mr.phil's picture

I fully admit to being a relative novice when it comes to Linux, but I'm working on it.

Anyway, I'm trying to set up a Wireguard appliance on AWS. I have it installed and running, but when I attempt to use confconsole to create a client, I get the following:

wg-quick: `/etc/wireguard/wg0.conf' does not exist

Traceback (most recent call last):

File "/usr/local/bin/wireguard-addclient", line 171, in <module>
     add_client(args.client_name, args.allowed_ips)

File "/usr/local/bin/wireguard-addclient", line 129, in add_client
     server_addr, server_port, taken_ips = parse_config('/etc/wireguard/wg0.conf')

File "/usr/local/bin/wireguard-addclient", line 22, in parse_config with open(path, 'r') as fob:

FileNotFoundError: [Errno 2] No such file or directory: '/etc/wireguard/wg0.conf'

I'm guessing that means I don't have the server side configured yet, but I don't see how to configure the server on AWS. The docs (what there is) says something about 'inithooks' but I never see anything that looks like it might be appropraite on the AWS installation.

Thanks in advance for any guidance.

Jeremy Davis's picture

Assuming that you launched from the TurnKey Hub, it looks like you've discovered a bug/oversight on our behalf, so thank you so much for posting!

The "inithooks" are the questions that asked at firstboot (including setting passwords, etc). However, when launched from the Hub, the inithooks are preseeded by the Hub and run silently in the background. However, it turns out that under specific circumstance (i.e. when launched from the Hub with security updates enabled) that it doesn't actually run as it should. We'll need to look at this one a bit more closely. As such, I've opened a bug report.

In the meantime, the workaround is to complete the Wireguard 'inithook' configuration interactively, like this:


For what it's worth, you could re-run through the whole initialisation process with the 'turnkey-init' command.

I hope that helps get you up and going. Please let me know if you need further elaboration and/or have further feedback or questions.

baconmania's picture

I stumbled upon this thread while trying to use the Wireguard image in Proxmox (specifically, debian-11-turnkey-wireguard_17.1-1_amd64.tar.gz). It looks like the image doesn't come with `wireguard-tools` installed, so `wg-quick` is entirely missing. Am I just missing something here?
Jeremy Davis's picture

Could you please double check? 'wireguard-tools' certainly should be installed!? See the manifest.

To double check inside the appliance:

apt policy wireguard-tools

The first command should return 'turnkey-wireguard-17.1-bullseye-amd64' and the second should return this:

  Installed: 1.0.20210223-1
  Candidate: 1.0.20210223-1
  Version table:
 *** 1.0.20210223-1 500
        500 bullseye/main amd64 Packages
        100 /var/lib/dpkg/status

If you can confirm that it's not installed - and you didn't uninstall it, then there is something weird going on! Something that requires further investigation.

Brantley's picture

I am having the same issue. "wireguard-tools" package is not already installed after multiple fresh installs from the lxc template that can be downloaded directly through proxmox. Running "apt policy wireguard-tools" confirms this. Installing it manually fixes it.
Jeremy Davis's picture

Thanks for confirming. Following your post I double checked myself and you are both right!

I haven't spent much time on it yet, but my suspicion is that it gets removed when we remove the kernel (for the LXC build). I'll add 'wireguard-tools' as an explicit dependency and that should ensure that it remains after removing the kernel.

I have opened an issue on our tracker to track this.

Add new comment