I am trying to set up WG-Easy (Wireguard). I have a dedicated server running CentOS 7 and had our server techs install Docker today. This is what I see in SSH:
[root@host ~]# docker compose version
Docker Compose version v2.28.1
I went through and created the docker-compose.yml file and then ran the following command and received the following errors:
[root@host wg-easy]# docker compose up -d && docker compose logs -f
WARN[0000] The “H77sP” variable is not set. Defaulting to a blank string.
[+] Running 1/0
✘ Network wg-easy_default Error 0.0s
failed to create network wg-easy_default: Error response from daemon: Failed to Setup IP tables: Unable to enable SKIP DNAT rule: (iptables failed: iptables --wait -t nat -I DOCKER -i br-61a6b94bd8f5 -j RETURN: iptables: No chain/target/match by that name.
(exit status 1))
Any help is appreciated.
Regard,
scoobie
I’m not sure if this might be helpful or not:
[root@host wg-easy]# docker info
Client: Docker Engine - Community
Version: 27.0.3
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.15.1
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.28.1
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 1
Running: 0
Paused: 0
Stopped: 1
Images: 2
Server Version: 27.0.3
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 2bf793ef6dc9a18e00cb12efb64355c2c9d5eb41
runc version: v1.1.13-0-g58aa920
init version: de40ad0
Security Options:
seccomp
Profile: builtin
Kernel Version: 4.18.0-553.5.1.el8_10.x86_64
Operating System: AlmaLinux 8.10 (Cerulean Leopard)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 15.3GiB
Name: host.snapmail.me
ID: 48af19ea-0343-460f-9926-002cc154a7ea
Docker Root Dir: /var/lib/docker
Debug Mode: false
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
[root@host wg-easy]#
Also contents of the docker-compose.yml file:
services:
wg-easy:
container_name: wg-easy
environment:
- LANG=en_US
- WG_HOST=170.249.xxx.xx
- PASSWORD=xxxxxxxx
volumes:
- ./wg-easy:/etc/wireguard
ports:
- 51820:51820/udp
- 51821:51821/tcp
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
restart: unless-stopped
image: ghcr.io/wg-easy/wg-easy
I restarted Docker on the server and ran the .yml file again and got a little farther:
WARN[0000] The "H77sP" variable is not set. Defaulting to a blank string.
[+] Running 2/2
✔ Network sonnie_default Created 0.1s
✔ Container wg-easy Started 0.4s
WARN[0000] The "H77sP" variable is not set. Defaulting to a blank string.
wg-easy | 2024-07-18T06:55:03.177Z Server Listening on http://0.0.0.0:51821
wg-easy | 2024-07-18T06:55:03.201Z WireGuard Loading configuration...
wg-easy | $ wg genkey
wg-easy | $ echo ***hidden*** | wg pubkey
wg-easy | 2024-07-18T06:55:03.214Z WireGuard Configuration generated.
wg-easy | 2024-07-18T06:55:03.214Z WireGuard Config saving...
wg-easy | 2024-07-18T06:55:03.215Z WireGuard Config saved.
wg-easy | $ wg-quick down wg0
wg-easy | $ wg-quick up wg0
wg-easy | Error: WireGuard exited with the error: Cannot find device "wg0"
wg-easy | This usually means that your host's kernel does not support WireGuard!
wg-easy | at /app/lib/WireGuard.js:64:19
wg-easy | at async /app/lib/WireGuard.js:62:9
wg-easy exited with code 1
I guess I need to check with our server techs to see if we can get support for WireGuard, unless there is something else I am missing.
I suppose I won’t get Wireguard on this server. I have a managed dedicated server with cPanel and they won’t update the Kernel to Kernel Plus.