Archives
/
docker-wireguard
mirror of https://github.com/linuxserver/docker-wireguard
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

update readme, improve verbosity in logs

Browse Source
pull/39/head
aptalca 4 years ago
parent 7e88a94310
commit bc276ccd28
3 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File

6
README.md
Unescape Escape View File

@ -168,11 +168,11 @@ In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as bel
 
## Application Setup
This image is designed for Ubuntu and Debian based systems only. During container start, it will download the necessary kernel headers and build the kernel module (until kernel 5.6, which has the module built-in, goes mainstream).
This image is designed for Ubuntu and Debian based systems mainly. During container start, it will first check if the wireguard module is already installed and loaded. If not, it will then check if the kernel headers are already installed (in `/usr/src`) and if not, attempt to download the necessary kernel headers from the ubuntu/debian/raspbian repos; then will compile and install the kernel module.
If you're on a debian/ubuntu based host with a custom or downstream distro provided kernel (ie. Pop!_OS), the container won't be able to install the kernel headers from the regular ubuntu and debian repos. In those cases, you can try installing the headers on the host via `sudo apt install linux-headers-$(uname -r)` (if distro version) and then add a volume mapping for `/usr/src:/usr/src`, or if custom built, map the location of the existing headers to allow the container to use host installed headers to build the kernel module (tested successful on Pop!_OS, ymmv).
With regards to arm32/64 devices, Raspberry Pi 2-4 running the [official ubuntu images](https://ubuntu.com/download/raspberry-pi) or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping `/usr/src:/usr/src` and it may just work (no guarantees).
With regards to arm32/64 devices, Raspberry Pi 2-4 running the [official ubuntu images prior to focal](https://ubuntu.com/download/raspberry-pi) or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping `/usr/src:/usr/src` and it may just work (no guarantees).
This can be run as a server or a client, based on the parameters used.
@ -268,7 +268,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **19.06.20:** - Compile wireguard tools and kernel module instead of using the ubuntu packages, make module install optional.
* **19.06.20:** - Compile wireguard tools and kernel module instead of using the ubuntu packages. Make module install optional. Imrpove verbosity in logs.
* **29.05.20:** - Add support for 64bit raspbian.
* **28.04.20:** - Add Buster/Stretch backports repos for Debian. Tested with OMV 5 and OMV 4 (on kernel 4.19.0-0.bpo.8-amd64).
* **20.04.20:** - Fix typo in client mode conf existence check.

6
readme-vars.yml
Unescape Escape View File

@ -54,11 +54,11 @@ optional_block_1_items: ""
# application setup block
app_setup_block_enabled: true
app_setup_block: |
This image is designed for Ubuntu and Debian based systems only. During container start, it will download the necessary kernel headers and build the kernel module (until kernel 5.6, which has the module built-in, goes mainstream).
This image is designed for Ubuntu and Debian based systems mainly. During container start, it will first check if the wireguard module is already installed and loaded. If not, it will then check if the kernel headers are already installed (in `/usr/src`) and if not, attempt to download the necessary kernel headers from the ubuntu/debian/raspbian repos; then will compile and install the kernel module.
If you're on a debian/ubuntu based host with a custom or downstream distro provided kernel (ie. Pop!_OS), the container won't be able to install the kernel headers from the regular ubuntu and debian repos. In those cases, you can try installing the headers on the host via `sudo apt install linux-headers-$(uname -r)` (if distro version) and then add a volume mapping for `/usr/src:/usr/src`, or if custom built, map the location of the existing headers to allow the container to use host installed headers to build the kernel module (tested successful on Pop!_OS, ymmv).
With regards to arm32/64 devices, Raspberry Pi 2-4 running the [official ubuntu images](https://ubuntu.com/download/raspberry-pi) or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping `/usr/src:/usr/src` and it may just work (no guarantees).
With regards to arm32/64 devices, Raspberry Pi 2-4 running the [official ubuntu images prior to focal](https://ubuntu.com/download/raspberry-pi) or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping `/usr/src:/usr/src` and it may just work (no guarantees).
This can be run as a server or a client, based on the parameters used.
@ -85,7 +85,7 @@ app_setup_block: |
# changelog
changelogs:
- { date: "19.06.20:", desc: "Compile wireguard tools and kernel module instead of using the ubuntu packages, make module install optional." }
- { date: "19.06.20:", desc: "Compile wireguard tools and kernel module instead of using the ubuntu packages. Make module install optional. Imrpove verbosity in logs." }
- { date: "29.05.20:", desc: "Add support for 64bit raspbian." }
- { date: "28.04.20:", desc: "Add Buster/Stretch backports repos for Debian. Tested with OMV 5 and OMV 4 (on kernel 4.19.0-0.bpo.8-amd64)." }
- { date: "20.04.20:", desc: "Fix typo in client mode conf existence check." }

