mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

revert: custom interface PR: #700

pull/714/head
Philip H. 1 year ago
committed by GitHub
parent
2eb276a836
commit
e1dfc0ff19
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 16 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      README.md
  2. 1
      docker-compose.yml
  3. 5
      src/config.js
  4. 21
      src/lib/WireGuard.js

1
README.md
View File

@ -88,7 +88,6 @@ These options can be configured by setting environment variables using `-e KEY="
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
| `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on 51820 inside the Docker container. |
| `WG_INTERFACE` | `wg0` | `wg1` | The interface wireguard will use in the container. (Only needed if `network_mode: host` or `--net=host` is used) |
| `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. |
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |

1
docker-compose.yml
View File

@ -12,7 +12,6 @@ services:
# Optional:
# - PASSWORD=foobar123
# - WG_PORT=51820
# - WG_INTERFACE=wg0
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
# - WG_MTU=1420

5
src/config.js
View File

@ -8,7 +8,6 @@ module.exports.WEBUI_HOST = process.env.WEBUI_HOST || '0.0.0.0';
module.exports.PASSWORD = process.env.PASSWORD;
module.exports.WG_PATH = process.env.WG_PATH || '/etc/wireguard/';
module.exports.WG_DEVICE = process.env.WG_DEVICE || 'eth0';
module.exports.WG_INTERFACE = process.env.WG_INTERFACE || 'wg0';
module.exports.WG_HOST = process.env.WG_HOST;
module.exports.WG_PORT = process.env.WG_PORT || 51820;
module.exports.WG_MTU = process.env.WG_MTU || null;
@ -23,8 +22,8 @@ module.exports.WG_PRE_UP = process.env.WG_PRE_UP || '';
module.exports.WG_POST_UP = process.env.WG_POST_UP || `
iptables -t nat -A POSTROUTING -s ${module.exports.WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ${module.exports.WG_DEVICE} -j MASQUERADE;
iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT;
iptables -A FORWARD -i ${module.exports.WG_INTERFACE} -j ACCEPT;
iptables -A FORWARD -o ${module.exports.WG_INTERFACE} -j ACCEPT;
iptables -A FORWARD -i wg0 -j ACCEPT;
iptables -A FORWARD -o wg0 -j ACCEPT;
`.split('\n').join(' ');
module.exports.WG_PRE_DOWN = process.env.WG_PRE_DOWN || '';

21
src/lib/WireGuard.js
View File

@ -23,7 +23,6 @@ const {
WG_POST_UP,
WG_PRE_DOWN,
WG_POST_DOWN,
WG_INTERFACE,
} = require('../config');
module.exports = class WireGuard {
@ -60,18 +59,18 @@ module.exports = class WireGuard {
}
await this.__saveConfig(config);
await Util.exec(`wg-quick down ${WG_INTERFACE}`).catch(() => { });
await Util.exec(`wg-quick up ${WG_INTERFACE}`).catch((err) => {
if (err && err.message && err.message.includes(`Cannot find device ${WG_INTERFACE}`)) {
throw new Error(`WireGuard exited with the error: Cannot find device ${WG_INTERFACE}\nThis usually means that your host's kernel does not support WireGuard!`);
await Util.exec('wg-quick down wg0').catch(() => { });
await Util.exec('wg-quick up wg0').catch((err) => {
if (err && err.message && err.message.includes('Cannot find device "wg0"')) {
throw new Error('WireGuard exited with the error: Cannot find device "wg0"\nThis usually means that your host\'s kernel does not support WireGuard!');
}
throw err;
});
// await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ' + WG_DEVICE + ' -j MASQUERADE`);
// await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o eth0 -j MASQUERADE`);
// await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT');
// await Util.exec('iptables -A FORWARD -i ' + WG_INTERFACE + ' -j ACCEPT');
// await Util.exec('iptables -A FORWARD -o ' + WG_INTERFACE + ' -j ACCEPT');
// await Util.exec('iptables -A FORWARD -i wg0 -j ACCEPT');
// await Util.exec('iptables -A FORWARD -o wg0 -j ACCEPT');
await this.__syncConfig();
return config;
@ -119,7 +118,7 @@ AllowedIPs = ${client.address}/32`;
await fs.writeFile(path.join(WG_PATH, 'wg0.json'), JSON.stringify(config, false, 2), {
mode: 0o660,
});
await fs.writeFile(path.join(WG_PATH, `${WG_INTERFACE}.conf`), result, {
await fs.writeFile(path.join(WG_PATH, 'wg0.conf'), result, {
mode: 0o600,
});
debug('Config saved.');
@ -127,7 +126,7 @@ AllowedIPs = ${client.address}/32`;
async __syncConfig() {
debug('Config syncing...');
await Util.exec(`wg syncconf ${WG_INTERFACE} <(wg-quick strip ${WG_INTERFACE})`);
await Util.exec('wg syncconf wg0 <(wg-quick strip wg0)');
debug('Config synced.');
}
@ -150,7 +149,7 @@ AllowedIPs = ${client.address}/32`;
}));
// Loop WireGuard status
const dump = await Util.exec(`wg show ${WG_INTERFACE} dump`, {
const dump = await Util.exec('wg show wg0 dump', {
log: false,
});
dump

Write Preview
Loading…
Cancel
Save