Claude/add ipv6 gua support 8r6 se#406
Closed
ohshitgorillas wants to merge 10 commits intolinuxserver:masterfrom
Closed
Claude/add ipv6 gua support 8r6 se#406ohshitgorillas wants to merge 10 commits intolinuxserver:masterfrom
ohshitgorillas wants to merge 10 commits intolinuxserver:masterfrom
Conversation
Introduce the IP6_SUBNET environment variable for native IPv6 global
unicast address support on WireGuard tunnels. When set the server
receives ::1/128 and peers are assigned sequential ::2/128, ::3/128,
etc. addresses alongside their existing IPv4 addresses. The feature
is entirely opt-in; omitting IP6_SUBNET preserves current behaviour
with zero changes to generated configs.
Changes
-------
* root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
- Validate IP6_SUBNET: strip optional CIDR prefix, enforce prefix
length >= /64, require trailing colon, reject non-hex characters.
- Set IP6_ADDR_SERVER for the server template.
- Extract CLIENT_IP6 from existing peer confs (cut -d, -f2 on the
Address field); invalidate on subnet change for reassignment.
- IPv6 conflict-detection loop mirrors the existing IPv4 logic.
- Include CLIENT_IP6 in server-conf AllowedIPs for each peer.
- Persist ORIG_IP6_SUBNET in save_vars; add IP6_SUBNET to the
change-detection condition that triggers conf regeneration.
- Backward-compat sed patches upgrade existing user templates that
predate this change (mirrors the earlier PresharedKey migration).
* root/defaults/server.conf
- Address line conditionally appends ,<IP6_ADDR_SERVER> when set.
* root/defaults/peer.conf
- Address line conditionally appends ,<CLIENT_IP6> when set.
* readme-vars.yml
- Add IP6_SUBNET to opt_param_env_vars with full description.
- List IP6_SUBNET among vars that trigger conf regeneration.
- New "IPv6 GUA Support" section: requirements (SYS_MODULE,
router routes), complete host-mode and bridge-mode docker-compose
examples, and explicit notes on ephemeral host routes.
https://claude.ai/code/session_01QdSdYNzFJjZVymw6NNbGP5
…-8r6Se Add optional IPv6 GUA dual-stack support via IP6_SUBNET
* Replace linuxserver.io header badges and boilerplate with a fork notice block pointing back to upstream for unrelated issues. * Add "Changes from upstream" section summarising the single delta (IP6_SUBNET / IPv6 GUA support) and linking to the detailed section. * Add full "IPv6 GUA Support" section with host-mode and bridge-mode setup instructions, complete docker-compose examples, and notes on ephemeral host routes and required router configuration. * Add IP6_SUBNET to both the docker-compose and docker cli example blocks, the Parameters table, and the Server Mode regeneration- trigger variable list. * Update image references throughout from lscr.io/linuxserver/wireguard to ohshitgorillas/wireguard; update git clone URL in "Building locally" to point at this fork. * Remove linuxserver-specific sections: Docker Mods badge block, upstream image version check, Diun update-notification tip, and the generic "most of our images are static" preamble in Updating Info. * Retain references to linuxserver docs/utilities that are still valid (read-only docs, qemu-static image, historical changelog entries). https://claude.ai/code/session_01QdSdYNzFJjZVymw6NNbGP5
…-8r6Se Rewrite README for fork: strip LSIO branding, add IPv6 GUA docs
Clarified IPv6 configuration instructions and added critical notes regarding routing requirements.
Updated section headers from 'Host Mode' and 'Bridge Mode' to 'Host Networking' and 'Bridge Networking'.
Colons in IPv6 addresses (IP6_SUBNET, PEERDNS) are interpreted as
YAML key-value separators when unquoted, producing the error:
services.wireguard.environment.[N]: unexpected type map[string]interface {}
Wrap the affected environment entries in double quotes in all four
example blocks (host + bridge in both README.md and readme-vars.yml).
https://claude.ai/code/session_01QdSdYNzFJjZVymw6NNbGP5
The colon-suffix check fired before any normalisation, so inputs like
2001:db8:b00b:420::0 or the fully-expanded 2001:db8:b00b:420:0:0:0:0
were rejected even though they represent the same prefix as the
accepted 2001:db8:b00b:420::.
Two normalisation passes are now applied after CIDR stripping and
before validation:
1. Strip trailing zeros that follow :: (::0 → ::, ::0000 → ::).
2. For fully-expanded addresses with no :: present, collapse trailing
:0 groups and append :: (420:0:0:0:0 → 420::).
The validation itself is tightened from :$ to ::$ to match the actual
requirement: the script concatenates host IDs directly onto the subnet
string (${IP6_SUBNET}1), so a double-colon suffix is mandatory.
https://claude.ai/code/session_0196yPjc8RVdqEMtqh1X6Xse
…dation-0NJcR Fix IPv6 subnet validation rejecting valid trailing-zero forms
Contributor
|
I am a bot, here is the pushed image/manifest for this PR:
|
Contributor
|
I am a bot, here is the pushed image/manifest for this PR:
|
Author
|
accident, please disregard |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description:
Benefits of this PR and context:
How Has This Been Tested?
Source / References: