From 469ace1b3b5bf17b99242276f67675bbd831c2d2 Mon Sep 17 00:00:00 2001
From: Bernd Storath <999999bst@gmail.com>
Date: Thu, 13 Mar 2025 10:32:59 +0100
Subject: [PATCH] properly setup everything, use for dev env
---
docker-compose.dev.yml | 6 ++++++
.../advanced/config/unattended-setup.md | 16 +++++++++-------
src/server/database/sqlite.ts | 19 +++++++++++--------
3 files changed, 26 insertions(+), 15 deletions(-)
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
index fc002bb3..8f9dad6e 100644
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -15,6 +15,12 @@ services:
cap_add:
- NET_ADMIN
- SYS_MODULE
+ environment:
+ - INIT_ENABLED=true
+ - INIT_HOST=test
+ - INIT_PORT=51820
+ - INIT_USERNAME=testtest
+ - INIT_PASSWORD=Qweasdyxcv!2
# folders should be generated inside container
volumes:
diff --git a/docs/content/advanced/config/unattended-setup.md b/docs/content/advanced/config/unattended-setup.md
index 18736167..ee864efe 100644
--- a/docs/content/advanced/config/unattended-setup.md
+++ b/docs/content/advanced/config/unattended-setup.md
@@ -11,20 +11,22 @@ These will only be used during the first start of the container. After that, the
| `INIT_ENABLED` | `true` | Enables the below env vars | 0 |
| `INIT_USERNAME` | `admin` | Sets admin username | 1 |
| `INIT_PASSWORD` | `Se!ureP%ssw` | Sets admin password | 1 |
+| `INIT_HOST` | `vpn.example.com` | Host clients will connect to | 1 |
+| `INIT_PORT` | `51820` | Port clients will connect to and wireguard will listen on | 1 |
| `INIT_DNS` | `1.1.1.1,8.8.8.8` | Sets global dns setting | 2 |
-| `INIT_IPV4_CIDR` | `10.8.0.0/24` | Sets ipv4 cidr | 3 |
-| `INIT_IPV6_CIDR` | `2001:0DB8::/32` | sets ipv6 cidr | 3 |
-| `INIT_HOST` | `vpn.example.com` | host clients will connect to | 4 |
-| `INIT_PORT` | `51820` | port clients will connect to and wireguard will listen on | 4 |
+| `INIT_IPV4_CIDR` | `10.8.0.0/24` | Sets IPv4 cidr | 3 |
+| `INIT_IPV6_CIDR` | `2001:0DB8::/32` | Sets IPv6 cidr | 3 |
/// warning | Variables have to be used together
-If variables are in the same group, you have to set them both. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.
+If variables are in the same group, you have to set all of them. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.
+
+If you want to skip the setup process, you have to configure group `1`
///
-/// note | Password security
+/// note | Security
-The initial password is not checked for complexity. Make sure to set a secure password.
+The initial username and password is not checked for complexity. Make sure to set a long enough username and a secure password. Otherwise, the user won't be able to log in.
Its recommended to remove the variables after the setup is done to prevent the password from being exposed.
///
diff --git a/src/server/database/sqlite.ts b/src/server/database/sqlite.ts
index 301a0fc8..dbfade9b 100644
--- a/src/server/database/sqlite.ts
+++ b/src/server/database/sqlite.ts
@@ -73,11 +73,6 @@ async function initialSetup(db: DBServiceType) {
return;
}
- if (WG_INITIAL_ENV.USERNAME && WG_INITIAL_ENV.PASSWORD) {
- DB_DEBUG('Creating initial user...');
- await db.users.create(WG_INITIAL_ENV.USERNAME, WG_INITIAL_ENV.PASSWORD);
- }
-
if (WG_INITIAL_ENV.IPV4_CIDR && WG_INITIAL_ENV.IPV6_CIDR) {
DB_DEBUG('Setting initial CIDR...');
await db.interfaces.updateCidr({
@@ -95,13 +90,21 @@ async function initialSetup(db: DBServiceType) {
});
}
- if (WG_INITIAL_ENV.HOST && WG_INITIAL_ENV.PORT) {
+ if (
+ WG_INITIAL_ENV.USERNAME &&
+ WG_INITIAL_ENV.PASSWORD &&
+ WG_INITIAL_ENV.HOST &&
+ WG_INITIAL_ENV.PORT
+ ) {
+ DB_DEBUG('Creating initial user...');
+ await db.users.create(WG_INITIAL_ENV.USERNAME, WG_INITIAL_ENV.PASSWORD);
+
DB_DEBUG('Setting initial host and port...');
await db.userConfigs.updateHostPort(
WG_INITIAL_ENV.HOST,
WG_INITIAL_ENV.PORT
);
- }
- await db.general.setSetupStep(0);
+ await db.general.setSetupStep(0);
+ }
}