(Using Podman)
I’m trying to set up a new custom network on docker-compose. So that didn’t work.
Eventually I traced the problem to the AllowedIPs setting. Which is a problem, because setting it to anything other than AllowedIPs = 0.0.0.0/0
breaks connections completely, so connecting to other containers in the same host is impossible.
In fact, I tried setting it to AllowedIPs = 0.0.0.0/1, 128.0.0.0/1
, which should be the same if I’m not mistaken. It also fails completely.
When it works I’m getting internet connection and a different IP. This problem also happens through the terminal and through docker-compose.
Here’s the command I used to test:
sudo podman run \
-e TZ=America/Santiago \
-e PUID=1000 -e PGID=1000 \
--sysctl net.ipv4.conf.all.src_valid_mark=1 \
-v ./wireguard/ok.conf:/config/wg0.conf:ro \
-v /lib/modules:/lib/modules:ro \
--privileged \
--restart=unless-stopped \
-it lscr.io/linuxserver/wireguard:latest
Here’s my docker-compose (truncated to its bare essentials, it should work but the same problem happens):
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: borealis_wireguard
privileged: true
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- TZ=America/Santiago
- PUID=1000
- PGID=1000
restart: "unless-stopped"
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
volumes:
- ./wireguard/ok.conf:/config/wg0.conf:ro
- /lib/modules:/lib/modules:ro
And here’s my wg0.conf
:
# client
[Interface]
Address = 10.8.0.5/24
PrivateKey = [redacted]
DNS = 9.9.9.9
# server
[Peer]
PublicKey = [redacted]
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1
Endpoint = [redacted]:51832
PersistentKeepAlive = 15
Did I hit a bug or is there something I could be missing?