nessi/NexaVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: make gateway UDP port configurable via GATEWAY_UDP_PORT environment variable

Browse Source 
Add GATEWAY_UDP_PORT environment variable with default value 51900 to replace hardcoded port 51820. Update DEFAULT_GATEWAY_ENDPOINT in .env.example to use new port. Add UDP port mapping to gateway service in docker-compose using GATEWAY_UDP_PORT. Add NEXAVPN_GATEWAY_LISTEN_PORT environment variable to gateway container. Update gateway-entrypoint.sh to use GATEWAY_LISTEN_PORT variable in bootstrap payload and WireGuard interface configuration.
This commit is contained in:
Sascha Nesterovic
2026-03-18 07:54:18 +01:00
parent bbea4f8bd0
commit 9ea2345982
3 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
deploy/.env.example
View File

@@ -10,7 +10,8 @@ ACCESS_TOKEN_TTL_SECONDS=900
REFRESH_TOKEN_TTL_SECONDS=2592000 REFRESH_TOKEN_TTL_SECONDS=2592000
DEFAULT_DNS_SERVERS=10.20.0.53 DEFAULT_DNS_SERVERS=10.20.0.53
DEFAULT_VPN_CIDR=100.96.0.0/24 DEFAULT_VPN_CIDR=100.96.0.0/24
DEFAULT_GATEWAY_ENDPOINT=vpn.example.com:51820 GATEWAY_UDP_PORT=51900
DEFAULT_GATEWAY_ENDPOINT=vpn.example.com:51900
DEFAULT_GATEWAY_PUBLIC_KEY=replace-me DEFAULT_GATEWAY_PUBLIC_KEY=replace-me
GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap
NEXAVPN_GATEWAY_ID= NEXAVPN_GATEWAY_ID=

5
deploy/docker-compose.yml
View File

@@ -80,13 +80,16 @@ services:
- /dev/net/tun:/dev/net/tun - /dev/net/tun:/dev/net/tun
extra_hosts: extra_hosts:
- "host.docker.internal:host-gateway" - "host.docker.internal:host-gateway"
ports:
- "${GATEWAY_UDP_PORT:-51900}:${GATEWAY_UDP_PORT:-51900}/udp"
environment: environment:
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap} GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-} NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway} NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
NEXAVPN_GATEWAY_LISTEN_PORT: ${GATEWAY_UDP_PORT:-51900}
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://host.docker.internal:8080/api/v1/gateway-agent} NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://host.docker.internal:8080/api/v1/gateway-agent}
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap} NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap}
DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:51820} DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_UDP_PORT:-51900}}
DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24} DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-} NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
NEXAVPN_GATEWAY_PRIVATE_KEY: ${NEXAVPN_GATEWAY_PRIVATE_KEY:-} NEXAVPN_GATEWAY_PRIVATE_KEY: ${NEXAVPN_GATEWAY_PRIVATE_KEY:-}

3
deploy/scripts/gateway-entrypoint.sh
View File

@@ -8,6 +8,7 @@ IFACE="${NEXAVPN_GATEWAY_INTERFACE:-wg0}"
UPLINK_IFACE="${NEXAVPN_UPLINK_INTERFACE:-eth0}" UPLINK_IFACE="${NEXAVPN_UPLINK_INTERFACE:-eth0}"
ENABLE_MASQUERADE="${NEXAVPN_ENABLE_MASQUERADE:-true}" ENABLE_MASQUERADE="${NEXAVPN_ENABLE_MASQUERADE:-true}"
GATEWAY_NAME="${NEXAVPN_GATEWAY_NAME:-primary-gateway}" GATEWAY_NAME="${NEXAVPN_GATEWAY_NAME:-primary-gateway}"
GATEWAY_LISTEN_PORT="${NEXAVPN_GATEWAY_LISTEN_PORT:-51900}"
BOOTSTRAP_URL="${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://backend:8080/api/v1/gateway-agent/bootstrap}" BOOTSTRAP_URL="${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://backend:8080/api/v1/gateway-agent/bootstrap}"
SYNC_BASE_URL="${NEXAVPN_GATEWAY_SYNC_URL:-http://backend:8080/api/v1/gateway-agent}" SYNC_BASE_URL="${NEXAVPN_GATEWAY_SYNC_URL:-http://backend:8080/api/v1/gateway-agent}"
GATEWAY_ID_FILE="/var/lib/nexavpn/gateway-id" GATEWAY_ID_FILE="/var/lib/nexavpn/gateway-id"
@@ -39,7 +40,7 @@ bootstrap_gateway() {
BOOTSTRAP_RESPONSE="$(curl -fsSL \ BOOTSTRAP_RESPONSE="$(curl -fsSL \
-H "Content-Type: application/json" \ -H "Content-Type: application/json" \
-H "X-Gateway-Bootstrap-Token: ${GATEWAY_BOOTSTRAP_TOKEN}" \ -H "X-Gateway-Bootstrap-Token: ${GATEWAY_BOOTSTRAP_TOKEN}" \
-d "{\"name\":\"${GATEWAY_NAME}\",\"endpoint\":\"${DEFAULT_GATEWAY_ENDPOINT:-localhost:51820}\",\"public_key\":\"${GATEWAY_PUBLIC_KEY}\",\"listen_port\":51820,\"vpn_cidr\":\"${DEFAULT_VPN_CIDR:-100.96.0.0/24}\",\"dns_servers\":[\"10.20.0.53\"]}" \ -d "{\"name\":\"${GATEWAY_NAME}\",\"endpoint\":\"${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_LISTEN_PORT}}\",\"public_key\":\"${GATEWAY_PUBLIC_KEY}\",\"listen_port\":${GATEWAY_LISTEN_PORT},\"vpn_cidr\":\"${DEFAULT_VPN_CIDR:-100.96.0.0/24}\",\"dns_servers\":[\"10.20.0.53\"]}" \
"${BOOTSTRAP_URL}")" "${BOOTSTRAP_URL}")"
NEXAVPN_GATEWAY_ID="$(printf '%s' "${BOOTSTRAP_RESPONSE}" | jq -r '.id')" NEXAVPN_GATEWAY_ID="$(printf '%s' "${BOOTSTRAP_RESPONSE}" | jq -r '.id')"
if [ -z "${NEXAVPN_GATEWAY_ID:-}" ] || [ "${NEXAVPN_GATEWAY_ID}" = "null" ]; then if [ -z "${NEXAVPN_GATEWAY_ID:-}" ] || [ "${NEXAVPN_GATEWAY_ID}" = "null" ]; then