diff --git a/client/configurators/ikev2_configurator.cpp b/client/configurators/ikev2_configurator.cpp
index 4c01cbdc..e3788f90 100644
--- a/client/configurators/ikev2_configurator.cpp
+++ b/client/configurators/ikev2_configurator.cpp
@@ -55,7 +55,6 @@ QString Ikev2Configurator::genIkev2Config(const ServerCredentials &credentials,
         return "";
     }
 
-
     QJsonObject config;
     config[config_key::hostName] = connData.host;
     config[config_key::userName] = connData.clientId;
diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp
index 5dac8cf0..82b77b05 100644
--- a/client/configurators/openvpn_configurator.cpp
+++ b/client/configurators/openvpn_configurator.cpp
@@ -5,6 +5,7 @@
 #include <QTemporaryDir>
 #include <QDebug>
 #include <QTemporaryFile>
+#include <QJsonObject>
 
 #include "core/server_defs.h"
 #include "containers/containers_defs.h"
@@ -242,8 +243,10 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia
     config.replace("block-outside-dns", "");
 #endif
 
-    //qDebug().noquote() << config;
-    return config;
+    QJsonObject jConfig;
+    jConfig[config_key::config] = config;
+
+    return QJsonDocument(jConfig).toJson();
 }
 
 QString OpenVpnConfigurator::processConfigWithLocalSettings(QString config)
diff --git a/client/configurators/wireguard_configurator.cpp b/client/configurators/wireguard_configurator.cpp
index c5c01d7c..2f63e5dd 100644
--- a/client/configurators/wireguard_configurator.cpp
+++ b/client/configurators/wireguard_configurator.cpp
@@ -158,8 +158,10 @@ QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &crede
     config.replace("$WIREGUARD_SERVER_PUBLIC_KEY", connData.serverPubKey);
     config.replace("$WIREGUARD_PSK", connData.pskKey);
 
-    qDebug().noquote() << config;
-    return config;
+    QJsonObject jConfig;
+    jConfig[config_key::config] = config;
+
+    return QJsonDocument(jConfig).toJson();
 }
 
 QString WireguardConfigurator::processConfigWithLocalSettings(QString config)
@@ -168,7 +170,10 @@ QString WireguardConfigurator::processConfigWithLocalSettings(QString config)
     config.replace("$PRIMARY_DNS", m_settings().primaryDns());
     config.replace("$SECONDARY_DNS", m_settings().secondaryDns());
 
-    return config;
+    QJsonObject jConfig;
+    jConfig[config_key::config] = config;
+
+    return QJsonDocument(jConfig).toJson();
 }
 
 QString WireguardConfigurator::processConfigWithExportSettings(QString config)
diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp
index c6dc4d35..074ea584 100644
--- a/client/protocols/openvpnprotocol.cpp
+++ b/client/protocols/openvpnprotocol.cpp
@@ -87,23 +87,15 @@ void OpenVpnProtocol::killOpenVpnProcess()
 void OpenVpnProtocol::readOpenVpnConfiguration(const QJsonObject &configuration)
 {
     if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::OpenVpn))) {
+        QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::OpenVpn)).toObject();
+
         m_configFile.open();
-        m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::OpenVpn)).toString().toUtf8());
+        m_configFile.write(jConfig.value(config_key::config).toString().toUtf8());
         m_configFile.close();
         m_configFileName = m_configFile.fileName();
 
         qDebug().noquote() << QString("Set config data") << m_configFileName;
     }
-    else if (configuration.contains(ProtocolProps::key_proto_config_path(Protocol::OpenVpn))) {
-        m_configFileName = configuration.value(ProtocolProps::key_proto_config_path(Protocol::OpenVpn)).toString();
-        QFileInfo file(m_configFileName);
-
-        if (file.fileName().isEmpty()) {
-            m_configFileName = defaultConfigFileName();
-        }
-
-        qDebug().noquote() << QString("Set config file: '%1'").arg(configPath());
-    }
 }
 
