Skip to content

Commit a53eb5b

Browse files
thespadthespad
committed
Update readme to clarify caps and module processes
1 parent 9783473 commit a53eb5b

File tree

1 file changed

+0
-10
lines changed

1 file changed

+0
-10
lines changed

readme-vars.yml

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@ param_container_name: "{{ project_name }}"
2525
param_usage_include_vols: true
2626
param_volumes:
2727
- { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Contains all relevant configuration files." }
28-
- { vol_path: "/lib/modules", vol_host_path: "/lib/modules", desc: "Maps host's modules folder." }
2928
param_usage_include_ports: true
3029
param_ports:
3130
- { external_port: "51820", internal_port: "51820/udp", port_desc: "wireguard port" }
@@ -35,7 +34,6 @@ param_env_vars:
3534
cap_add_param: true
3635
cap_add_param_vars:
3736
- { cap_add_var: "NET_ADMIN" }
38-
- { cap_add_var: "SYS_MODULE" }
3937
custom_params:
4038
- { name: "sysctl", name_compose: "sysctls", value: ["net.ipv4.conf.all.src_valid_mark=1"], desc: "Required for client mode.", array: "true" }
4139

@@ -58,14 +56,6 @@ app_setup_block_enabled: true
5856
app_setup_block: |
5957
During container start, it will first check if the wireguard module is already installed and loaded. Kernels newer than 5.6 generally have the wireguard module built-in (along with some older custom kernels). However, the module may not be enabled. Make sure it is enabled prior to starting the container.
6058
61-
If the kernel is not built-in, or installed on host, the container will check if the kernel headers are present (in `/usr/src`) and if not, it will attempt to download the necessary kernel headers from the `ubuntu xenial/bionic`, `debian/raspbian buster` repos; then will attempt to compile and install the kernel module. If the kernel headers are not found in either `usr/src` or in the repos mentioned, container will sleep indefinitely as wireguard cannot be installed.
62-
63-
If you're on a debian/ubuntu based host with a custom or downstream distro provided kernel (ie. Pop!_OS), the container won't be able to install the kernel headers from the regular ubuntu and debian repos. In those cases, you can try installing the headers on the host via `sudo apt install linux-headers-$(uname -r)` (if distro version) and then add a volume mapping for `/usr/src:/usr/src`, or if custom built, map the location of the existing headers to allow the container to use host installed headers to build the kernel module (tested successful on Pop!_OS, ymmv).
64-
65-
With regards to arm32/64 devices, Raspberry Pi 2-4 running the [official ubuntu images](https://ubuntu.com/download/raspberry-pi) or Raspbian Buster are supported out of the box. For all other devices and OSes, you can try installing the kernel headers on the host, and mapping `/usr/src:/usr/src` and it may just work (no guarantees).
66-
67-
This can be run as a server or a client, based on the parameters used.
68-
6959
## Server Mode
7060
If the environment variable `PEERS` is set to a number or a list of strings separated by comma, the container will run in server mode and the necessary server and peer/client confs will be generated. The peer/client config qr codes will be output in the docker log. They will also be saved in text and png format under `/config/peerX` in case `PEERS` is a variable and an integer or `/config/peer_X` in case a list of names was provided instead of an integer.
7161

0 commit comments

Comments
 (0)