Bot Updating Package Versions

Add support for multiple WireGuard interfaces

.github/CONTRIBUTING.md

@@ -24,7 +24,7 @@
 ## Readme
 
 If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit.
-Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-wireguard/edit/master/readme-vars.yml).
+Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-wireguard/edit/legacy/readme-vars.yml).
 
 These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play.
 Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io/images/docker-wireguard)
@@ -115,7 +115,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Update the changelog
 
-If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-wireguard/tree/master/root), add an entry to the changelog
+If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-wireguard/tree/legacy/root), add an entry to the changelog
 
 ```yml
 changelogs:

.github/ISSUE_TEMPLATE/issue.bug.yml

@@ -53,7 +53,6 @@ body:
       options:
         - x86-64
         - arm64
-        - armhf
     validations:
       required: true
   - type: textarea
@@ -68,10 +67,10 @@ body:
   - type: textarea
     attributes:
       description: |
-        Provide a full docker log, output of "docker logs linuxserver.io"
+        Provide a full docker log, output of "docker logs wireguard"
       label: Container logs
       placeholder: |
-        Output of `docker logs linuxserver.io`
+        Output of `docker logs wireguard`
       render: bash
     validations:
       required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -21,7 +21,7 @@
 
 ------------------------------
 
- - [ ] I have read the [contributing](https://github.com/linuxserver/docker-wireguard/blob/master/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
+ - [ ] I have read the [contributing](https://github.com/linuxserver/docker-wireguard/blob/legacy/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications
 
 ------------------------------
 

.github/workflows/call_issue_pr_tracker.yml

@@ -2,9 +2,11 @@ name: Issue & PR Tracker
 
 on:
   issues:
-    types: [opened,reopened,labeled,unlabeled]
+    types: [opened,reopened,labeled,unlabeled,closed]
   pull_request_target:
-    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
+    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
+  pull_request_review:
+    types: [submitted,edited,dismissed]
 
 jobs:
   manage-project:

.github/workflows/external_trigger.yml

@@ -4,24 +4,26 @@ on:
   workflow_dispatch:
 
 jobs:
-  external-trigger-master:
+  external-trigger-legacy:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.1.0
+      - uses: actions/checkout@v4.1.1
 
       - name: External Trigger
-        if: github.ref == 'refs/heads/master'
+        if: github.ref == 'refs/heads/legacy'
         run: |
-          if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER }}" ]; then
-            echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER is set; skipping trigger. ****"
+          if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY }}" ]; then
+            echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY is set; skipping trigger. ****"
+            echo "Github secret \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
-          echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER\". ****"
+          echo "**** External trigger running off of legacy branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY\". ****"
+          echo "External trigger running off of legacy branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_LEGACY\`" >> $GITHUB_STEP_SUMMARY
           echo "**** Retrieving external version ****"
           EXT_RELEASE=$(curl -u ${{ secrets.CR_USER }}:${{ secrets.CR_PAT }} -sX GET https://api.github.com/repos/WireGuard/wireguard-tools/tags | jq -r .[0].name)
           if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
             echo "**** Can't retrieve external version, exiting ****"
-            FAILURE_REASON="Can't retrieve external version for wireguard branch master"
+            FAILURE_REASON="Can't retrieve external version for wireguard branch legacy"
             GHA_TRIGGER_URL="https://github.com/linuxserver/docker-wireguard/actions/runs/${{ github.run_id }}"
             curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
               "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}],
@@ -30,9 +32,10 @@ jobs:
           fi
           EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
           echo "**** External version: ${EXT_RELEASE} ****"
+          echo "External version: ${EXT_RELEASE}" >> $GITHUB_STEP_SUMMARY
           echo "**** Retrieving last pushed version ****"
           image="linuxserver/wireguard"
-          tag="latest"
+          tag="legacy"
           token=$(curl -sX GET \
             "https://ghcr.io/token?scope=repository%3Alinuxserver%2Fwireguard%3Apull" \
             | jq -r '.token')
@@ -58,23 +61,27 @@ jobs:
           IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}')
           if [ -z "${IMAGE_VERSION}" ]; then
             echo "**** Can't retrieve last pushed version, exiting ****"
-            FAILURE_REASON="Can't retrieve last pushed version for wireguard tag latest"
+            FAILURE_REASON="Can't retrieve last pushed version for wireguard tag legacy"
             curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680,
               "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}],
               "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}
             exit 1
           fi
           echo "**** Last pushed version: ${IMAGE_VERSION} ****"
+          echo "Last pushed version: ${IMAGE_VERSION}" >> $GITHUB_STEP_SUMMARY
           if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
             echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
+            echo "Version ${EXT_RELEASE} already pushed, exiting" >> $GITHUB_STEP_SUMMARY
             exit 0
-          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
+          elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/lastBuild/api/json | jq -r '.building') == "true" ]; then
             echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
+            echo "New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
             exit 0
           else
             echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
+            echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build" >> $GITHUB_STEP_SUMMARY
             response=$(curl -iX POST \
-              https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/buildWithParameters?PACKAGE_CHECK=false \
+              https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/buildWithParameters?PACKAGE_CHECK=false \
               --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
             echo "**** Jenkins job queue url: ${response%$'\r'} ****"
             echo "**** Sleeping 10 seconds until job starts ****"
@@ -82,6 +89,7 @@ jobs:
             buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
             buildurl="${buildurl%$'\r'}"
             echo "**** Jenkins job build url: ${buildurl} ****"
+            echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
             echo "**** Attempting to change the Jenkins job description ****"
             curl -iX POST \
               "${buildurl}submitDescription" \
@@ -89,7 +97,7 @@ jobs:
               --data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
               --data-urlencode "Submit=Submit"
             echo "**** Notifying Discord ****"
-            TRIGGER_REASON="A version change was detected for wireguard tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
+            TRIGGER_REASON="A version change was detected for wireguard tag legacy. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}"
             curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
               "description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}],
               "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }}

.github/workflows/external_trigger_scheduler.yml

@@ -2,14 +2,14 @@ name: External Trigger Scheduler
 
 on:
   schedule:
-    - cron:  '25 * * * *'
+    - cron:  '51 * * * *'
   workflow_dispatch:
 
 jobs:
   external-trigger-scheduler:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.1.0
+      - uses: actions/checkout@v4.1.1
         with:
           fetch-depth: '0'
 
@@ -17,18 +17,18 @@ jobs:
         run: |
           echo "**** Branches found: ****"
           git for-each-ref --format='%(refname:short)' refs/remotes
-          echo "**** Pulling the yq docker image ****"
-          docker pull ghcr.io/linuxserver/yq
           for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
             br=$(echo "$br" | sed 's|origin/||g')
             echo "**** Evaluating branch ${br} ****"
-            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml \
-              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
-            if [ "$br" == "$ls_branch" ]; then
-              echo "**** Branch ${br} appears to be live; checking workflow. ****"
+            ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml)
+            ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch')
+            ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type')
+            if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then
+              echo "**** Branch ${br} appears to be live and trigger is not os; checking workflow. ****"
               if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
                 echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****."
+                echo "Triggering external trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
                 curl -iX POST \
                   -H "Authorization: token ${{ secrets.CR_PAT }}" \
                   -H "Accept: application/vnd.github.v3+json" \
@@ -36,8 +36,10 @@ jobs:
                   https://api.github.com/repos/linuxserver/docker-wireguard/actions/workflows/external_trigger.yml/dispatches
               else
                 echo "**** Workflow doesn't exist; skipping trigger. ****"
+                echo "Skipping branch ${br} due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY
               fi
             else
-              echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
+              echo "**** ${br} is either a dev branch, or has no external version; skipping trigger. ****"
+              echo "Skipping branch ${br} due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY
             fi
           done

.github/workflows/greetings.yml

@@ -9,5 +9,5 @@ jobs:
     - uses: actions/first-interaction@v1
       with:
         issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.'
-        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-wireguard/blob/master/.github/PULL_REQUEST_TEMPLATE.md)!'
+        pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-wireguard/blob/legacy/.github/PULL_REQUEST_TEMPLATE.md)!'
         repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/package_trigger.yml

@@ -4,25 +4,28 @@ on:
   workflow_dispatch:
 
 jobs:
-  package-trigger-master:
+  package-trigger-legacy:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.1.0
+      - uses: actions/checkout@v4.1.1
 
       - name: Package Trigger
-        if: github.ref == 'refs/heads/master'
+        if: github.ref == 'refs/heads/legacy'
         run: |
-          if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER }}" ]; then
-            echo "**** Github secret PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER is set; skipping trigger. ****"
+          if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_WIREGUARD_LEGACY }}" ]; then
+            echo "**** Github secret PAUSE_PACKAGE_TRIGGER_WIREGUARD_LEGACY is set; skipping trigger. ****"
+            echo "Github secret \`PAUSE_PACKAGE_TRIGGER_WIREGUARD_LEGACY\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
-          if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
+          if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/lastBuild/api/json | jq -r '.building') == "true" ]; then
             echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
+            echo "There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
-          echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER\". ****"
+          echo "**** Package trigger running off of legacy branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_WIREGUARD_LEGACY\". ****"
+          echo "Package trigger running off of legacy branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_WIREGUARD_LEGACY\`" >> $GITHUB_STEP_SUMMARY
           response=$(curl -iX POST \
-            https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/buildWithParameters?PACKAGE_CHECK=true \
+            https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/buildWithParameters?PACKAGE_CHECK=true \
             --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
           echo "**** Jenkins job queue url: ${response%$'\r'} ****"
           echo "**** Sleeping 10 seconds until job starts ****"
@@ -30,6 +33,7 @@ jobs:
           buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
           buildurl="${buildurl%$'\r'}"
           echo "**** Jenkins job build url: ${buildurl} ****"
+          echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
           echo "**** Attempting to change the Jenkins job description ****"
           curl -iX POST \
             "${buildurl}submitDescription" \

.github/workflows/package_trigger_scheduler.yml

@@ -9,7 +9,7 @@ jobs:
   package-trigger-scheduler:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.1.0
+      - uses: actions/checkout@v4.1.1
         with:
           fetch-depth: '0'
 
@@ -17,18 +17,16 @@ jobs:
         run: |
           echo "**** Branches found: ****"
           git for-each-ref --format='%(refname:short)' refs/remotes
-          echo "**** Pulling the yq docker image ****"
-          docker pull ghcr.io/linuxserver/yq
           for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
             br=$(echo "$br" | sed 's|origin/||g')
             echo "**** Evaluating branch ${br} ****"
-            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml \
-              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml | yq -r '.ls_branch')
             if [ "${br}" == "${ls_branch}" ]; then
               echo "**** Branch ${br} appears to be live; checking workflow. ****"
               if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
                 echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****"
+                echo "Triggering package trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
                 triggered_branches="${triggered_branches}${br} "
                 curl -iX POST \
                   -H "Authorization: token ${{ secrets.CR_PAT }}" \
@@ -38,9 +36,11 @@ jobs:
                 sleep 30
               else
                 echo "**** Workflow doesn't exist; skipping trigger. ****"
+                echo "Skipping branch ${br} due to no package trigger workflow present." >> $GITHUB_STEP_SUMMARY
               fi
             else
               echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
+              echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY
             fi
           done
           echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"

Dockerfile

@@ -45,6 +45,8 @@ RUN \
   sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \
   make -C src -j$(nproc) && \
   make -C src install && \
+  rm -rf /etc/wireguard && \
+  ln -s /config/wg_confs /etc/wireguard && \
   echo "**** install CoreDNS ****" && \
   COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
     | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \

Dockerfile.aarch64

@@ -45,6 +45,8 @@ RUN \
   sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \
   make -C src -j$(nproc) && \
   make -C src install && \
+  rm -rf /etc/wireguard && \
+  ln -s /config/wg_confs /etc/wireguard && \
   echo "**** install CoreDNS ****" && \
   COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
     | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \

Dockerfile.armhf

@@ -1,67 +0,0 @@
-# syntax=docker/dockerfile:1
-
-FROM ghcr.io/linuxserver/baseimage-ubuntu:arm32v7-jammy
-
-# set version label
-ARG BUILD_DATE
-ARG VERSION
-ARG WIREGUARD_RELEASE
-LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
-LABEL maintainer="aptalca"
-
-ENV DEBIAN_FRONTEND="noninteractive"
-
-RUN \
-  echo "**** install dependencies ****" && \
-  apt-get update && \
-  apt-get install -y --no-install-recommends \
-    bc \
-    build-essential \
-    dkms \
-    git \
-    gnupg \
-    ifupdown \
-    iproute2 \
-    iptables \
-    iputils-ping \
-    libc6 \
-    libelf-dev \
-    net-tools \
-    openresolv \
-    perl \
-    pkg-config \
-    qrencode && \
-  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
-  echo "**** install wireguard-tools ****" && \
-  if [ -z ${WIREGUARD_RELEASE+x} ]; then \
-    WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
-    | jq -r .[0].name); \
-  fi && \
-  cd /app && \
-  git clone https://git.zx2c4.com/wireguard-linux-compat && \
-  git clone https://git.zx2c4.com/wireguard-tools && \
-  cd wireguard-tools && \
-  git checkout "${WIREGUARD_RELEASE}" && \
-  sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \
-  make -C src -j$(nproc) && \
-  make -C src install && \
-  echo "**** install CoreDNS ****" && \
-  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-  curl -o \
-    /tmp/coredns.tar.gz -L \
-    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm.tgz" && \
-  tar xf \
-    /tmp/coredns.tar.gz -C \
-    /app && \
-  echo "**** clean up ****" && \
-  rm -rf \
-    /tmp/* \
-    /var/lib/apt/lists/* \
-    /var/tmp/*
-
-# add local files
-COPY /root /
-
-# ports and volumes
-EXPOSE 51820/udp

Jenkinsfile

@@ -16,7 +16,7 @@ pipeline {
     GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab')
     GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0')
     GITLAB_NAMESPACE=credentials('gitlab-namespace-id')
-    SCARF_TOKEN=credentials('scarf_api_key')
+    DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat')
     CONTAINER_NAME = 'wireguard'
     BUILD_VERSION_ARG = 'WIREGUARD_VERSION'
     LS_USER = 'linuxserver'
@@ -39,10 +39,16 @@ pipeline {
     // Setup all the basic environment variables needed for the build
     stage("Set ENV Variables base"){
       steps{
+        sh '''#! /bin/bash
+              containers=$(docker ps -aq)
+              if [[ -n "${containers}" ]]; then
+                docker stop ${containers}
+              fi
+              docker system prune -af --volumes || : '''
         script{
           env.EXIT_STATUS = ''
           env.LS_RELEASE = sh(
-            script: '''docker run --rm ghcr.io/linuxserver/alexeiled-skopeo sh -c 'skopeo inspect docker://docker.io/'${DOCKERHUB_IMAGE}':latest 2>/dev/null' | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
+            script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:legacy 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''',
             returnStdout: true).trim()
           env.LS_RELEASE_NOTES = sh(
             script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''',
@@ -53,11 +59,16 @@ pipeline {
           env.COMMIT_SHA = sh(
             script: '''git rev-parse HEAD''',
             returnStdout: true).trim()
+          env.GH_DEFAULT_BRANCH = sh(
+            script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''',
+            returnStdout: true).trim()
           env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
           env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
           env.PULL_REQUEST = env.CHANGE_ID
           env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml ./root/donate.txt'
         }
+        sh '''#! /bin/bash
+              echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" '''
         script{
           env.LS_RELEASE_NUMBER = sh(
             script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''',
@@ -66,7 +77,7 @@ pipeline {
         script{
           env.LS_TAG_NUMBER = sh(
             script: '''#! /bin/bash
-                       tagsha=$(git rev-list -n 1 ${LS_RELEASE} 2>/dev/null)
+                       tagsha=$(git rev-list -n 1 legacy-${LS_RELEASE} 2>/dev/null)
                        if [ "${tagsha}" == "${COMMIT_SHA}" ]; then
                          echo ${LS_RELEASE_NUMBER}
                        elif [ -z "${GIT_COMMIT}" ]; then
@@ -115,7 +126,7 @@ pipeline {
       steps{
         script{
           env.EXT_RELEASE_CLEAN = sh(
-            script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g' ''',
+            script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''',
             returnStdout: true).trim()
 
           def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/
@@ -133,7 +144,7 @@ pipeline {
           }
 
           if (env.SEMVER != null) {
-            if (BRANCH_NAME != "master" && BRANCH_NAME != "main") {
+            if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") {
               env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}"
             }
             println("SEMVER: ${env.SEMVER}")
@@ -144,10 +155,10 @@ pipeline {
         }
       }
     }
-    // If this is a master build use live docker endpoints
+    // If this is a legacy build use live docker endpoints
     stage("Set ENV live build"){
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
       }
       steps {
@@ -157,20 +168,20 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
+            env.CI_TAGS = 'amd64-legacy-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-legacy-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
           } else {
-            env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
+            env.CI_TAGS = 'legacy-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
           }
           env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
-          env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
-          env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
+          env.META_TAG = 'legacy-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
+          env.EXT_RELEASE_TAG = 'legacy-version-' + env.EXT_RELEASE_CLEAN
         }
       }
     }
     // If this is a dev build use dev docker endpoints
     stage("Set ENV dev build"){
       when {
-        not {branch "master"}
+        not {branch "legacy"}
         environment name: 'CHANGE_ID', value: ''
       }
       steps {
@@ -180,13 +191,13 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
+            env.CI_TAGS = 'amd64-legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
           } else {
-            env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
+            env.CI_TAGS = 'legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
           }
           env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
-          env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
-          env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