 bool OpenVpnProtocol::openVpnProcessIsRunning() const
diff --git a/client/protocols/protocols_defs.h b/client/protocols/protocols_defs.h
index e046c0bc..bd76296e 100644
--- a/client/protocols/protocols_defs.h
+++ b/client/protocols/protocols_defs.h
@@ -17,6 +17,7 @@ constexpr char local_port[] = "local_port";
 
 constexpr char description[] = "description";
 constexpr char cert[] = "cert";
+constexpr char config[] = "config";
 
 
 constexpr char containers[] = "containers";
diff --git a/client/protocols/wireguardprotocol.cpp b/client/protocols/wireguardprotocol.cpp
index 5c37d446..16aa93ac 100644
--- a/client/protocols/wireguardprotocol.cpp
+++ b/client/protocols/wireguardprotocol.cpp
@@ -73,31 +73,22 @@ void WireguardProtocol::stop()
 
 void WireguardProtocol::readWireguardConfiguration(const QJsonObject &configuration)
 {
-    if (configuration.contains(ProtocolProps::key_proto_config_data(Protocol::WireGuard))) {
-        if (!m_configFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) {
-            qCritical() << "Failed to save wireguard config to" << m_configFile.fileName();
-            return;
-        }
+    QJsonObject jConfig = configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toObject();
 
-        m_isConfigLoaded = true;
-
-        m_configFile.write(configuration.value(ProtocolProps::key_proto_config_data(Protocol::Ikev2)).toString().toUtf8());
-        m_configFile.close();
-        m_configFileName = m_configFile.fileName();
-
-        qDebug().noquote() << QString("Set config data") << m_configFileName;
-        qDebug().noquote() << QString("Set config data") << configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toString().toUtf8();
+    if (!m_configFile.open(QIODevice::WriteOnly | QIODevice::Truncate)) {
+        qCritical() << "Failed to save wireguard config to" << m_configFile.fileName();
+        return;
     }
-//    else if (configuration.contains(config::key_wireguard_config_path)) {
-//        m_configFileName = configuration.value(config::key_wireguard_config_path).toString();
-//        QFileInfo file(m_configFileName);
 
-//        if (file.fileName().isEmpty()) {
-//            m_configFileName = defaultConfigFileName();
-//        }
+    m_isConfigLoaded = true;
+
+    m_configFile.write(jConfig.value(config_key::config).toString().toUtf8());
+    m_configFile.close();
+    m_configFileName = m_configFile.fileName();
+
+    qDebug().noquote() << QString("Set config data") << m_configFileName;
+    qDebug().noquote() << QString("Set config data") << configuration.value(ProtocolProps::key_proto_config_data(Protocol::WireGuard)).toString().toUtf8();
 
-//        qDebug().noquote() << QString("Set config file: '%1'").arg(configPath());
-//    }
 }
 