38
root/etc/cont-init.d/30-config
Unescape Escape View File

@ -4,30 +4,30 @@ mkdir -p /config/{templates,coredns}
# check for wireguard module
if grep -q wireguard /proc/modules; then
echo "It seems the wireguard module is already loaded, let's test to make sure it works."
echo "**** It seems the wireguard module is already loaded, let's test to make sure it works. ****"
/app/wireguard-tools/contrib/ncat-client-server/client-quick.sh
wg-quick up demo
if wg show | grep -q demo; then
echo "The module is working properly, skipping kernel header install and module compilation."
echo "**** The module is working properly, skipping kernel header install and module compilation. ****"
SKIP_COMPILE="true"
else
echo "The module is not functional, will attempt kernel header install and module compilation."
echo "**** The module is not functional, will attempt kernel header install and module compilation. ****"
fi
wg-quick down demo
rm -f /etc/wireguard/demo.conf
else
echo "The wireguard module is not loaded, will attempt kernel header install and module compilation."
echo "**** The wireguard module is not loaded, will attempt kernel header install and module compilation. ****"
fi
# install headers if necessary
if [ "$SKIP_COMPILE" != "true" ]; then
echo "Attempting kernel header install"
echo "**** Attempting kernel header install ****"
apt-get update
if apt-cache show linux-headers-$(uname -r) 2&>1 >/dev/null; then
apt-get install -y \
linux-headers-$(uname -r)
elif (uname -r | grep -q 'v7+') || (uname -r | grep -q 'v7l+') || (uname -r | grep -q 'v8+'); then
echo "Raspbian kernel naming convention detected, attempting to install raspbian kernel headers"
echo "**** Raspbian kernel naming convention detected, attempting to install raspbian kernel headers ****"
curl -s http://archive.raspberrypi.org/debian/raspberrypi.gpg.key | apt-key add -
echo -e \
"deb http://archive.raspberrypi.org/debian/ buster main\ndeb-src http://archive.raspberrypi.org/debian/ buster main" \
@ -36,7 +36,7 @@ if [ "$SKIP_COMPILE" != "true" ]; then
apt-get install -y \
raspberrypi-kernel-headers
elif uname -v | grep -q 'Ubuntu'; then
echo "Attempting to install kernel headers from Ubuntu Xenial repo"
echo "**** Attempting to install kernel headers from Ubuntu Xenial repo ****"
echo -e \
"deb http://archive.ubuntu.com/ubuntu/ xenial main restricted\ndeb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted\n\ndeb http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted\ndeb-src http://archive.ubuntu.com/ubuntu/ xenial-updates main restricted" \
> /etc/apt/sources.list.d/xenial.list
@ -45,10 +45,10 @@ if [ "$SKIP_COMPILE" != "true" ]; then
apt-get install -y \
linux-headers-$(uname -r)
else
echo "No kernel headers found in the Ubuntu repos!! Will try the headers from host (if mapped), may or may not work"
echo "**** No kernel headers found in the Ubuntu repos!! Will try the headers from host (if mapped), may or may not work ****"
fi
elif uname -v | grep -q 'Debian'; then
echo "Debian host detected, attempting to install kernel headers from Debian Buster repo"
echo "**** Debian host detected, attempting to install kernel headers from Debian Buster repo ****"