+          env.META_TAG = 'legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
+          env.EXT_RELEASE_TAG = 'legacy-version-' + env.EXT_RELEASE_CLEAN
           env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
         }
       }
@@ -203,13 +214,13 @@ pipeline {
           env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
           env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
           if (env.MULTIARCH == 'true') {
-            env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
+            env.CI_TAGS = 'amd64-legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
           } else {
-            env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
+            env.CI_TAGS = 'legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
           }
-          env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
-          env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
-          env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
+          env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
+          env.META_TAG = 'legacy-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
+          env.EXT_RELEASE_TAG = 'legacy-version-' + env.EXT_RELEASE_CLEAN
           env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
           env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
         }
@@ -228,15 +239,17 @@ pipeline {
           script{
             env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml'
           }
-          sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-shellcheck/master/checkrun.sh | /bin/bash'''
+          sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash'''
           sh '''#! /bin/bash
                 docker run --rm \
                   -v ${WORKSPACE}:/mnt \
                   -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
                   -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
-                  ghcr.io/linuxserver/baseimage-alpine:3.17 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
-                    apk add --no-cache py3-pip && \
-                    pip install s3cmd && \
+                  ghcr.io/linuxserver/baseimage-alpine:3.19 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
+                    apk add --no-cache python3 && \
+                    python3 -m venv /lsiopy && \
+                    pip install --no-cache-dir -U pip && \
+                    pip install --no-cache-dir s3cmd && \
                     s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :'''
         }
       }
@@ -244,7 +257,7 @@ pipeline {
     // Use helper containers to render templated files
     stage('Update-Templates') {
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         expression {
           env.CONTAINER_NAME != null
@@ -255,26 +268,34 @@ pipeline {
               set -e
               TEMPDIR=$(mktemp -d)
               docker pull ghcr.io/linuxserver/jenkins-builder:latest
-              docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH=master -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest 
-              # Stage 1 - Jenkinsfile update
+              # Cloned repo paths for templating:
+              # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch legacy of ${LS_USER}/${LS_REPO} for running the jenkins builder on
+              # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch legacy of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github
+              # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github
+              # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos
+              # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github
+              git clone --branch legacy --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME}
+              docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true ghcr.io/linuxserver/jenkins-builder:latest 
+              echo "Starting Stage 1 - Jenkinsfile update"
               if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then
                 mkdir -p ${TEMPDIR}/repo
                 git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
                 cd ${TEMPDIR}/repo/${LS_REPO}
-                git checkout -f master
+                git checkout -f legacy
                 cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/
                 git add Jenkinsfile
                 git commit -m 'Bot Updating Templated Files'
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
                 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
-                echo "Updating Jenkinsfile"
+                echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit"
                 rm -Rf ${TEMPDIR}
                 exit 0
               else
                 echo "Jenkinsfile is up to date."
               fi
-              # Stage 2 - Delete old templates
-              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
+              echo "Starting Stage 2 - Delete old templates"
+              OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
               for i in ${OLD_TEMPLATES}; do
                 if [[ -f "${i}" ]]; then
                   TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@@ -284,20 +305,21 @@ pipeline {
                 mkdir -p ${TEMPDIR}/repo
                 git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
                 cd ${TEMPDIR}/repo/${LS_REPO}
-                git checkout -f master
+                git checkout -f legacy
                 for i in ${TEMPLATES_TO_DELETE}; do
                   git rm "${i}"
                 done
                 git commit -m 'Bot Updating Templated Files'
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
                 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
-                echo "Deleting old and deprecated templates"
+                echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit"
                 rm -Rf ${TEMPDIR}
                 exit 0
               else
                 echo "No templates to delete"
               fi
-              # Stage 3 - Update templates
+              echo "Starting Stage 3 - Update templates"
               CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
               cd ${TEMPDIR}/docker-${CONTAINER_NAME}
               NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8)
@@ -305,40 +327,60 @@ pipeline {
                 mkdir -p ${TEMPDIR}/repo
                 git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO}
                 cd ${TEMPDIR}/repo/${LS_REPO}
-                git checkout -f master
+                git checkout -f legacy
                 cd ${TEMPDIR}/docker-${CONTAINER_NAME}
                 mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
                 mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
                 cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
+                cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || :
                 cd ${TEMPDIR}/repo/${LS_REPO}/
                 if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
                   echo ".jenkins-external" >> .gitignore
                   git add .gitignore
                 fi
-                git add ${TEMPLATED_FILES}
+                git add readme-vars.yml ${TEMPLATED_FILES}
                 git commit -m 'Bot Updating Templated Files'
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
                 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
+                echo "Updating templates and exiting build, new one will trigger based on commit"
+                rm -Rf ${TEMPDIR}
+                exit 0
               else
                 echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
+                echo "No templates to update"
               fi
-              mkdir -p ${TEMPDIR}/gitbook
-              git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/gitbook/docker-documentation
-              if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
-                cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/gitbook/docker-documentation/images/
-                cd ${TEMPDIR}/gitbook/docker-documentation/
-                git add images/docker-${CONTAINER_NAME}.md
+              echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub"
+              mkdir -p ${TEMPDIR}/docs
+              git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
+              if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}"  ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
+                cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
+                cd ${TEMPDIR}/docs/docker-documentation
+                GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
+                git add docs/images/docker-${CONTAINER_NAME}.md
+                echo "Updating docs repo"
                 git commit -m 'Bot Updating Documentation'
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \
+                  (MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \
+                  sleep $((RANDOM % MAXWAIT)) && \
+                  git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \
+                  git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH})
+              else
+                echo "Docs update not needed, skipping"
               fi
               mkdir -p ${TEMPDIR}/unraid
               git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
               git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
               if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
                 sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
+              elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
+                sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
               fi
-              if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
+              if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
+                echo "Updating Unraid template"
                 cd ${TEMPDIR}/unraid/templates/
+                GH_TEMPLATES_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||')
                 if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
                   echo "Image is on the ignore list, marking Unraid template as deprecated"
                   cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
@@ -350,7 +392,42 @@ pipeline {
                   git add unraid/${CONTAINER_NAME}.xml
                   git commit -m 'Bot Updating Unraid Template'
                 fi
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} || \
+                  (MAXWAIT="10" && echo "Push to unraid templates failed, trying again in ${MAXWAIT} seconds" && \
+                  sleep $((RANDOM % MAXWAIT)) && \
+                  git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH} --rebase && \
+                  git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git ${GH_TEMPLATES_DEFAULT_BRANCH})
+              else
+                echo "No updates to Unraid template needed, skipping"
+              fi
+              if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then
+                if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then
+                  echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub"
+                  DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite"
+                else
+                  echo "Syncing readme to Docker Hub"
+                  DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md"
+                fi
+                if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then
+                  echo "Docker Hub endpoint doesn't exist. Creating endpoint first."
+                  DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
+                  curl -s \
+                    -H "Authorization: JWT ${DH_TOKEN}" \
+                    -H "Content-Type: application/json" \
+                    -X POST \
+                    -d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \
+                    https://hub.docker.com/v2/repositories/ || :
+                fi
+                DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token')
+                curl -s \
+                  -H "Authorization: JWT ${DH_TOKEN}" \
+                  -H "Content-Type: application/json" \
+                  -X PATCH \
+                  -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \
+                  https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || :
+              else
+                echo "Not the default Github branch. Skipping readme sync to Docker Hub."
               fi
               rm -Rf ${TEMPDIR}'''
         script{
@@ -363,7 +440,7 @@ pipeline {
     // Exit the build if the Templated files were just updated
     stage('Template-exit') {
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         environment name: 'FILES_UPDATED', value: 'true'
         expression {
@@ -376,54 +453,46 @@ pipeline {
         }
       }
     }
-    /* #######################
-           GitLab Mirroring
-       ####################### */
-    // Ping into Gitlab to mirror this repo and have a registry endpoint
-    stage("GitLab Mirror"){
+    // If this is a legacy build check the S6 service file perms
+    stage("Check S6 Service file Permissions"){
       when {
+        branch "legacy"
+        environment name: 'CHANGE_ID', value: ''
         environment name: 'EXIT_STATUS', value: ''
       }
-      steps{
-        sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
-        -d '{"namespace_id":'${GITLAB_NAMESPACE}',\
-             "name":"'${LS_REPO}'",
-             "mirror":true,\
-             "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
-             "issues_access_level":"disabled",\
-             "merge_requests_access_level":"disabled",\
-             "repository_access_level":"enabled",\
-             "visibility":"public"}' '''
-      } 
+      steps {
+        script{
+          sh '''#! /bin/bash
+            WRONG_PERM=$(find ./  -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print)
+            if [[ -n "${WRONG_PERM}" ]]; then
+              echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}"
+              exit 1
+            else
+              echo "S6 service file perms look good."
+            fi '''
+        }
+      }
     }
     /* #######################
-           Scarf.sh package registry
+           GitLab Mirroring
        ####################### */
-    // Add package to Scarf.sh and set permissions
-    stage("Scarf.sh package registry"){
+    // Ping into Gitlab to mirror this repo and have a registry endpoint
+    stage("GitLab Mirror"){
       when {
-        branch "master"
         environment name: 'EXIT_STATUS', value: ''
       }
       steps{
-        sh '''#! /bin/bash
-              set -e
-              PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/wireguard") | .uuid')
-              if [ -z "${PACKAGE_UUID}" ]; then
-                echo "Adding package to Scarf.sh"
-                curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \
-                  -H "Authorization: Bearer ${SCARF_TOKEN}" \
-                  -H "Content-Type: application/json" \
-                  -d '{"name":"linuxserver/wireguard",\
-                       "shortDescription":"example description",\
-                       "libraryType":"docker",\
-                       "website":"https://github.com/linuxserver/docker-wireguard",\
-                       "backendUrl":"https://ghcr.io/linuxserver/wireguard",\
-                       "publicUrl":"https://lscr.io/linuxserver/wireguard"}' || :
-              else
-                echo "Package already exists on Scarf.sh"
-              fi
-           '''
+        sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \
+          -d '{"namespace_id":'${GITLAB_NAMESPACE}',\
+            "name":"'${LS_REPO}'",
+            "mirror":true,\
+            "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\
+            "issues_access_level":"disabled",\
+            "merge_requests_access_level":"disabled",\
+            "repository_access_level":"enabled",\
+            "visibility":"public"}' '''
+        sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \
+          -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" '''
       } 
     }
     /* ###############
@@ -488,41 +557,6 @@ pipeline {
               --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
           }
         }
-        stage('Build ARMHF') {
-          agent {
-            label 'ARMHF'
-          }
-          steps {
-            echo "Running on node: ${NODE_NAME}"
-            echo 'Logging into Github'
-            sh '''#! /bin/bash
-                  echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
-               '''
-            sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
-            sh "docker buildx build \
-              --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
-              --label \"org.opencontainers.image.authors=linuxserver.io\" \
-              --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-wireguard/packages\" \
-              --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-wireguard\" \
-              --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-wireguard\" \
-              --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
-              --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
-              --label \"org.opencontainers.image.vendor=linuxserver.io\" \
-              --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
-              --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
-              --label \"org.opencontainers.image.title=Wireguard\" \
-              --label \"org.opencontainers.image.description=[WireGuard®](https://www.wireguard.com/) is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.\" \
-              --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
-              --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
-            sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
-            retry(5) {
-              sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
-            }
-            sh '''docker rmi \
-                  ${IMAGE}:arm32v7-${META_TAG} \
-                  ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
-          }
-        }
         stage('Build ARM64') {
           agent {
             label 'ARM64'
@@ -553,9 +587,12 @@ pipeline {
             retry(5) {
               sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
             }
-            sh '''docker rmi \
-                  ${IMAGE}:arm64v8-${META_TAG} \
-                  ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
+            sh '''#! /bin/bash
+                  containers=$(docker ps -aq)
+                  if [[ -n "${containers}" ]]; then
+                    docker stop ${containers}
+                  fi
+                  docker system prune -af --volumes || : '''
           }
         }
       }
@@ -563,7 +600,7 @@ pipeline {
     // Take the image we just built and dump package versions for comparison
     stage('Update-packages') {
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         environment name: 'EXIT_STATUS', value: ''
       }
@@ -586,13 +623,14 @@ pipeline {
               echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github"
               if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then
                 git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/${LS_REPO}
-                git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f master
+                git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f legacy
                 cp ${TEMPDIR}/package_versions.txt ${TEMPDIR}/${LS_REPO}/
                 cd ${TEMPDIR}/${LS_REPO}/
                 wait
                 git add package_versions.txt
                 git commit -m 'Bot Updating Package Versions'
-                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
+                git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
+                git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git legacy
                 echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}
                 echo "Package tag updated, stopping build process"
               else
@@ -610,19 +648,12 @@ pipeline {
     // Exit the build if the package file was just updated
     stage('PACKAGE-exit') {
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         environment name: 'PACKAGE_UPDATED', value: 'true'
         environment name: 'EXIT_STATUS', value: ''
       }
       steps {
-        sh '''#! /bin/bash
-              echo "Packages were updated. Cleaning up the image and exiting."
-              if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
-                docker rmi ${IMAGE}:amd64-${META_TAG}
-              else
-                docker rmi ${IMAGE}:${META_TAG}
-              fi'''
         script{
           env.EXIT_STATUS = 'ABORTED'
         }
@@ -631,7 +662,7 @@ pipeline {
     // Exit the build if this is just a package check and there are no changes to push
     stage('PACKAGECHECK-exit') {
       when {
-        branch "master"
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         environment name: 'PACKAGE_UPDATED', value: 'false'
         environment name: 'EXIT_STATUS', value: ''
@@ -640,13 +671,6 @@ pipeline {
         }
       }
       steps {
-        sh '''#! /bin/bash
-              echo "There are no package updates. Cleaning up the image and exiting."
-              if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
-                docker rmi ${IMAGE}:amd64-${META_TAG}
-              else
-                docker rmi ${IMAGE}:${META_TAG}
-              fi'''
         script{
           env.EXIT_STATUS = 'ABORTED'
         }
@@ -668,14 +692,13 @@ pipeline {
         ]) {
           script{
             env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html'
+            env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json'
           }
           sh '''#! /bin/bash
                 set -e
                 docker pull ghcr.io/linuxserver/ci:latest
                 if [ "${MULTIARCH}" == "true" ]; then
-                  docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
                   docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
-                  docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
                   docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
                 fi
                 docker run --rm \
@@ -694,8 +717,6 @@ pipeline {
                 -e WEB_SCREENSHOT=\"${CI_WEB}\" \
                 -e WEB_AUTH=\"${CI_AUTH}\" \
                 -e WEB_PATH=\"${CI_WEBPATH}\" \
-                -e DO_REGION="ams3" \
-                -e DO_BUCKET="lsio-ci" \
                 -t ghcr.io/linuxserver/ci:latest \
                 python3 test_build.py'''
         }
@@ -712,12 +733,6 @@ pipeline {
       }
       steps {
         withCredentials([
-          [
-            $class: 'UsernamePasswordMultiBinding',
