From f4d3608da7287cbdbdcb4fd55e56448f63159c2e Mon Sep 17 00:00:00 2001
From: Bernd Storath <32197462+kaaax0815@users.noreply.github.com>
Date: Thu, 6 Mar 2025 08:15:18 +0100
Subject: [PATCH 1/2] Fix: Various (#1711)
* fix docs
* fix migration
---
docs/content/advanced/migrate/from-14-to-15.md | 9 +++++++--
docs/content/index.md | 12 +++++++++---
docs/mkdocs.yml | 10 ++++++++--
src/server/api/setup/migrate.post.ts | 4 ++--
4 files changed, 26 insertions(+), 9 deletions(-)
diff --git a/docs/content/advanced/migrate/from-14-to-15.md b/docs/content/advanced/migrate/from-14-to-15.md
index b471fa18..da9a0481 100644
--- a/docs/content/advanced/migrate/from-14-to-15.md
+++ b/docs/content/advanced/migrate/from-14-to-15.md
@@ -6,7 +6,9 @@ This guide will help you migrate from `v14` to version `v15` of `wg-easy`.
## Changes
-This is a complete rewrite of the `wg-easy` project. Therefore the configuration files and the way you interact with the project have changed.
+- This is a complete rewrite of the `wg-easy` project. Therefore the configuration files and the way you interact with the project have changed.
+- If you use armv6 or armv7, you can't migrate to `v15` yet. We are working on it.
+- If you are connecting to the web ui via HTTP, you need to set the `INSECURE` environment variable to `true` in the new container.
## Migration
@@ -38,10 +40,13 @@ docker-compose down
### Start new container
-Follow the instructions in the [Getting Started](../../usage.md) or [Basic Installation](../../examples/tutorials/basic-installation.md) guide to start the new container.
+Follow the instructions in the [Getting Started][docs-getting-started] or [Basic Installation][docs-examples] guide to start the new container.
In the setup wizard, select that you already already have a configuration file and upload the `wg0.json` file you downloaded in the backup step.
+[docs-getting-started]: ../../getting-started.md
+[docs-examples]: ../../examples/tutorials/basic-installation.md
+
### Done
You have now successfully migrated to `v15` of `wg-easy`.
diff --git a/docs/content/index.md b/docs/content/index.md
index 6d51bdf2..92532129 100644
--- a/docs/content/index.md
+++ b/docs/content/index.md
@@ -13,7 +13,7 @@ hide:
This documentation provides you not only with the basic setup and configuration of wg-easy but also with advanced configuration, elaborate usage scenarios, detailed examples, hints and more.
-[docs-tagging]: ./usage.md#tagging-convention
+[docs-tagging]: ./getting-started.md#tagging-convention
## About
@@ -23,9 +23,9 @@ This documentation provides you not only with the basic setup and configuration
### Getting Started
-If you're new to wg-easy, make sure to read the [_Usage_ chapter][docs-usage] first. If you want to look at examples for Docker Run and Compose, we have an [_Examples_ page][docs-examples].
+If you're new to wg-easy, make sure to read the [_Getting Started_ chapter][docs-getting-started] first. If you want to look at examples for Docker Run and Compose, we have an [_Examples_ page][docs-examples].
-[docs-usage]: ./usage.md
+[docs-getting-started]: ./getting-started.md
[docs-examples]: ./examples/tutorials/basic-installation.md
### Contributing
@@ -33,3 +33,9 @@ If you're new to wg-easy, make sure to read the [_Usage_ chapter][docs-usage] fi
We are always happy to welcome new contributors. For guidelines and entrypoints please have a look at the [Contributing section][docs-contributing].
[docs-contributing]: ./contributing/issues-and-pull-requests.md
+
+### Migration
+
+If you are migrating from an older version of `wg-easy`, please read the [_Migration_ chapter][docs-migration].
+
+[docs-migration]: ./advanced/migrate/from-14-to-15.md
diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml
index 2e0f888c..1050003e 100644
--- a/docs/mkdocs.yml
+++ b/docs/mkdocs.yml
@@ -1,7 +1,13 @@
site_name: "wg-easy"
site_description: "The easiest way to run WireGuard VPN + Web-based Admin UI."
-site_author: "wg-easy (Github Organization)"
-copyright: '© Wireguard Easy Organization
This project is licensed under the GNU Affero General Public License v3.0 or later.
'
+site_author: "WireGuard Easy"
+copyright: >
+
+ © Wireguard Easy
+ This project is licensed under AGPL-3.0-only.
