.78k stars 464 forks source link

Runtime error when served with Docker #504

Closed bobbyl140 closed 5 months ago

bobbyl140 commented 6 months ago

Hello, I am facing the same problem as #225 when attempting to add a client when serving with Docker. The fix specified involved changing Go versions, which is not applicable to Docker. Is this a known problem?

bobbyl140 commented 6 months ago

Also to add context, upon opening the "add client" dialog, I get a message:

Cannot suggest ip allocation: failed to get list of allocated ip addresses

I don't see any way to set this allocation block, which tells me it's trying to read from the file and can't. I have tried the following four things:

  1. My existing config
  2. Existing config without the client declarations
  3. A blank config file
  4. rm the config file

All of these result in the same two errors. I can open the "add client" dialog but upon pressing the confirm button it breaks.

bobbyl140 commented 6 months ago

And the error is

echo: http: panic serving REDACTED:49698: runtime error: invalid memory address or nil pointer dereference
goroutine 15 [running]:
net/http.(*conn).serve.func1()
    /usr/local/go/src/net/http/server.go:1802 +0xb9
panic({0x8ac940, 0x1461eb0})
    /usr/local/go/src/runtime/panic.go:1047 +0x266
net.networkNumberAndMask(0xc000383ba0)
    /usr/local/go/src/net/ip.go:498
net.(*IPNet).Contains(0xc000383b10, {0xc000383ba0, 0x10, 0x0})
    /usr/local/go/src/net/ip.go:522 +0x27
github.com/ngoduykhanh/wireguard-ui/util.ValidateIPAllocation({0xc00009d8c0, 0x2, 0xc0004ae690}, {0x0, 0x0, 0xc0004f31f0}, {0xc00009d840, 0x1, 0xc0004f3270})
    /build/util/util.go:370 +0x2f0
github.com/ngoduykhanh/wireguard-ui/handler.NewClient.func1({0x114f450, 0xc000176960})
    /build/handler/routes.go:414 +0x20c
github.com/ngoduykhanh/wireguard-ui/handler.ContentTypeJson.func1({0x114f450, 0xc000176960})
    /build/handler/middlewares.go:17 +0xed
github.com/ngoduykhanh/wireguard-ui/handler.ValidSession.func1({0x114f450, 0xc000176960})
    /build/handler/session.go:22 +0x182
github.com/labstack/echo/v4.(*Echo).add.func1({0x114f450, 0xc000176960})
    /go/pkg/mod/github.com/labstack/echo/v4@v4.1.16/echo.go:512 +0x6d
github.com/labstack/echo/v4/middleware.LoggerWithConfig.func2.1({0x114f450, 0xc000176960})
    /go/pkg/mod/github.com/labstack/echo/v4@v4.1.16/middleware/logger.go:111 +0x491
github.com/labstack/echo-contrib/session.MiddlewareWithConfig.func1.1({0x114f450, 0xc000176960})
    /go/pkg/mod/github.com/labstack/echo-contrib@v0.9.0/session/session.go:70 +0x105
github.com/labstack/echo/v4.(*Echo).ServeHTTP.func1({0x114f450, 0xc000176960})
    /go/pkg/mod/github.com/labstack/echo/v4@v4.1.16/echo.go:617 +0x132
github.com/labstack/echo/v4/middleware.RemoveTrailingSlashWithConfig.func1.1({0x114f450, 0xc000176960})
    /go/pkg/mod/github.com/labstack/echo/v4@v4.1.16/middleware/slash.go:118 +0x1fb
github.com/labstack/echo/v4.(*Echo).ServeHTTP(0xc000260000, {0x113d360, 0xc000192700}, 0xc000416d00)
    /go/pkg/mod/github.com/labstack/echo/v4@v4.1.16/echo.go:623 +0x3bc
net/http.serverHandler.ServeHTTP({0x113bf68}, {0x113d360, 0xc000192700}, 0xc000416d00)
    /usr/local/go/src/net/http/server.go:2879 +0x43b
net/http.(*conn).serve(0xc000176460, {0x113fbc0, 0xc00047dec0})
    /usr/local/go/src/net/http/server.go:1930 +0xb08
created by net/http.(*Server).Serve
    /usr/local/go/src/net/http/server.go:3034 +0x4e8
ngoduykhanh commented 6 months ago

