Merge pull request #56 from linuxserver/openresolv

.github/workflows/greetings.yml

@@ -0,0 +1,13 @@
+name: Greetings
+
+on: [pull_request, issues]
+
+jobs:
+  greeting:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/first-interaction@v1
+      with:
+        issue-message: 'Thanks for opening your first issue here! Be sure to follow the [issue template](https://github.com/linuxserver/docker-wireguard/.github/ISSUE_TEMPLATE.md)!'
+        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-wireguard/.github/PULL_REQUEST_TEMPLATE.md)!'
+        repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/stale.yml

@@ -0,0 +1,23 @@
+name: Mark stale issues and pull requests
+
+on:
+  schedule:
+  - cron: "30 1 * * *"
+
+jobs:
+  stale:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/stale@v1
+      with:
+        stale-issue-message: "This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
+        stale-pr-message: "This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions."
+        stale-issue-label: 'no-issue-activity'
+        stale-pr-label: 'no-pr-activity'
+        days-before-stale: 30
+        days-before-close: 365
+        exempt-issue-labels: 'awaiting-approval,work-in-progress'
+        exempt-pr-labels: 'awaiting-approval,work-in-progress'
+        repo-token: ${{ secrets.GITHUB_TOKEN }}

Dockerfile

@@ -12,10 +12,11 @@ ENV DEBIAN_FRONTEND="noninteractive"
 RUN \
  echo "**** install dependencies ****" && \
  apt-get update && \
- apt-get install -y \
+ apt-get install -y --no-install-recommends \
 	bc \
 	build-essential \
 	curl \
+	dkms \
 	git \
 	gnupg \ 
 	ifupdown \
@@ -25,14 +26,10 @@ RUN \
 	jq \
 	libc6 \
 	libelf-dev \
+	openresolv \
 	perl \
 	pkg-config \
 	qrencode && \
- echo resolvconf resolvconf/linkify-resolvconf boolean false | debconf-set-selections && \
- echo "REPORT_ABSENT_SYMLINK=no" >> /etc/default/resolvconf && \
- apt-get install -y --no-install-recommends \
-	dkms \
-	resolvconf && \
  echo "**** install wireguard-tools ****" && \
  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
 	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \

Dockerfile.aarch64

@@ -12,10 +12,11 @@ ENV DEBIAN_FRONTEND="noninteractive"
 RUN \
  echo "**** install dependencies ****" && \
  apt-get update && \
- apt-get install -y \
+ apt-get install -y --no-install-recommends \
 	bc \
 	build-essential \
 	curl \
+	dkms \
 	git \
 	gnupg \ 
 	ifupdown \
@@ -25,14 +26,10 @@ RUN \
 	jq \
 	libc6 \
 	libelf-dev \
+	openresolv \
 	perl \
 	pkg-config \
 	qrencode && \
- echo resolvconf resolvconf/linkify-resolvconf boolean false | debconf-set-selections && \
- echo "REPORT_ABSENT_SYMLINK=no" >> /etc/default/resolvconf && \
- apt-get install -y --no-install-recommends \
-	dkms \
-	resolvconf && \
  echo "**** install wireguard-tools ****" && \
  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
 	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \

Dockerfile.armhf

@@ -12,10 +12,11 @@ ENV DEBIAN_FRONTEND="noninteractive"
 RUN \
  echo "**** install dependencies ****" && \
  apt-get update && \
- apt-get install -y \
+ apt-get install -y --no-install-recommends \
 	bc \
 	build-essential \
 	curl \
+	dkms \
 	git \
 	gnupg \ 
 	ifupdown \
@@ -25,14 +26,10 @@ RUN \
 	jq \
 	libc6 \
 	libelf-dev \
+	openresolv \
 	perl \
 	pkg-config \
 	qrencode && \
- echo resolvconf resolvconf/linkify-resolvconf boolean false | debconf-set-selections && \
- echo "REPORT_ABSENT_SYMLINK=no" >> /etc/default/resolvconf && \
- apt-get install -y --no-install-recommends \
-	dkms \
-	resolvconf && \
  echo "**** install wireguard-tools ****" && \
  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
 	WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \

