Okay, I ended up wiping my Raspberry Pi and completely started from scratch. I installed Wireguard and confirmed that was working and pinged my Oracle instance successfully.
Then I created a new Storj identity, got a new key, reinstalled Docker and went through the setup instructions for Storj on a Pi. I now have a working Storj container and can pull up both the CLI dashboard and the web interface dashboard on another computer. However, on the web dashboard I have an error that QUIC is misconfigured, and weirdly Wireguard on the client side stopped working, either when I installed Docker or when I finished setting up the Storj node. I just got Wireguard up and running again between the Pi and the Oracle instance, but QUIC is still coming up misconfigured.
@Alexey to answer your questions: Since I am using a Pi 4 with 8 gigabytes of RAM and that memory fix is for Pi 3 B/B+, I decided to skip the memory limit. Since I wiped out the old Pi OS, I think I am now working with a fresh Docker image of Storj. To clarify, those parentheses on the Docker run command were just in my post here, not in the actual run command.
@Krawi I have changed the ADDRESS value to my Oracle instance’s public IP and that worked in my latest setup run for Storj. However, now Wireguard then stopped working on the client side, and pinging it from the Oracle instance is failing. Just got Wireguard back up and running but QUIC is still showing misconfigured.
I think routing is enabled on the Oracle instance, because I have a separate Mysterium node running on it in a separate Wireguard configuration (myst0). I made wg0 for Storj. In /etc/sysctl.conf I have IPv4 packet forwarding enabled.
In my wg0.conf file, this was what I had under [Interface] that was working up until I got Storj working on the client side. This was the config that @JWvdV listed that was working for him.
(The immediate first PostUp and PostDown values that point to .sh files were generated by this Wireguard setup that you linked to, which did get it working initially)
[Interface]
PrivateKey = [REDACTED]
Address = 10.66.66.1/24, fd55:1a33:34e3::1/64
ListenPort = 51820
PostUp = /etc/wireguard/helper/add-nat-routing.sh
PostDown = /etc/wireguard/helper/remove-nat-routing.sh
# Input from outside, mind the ingress-rule from Oracle-cloud!
# In my case the Wireguard-port is 51820
PostUp = iptables -I INPUT -p udp --dport 51820 -j ACCEPT
PostDown = iptables -D INPUT -p udp --dport 51820 -j ACCEPT
# Forwarding bidirectional, %i is substituted for the name of the wireguard-adapter
PostUp = iptables -I FORWARD -o %i -j ACCEPT
PostUp = iptables -I FORWARD -i %i -j ACCEPT
PostUp = ip6tables -I FORWARD -i %i -j ACCEPT
PostDown = iptables -D FORWARD -o %i -j ACCEPT
PostDown = iptables -D FORWARD -i %i -j ACCEPT
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT
# In my case the ethernet adapter is enp0s6, change according to your situation
PostUp = iptables -t nat -A POSTROUTING -o enp0s6 -j MASQUERADE
PostUp = ip6tables -t nat -A POSTROUTING -o enp0s6 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o enp0s6 -j MASQUERADE
PostDown = ip6tables -t nat -D POSTROUTING -o enp0s6 -j MASQUERADE
# STORJ, in my case it's the client with IP 10.66.66.2.
PostUp = iptables -I INPUT -p udp --dport 28967 -j ACCEPT
PostUp = iptables -I INPUT -p tcp --dport 28967 -j ACCEPT
PostUp = iptables -t nat -A PREROUTING -p udp --dport 28967 -j DNAT --to-destination 10.66.66.2
PostUp = iptables -t nat -A PREROUTING -p tcp --dport 28967 -j DNAT --to-destination 10.66.66.2
PostDown = iptables -D INPUT -p udp --dport 28967 -j ACCEPT
PostDown = iptables -D INPUT -p tcp --dport 28967 -j ACCEPT
PostDown = iptables -t nat -D PREROUTING -p udp --dport 28967 -j DNAT --to-destination 10.66.66.2
PostDown = iptables -t nat -D PREROUTING -p tcp --dport 28967 -j DNAT --to-destination 10.66.66.2