Added new listmonk, baserow, wireguard to support installapp and uninstallapp

2024-02-22 19:47:38 +00:00 · 2024-02-22 19:47:38 +00:00 · 9d490afb7f
commit 9d490afb7f
parent 11c9920ca9
6 changed files with 559 additions and 1 deletions
--- a/lib/baserow.sh
+++ b/lib/baserow.sh
@ -3,6 +3,7 @@
 # Baserow Service

 PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+get_appvars

 config_baserow() {
  echo -ne "\n* Configuring /federated/apps/baserow container.."
@ -13,6 +14,8 @@ config_baserow() {
    mkdir -p /federated/apps/baserow/data/baserow/data
  fi

+  BASEROW_SECRET=$(create_password);
+
 cat > /federated/apps/baserow/docker-compose.yml <<EOF
 version: '3.7'

@ -57,7 +60,7 @@ EMAIL_SMTP=True
 FROM_EMAIL=baserow@$DOMAIN
 EMAIL_SMTP_HOST=mail.$DOMAIN
 EMAIL_SMTP_PORT=587
-EMAIL_SMTP_USER=fcore
+EMAIL_SMTP_USER=$SMTPUSER
 EMAIL_SMTP_PASSWORD=$ADMINPASS
 EMAIL_SMTP_USE_TLS=True
 EOF
@ -76,10 +79,110 @@ curl -X POST -H 'Content-Type: application/json' -i http://localhost/api/user/ -
 EOF
 chmod +x /federated/apps/baserow/data/createuser.sh

+# Create database and user in postgresql
+docker exec postgresql psql -U postgres -c "CREATE USER baserow WITH PASSWORD '$BASEROW_SECRET'" &> /dev/null
+docker exec postgresql psql -U postgres -c "CREATE DATABASE baserow" &> /dev/null
+docker exec postgresql psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE baserow TO baserow" &> /dev/null
+ 
 kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
+email_baserow() {
+  echo -ne "* Sending email to customer.."
+  spin &
+  SPINPID=$!

