Docker & container Wireguard

Pagina: 1
Acties:

Onderwerpen

Vraag


Acties:
  • 0 Henk 'm!

  • CAD-tekenaar
  • Registratie: November 2008
  • Laatst online: 06-06 21:44
Ik heb container Wireguard gemaakt via docker run.
Maar ik zie verschillende foutmeldingen in de log die ik niet kan oplossen.

code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-envfile: executing... ,
[cont-init.d] 01-envfile: exited 0.,
[cont-init.d] 10-adduser: executing... ,
usermod: no changes,
,
-------------------------------------,
          _         (),
         | |  ___   _    __,
         | | / __| | |  /  \ ,
         | | \__ \ | | | () |,
         |_| |___/ |_|  \__/,
,
,
Brought to you by linuxserver.io,
-------------------------------------,
,
To support the app dev(s) visit:,
WireGuard: https://www.wireguard.com/donations/,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 30-config: executing... ,
Hit:1 http://archive.raspberrypi.org/debian buster InRelease,
Hit:2 http://ports.ubuntu.com/ubuntu-ports bionic InRelease,
Hit:3 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease,
Get:4 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease [88.7 kB],
Get:5 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease [74.6 kB],
Get:6 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease [88.7 kB],
Get:7 http://ports.ubuntu.com/ubuntu-ports bionic-updates/main armhf Packages [813 kB],
Get:8 http://ports.ubuntu.com/ubuntu-ports bionic-updates/universe armhf Packages [1,163 kB],
Get:9 http://ports.ubuntu.com/ubuntu-ports bionic-security/main armhf Packages [547 kB],
Fetched 2,775 kB in 3s (882 kB/s),
Reading package lists...,
Raspbian kernel naming convention detected, attempting to install raspbian kernel headers,
Warning: apt-key output should not be parsed (stdout is not a terminal),
OK,
Hit:1 http://ports.ubuntu.com/ubuntu-ports bionic InRelease,
Hit:2 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease,
Hit:3 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease,
Hit:4 http://archive.raspberrypi.org/debian buster InRelease,
Hit:5 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease,
Hit:6 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease,
Reading package lists...,
Reading package lists...,
Building dependency tree...,
Reading state information...,
raspberrypi-kernel-headers is already the newest version (1.20200601-1).,
wireguard is already the newest version (1.0.20200513-1~18.04).,
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.,
1 not fully installed or removed.,
After this operation, 0 B of additional disk space will be used.,
Setting up flash-kernel (3.98ubuntu11~18.04.1) ...
,
flash-kernel: deferring update (trigger activated)
,
Processing triggers for flash-kernel (3.98ubuntu11~18.04.1) ...
,
Unsupported platform.
,
dpkg: error processing package flash-kernel (--configure):
,
 installed flash-kernel package post-installation script subprocess returned error exit status 1
,
Errors were encountered while processing:
,
 flash-kernel
,
E: Sub-process /usr/bin/dpkg returned an error code (1),
Server mode is selected,
External server address is set to ****.duckdns.org,
External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container,
Internal subnet is set to 10.13.13.0,
PEERDNS var is either not set or is set to "auto", setting peer DNS to 10.13.13.1 to use wireguard docker host's DNS.,
Server mode is selected,
No changes to parameters. Existing configs are used.,
[cont-init.d] 30-config: exited 0.,
[cont-init.d] 99-custom-scripts: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-scripts: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
[#] ip link add wg0 type wireguard,
RTNETLINK answers: Operation not supported,
Unable to access interface: Protocol not supported,
[#] ip link delete dev wg0,
Cannot find device "wg0",
.:53,
CoreDNS-1.6.9,
linux/arm, go1.14.1, 1766568,
Caught SIGTERM signal!,
wg-quick: `wg0' is not a WireGuard interface,
[#] ip link add wg0 type wireguard,
RTNETLINK answers: Operation not supported,
Unable to access interface: Protocol not supported,
[#] ip link delete dev wg0,
Cannot find device "wg0",


Docker draait op raspberry 3B+.
Container Wireguard heb ik (met user 'pi') gestart met:
docker pull linuxserver/wireguard
docker run \
--name=wireguard \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Europe/Amsterdam \
-e SERVERURL=[mijn.duckdns.org] \
-e SERVERPORT=51820 \
-e PEERS=1 \
-e PEERDNS=auto \
-p 51820:51820/udp \
-v /home/pi/wireguard/config:/config \
-v /home/pi/wireguard/modules:/lib/modules \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart unless-stopped \
linuxserver/wireguard:arm32v7-latest

Bron: https://hub.docker.com/r/linuxserver/wireguard
Poort 51820 is geforward.
OS: Raspbian Buster (32-bit)
Portainer heb ik ook geinstalleerd.

Volgens de bron hoef ik niets meer in te stellen.
Toch zie ik foutmeldingen over kernel, interface, protocol en device wg0.

Wie kan me helpen wat hier fout gaat?

Alle reacties


Acties:
  • 0 Henk 'm!

  • DaFeliX
  • Registratie: December 2002
  • Laatst online: 06-06 13:01

DaFeliX

Tnet Devver
Welke host os draai je? Raspbian of Ubuntu?
With regards to arm32/64 devices, Raspberry Pi 2-4 running the official ubuntu images prior to focal or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping /usr/src:/usr/src and it may just work (no guarantees).

Einstein: Mijn vrouw begrijpt me niet


Acties:
  • 0 Henk 'm!

  • patviev
  • Registratie: Januari 2004
  • Laatst online: 05-06 19:05
Kloppen je puid en guid? Zie deze site om te controleren of beide 1000 zijn. https://www.geeksforgeeks...d-in-linux-with-examples/

Acties:
  • 0 Henk 'm!

  • CAD-tekenaar
  • Registratie: November 2008
  • Laatst online: 06-06 21:44
DaFeliX schreef op dinsdag 23 juni 2020 @ 07:19:
Welke host os draai je? Raspbian of Ubuntu?


[...]
Host OS = Raspbian Buster
code:
1
2
pi@raspberrypi3b-plus:~ $ uname -a
Linux raspberrypi3b-plus 4.19.118-v7+ #1311 SMP Mon Apr 27 14:21:24 BST 2020 armv7l GNU/Linux

[ Voor 5% gewijzigd door CAD-tekenaar op 23-06-2020 08:08 ]


Acties:
  • 0 Henk 'm!

  • CAD-tekenaar
  • Registratie: November 2008
  • Laatst online: 06-06 21:44
patviev schreef op dinsdag 23 juni 2020 @ 07:24:
Kloppen je puid en guid? Zie deze site om te controleren of beide 1000 zijn. https://www.geeksforgeeks...d-in-linux-with-examples/
Ja die kloppen.
code:
1
2
pi@raspberrypi3b-plus:~ $ id pi
UID=1000(pi) GID=1000(pi) groepen=1000(pi),4(adm),20(dialout),24(cdrom),27(sudo),29(audio),44(video),46(plugdev),60(games),100(users),105(input),109(netdev),999(spi),998(i2c),997(gpio),995(docker)

Acties:
  • 0 Henk 'm!

  • patviev
  • Registratie: Januari 2004
  • Laatst online: 05-06 19:05
Op GitHub is ook een melding te vinden over een probleem met de flash-kernel. https://github.com/TheRem...pi4-unofficial/issues/112

Waarbij iemand als oplossing het volgende schrijft
code:
1
apt-mark hold flash-kernel

Acties:
  • 0 Henk 'm!

  • CAD-tekenaar
  • Registratie: November 2008
  • Laatst online: 06-06 21:44
patviev schreef op dinsdag 23 juni 2020 @ 08:29:
Op GitHub is ook een melding te vinden over een probleem met de flash-kernel. https://github.com/TheRem...pi4-unofficial/issues/112