-            credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
-            usernameVariable: 'DOCKERUSER',
-            passwordVariable: 'DOCKERPASS'
-          ],
           [
             $class: 'UsernamePasswordMultiBinding',
             credentialsId: 'Quay.io-Robot',
@@ -728,18 +743,18 @@ pipeline {
           retry(5) {
             sh '''#! /bin/bash
                   set -e
-                  echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
+                  echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
                   echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
                   echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                   echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                   for PUSHIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
                     docker tag ${IMAGE}:${META_TAG} ${PUSHIMAGE}:${META_TAG}
-                    docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:latest
+                    docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:legacy
                     docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${EXT_RELEASE_TAG}
                     if [ -n "${SEMVER}" ]; then
                       docker tag ${PUSHIMAGE}:${META_TAG} ${PUSHIMAGE}:${SEMVER}
                     fi
-                    docker push ${PUSHIMAGE}:latest
+                    docker push ${PUSHIMAGE}:legacy
                     docker push ${PUSHIMAGE}:${META_TAG}
                     docker push ${PUSHIMAGE}:${EXT_RELEASE_TAG}
                     if [ -n "${SEMVER}" ]; then
@@ -748,17 +763,6 @@ pipeline {
                   done
                '''
           }
-          sh '''#! /bin/bash
-                for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
-                  docker rmi \
-                  ${DELETEIMAGE}:${META_TAG} \
-                  ${DELETEIMAGE}:${EXT_RELEASE_TAG} \
-                  ${DELETEIMAGE}:latest || :
-                  if [ -n "${SEMVER}" ]; then
-                    docker rmi ${DELETEIMAGE}:${SEMVER} || :
-                  fi
-                done
-             '''
         }
       }
     }
@@ -770,12 +774,6 @@ pipeline {
       }
       steps {
         withCredentials([
-          [
-            $class: 'UsernamePasswordMultiBinding',
-            credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
-            usernameVariable: 'DOCKERUSER',
-            passwordVariable: 'DOCKERPASS'
-          ],
           [
             $class: 'UsernamePasswordMultiBinding',
             credentialsId: 'Quay.io-Robot',
@@ -786,64 +784,60 @@ pipeline {
           retry(5) {
             sh '''#! /bin/bash
                   set -e
-                  echo $DOCKERPASS | docker login -u $DOCKERUSER --password-stdin
+                  echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin
                   echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
                   echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
                   echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
                   if [ "${CI}" == "false" ]; then
-                    docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
-                    docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
                     docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
                     docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
                   fi
                   for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
                     docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
-                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
+                    docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-legacy
                     docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
-                    docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
-                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
-                    docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
                     docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
+                    docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-legacy
                     docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                     if [ -n "${SEMVER}" ]; then
                       docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
-                      docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER}
                       docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                     fi
                     docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
                     docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
-                    docker push ${MANIFESTIMAGE}:amd64-latest
-                    docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
-                    docker push ${MANIFESTIMAGE}:arm32v7-latest
-                    docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
+                    docker push ${MANIFESTIMAGE}:amd64-legacy
                     docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker push ${MANIFESTIMAGE}:arm64v8-latest
+                    docker push ${MANIFESTIMAGE}:arm64v8-legacy
                     docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                     if [ -n "${SEMVER}" ]; then
                       docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
-                      docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER}
                       docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                     fi
-                    docker manifest push --purge ${MANIFESTIMAGE}:latest || :
-                    docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest
-                    docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm
-                    docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
+                    docker manifest push --purge ${MANIFESTIMAGE}:legacy || :
+                    docker manifest create ${MANIFESTIMAGE}:legacy ${MANIFESTIMAGE}:amd64-legacy ${MANIFESTIMAGE}:arm64v8-legacy
+                    docker manifest annotate ${MANIFESTIMAGE}:legacy ${MANIFESTIMAGE}:arm64v8-legacy --os linux --arch arm64 --variant v8
                     docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
-                    docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
-                    docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm
+                    docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
                     docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
                     docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
-                    docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
-                    docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm
+                    docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
                     docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
                     if [ -n "${SEMVER}" ]; then
                       docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
-                      docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
-                      docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm
+                      docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
                       docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
                     fi
-                    docker manifest push --purge ${MANIFESTIMAGE}:latest
+                    token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
+                    digest=$(curl -s \
+                      --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
+                      --header "Authorization: Bearer ${token}" \
+                      "https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-legacy")
+                    if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
+                      docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-legacy || :
+                      docker manifest create ${MANIFESTIMAGE}:arm32v7-legacy ${MANIFESTIMAGE}:amd64-legacy
+                      docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-legacy
+                    fi
+                    docker manifest push --purge ${MANIFESTIMAGE}:legacy
                     docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} 
                     docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} 
                     if [ -n "${SEMVER}" ]; then
@@ -852,36 +846,13 @@ pipeline {
                   done
                '''
           }
-          sh '''#! /bin/bash
-                for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
-                  docker rmi \
-                  ${DELETEIMAGE}:amd64-${META_TAG} \
-                  ${DELETEIMAGE}:amd64-latest \
-                  ${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \
-                  ${DELETEIMAGE}:arm32v7-${META_TAG} \
-                  ${DELETEIMAGE}:arm32v7-latest \
-                  ${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \
-                  ${DELETEIMAGE}:arm64v8-${META_TAG} \
-                  ${DELETEIMAGE}:arm64v8-latest \
-                  ${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || :
-                  if [ -n "${SEMVER}" ]; then
-                    docker rmi \
-                    ${DELETEIMAGE}:amd64-${SEMVER} \
-                    ${DELETEIMAGE}:arm32v7-${SEMVER} \
-                    ${DELETEIMAGE}:arm64v8-${SEMVER} || :
-                  fi
-                done
-                docker rmi \
-                ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \
-                ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :
-             '''
         }
       }
     }
     // If this is a public release tag it in the LS Github
     stage('Github-Tag-Push-Release') {
       when {
-        branch "master"
+        branch "legacy"
         expression {
           env.LS_RELEASE != env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
         }
@@ -893,64 +864,132 @@ pipeline {
         sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
         -d '{"tag":"'${META_TAG}'",\
              "object": "'${COMMIT_SHA}'",\
-             "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to master",\
+             "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to legacy",\
              "type": "commit",\
              "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
         echo "Pushing New release for Tag"
         sh '''#! /bin/bash
               echo "Updating to ${EXT_RELEASE_CLEAN}" > releasebody.json
               echo '{"tag_name":"'${META_TAG}'",\
-                     "target_commitish": "master",\
+                     "target_commitish": "legacy",\
                      "name": "'${META_TAG}'",\
                      "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
-              printf '","draft": false,"prerelease": false}' >> releasebody.json
+              printf '","draft": false,"prerelease": true}' >> releasebody.json
               paste -d'\\0' start releasebody.json > releasebody.json.done
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
       }
     }
-    // Use helper container to sync the current README on master to the dockerhub endpoint
-    stage('Sync-README') {
+    // Add protection to the release branch
+    stage('Github-Release-Branch-Protection') {
       when {
+        branch "legacy"
         environment name: 'CHANGE_ID', value: ''
         environment name: 'EXIT_STATUS', value: ''
       }
       steps {
-        withCredentials([
-          [
-            $class: 'UsernamePasswordMultiBinding',
-            credentialsId: '3f9ba4d5-100d-45b0-a3c4-633fd6061207',
-            usernameVariable: 'DOCKERUSER',
-            passwordVariable: 'DOCKERPASS'
-          ]
-        ]) {
-          sh '''#! /bin/bash
-                set -e
-                TEMPDIR=$(mktemp -d)
-                docker pull ghcr.io/linuxserver/jenkins-builder:latest
-                docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
-                docker pull ghcr.io/linuxserver/readme-sync
-                docker run --rm=true \
-                  -e DOCKERHUB_USERNAME=$DOCKERUSER \
-                  -e DOCKERHUB_PASSWORD=$DOCKERPASS \
-                  -e GIT_REPOSITORY=${LS_USER}/${LS_REPO} \
-                  -e DOCKER_REPOSITORY=${IMAGE} \
-                  -e GIT_BRANCH=master \
-                  -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/mnt \
-                  ghcr.io/linuxserver/readme-sync bash -c 'node sync'
-                rm -Rf ${TEMPDIR} '''
-        }
+        echo "Setting up protection for release branch legacy"
+        sh '''#! /bin/bash
+          curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/legacy/protection \
+          -d $(jq -c .  << EOF
+            {
+              "required_status_checks": null,
+              "enforce_admins": false,
+              "required_pull_request_reviews": {
+                "dismiss_stale_reviews": false,
+                "require_code_owner_reviews": false,
+                "require_last_push_approval": false,
+                "required_approving_review_count": 1
+              },
+              "restrictions": null,
+              "required_linear_history": false,
+              "allow_force_pushes": false,
+              "allow_deletions": false,
+              "block_creations": false,
+              "required_conversation_resolution": true,
+              "lock_branch": false,
+              "allow_fork_syncing": false,
+              "required_signatures": false
+            }
+EOF
+          ) '''
       }
     }
     // If this is a Pull request send the CI link as a comment on it
     stage('Pull Request Comment') {
       when {
         not {environment name: 'CHANGE_ID', value: ''}
-        environment name: 'CI', value: 'true'
         environment name: 'EXIT_STATUS', value: ''
       }
       steps {
-        sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/issues/${PULL_REQUEST}/comments \
-        -d '{"body": "I am a bot, here are the test results for this PR: \\n'${CI_URL}' \\n'${SHELLCHECK_URL}'"}' '''
+        sh '''#! /bin/bash
+            # Function to retrieve JSON data from URL
+            get_json() {
+              local url="$1"
+              local response=$(curl -s "$url")
+              if [ $? -ne 0 ]; then
+                echo "Failed to retrieve JSON data from $url"
+                return 1
+              fi
+              local json=$(echo "$response" | jq .)
+              if [ $? -ne 0 ]; then
+                echo "Failed to parse JSON data from $url"
+                return 1
+              fi
+              echo "$json"
+            }
+
+            build_table() {
+              local data="$1"
+
+              # Get the keys in the JSON data
+              local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]')
+
+              # Check if keys are empty
+              if [ -z "$keys" ]; then
+                echo "JSON report data does not contain any keys or the report does not exist."
+                return 1
+              fi
+
+              # Build table header
+              local header="| Tag | Passed |\\n| --- | --- |\\n"
+
+              # Loop through the JSON data to build the table rows
+              local rows=""
+              for build in $keys; do
+                local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success")
+                if [ "$status" = "true" ]; then
+                  status="✅"
+                else
+                  status="❌"
+                fi
+                local row="| "$build" | "$status" |\\n"
+                rows="${rows}${row}"
+              done
+
+              local table="${header}${rows}"
+              local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g')
+              echo "$escaped_table"
+            }
+
+            if [[ "${CI}" = "true" ]]; then
+              # Retrieve JSON data from URL
+              data=$(get_json "$CI_JSON_URL")
+              # Create table from JSON data
+              table=$(build_table "$data")
+              echo -e "$table"
+
+              curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
+                -H "Accept: application/vnd.github.v3+json" \
+                "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
+                -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"
+            else
+              curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
+                -H "Accept: application/vnd.github.v3+json" \
+                "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
+                -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}"
+            fi
+            '''
+
       }
     }
   }
@@ -976,6 +1015,14 @@ pipeline {
       }
     }
     cleanup {
+      sh '''#! /bin/bash
+            echo "Performing docker system prune!!"
+            containers=$(docker ps -aq)
+            if [[ -n "${containers}" ]]; then
+              docker stop ${containers}
+            fi
+            docker system prune -af --volumes || :
+         '''
       cleanWs()
     }
   }

README.md

@@ -1,6 +1,5 @@
-<!-- DO NOT EDIT THIS FILE MANUALLY  -->
-<!-- Please read the https://github.com/linuxserver/docker-wireguard/blob/master/.github/CONTRIBUTING.md -->
-
+<!-- DO NOT EDIT THIS FILE MANUALLY -->
+<!-- Please read https://github.com/linuxserver/docker-wireguard/blob/legacy/.github/CONTRIBUTING.md -->
 [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io)
 
 [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!")
@@ -37,7 +36,7 @@ Find us at:
 [![Quay.io](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Quay.io)](https://quay.io/repository/linuxserver.io/wireguard)
 [![Docker Pulls](https://img.shields.io/docker/pulls/linuxserver/wireguard.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/r/linuxserver/wireguard)
 [![Docker Stars](https://img.shields.io/docker/stars/linuxserver/wireguard.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=stars&logo=docker)](https://hub.docker.com/r/linuxserver/wireguard)
-[![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-wireguard%2Fjob%2Fmaster%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/)
+[![Jenkins Build](https://img.shields.io/jenkins/build?labelColor=555555&logoColor=ffffff&style=for-the-badge&jobUrl=https%3A%2F%2Fci.linuxserver.io%2Fjob%2FDocker-Pipeline-Builders%2Fjob%2Fdocker-wireguard%2Fjob%2Flegacy%2F&logo=jenkins)](https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/legacy/)
 
 [WireGuard®](https://www.wireguard.com/) is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
 
@@ -45,9 +44,9 @@ Find us at:
 
 ## Supported Architectures
 
-We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://github.com/docker/distribution/blob/master/docs/spec/manifest-v2-2.md#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
+We utilise the docker manifest for multi-platform awareness. More information is available from docker [here](https://distribution.github.io/distribution/spec/manifest-v2-2/#manifest-list) and our announcement [here](https://blog.linuxserver.io/2019/02/21/the-lsio-pipeline-project/).
 
-Simply pulling `lscr.io/linuxserver/wireguard:latest` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
+Simply pulling `lscr.io/linuxserver/wireguard:legacy` should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
 
 The architectures supported by this image are:
 
@@ -55,7 +54,7 @@ The architectures supported by this image are:
 | :----: | :----: | ---- |
 | x86-64 | ✅ | amd64-\<version tag\> |
 | arm64 | ✅ | arm64v8-\<version tag\> |
-| armhf | ✅ | arm32v7-\<version tag\> |
+| armhf | ❌ | |
 
 ## Version Tags
 
@@ -63,8 +62,9 @@ This image provides various versions that are available via tags. Please read th
 
 | Tag | Available | Description |
 | :----: | :----: |--- |
-| latest | ✅ | Stable releases with support for compiling Wireguard modules |
-| alpine | ✅ | Stable releases based on Alpine *without* support for compiling Wireguard modules |
+| latest | ✅ | Stable releases based on Alpine *without* support for compiling Wireguard modules. |
+| legacy | ✅ | Stable releases with support for compiling Wireguard modules for older kernels. |
+
 ## Application Setup
 
 During container start, it will first check if the wireguard module is already installed and loaded. Kernels newer than 5.6 generally have the wireguard module built-in (along with some older custom kernels). However, the module may not be enabled. Make sure it is enabled prior to starting the container.
@@ -87,11 +87,13 @@ To add more peers/clients later on, you increment the `PEERS` environment variab
 
 To display the QR codes of active peers again, you can use the following command and list the peer numbers as arguments: `docker exec -it wireguard /app/show-peer 1 4 5` or `docker exec -it wireguard /app/show-peer myPC myPhone myTablet` (Keep in mind that the QR codes are also stored as PNGs in the config folder).
 
-The templates used for server and peer confs are saved under `/config/templates`. Advanced users can modify these templates and force conf generation by deleting `/config/wg0.conf` and restarting the container.
+The templates used for server and peer confs are saved under `/config/templates`. Advanced users can modify these templates and force conf generation by deleting `/config/wg_confs/wg0.conf` and restarting the container.
+
+The container managed server conf is hardcoded to `wg0.conf`. However, the users can add additional tunnel config files with `.conf` extensions into `/config/wg_confs/` and the container will attempt to start them all in alphabetical order. If any one of the tunnels fail, they will all be stopped and the default route will be deleted, requiring user intervention to fix the invalid conf and a container restart.
 
 ## Client Mode
 
-Do not set the `PEERS` environment variable. Drop your client conf into the config folder as `/config/wg0.conf` and start the container.
+Do not set the `PEERS` environment variable. Drop your client conf(s) into the config folder as `/config/wg_confs/<tunnel name>.conf` and start the container. If there are multiple tunnel configs, the container will attempt to start them all in alphabetical order. If any one of the tunnels fail, they will all be stopped and the default route will be deleted, requiring user intervention to fix the invalid conf and a container restart.
 
 If you get IPv6 related errors in the log and connection cannot be established, edit the `AllowedIPs` line in your peer/client wg0.conf to include only `0.0.0.0/0` and not `::/0`; and restart the container.
 
@@ -134,16 +136,15 @@ Don't forget to set the necessary POSTUP and POSTDOWN rules in your client's pee
 
 ## Usage
 
-Here are some example snippets to help you get started creating a container.
+To help you get started creating a container from this image you can either use docker-compose or the docker cli.
 
 ### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose))
 
 ```yaml
 ---
-version: "2.1"
 services:
   wireguard:
-    image: lscr.io/linuxserver/wireguard:latest
+    image: lscr.io/linuxserver/wireguard:legacy
     container_name: wireguard
     cap_add:
       - NET_ADMIN
@@ -193,13 +194,12 @@ docker run -d \
   -v /lib/modules:/lib/modules `#optional` \
   --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
   --restart unless-stopped \
-  lscr.io/linuxserver/wireguard:latest
-
+  lscr.io/linuxserver/wireguard:legacy
 ```
 
 ## Parameters
 
-Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
+Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
 
 | Parameter | Function |
 | :----: | --- |
@@ -230,10 +230,10 @@ You can set any environment variable from a file by using a special prepend `FIL
 As an example:
 
 ```bash
--e FILE__PASSWORD=/run/secrets/mysecretpassword
+-e FILE__MYVAR=/run/secrets/mysecretvariable
 ```
 
-Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file.
+Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file.
 
 ## Umask for running applications
 
@@ -242,15 +242,20 @@ Keep in mind umask is not chmod it subtracts from permissions based on it's valu
 
 ## User / Group Identifiers
 
-When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
+When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
 
 Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
 
-In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below:
+In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below:
 
 ```bash
-  $ id username
-    uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
+id your_user
+```
+
+Example output:
+
+```text
+uid=1000(your_user) gid=1000(your_user) groups=1000(your_user)
 ```
 
 ## Docker Mods
@@ -261,53 +266,100 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to
 
 ## Support Info
 
-* Shell access whilst the container is running: `docker exec -it wireguard /bin/bash`
-* To monitor the logs of the container in realtime: `docker logs -f wireguard`
-* container version number
-  * `docker inspect -f '{{ index .Config.Labels "build_version" }}' wireguard`
-* image version number
-  * `docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/wireguard:latest`
+* Shell access whilst the container is running:
+
+    ```bash
+    docker exec -it wireguard /bin/bash
+    ```
+
+* To monitor the logs of the container in realtime:
+
+    ```bash
+    docker logs -f wireguard
+    ```
+
+* Container version number:
+
+    ```bash
+    docker inspect -f '{{ index .Config.Labels "build_version" }}' wireguard
+    ```
+
+* Image version number:
+
+    ```bash
+    docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/wireguard:legacy
+    ```
 
 ## Updating Info
 
-Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (ie. nextcloud, plex), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
+Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the [Application Setup](#application-setup) section above to see if it is recommended for the image.
 
 Below are the instructions for updating containers:
 
 ### Via Docker Compose
 
-* Update all images: `docker-compose pull`
-  * or update a single image: `docker-compose pull wireguard`
-* Let compose update all containers as necessary: `docker-compose up -d`
-  * or update a single container: `docker-compose up -d wireguard`
-* You can also remove the old dangling images: `docker image prune`
+* Update images:
+    * All images:
+
+        ```bash
+        docker-compose pull
+        ```
+
+    * Single image:
+
+        ```bash
+        docker-compose pull wireguard
+        ```
+
+* Update containers:
+    * All containers:
+
+        ```bash
+        docker-compose up -d
+        ```
+
+    * Single container:
+
+        ```bash
+        docker-compose up -d wireguard
+        ```
+
+* You can also remove the old dangling images:
+
+    ```bash
+    docker image prune
+    ```
 
 ### Via Docker Run
 
-* Update the image: `docker pull lscr.io/linuxserver/wireguard:latest`
-* Stop the running container: `docker stop wireguard`
-* Delete the container: `docker rm wireguard`
-* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved)
-* You can also remove the old dangling images: `docker image prune`
+* Update the image:
 
-### Via Watchtower auto-updater (only use if you don't remember the original parameters)
+    ```bash
+    docker pull lscr.io/linuxserver/wireguard:legacy
+    ```
 
-* Pull the latest image at its tag and replace it with the same env variables in one run:
+* Stop the running container:
 
-  ```bash
-  docker run --rm \
-  -v /var/run/docker.sock:/var/run/docker.sock \
-  containrrr/watchtower \
-  --run-once wireguard
-  ```
+    ```bash
+    docker stop wireguard
+    ```
 
-* You can also remove the old dangling images: `docker image prune`
+* Delete the container:
+
+    ```bash
+    docker rm wireguard
+    ```
+
+* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved)
+* You can also remove the old dangling images:
 
-**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
+    ```bash
+    docker image prune
+    ```
 
 ### Image Update Notifications - Diun (Docker Image Update Notifier)
 
-* We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
+**tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
 
 ## Building locally
 
@@ -319,7 +371,7 @@ cd docker-wireguard
 docker build \
   --no-cache \
   --pull \
-  -t lscr.io/linuxserver/wireguard:latest .
+  -t lscr.io/linuxserver/wireguard:legacy .
 ```
 
 The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
@@ -332,6 +384,9 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **03.10.23:** - **Potentially Breaking Change:** Support for multiple interfaces added. Wireguard confs moved to `/config/wg_confs/`. Any file with a `.conf` extension in that folder will be treated as a live tunnel config and will be attempted to start. If any of the tunnels fail, all tunnels will be stopped. Tunnels are started in alphabetical order. Managed server conf will continue to be hardcoded to `wg0.conf`.
+* **24.06.23:** - Deprecate armhf as per [https://www.linuxserver.io/armhf](https://www.linuxserver.io/armhf).
+* **26.04.23:** - Rework branches, swap alpine & ubuntu builds.
 * **28.01.23:** - Patch wg-quick to suppress false positive sysctl warning.
 * **10.01.23:** - Add new var to add `PersistentKeepalive` to server config for select peers to survive server IP changes when domain name is used.
 * **26.10.22:** - Better handle unsupported peer names. Improve logging.

jenkins-vars.yml

@@ -4,9 +4,10 @@
 project_name: docker-wireguard
 external_type: na
 custom_version_command: "curl -sX GET https://api.github.com/repos/WireGuard/wireguard-tools/tags | jq -r .[0].name"
-release_type: stable
-release_tag: latest
-ls_branch: master
+release_type: prerelease
+release_tag: legacy
+ls_branch: legacy
+build_armhf: false
 repo_vars:
   - CONTAINER_NAME = 'wireguard'
   - BUILD_VERSION_ARG = 'WIREGUARD_VERSION'
@@ -26,4 +27,4 @@ repo_vars:
   - CI_AUTH='user:password'
   - CI_WEBPATH=''
 sponsor_links:
-  - { name: "WireGuard", url: "https://www.wireguard.com/donations/" }
+  - { name: "WireGuard", url: "https://www.wireguard.com/donations/" }