 //bool WireguardProtocol::openVpnProcessIsRunning() const
diff --git a/client/server_scripts/openvpn/configure_container.sh b/client/server_scripts/openvpn/configure_container.sh
index ceb8c993..d51d019b 100644
--- a/client/server_scripts/openvpn/configure_container.sh
+++ b/client/server_scripts/openvpn/configure_container.sh
@@ -1,27 +1,26 @@
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-echo -e "\
-port $OPENVPN_PORT \\n\
-proto $OPENVPN_TRANSPORT_PROTO \\n\
-dev tun \\n\
-ca /opt/amnezia/openvpn/ca.crt \\n\
-cert /opt/amnezia/openvpn/AmneziaReq.crt \\n\
-key /opt/amnezia/openvpn/AmneziaReq.key \\n\
-dh /opt/amnezia/openvpn/dh.pem \\n\
-server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK \\n\
-ifconfig-pool-persist ipp.txt \\n\
-duplicate-cn \\n\
-keepalive 10 120 \\n\
-$OPENVPN_NCP_DISABLE \\n\
-cipher $OPENVPN_CIPHER \\n\
-data-ciphers $OPENVPN_CIPHER \\n\
-auth $OPENVPN_HASH \\n\
-user nobody \\n\
-group nobody \\n\
-persist-key \\n\
-persist-tun \\n\
-status openvpn-status.log \\n\
-verb 1 \\n\
-tls-server \\n\
-tls-version-min 1.2 \\n\
-$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
-
+cat > /opt/amnezia/openvpn/server.conf <<EOF
+port $OPENVPN_PORT
+proto $OPENVPN_TRANSPORT_PROTO
+dev tun
+ca /opt/amnezia/openvpn/ca.crt
+cert /opt/amnezia/openvpn/AmneziaReq.crt
+key /opt/amnezia/openvpn/AmneziaReq.key
+dh /opt/amnezia/openvpn/dh.pem
+server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK
+ifconfig-pool-persist ipp.txt
+duplicate-cn
+keepalive 10 120
+$OPENVPN_NCP_DISABLE
+cipher $OPENVPN_CIPHER
+data-ciphers $OPENVPN_CIPHER
+auth $OPENVPN_HASH
+user nobody
+group nobody
+persist-key
+persist-tun
+status openvpn-status.log
+verb 1
+tls-server
+tls-version-min 1.2
+$OPENVPN_TLS_AUTH
+EOF
diff --git a/client/server_scripts/openvpn_cloak/configure_container.sh b/client/server_scripts/openvpn_cloak/configure_container.sh
index 6576a9d3..72961810 100644
--- a/client/server_scripts/openvpn_cloak/configure_container.sh
+++ b/client/server_scripts/openvpn_cloak/configure_container.sh
@@ -1,71 +1,75 @@
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-echo -e "\
-port $OPENVPN_PORT \\n\
-proto $OPENVPN_TRANSPORT_PROTO \\n\
-dev tun \\n\
-ca /opt/amnezia/openvpn/ca.crt \\n\
-cert /opt/amnezia/openvpn/AmneziaReq.crt \\n\
-key /opt/amnezia/openvpn/AmneziaReq.key \\n\
-dh /opt/amnezia/openvpn/dh.pem \\n\
-server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK \\n\
-ifconfig-pool-persist ipp.txt \\n\
-duplicate-cn \\n\
-keepalive 10 120 \\n\
-$OPENVPN_NCP_DISABLE \\n\
-cipher $OPENVPN_CIPHER \\n\
-data-ciphers $OPENVPN_CIPHER \\n\
-auth $OPENVPN_HASH \\n\
-user nobody \\n\
-group nobody \\n\
-persist-key \\n\
-persist-tun \\n\
-status openvpn-status.log \\n\
-verb 1 \\n\
-tls-server \\n\
-tls-version-min 1.2 \\n\
-$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
+cat > /opt/amnezia/openvpn/server.conf <<EOF
+port $OPENVPN_PORT
+proto $OPENVPN_TRANSPORT_PROTO
+dev tun
+ca /opt/amnezia/openvpn/ca.crt
+cert /opt/amnezia/openvpn/AmneziaReq.crt
+key /opt/amnezia/openvpn/AmneziaReq.key
+dh /opt/amnezia/openvpn/dh.pem
+server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK
+ifconfig-pool-persist ipp.txt
+duplicate-cn
+keepalive 10 120
+$OPENVPN_NCP_DISABLE
+cipher $OPENVPN_CIPHER
+data-ciphers $OPENVPN_CIPHER
+auth $OPENVPN_HASH
+user nobody
+group nobody
+persist-key
+persist-tun
+status openvpn-status.log
+verb 1
+tls-server
+tls-version-min 1.2
+$OPENVPN_TLS_AUTH
+EOF
 