Can you try again on the latest image? It uses go 1.21 and has some fixes.

bobbyl140 commented 6 months ago

I ran docker pull to be safe (the docker compose file specifies latest) and re-ran the container, and the same two issues happened. In the logs it shows the git commit as b3c22aa, the current one as of writing.

ngoduykhanh commented 6 months ago

Can you provide more information to help me reproduce the issue?

bobbyl140 commented 6 months ago

My docker-compose file is as follows:

version: "3"
services:
  wireguard-ui:
    image: ngoduykhanh/wireguard-ui:latest
    container_name: wireguard-ui
    cap_add:
      - NET_ADMIN
    network_mode: host
    environment:
      - BIND_ADDRESS=0.0.0.0:51821
      - SESSION_SECRET=REDACTED
      - WGUI_USERNAME=REDACTED
      - WGUI_PASSWORD=REDACTED
      - WGUI_ENDPOINT_ADDRESS=REDACTED
      - WGUI_DNS=100.100.100.100,1.1.1.1,1.0.0.1
      - WGUI_PERSISTENT_KEEPALIVE=25
      - SMTP_HOSTNAME=smtp.gmail.com
      - SMTP_PORT=587
      - SMTP_USERNAME=REDACTED
      - SMTP_PASSWORD=REDACTED
      - SMTP_AUTH_TYPE=PLAIN
      - SMTP_ENCRYPTION=STARTTLS
      - WGUI_SERVER_INTERFACE_ADDRESSES=172.24.5.1,fc00::1:5:1
      - WGUI_SERVER_LISTEN_PORT=51820
      - WGUI_DEFAULT_CLIENT_ALLOWED_IPS=0.0.0.0,::/0
      - WGUI_DEFAULT_CLIENT_USE_SERVER_DNS=true
      - WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION=true
      - WGUI_MANAGE_START=false
      - WGUI_MANAGE_RESTART=false
    logging:
      driver: json-file
      options:
        max-size: 50m
    volumes:
      - /etc/wireguard/db:/app/db
      - /etc/wireguard:/etc/wireguard

I am on CentOS 7 Linux, and I am attempting to migrate (or rather recreate) my existing server. It has the internal IPs of 172.24.5.1/24 and fc00::1:5:1/112. As for the last question, do you mean what I have current clients use, or what the interface has prefilled?

ngoduykhanh commented 6 months ago

WGUI_SERVER_INTERFACE_ADDRESSES=172.24.5.1,fc00::1:5:1

This seems to be a problem. Server addresses must be in CIDR format. Please check the current applied "Server Interface Addresses" to see if you have them in CIDR format.

I tried the above environment variable value, and I got the same error Cannot suggest ip allocation: failed to get list of allocated ip addresses

As for the last question, do you mean what I have current clients use, or what the interface has prefilled?

I meant what configuration you used when creating a new client and got the error.

bobbyl140 commented 6 months ago

Ah, my bad. I should've thought of that since they're all CIDR in the actual conf file. Is this supposed to match the Address field of the [Interface] section one-to-one? I guess my question is if I use /32 and /128, or if I should use the appropriate mask for the entire network.

As for config, I pretty much just used test values, I set the name and email to test and test@gmail.com, IP allocation to 172.24.5.2/32 (ignoring IPv6 for now), and left endpoint blank assuming the default would be used. I also tried filling in the endpoint with both IP and IP:port.

ngoduykhanh commented 6 months ago

Is this supposed to match the Address field of the [Interface] section one-to-one?

Yes, they should have the same value.

Can you correct the WGUI_SERVER_INTERFACE_ADDRESSES and test if it works? In you case, it should be 172.24.5.1/24 and fc00::1:5:1/112?

bobbyl140 commented 5 months ago

After making this change it initially didn't work, but then I realized I was reusing the folder created by the last container, so I went on the web UI and added the CIDR values, which did in fact fix it. Thank you! Sorry for the hassle.