Skip to content

Commit

Permalink
Merge pull request #414 from DaanSelen/main
Browse files Browse the repository at this point in the history
Second try. Merged Docker update.
  • Loading branch information
DaanSelen authored Oct 3, 2024
2 parents e04b748 + 145d12b commit 392a9c6
Show file tree
Hide file tree
Showing 15 changed files with 62 additions and 592 deletions.
86 changes: 57 additions & 29 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,31 +1,59 @@
# Pull from small Debian stable image.
FROM alpine:latest AS builder

FROM alpine:latest AS build
LABEL maintainer="[email protected]"

WORKDIR /opt/wireguarddashboard/src

RUN apk update && \
apk add --no-cache sudo gcc musl-dev rust cargo linux-headers

COPY ./docker/alpine/builder.sh /opt/wireguarddashboard/src/
COPY ./docker/alpine/requirements.txt /opt/wireguarddashboard/src/
RUN chmod u+x /opt/wireguarddashboard/src/builder.sh
RUN /opt/wireguarddashboard/src/builder.sh


FROM alpine:latest
WORKDIR /opt/wireguarddashboard/src

COPY ./src /opt/wireguarddashboard/src/
COPY --from=builder /opt/wireguarddashboard/src/venv /opt/wireguarddashboard/src/venv
COPY --from=builder /opt/wireguarddashboard/src/log /opt/wireguarddashboard/src/log/

RUN apk update && \
apk add --no-cache wireguard-tools sudo && \
apk add --no-cache iptables ip6tables && \
chmod u+x /opt/wireguarddashboard/src/entrypoint.sh

HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 CMD curl -f http://localhost:10086/signin || exit 1

ENTRYPOINT ["/opt/wireguarddashboard/src/entrypoint.sh"]
# Declaring environment variables, change Peernet to an address you like, standard is a 24 bit subnet.
ARG wg_net="10.0.0.1"
ARG wg_port="51820"

# Following ENV variables are changable on container runtime because /entrypoint.sh handles that. See compose.yaml for more info.
ENV TZ="Europe/Amsterdam"
ENV global_dns="1.1.1.1"
ENV enable="none"
ENV isolate="wg0"
ENV public_ip="0.0.0.0"

# Doing package management operations, such as upgrading
RUN apk update \
&& apk add --no-cache bash git tzdata \
iptables ip6tables openrc curl wireguard-tools \
sudo py3-psutil py3-bcrypt

# Using WGDASH -- like wg_net functionally as a ARG command. But it is needed in entrypoint.sh so it needs to be exported as environment variable.
ENV WGDASH=/opt/wireguarddashboard

# Removing the Linux Image package to preserve space on the image, for this reason also deleting apt lists, to be able to install packages: run apt update.

# Doing WireGuard Dashboard installation measures. Modify the git clone command to get the preferred version, with a specific branch for example.
RUN mkdir -p /setup/conf && mkdir /setup/app && mkdir ${WGDASH}
COPY ./src /setup/app/src

# Set the volume to be used for WireGuard configuration persistency.
VOLUME /etc/wireguard
VOLUME ${WGDASH}

# Generate basic WireGuard interface. Echoing the WireGuard interface config for readability, adjust if you want it for efficiency.
# Also setting the pipefail option, verbose: https://github.com/hadolint/hadolint/wiki/DL4006.
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN out_adapt=$(ip -o -4 route show to default | awk '{print $NF}') \
&& echo -e "[Interface]\n\
Address = ${wg_net}/24\n\
PrivateKey =\n\
PostUp = iptables -t nat -I POSTROUTING 1 -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE\n\
PostUp = iptables -I FORWARD -i wg0 -o wg0 -j DROP\n\
PreDown = iptables -t nat -D POSTROUTING -s ${wg_net}/24 -o ${out_adapt} -j MASQUERADE\n\
PreDown = iptables -D FORWARD -i wg0 -o wg0 -j DROP\n\
ListenPort = ${wg_port}\n\
SaveConfig = true\n\
DNS = ${global_dns}" > /setup/conf/wg0.conf \
&& chmod 600 /setup/conf/wg0.conf

# Defining a way for Docker to check the health of the container. In this case: checking the login URL.
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD sh -c 'pgrep gunicorn > /dev/null && pgrep tail > /dev/null' || exit 1

# Copy the basic entrypoint.sh script.
COPY entrypoint.sh /entrypoint.sh

# Exposing the default WireGuard Dashboard port for web access.
EXPOSE 10086
ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
26 changes: 0 additions & 26 deletions compose.yaml

This file was deleted.

2 changes: 0 additions & 2 deletions docker/README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# WGDashboard Docker Explanation:

Author: DaanSelen<br>

This document delves into how the WGDashboard Docker container has been built.<br>
Expand Down Expand Up @@ -100,7 +99,6 @@ dselen/wgdashboard latest c96fd96ee3b3 42 minutes ago 314MB

## Closing remarks:

Excuse the large image size, whoops! Debian's big... sometimes.<br>
For feedback please submit an issue to the repository. Or message [email protected].

## In Progress:
Expand Down
61 changes: 0 additions & 61 deletions docker/alpine/Dockerfile

This file was deleted.

43 changes: 0 additions & 43 deletions docker/alpine/builder.sh

This file was deleted.

2 changes: 0 additions & 2 deletions docker/alpine/requirements.txt

This file was deleted.

4 changes: 2 additions & 2 deletions docker/alpine/compose.yaml → docker/compose.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
services:
wireguard-dashboard:
image: dselen:alpine
image: test:latest
restart: unless-stopped
container_name: wgdashboard
environment:
Expand All @@ -12,7 +12,7 @@ services:
ports:
- 10086:10086/tcp
- 51820:51820/udp
volumes:
volumes: # Can be customized to only the /opt/wireguarddashboard/src/db folder with the /opt/wireguarddashboard/src/wg-dashboard.ini file.
- ./app:/opt/wireguarddashboard
- ./conf:/etc/wireguard
cap_add:
Expand Down
69 changes: 0 additions & 69 deletions docker/debian/Dockerfile

This file was deleted.

23 changes: 0 additions & 23 deletions docker/debian/compose.yaml

This file was deleted.

Loading

0 comments on commit 392a9c6

Please sign in to comment.