From 6260be84250296458b95657bc2aa5d3fa021d53e Mon Sep 17 00:00:00 2001
From: CanbiZ <47820557+MickLesk@users.noreply.github.com>
Date: Wed, 2 Apr 2025 18:53:21 +0200
Subject: [PATCH] Alpine-Wireguard (#3611)

---
 ct/alpine-wireguard.sh              |  50 +++++++++++++
 frontend/public/json/wireguard.json |  11 +++
 install/alpine-wireguard-install.sh | 105 ++++++++++++++++++++++++++++
 3 files changed, 166 insertions(+)
 create mode 100644 ct/alpine-wireguard.sh
 create mode 100644 install/alpine-wireguard-install.sh

diff --git a/ct/alpine-wireguard.sh b/ct/alpine-wireguard.sh
new file mode 100644
index 000000000..48277edc7
--- /dev/null
+++ b/ct/alpine-wireguard.sh
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+source <(curl -s https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.wireguard.com/
+
+APP="Alpine-Wireguard"
+var_tags="${var_tags:-alpine;vpn}"
+var_cpu="${var_cpu:-1}"
+var_ram="${var_ram:-256}"
+var_disk="${var_disk:-1}"
+var_os="${var_os:-alpine}"
+var_version="${var_version:-3.21}"
+var_unprivileged="${var_unprivileged:-1}"
+
+header_info "$APP"
+variables
+color
+catch_errors
+
+function update_script() {
+  msg_info "Updating Alpine Packages"
+  $STD apk update
+  $STD apk upgrade
+  msg_ok "Updated Alpine Packages"
+
+  msg_info "update wireguard-tools"
+  $STD apk add --no-cache --upgrade wireguard-tools
+  msg_ok "wireguard-tools updated"
+
+  if [[ -d /etc/wgdashboard/src ]]; then
+    msg_info "update WGDashboard"
+    cd /etc/wgdashboard/src || exit
+    $STD echo "y" | ./wgd.sh update
+    $STD ./wgd.sh start
+    msg_ok "WGDashboard updated"
+  fi
+
+  exit 0
+}
+
+start
+build_container
+description
+
+msg_ok "Completed Successfully!\n"
+echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
+echo -e "${INFO}${YW} WGDashboard Access it using the following URL:${CL}"
+echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:10086${CL}"
diff --git a/frontend/public/json/wireguard.json b/frontend/public/json/wireguard.json
index e2a8cd7a7..5984f9dd3 100644
--- a/frontend/public/json/wireguard.json
+++ b/frontend/public/json/wireguard.json
@@ -24,6 +24,17 @@
                 "os": "debian",
                 "version": "12"
             }
+        },
+        {
+            "type": "alpine",
+            "script": "ct/alpine-wireguard.sh",
+            "resources": {
+                "cpu": 1,
+                "ram": 256,
+                "hdd": 1,
+                "os": "alpine",
+                "version": "3.21"
+            }
         }
     ],
     "default_credentials": {
diff --git a/install/alpine-wireguard-install.sh b/install/alpine-wireguard-install.sh
new file mode 100644
index 000000000..68a0d1dd8
--- /dev/null
+++ b/install/alpine-wireguard-install.sh
@@ -0,0 +1,105 @@
+#!/usr/bin/env bash
+
+# Copyright (c) 2021-2025 community-scripts ORG
+# Author: MickLesk (CanbiZ)
+# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
+# Source: https://www.wireguard.com/
+
+source /dev/stdin <<<"$FUNCTIONS_FILE_PATH"
+color
+verb_ip6
+catch_errors
+setting_up_container
+network_check
+update_os
+
+msg_info "Installing Dependencies"
+$STD apk add \
+    newt \
+    curl \
+    openssh \
+    nano \
+    mc \
+    gpg \
+    iptables \
+    openrc
+msg_ok "Installed Dependencies"
+
+msg_info "Installing WireGuard"
+$STD apk add --no-cache wireguard-tools
+if [[ ! -L /etc/init.d/wg-quick.wg0 ]]; then
+    ln -s /etc/init.d/wg-quick /etc/init.d/wg-quick.wg0
+fi
+
+private_key=$(wg genkey)
+cat <<EOF >/etc/wireguard/wg0.conf
+[Interface]
+PrivateKey = ${private_key}
+Address = 10.0.0.1/24
+SaveConfig = true
+PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE;
+ListenPort = 51820
+EOF
+msg_ok "Installed WireGuard"
+
+read -rp "Do you want to install WGDashboard? (y/N): " INSTALL_WGD
+if [[ "$INSTALL_WGD" =~ ^[Yy]$ ]]; then
+    msg_info "Installing additional dependencies for WGDashboard"
+    $STD apk add --no-cache \
+        python3 \
+        py3-pip \
+        git \
+        sudo \
+        musl-dev \
+        linux-headers \
+        gcc \
+        python3-dev
+    msg_ok "Installed additional dependencies for WGDashboard"
+    msg_info "Installing WGDashboard"
+    git clone -q https://github.com/donaldzou/WGDashboard.git /etc/wgdashboard
+    cd /etc/wgdashboard/src || exit
+    chmod u+x wgd.sh
+    $STD ./wgd.sh install
+    $STD echo "net.ipv4.ip_forward=1" >>/etc/sysctl.conf
+    sysctl -p /etc/sysctl.conf
+    msg_ok "Installed WGDashboard"
+
+    msg_info "Creating Service for WGDashboard"
+    cat <<EOF >/etc/init.d/wg-dashboard
+#!/sbin/openrc-run
+
+description="WireGuard Dashboard Service"
+
+depend() {
+    need net
+    after firewall
+}
+
+start() {
+    ebegin "Starting WGDashboard"
+    cd /etc/wgdashboard/src/ || exit 1
+    ./wgd.sh start &
+    eend $?
+}
+
+stop() {
+    ebegin "Stopping WGDashboard"
+    pkill -f "wgd.sh"
+    eend $?
+}
+EOF
+    chmod +x /etc/init.d/wg-dashboard
+    $STD rc-update add wg-dashboard default
+    $STD rc-service wg-dashboard start
+    msg_ok "Created Service for WGDashboard"
+
+fi
+
+msg_info "Starting Services"
+$STD rc-update add wg-quick.wg0 default
+$STD rc-service wg-quick.wg0 start
+msg_ok "Started Services"
+
+motd_ssh
+customize