diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run index 462ae87a..0a07a5dd 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run +++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run @@ -10,9 +10,10 @@ if ip link add dev test type wireguard; then ip link del dev test if capsh --current | grep "Current:" | grep -q "cap_sys_module"; then echo "**** As the wireguard module is already active you can remove the SYS_MODULE capability from your container run/compose. ****" + echo "**** If your host does not automatically load the iptables module, you may still need the SYS_MODULE capability. ****" fi else echo "**** The wireguard module is not active. If you believe that your kernel should have wireguard support already, make sure that it is activated via modprobe! ****" - echo "**** If you have an old kernel without wireguard support built-in, you can try using the "legacy" tag for this image to compile the modules from scratch. ****" + echo "**** If you have an old kernel without wireguard support built-in, you can try using the 'legacy' tag for this image to compile the modules from scratch. ****" sleep infinity fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish index 6b568c92..f36d374d 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish @@ -1,12 +1,12 @@ #!/usr/bin/with-contenv bash # shellcheck shell=bash -if [[ -f "/app/activeconfs" ]]; then - . /app/activeconfs +if [[ -f "/run/activeconfs" ]]; then + . /run/activeconfs for tunnel in $(printf '%s\n' "${WG_CONFS[@]}" | tac | tr '\n' ' '; echo); do echo "**** Disabling tunnel ${tunnel} ****" wg-quick down "${tunnel}" || : done echo "**** All tunnels are down ****" - rm -rf /app/activeconfs + rm -rf /run/activeconfs fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run index 87b477e2..1dac75f6 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run @@ -2,7 +2,7 @@ # shellcheck shell=bash unset WG_CONFS -rm -rf /app/activeconfs +rm -rf /run/activeconfs # Enumerate interfaces for wgconf in $(ls /config/wg_confs/*.conf); do if grep -q "\[Interface\]" "${wgconf}"; then @@ -23,13 +23,13 @@ unset FAILED for tunnel in ${WG_CONFS[@]}; do echo "**** Activating tunnel ${tunnel} ****" if ! wg-quick up "${tunnel}"; then - FAILED="${tunnel}" - break + FAILED="${tunnel}" + break fi done if [[ -z "${FAILED}" ]]; then - declare -p WG_CONFS > /app/activeconfs + declare -p WG_CONFS > /run/activeconfs echo "**** All tunnels are now active ****" else echo "**** Tunnel ${FAILED} failed, will stop all others! ****"