Waarbij iemand als oplossing het volgende schrijft
code:
1
apt-mark hold flash-kernel
Je regel 'apt-mark hold flash-kernel' ingevoerd in CLI met root-rechten en RP3B+ herstart.
(Werkt je oplossing ook voor de RP3B+ ?)
Container wireguard herstart.
Dit zijn de logs.
code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
[INFO] SIGTERM: Shutting down servers then terminating,
Caught SIGTERM signal!,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] done.,
[s6-finish] waiting for services.,
wg-quick: `wg0' is not a WireGuard interface,
[s6-finish] sending all processes the TERM signal.,
[s6-finish] sending all processes the KILL signal and exiting.,
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-envfile: executing... ,
[cont-init.d] 01-envfile: exited 0.,
[cont-init.d] 10-adduser: executing... ,
usermod: no changes,
,
-------------------------------------,
          _         (),
         | |  ___   _    __,
         | | / __| | |  /  \ ,
         | | \__ \ | | | () |,
         |_| |___/ |_|  \__/,
,
,
Brought to you by linuxserver.io,
-------------------------------------,
,
To support the app dev(s) visit:,
WireGuard: https://www.wireguard.com/donations/,
,
To support LSIO projects visit:,
https://www.linuxserver.io/donate/,
-------------------------------------,
GID/UID,
-------------------------------------,
,
User uid:    1000,
User gid:    1000,
-------------------------------------,
,
[cont-init.d] 10-adduser: exited 0.,
[cont-init.d] 30-config: executing... ,
Hit:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease,
Hit:2 http://ports.ubuntu.com/ubuntu-ports bionic InRelease,
Hit:3 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease,
Hit:4 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease,
Hit:5 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease,
Hit:6 http://archive.raspberrypi.org/debian buster InRelease,
Reading package lists...,
Raspbian kernel naming convention detected, attempting to install raspbian kernel headers,
Warning: apt-key output should not be parsed (stdout is not a terminal),
OK,
Hit:1 http://ppa.launchpad.net/wireguard/wireguard/ubuntu bionic InRelease,
Hit:2 http://ports.ubuntu.com/ubuntu-ports bionic InRelease,
Hit:3 http://ports.ubuntu.com/ubuntu-ports bionic-updates InRelease,
Hit:4 http://ports.ubuntu.com/ubuntu-ports bionic-backports InRelease,
Hit:5 http://archive.raspberrypi.org/debian buster InRelease,
Hit:6 http://ports.ubuntu.com/ubuntu-ports bionic-security InRelease,
Reading package lists...,
Reading package lists...,
Building dependency tree...,
Reading state information...,
raspberrypi-kernel-headers is already the newest version (1.20200601-1).,
wireguard is already the newest version (1.0.20200513-1~18.04).,
0 upgraded, 0 newly installed, 0 to remove and 6 not upgraded.,
1 not fully installed or removed.,
After this operation, 0 B of additional disk space will be used.,
Setting up flash-kernel (3.98ubuntu11~18.04.1) ...
,
flash-kernel: deferring update (trigger activated)
,
Processing triggers for flash-kernel (3.98ubuntu11~18.04.1) ...
,
Unsupported platform.
,
dpkg: error processing package flash-kernel (--configure):
,
 installed flash-kernel package post-installation script subprocess returned error exit status 1
,
Errors were encountered while processing:
,
 flash-kernel
,
E: Sub-process /usr/bin/dpkg returned an error code (1),
Server mode is selected,
External server address is set to wireguard-martin.duckdns.org,
External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container,
Internal subnet is set to 10.13.13.0,
PEERDNS var is either not set or is set to "auto", setting peer DNS to 10.13.13.1 to use wireguard docker host's DNS.,
Server mode is selected,
No changes to parameters. Existing configs are used.,
[cont-init.d] 30-config: exited 0.,
[cont-init.d] 99-custom-scripts: executing... ,
[custom-init] no custom files found exiting...,
[cont-init.d] 99-custom-scripts: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
[services.d] done.,
.:53,
CoreDNS-1.6.9,
linux/arm, go1.14.1, 1766568,
[#] ip link add wg0 type wireguard,
RTNETLINK answers: Operation not supported,
Unable to access interface: Protocol not supported,
[#] ip link delete dev wg0,
Cannot find device "wg0",


Klopt het dat ik geen verschil zie? (de fouten blijven aanwezig)

Acties:
  • 0 Henk 'm!

  • CAD-tekenaar
  • Registratie: November 2008
  • Laatst online: 06-06 21:44
Kernel heb ik ook geupdate.
code:
1
2
3
4
pi@raspberrypi3b-plus:~ $ ls /lib/modules
4.19.118+  4.19.118-v7+  4.19.118-v7l+  4.19.118-v8+  5.3.0-1027-raspi2
pi@raspberrypi3b-plus:~ $ uname -a
Linux raspberrypi3b-plus 4.19.118-v7+ #1311 SMP Mon Apr 27 14:21:24 BST 2020 armv7l GNU/Linux


Foutmeldingen blijven.
Iemand nog ideeen wat de oplossing is?
Pagina: 1