 # Cloak config
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-mkdir -p /opt/amnezia/cloak; \
-cd /opt/amnezia/cloak || exit 1; \
-CLOAK_ADMIN_UID=$(ck-server -u) && echo $CLOAK_ADMIN_UID > /opt/amnezia/cloak/cloak_admin_uid.key; \
-CLOAK_BYPASS_UID=$(ck-server -u) && echo $CLOAK_BYPASS_UID > /opt/amnezia/cloak/cloak_bypass_uid.key; \
-IFS=, read CLOAK_PUBLIC_KEY CLOAK_PRIVATE_KEY <<<$(ck-server -k); \
-echo $CLOAK_PUBLIC_KEY > /opt/amnezia/cloak/cloak_public.key; \
-echo $CLOAK_PRIVATE_KEY > /opt/amnezia/cloak/cloak_private.key; \
-echo -e "{\\n\
-  \"ProxyBook\": {\\n\
-     \"openvpn\": [\\n\
-     \"$OPENVPN_TRANSPORT_PROTO\",\\n\
-     \"localhost:$OPENVPN_PORT\"\\n\
-    ],\\n\
-     \"shadowsocks\": [\\n\
-     \"tcp\",\\n\
-     \"localhost:$SHADOWSOCKS_SERVER_PORT\"\\n\
-   ]\\n\
-  },\\n\
-  \"BypassUID\": [\\n\
-    \"$CLOAK_BYPASS_UID\"\\n\
-  ],\\n\
-  \"BindAddr\":[\":443\"],\\n\
-  \"RedirAddr\": \"$FAKE_WEB_SITE_ADDRESS\",\\n\
-  \"PrivateKey\": \"$CLOAK_PRIVATE_KEY\",\\n\
-  \"AdminUID\": \"$CLOAK_ADMIN_UID\",\\n\
-  \"DatabasePath\": \"userinfo.db\",\\n\
-  \"StreamTimeout\": 300\\n\
-}" >/opt/amnezia/cloak/ck-config.json'
+mkdir -p /opt/amnezia/cloak
+cd /opt/amnezia/cloak || exit 1
+CLOAK_ADMIN_UID=$(ck-server -u) && echo $CLOAK_ADMIN_UID > /opt/amnezia/cloak/cloak_admin_uid.key
+CLOAK_BYPASS_UID=$(ck-server -u) && echo $CLOAK_BYPASS_UID > /opt/amnezia/cloak/cloak_bypass_uid.key
+IFS=, read CLOAK_PUBLIC_KEY CLOAK_PRIVATE_KEY <<<$(ck-server -k)
+echo $CLOAK_PUBLIC_KEY > /opt/amnezia/cloak/cloak_public.key
+echo $CLOAK_PRIVATE_KEY > /opt/amnezia/cloak/cloak_private.key
+
+cat > /opt/amnezia/cloak/ck-config.json <<EOF
+{
+  "ProxyBook": {
+     "openvpn": [
+     "$OPENVPN_TRANSPORT_PROTO",
+     "localhost:$OPENVPN_PORT"
+    ],
+     "shadowsocks": [
+     "tcp",
+     "localhost:$SHADOWSOCKS_SERVER_PORT"
+   ]
+  },
+  "BypassUID": [
+    "$CLOAK_BYPASS_UID"
+  ],
+  "BindAddr":[":443"],
+  "RedirAddr": "$FAKE_WEB_SITE_ADDRESS",
+  "PrivateKey": "$CLOAK_PRIVATE_KEY",
+  "AdminUID": "$CLOAK_ADMIN_UID",
+  "DatabasePath": "userinfo.db",
+  "StreamTimeout": 300
+}
+EOF
 
 # ShadowSocks config
-sudo docker exec -i $CONTAINER_NAME bash -c '\
 mkdir -p /opt/amnezia/shadowsocks; \
 cd /opt/amnezia/shadowsocks || exit 1; \
-SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A") && echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key; \
-echo -e "{\\n\
-    \"local_port\": 8585,\\n\
-    \"method\": \"$SHADOWSOCKS_CIPHER\",\\n\
-    \"password\": \"$SHADOWSOCKS_PASSWORD\",\\n\
-    \"server\": \"0.0.0.0\",\\n\
-    \"server_port\": $SHADOWSOCKS_SERVER_PORT,\\n\
-    \"timeout\": 60\\n\
-}" >/opt/amnezia/shadowsocks/ss-config.json'
+SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A")
+echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key
+cat > /opt/amnezia/shadowsocks/ss-config.json <<EOF
+{
+    "local_port": 8585,
+    "method": "$SHADOWSOCKS_CIPHER",
+    "password": "$SHADOWSOCKS_PASSWORD",
+    "server": "0.0.0.0",
+    "server_port": $SHADOWSOCKS_SERVER_PORT,
+    "timeout": 60
+}
+EOF
diff --git a/client/server_scripts/openvpn_shadowsocks/configure_container.sh b/client/server_scripts/openvpn_shadowsocks/configure_container.sh
index b04f1ca8..29a5ebf9 100644
--- a/client/server_scripts/openvpn_shadowsocks/configure_container.sh
+++ b/client/server_scripts/openvpn_shadowsocks/configure_container.sh
@@ -1,40 +1,43 @@
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-echo -e "\
-port $OPENVPN_PORT \\n\
-proto tcp \\n\
-dev tun \\n\
-ca /opt/amnezia/openvpn/ca.crt \\n\
-cert /opt/amnezia/openvpn/AmneziaReq.crt \\n\
-key /opt/amnezia/openvpn/AmneziaReq.key \\n\
-dh /opt/amnezia/openvpn/dh.pem \\n\
-server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK \\n\
-ifconfig-pool-persist ipp.txt \\n\
-duplicate-cn \\n\
-keepalive 10 120 \\n\
-$OPENVPN_NCP_DISABLE \\n\
-cipher $OPENVPN_CIPHER \\n\
-data-ciphers $OPENVPN_CIPHER \\n\
-auth $OPENVPN_HASH \\n\
-user nobody \\n\
-group nobody \\n\
-persist-key \\n\
-persist-tun \\n\
-status openvpn-status.log \\n\
-verb 1 \\n\
-tls-server \\n\
-tls-version-min 1.2 \\n\
-$OPENVPN_TLS_AUTH" >/opt/amnezia/openvpn/server.conf'
+cat > /opt/amnezia/openvpn/server.conf <<EOF
+port $OPENVPN_PORT
+proto tcp
+dev tun
+ca /opt/amnezia/openvpn/ca.crt
+cert /opt/amnezia/openvpn/AmneziaReq.crt
+key /opt/amnezia/openvpn/AmneziaReq.key
+dh /opt/amnezia/openvpn/dh.pem
+server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK
+ifconfig-pool-persist ipp.txt
+duplicate-cn
+keepalive 10 120
+$OPENVPN_NCP_DISABLE
+cipher $OPENVPN_CIPHER
+data-ciphers $OPENVPN_CIPHER
+auth $OPENVPN_HASH
+user nobody
+group nobody
+persist-key
+persist-tun
+status openvpn-status.log
+verb 1
+tls-server
+tls-version-min 1.2
+$OPENVPN_TLS_AUTH
+EOF
 
 # ShadowSocks config
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-mkdir -p /opt/amnezia/shadowsocks; \
-cd /opt/amnezia/shadowsocks || exit 1; \
-SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A") && echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key; \
-echo -e "{\\n\
-    \"local_port\": 8585,\\n\
-    \"method\": \"$SHADOWSOCKS_CIPHER\",\\n\
-    \"password\": \"$SHADOWSOCKS_PASSWORD\",\\n\
-    \"server\": \"0.0.0.0\",\\n\
-    \"server_port\": $SHADOWSOCKS_SERVER_PORT,\\n\
-    \"timeout\": 60\\n\
-}" >/opt/amnezia/shadowsocks/ss-config.json'
+mkdir -p /opt/amnezia/shadowsocks
+cd /opt/amnezia/shadowsocks
+SHADOWSOCKS_PASSWORD=$(openssl rand -base64 32 | tr "=" "A" | tr "+" "A" | tr "/" "A")
+echo $SHADOWSOCKS_PASSWORD > /opt/amnezia/shadowsocks/shadowsocks.key
+
+cat > /opt/amnezia/shadowsocks/ss-config.json <<EOF
+{
+    "local_port": 8585,
+    "method": "$SHADOWSOCKS_CIPHER",
+    "password": "$SHADOWSOCKS_PASSWORD",
+    "server": "0.0.0.0",
+    "server_port": $SHADOWSOCKS_SERVER_PORT,
+    "timeout": 60
+}
+EOF
diff --git a/client/server_scripts/website_tor/configure_container.sh b/client/server_scripts/website_tor/configure_container.sh
index d49d418f..31c9eb93 100644
--- a/client/server_scripts/website_tor/configure_container.sh
+++ b/client/server_scripts/website_tor/configure_container.sh
@@ -1,2 +1,3 @@
 sleep 5
-sudo docker exec -i amnezia-tor onions
+# get onions list
+onions
diff --git a/client/server_scripts/wireguard/configure_container.sh b/client/server_scripts/wireguard/configure_container.sh
index ecb72e6c..58105d49 100644
--- a/client/server_scripts/wireguard/configure_container.sh
+++ b/client/server_scripts/wireguard/configure_container.sh
@@ -1,13 +1,17 @@
-# Wireguard config
-sudo docker exec -i $CONTAINER_NAME bash -c '\
-mkdir -p /opt/amnezia/wireguard; \
-cd /opt/amnezia/wireguard || exit 1; \
-WIREGUARD_SERVER_PRIVATE_KEY=$(wg genkey) && echo $WIREGUARD_SERVER_PRIVATE_KEY > /opt/amnezia/wireguard/wireguard_server_private_key.key; \
-WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | wg pubkey) && echo $WIREGUARD_SERVER_PUBLIC_KEY > /opt/amnezia/wireguard/wireguard_server_public_key.key; \
-WIREGUARD_PSK=$(wg genpsk) && echo $WIREGUARD_PSK > /opt/amnezia/wireguard/wireguard_psk.key; \
-echo -e "\
-[Interface]\\n\
-PrivateKey = $WIREGUARD_SERVER_PRIVATE_KEY \\n\
-Address = $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR \\n\
-ListenPort = $WIREGUARD_SERVER_PORT \\n\
-" >/opt/amnezia/wireguard/wg0.conf'
+mkdir -p /opt/amnezia/wireguard
+cd /opt/amnezia/wireguard
+WIREGUARD_SERVER_PRIVATE_KEY=$(wg genkey)
+echo $WIREGUARD_SERVER_PRIVATE_KEY > /opt/amnezia/wireguard/wireguard_server_private_key.key
+
+WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | wg pubkey)
+echo $WIREGUARD_SERVER_PUBLIC_KEY > /opt/amnezia/wireguard/wireguard_server_public_key.key
+
+WIREGUARD_PSK=$(wg genpsk)
+echo $WIREGUARD_PSK > /opt/amnezia/wireguard/wireguard_psk.key
+
+cat > /opt/amnezia/wireguard/wg0.conf <<EOF
+[Interface]
+PrivateKey = $WIREGUARD_SERVER_PRIVATE_KEY
+Address = $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR
+ListenPort = $WIREGUARD_SERVER_PORT
+EOF
diff --git a/client/settings.cpp b/client/settings.cpp
index 87239945..cf001fbe 100644
--- a/client/settings.cpp
+++ b/client/settings.cpp
@@ -167,8 +167,9 @@ void Settings::setProtocolConfig(int serverIndex, DockerContainer container, Pro
 
 void Settings::clearLastConnectionConfig(int serverIndex, DockerContainer container, Protocol proto)
 {
+    // recursively remove
     if (proto == Protocol::Any) {
-        for (Protocol p: { Protocol::OpenVpn, Protocol::ShadowSocks, Protocol::Cloak, Protocol::WireGuard}) {
+        for (Protocol p: ContainerProps::protocolsForContainer(container)) {
             clearLastConnectionConfig(serverIndex, container, p);
         }
         return;
diff --git a/client/ui/qml/Pages/PageServerContainers.qml b/client/ui/qml/Pages/PageServerContainers.qml
index c79d9351..fee61a9f 100644
--- a/client/ui/qml/Pages/PageServerContainers.qml
+++ b/client/ui/qml/Pages/PageServerContainers.qml
@@ -332,6 +332,7 @@ PageBase {
 
