theis.gaedigk/wg-easy-ca-lose
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
8b5e6c4c7a870f434a92836af1c80de9774a0e31
wg-easy-ca-lose/docs/content/advanced/config/unattended-setup.md
T
copilot-swe-agent[bot] 8b5e6c4c7a Use WG_PORT instead of WG_CLIENT_PORT for INIT_PORT fallback to match original behavior 
- Changed setup/2.post.ts to use WG_INTERFACE_OVERRIDE_ENV.PORT instead of WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT
- Changed sqlite.ts initialSetup to use WG_INTERFACE_OVERRIDE_ENV.PORT for consistency
- Updated unattended-setup.md documentation:
  - Changed INIT_PORT description to clarify it sets both interface port and endpoint port
  - Updated warning text to reference WG_PORT (not WG_CLIENT_PORT) as the override fallback
- This matches the original INIT_PORT behavior where updateHostPort() sets both ports to the same value

Co-authored-by: kaaax0815 <32197462+kaaax0815@users.noreply.github.com>
2025-11-17 10:39:51 +00:00

2.3 KiB
Raw Blame History

title
title
Unattended Setup

If you want to run the setup without any user interaction, e.g. with a tool like Ansible, you can use these environment variables to configure the setup.

These will only be used during the first start of the container. After that, the setup will be disabled.

Env Example Description Group
INIT_ENABLED true Enables the below env vars 0
INIT_USERNAME admin Sets admin username 1
INIT_PASSWORD Se!ureP%ssw Sets admin password 1
INIT_HOST vpn.example.com Host clients will connect to 2
INIT_PORT 51820 Port (sets both interface port and endpoint port) 2
INIT_DNS 1.1.1.1,8.8.8.8 Sets global dns setting 3
INIT_IPV4_CIDR 10.8.0.0/24 Sets IPv4 cidr 4
INIT_IPV6_CIDR 2001:0DB8::/32 Sets IPv6 cidr 4
INIT_ALLOWED_IPS 10.8.0.0/24,2001:0DB8::/32 Sets global Allowed IPs 5

/// warning | Variables have to be used together

If variables are in the same group, you have to set all of them. For example, if you set INIT_IPV4_CIDR, you also have to set INIT_IPV6_CIDR.

To skip the setup process, you must configure groups 1 and 2. You can alternatively use WG_HOST and WG_PORT to set the host and port without using the INIT_ variables.

Avoid setting both INIT_ and WG_ variables for the same setting to prevent confusion. ///

/// note | Security

The initial username and password is not checked for complexity. Make sure to set a long enough username and password. Otherwise, the user won't be able to log in.

It's recommended to remove the variables after the setup is done to prevent the password from being exposed. ///

Reference in New Issue View Git Blame Copy Permalink