curl -s https://ftp-master.debian.org/keys/archive-key-10.asc | apt-key add -
echo -e \
"deb http://deb.debian.org/debian buster main contrib non-free\ndeb-src http://deb.debian.org/debian buster main contrib non-free\ndeb http://deb.debian.org/debian buster-backports main contrib non-free\ndeb-src http://deb.debian.org/debian buster-backports main contrib non-free" \
@ -56,7 +56,7 @@ if [ "$SKIP_COMPILE" != "true" ]; then
apt-get update
if apt-cache show linux-headers-$(uname -r) 2&>1 >/dev/null; then
if uname -r | grep -qs "bpo"; then
echo "Backported kernel detected"
echo "**** Backported kernel detected ****"
apt-get install -y -t buster-backports \
linux-headers-$(uname -r)
else
@ -64,13 +64,13 @@ if [ "$SKIP_COMPILE" != "true" ]; then
linux-headers-$(uname -r)
fi
else
echo "Attempting to install kernel headers from the Debian Stretch repo"
echo "**** Attempting to install kernel headers from the Debian Stretch repo ****"
curl -s https://ftp-master.debian.org/keys/archive-key-9.asc | apt-key add -
sed -i 's/buster/stretch/g' /etc/apt/sources.list.d/debian.list
apt-get update
if apt-cache show linux-headers-$(uname -r) 2&>1 >/dev/null; then
if uname -r | grep -qs "bpo"; then
echo "Backported kernel detected"
echo "**** Backported kernel detected ****"
apt-get install -y -t stretch-backports \
linux-headers-$(uname -r)
else
@ -78,35 +78,35 @@ if [ "$SKIP_COMPILE" != "true" ]; then
linux-headers-$(uname -r)
fi
else
echo "No kernel headers found in Debian repos!! Will try the headers from host (if mapped), may or may not work"
echo "**** No kernel headers found in Debian repos!! Will try the headers from host (if mapped), may or may not work ****"
fi
fi
else
echo "No kernel headers found in the Ubuntu or Debian repos!! Will try the headers from host (if mapped), may or may not work"
echo "**** No kernel headers found in the Ubuntu or Debian repos!! Will try the headers from host (if mapped), may or may not work ****"
fi
fi
if [ "$SKIP_COMPILE" != "true" ]; then
if [ -e /lib/modules/$(uname -r)/build ]; then
echo "Kernel headers seem to be present, attempting to build the wireguard module. . ."
echo "**** Kernel headers seem to be present, attempting to build the wireguard module. . . ****"
cd /app
make -C wireguard-linux-compat/src -j$(nproc)
make -C wireguard-linux-compat/src install
echo "Let's test our new module."
echo "**** Let's test our new module. ****"
/app/wireguard-tools/contrib/ncat-client-server/client-quick.sh
wg-quick up demo
if wg show | grep -q demo; then
echo "The module is working properly, moving forward with setup."
echo "**** The module is working properly, moving forward with setup. ****"
else
echo "The module is not working, review the logs. Sleeping now. . ."
wg-quick down demo
rm -f /etc/wireguard/demo.conf
echo "**** The module is not working, review the logs. Sleeping now. . . ****"
sleep infinity
fi
wg-quick down demo
rm -f /etc/wireguard/demo.conf
else
echo "Kernel headers don't seem to be available, can't compile the module. Sleeping now. . ."
echo "**** Kernel headers don't seem to be available, can't compile the module. Sleeping now. . . ****"
sleep infinity
fi
fi

Write Preview
Loading…
Cancel
Save