Deployment Error:
Unsupported config option for Wireguard service: sysctl
I can’t seem to find an answer anywhere on what I’m supposed to change that to or if there is some other option I’m supposed to enable to make my sysctl support that config option. Any help would be great.
aptalca and i both tested using compose in omv5 and it works fine. On your docker tab in the gui, above where you install portainer, you can install “docker” use that. Portainer is known to break things especially when advanced options are in use (such as cap_add and sysctls options)
If you can replicate the issue deploying from compose (not portainer) that would be cause for alarm!
Ok instead of going into the ‘stack’ menu and using the Docker-Compose script I went to the ‘Container’ menu and pulled the image. When pulling the image that way it didn’t come preloaded with all the ENV data or Volumes.
I also don’t know what the extra ENV DEBIAN_FRONTEND is for. Or where this data goes:
cap_add:
- NET_ADMIN
- SYS_MODULE
Lastly as is it’s not working. I tried scanning the QR with my phone and also adding the wg0 file to my Wireguard app on the phone. Any help on getting this up and running would be great. It did make a directory of files on my external drive though.
I appreciate the help. I’m new to everything Linux and have always been just an end user of Windows products. This is my first time learning/doing any type of networking also.
I recommend using compose as I previously suggested, portainer causes problems.
join us in discord if you need some assistance, but you simply paste our compose into a text file, let’s call it docker-compose.yml, edit the things that need changing, then type docker-compose pulldocker-compose up -d
it will work, if you use portainer, it will not work. Portainer is for very advanced users who know how to unbreak things and put in cap_add stuff. text-based compose is for new users because you simply copy/paste.
Ok I got it installed through Docker -Compose command line. Everything seems to have installed properly. After scanning the QR with my phone it loads all the keys/data. When I activate it I lose internet on my phone. Not sure what setting I have wrong. I have tried changing the DNS to my Raspberry Pi’s IP since dnsmasq is my resolver. I also tried google and cloudflare. When I change the PEERDNS I use sudo docker-compose run -e PEERDNS=192.168.1.29 wireguard
I also now have several instances running which is probably a problem. I’m searching for the right command to stop them at the moment.
If you’re using a domain name as the address and are trying to connect to it from within the lan, you’re likely hitting an issue related to hairpin nat
My guess is, it’s either your domain or your port forwarding.
Check this on the server docker exec -it wireguard wg show and if you see no handshake details for the peer, definitely connection issue due to ip or port forward
I got an error response from daemon container is not running…
But then I also get this when I run docker container ls:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8a25017779f1 linuxserver/wireguard "/init" 2 hours ago Up 2 hours 51820/udp docker_wireguard_run_2
ada3fcecc911 linuxserver/wireguard "/init" 3 hours ago Up 3 hours 51820/udp docker_wireguard_run_1
e25303dfb282 linuxserver/duckdns "/init" 39 hours ago Up 19 hours duckdns
9d0ca5a7db50 linuxserver/jellyfin "/init" 4 days ago Up 19 hours 0.0.0.0:8096->8096/tcp, 8920/tcp jellyfin
e422add8e2bf portainer/portainer "/portainer --no-ana…" 3 weeks ago Up 19 hours 0.0.0.0:8000->8000/tcp, 0.0.0.0:9000->9000/tcp portainer
So I have two instances running or am I reading that wrong?
Since I’m really dense and haven’t done an install this way before I’d like to verify what you mean by using compose. I copy and pasted the Docker-Compose script to a file and named it Docker-Compose.yaml.
basically, those are two separate commands though, one, hit enter, next, hit enter
I’m not sure on that path for compose.yml though, i keep mine in my home directory. try and see if it works, if not, move the yml to your homedir and try again
maybe you should show us your docker-compose.yml
to be honest, looking at your previous posts, i do not think you are following directions which is causing your issues. You just copy paste from our readme and adjust 3-5 things.
pi@raspberrypi:~/docker_files/wireguard $ sudo docker-compose pull
Pulling wireguard ... done
pi@raspberrypi:~/docker_files/wireguard $ sudo docker-compose up -d
Creating network "wireguard_default" with the default driver
Creating wireguard ... done
pi@raspberrypi:~/docker_files/wireguard $
The folder populated in the correct directory. I scanned the QR with my phone. Still no connection. How can I ensure I have binded(?) the correct port inside docker?
EDIT: Now i’m getting this from sudo docker exec -it wireguard wg
interface: wg0
public key: redacted
private key: (hidden)
listening port: 51820
peer: redacted
allowed ips: 10.13.13.2/32
failed to resize tty, using default size
I’m going to do my best to be smart about the first question. When I go to setting>VPN>(The connection I named HOME that is set to Wireguard) and I click the info symbol I see the following:
Type Wireguard
Server wireguard.domain.com:51820
Server address 127.0.0.1
Address 10.13.13.2
Connect Time 3:04
Is that what you’re asking?
I just double checked the router an 51820 is forwarded to my Pi.