+cat > /federated/apps/mail/data/root/certs/mailfile <<EOF
+<html>
+<img src="https://www.federated.computer/wp-content/uploads/2023/11/logo.png" alt="" /><br>
+<p>
+<h4>Listmonk is now installed on $DOMAIN</h4>
+<p>
+Here is your applications chart with on how to access this service:<br>
+<p>
+<h4>Applications</h4>
+<style type="text/css">
+.tg  {border-collapse:collapse;border-spacing:0;}
+.tg td{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px;
+  overflow:hidden;padding:10px 5px;word-break:normal;}
+.tg th{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px;
+  font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;}
+.tg .tg-cul6{border-color:inherit;color:#340096;text-align:left;text-decoration:underline;vertical-align:top}
+.tg .tg-acii{background-color:#FFF;border-color:inherit;color:#333;text-align:left;vertical-align:top}
+.tg .tg-0hty{background-color:#000000;border-color:inherit;color:#ffffff;font-weight:bold;text-align:left;vertical-align:top}
+.tg .tg-kwiq{border-color:inherit;color:#000000;text-align:left;vertical-align:top;word-wrap:break-word}
+.tg .tg-0pky{border-color:inherit;text-align:left;vertical-align:top}
+</style>
+<table class="tg" style="undefined;table-layout: fixed; width: 996px">
+<colgroup>
+<col style="width: 101.333333px">
+<col style="width: 203.333333px">
+<col style="width: 282.333333px">
+<col style="width: 185.33333px">
+<col style="width: 78.333333px">
+<col style="width: 220.333333px">
+</colgroup>
+<thead>
+  <tr>
+    <th class="tg-0hty">Service</th>
+    <th class="tg-0hty">Link</th>
+    <th class="tg-0hty">User / Pass</th>
+    <th class="tg-0hty">Access</th>
+    <th class="tg-0hty">Docs</th>
+    <th class="tg-0hty">Description</th>
+  </tr>
+</thead>
+<tbody>
+  <tr>
+    <td class="tg-kwiq">Baserow</td>
+    <td class="tg-kwiq"><a href="https://baserow.$DOMAIN" target="_blank" rel="noopener noreferrer"><span style="color:#340096">baserow.$DOMAIN</span></a></td>
+    <td class="tg-kwiq">admin@$DOMAIN<br>admin password above</td>
+    <td class="tg-kwiq">User access is separate from panel. Use the admin account to login and then invite other users</td>
+    <td class="tg-kwiq"><a href="https://documentation.federated.computer/docs/getting_started/welcome/" target="_blank" rel="noopener noreferrer"><span style="color:#340096">Click here</span></a></td>
+    <td class="tg-kwiq">Baserow (Air table replacement) allows you to create and customize databases without writing any code</td>
+  </tr>
+</tbody>
+</table>
+<h4>Thanks for your support!</h4>
+<p>
+Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful
+time with Federated Core.
+<p>
+Again, if we can be of any assistance, please don't hesitate to get in touch.
+<p>
+Support: https://support.federated.computer<br>
+Phone: (970) 722-8715<br>
+Email: support@federated.computer<br>
+<p>
+It's <b>your</b> computer. Let's make it work for you!
+</html>
+EOF
+
+  # Send out e-mail from mail container with details
+  docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Application installed on $DOMAIN\" $EMAIL < /root/certs/mailfile"
+  rm /federated/apps/mail/data/root/certs/mailfile
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
+uninstall_baserow() {
+  echo -ne "* Uninstalling baserow container.."
+  spin &
+  SPINPID=$!
+
+  # First stop the service
+  cd /federated/apps/baserow && docker-compose -f docker-compose.yml -p baserow down &> /dev/null
+
+  # Delete database and user in postgresql
+  docker exec postgresql psql -U postgres -c "DROP DATABASE baserow" &> /dev/null