package_versions.txt

@@ -1,350 +1,356 @@
-NAME                                                     VERSION                                  TYPE      
-adduser                                                  3.118ubuntu5                             deb        
-apt                                                      2.4.8                                    deb        
-apt-utils                                                2.4.8                                    deb        
-base-files                                               12ubuntu4.3                              deb        
-base-passwd                                              3.5.52build1                             deb        
-bash                                                     5.1-6ubuntu1                             deb        
-bc                                                       1.07.1-3build1                           deb        
-binutils                                                 2.38-4ubuntu2.1                          deb        
-binutils-common                                          2.38-4ubuntu2.1                          deb        
-binutils-x86-64-linux-gnu                                2.38-4ubuntu2.1                          deb        
-bsdutils                                                 1:2.37.2-4ubuntu3                        deb        
-build-essential                                          12.9ubuntu3                              deb        
-bzip2                                                    1.0.8-5build1                            deb        
-ca-certificates                                          20211016ubuntu0.22.04.1                  deb        
-cloud.google.com/go/compute/metadata                     v0.2.3                                   go-module  
-coreutils                                                8.32-4.1ubuntu1                          deb        
-cpp                                                      4:11.2.0-1ubuntu1                        deb        
-cpp-11                                                   11.3.0-1ubuntu1~22.04                    deb        
-cpp-12                                                   12.1.0-2ubuntu1~22.04                    deb        
-curl                                                     7.81.0-1ubuntu1.10                       deb        
-dash                                                     0.5.11+git20210903+057cd650a4ed-3build1  deb        
-dctrl-tools                                              2.24-3build2                             deb        
-debconf                                                  1.5.79ubuntu1                            deb        
-debianutils                                              5.5-1ubuntu2                             deb        
-diffutils                                                1:3.8-0ubuntu2                           deb        
-dirmngr                                                  2.2.27-3ubuntu2.1                        deb        
-distro-info-data                                         0.52ubuntu0.3                            deb        
-dkms                                                     2.8.7-2ubuntu2.1                         deb        
-dpkg                                                     1.21.1ubuntu2.1                          deb        
-dpkg-dev                                                 1.21.1ubuntu2.1                          deb        
-e2fsprogs                                                1.46.5-2ubuntu1.1                        deb        
-findutils                                                4.8.0-1ubuntu3                           deb        
-g++                                                      4:11.2.0-1ubuntu1                        deb        
-g++-11                                                   11.3.0-1ubuntu1~22.04                    deb        
-gcc                                                      4:11.2.0-1ubuntu1                        deb        
-gcc-11                                                   11.3.0-1ubuntu1~22.04                    deb        
-gcc-11-base                                              11.3.0-1ubuntu1~22.04                    deb        
-gcc-12                                                   12.1.0-2ubuntu1~22.04                    deb        
-gcc-12-base                                              12.1.0-2ubuntu1~22.04                    deb        
-git                                                      1:2.34.1-1ubuntu1.8                      deb        
-git-man                                                  1:2.34.1-1ubuntu1.8                      deb        
-github.com/Azure/azure-sdk-for-go                        v68.0.0+incompatible                     go-module  
-github.com/Azure/go-autorest/autorest                    v0.11.28                                 go-module  
-github.com/Azure/go-autorest/autorest/adal               v0.9.18                                  go-module  
-github.com/Azure/go-autorest/autorest/azure/auth         v0.5.12                                  go-module  
-github.com/Azure/go-autorest/autorest/azure/cli          v0.4.5                                   go-module  
-github.com/Azure/go-autorest/autorest/date               v0.3.0                                   go-module  
-github.com/Azure/go-autorest/autorest/to                 v0.2.0                                   go-module  
-github.com/Azure/go-autorest/logger                      v0.2.1                                   go-module  
-github.com/Azure/go-autorest/tracing                     v0.6.0                                   go-module  
-github.com/DataDog/datadog-agent/pkg/obfuscate           v0.0.0-20211129110424-6491aa3bf583       go-module  
-github.com/DataDog/datadog-agent/pkg/remoteconfig/state  v0.42.0-rc.1                             go-module  
-github.com/DataDog/datadog-go                            v4.8.2+incompatible                      go-module  
-github.com/DataDog/datadog-go/v5                         v5.0.2                                   go-module  
-github.com/DataDog/go-tuf                                v0.3.0--fix-localmeta-fork               go-module  
-github.com/DataDog/sketches-go                           v1.2.1                                   go-module  
-github.com/antonmedv/expr                                v1.12.0                                  go-module  
-github.com/apparentlymart/go-cidr                        v1.1.0                                   go-module  
-github.com/aws/aws-sdk-go                                v1.44.194                                go-module  
-github.com/beorn7/perks                                  v1.0.1                                   go-module  
-github.com/cespare/xxhash/v2                             v2.1.2                                   go-module  
-github.com/coredns/caddy                                 v1.1.1                                   go-module  
-github.com/coredns/coredns                               v0.0.0-20230206182419-055b2c31a9cf       go-module  
-github.com/coreos/go-semver                              v0.3.0                                   go-module  
-github.com/coreos/go-systemd/v22                         v22.3.2                                  go-module  
-github.com/davecgh/go-spew                               v1.1.1                                   go-module  
-github.com/dgraph-io/ristretto                           v0.1.0                                   go-module  
-github.com/dimchansky/utfbom                             v1.1.1                                   go-module  
-github.com/dnstap/golang-dnstap                          v0.4.0                                   go-module  
-github.com/dustin/go-humanize                            v1.0.0                                   go-module  
-github.com/emicklei/go-restful/v3                        v3.9.0                                   go-module  
-github.com/farsightsec/golang-framestream                v0.3.0                                   go-module  
-github.com/flynn/go-shlex                                v0.0.0-20150515145356-3f9db97f8568       go-module  
-github.com/go-logr/logr                                  v1.2.3                                   go-module  
-github.com/go-openapi/jsonpointer                        v0.19.5                                  go-module  
-github.com/go-openapi/jsonreference                      v0.20.0                                  go-module  
-github.com/go-openapi/swag                               v0.19.14                                 go-module  
-github.com/gogo/protobuf                                 v1.3.2                                   go-module  
-github.com/golang-jwt/jwt/v4                             v4.2.0                                   go-module  
-github.com/golang/glog                                   v0.0.0-20160126235308-23def4e6c14b       go-module  
-github.com/golang/groupcache                             v0.0.0-20210331224755-41bb18bfe9da       go-module  
-github.com/golang/protobuf                               v1.5.2                                   go-module  
-github.com/google/gnostic                                v0.5.7-v3refs                            go-module  
-github.com/google/go-cmp                                 v0.5.9                                   go-module  
-github.com/google/gofuzz                                 v1.2.0                                   go-module  
-github.com/google/uuid                                   v1.3.0                                   go-module  
-github.com/googleapis/enterprise-certificate-proxy       v0.2.1                                   go-module  
-github.com/googleapis/gax-go/v2                          v2.7.0                                   go-module  
-github.com/grpc-ecosystem/grpc-opentracing               v0.0.0-20180507213350-8e809c8a8645       go-module  
-github.com/imdario/mergo                                 v0.3.12                                  go-module  
-github.com/infobloxopen/go-trees                         v0.0.0-20200715205103-96a057b8dfb9       go-module  
-github.com/jmespath/go-jmespath                          v0.4.0                                   go-module  
-github.com/josharian/intern                              v1.0.0                                   go-module  
-github.com/json-iterator/go                              v1.1.12                                  go-module  
-github.com/mailru/easyjson                               v0.7.7                                   go-module  
-github.com/matttproud/golang_protobuf_extensions         v1.0.4                                   go-module  
-github.com/miekg/dns                                     v1.1.50                                  go-module  
-github.com/mitchellh/go-homedir                          v1.1.0                                   go-module  
-github.com/modern-go/concurrent                          v0.0.0-20180306012644-bacd9c7ef1dd       go-module  
-github.com/modern-go/reflect2                            v1.0.2                                   go-module  
-github.com/munnerz/goautoneg                             v0.0.0-20191010083416-a7dc8b61c822       go-module  
-github.com/opentracing-contrib/go-observer               v0.0.0-20170622124052-a52f23424492       go-module  
-github.com/opentracing/opentracing-go                    v1.2.0                                   go-module  
-github.com/openzipkin-contrib/zipkin-go-opentracing      v0.5.0                                   go-module  
-github.com/openzipkin/zipkin-go                          v0.4.1                                   go-module  
-github.com/oschwald/geoip2-golang                        v1.8.0                                   go-module  
-github.com/oschwald/maxminddb-golang                     v1.10.0                                  go-module  
-github.com/philhofer/fwd                                 v1.1.1                                   go-module  
-github.com/pkg/errors                                    v0.9.1                                   go-module  
-github.com/prometheus/client_golang                      v1.14.0                                  go-module  
-github.com/prometheus/client_model                       v0.3.0                                   go-module  
-github.com/prometheus/common                             v0.39.0                                  go-module  
-github.com/prometheus/procfs                             v0.8.0                                   go-module  
-github.com/secure-systems-lab/go-securesystemslib        v0.4.0                                   go-module  
-github.com/spf13/pflag                                   v1.0.5                                   go-module  
-github.com/tinylib/msgp                                  v1.1.6                                   go-module  
-gnupg                                                    2.2.27-3ubuntu2.1                        deb        
-gnupg-l10n                                               2.2.27-3ubuntu2.1                        deb        
-gnupg-utils                                              2.2.27-3ubuntu2.1                        deb        
-go.etcd.io/etcd/api/v3                                   v3.5.7                                   go-module  
-go.etcd.io/etcd/client/pkg/v3                            v3.5.7                                   go-module  
-go.etcd.io/etcd/client/v3                                v3.5.7                                   go-module  
-go.opencensus.io                                         v0.24.0                                  go-module  
-go.uber.org/atomic                                       v1.9.0                                   go-module  
-go.uber.org/multierr                                     v1.6.0                                   go-module  
-go.uber.org/zap                                          v1.17.0                                  go-module  
-golang.org/x/crypto                                      v0.0.0-20221010152910-d6f0a8c073c2       go-module  
-golang.org/x/net                                         v0.4.0                                   go-module  
-golang.org/x/oauth2                                      v0.3.0                                   go-module  
-golang.org/x/sys                                         v0.4.0                                   go-module  
-golang.org/x/term                                        v0.3.0                                   go-module  
-golang.org/x/text                                        v0.5.0                                   go-module  
-golang.org/x/time                                        v0.0.0-20220210224613-90d013bbcef8       go-module  
-golang.org/x/xerrors                                     v0.0.0-20220907171357-04be3eba64a2       go-module  
-google.golang.org/api                                    v0.109.0                                 go-module  
-google.golang.org/genproto                               v0.0.0-20221227171554-f9683d7f8bef       go-module  
-google.golang.org/grpc                                   v1.52.3                                  go-module  
-google.golang.org/protobuf                               v1.28.1                                  go-module  
-gopkg.in/DataDog/dd-trace-go.v1                          v1.47.0                                  go-module  
-gopkg.in/inf.v0                                          v0.9.1                                   go-module  
-gopkg.in/yaml.v2                                         v2.4.0                                   go-module  
-gopkg.in/yaml.v3                                         v3.0.1                                   go-module  
-gpg                                                      2.2.27-3ubuntu2.1                        deb        
-gpg-agent                                                2.2.27-3ubuntu2.1                        deb        
-gpg-wks-client                                           2.2.27-3ubuntu2.1                        deb        
-gpg-wks-server                                           2.2.27-3ubuntu2.1                        deb        
-gpgconf                                                  2.2.27-3ubuntu2.1                        deb        
-gpgsm                                                    2.2.27-3ubuntu2.1                        deb        
-gpgv                                                     2.2.27-3ubuntu2.1                        deb        
-grep                                                     3.7-1build1                              deb        
-gzip                                                     1.10-4ubuntu4.1                          deb        
-hostname                                                 3.23ubuntu2                              deb        
-ifupdown                                                 0.8.36+nmu1ubuntu3                       deb        
-init-system-helpers                                      1.62                                     deb        
-iproute2                                                 5.15.0-1ubuntu2                          deb        
-iptables                                                 1.8.7-1ubuntu5                           deb        
-iputils-ping                                             3:20211215-1                             deb        
-jq                                                       1.6-2.1ubuntu3                           deb        
-k8s.io/api                                               v0.26.1                                  go-module  
-k8s.io/apimachinery                                      v0.26.1                                  go-module  
-k8s.io/client-go                                         v0.26.1                                  go-module  
-k8s.io/klog/v2                                           v2.90.0                                  go-module  
-k8s.io/kube-openapi                                      v0.0.0-20221012153701-172d655c2280       go-module  
-k8s.io/utils                                             v0.0.0-20221107191617-1a15be271d1d       go-module  
-kmod                                                     29-1ubuntu1                              deb        
-libacl1                                                  2.3.1-1                                  deb        
-libapt-pkg6.0                                            2.4.8                                    deb        
-libasan6                                                 11.3.0-1ubuntu1~22.04                    deb        
-libasan8                                                 12.1.0-2ubuntu1~22.04                    deb        
-libassuan0                                               2.5.5-1build1                            deb        
-libatomic1                                               12.1.0-2ubuntu1~22.04                    deb        
-libattr1                                                 1:2.5.1-1build1                          deb        
-libaudit-common                                          1:3.0.7-1build1                          deb        
-libaudit1                                                1:3.0.7-1build1                          deb        
-libbinutils                                              2.38-4ubuntu2.1                          deb        
-libblkid1                                                2.37.2-4ubuntu3                          deb        
-libbpf0                                                  1:0.5.0-1ubuntu22.04.1                   deb        
-libbrotli1                                               1.0.9-2build6                            deb        
-libbsd0                                                  0.11.5-1                                 deb        
-libbz2-1.0                                               1.0.8-5build1                            deb        
-libc-bin                                                 2.35-0ubuntu3.1                          deb        
-libc-dev-bin                                             2.35-0ubuntu3.1                          deb        
-libc6                                                    2.35-0ubuntu3.1                          deb        
-libc6-dev                                                2.35-0ubuntu3.1                          deb        
-libcap-ng0                                               0.7.9-2.2build3                          deb        
-libcap2                                                  1:2.44-1build3                           deb        
-libcap2-bin                                              1:2.44-1build3                           deb        
-libcc1-0                                                 12.1.0-2ubuntu1~22.04                    deb        
-libcom-err2                                              1.46.5-2ubuntu1.1                        deb        
-libcrypt-dev                                             1:4.4.27-1                               deb        
-libcrypt1                                                1:4.4.27-1                               deb        
-libctf-nobfd0                                            2.38-4ubuntu2.1                          deb        
-libctf0                                                  2.38-4ubuntu2.1                          deb        
-libcurl3-gnutls                                          7.81.0-1ubuntu1.10                       deb        
-libcurl4                                                 7.81.0-1ubuntu1.10                       deb        
-libdb5.3                                                 5.3.28+dfsg1-0.8ubuntu3                  deb        
-libdebconfclient0                                        0.261ubuntu1                             deb        
-libdpkg-perl                                             1.21.1ubuntu2.1                          deb        
-libelf-dev                                               0.186-1build1                            deb        
-libelf1                                                  0.186-1build1                            deb        
-liberror-perl                                            0.17029-1                                deb        
-libexpat1                                                2.4.7-1ubuntu0.2                         deb        
-libext2fs2                                               1.46.5-2ubuntu1.1                        deb        
-libffi8                                                  3.4.2-4                                  deb        
-libgcc-11-dev                                            11.3.0-1ubuntu1~22.04                    deb        
-libgcc-12-dev                                            12.1.0-2ubuntu1~22.04                    deb        
-libgcc-s1                                                12.1.0-2ubuntu1~22.04                    deb        
-libgcrypt20                                              1.9.4-3ubuntu3                           deb        
-libgdbm-compat4                                          1.23-1                                   deb        
-libgdbm6                                                 1.23-1                                   deb        
-libglib2.0-0                                             2.72.4-0ubuntu1                          deb        
-libgmp10                                                 2:6.2.1+dfsg-3ubuntu1                    deb        
-libgnutls30                                              3.7.3-4ubuntu1.2                         deb        
-libgomp1                                                 12.1.0-2ubuntu1~22.04                    deb        
-libgpg-error0                                            1.43-3                                   deb        
-libgssapi-krb5-2                                         1.19.2-2ubuntu0.1                        deb        
-libhogweed6                                              3.7.3-1build2                            deb        
-libidn2-0                                                2.3.2-2build1                            deb        
-libip4tc2                                                1.8.7-1ubuntu5                           deb        
-libip6tc2                                                1.8.7-1ubuntu5                           deb        
-libisl23                                                 0.24-2build1                             deb        
-libitm1                                                  12.1.0-2ubuntu1~22.04                    deb        
-libjq1                                                   1.6-2.1ubuntu3                           deb        
-libk5crypto3                                             1.19.2-2ubuntu0.1                        deb        
-libkeyutils1                                             1.6.1-2ubuntu3                           deb        
-libkmod2                                                 29-1ubuntu1                              deb        
-libkrb5-3                                                1.19.2-2ubuntu0.1                        deb        
-libkrb5support0                                          1.19.2-2ubuntu0.1                        deb        
-libksba8                                                 1.6.0-2ubuntu0.2                         deb        
-libldap-2.5-0                                            2.5.14+dfsg-0ubuntu0.22.04.2             deb        
-libldap-common                                           2.5.14+dfsg-0ubuntu0.22.04.2             deb        
-liblsan0                                                 12.1.0-2ubuntu1~22.04                    deb        
-liblz4-1                                                 1.9.3-2build2                            deb        
-liblzma5                                                 5.2.5-2ubuntu1                           deb        
-libmd0                                                   1.0.4-1build1                            deb        
-libmnl0                                                  1.0.4-3build2                            deb        
-libmount1                                                2.37.2-4ubuntu3                          deb        
-libmpc3                                                  1.2.1-2build1                            deb        
-libmpdec3                                                2.5.1-2build2                            deb        
-libmpfr6                                                 4.1.0-3build3                            deb        
-libncurses6                                              6.3-2                                    deb        
