wireguard service won't start after update Topic is solved

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
jollyrogr
Posts: 4
Joined: Mon Jul 13, 2020 7:52 pm

wireguard service won't start after update

Post by jollyrogr »

Recently updated to v6.31.2 and now my systemd wireguard service can't start automatically.

Code: Select all

root@vpn01:~# systemctl status wg-quick@wg0.service 
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
   Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Mon 2020-07-13 12:44:32 CDT; 28s ago
     Docs: man:wg-quick(8)
           man:wg(8)
           https://www.wireguard.com/
           https://www.wireguard.com/quickstart/
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
           https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
  Process: 494 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=255/EXCEPTION)
 Main PID: 494 (code=exited, status=255/EXCEPTION)

Jul 13 12:44:23 vpn01 wg-quick[494]: [#] ip link set mtu 1420 up dev wg0
Jul 13 12:44:23 vpn01 wg-quick[494]: [#] sysctl net.ipv4.conf.wg0.forwarding=1 net.ipv4.conf.$(sed -n 3p /run/dietpi/.network
).forwarding=1
Jul 13 12:44:23 vpn01 wg-quick[494]: sed: can't read /run/dietpi/.network: No such file or directory
Jul 13 12:44:23 vpn01 wg-quick[494]: net.ipv4.conf.wg0.forwarding = 1
Jul 13 12:44:23 vpn01 wg-quick[494]: sysctl: separators should not be repeated: ..forwarding
Jul 13 12:44:23 vpn01 wg-quick[494]: sysctl: cannot stat /proc/sys/net/ipv4/conf//forwarding: No such file or directory
Jul 13 12:44:24 vpn01 wg-quick[494]: [#] ip link delete dev wg0
Jul 13 12:44:32 vpn01 systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=255/
EXCEPTION
Jul 13 12:44:32 vpn01 systemd[1]: wg-quick@wg0.service: Failed with result 'exit-code'.
Jul 13 12:44:32 vpn01 systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.
It will start just fine if I manually command it to start.

Any ideas? Thanks
User avatar
Joulinar
Posts: 2086
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard service won't start after update

Post by Joulinar »

Hi,

many thanks for your report. I guess thats the issue

Code: Select all

can't read /run/dietpi/.network: No such file or directory
pls can you do ls -la /run/dietpi/
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
jollyrogr
Posts: 4
Joined: Mon Jul 13, 2020 7:52 pm

Re: wireguard service won't start after update

Post by jollyrogr »

Code: Select all

root@vpn01:~# ls -la /run/dietpi/
total 12
drwxrwxrwx  2 root root 100 Jul 13 12:44 .
drwxr-xr-x 16 root root 500 Jul 13 12:44 ..
-rw-r--r--  1 root root 326 Jul 13 12:44 .dietpi_motd
-rw-rw-rw-  1 root root  55 Jul 13 16:42 .network
-rw-r--r--  1 root root   2 Jul 13 12:44 .timesync_exit_status
root@vpn01:~# 
User avatar
Joulinar
Posts: 2086
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard service won't start after update

Post by Joulinar »

hmm the file is there, pls can you restart WireGuard

Code: Select all

systemctl daemon-reload
systemctl restart wg-quick@wg0.service
journalctl -u wg-quick@wg0.service -n 20
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
jollyrogr
Posts: 4
Joined: Mon Jul 13, 2020 7:52 pm

Re: wireguard service won't start after update

Post by jollyrogr »

I can manually start/restart the service just fine after boot.