+  docker exec postgresql psql -U postgres -c "DROP USER baserow" &> /dev/null
+
+  # Delete the app directory
+  rm -rf /federated/apps/baserow
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
 start_baserow() {
  # Start service with command to make sure it's up before proceeding
  start_service "baserow" "docker exec baserow curl http://localhost:8000 &> /dev/null" "20"
--- a/lib/baserow.sh.old
+++ b/lib/baserow.sh.old
@ -0,0 +1,104 @@
+#!/bin/bash
+#
+# Baserow Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_baserow() {
+  echo -ne "\n* Configuring /federated/apps/baserow container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "/federated/apps/baserow" ]; then
+    mkdir -p /federated/apps/baserow/data/baserow/data
+  fi
+
+cat > /federated/apps/baserow/docker-compose.yml <<EOF
+version: '3.7'
+
+services:
+  baserow:
+    image: baserow/baserow:\${IMAGE_VERSION}
+    container_name: baserow
+    hostname: baserow.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      federated:
+        ipv4_address: 172.99.0.29
+    env_file:
+      - ./.env
+    volumes:
+      - ./data/baserow/data:/baserow/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.baserow.rule=Host(\`baserow.$DOMAIN\`)"
+      - "traefik.http.routers.baserow.entrypoints=websecure"
+      - "traefik.http.routers.baserow.tls.certresolver=letsencrypt"
+
+networks:
+  federated:
+    external: true
+EOF
+
+cat > /federated/apps/baserow/.env <<EOF
+IMAGE_VERSION="1.18.0"
+BASEROW_PUBLIC_URL=https://baserow.$DOMAIN
+DATABASE_HOST=postgresql.$DOMAIN
+DATABASE_NAME=baserow
+DATABASE_USER=baserow
+DATABASE_PASSWORD_FILE=/baserow/data/.federated.postgresql.secret
+DATABASE_PORT=5432
+BASEROW_AMOUNT_OF_WORKERS=1
+BASEROW_AMOUNT_OF_GUNICORN_WORKERS=1
+BASEROW_RUN_MINIMAL=1
+BASEROW_TRIGGER_SYNC_TEMPLATES_AFTER_MIGRATION="false"
+EMAIL_SMTP=True
+FROM_EMAIL=baserow@$DOMAIN
+EMAIL_SMTP_HOST=mail.$DOMAIN
+EMAIL_SMTP_PORT=587
+EMAIL_SMTP_USER=fcore
+EMAIL_SMTP_PASSWORD=$ADMINPASS
+EMAIL_SMTP_USE_TLS=True
+EOF
+chmod 600 /federated/apps/baserow/.env
+
+echo "$BASEROW_SECRET" > /federated/apps/baserow/data/baserow/data/.federated.postgresql.secret
+
+cat > /federated/apps/baserow/data/createuser.sh <<EOF
+#!/bin/bash
+
+curl -X POST -H 'Content-Type: application/json' -i http://localhost/api/user/ --data '{
+"name": "admin",
+"email": "admin@$DOMAIN",
+"password": "$ADMINPASS"
+}' &> /dev/null
+EOF
+chmod +x /federated/apps/baserow/data/createuser.sh
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_baserow() {
+  # Start service with command to make sure it's up before proceeding
+  start_service "baserow" "docker exec baserow curl http://localhost:8000 &> /dev/null" "20"
+
+  # Move createuser.sh and set it executable
+  mv /federated/apps/baserow/data/createuser.sh /federated/apps/baserow/data/baserow/data/
+  docker exec baserow chmod 755 /baserow/data/createuser.sh
+  [ $? -ne 0 ] && fail "Couldn't chown createuser.sh in /federated/apps/baserow container"
+
+  # Run createuser.sh inside baserow container
+  docker exec baserow /baserow/data/createuser.sh
+  [ $? -ne 0 ] && fail "Couldn't run createuser.sh in /federated/apps/baserow container"
+
+  # Disable new sign ups
+  docker exec postgresql psql -U baserow -c "update core_settings set allow_new_signups='f' where allow_new_signups='t';"
+
+  # Remove baserow create user
+  rm /federated/apps/baserow/data/baserow/data/createuser.sh
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}
--- a/lib/listmonk.sh
+++ b/lib/listmonk.sh
@ -3,6 +3,7 @@
 # Listmonk Service

 PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+get_appvars

 config_listmonk() {
  echo -ne "\n* Configuring /federated/apps/listmonk container.."
@ -13,6 +14,8 @@ config_listmonk() {
    mkdir -p /federated/apps/listmonk/data/listmonk/static /federated/apps/listmonk/data/listmonk/uploads
  fi

+  LISTMONK_SECRET=$(create_password)
+
 cat > /federated/apps/listmonk/docker-compose.yml <<EOF
 version: "3.7"

@ -68,6 +71,11 @@ max_lifetime = "300s"
 EOF
 chmod 600 /federated/apps/listmonk/data/listmonk/config.toml /federated/apps/listmonk/.env

+# Create database and user in postgresql
+docker exec postgresql psql -U postgres -c "CREATE USER listmonk WITH PASSWORD '$LISTMONK_SECRET'" &> /dev/null
+docker exec postgresql psql -U postgres -c "CREATE DATABASE listmonk" &> /dev/null
+docker exec postgresql psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE listmonk TO listmonk" &> /dev/null
+ 
 kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
@ -86,3 +94,99 @@ start_listmonk() {
  kill -9 $SPINPID &> /dev/null
  echo -ne "done."
 }
+email_listmonk() {
+  echo -ne "* Sending email to customer.."
+  spin &
+  SPINPID=$!
+
+cat > /federated/apps/mail/data/root/certs/mailfile <<EOF
+<html>
+<img src="https://www.federated.computer/wp-content/uploads/2023/11/logo.png" alt="" /><br>
+<p>
+<h4>Listmonk is now installed on $DOMAIN</h4>
+<p>
+Here is your applications chart with on how to access this service:<br>
+<p>
+<h4>Applications</h4>
+<style type="text/css">
+.tg  {border-collapse:collapse;border-spacing:0;}
+.tg td{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px;
+  overflow:hidden;padding:10px 5px;word-break:normal;}
+.tg th{border-color:black;border-style:solid;border-width:1px;font-family:Arial, sans-serif;font-size:14px;
+  font-weight:normal;overflow:hidden;padding:10px 5px;word-break:normal;}
+.tg .tg-cul6{border-color:inherit;color:#340096;text-align:left;text-decoration:underline;vertical-align:top}
+.tg .tg-acii{background-color:#FFF;border-color:inherit;color:#333;text-align:left;vertical-align:top}
+.tg .tg-0hty{background-color:#000000;border-color:inherit;color:#ffffff;font-weight:bold;text-align:left;vertical-align:top}
+.tg .tg-kwiq{border-color:inherit;color:#000000;text-align:left;vertical-align:top;word-wrap:break-word}
+.tg .tg-0pky{border-color:inherit;text-align:left;vertical-align:top}
+</style>
+<table class="tg" style="undefined;table-layout: fixed; width: 996px">
+<colgroup>
+<col style="width: 101.333333px">
+<col style="width: 203.333333px">
+<col style="width: 282.333333px">
+<col style="width: 185.33333px">
+<col style="width: 78.333333px">
+<col style="width: 220.333333px">
+</colgroup>
+<thead>
+  <tr>
+    <th class="tg-0hty">Service</th>
+    <th class="tg-0hty">Link</th>
+    <th class="tg-0hty">User / Pass</th>
+    <th class="tg-0hty">Access</th>
+    <th class="tg-0hty">Docs</th>
+    <th class="tg-0hty">Description</th>
+  </tr>
+</thead>
+<tbody>
+  <tr>
+    <td class="tg-kwiq">Listmonk</td>
+    <td class="tg-kwiq"><a href="https://listmonk.$DOMAIN" target="_blank" rel="noopener noreferrer"><span style="color:#340096">listmonk.$DOMAIN</span></a></td>
+    <td class="tg-kwiq">listmonk<br>$LISTMONKPASS</td>
+    <td class="tg-kwiq">User access is separate from panel. There is only the listmonk user</td>
+    <td class="tg-kwiq"><a href="https://documentation.federated.computer/docs/getting_started/welcome/" target="_blank" rel="noopener noreferrer"><span style="color:#340096">Click here</span></a></td>
+    <td class="tg-kwiq">Listmonk is (a replacement for Mailchimp) is used to create e-mail subscription lists</td>
+  </tr>
+</tbody>
+</table>
+<h4>Thanks for your support!</h4>
+<p>
+Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful
+time with Federated Core.
+<p>
+Again, if we can be of any assistance, please don't hesitate to get in touch.
+<p>
+Support: https://support.federated.computer<br>
+Phone: (970) 722-8715<br>
+Email: support@federated.computer<br>
+<p>
+It's <b>your</b> computer. Let's make it work for you!
+</html>
+EOF
+
+  # Send out e-mail from mail container with details
+  docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Application installed on $DOMAIN\" $EMAIL < /root/certs/mailfile"
