Open andrey0001 opened 2 years ago
Create a PR :)
Just dropping a comment to express support for this. I appreciate all the work you've put into the project, and I understand why this might not be high on the list. I also think that a lack of IPv6 support in 2022 puts a fairly significant limit on the project's functionality though. If I can learn the ropes of the code here I may work on a PR.
Also adding a comment asking for IPv6 support. non dual stack systems aren't useful on my network.
This issue is stale because it has been open for 30 days with no activity.
This issue shouldnt be stale
Maybe I am missing something, but why is the container despite this listening on IPv6?
# lsof -i:51820
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr X root 4u IPv4 X 0t0 UDP *:51820
docker-pr X root 4u IPv6 X 0t0 UDP *:51820
# lsof -i:51821
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
docker-pr X root 4u IPv4 X 0t0 TCP *:51821 (LISTEN)
docker-pr X root 4u IPv6 X 0t0 TCP *:51821 (LISTEN)
As a temporary solution I can advise an ipv6-to-ipv4 proxy. E.g. "tayga" or "socat". An example below was generated by ChatGPT and wasn't tested yet by me and it comes with no warranty.
sudo apt-get update
sudo apt-get install tayga
echo 'ipv4-addr = 192.168.255.1
dynamic-pool = 192.168.255.0/24
prefix = fd00:1234::/96
allow-own-ranges = yes' | sudo tee /etc/tayga.conf
sudo ip tuntap add mode tun dev tun0
sudo ip addr add 192.168.255.1/24 dev tun0
sudo ip link set dev tun0 up
sudo ip route add 192.168.255.0/24 dev tun0
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo tayga -d
This issue is stale because it has been open for 30 days with no activity.
@andrey0001 @WeeJeWel @alvolalex I implemented dual-stack support for wg-easy using the 'docker-compose.yml' configuration file.
Steps:
docker-compose.yml
file start wg-easy container.docker-compose.yml file:
version: '3.8'
services:
wg-easy:
image: ghcr.io/wg-easy/wg-easy
container_name: wg-easy
network_mode: bridge
restart: always
privileged: true
environment:
- WG_HOST=********
- PASSWORD=********
- WG_DEFAULT_DNS=********
- WG_DEFAULT_ADDRESS=********
volumes:
- /data/wireguard:/etc/wireguard
ports:
- 51820:51820/udp
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.all.disable_ipv6=0
- net.ipv6.conf.all.forwarding=1
wg-nginx:
image: nginx
container_name: wg-nginx
privileged: true
restart: always
hostname: nginx
network_mode: bridge
ports:
- 51821:51821/tcp
volumes:
- /data/nginx/conf/:/etc/nginx/
- /data/nginx/cert/:/etc/cert/
- /data/nginx/www/:/usr/share/nginx/html/
- /data/nginx/logs/:/var/log/nginx/
depends_on:
- wg-easy
links:
- wg-easy:wg-easy
nginx config:
worker_processes auto;
error_log /dev/null;
events {
worker_connections 1024;
}
http {
server {
listen 51821 ssl;
listen [::]:51821 ssl;
server_name YOU_HOST;
ssl_certificate /etc/cert/********.pem;
ssl_certificate_key /etc/cert/********.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# Proxy wg-easy web page
location / {
proxy_pass http://wg-easy:51821;
}
}
}
This issue is stale because it has been open for 30 days with no activity.
This issue is stale because it has been open for 30 days with no activity.
IPv6 is a very important topic, please do not forget it.
How about just start adding support for specifying IPv6 addresses in the UI and letting the user take care of the routing later? Btw even though it's not the best solution you can use local addresses and NAT IPv6 just like v4 in a container that's in a IPv6 network. Just add a ULA address to the server and every client and translate it using ip6tables -A POSTROUTING -s fd..........::/64 -o eth0 -j MASQUERADE
.
This issue is stale because it has been open for 30 days with no activity.
There's no reason to have this being stale ;-)
There's no reason to have this being stale ;-)
Yup, but It's need a Developer as well, I do not have enough time currently to work on this. And currently we prepare v13 which does not have this. Maybe the next version...
There's no reason to have this being stale ;-)
Yup, but It's need a Developer as well, I do not have enough time currently to work on this. And currently we prepare v13 which does not have this. Maybe the next version...
I have some free time and would be willing to work on this. As I don't have much experience with wireguard I would appreciate some guidance
This issue is stale because it has been open for 30 days with no activity.
This issue was closed because it has been inactive for 14 days since being marked as stale.
Hello bot, please reconsider 😉
By now I've just switched to a regular Wireguard config, being able to quickly create new accounts and monitoring data usage via the UI is nice but no IPv6 is a no go for me.
Reconsider, please
I don't think the feature is off the table just because this issue is closed. The underlying issue is that the pr needs work. And nobody has the required time
By now I've just switched to a regular Wireguard config, being able to quickly create new accounts and monitoring data usage via the UI is nice but no IPv6 is a no go for me.
I understand your thoughts. But we need someone to work on that feature as the existing PR is out of date…
I am missing an option with IPV6 addresses. Please add this feature.