search

wg-easy / wg-easy

The easiest way to run WireGuard VPN + Web-based Admin UI.
Other
12.57k stars 1.24k forks source link

Invalid type error starting container Using WireGuard Easy with Traefik SSL #1084

Open asutpshnik opened 3 weeks ago

asutpshnik commented 3 weeks ago

I use this docker-compose.yml file - link

I uncommented the lines of the password setting option, and the result was:

version: "3.8"
services:
  wg-easy:
    labels:
      # traefik
      - "traefik.enable=true"
      - "traefik.http.services.WireGuardService.loadbalancer.server.port=51821"
      # http to https
      - "traefik.http.routers.WireGuardRoute.service=WireGuardService"
      # ⚠️ Required:
      # Change this to your host's public address
      - "traefik.http.routers.WireGuardRoute.rule=Host(`vpn.myhomelab.com`)"
      - "traefik.http.routers.WireGuardRoute.entrypoints=web"
      - "traefik.http.routers.WireGuardRoute.middlewares=HttpToHttpsRedirectMiddleware"
      # https
      - "traefik.http.routers.WireGuardRouteSSL.service=WireGuardService"
      # ⚠️ Required:
      # Change this to your host's public address
      - "traefik.http.routers.WireGuardRouteSSL.rule=Host(`vpn.myhomelab.com`)"
      - "traefik.http.routers.WireGuardRouteSSL.entrypoints=websecure"
      - "traefik.http.routers.WireGuardRouteSSL.tls.certresolver=MainCertResolver"
    environment:
      # ⚠️ Required:
      # Change this to your host's public address
      WG_HOST: vpn.homelab.com

      Optional:
      - PASSWORD=foobar123
      # - WG_PORT=51820
      # - WG_DEFAULT_ADDRESS=10.8.0.x
      # - WG_DEFAULT_DNS=1.1.1.1
      # - WG_MTU=1420
      #-  WG_ALLOWED_IPS=
      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt

    container_name: wg-easy
    image: ghcr.io/wg-easy/wg-easy
    networks:
      - traefik_network
    volumes:
      - .:/etc/wireguard
    ports:
      - "51820:51820/udp"
    restart: unless-stopped
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1

  traefik:
    image: traefik:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - traefik_letsencrypt_data:/letsencrypt
    networks:
      - traefik_network
    ports:
      - "80:80"
      - "443:443"
    command:
      - "--providers.docker"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--providers.docker.network=traefik_network"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.MainCertResolver.acme.tlschallenge=true"
      # ⚠️ Change the email to yours (to receive notifications from letsencrypt)
      - "--certificatesresolvers.MainCertResolver.acme.email=email@myhomelab.com"
      - "--certificatesresolvers.MainCertResolver.acme.storage=/letsencrypt/acme.json"

networks:
  traefik_network:
    external: true

volumes:
  traefik_letsencrypt_data:

Error when starting services:

root@disgusted-shelf:/opt/wireguard# docker-compose up -d
ERROR: The Compose file './docker-compose.yml' is invalid because:
services.wg-easy.environment.Optional contains ["PASSWORD=foobar123"], which is an invalid type, it should be a string, number, or a null
eandersons commented 3 weeks ago

You uncommented too much: Optional: should be commented as it is just a documentation indicating that the following is optional.

asutpshnik commented 3 weeks ago

You uncommented too much: Optional: should be commented as it is just a documentation indicating that the following is optional.

@eandersons I tried different options, made different indents before the PASSWORD line, there was an error parsing the YML file. For example like this:

    environment:
      # Required:
      # Change this to your host's public address
      WG_HOST: vpn.homelab.com

      # Optional:
      - PASSWORD=foobar123
      # - WG_PORT=51820
      # - WG_DEFAULT_ADDRESS=10.8.0.x
      # - WG_DEFAULT_DNS=1.1.1.1
      # - WG_MTU=1420
      #-  WG_ALLOWED_IPS=
      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt

Run error:

root@disgusted-shelf:/opt/wireguard# docker-compose up -d
ERROR: yaml.parser.ParserError: while parsing a block mapping
  in "./docker-compose.yml", line 25, column 7
expected <block end>, but found '-'
  in "./docker-compose.yml", line 28, column 7

