properly setup everything, use for dev env

3 weeks ago · 469ace1b3b
3 changed files with 26 additions and 15 deletions
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@ -15,6 +15,12 @@ services:
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
+    environment:
+      - INIT_ENABLED=true
+      - INIT_HOST=test
+      - INIT_PORT=51820
+      - INIT_USERNAME=testtest
+      - INIT_PASSWORD=Qweasdyxcv!2

 # folders should be generated inside container
 volumes:
--- a/docs/content/advanced/config/unattended-setup.md
+++ b/docs/content/advanced/config/unattended-setup.md
@ -11,20 +11,22 @@ These will only be used during the first start of the container. After that, the
 | `INIT_ENABLED`   | `true`            | Enables the below env vars                                | 0     |
 | `INIT_USERNAME`  | `admin`           | Sets admin username                                       | 1     |
 | `INIT_PASSWORD`  | `Se!ureP%ssw`     | Sets admin password                                       | 1     |
+| `INIT_HOST`      | `vpn.example.com` | Host clients will connect to                              | 1     |
+| `INIT_PORT`      | `51820`           | Port clients will connect to and wireguard will listen on | 1     |
 | `INIT_DNS`       | `1.1.1.1,8.8.8.8` | Sets global dns setting                                   | 2     |
-| `INIT_IPV4_CIDR` | `10.8.0.0/24`     | Sets ipv4 cidr                                            | 3     |
-| `INIT_IPV6_CIDR` | `2001:0DB8::/32`  | sets ipv6 cidr                                            | 3     |
-| `INIT_HOST`      | `vpn.example.com` | host clients will connect to                              | 4     |
-| `INIT_PORT`      | `51820`           | port clients will connect to and wireguard will listen on | 4     |
+| `INIT_IPV4_CIDR` | `10.8.0.0/24`     | Sets IPv4 cidr                                            | 3     |
+| `INIT_IPV6_CIDR` | `2001:0DB8::/32`  | Sets IPv6 cidr                                            | 3     |

 /// warning | Variables have to be used together

-If variables are in the same group, you have to set them both. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.
+If variables are in the same group, you have to set all of them. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.
+
+If you want to skip the setup process, you have to configure group `1`
 ///

-/// note | Password security
+/// note | Security

-The initial password is not checked for complexity. Make sure to set a secure password.
+The initial username and password is not checked for complexity. Make sure to set a long enough username and a secure password. Otherwise, the user won't be able to log in.

 Its recommended to remove the variables after the setup is done to prevent the password from being exposed.
 ///
--- a/src/server/database/sqlite.ts
+++ b/src/server/database/sqlite.ts
@ -73,11 +73,6 @@ async function initialSetup(db: DBServiceType) {
    return;
  }

-  if (WG_INITIAL_ENV.USERNAME && WG_INITIAL_ENV.PASSWORD) {
-    DB_DEBUG('Creating initial user...');
-    await db.users.create(WG_INITIAL_ENV.USERNAME, WG_INITIAL_ENV.PASSWORD);
-  }
-
  if (WG_INITIAL_ENV.IPV4_CIDR && WG_INITIAL_ENV.IPV6_CIDR) {
    DB_DEBUG('Setting initial CIDR...');
    await db.interfaces.updateCidr({
@ -95,13 +90,21 @@ async function initialSetup(db: DBServiceType) {
    });
  }

-  if (WG_INITIAL_ENV.HOST && WG_INITIAL_ENV.PORT) {
+  if (
+    WG_INITIAL_ENV.USERNAME &&
+    WG_INITIAL_ENV.PASSWORD &&
+    WG_INITIAL_ENV.HOST &&
+    WG_INITIAL_ENV.PORT
+  ) {
+    DB_DEBUG('Creating initial user...');
+    await db.users.create(WG_INITIAL_ENV.USERNAME, WG_INITIAL_ENV.PASSWORD);
+
    DB_DEBUG('Setting initial host and port...');
    await db.userConfigs.updateHostPort(
      WG_INITIAL_ENV.HOST,
      WG_INITIAL_ENV.PORT
    );
-  }

-  await db.general.setSetupStep(0);
+    await db.general.setSetupStep(0);
+  }
 }