caprover · Duckiduc · Oct 19, 2023 · Oct 19, 2023 · Oct 19, 2023 · Oct 19, 2023
diff --git a/public/v4/apps/wireguard.yml b/public/v4/apps/wireguard.yml
@@ -0,0 +1,125 @@
+captainVersion: 4
+services:
+    $$cap_appname:
+        caproverExtra:
+            containerHttpPort: $$cap_WIREGUARD_PORT
+        image: linuxserver/wireguard:$$cap_WIREGUARD_VERSION
+        hostname: $$cap_appname.$$cap_root_domain
+        environment:
+            PUID: $$cap_WIREGUARD_PUID
+            PGID: $$cap_WIREGUARD_GUID
+            TZ: $$cap_WIREGUARD_TZ
+            SERVERURL: $$cap_WIREGUARD_SERVERURL
+            SERVERPORT: $$cap_WIREGUARD_SERVERPORT
+            PEERS: $$cap_WIREGUARD_PEERS
+            PEERDNS: $$cap_WIREGUARD_PEERDNS
+            INTERNAL_SUBNET: $$cap_WIREGUARD_INTERNAL_SUBNET
+            ALLOWEDIPS: $$cap_WIREGUARD_ALLOWEDIPS
+            PERSISTENTKEEPALIVE_PEERS: $$cap_WIREGUARD_PERSISTENTKEEPALIVE_PEERS
+            LOG_CONFS: $$cap_WIREGUARD_LOG_CONFS
+        volumes:
+            - $$cap_appname:/config
+            - /lib/modules:/lib/modules
+        ports:
+            - $$cap_WIREGUARD_PORT_UDP:$$cap_WIREGUARD_PORT_UDP
+        cap_add:
+            - NET_ADMIN
+            - SYS_MODULE
+
+caproverOneClickApp:
+    displayName: WireGuard
+    isOfficial: false
+    description: Fast, modern, secure VPN tunnel
+    documentation: https://www.wireguard.com/
+    instructions:
+        start: |-
+            WireGuard is a fast, modern, and secure VPN tunnel.
+            This app is based on the LinuxServer.io image.
+            **Important notes:**
+            - Update your CapRover installation to latest version
+            - You may need to **override CapRover's configuration** to use the newer Docker API version `1.4.1` (this can be done manually or by running `echo "{\"dockerApiVersion\":\"v1.41\"}" > /captain/data/config-override.json` and restarting CapRover with `docker service update captain-captain --force`)
+            - You need **access via SSH** to your server after deployment to modify a file (only once)
+            - You may need to **open the port** `51820` on your firewall
+        end: |-
+            WireGuard has been deployed **successfully**!
+            Before you can start using it, you need to perform some steps.
+            You only need to do this once.
+            **Please screenshot/copy the following instructions before proceeding:**
+            1. Go to the **HTTP Settings** of your deployment `$$cap_appname` here in CapRover
+            2. **Enable HTTPS**
+            3. Go to **App Configs** and paste the following snippet into **Service Update Override**: `{"TaskTemplate": { "ContainerSpec": { "CapabilityAdd": ["CAP_NET_ADMIN", "CAP_SYS_MODULE"], "Sysctls": { "net.ipv4.conf.all.src_valid_mark": "1" } } } }`
+            4. **Save & Update** and wait a minute
+            5. Access via SSH to your server and execute one of the following commands to get a peer config:
+            - `docker exec -it $(docker ps --filter name=srv-captain--$$cap_appname -q) cat /config/peer1/peer1.conf` (for the first peer)
+            - `docker exec -it $(docker ps --filter name=srv-captain--$$cap_appname -q) /app/show-peer 1 4 5` (for the QR code of the peers 1, 4 and 5)
+    variables:
+        - id: $$cap_WIREGUARD_VERSION
+          label: General | Version Tag
+          description: Check out their valid tags at https://hub.docker.com/r/linuxserver/wireguard/tags
+          defaultValue: 1.0.20210914
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_PORT
+          label: General | Port
+          description: The port to expose the WireGuard service on
+          defaultValue: 80
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_PORT_UDP
+          label: General | Port UDP
+          description: Port of the UDP connections. Should not be changed.
+          defaultValue: 51820
+          validRegex: /^[0-9]{1,5}$/
+        - id: $$cap_WIREGUARD_TZ
+          label: General | Timezone
+          description: The timezone to use for the container
+          defaultValue: Europe/London
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_PUID
+          label: General | PUID
+          description: The user ID to run the container as
+          defaultValue: 1000
+          validRegex: /^[0-9]{1,5}$/
+        - id: $$cap_WIREGUARD_GUID
+          label: General | PGID
+          description: The group ID to run the container as
+          defaultValue: 1000
+          validRegex: /^[0-9]{1,5}$/
+        - id: $$cap_WIREGUARD_SERVERURL
+          label: WireGuard | Server URL
+          description: The public IP address or domain name of your server
+          defaultValue: $$cap_appname.$$cap_root_domain
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_SERVERPORT
+          label: WireGuard | Server Port
+          description: The port to expose the WireGuard service on
+          defaultValue: 51820
+          validRegex: /^[0-9]{1,5}$/
+        - id: $$cap_WIREGUARD_PEERS
+          label: WireGuard | Peers
+          description: The number of peers to allow (concurrent connections)
+          defaultValue: 1
+          validRegex: /^[0-9]{1,5}$/
+        - id: $$cap_WIREGUARD_PEERDNS
+          label: WireGuard | Peer DNS
+          description: The DNS server to use for the peers
+          defaultValue: auto
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_INTERNAL_SUBNET
+          label: WireGuard | Internal Subnet
+          description: The internal subnet to use for the peers
+          defaultValue: 10.13.13.0
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_ALLOWEDIPS
+          label: WireGuard | Allowed IPs
+          description: The allowed IPs to use for the peers
+          defaultValue: 0.0.0.0/0
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_PERSISTENTKEEPALIVE_PEERS
+          label: WireGuard | Persistent Keepalive Peers
+          description: The persistent keepalive peers to use for the peers
+          defaultValue:
+          validRegex: /.{1,}/
+        - id: $$cap_WIREGUARD_LOG_CONFS
+          label: WireGuard | Log Confs
+          description: The log confs to use for the peers
+          defaultValue: true
+          validRegex: /.{1,}/
diff --git a/public/v4/logos/wireguard.png b/public/v4/logos/wireguard.png