Jenkinsfile

@@ -55,7 +55,7 @@ pipeline {
           env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
           env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
           env.PULL_REQUEST = env.CHANGE_ID
-          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE.md ./.github/PULL_REQUEST_TEMPLATE.md ./root/donate.txt'
+          env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE.md ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/greetings.yml ./.github/workflows/stale.yml ./root/donate.txt'
         }
         script{
           env.LS_RELEASE_NUMBER = sh(
@@ -234,7 +234,7 @@ pipeline {
                 cd ${TEMPDIR}/repo/${LS_REPO}
                 git checkout -f master
                 cd ${TEMPDIR}/docker-${CONTAINER_NAME}
-                mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github
+                mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
                 cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/
                 cd ${TEMPDIR}/repo/${LS_REPO}/
                 git add ${TEMPLATED_FILES}
@@ -688,6 +688,10 @@ pipeline {
           ]
         ]) {
           sh '''#! /bin/bash
+                set -e
+                TEMPDIR=$(mktemp -d)
+                docker pull linuxserver/jenkins-builder:latest
+                docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins linuxserver/jenkins-builder:latest 
                 docker pull lsiodev/readme-sync
                 docker run --rm=true \
                   -e DOCKERHUB_USERNAME=$DOCKERUSER \
@@ -695,7 +699,9 @@ pipeline {
                   -e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \
                   -e DOCKER_REPOSITORY=${IMAGE} \
                   -e GIT_BRANCH=master \
-                  lsiodev/readme-sync bash -c 'node sync' '''
+                  -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \
+                  lsiodev/readme-sync bash -c 'node sync' 
+                rm -Rf ${TEMPDIR} '''
         }
       }
     }

README.md

@@ -190,6 +190,8 @@ The templates used for server and peer confs are saved under `/config/templates`
 ## Client Mode
 Do not set the `PEERS` environment variable. Drop your client conf into the config folder as `/config/wg0.conf` and start the container. 
 
+If you get IPv6 related errors in the log and connection cannot be established, edit the `AllowedIPs` line in your peer/client wg0.conf to include only `0.0.0.0/0` and not `::/0`; and restart the container.
+
 ## Road warriors, roaming and returning home
 If you plan to use Wireguard both remotely and locally, say on your mobile phone, you will need to consider routing. Most firewalls will not route ports forwarded on your WAN interface correctly to the LAN out of the box. This means that when you return home, even though you can see the Wireguard server, the return packets will probably get lost.
 
@@ -268,6 +270,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **06.08.20:** - Replace resolvconf with openresolv due to dns issues when a client based on this image is connected to a server also based on this image. Add IPv6 info to readme. Display kernel version in logs.
 * **29.07.20:** - Update Coredns config to detect dns loops (existing users need to delete `/config/coredns/Corefile` and restart).
 * **27.07.20:** - Update Coredns config to prevent issues with non-user-defined bridge networks (existing users need to delete `/config/coredns/Corefile` and restart).
 * **05.07.20:** - Add Debian updates and security repos for headers.

readme-vars.yml

@@ -76,6 +76,8 @@ app_setup_block: |
   ## Client Mode
   Do not set the `PEERS` environment variable. Drop your client conf into the config folder as `/config/wg0.conf` and start the container. 
 
+  If you get IPv6 related errors in the log and connection cannot be established, edit the `AllowedIPs` line in your peer/client wg0.conf to include only `0.0.0.0/0` and not `::/0`; and restart the container.
+
   ## Road warriors, roaming and returning home
   If you plan to use Wireguard both remotely and locally, say on your mobile phone, you will need to consider routing. Most firewalls will not route ports forwarded on your WAN interface correctly to the LAN out of the box. This means that when you return home, even though you can see the Wireguard server, the return packets will probably get lost.
   
@@ -85,6 +87,7 @@ app_setup_block: |
   
 # changelog
 changelogs:
+  - { date: "06.08.20:", desc: "Replace resolvconf with openresolv due to dns issues when a client based on this image is connected to a server also based on this image. Add IPv6 info to readme. Display kernel version in logs." }
   - { date: "29.07.20:", desc: "Update Coredns config to detect dns loops (existing users need to delete `/config/coredns/Corefile` and restart)." }
   - { date: "27.07.20:", desc: "Update Coredns config to prevent issues with non-user-defined bridge networks (existing users need to delete `/config/coredns/Corefile` and restart)." }
   - { date: "05.07.20:", desc: "Add Debian updates and security repos for headers." }

root/app/add-peer

@@ -1,5 +1,7 @@
 #!/usr/bin/with-contenv bash
 
+echo "******* This script has been deprecated and will be removed in a future version. In order to add peers, change the PEERS env var and recreate your container. Existing peers will still use the same private and public keys. *******"
+
 if [ ! -f /config/wg0.conf ] || [ -z "$PEERS" ]; then
   echo "Wireguard is not set up in server mode"
   exit 0

root/etc/cont-init.d/30-config

@@ -2,6 +2,7 @@
 
 mkdir -p /config/{templates,coredns}
 
+echo "Uname info: $(uname -a)"
 # check for wireguard module
 ip link del dev test 2>/dev/null
 if ip link add dev test type wireguard; then