Add INIT_ALLOWED_IPS for unattended setup (#2164)

* Add INIT_ALLOWED_IPS env var Implement INIT_ALLOWED_IPS env var like the INIT_DNS to preset the global Allowed IPs field. * Docs: Add INIT_ALLOWED_IPS var to unattended setup table * Make UserConfigService.update param partial Update UserConfigService.update() to accept any subset of the updatable fields. Remove the unnecessary userConfig object from DBService.initialSetup() * formatting fix * format on linux On windows prettier get confused by global conf... common windows things
2 days ago · 6c0d8e91fa
4 changed files with 22 additions and 15 deletions
--- a/docs/content/advanced/config/unattended-setup.md
+++ b/docs/content/advanced/config/unattended-setup.md
@ -6,18 +6,19 @@ If you want to run the setup without any user interaction, e.g. with a tool like

 These will only be used during the first start of the container. After that, the setup will be disabled.

-| Env              | Example           | Description                                               | Group |
-| ---------------- | ----------------- | --------------------------------------------------------- | ----- |
-| `INIT_ENABLED`   | `true`            | Enables the below env vars                                | 0     |
-| `INIT_USERNAME`  | `admin`           | Sets admin username                                       | 1     |
-| `INIT_PASSWORD`  | `Se!ureP%ssw`     | Sets admin password                                       | 1     |
-| `INIT_HOST`      | `vpn.example.com` | Host clients will connect to                              | 1     |
-| `INIT_PORT`      | `51820`           | Port clients will connect to and wireguard will listen on | 1     |
-| `INIT_DNS`       | `1.1.1.1,8.8.8.8` | Sets global dns setting                                   | 2     |
-| `INIT_IPV4_CIDR` | `10.8.0.0/24`     | Sets IPv4 cidr                                            | 3     |
-| `INIT_IPV6_CIDR` | `2001:0DB8::/32`  | Sets IPv6 cidr                                            | 3     |
-
-/// warning | Variables have to be used together
+| Env                | Example                      | Description                                               | Group |
+| ------------------ | ---------------------------- | --------------------------------------------------------- | ----- |
+| `INIT_ENABLED`     | `true`                       | Enables the below env vars                                | 0     |
+| `INIT_USERNAME`    | `admin`                      | Sets admin username                                       | 1     |
+| `INIT_PASSWORD`    | `Se!ureP%ssw`                | Sets admin password                                       | 1     |
+| `INIT_HOST`        | `vpn.example.com`            | Host clients will connect to                              | 1     |
+| `INIT_PORT`        | `51820`                      | Port clients will connect to and wireguard will listen on | 1     |
+| `INIT_DNS`         | `1.1.1.1,8.8.8.8`            | Sets global dns setting                                   | 2     |
+| `INIT_IPV4_CIDR`   | `10.8.0.0/24`                | Sets IPv4 cidr                                            | 3     |
+| `INIT_IPV6_CIDR`   | `2001:0DB8::/32`             | Sets IPv6 cidr                                            | 3     |
+| `INIT_ALLOWED_IPS` | `10.8.0.0/24,2001:0DB8::/32` | Sets global Allowed IPs                                   | 4     |
+
+/// warning | Variables have to be used together

 If variables are in the same group, you have to set all of them. For example, if you set `INIT_IPV4_CIDR`, you also have to set `INIT_IPV6_CIDR`.

--- a/src/server/database/repositories/userConfig/service.ts
+++ b/src/server/database/repositories/userConfig/service.ts
@ -54,7 +54,7 @@ export class UserConfigService {
    });
  }

-  update(data: UserConfigUpdateType) {
+  update(data: Partial<UserConfigUpdateType>) {
    return this.#db
      .update(userConfig)
      .set(data)
--- a/src/server/database/sqlite.ts
+++ b/src/server/database/sqlite.ts
@ -89,13 +89,18 @@ async function initialSetup(db: DBServiceType) {

  if (WG_INITIAL_ENV.DNS) {
    DB_DEBUG('Setting initial DNS...');
-    const userConfig = await db.userConfigs.get();
    await db.userConfigs.update({
-      ...userConfig,
      defaultDns: WG_INITIAL_ENV.DNS,
    });
  }

+  if (WG_INITIAL_ENV.ALLOWED_IPS) {
+    DB_DEBUG('Setting initial Allowed IPs...');
+    await db.userConfigs.update({
+      defaultAllowedIps: WG_INITIAL_ENV.ALLOWED_IPS,
+    });
+  }
+
  if (
    WG_INITIAL_ENV.USERNAME &&
    WG_INITIAL_ENV.PASSWORD &&
--- a/src/server/utils/config.ts
+++ b/src/server/utils/config.ts
@ -38,6 +38,7 @@ export const WG_INITIAL_ENV = {
  DNS: process.env.INIT_DNS?.split(',').map((x) => x.trim()),
  IPV4_CIDR: process.env.INIT_IPV4_CIDR,
  IPV6_CIDR: process.env.INIT_IPV6_CIDR,
+  ALLOWED_IPS: process.env.INIT_ALLOWED_IPS?.split(',').map((x) => x.trim()),
  HOST: process.env.INIT_HOST,
  PORT: process.env.INIT_PORT
    ? Number.parseInt(process.env.INIT_PORT, 10)