-libncursesw6                                             6.3-2                                    deb        
-libnetfilter-conntrack3                                  1.0.9-1                                  deb        
-libnettle8                                               3.7.3-1build2                            deb        
-libnfnetlink0                                            1.0.1-3build3                            deb        
-libnftnl11                                               1.2.1-1build1                            deb        
-libnghttp2-14                                            1.43.0-1build3                           deb        
-libnpth0                                                 1.6-3build2                              deb        
-libnsl-dev                                               1.3.0-2build2                            deb        
-libnsl2                                                  1.3.0-2build2                            deb        
-libonig5                                                 6.9.7.1-2build1                          deb        
-libp11-kit0                                              0.24.0-6build1                           deb        
-libpam-modules                                           1.4.0-11ubuntu2.3                        deb        
-libpam-modules-bin                                       1.4.0-11ubuntu2.3                        deb        
-libpam-runtime                                           1.4.0-11ubuntu2.3                        deb        
-libpam0g                                                 1.4.0-11ubuntu2.3                        deb        
-libpcre2-8-0                                             10.39-3ubuntu0.1                         deb        
-libpcre3                                                 2:8.39-13ubuntu0.22.04.1                 deb        
-libperl5.34                                              5.34.0-3ubuntu1.1                        deb        
-libpng16-16                                              1.6.37-3build5                           deb        
-libprocps8                                               2:3.3.17-6ubuntu2                        deb        
-libpsl5                                                  0.21.0-1.2build2                         deb        
-libpython3-stdlib                                        3.10.6-1~22.04                           deb        
-libpython3.10-minimal                                    3.10.6-1~22.04.2ubuntu1                  deb        
-libpython3.10-stdlib                                     3.10.6-1~22.04.2ubuntu1                  deb        
-libqrencode4                                             4.1.1-1                                  deb        
-libquadmath0                                             12.1.0-2ubuntu1~22.04                    deb        
-libreadline8                                             8.1.2-1                                  deb        
-librtmp1                                                 2.4+20151223.gitfa8646d.1-2build4        deb        
-libsasl2-2                                               2.1.27+dfsg2-3ubuntu1.2                  deb        
-libsasl2-modules                                         2.1.27+dfsg2-3ubuntu1.2                  deb        
-libsasl2-modules-db                                      2.1.27+dfsg2-3ubuntu1.2                  deb        
-libseccomp2                                              2.5.3-2ubuntu2                           deb        
-libselinux1                                              3.3-1build2                              deb        
-libsemanage-common                                       3.3-1build2                              deb        
-libsemanage2                                             3.3-1build2                              deb        
-libsepol2                                                3.3-1build1                              deb        
-libsmartcols1                                            2.37.2-4ubuntu3                          deb        
-libsqlite3-0                                             3.37.2-2ubuntu0.1                        deb        
-libss2                                                   1.46.5-2ubuntu1.1                        deb        
-libssh-4                                                 0.9.6-2build1                            deb        
-libssl3                                                  3.0.2-0ubuntu1.8                         deb        
-libstdc++-11-dev                                         11.3.0-1ubuntu1~22.04                    deb        
-libstdc++6                                               12.1.0-2ubuntu1~22.04                    deb        
-libsystemd0                                              249.11-0ubuntu3.9                        deb        
-libtasn1-6                                               4.18.0-4build1                           deb        
-libtinfo6                                                6.3-2                                    deb        
-libtirpc-common                                          1.3.2-2ubuntu0.1                         deb        
-libtirpc-dev                                             1.3.2-2ubuntu0.1                         deb        
-libtirpc3                                                1.3.2-2ubuntu0.1                         deb        
-libtsan0                                                 11.3.0-1ubuntu1~22.04                    deb        
-libtsan2                                                 12.1.0-2ubuntu1~22.04                    deb        
-libubsan1                                                12.1.0-2ubuntu1~22.04                    deb        
-libudev1                                                 249.11-0ubuntu3.9                        deb        
-libunistring2                                            1.0-1                                    deb        
-libuuid1                                                 2.37.2-4ubuntu3                          deb        
-libxtables12                                             1.8.7-1ubuntu5                           deb        
-libxxhash0                                               0.8.1-1                                  deb        
-libzstd1                                                 1.4.8+dfsg-3build1                       deb        
-linux-libc-dev                                           5.15.0-70.77                             deb        
-locales                                                  2.35-0ubuntu3.1                          deb        
-login                                                    1:4.8.1-2ubuntu2.1                       deb        
-logsave                                                  1.46.5-2ubuntu1.1                        deb        
-lsb-base                                                 11.1.0ubuntu4                            deb        
-lsb-release                                              11.1.0ubuntu4                            deb        
-lto-disabled-list                                        24                                       deb        
-make                                                     4.3-4.1build1                            deb        
-mawk                                                     1.3.4.20200120-3                         deb        
-media-types                                              7.0.0                                    deb        
-mount                                                    2.37.2-4ubuntu3                          deb        
-ncurses-base                                             6.3-2                                    deb        
-ncurses-bin                                              6.3-2                                    deb        
-net-tools                                                1.60+git20181103.0eebece-1ubuntu5        deb        
-netbase                                                  6.3                                      deb        
-netcat                                                   1.218-4ubuntu1                           deb        
-netcat-openbsd                                           1.218-4ubuntu1                           deb        
-openresolv                                               3.12.0-2                                 deb        
-openssl                                                  3.0.2-0ubuntu1.8                         deb        
-passwd                                                   1:4.8.1-2ubuntu2.1                       deb        
-patch                                                    2.7.6-7build2                            deb        
-perl                                                     5.34.0-3ubuntu1.1                        deb        
-perl-base                                                5.34.0-3ubuntu1.1                        deb        
-perl-modules-5.34                                        5.34.0-3ubuntu1.1                        deb        
-pinentry-curses                                          1.1.1-1build2                            deb        
-pkg-config                                               0.29.2-1ubuntu3                          deb        
-procps                                                   2:3.3.17-6ubuntu2                        deb        
-publicsuffix                                             20211207.1025-1                          deb        
-python                                                   3.10.6                                   binary     
-python3                                                  3.10.6-1~22.04                           deb        
-python3-minimal                                          3.10.6-1~22.04                           deb        
-python3.10                                               3.10.6-1~22.04.2ubuntu1                  deb        
-python3.10-minimal                                       3.10.6-1~22.04.2ubuntu1                  deb        
-qrencode                                                 4.1.1-1                                  deb        
-readline-common                                          8.1.2-1                                  deb        
-rpcsvc-proto                                             1.4.2-0ubuntu6                           deb        
-sed                                                      4.8-1ubuntu2                             deb        
-sensible-utils                                           0.0.17                                   deb        
-sigs.k8s.io/json                                         v0.0.0-20220713155537-f223a00ba0e2       go-module  
-sigs.k8s.io/structured-merge-diff/v4                     v4.2.3                                   go-module  
-sigs.k8s.io/yaml                                         v1.3.0                                   go-module  
-sysvinit-utils                                           3.01-1ubuntu1                            deb        
-tar                                                      1.34+dfsg-1ubuntu0.1.22.04.1             deb        
-tzdata                                                   2023c-0ubuntu0.22.04.0                   deb        
-ubuntu-keyring                                           2021.03.26                               deb        
-usrmerge                                                 25ubuntu2                                deb        
-util-linux                                               2.37.2-4ubuntu3                          deb        
-xz-utils                                                 5.2.5-2ubuntu1                           deb        
-zlib1g                                                   1:1.2.11.dfsg-2ubuntu9.2                 deb        
-zlib1g-dev                                               1:1.2.11.dfsg-2ubuntu9.2                 deb        
+NAME                                                     VERSION                                      TYPE        
+adduser                                                  3.118ubuntu5                                 deb          
+apt                                                      2.4.12                                       deb          
+apt-utils                                                2.4.12                                       deb          
+base-files                                               12ubuntu4.6                                  deb          
+base-passwd                                              3.5.52build1                                 deb          
+bash                                                     5.1-6ubuntu1.1                               deb          
+bash                                                     5.1.16                                       binary       
+bc                                                       1.07.1-3build1                               deb          
+binutils                                                 2.38-4ubuntu2.6                              deb          
+binutils-common                                          2.38-4ubuntu2.6                              deb          
+binutils-x86-64-linux-gnu                                2.38-4ubuntu2.6                              deb          
+bsdutils                                                 1:2.37.2-4ubuntu3.4                          deb          
+build-essential                                          12.9ubuntu3                                  deb          
+bzip2                                                    1.0.8-5build1                                deb          
+ca-certificates                                          20230311ubuntu0.22.04.1                      deb          
+cloud.google.com/go/compute/metadata                     v0.2.3                                       go-module    
+coreutils                                                8.32-4.1ubuntu1.2                            deb          
+cpp                                                      4:11.2.0-1ubuntu1                            deb          
+cpp-11                                                   11.4.0-1ubuntu1~22.04                        deb          
+cpp-12                                                   12.3.0-1ubuntu1~22.04                        deb          
+cron                                                     3.0pl1-137ubuntu3                            deb          
+curl                                                     7.81.0-1ubuntu1.16                           deb          
+dash                                                     0.5.11+git20210903+057cd650a4ed-3build1      deb          
+dctrl-tools                                              2.24-3build2                                 deb          
+debconf                                                  1.5.79ubuntu1                                deb          
+debianutils                                              5.5-1ubuntu2                                 deb          
+diffutils                                                1:3.8-0ubuntu2                               deb          
+dirmngr                                                  2.2.27-3ubuntu2.1                            deb          
+distro-info-data                                         0.52ubuntu0.6                                deb          
+dkms                                                     2.8.7-2ubuntu2.2                             deb          
+dpkg                                                     1.21.1ubuntu2.3                              deb          
+dpkg-dev                                                 1.21.1ubuntu2.3                              deb          
+e2fsprogs                                                1.46.5-2ubuntu1.1                            deb          
+findutils                                                4.8.0-1ubuntu3                               deb          
+g++                                                      4:11.2.0-1ubuntu1                            deb          
+g++-11                                                   11.4.0-1ubuntu1~22.04                        deb          
+gcc                                                      4:11.2.0-1ubuntu1                            deb          
+gcc-11                                                   11.4.0-1ubuntu1~22.04                        deb          
+gcc-11-base                                              11.4.0-1ubuntu1~22.04                        deb          
+gcc-12                                                   12.3.0-1ubuntu1~22.04                        deb          
+gcc-12-base                                              12.3.0-1ubuntu1~22.04                        deb          
+git                                                      1:2.34.1-1ubuntu1.10                         deb          
+git-man                                                  1:2.34.1-1ubuntu1.10                         deb          
+github.com/Azure/azure-sdk-for-go                        v68.0.0+incompatible                         go-module    
+github.com/Azure/go-autorest/autorest                    v0.11.29                                     go-module    
+github.com/Azure/go-autorest/autorest/adal               v0.9.22                                      go-module    
+github.com/Azure/go-autorest/autorest/azure/auth         v0.5.12                                      go-module    
+github.com/Azure/go-autorest/autorest/azure/cli          v0.4.5                                       go-module    
+github.com/Azure/go-autorest/autorest/date               v0.3.0                                       go-module    
+github.com/Azure/go-autorest/autorest/to                 v0.2.0                                       go-module    
+github.com/Azure/go-autorest/logger                      v0.2.1                                       go-module    
+github.com/Azure/go-autorest/tracing                     v0.6.0                                       go-module    
+github.com/DataDog/datadog-agent/pkg/obfuscate           v0.45.0-rc.1                                 go-module    
+github.com/DataDog/datadog-agent/pkg/remoteconfig/state  v0.48.0-devel.0.20230725154044-2549ba9058df  go-module    
+github.com/DataDog/datadog-go/v5                         v5.1.1                                       go-module    
+github.com/DataDog/go-tuf                                v1.0.1-0.5.2                                 go-module    
+github.com/DataDog/sketches-go                           v1.2.1                                       go-module    
+github.com/antonmedv/expr                                v1.13.0                                      go-module    
+github.com/apparentlymart/go-cidr                        v1.1.0                                       go-module    
+github.com/aws/aws-sdk-go                                v1.44.322                                    go-module    
+github.com/beorn7/perks                                  v1.0.1                                       go-module    
+github.com/cespare/xxhash/v2                             v2.2.0                                       go-module    
+github.com/coredns/caddy                                 v1.1.1                                       go-module    
+github.com/coredns/coredns                               v0.0.0-20230815193032-ae2bbc29be1a           go-module    
+github.com/coreos/go-semver                              v0.3.0                                       go-module    
+github.com/coreos/go-systemd/v22                         v22.3.2                                      go-module    
+github.com/davecgh/go-spew                               v1.1.1                                       go-module    
+github.com/dimchansky/utfbom                             v1.1.1                                       go-module    
+github.com/dnstap/golang-dnstap                          v0.4.0                                       go-module    
+github.com/dustin/go-humanize                            v1.0.1                                       go-module    
+github.com/emicklei/go-restful/v3                        v3.10.2                                      go-module    
+github.com/farsightsec/golang-framestream                v0.3.0                                       go-module    
+github.com/flynn/go-shlex                                v0.0.0-20150515145356-3f9db97f8568           go-module    
+github.com/go-logr/logr                                  v1.2.4                                       go-module    
+github.com/go-openapi/jsonpointer                        v0.19.6                                      go-module    
+github.com/go-openapi/jsonreference                      v0.20.1                                      go-module    
+github.com/go-openapi/swag                               v0.22.3                                      go-module    
+github.com/gogo/protobuf                                 v1.3.2                                       go-module    
+github.com/golang-jwt/jwt/v4                             v4.5.0                                       go-module    
+github.com/golang/groupcache                             v0.0.0-20210331224755-41bb18bfe9da           go-module    
+github.com/golang/protobuf                               v1.5.3                                       go-module    
+github.com/google/gnostic                                v0.5.7-v3refs                                go-module    
+github.com/google/go-cmp                                 v0.5.9                                       go-module    
+github.com/google/gofuzz                                 v1.2.0                                       go-module    
+github.com/google/s2a-go                                 v0.1.4                                       go-module    
+github.com/google/uuid                                   v1.3.0                                       go-module    
+github.com/googleapis/enterprise-certificate-proxy       v0.2.5                                       go-module    
+github.com/googleapis/gax-go/v2                          v2.12.0                                      go-module    
+github.com/grpc-ecosystem/grpc-opentracing               v0.0.0-20180507213350-8e809c8a8645           go-module    
+github.com/imdario/mergo                                 v0.3.12                                      go-module    
+github.com/infobloxopen/go-trees                         v0.0.0-20200715205103-96a057b8dfb9           go-module    
+github.com/jmespath/go-jmespath                          v0.4.0                                       go-module    
+github.com/josharian/intern                              v1.0.0                                       go-module    
+github.com/json-iterator/go                              v1.1.12                                      go-module    
+github.com/mailru/easyjson                               v0.7.7                                       go-module    
+github.com/matttproud/golang_protobuf_extensions         v1.0.4                                       go-module    
+github.com/miekg/dns                                     v1.1.55                                      go-module    
+github.com/mitchellh/go-homedir                          v1.1.0                                       go-module    
+github.com/modern-go/concurrent                          v0.0.0-20180306012644-bacd9c7ef1dd           go-module    
+github.com/modern-go/reflect2                            v1.0.2                                       go-module    
+github.com/munnerz/goautoneg                             v0.0.0-20191010083416-a7dc8b61c822           go-module    
+github.com/opentracing-contrib/go-observer               v0.0.0-20170622124052-a52f23424492           go-module    
+github.com/opentracing/opentracing-go                    v1.2.0                                       go-module    
+github.com/openzipkin-contrib/zipkin-go-opentracing      v0.5.0                                       go-module    
+github.com/openzipkin/zipkin-go                          v0.4.2                                       go-module    
+github.com/oschwald/geoip2-golang                        v1.9.0                                       go-module    
+github.com/oschwald/maxminddb-golang                     v1.11.0                                      go-module    
+github.com/outcaste-io/ristretto                         v0.2.1                                       go-module    
+github.com/philhofer/fwd                                 v1.1.2                                       go-module    
+github.com/pkg/errors                                    v0.9.1                                       go-module    
+github.com/prometheus/client_golang                      v1.16.0                                      go-module    
+github.com/prometheus/client_model                       v0.4.0                                       go-module    
+github.com/prometheus/common                             v0.44.0                                      go-module    
+github.com/prometheus/procfs                             v0.10.1                                      go-module    
+github.com/quic-go/qtls-go1-20                           v0.3.1                                       go-module    
+github.com/quic-go/quic-go                               v0.37.4                                      go-module    
+github.com/secure-systems-lab/go-securesystemslib        v0.7.0                                       go-module    
+github.com/spf13/pflag                                   v1.0.5                                       go-module    
+github.com/tinylib/msgp                                  v1.1.8                                       go-module    
+gnupg                                                    2.2.27-3ubuntu2.1                            deb          
+gnupg-l10n                                               2.2.27-3ubuntu2.1                            deb          
+gnupg-utils                                              2.2.27-3ubuntu2.1                            deb          
+go.etcd.io/etcd/api/v3                                   v3.5.9                                       go-module    
+go.etcd.io/etcd/client/pkg/v3                            v3.5.9                                       go-module    
+go.etcd.io/etcd/client/v3                                v3.5.9                                       go-module    
+go.opencensus.io                                         v0.24.0                                      go-module    
+go.uber.org/atomic                                       v1.11.0                                      go-module    
+go.uber.org/multierr                                     v1.6.0                                       go-module    
+go.uber.org/zap                                          v1.17.0                                      go-module    
+golang.org/x/crypto                                      v0.12.0                                      go-module    
+golang.org/x/exp                                         v0.0.0-20221205204356-47842c84f3db           go-module    
+golang.org/x/net                                         v0.14.0                                      go-module    
+golang.org/x/oauth2                                      v0.11.0                                      go-module    
+golang.org/x/sys                                         v0.11.0                                      go-module    
+golang.org/x/term                                        v0.11.0                                      go-module    
+golang.org/x/text                                        v0.12.0                                      go-module    
+golang.org/x/time                                        v0.3.0                                       go-module    
+golang.org/x/xerrors                                     v0.0.0-20220907171357-04be3eba64a2           go-module    
+google.golang.org/api                                    v0.136.0                                     go-module    
+google.golang.org/appengine                              v1.6.7                                       go-module    
+google.golang.org/genproto/googleapis/api                v0.0.0-20230803162519-f966b187b2e5           go-module    
+google.golang.org/genproto/googleapis/rpc                v0.0.0-20230807174057-1744710a1577           go-module    
+google.golang.org/grpc                                   v1.57.0                                      go-module    
+google.golang.org/protobuf                               v1.31.0                                      go-module    
+gopkg.in/DataDog/dd-trace-go.v1                          v1.54.0                                      go-module    
+gopkg.in/inf.v0                                          v0.9.1                                       go-module    
+gopkg.in/yaml.v2                                         v2.4.0                                       go-module    
+gopkg.in/yaml.v3                                         v3.0.1                                       go-module    
+gpg                                                      2.2.27-3ubuntu2.1                            deb          
+gpg-agent                                                2.2.27-3ubuntu2.1                            deb          
+gpg-wks-client                                           2.2.27-3ubuntu2.1                            deb          
+gpg-wks-server                                           2.2.27-3ubuntu2.1                            deb          
+gpgconf                                                  2.2.27-3ubuntu2.1                            deb          
+gpgsm                                                    2.2.27-3ubuntu2.1                            deb          
+gpgv                                                     2.2.27-3ubuntu2.1                            deb          
+grep                                                     3.7-1build1                                  deb          
+gzip                                                     1.10-4ubuntu4.1                              deb          
+hostname                                                 3.23ubuntu2                                  deb          
+ifupdown                                                 0.8.36+nmu1ubuntu3.1                         deb          
+init-system-helpers                                      1.62                                         deb          
+iproute2                                                 5.15.0-1ubuntu2                              deb          
+iptables                                                 1.8.7-1ubuntu5.2                             deb          
+iputils-ping                                             3:20211215-1                                 deb          
+jq                                                       1.6-2.1ubuntu3                               deb          
+k8s.io/api                                               v0.27.4                                      go-module    
+k8s.io/apimachinery                                      v0.27.4                                      go-module    
+k8s.io/client-go                                         v0.27.4                                      go-module    
+k8s.io/klog/v2                                           v2.100.1                                     go-module    
+k8s.io/kube-openapi                                      v0.0.0-20230501164219-8b0f38b5fd1f           go-module    
+k8s.io/utils                                             v0.0.0-20230209194617-a36077c30491           go-module    
+kmod                                                     29-1ubuntu1                                  deb          
+libacl1                                                  2.3.1-1                                      deb          
+libapt-pkg6.0                                            2.4.12                                       deb          
+libasan6                                                 11.4.0-1ubuntu1~22.04                        deb          
+libasan8                                                 12.3.0-1ubuntu1~22.04                        deb          
+libassuan0                                               2.5.5-1build1                                deb          
+libatomic1                                               12.3.0-1ubuntu1~22.04                        deb          
+libattr1                                                 1:2.5.1-1build1                              deb          
+libaudit-common                                          1:3.0.7-1build1                              deb          
+libaudit1                                                1:3.0.7-1build1                              deb          
+libbinutils                                              2.38-4ubuntu2.6                              deb          
+libblkid1                                                2.37.2-4ubuntu3.4                            deb          
+libbpf0                                                  1:0.5.0-1ubuntu22.04.1                       deb          
+libbrotli1                                               1.0.9-2build6                                deb          
+libbsd0                                                  0.11.5-1                                     deb          
+libbz2-1.0                                               1.0.8-5build1                                deb          
+libc-bin                                                 2.35-0ubuntu3.6                              deb          
+libc-dev-bin                                             2.35-0ubuntu3.6                              deb          
+libc6                                                    2.35-0ubuntu3.6                              deb          
+libc6-dev                                                2.35-0ubuntu3.6                              deb          
+libcap-ng0                                               0.7.9-2.2build3                              deb          
+libcap2                                                  1:2.44-1ubuntu0.22.04.1                      deb          
+libcap2-bin                                              1:2.44-1ubuntu0.22.04.1                      deb          
+libcc1-0                                                 12.3.0-1ubuntu1~22.04                        deb          
+libcom-err2                                              1.46.5-2ubuntu1.1                            deb          
+libcrypt-dev                                             1:4.4.27-1                                   deb          
+libcrypt1                                                1:4.4.27-1                                   deb          
+libctf-nobfd0                                            2.38-4ubuntu2.6                              deb          
+libctf0                                                  2.38-4ubuntu2.6                              deb          
+libcurl3-gnutls                                          7.81.0-1ubuntu1.16                           deb          
+libcurl4                                                 7.81.0-1ubuntu1.16                           deb          
+libdb5.3                                                 5.3.28+dfsg1-0.8ubuntu3                      deb          
+libdebconfclient0                                        0.261ubuntu1                                 deb          
+libdpkg-perl                                             1.21.1ubuntu2.3                              deb          
+libelf-dev                                               0.186-1build1                                deb          
+libelf1                                                  0.186-1build1                                deb          
+liberror-perl                                            0.17029-1                                    deb          
+libexpat1                                                2.4.7-1ubuntu0.3                             deb          
+libext2fs2                                               1.46.5-2ubuntu1.1                            deb          
+libffi8                                                  3.4.2-4                                      deb          
+libgcc-11-dev                                            11.4.0-1ubuntu1~22.04                        deb          
+libgcc-12-dev                                            12.3.0-1ubuntu1~22.04                        deb          
+libgcc-s1                                                12.3.0-1ubuntu1~22.04                        deb          
+libgcrypt20                                              1.9.4-3ubuntu3                               deb          
+libgdbm-compat4                                          1.23-1                                       deb          
+libgdbm6                                                 1.23-1                                       deb          
+libglib2.0-0                                             2.72.4-0ubuntu2.2                            deb          
+libgmp10                                                 2:6.2.1+dfsg-3ubuntu1                        deb          
+libgnutls30                                              3.7.3-4ubuntu1.5                             deb          
+libgomp1                                                 12.3.0-1ubuntu1~22.04                        deb          
+libgpg-error0                                            1.43-3                                       deb          
+libgssapi-krb5-2                                         1.19.2-2ubuntu0.3                            deb          
+libhogweed6                                              3.7.3-1build2                                deb          
+libidn2-0                                                2.3.2-2build1                                deb          
+libip4tc2                                                1.8.7-1ubuntu5.2                             deb          
+libip6tc2                                                1.8.7-1ubuntu5.2                             deb          
+libisl23                                                 0.24-2build1                                 deb          
+libitm1                                                  12.3.0-1ubuntu1~22.04                        deb          
+libjq1                                                   1.6-2.1ubuntu3                               deb          
+libk5crypto3                                             1.19.2-2ubuntu0.3                            deb          
+libkeyutils1                                             1.6.1-2ubuntu3                               deb          
+libkmod2                                                 29-1ubuntu1                                  deb          
+libkrb5-3                                                1.19.2-2ubuntu0.3                            deb          
+libkrb5support0                                          1.19.2-2ubuntu0.3                            deb          
+libksba8                                                 1.6.0-2ubuntu0.2                             deb          
+libldap-2.5-0                                            2.5.17+dfsg-0ubuntu0.22.04.1                 deb          
+libldap-common                                           2.5.17+dfsg-0ubuntu0.22.04.1                 deb          
+liblsan0                                                 12.3.0-1ubuntu1~22.04                        deb          
+liblz4-1                                                 1.9.3-2build2                                deb          
+liblzma5                                                 5.2.5-2ubuntu1                               deb          
+libmd0                                                   1.0.4-1build1                                deb          
+libmnl0                                                  1.0.4-3build2                                deb          
+libmount1                                                2.37.2-4ubuntu3.4                            deb          
+libmpc3                                                  1.2.1-2build1                                deb          
+libmpdec3                                                2.5.1-2build2                                deb          
+libmpfr6                                                 4.1.0-3build3                                deb          
+libncurses6                                              6.3-2ubuntu0.1                               deb          
+libncursesw6                                             6.3-2ubuntu0.1                               deb          
+libnetfilter-conntrack3                                  1.0.9-1                                      deb          
+libnettle8                                               3.7.3-1build2                                deb          
+libnfnetlink0                                            1.0.1-3build3                                deb          
+libnftnl11                                               1.2.1-1build1                                deb          
+libnghttp2-14                                            1.43.0-1ubuntu0.1                            deb          
+libnpth0                                                 1.6-3build2                                  deb          
+libnsl-dev                                               1.3.0-2build2                                deb          
+libnsl2                                                  1.3.0-2build2                                deb          
+libonig5                                                 6.9.7.1-2build1                              deb          
+libp11-kit0                                              0.24.0-6build1                               deb          
+libpam-modules                                           1.4.0-11ubuntu2.4                            deb          
+libpam-modules-bin                                       1.4.0-11ubuntu2.4                            deb          
+libpam-runtime                                           1.4.0-11ubuntu2.4                            deb          
+libpam0g                                                 1.4.0-11ubuntu2.4                            deb          
+libpcre2-8-0                                             10.39-3ubuntu0.1                             deb          
+libpcre3                                                 2:8.39-13ubuntu0.22.04.1                     deb          
+libperl5.34                                              5.34.0-3ubuntu1.3                            deb          
+libpng16-16                                              1.6.37-3build5                               deb          
+libprocps8                                               2:3.3.17-6ubuntu2.1                          deb          
+libpsl5                                                  0.21.0-1.2build2                             deb          
+libpython3-stdlib                                        3.10.6-1~22.04                               deb          
+libpython3.10-minimal                                    3.10.12-1~22.04.3                            deb          
+libpython3.10-stdlib                                     3.10.12-1~22.04.3                            deb          
+libqrencode4                                             4.1.1-1                                      deb          
+libquadmath0                                             12.3.0-1ubuntu1~22.04                        deb          
+libreadline8                                             8.1.2-1                                      deb          
+librtmp1                                                 2.4+20151223.gitfa8646d.1-2build4            deb          
+libsasl2-2                                               2.1.27+dfsg2-3ubuntu1.2                      deb          
+libsasl2-modules                                         2.1.27+dfsg2-3ubuntu1.2                      deb          
+libsasl2-modules-db                                      2.1.27+dfsg2-3ubuntu1.2                      deb          
+libseccomp2                                              2.5.3-2ubuntu2                               deb          
+libselinux1                                              3.3-1build2                                  deb          
+libsemanage-common                                       3.3-1build2                                  deb          
+libsemanage2                                             3.3-1build2                                  deb          
+libsepol2                                                3.3-1build1                                  deb          
+libsmartcols1                                            2.37.2-4ubuntu3.4                            deb          
+libsqlite3-0                                             3.37.2-2ubuntu0.3                            deb          
+libss2                                                   1.46.5-2ubuntu1.1                            deb          
+libssh-4                                                 0.9.6-2ubuntu0.22.04.3                       deb          
+libssl3                                                  3.0.2-0ubuntu1.15                            deb          
+libstdc++-11-dev                                         11.4.0-1ubuntu1~22.04                        deb          
+libstdc++6                                               12.3.0-1ubuntu1~22.04                        deb          
+libsystemd0                                              249.11-0ubuntu3.12                           deb          
+libtasn1-6                                               4.18.0-4build1                               deb          
+libtinfo6                                                6.3-2ubuntu0.1                               deb          
+libtirpc-common                                          1.3.2-2ubuntu0.1                             deb          
+libtirpc-dev                                             1.3.2-2ubuntu0.1                             deb          
+libtirpc3                                                1.3.2-2ubuntu0.1                             deb          
+libtsan0                                                 11.4.0-1ubuntu1~22.04                        deb          
+libtsan2                                                 12.3.0-1ubuntu1~22.04                        deb          
+libubsan1                                                12.3.0-1ubuntu1~22.04                        deb          
+libudev1                                                 249.11-0ubuntu3.12                           deb          
+libunistring2                                            1.0-1                                        deb          
+libuuid1                                                 2.37.2-4ubuntu3.4                            deb          
+libxtables12                                             1.8.7-1ubuntu5.2                             deb          
+libxxhash0                                               0.8.1-1                                      deb          
+libzstd1                                                 1.4.8+dfsg-3build1                           deb          
+linux-libc-dev                                           5.15.0-102.112                               deb          
+locales                                                  2.35-0ubuntu3.6                              deb          
+login                                                    1:4.8.1-2ubuntu2.2                           deb          
+logsave                                                  1.46.5-2ubuntu1.1                            deb          
+lsb-base                                                 11.1.0ubuntu4                                deb          
+lsb-release                                              11.1.0ubuntu4                                deb          
+lto-disabled-list                                        24                                           deb          
+make                                                     4.3-4.1build1                                deb          
+mawk                                                     1.3.4.20200120-3                             deb          
+media-types                                              7.0.0                                        deb          
+mount                                                    2.37.2-4ubuntu3.4                            deb          
+ncurses-base                                             6.3-2ubuntu0.1                               deb          
+ncurses-bin                                              6.3-2ubuntu0.1                               deb          
+net-tools                                                1.60+git20181103.0eebece-1ubuntu5            deb          
+netbase                                                  6.3                                          deb          
+netcat                                                   1.218-4ubuntu1                               deb          
+netcat-openbsd                                           1.218-4ubuntu1                               deb          
+openresolv                                               3.12.0-2                                     deb          
+openssl                                                  3.0.2-0ubuntu1.15                            deb          
+passwd                                                   1:4.8.1-2ubuntu2.2                           deb          
+patch                                                    2.7.6-7build2                                deb          
+perl                                                     5.34.0-3ubuntu1.3                            deb          
+perl-base                                                5.34.0-3ubuntu1.3                            deb          
+perl-modules-5.34                                        5.34.0-3ubuntu1.3                            deb          
+pinentry-curses                                          1.1.1-1build2                                deb          
+pkg-config                                               0.29.2-1ubuntu3                              deb          
+procps                                                   2:3.3.17-6ubuntu2.1                          deb          
+publicsuffix                                             20211207.1025-1                              deb          
+python3                                                  3.10.6-1~22.04                               deb          
+python3-minimal                                          3.10.6-1~22.04                               deb          
+python3.10                                               3.10.12-1~22.04.3                            deb          
+python3.10-minimal                                       3.10.12-1~22.04.3                            deb          
+qrencode                                                 4.1.1-1                                      deb          
+readline-common                                          8.1.2-1                                      deb          
+rpcsvc-proto                                             1.4.2-0ubuntu6                               deb          
+sed                                                      4.8-1ubuntu2                                 deb          
+sensible-utils                                           0.0.17                                       deb          
+sigs.k8s.io/json                                         v0.0.0-20221116044647-bc3834ca7abd           go-module    
+sigs.k8s.io/structured-merge-diff/v4                     v4.2.3                                       go-module    
+sigs.k8s.io/yaml                                         v1.3.0                                       go-module    
+stdlib                                                   go1.20.7                                     go-module    
+sysvinit-utils                                           3.01-1ubuntu1                                deb          
+tar                                                      1.34+dfsg-1ubuntu0.1.22.04.2                 deb          
+tzdata                                                   2024a-0ubuntu0.22.04                         deb          
+ubuntu-keyring                                           2021.03.26                                   deb          
+usrmerge                                                 25ubuntu2                                    deb          
+util-linux                                               2.37.2-4ubuntu3.4                            deb          
+xz-utils                                                 5.2.5-2ubuntu1                               deb          
+zlib1g                                                   1:1.2.11.dfsg-2ubuntu9.2                     deb          
+zlib1g-dev                                               1:1.2.11.dfsg-2ubuntu9.2                     deb          

