wenil/amneziavpnphp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(awg2): resolve issue #50 client key generation and install timeout

Browse Source 
Issue #50 (AmneziaWG 2.0 / awg2): "Failed to generate client keys" when
creating clients, and "Invalid server response" on first install.

- VpnClient::generateClientKeys() built its own password-only SSH command
  (PubkeyAuthentication=no, no sudo), bypassing VpnServer::executeCommand.
  That broke key-based servers and hosts where docker requires sudo. Route
  it through executeCommand so SSH-key auth and docker sudo auto-detection
  apply, matching every other remote operation.
- VpnClient::getNextClientIP() read /opt/amnezia/awg/wg0.conf only; AWG2
  uses awg0.conf. Read awg0.conf first, fall back to wg0.conf.
- deploy route: lift PHP time limit (set_time_limit(0) + ignore_user_abort)
  so the multi-minute awg2 docker build is not killed mid-request, which
  produced the truncated, non-JSON "Invalid server response".
- migration 070: drop `--no-cache` from the awg2 docker build so layers are
  reused, making installs and retries fast and idempotent.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
infosave
2026-05-29 10:31:59 +03:00
parent 809b0ca63d
commit b819eb35b0
3 changed files with 50 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
migrations/070_fix_awg2_build_no_cache_timeout.sql
+20
View File
@@ -0,0 +1,20 @@
-- =====================================================================
-- Migration 070: Speed up / stabilize AmneziaWG 2.0 (awg2) installation
--
-- Issue #50: the first install of awg2 frequently failed with
-- "Invalid server response". Root cause: the install script ran
-- `docker build --no-cache` every time, forcing a full recompile of the
-- amneziawg-go Go sources on each attempt. That build can take several
-- minutes, exceeding the web request timeout, so the browser received a
-- truncated (non-JSON) response. On retry the work from the first attempt
-- had already produced the image/config, so it "magically" succeeded.
--
-- Dropping `--no-cache` lets Docker reuse cached layers, making installs
-- (and especially retries) fast and idempotent. The sources are pinned via
-- `git clone --depth=1`, so a cached build is the desired behaviour.
-- =====================================================================
UPDATE protocols
SET install_script = REPLACE(install_script, 'docker build --no-cache -t amnezia-awg2', 'docker build -t amnezia-awg2')
WHERE slug = 'awg2'
AND install_script LIKE '%docker build --no-cache -t amnezia-awg2%';