Bug: Custom wireguard config file `Interface.Address` parsing error

[dokzlo13]

Is this urgent?

No

Host OS

Synology DSM

CPU arch

x86_64

VPN service provider

Custom

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2024-03-26T07:27:44.668Z (commit 6b2f350)

What's the problem 🤔

After automatic (with watchtower, sorry because of it I don't track last working version of gluetun) update to new version of the gluetun, custom wireguard configuration stops working without any changes in the config file. Here wireguard config:

[Interface]
Address = 10.128.82.241
PrivateKey = 5a<REDACTED>pU=
DNS = 10.128.0.1

[Peer]
PublicKey = sb<REDACTED>gM=
AllowedIPs = 0.0.0.0/0
Endpoint = 0.0.0.0:51820  # REDACTED

gluetun provides this log line with error:

2024-03-28T21:12:09+02:00 ERROR reading VPN settings: wireguard: secret files WIREGUARD_ADDRESSES: netip.ParsePrefix("10.128.82.241"): no '/' 

Seems like Interface.Address field parsing logging was changed. The possible workaround, which fixes config parsing is:

Address = 10.128.82.241/0

Seems like only IP part is required for gluetun to operate normally, but mask is now required for IP parsing.

Share your logs (at least 10 lines)

Running version latest built on 2024-03-26T07:27:44.668Z (commit 6b2f350)                                                                     

� Need help? https://github.com/qdm12/gluetun/discussions/new                                                                                 
� Bug? https://github.com/qdm12/gluetun/issues/new                                                                                            
✨ New feature? https://github.com/qdm12/gluetun/issues/new                                                                                    
☕ Discussion? https://github.com/qdm12/gluetun/discussions/new                                                                                
� Email? quentin.mcgaw@gmail.com                                                                                                              
� Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12                                                                     
2024-03-28T21:12:09+02:00 WARN You are using the old environment variable HTTPPROXY_LOG, please consider changing it to                       
2024-03-28T21:12:09+02:00 ERROR reading VPN settings: wireguard: secret files WIREGUARD_ADDRESSES: netip.ParsePrefix("10.128.82.241"): no '/' 
2024-03-28T21:12:09+02:00 INFO Shutdown successful

Share your configuration

synobridge network configured by this guide

services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8090:8090 # port for qbittorrent
      - 7878:7878 # port for radarr
    volumes:
      - /volume1/docker/volumes/gluetun:/gluetun
    environment:
      - PUID=...
      - PGID=...

      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
      - WIREGUARD_CONF_SECRETFILE=/gluetun/wireguard/wg0.conf

      - TZ=...
      - HTTPPROXY=off
      - SHADOWSOCKS=off
      - FIREWALL_OUTBOUND_SUBNETS=172.20.0.0/16,192.168.0.0/24
    network_mode: synobridge
    security_opt:
      - no-new-privileges:true
    restart: always

[github-actions[bot]]

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:

• do not ask for updates, be patient
• :+1: the issue to show your support instead of commenting @qdm12 usually checks issues at least once a week, if this is a new urgent bug, revert to an older tagged container image

[qdm12]

Thanks for reporting this with such great details 💯 👍 TLDR: Fixed in e859c603430628c7cfbf84d29bcc66878a0632be

The longer story: This is due to a rather large refactor I've done recently to the configuration reading code. For v3.38.0 and before, it was:

• environment variables would reject an address without a /bits suffix (usually /32 for a single address):

  https://github.com/qdm12/gluetun/blob/b3ceece77948fd6dcf1572d1fd4b3fde96d4534d/internal/configuration/sources/env/wireguard.go#L17

• reading from the Wireguard config file would auto-add a /32 if no / would be found in the address

  https://github.com/qdm12/gluetun/blob/b3ceece77948fd6dcf1572d1fd4b3fde96d4534d/internal/configuration/sources/files/wireguard.go#L115

So all in all, rather inconsistent.

Now it will auto-add the /32 suffix for everything, so it's consistent and it maintains retro-compatibility.

[github-actions[bot]]

Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.