journal after boot

Code: Select all

root@vpn01:~# journalctl -u wg-quick@wg0.service -n 20
-- Logs begin at Mon 2020-07-13 18:19:09 CDT, end at Mon 2020-07-13 18:19:24 CDT. --
Jul 13 18:19:09 vpn01 systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Jul 13 18:19:09 vpn01 wg-quick[493]: [#] ip link add wg0 type wireguard
Jul 13 18:19:09 vpn01 wg-quick[493]: [#] wg setconf wg0 /dev/fd/63
Jul 13 18:19:10 vpn01 wg-quick[493]: [#] ip -4 address add 10.9.0.1/24 dev wg0
Jul 13 18:19:10 vpn01 wg-quick[493]: [#] ip link set mtu 1420 up dev wg0
Jul 13 18:19:10 vpn01 wg-quick[493]: [#] sysctl net.ipv4.conf.wg0.forwarding=1 net.ipv4.conf.$(sed -n 3p /run/dietpi/.network
).forwarding=1
Jul 13 18:19:10 vpn01 wg-quick[493]: sed: can't read /run/dietpi/.network: No such file or directory
Jul 13 18:19:10 vpn01 wg-quick[493]: net.ipv4.conf.wg0.forwarding = 1
Jul 13 18:19:10 vpn01 wg-quick[493]: sysctl: separators should not be repeated: ..forwarding
Jul 13 18:19:10 vpn01 wg-quick[493]: sysctl: cannot stat /proc/sys/net/ipv4/conf//forwarding: No such file or directory
Jul 13 18:19:10 vpn01 wg-quick[493]: [#] ip link delete dev wg0
Jul 13 18:19:17 vpn01 systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=255/
EXCEPTION
Jul 13 18:19:17 vpn01 systemd[1]: wg-quick@wg0.service: Failed with result 'exit-code'.
Jul 13 18:19:17 vpn01 systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.
Here's the journal after I start the service manually after bootup

Code: Select all

Jul 13 18:22:03 vpn01 systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] ip link add wg0 type wireguard
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] wg setconf wg0 /dev/fd/63
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] ip -4 address add 10.9.0.1/24 dev wg0
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] ip link set mtu 1420 up dev wg0
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] sysctl net.ipv4.conf.wg0.forwarding=1 net.ipv4.conf.$(sed -n 3p /run/dietpi/.network
).forwarding=1
Jul 13 18:22:03 vpn01 wg-quick[857]: net.ipv4.conf.wg0.forwarding = 1
Jul 13 18:22:03 vpn01 wg-quick[857]: net.ipv4.conf.eth0.forwarding = 1
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] sysctl net.ipv6.conf.$(sed -n 3p /run/dietpi/.network).accept_ra=2
Jul 13 18:22:03 vpn01 wg-quick[857]: net.ipv6.conf.eth0.accept_ra = 2
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] sysctl net.ipv6.conf.wg0.forwarding=1 net.ipv6.conf.$(sed -n 3p /run/dietpi/.network
).forwarding=1
Jul 13 18:22:03 vpn01 wg-quick[857]: net.ipv6.conf.wg0.forwarding = 1
Jul 13 18:22:03 vpn01 wg-quick[857]: net.ipv6.conf.eth0.forwarding = 1
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o $(sed -n 3p 
/run/dietpi/.network) -j MASQUERADE
Jul 13 18:22:03 vpn01 wg-quick[857]: [#] ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $(sed -n 3
p /run/dietpi/.network) -j MASQUERADE
Jul 13 18:22:03 vpn01 systemd[1]: Started WireGuard via wg-quick(8) for wg0.
User avatar
Joulinar
Posts: 2086
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard service won't start after update

Post by Joulinar »

ahh now I got it. Your service is starting to early.

I guess you would need to add following line to /etc/wireguard/wg0.conf

Code: Select all

PreUp = /boot/dietpi/func/obtain_network_details
pls add before PostUp section

In general this is fixed for new installation with current DietPi release. https://github.com/MichaIng/DietPi/issu ... -626683268
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
jollyrogr
Posts: 4
Joined: Mon Jul 13, 2020 7:52 pm

Re: wireguard service won't start after update

Post by jollyrogr »

Thanks Joulinar. The PreUp line worked. Now I'm wondering if this would not have been an issue if I wasn't using DHCP.
User avatar
Joulinar
Posts: 2086
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard service won't start after update

Post by Joulinar »

Yes using STATIC IP will be faster than DHCP to get network interface up.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
swrobel
Posts: 10
Joined: Mon Dec 10, 2018 8:04 pm

Re: wireguard service won't start after update

Post by swrobel »

Perhaps this needs to be added to the default wg0.conf:

Code: Select all

PreUp = /boot/dietpi/func/obtain_network_details
Because the same thing was happening to me after updating...

Code: Select all

sysctl: cannot stat /proc/sys/net/ipv4/conf//forwarding: No such file or directory
User avatar
Joulinar
Posts: 2086
Joined: Sat Nov 16, 2019 12:49 am

Re: wireguard service won't start after update

Post by Joulinar »

@swrobel
this is already stated above viewtopic.php?p=26073#p26073
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply