theis.gaedigk/wg-easy-ca-lose
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
e192855280a5f95173661c16cf7cfa8c046a9145
wg-easy-ca-lose/docs/content/advanced/config/unattended-setup.md
T
copilot-swe-agent[bot] e192855280 Fix discrepancies: use WG_CLIENT_PORT instead of WG_PORT for setup fallback 
- Fixed setup/2.post.ts to use WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT instead of WG_INTERFACE_OVERRIDE_ENV.PORT
- Fixed sqlite.ts initialSetup to use WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT for consistency
- Corrected unattended-setup.md documentation:
  - Changed INIT_HOST and INIT_PORT from group "1*" to group "2"
  - Clarified INIT_PORT description as "Port clients will connect to (endpoint port)"
  - Updated group numbers: DNS is group 3, CIDR is group 4, Allowed IPs is group 5
  - Fixed warning text: setup requires groups 1 and 2, and use WG_CLIENT_PORT (not WG_PORT)
- Ensures consistency between code behavior and documentation

Co-authored-by: kaaax0815 <32197462+kaaax0815@users.noreply.github.com>
2025-11-17 10:31:11 +00:00

2.3 KiB
Raw Blame History

title
title
Unattended Setup

If you want to run the setup without any user interaction, e.g. with a tool like Ansible, you can use these environment variables to configure the setup.

These will only be used during the first start of the container. After that, the setup will be disabled.

Env Example Description Group
INIT_ENABLED true Enables the below env vars 0
INIT_USERNAME admin Sets admin username 1
INIT_PASSWORD Se!ureP%ssw Sets admin password 1
INIT_HOST vpn.example.com Host clients will connect to 2
INIT_PORT 51820 Port clients will connect to (endpoint port) 2
INIT_DNS 1.1.1.1,8.8.8.8 Sets global dns setting 3
INIT_IPV4_CIDR 10.8.0.0/24 Sets IPv4 cidr 4
INIT_IPV6_CIDR 2001:0DB8::/32 Sets IPv6 cidr 4
INIT_ALLOWED_IPS 10.8.0.0/24,2001:0DB8::/32 Sets global Allowed IPs 5

/// warning | Variables have to be used together

If variables are in the same group, you have to set all of them. For example, if you set INIT_IPV4_CIDR, you also have to set INIT_IPV6_CIDR.

To skip the setup process, you must configure groups 1 and 2. You can alternatively use WG_HOST and WG_CLIENT_PORT to set the host and port without using the INIT_ variables.

Avoid setting both INIT_ and WG_ variables for the same setting to prevent confusion. ///

/// note | Security

The initial username and password is not checked for complexity. Make sure to set a long enough username and password. Otherwise, the user won't be able to log in.

It's recommended to remove the variables after the setup is done to prevent the password from being exposed. ///

Reference in New Issue View Git Blame Copy Permalink