+ This project is not affiliated, associated, authorized, endorsed by, or in any way officially connected with Jason A. Donenfeld, ZX2C4 or Edge Security
+ "WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld
+
repo_url: https://github.com/wg-easy/wg-easy
repo_name: wg-easy
diff --git a/src/server/api/setup/migrate.post.ts b/src/server/api/setup/migrate.post.ts
index febd0702..9c0a549a 100644
--- a/src/server/api/setup/migrate.post.ts
+++ b/src/server/api/setup/migrate.post.ts
@@ -18,8 +18,8 @@ export default defineSetupEventHandler('migrate', async ({ event }) => {
clients: z.record(
z.string(),
z.object({
- // not used
- id: z.string(),
+ // not used, breaks compatibility with older versions
+ id: z.string().optional(),
name: z.string(),
address: z.string(),
privateKey: z.string(),
From 842475f79983af9ab88d3e0eac899d9793a8cbc7 Mon Sep 17 00:00:00 2001
From: Bernd Storath <32197462+kaaax0815@users.noreply.github.com>
Date: Thu, 6 Mar 2025 10:04:49 +0100
Subject: [PATCH 2/2] Fix: Cidr Change (#1712)
* only calculate ip if cidr changed
if the cidr did not change, the ip will not change to prevent ip shifts
* fix lint
---
src/i18n/locales/en.json | 3 +-
.../repositories/interface/service.ts | 28 +++++++++++++++----
.../database/repositories/interface/types.ts | 2 ++
3 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
index 79545cf2..212b162a 100644
--- a/src/i18n/locales/en.json
+++ b/src/i18n/locales/en.json
@@ -193,7 +193,8 @@
},
"interface": {
"cidr": "CIDR",
- "device": "Device"
+ "device": "Device",
+ "cidrValid": "CIDR must be valid"
},
"otl": "One Time link",
"stringMalformed": "String is malformed",
diff --git a/src/server/database/repositories/interface/service.ts b/src/server/database/repositories/interface/service.ts
index 9edfb96b..ac191975 100644
--- a/src/server/database/repositories/interface/service.ts
+++ b/src/server/database/repositories/interface/service.ts
@@ -1,4 +1,3 @@
-import isCidr from 'is-cidr';
import { eq, sql } from 'drizzle-orm';
import { parseCidr } from 'cidr-tools';
import { wgInterface } from './schema';
@@ -58,10 +57,18 @@ export class InterfaceService {
}
updateCidr(data: InterfaceCidrUpdateType) {
- if (!isCidr(data.ipv4Cidr) || !isCidr(data.ipv6Cidr)) {
- throw new Error('Invalid CIDR');
- }
return this.#db.transaction(async (tx) => {
+ const oldCidr = await tx.query.wgInterface
+ .findFirst({
+ where: eq(wgInterface.name, 'wg0'),
+ columns: { ipv4Cidr: true, ipv6Cidr: true },
+ })
+ .execute();
+
+ if (!oldCidr) {
+ throw new Error('Interface not found');
+ }
+
await tx
.update(wgInterface)
.set(data)
@@ -74,8 +81,17 @@ export class InterfaceService {
// TODO: optimize
const clients = await tx.query.client.findMany().execute();
- const nextIpv4 = nextIP(4, parseCidr(data.ipv4Cidr), clients);
- const nextIpv6 = nextIP(6, parseCidr(data.ipv6Cidr), clients);
+ // only calculate ip if cidr has changed
+
+ let nextIpv4 = client.ipv4Address;
+ if (data.ipv4Cidr !== oldCidr.ipv4Cidr) {
+ nextIpv4 = nextIP(4, parseCidr(data.ipv4Cidr), clients);
+ }
+
+ let nextIpv6 = client.ipv6Address;
+ if (data.ipv6Cidr !== oldCidr.ipv6Cidr) {
+ nextIpv6 = nextIP(6, parseCidr(data.ipv6Cidr), clients);
+ }
await tx
.update(clientSchema)
diff --git a/src/server/database/repositories/interface/types.ts b/src/server/database/repositories/interface/types.ts
index d109fb96..5d604c1e 100644
--- a/src/server/database/repositories/interface/types.ts
+++ b/src/server/database/repositories/interface/types.ts
@@ -1,5 +1,6 @@
import type { InferSelectModel } from 'drizzle-orm';
import z from 'zod';
+import isCidr from 'is-cidr';
import type { wgInterface } from './schema';
export type InterfaceType = InferSelectModel;
@@ -22,6 +23,7 @@ const device = z
const cidr = z
.string({ message: t('zod.interface.cidr') })
.min(1, { message: t('zod.interface.cidr') })
+ .refine((value) => isCidr(value), { message: t('zod.interface.cidrValid') })
.pipe(safeStringRefine);
export const InterfaceUpdateSchema = schemaForType()(