+  rm /federated/apps/mail/data/root/certs/mailfile
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
+uninstall_listmonk() {
+  echo -ne "* Uninstalling listmonk container.."
+  spin &
+  SPINPID=$!
+
+  # First stop the service
+  cd /federated/apps/listmonk && docker-compose -f docker-compose.yml -p listmonk down &> /dev/null
+
+  # Delete database and user in postgresql
+  docker exec postgresql psql -U postgres -c "DROP DATABASE listmonk" &> /dev/null
+  docker exec postgresql psql -U postgres -c "DROP USER listmonk" &> /dev/null
+
+  # Delete the app directory
+  rm -rf /federated/apps/listmonk
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
--- a/lib/listmonk.sh.old
+++ b/lib/listmonk.sh.old
@ -0,0 +1,88 @@
+#!/bin/bash
+#
+# Listmonk Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_listmonk() {
+  echo -ne "\n* Configuring /federated/apps/listmonk container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "/federated/apps/listmonk" ]; then
+    mkdir -p /federated/apps/listmonk/data/listmonk/static /federated/apps/listmonk/data/listmonk/uploads
+  fi
+
+cat > /federated/apps/listmonk/docker-compose.yml <<EOF
+version: "3.7"
+
+services:
+  listmonk:
+    image: listmonk/listmonk:\${IMAGE_VERSION}
+    container_name: listmonk
+    hostname: listmonk.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      federated:
+        ipv4_address: 172.99.0.21
+    env_file:
+      - ./.env
+    volumes:
+      - ./data/listmonk/config.toml:/listmonk/config.toml
+      - ./data/listmonk/static:/listmonk/static
+      - ./data/listmonk/uploads:/listmonk/uploads
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.listmonk.rule=Host(\`listmonk.$DOMAIN\`)"
+      - "traefik.http.routers.listmonk.entrypoints=websecure"
+      - "traefik.http.routers.listmonk.tls.certresolver=letsencrypt"
+
+networks:
+  federated:
+    external: true
+EOF
+
+cat > /federated/apps/listmonk/.env <<EOF
+IMAGE_VERSION="v2.4.0"
+TZ=Etc/UTC
+EOF
+
+cat > /federated/apps/listmonk/data/listmonk/config.toml <<EOF
+[app]
+address = "0.0.0.0:9000"
+admin_username = "listmonk"
+admin_password = "$LISTMONKPASS"
+
+# Database.
+[db]
+host = "postgresql.$DOMAIN"
+port = 5432
+user = "listmonk"
+password = "$LISTMONK_SECRET"
+database = "listmonk"
+ssl_mode = "verify-full"
+max_open = 25
+max_idle = 25
+max_lifetime = "300s"
+EOF
+chmod 600 /federated/apps/listmonk/data/listmonk/config.toml /federated/apps/listmonk/.env
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+start_listmonk() {
+  # Install the database scheme first
+  docker-compose -f /federated/apps/listmonk/docker-compose.yml run --rm listmonk ./listmonk --install --yes &> /dev/null
+
+  # Change app.root_url and other settings to our domain
+  docker exec postgresql psql -U listmonk -c "update settings set value='\"http://listmonk.$DOMAIN\"' where key='app.root_url'" &> /dev/null
+  docker exec postgresql psql -U listmonk -c "update settings set value='\"listmonk <listmonk@listmonk.$DOMAIN>\"' where key='app.from_email'" &> /dev/null
+  docker exec postgresql psql -U listmonk -c "update settings set value='[{\"host\": \"mail.$DOMAIN\", \"port\": 587, \"enabled\": true, \"password\": \"$ADMINPASS\", \"tls_type\": \"STARTTLS\", \"username\": \"fcore\", \"max_conns\": 10, \"idle_timeout\": \"15s\", \"wait_timeout\": \"5s\", \"auth_protocol\": \"login\", \"email_headers\": [], \"hello_hostname\": \"\", \"max_msg_retries\": 2, \"tls_skip_verify\": false}, {\"host\": \"smtp.gmail.com\", \"port\": 465, \"enabled\": false, \"password\": \"password\", \"tls_type\": \"TLS\", \"username\": \"username@gmail.com\", \"max_conns\": 10, \"idle_timeout\": \"15s\", \"wait_timeout\": \"5s\", \"auth_protocol\": \"login\", \"email_headers\": [], \"hello_hostname\": \"\", \"max_msg_retries\": 2, \"tls_skip_verify\": false}]' where key='smtp';" &> /dev/null
+
+  # Start service with command to make sure it's up before proceeding
+  start_service "listmonk" "nc -z 172.99.0.21 9000 &> /dev/null" "8"
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}
--- a/lib/wireguard.sh
+++ b/lib/wireguard.sh
@ -3,6 +3,7 @@
 # Wireguard / VPN Service

 PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+get_appvars

 config_wireguard() {
  echo -ne "\n* Configuring /federated/apps/wireguard container.."
@ -89,7 +90,66 @@ EOF
 kill -9 $SPINPID &> /dev/null
 echo -ne "done."
 }
+email_wireguard() {
+  echo -ne "* Sending email to customer.."
+  spin &
+  SPINPID=$!

+cat > /federated/apps/mail/data/root/certs/mailfile <<EOF
+<html>
+<img src="https://www.federated.computer/wp-content/uploads/2023/11/logo.png" alt="" /><br>
+<p>
+<h4>Wireguard is now installed on $DOMAIN</h4>
+<p>
+Your core comes with a very powerful VPN solution built using Wireguard. The following information is
+needed by your users so that they can use the VPN. Please treat this information as a very important
+secret. There are two important parts of the VPN:
+<p>
+Here is your VPN configuration:<br>
+<code>
+
+EOF
+sed "s/$/<br>/" /federated/apps/wireguard/data/config/peer1/peer1.conf >> /federated/apps/mail/data/root/certs/mailfile
+
+cat >> /federated/apps/mail/data/root/certs/mailfile <<EOF
+
+</code>
+<h4>Thanks for your support!</h4>
+<p>
+Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful
+time with Federated Core.
+<p>
+Again, if we can be of any assistance, please don't hesitate to get in touch.
+<p>
+Support: https://support.federated.computer<br>
+Phone: (970) 722-8715<br>
+Email: support@federated.computer<br>
+<p>
+It's <b>your</b> computer. Let's make it work for you!
+</html>
+EOF
+
+  # Send out e-mail from mail container with details
+  docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Application installed on $DOMAIN\" $EMAIL < /root/certs/mailfile"
+  rm /federated/apps/mail/data/root/certs/mailfile
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
+uninstall_wireguard() {
+  echo -ne "* Uninstalling wireguard container.."
+  spin &
+  SPINPID=$!
+
+  # First stop the service
+  cd /federated/apps/wireguard && docker-compose -f docker-compose.yml -p wireguard down &> /dev/null
+
+  # Delete the app directory
+  rm -rf /federated/apps/wireguard
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done.\n"
+}
 start_wireguard() {
  # Start service with command to make sure it's up before proceeding
  start_service "wireguard" "nc -uvz 172.99.0.24 51820 &> /dev/null" "8"
--- a/lib/wireguard.sh.old
+++ b/lib/wireguard.sh.old
@ -0,0 +1,99 @@
+#!/bin/bash
+#
+# Wireguard / VPN Service
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_wireguard() {
+  echo -ne "\n* Configuring /federated/apps/wireguard container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "/federated/apps/wireguard" ]; then
+    mkdir -p /federated/apps/wireguard/data/config/coredns
+  fi
+
+cat > /federated/apps/wireguard/docker-compose.yml <<EOF
+version: "3.7"
+services:
+  wireguard:
+    image: linuxserver/wireguard:\${IMAGE_VERSION}
+    container_name: wireguard
+    hostname: wireguard.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      federated:
+        ipv4_address: 172.99.0.24
+    ports:
+      - 51820:51820/udp
+    volumes:
+      - ./data/config:/config
+      - ./data/etc/coredns/Corefile:/etc/coredns/Corefile
+      - /lib/modules:/lib/modules
+    env_file:
+      - ./.env
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+
+networks:
+  federated:
+    external: true
+EOF
+
+cat > /federated/apps/wireguard/.env <<EOF
+IMAGE_VERSION="1.0.20210914"
+PUID=1000
+PGID=1000
+SERVERURL=wireguard.$DOMAIN
+SERVERPORT=51820
+PEERS=1
+PEERDNS=auto
+ALLOWEDIPS=0.0.0.0/0,::/0,172.99.0.0/16,192.160.0.0/16,10.13.13.1/32
+LOG_CONFS=true
+EOF
+chmod 600 /federated/apps/wireguard/.env
+
+cat > /federated/apps/wireguard/data/config/coredns/Corefile <<EOF
+. {
+    hosts {
+      172.99.0.13 powerdns.$DOMAIN
+      172.99.0.13 traefik.$DOMAIN
+      172.99.0.13 panel.$DOMAIN
+      172.99.0.13 nextcloud.$DOMAIN
+      172.99.0.13 listmonk.$DOMAIN
+      172.99.0.13 vaultwarden.$DOMAIN
+      172.99.0.13 jitsi.$DOMAIN
+      172.99.0.13 element.$DOMAIN
+      172.99.0.13 matrix.$DOMAIN
+      172.99.0.13 baserow.$DOMAIN
+      172.99.0.13 gitea.$DOMAIN
+      172.99.0.13 autodiscover.$DOMAIN
+      172.99.0.13 castopod.$DOMAIN
+      172.99.0.13 wordpress.$DOMAIN
+      172.99.0.13 bookstack.$DOMAIN
+      172.99.0.13 freescout.$DOMAIN
+      172.99.0.13 msp.$DOMAIN
+      172.99.0.13 espocrm.$DOMAIN
+      fallthrough
+    }
+    loop
+    health
+    forward . /etc/resolv.conf
+}
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_wireguard() {
+  # Start service with command to make sure it's up before proceeding
+  start_service "wireguard" "nc -uvz 172.99.0.24 51820 &> /dev/null" "8"
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}