                                 checked: default_role
                                 onClicked: {
+                                    tb_c.currentIndex = -1
                                     ServerContainersLogic.onPushButtonRemoveClicked(proxyContainersModel.mapToSource(index))
                                 }
 
diff --git a/client/vpnconnection.cpp b/client/vpnconnection.cpp
index bda6d74c..ba16f48b 100644
--- a/client/vpnconnection.cpp
+++ b/client/vpnconnection.cpp
@@ -159,7 +159,7 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex,
     else {
         qDebug() << "VpnConnection::createVpnConfiguration: gen new config for" << ProtocolProps::protoToString(proto);
         configData = VpnConfigurator::genVpnProtocolConfig(credentials,
-                                          container, containerConfig, proto, &e);
+            container, containerConfig, proto, &e);
 
         QString configDataBeforeLocalProcessing = configData;
 
@@ -191,66 +191,26 @@ QJsonObject VpnConnection::createVpnConfiguration(int serverIndex,
     ErrorCode e = ErrorCode::NoError;
     QJsonObject vpnConfiguration;
 
-    if (container == DockerContainer::OpenVpn ||
-            container == DockerContainer::ShadowSocks ||
-            container == DockerContainer::Cloak) {
 
-        QString openVpnConfigData =
+    for (ProtocolEnumNS::Protocol proto : ContainerProps::protocolsForContainer(container)) {
+//        QString vpnConfigData =
+//            createVpnConfigurationForProto(
+//                serverIndex, credentials, container, containerConfig, proto, &e);
+
+        QJsonObject vpnConfigData = QJsonDocument::fromJson(
             createVpnConfigurationForProto(
-                serverIndex, credentials, container, containerConfig, Protocol::OpenVpn, &e);
+                serverIndex, credentials, container, containerConfig, proto, &e).toUtf8()).
+                    object();
 
-
-        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::OpenVpn), openVpnConfigData);
         if (e) {
             if (errorCode) *errorCode = e;
             return {};
         }
 
-        QFile file(OpenVpnProtocol::defaultConfigFileName());
-        if (file.open(QIODevice::WriteOnly | QIODevice::Truncate)){
-            QTextStream stream(&file);
-            stream << openVpnConfigData << endl;
-            file.close();
-        }
-        else {
-            if (errorCode) *errorCode = ErrorCode::FailedToSaveConfigData;
-            return {};
-        }
+        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(proto), vpnConfigData);
+
     }
 
-    if (container == DockerContainer::ShadowSocks) {
-        QJsonObject ssConfigData = QJsonDocument::fromJson(
-            createVpnConfigurationForProto(
-                serverIndex, credentials, container, containerConfig, Protocol::ShadowSocks, &e).toUtf8()).
-            object();
-
-        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::ShadowSocks), ssConfigData);
-    }
-
-    if (container == DockerContainer::Cloak) {
-        QJsonObject cloakConfigData = QJsonDocument::fromJson(
-            createVpnConfigurationForProto(
-                serverIndex, credentials, container, containerConfig, Protocol::Cloak, &e).toUtf8()).
-            object();
-
-        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::Cloak), cloakConfigData);
-    }
-
-    if (container == DockerContainer::WireGuard) {
-        QString wgConfigData = createVpnConfigurationForProto(
-                    serverIndex, credentials, container, containerConfig, Protocol::WireGuard, &e);
-
-        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::WireGuard), wgConfigData);
-    }
-
-    if (container == DockerContainer::Ipsec) {
-        QString ikev2ConfigData = createVpnConfigurationForProto(
-                    serverIndex, credentials, container, containerConfig, Protocol::Ikev2, &e);
-
-        vpnConfiguration.insert(ProtocolProps::key_proto_config_data(Protocol::Ikev2), ikev2ConfigData);
-    }
-
-    //qDebug().noquote() << "VPN config" << QJsonDocument(m_vpnConfiguration).toJson();
     return vpnConfiguration;
 }