I also tried to specify the password environment, similar to the host environment, like this:

    environment:
      # Required:
      # Change this to your host's public address
      WG_HOST: vpn.homelab.com
      PASSWORD: foobar123
      # - WG_PORT=51820
      # - WG_DEFAULT_ADDRESS=10.8.0.x
      # - WG_DEFAULT_DNS=1.1.1.1
      # - WG_MTU=1420
      #-  WG_ALLOWED_IPS=
      # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
      # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
      # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
      # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt

Still error:

root@disgusted-shelf:/opt/wireguard# docker-compose up -d
Recreating a9a46fc8f54a_wg-easy ...
Starting wireguard_traefik_1    ...

Starting wireguard_traefik_1    ... done

ERROR: for wg-easy  'ContainerConfig'
Traceback (most recent call last):
  File "/usr/bin/docker-compose", line 33, in <module>
    sys.exit(load_entry_point('docker-compose==1.29.2', 'console_scripts', 'docker-compose')())
  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 81, in main
    command_func()
  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 203, in perform_command
    handler(command, command_options)
  File "/usr/lib/python3/dist-packages/compose/metrics/decorator.py", line 18, in wrapper
    result = fn(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 1186, in up
    to_attach = up(False)
  File "/usr/lib/python3/dist-packages/compose/cli/main.py", line 1166, in up
    return self.project.up(
  File "/usr/lib/python3/dist-packages/compose/project.py", line 697, in up
    results, errors = parallel.parallel_execute(
  File "/usr/lib/python3/dist-packages/compose/parallel.py", line 108, in parallel_execute
    raise error_to_reraise
  File "/usr/lib/python3/dist-packages/compose/parallel.py", line 206, in producer
    result = func(obj)
  File "/usr/lib/python3/dist-packages/compose/project.py", line 679, in do
    return service.execute_convergence_plan(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 579, in execute_convergence_plan
    return self._execute_convergence_recreate(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 499, in _execute_convergence_recreate
    containers, errors = parallel_execute(
  File "/usr/lib/python3/dist-packages/compose/parallel.py", line 108, in parallel_execute
    raise error_to_reraise
  File "/usr/lib/python3/dist-packages/compose/parallel.py", line 206, in producer
    result = func(obj)
  File "/usr/lib/python3/dist-packages/compose/service.py", line 494, in recreate
    return self.recreate_container(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 612, in recreate_container
    new_container = self.create_container(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 330, in create_container
    container_options = self._get_container_create_options(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 921, in _get_container_create_options
    container_options, override_options = self._build_container_volume_options(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 960, in _build_container_volume_options
    binds, affinity = merge_volume_bindings(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 1548, in merge_volume_bindings
    old_volumes, old_mounts = get_container_data_volumes(
  File "/usr/lib/python3/dist-packages/compose/service.py", line 1579, in get_container_data_volumes
    container.image_config['ContainerConfig'].get('Volumes') or {}
KeyError: 'ContainerConfig'

Please help

eandersons commented 3 weeks ago

I tried your Compose file with Docker Compose plugin (docker compose), standalone Docker Compose (docker-compose), podman-compose and standalone Docker Compose with Podman, but could not reproduce the error.

What is the version of your standalone Docker Compose (docker-compose --version)? You probably should try to update it if it is far behind the current version (2.27.0).

Webpower2000 commented 2 weeks ago

The Code is a Bit wrong on the Page..

  # Change this to your host's public address
  - WG_HOST=vpn.homelab.com
  # Optional:
  - PASSWORD=foobar123
  # - WG_PORT=51820

But now I get a other failure

failed to deploy a stack: network traefik_network declared as external, but could not be found

eandersons commented 2 weeks ago

failed to deploy a stack: network traefik_network declared as external, but could not be found

Well, it is exactly that - the Compose file has declared reference to an external network, meaning that it must exist before deploying the Compose stack. Depending on the use case the external network traefik_network may not be needed, since WireGuard Easy and Traefik containers are in the same network by default.