From a2b6cdd41f0b3bac12989520370a0f6bca9616ab Mon Sep 17 00:00:00 2001
From: infosave2007 <urevich55@gmail.com>
Date: Sat, 24 Jan 2026 21:36:13 +0300
Subject: [PATCH] Fix: Read keys from host file in sync script to prevent
 container deadlock

---
 scripts/sync_awg_all.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/scripts/sync_awg_all.php b/scripts/sync_awg_all.php
index ce19dde..6e70ec5 100644
--- a/scripts/sync_awg_all.php
+++ b/scripts/sync_awg_all.php
@@ -51,15 +51,17 @@ try {
     // vpn_servers table has server_public_key... but usually NOT private key?
     // Start script puts keys in /opt/amnezia/awg/....key
     // We should READ them from file to be safe.
+    // Read directly from HOST file to avoid container dependency (deadlock if stuck in restart loop)
+    $privKey = trim($server->executeCommand("cat /opt/amnezia/awg/wireguard_server_private_key.key 2>/dev/null", true));
 
-    $privKey = trim($server->executeCommand("docker exec -i $containerName cat /opt/amnezia/awg/server_private.key", true));
-    if (!$privKey) {
-        // Try file mapping
-        $privKey = trim($server->executeCommand("cat /opt/amnezia/amnezia-awg/server_private.key", true));
+    if (empty($privKey)) {
+        // Fallback: try container exec (only if host file missing)
+        $privKey = trim($server->executeCommand("docker exec -i $containerName cat /opt/amnezia/awg/server_private.key", true));
     }
 
-    if (!$privKey) {
-        die("Fatal: Could not retrieve Server Private Key from keys files.\n");
+    if (!$privKey || strpos($privKey, 'Error response') !== false) {
+        // If still missing or error message
+        die("Fatal: Could not retrieve Server Private Key. Check /opt/amnezia/awg/ directory.\n");
     }
 
     $vpnPort = $data['vpn_port'] ?? 51820;