Open
Description
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
I am attempting to import a file named client.conf into the Android WireGuard app and it is failing with the message "Unable to Import Tunnel: Unknown Attribute in Interface". I am using a fresh install of this container with the following docker-compose:
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=995
- PGID=988
- TZ=Etc/UTC
- SERVERURL=wireguard.local #optional
- SERVERPORT=51820 #optional
- PEERS=1 #optional
- PEERDNS=192.168.1.2 #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS= #optional
- LOG_CONFS=true #optional
volumes:
- /docker/containers/wireguardvpn/config:/config
- /lib/modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
This config should be the default with the exception of custom DNS servers. I logged into the container, navigated to /config/wg_confs and catted wg0.conf.
I copied the output into a text file via Notepad++ and saved the file as client.conf (not sure if this is right but the only file I found that looks like its right)
The client.conf contents are as follows:
[Interface]
Address = 10.13.13.1
ListenPort = 51820
PrivateKey = ******
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE
[Peer]
peer1
PublicKey = *******
PresharedKey = ******
AllowedIPs = 10.13.13.2/32
I uploaded this file to Google Drive to easily import it into the WireGuard Android app. When trying to import the file, I get the aforementioned error.
Expected Behavior
I expect to be able to import wg0.conf file obtained from the WireGuard container.
Steps To Reproduce
- Run the container with the compose file shown above.
- Log into the container
- Cat /config/wg_confs/wg0.conf
- Copy the output to Notepad++ and save file as *.conf
- Copy this file to Google Drive
- Download the WireGuard Android App
- Use the import file option in the App to attempt the file import
Environment
- OS: Ubuntu 24.04.2 LTS
- How docker service was installed: apt, docker-composeCPU architecture
x86-64
Docker creation
docker-compose up -d:
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=995
- PGID=988
- TZ=Etc/UTC
- SERVERURL=wireguard.local #optional
- SERVERPORT=51820 #optional
- PEERS=1 #optional
- PEERDNS=192.168.1.2 #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS= #optional
- LOG_CONFS=true #optional
volumes:
- /docker/containers/wireguardvpn/config:/config
- /lib/modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stoppedContainer logs
root@tinysvr:/docker/containers/wireguardvpn# docker logs wireguard
[migrations] started
[migrations] no migrations found
───────────────────────────────────────
██╗ ███████╗██╗ ██████╗
██║ ██╔════╝██║██╔═══██╗
██║ ███████╗██║██║ ██║
██║ ╚════██║██║██║ ██║
███████╗███████║██║╚██████╔╝
╚══════╝╚══════╝╚═╝ ╚═════╝
Brought to you by linuxserver.io
───────────────────────────────────────
To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID: 995
User GID: 988
───────────────────────────────────────
Linuxserver.io version: 1.0.20210914-r4-ls70
Build-date: 2025-02-20T11:23:26+00:00
───────────────────────────────────────
Uname info: Linux a5aa1366b4b3 6.8.0-53-generic #55-Ubuntu SMP PREEMPT_DYNAMIC Fri Jan 17 15:37:52 UTC 2025 x86_64 GNU/Linux
**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
**** As the wireguard module is already active you can remove the SYS_MODULE capability from your container run/compose. ****
**** If your host does not automatically load the iptables module, you may still need the SYS_MODULE capability. ****
**** Server mode is selected ****
**** External server address is set to wireguard.local ****
**** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
**** Internal subnet is set to 10.13.13.0 ****
**** AllowedIPs for peers 0.0.0.0/0 ****
**** Peer DNS servers will be set to 192.168.1.2 ****
**** No wg0.conf found (maybe an initial install), generating 1 server and 1 peer/client confs ****
PEER 1 QR code (conf file is saved under /config/peer1):
<!!!!! REMOVED QR CODE !!!!!>
[custom-init] No custom files found, skipping...
.:53
CoreDNS-1.11.3
linux/amd64, go1.21.8,
**** Found WG conf /config/wg_confs/wg0.conf, adding to list ****
**** Activating tunnel /config/wg_confs/wg0.conf ****
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.13.13.1 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] ip -4 route add 10.13.13.2/32 dev wg0
[#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
**** All tunnels are now active ****
[ls.io-init] done.
**** Disabling tunnel /config/wg_confs/wg0.conf ****
[#] ip link delete dev wg0
[#] iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth+ -j MASQUERADE
**** All tunnels are down ****
[INFO] SIGTERM: Shutting down servers then terminating
[migrations] started
[migrations] no migrations found
usermod: no changes
───────────────────────────────────────
██╗ ███████╗██╗ ██████╗
██║ ██╔════╝██║██╔═══██╗
██║ ███████╗██║██║ ██║
██║ ╚════██║██║██║ ██║
███████╗███████║██║╚██████╔╝
╚══════╝╚══════╝╚═╝ ╚═════╝
Brought to you by linuxserver.io
───────────────────────────────────────
To support the app dev(s) visit:
WireGuard: https://www.wireguard.com/donations/
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID: 995
User GID: 988
───────────────────────────────────────
Linuxserver.io version: 1.0.20210914-r4-ls70
Build-date: 2025-02-20T11:23:26+00:00
───────────────────────────────────────
Uname info: Linux a5aa1366b4b3 6.8.0-53-generic #55-Ubuntu SMP PREEMPT_DYNAMIC Fri Jan 17 15:37:52 UTC 2025 x86_64 GNU/Linux
**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****
**** As the wireguard module is already active you can remove the SYS_MODULE capability from your container run/compose. ****
**** If your host does not automatically load the iptables module, you may still need the SYS_MODULE capability. ****
**** Server mode is selected ****
**** External server address is set to wireguard.local ****
**** External server port is set to 51820. Make sure that port is properly forwarded to port 51820 inside this container ****
**** Internal subnet is set to 10.13.13.0 ****
**** AllowedIPs for peers 0.0.0.0/0 ****
**** Peer DNS servers will be set to 192.168.1.2 ****
**** Server mode is selected ****
**** No changes to parameters. Existing configs are used. ****
[custom-init] No custom files found, skipping...
.:53
CoreDNS-1.11.3
linux/amd64, go1.21.8,
**** Found WG conf /config/wg_confs/wg0.conf, adding to list ****
**** Activating tunnel /config/wg_confs/wg0.conf ****
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.13.13.1 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] ip -4 route add 10.13.13.2/32 dev wg0
[#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth+ -j MASQUERADE
**** All tunnels are now active ****
[ls.io-init] done.Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Status
Issues