-
-
Notifications
You must be signed in to change notification settings - Fork 209
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker served on an unreliable site #326
Comments
I found your commit proposing a new docker container. Here are the errors I get now:
Using this config:
I'm a bit confused what we want for the port (it feels like we want to use the same one as is installed on the host). |
Are you trying to wireguard from inside the container? I'd prefer to run it on my host for maximum stability and just run the web interface VIA docker. Is this possible? |
Hello @hoggatt, thanks for notificing I was just yesterday busy with moving my efforts to Docker Hub, instead of my homelab, which is repo.nerthus.nl. I will keep you updated. For the errors, please provide some context. |
Hopefully my other comments add some context. Biggest question I have: is the docker container meant to be just the wireguard dashboard, or is it meant to run wireguard itself + the dashboard? It's just not 100% clear which is the goal. |
The container has the wireguard and wireguard-tools package installed, with WGDashboard on op. You were right. My server hang itself and it now back but this ideally should not be the option, pulling its latest image from my server and pushing it to Docker Hub under a specific label, I keep you updated. I've reread your question and if you already have wireguard installed on your system, you can pass the configurations from the host to the container. In the volumes, remove the conf entry and replace it with /etc/wireguard:/etc/wireguard this maps the host directory on the host to the container. |
@hoggatt please check the new image I am working on called I am using this compose to deploy it:
Adjust the volumes as needed, but to disable the usage of WireGuard itself, I need to look into that. |
Thanks for the update. Here's my config:
And here is the log. Seems to be having issues with
The shared folder I'm using on my system does exist, but is empty. |
A potential concern people may have with hosting wirguard in this container is updates. Wireguard is a critical piece of security software for many, and if a vulnerability is discovered this docker container would need to be updated immediately. That's taking on quite a bit of risk unless that container is auto-updated each time wireguard gets updated. Having the option to use the host's wireguard would solve this issue, but I'm not sure if WGDshboard can communicate with wireguard from inside a docker container since it won't have access to system commands like |
Essential security can be handled by going into the container itself, but you are right. i need to setup some auto building. |
@hoggatt just pushed a new Docker Image version, can you test with that? |
Works now with my config! Logs look good. Is there a reason you recommend making a volume for |
Having it auto-build when a new wireguard debian package update occurrs would be ideal. But maybe just building twice a day using a schedule trigger OR when there is a push to the master branch would be sufficient. I'm not sure there's an easy way to trigger a build when a Debian package is updated. Update, I'm asking how they solve this issue here: wg-easy/wg-easy#302. Could be worthwhile. |
Hey @hoggatt you are right. Going to test with this, the way I just made a volume of the entire directory was because I did not know yet how WGDash precisely stores values. Going to test, watch my fork! |
True, and with only the persistency down to two volumes updating will be much easier. Keep you posted or if you have suggestions you can always submit some work! Make sure you document it well, though! |
For @DaanSelen
The site hosting docker is down:
I get this error when pulling docker:
I'd strongly recommend hosting the docker repo on github since it is a more reliable service.
The text was updated successfully, but these errors were encountered: