Wireguard cannot handle DNS server names

andreas.schuette · 18 April 2025 11:52

I thought about a workaround since the problem affects me. It’s a bit late despite the problem seems to be solved by Sailfish OS 5.0.0.67. For those who want or have to use older releases this might be helpful.

I attempted to work around the issue by modifying the appropriate config-file

/home/defaultuser/.local/share/system/privileged/connman-vpn/provider_<YOUR_PROVIDER>_sailfishos_org/settings

The Format of settings is simple and comparable to an ini-File. That makes things a lot easier, since there’s nothing binary involved.

[<YOUR_PROVIDER>_sailfishos_org]
Name=wg0
Type=wireguard
Host=<YOUR_PROVIDER_FQDN>
VPN.Domain=sailfishos.org
WireGuard.Address=192.168.0.187/24
WireGuard.DNS=192.168.0.18,192.168.0.1
WireGuard.PrivateKey=<PrivateKey>
WireGuard.PresharedKey=<PresharedKey>
WireGuard.PublicKey=<PublicKey>
WireGuard.AllowedIPs=192.168.0.0/24,0.0.0.0/0
WireGuard.EndpointPort=55378
WireGuard.PersistentKeepalive=25
WireGuard.DisableIPv6=false

The Idea is just using a small script called by systemd 5min after boot and afterwards every 6h to update the config-file (in particular it’s Host-value) mentioned above.

Create update-wg-host.service in /etc/systemd/system, copy and paste the content from here

[Unit]
Description=Update wireguard host based on dyndns-IP

[Service]
Type=oneshot
ExecStart=/usr/local/bin/update-vpn-host
StandardOutput=journal
StandardError=journal

Create update-wg-host.timer in /etc/systemd/system, copy and paste the following

[Unit]
Description=Update wireguard host based on IP every 6 hours

[Timer]
OnBootSec=5min
OnUnitActiveSec=6h
Persistent=true

[Install]
WantedBy=timers.target

Now take the script in place. Create update-wg-host in /usr/local/bin. Copy and paste it`s content.

#!/bin/sh
# Name        : update-wg-host
# Description : Updates wireguard-host utilizing a systemd.service and systemd.timer

CONFIG_FILE="/home/defaultuser/.local/share/system/privileged/connman-vpn/provider_<YOUR_PROVIDER>_sailfishos_org/settings"
DOMAIN="YOUR_PROVIDER"

echo "[$(basename "$0")] IP update for "$DOMAIN" started."
IP=$(getent hosts "$DOMAIN" | awk '{ print $1 }')

# Check IP
if [[ -z "$IP" ]]; then
    echo "[$(basename "$0")] Failed getting IP for "$DOMAIN"."
    exit 1
else
    echo "[$(basename "$0")] New IP is "$IP"."
fi

# Perform Update
if grep -q "^Host=" "$CONFIG_FILE"; then
    sed -i "s/^Host=.*/Host=$IP/" "$CONFIG_FILE"
    echo "[$(basename "$0")] Config file successfully updated."
else
    echo "[$(basename "$0")] Failed updating config file."
    exit 1
fi

# Restart Connman to reflect changes
if systemctl restart connman; then
    echo "[$(basename "$0")] ConnMan restarted. Changes applied and active."
    exit 0
else
    echo "[$(basename "$0")] Failed restarting ConnMan. Changes applied but inactive."
    exit 1
fi

Edit <YOUR_PROVIDER> to match your needs. Be aware of using _ (in CONFIG_FILE) and . (in DOMAIN).

When everything is in place and updated to reflect your personal settings it’s time to activate it. Reload the systemd-daemon systemctl daemon-reload then enable and start the timer unit systemctl enable --now update-wg-host.timer.

As the script logs into journal you could take a closer look on what’s going in by journalctl -u update-wg-host.

Furthermore you are able to start the update on demand by calling the script manually via command-line or e.g. with qCommand.