readme-vars.yml

@@ -11,13 +11,12 @@ project_lsio_github_repo_url: "https://github.com/linuxserver/docker-{{ project_
 available_architectures:
   - { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
   - { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
-  - { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
 
 # development version
 development_versions: true
 development_versions_items:
-  - { tag: "latest", desc: "Stable releases with support for compiling Wireguard modules" }
-  - { tag: "alpine", desc: "Stable releases based on Alpine *without* support for compiling Wireguard modules" }
+  - { tag: "latest", desc: "Stable releases based on Alpine *without* support for compiling Wireguard modules." }
+  - { tag: "legacy", desc: "Stable releases with support for compiling Wireguard modules for older kernels." }
 
 # container parameters
 common_param_env_vars_enabled: true
@@ -79,11 +78,13 @@ app_setup_block: |
 
   To display the QR codes of active peers again, you can use the following command and list the peer numbers as arguments: `docker exec -it wireguard /app/show-peer 1 4 5` or `docker exec -it wireguard /app/show-peer myPC myPhone myTablet` (Keep in mind that the QR codes are also stored as PNGs in the config folder).
 
-  The templates used for server and peer confs are saved under `/config/templates`. Advanced users can modify these templates and force conf generation by deleting `/config/wg0.conf` and restarting the container.
+  The templates used for server and peer confs are saved under `/config/templates`. Advanced users can modify these templates and force conf generation by deleting `/config/wg_confs/wg0.conf` and restarting the container.
+
+  The container managed server conf is hardcoded to `wg0.conf`. However, the users can add additional tunnel config files with `.conf` extensions into `/config/wg_confs/` and the container will attempt to start them all in alphabetical order. If any one of the tunnels fail, they will all be stopped and the default route will be deleted, requiring user intervention to fix the invalid conf and a container restart.
 
   ## Client Mode
 
-  Do not set the `PEERS` environment variable. Drop your client conf into the config folder as `/config/wg0.conf` and start the container.
+  Do not set the `PEERS` environment variable. Drop your client conf(s) into the config folder as `/config/wg_confs/<tunnel name>.conf` and start the container. If there are multiple tunnel configs, the container will attempt to start them all in alphabetical order. If any one of the tunnels fail, they will all be stopped and the default route will be deleted, requiring user intervention to fix the invalid conf and a container restart.
 
   If you get IPv6 related errors in the log and connection cannot be established, edit the `AllowedIPs` line in your peer/client wg0.conf to include only `0.0.0.0/0` and not `::/0`; and restart the container.
 
@@ -127,6 +128,9 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "03.10.23:", desc: "**Potentially Breaking Change:** Support for multiple interfaces added. Wireguard confs moved to `/config/wg_confs/`. Any file with a `.conf` extension in that folder will be treated as a live tunnel config and will be attempted to start. If any of the tunnels fail, all tunnels will be stopped. Tunnels are started in alphabetical order. Managed server conf will continue to be hardcoded to `wg0.conf`." }
+  - { date: "24.06.23:", desc: "Deprecate armhf as per [https://www.linuxserver.io/armhf](https://www.linuxserver.io/armhf)." }
+  - { date: "26.04.23:", desc: "Rework branches, swap alpine & ubuntu builds." }
   - { date: "28.01.23:", desc: "Patch wg-quick to suppress false positive sysctl warning." }
   - { date: "10.01.23:", desc: "Add new var to add `PersistentKeepalive` to server config for select peers to survive server IP changes when domain name is used." }
   - { date: "26.10.22:", desc: "Better handle unsupported peer names. Improve logging." }

root/app/show-peer

@@ -1,6 +1,7 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
-if [ ! $# -gt 0 ]; then
+if [[ ! $# -gt 0 ]]; then
   echo "You need to specify which peers to show"
   exit 0
 fi
@@ -12,10 +13,10 @@ for i in "$@"; do
     PEER_ID="peer_${i//[^[:alnum:]_-]/}"
   fi
 
-  if grep -q "# ${PEER_ID}" /config/wg0.conf; then
+  if grep -q "# ${PEER_ID}" /config/wg_confs/wg0.conf; then
     echo "PEER ${i} QR code:"
     qrencode -t ansiutf8 < /config/${PEER_ID}/${PEER_ID}.conf
   else
     echo "PEER ${i} is not active"
   fi
-done
+done

root/defaults/Corefile

@@ -2,4 +2,4 @@
     loop
     health
     forward . /etc/resolv.conf
-}
+}

root/defaults/peer.conf

@@ -8,4 +8,4 @@ DNS = ${PEERDNS}
 PublicKey = $(cat /config/server/publickey-server)
 PresharedKey = $(cat /config/${PEER_ID}/presharedkey-${PEER_ID})
 Endpoint = ${SERVERURL}:${SERVERPORT}
-AllowedIPs = ${ALLOWEDIPS}
+AllowedIPs = ${ALLOWEDIPS}

root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run

@@ -2,10 +2,15 @@
 # shellcheck shell=bash
 # shellcheck disable=SC2016,SC1091,SC2183
 
-# prepare symlinks
-rm -rf /etc/wireguard
-mkdir -p /etc/wireguard
-ln -s /config/wg0.conf /etc/wireguard/wg0.conf
+mkdir -p /config/wg_confs
+
+# migration to subfolder for wg confs
+if [[ -z "$(ls -A /config/wg_confs)" ]] && [[ -f /config/wg0.conf ]]; then
+    echo "**** Performing migration to new folder structure for confs. Please see the image changelog 2023-10-03 entry for more details. ****"
+    cp /config/wg0.conf /config/wg_confs/wg0.conf
+    rm -rf /config/wg0.conf || :
+fi
+
 # prepare templates
 if [[ ! -f /config/templates/server.conf ]]; then
     cp /defaults/server.conf /config/templates/server.conf
@@ -25,7 +30,7 @@ generate_confs () {
         wg genkey | tee /config/server/privatekey-server | wg pubkey > /config/server/publickey-server
     fi
     eval "$(printf %s)
-    cat <<DUDE > /config/wg0.conf
+    cat <<DUDE > /config/wg_confs/wg0.conf
 $(cat /config/templates/server.conf)
 
 DUDE"
@@ -65,7 +70,7 @@ DUDE"
 $(cat /config/templates/peer.conf)
 DUDE"
         # add peer info to server conf with presharedkey
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 [Peer]
 # ${PEER_ID}
 PublicKey = $(cat "/config/${PEER_ID}/publickey-${PEER_ID}")
@@ -79,7 +84,7 @@ DUDE
 $(sed '/PresharedKey/d' "/config/templates/peer.conf")
 DUDE"
         # add peer info to server conf without presharedkey
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 [Peer]
 # ${PEER_ID}
 PublicKey = $(cat "/config/${PEER_ID}/publickey-${PEER_ID}")
@@ -89,22 +94,22 @@ DUDE
       # add peer's allowedips to server conf
       if [[ -n "${!SERVER_ALLOWEDIPS}" ]]; then
         echo "Adding ${!SERVER_ALLOWEDIPS} to wg0.conf's AllowedIPs for peer ${i}"
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 AllowedIPs = ${CLIENT_IP}/32,${!SERVER_ALLOWEDIPS}
 DUDE
       else
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 AllowedIPs = ${CLIENT_IP}/32
 DUDE
       fi
       # add PersistentKeepalive if the peer is specified
       if [[ -n "${PERSISTENTKEEPALIVE_PEERS_ARRAY}" ]] && ([[ "${PERSISTENTKEEPALIVE_PEERS_ARRAY[0]}" = "all" ]] || printf '%s\0' "${PERSISTENTKEEPALIVE_PEERS_ARRAY[@]}" | grep -Fxqz -- "${i}"); then
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 PersistentKeepalive = 25
 
 DUDE
       else
-        cat <<DUDE >> /config/wg0.conf
+        cat <<DUDE >> /config/wg_confs/wg0.conf
 
 DUDE
       fi
@@ -161,7 +166,7 @@ if [[ -n "$PEERS" ]]; then
     else
         echo "**** Peer DNS servers will be set to $PEERDNS ****"
     fi
-    if [[ ! -f /config/wg0.conf ]]; then
+    if [[ ! -f /config/wg_confs/wg0.conf ]]; then
         echo "**** No wg0.conf found (maybe an initial install), generating 1 server and ${PEERS} peer/client confs ****"
         generate_confs
         save_vars
@@ -180,10 +185,7 @@ if [[ -n "$PEERS" ]]; then
     fi
 else
     echo "**** Client mode selected. ****"
-    if [[ ! -f /config/wg0.conf ]]; then
-        echo "**** No client conf found. Provide your own client conf as \"/config/wg0.conf\" and restart the container. ****"
-        sleep infinity
-    fi
+    USE_COREDNS="${USE_COREDNS,,}"
     printf %s "${USE_COREDNS:-false}" > /run/s6/container_environment/USE_COREDNS
 fi
 

root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/type

@@ -1 +1 @@
-oneshot
+oneshot

root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/up

@@ -1 +1 @@
-/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
+/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run

root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run

@@ -1,4 +1,5 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
 mkdir -p /config/{templates,coredns}
 

root/etc/s6-overlay/s6-rc.d/init-wireguard-module/type

@@ -1 +1 @@
-oneshot
+oneshot

root/etc/s6-overlay/s6-rc.d/init-wireguard-module/up

@@ -1 +1 @@
-/etc/s6-overlay/s6-rc.d/init-wireguard-module/run
+/etc/s6-overlay/s6-rc.d/init-wireguard-module/run

root/etc/s6-overlay/s6-rc.d/svc-coredns/notification-fd

@@ -1 +1 @@
-3
+3

root/etc/s6-overlay/s6-rc.d/svc-coredns/run

@@ -1,4 +1,5 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
 if netstat -apn | grep -q ":53 "; then
     USE_COREDNS="false"

root/etc/s6-overlay/s6-rc.d/svc-coredns/type

@@ -1 +1 @@
-longrun
+longrun

root/etc/s6-overlay/s6-rc.d/svc-wireguard/down

@@ -1 +1 @@
-/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
+/etc/s6-overlay/s6-rc.d/svc-wireguard/finish

root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish

@@ -1,3 +1,12 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
-wg-quick down wg0
+if [[ -f "/app/activeconfs" ]]; then
+    . /app/activeconfs
+    for tunnel in $(printf '%s\n' "${WG_CONFS[@]}" | tac | tr '\n' ' '; echo); do
+        echo "**** Disabling tunnel ${tunnel} ****"
+        wg-quick down "${tunnel}" || :
+    done
+    echo "**** All tunnels are down ****"
+    rm -rf /app/activeconfs
+fi

root/etc/s6-overlay/s6-rc.d/svc-wireguard/run

@@ -1,3 +1,46 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
 
-wg-quick up wg0
+unset WG_CONFS
+rm -rf /app/activeconfs
+# Enumerate interfaces
+for wgconf in $(ls /config/wg_confs/*.conf); do
+    if grep -q "\[Interface\]" "${wgconf}"; then
+        echo "**** Found WG conf ${wgconf}, adding to list ****"
+        WG_CONFS+=("${wgconf}")
+    else
+        echo "**** Found WG conf ${wgconf}, but it doesn't seem to be valid, skipping. ****"
+    fi
+done
+
+if [[ -z "${WG_CONFS}" ]]; then
+    echo "**** No valid tunnel config found. Please create a valid config and restart the container ****"
+    ip route del default
+    exit 0
+fi
+
+unset FAILED
+for tunnel in ${WG_CONFS[@]}; do
+    echo "**** Activating tunnel ${tunnel} ****"
+    if ! wg-quick up "${tunnel}"; then
+      FAILED="${tunnel}"
+      break
+    fi
+done
+
+if [[ -z "${FAILED}" ]]; then
+    declare -p WG_CONFS > /app/activeconfs
+    echo "**** All tunnels are now active ****"
+else
+    echo "**** Tunnel ${FAILED} failed, will stop all others! ****"
+    for tunnel in ${WG_CONFS[@]}; do
+        if [[ "${tunnel}" = "${FAILED}" ]]; then
+            break
+        else
+            echo "**** Disabling tunnel ${tunnel} ****"
+            wg-quick down "${tunnel}" || :
+        fi
+    done
+    ip route del default
+    echo "**** All tunnels are now down. Please fix the tunnel config ${FAILED} and restart the container ****"
+fi

root/etc/s6-overlay/s6-rc.d/svc-wireguard/type

@@ -1 +1 @@
-oneshot
+oneshot

root/etc/s6-overlay/s6-rc.d/svc-wireguard/up

@@ -1 +1 @@
-/etc/s6-overlay/s6-rc.d/svc-wireguard/run
+/etc/s6-overlay/s6-rc.d/svc-wireguard/run