From 06639679336bd7b277ff34157934b17f6fa9c57d Mon Sep 17 00:00:00 2001 From: al-lac Date: Mon, 23 Jun 2025 22:06:41 +0200 Subject: [PATCH 1/3] Update wireguard to 15.0.0 --- wireguard/docker-compose.yml | 5 +++-- wireguard/umbrel-app.yml | 19 ++++++++++++++++--- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/wireguard/docker-compose.yml b/wireguard/docker-compose.yml index 144943fb33..c3d6753b56 100644 --- a/wireguard/docker-compose.yml +++ b/wireguard/docker-compose.yml @@ -7,13 +7,14 @@ services: APP_PORT: 51821 app: - image: ghcr.io/wg-easy/wg-easy:14@sha256:f6c2587da3fdc9d5927743fb4a92cff42d690b182396ffd0cdad034becb41053 + image: ghcr.io/wg-easy/wg-easy:15@sha256:07ed8f95eeeb4082c2e6afe3f5f3991723f496a21dd2dc25860b119a728b9ab0 restart: on-failure stop_grace_period: 1m ports: - "51820:51820/udp" volumes: - ${APP_DATA_DIR}/data/wireguard:/etc/wireguard + - /lib/modules:/lib/modules environment: WG_HOST: ${DEVICE_DOMAIN_NAME} cap_add: @@ -21,4 +22,4 @@ services: - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - - net.ipv4.conf.all.src_valid_mark=1 \ No newline at end of file + - net.ipv4.conf.all.src_valid_mark=1 diff --git a/wireguard/umbrel-app.yml b/wireguard/umbrel-app.yml index 831413a340..22fec56557 100644 --- a/wireguard/umbrel-app.yml +++ b/wireguard/umbrel-app.yml @@ -3,7 +3,7 @@ id: wireguard name: WireGuard tagline: Run your own free and unlimited WireGuard VPN category: networking -version: "14" +version: "15.0.0" port: 51821 description: >- WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. @@ -46,7 +46,20 @@ description: >- If you scan the QR code or download the configuration file, make sure to change the hostname to your device's domain name or public IP address. releaseNotes: >- - This release upgrades WireGuard Easy to version 14. + ⚠️ This is a major rewrite with breaking changes. We recommend starting from scratch and importing your existing configurations. + + + This update brings significant improvements including: + - New and improved user interface + - IPv6 support + - CIDR support + - Two-factor authentication using TOTP + - Improved mobile support + - Enhanced security with API authentication + - Better documentation + + + Full release notes are found at https://github.com/wg-easy/wg-easy/releases dependencies: [] developer: Emile Nijssen website: https://github.com/wg-easy/wg-easy @@ -58,4 +71,4 @@ gallery: - 1.jpg - 2.jpg - 3.jpg -path: "" \ No newline at end of file +path: "" From 505393fc6a914254a375a4979e0d6a5bf7930833 Mon Sep 17 00:00:00 2001 From: al-lac Date: Mon, 23 Jun 2025 22:52:18 +0200 Subject: [PATCH 2/3] Add new env variables and default credentials to wireguard --- wireguard/docker-compose.yml | 17 +++++++++++++++-- wireguard/umbrel-app.yml | 2 ++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/wireguard/docker-compose.yml b/wireguard/docker-compose.yml index c3d6753b56..30370eebb5 100644 --- a/wireguard/docker-compose.yml +++ b/wireguard/docker-compose.yml @@ -7,7 +7,7 @@ services: APP_PORT: 51821 app: - image: ghcr.io/wg-easy/wg-easy:15@sha256:07ed8f95eeeb4082c2e6afe3f5f3991723f496a21dd2dc25860b119a728b9ab0 + image: ghcr.io/wg-easy/wg-easy:15.0.0@sha256:07ed8f95eeeb4082c2e6afe3f5f3991723f496a21dd2dc25860b119a728b9ab0 restart: on-failure stop_grace_period: 1m ports: @@ -16,10 +16,23 @@ services: - ${APP_DATA_DIR}/data/wireguard:/etc/wireguard - /lib/modules:/lib/modules environment: - WG_HOST: ${DEVICE_DOMAIN_NAME} + INIT_ENABLED: 'true' + INIT_USERNAME: umbrel + INIT_PASSWORD: ${APP_PASSWORD} + INIT_PORT: 51820 + INIT_HOST: ${DEVICE_DOMAIN_NAME} + INIT_DNS: 1.1.1.1,8.8.8.8 + INIT_IPV4_CIDR: 10.8.0.0/24 + INIT_IPV6_CIDR: fd00:8::/64 + PORT: 51821 + HOST: 0.0.0.0 + INSECURE: 'true' cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 + - net.ipv6.conf.all.disable_ipv6=0 + - net.ipv6.conf.all.forwarding=1 + - net.ipv6.conf.default.forwarding=1 diff --git a/wireguard/umbrel-app.yml b/wireguard/umbrel-app.yml index 22fec56557..d6b9c0cbee 100644 --- a/wireguard/umbrel-app.yml +++ b/wireguard/umbrel-app.yml @@ -72,3 +72,5 @@ gallery: - 2.jpg - 3.jpg path: "" +deterministicPassword: true +defaultUsername: umbrel From 1dd2fd942834b77c59b2940cb8e5ea755db0630f Mon Sep 17 00:00:00 2001 From: al-lac Date: Mon, 23 Jun 2025 22:57:26 +0200 Subject: [PATCH 3/3] Update wireguard release notes --- wireguard/umbrel-app.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wireguard/umbrel-app.yml b/wireguard/umbrel-app.yml index d6b9c0cbee..b5c7fd6709 100644 --- a/wireguard/umbrel-app.yml +++ b/wireguard/umbrel-app.yml @@ -46,7 +46,7 @@ description: >- If you scan the QR code or download the configuration file, make sure to change the hostname to your device's domain name or public IP address. releaseNotes: >- - ⚠️ This is a major rewrite with breaking changes. We recommend starting from scratch and importing your existing configurations. + 🚨 This is a major rewrite with breaking changes and resets your clients. Please take a backup of your configuration before updating. This update brings significant improvements including: