GithubHelp home page GithubHelp logo

chernikovdmitry / wg-manager Goto Github PK

View Code? Open in Web Editor NEW

This project forked from perara/wg-manager

0.0 0.0 0.0 4.51 MB

A easy to use WireGuard dashboard and management tool

License: MIT License

Shell 0.37% Python 47.76% TypeScript 30.11% CSS 2.00% HTML 16.43% Mako 0.29% Dockerfile 0.86% SCSS 1.41% Jinja 0.78%

wg-manager's Introduction

wg-manager

The wg-manager provides an easy-to-use graphical web interface to import, setup, and manage WireGuard server(s). See Here

Contributions

All contributions are very much appreciated, and please, to ease the merging process, target your pull requests to the [development] branch (https://github.com/perara/wg-manager/tree/dev) branch to prevent merge conflicts. Thanks!

Features

The features of wg-manager includes:

Server

  • IPv4 and IPv6 support
  • Create/Delete/Modify
  • Start/Stop/Restart server
  • Import existing configurations
  • Export server config, along with client config as zip.

Peer

  • Create/Delete/Modify
  • Bandwidth usage statistics
  • Export by QRCode, Text
  • Authentication via API-Keys for automation (Created in GUI)
  • Automatic setup using docker

General

  • Modify Admin User
  • Create and manage API-Keys

Dependencies

  • Linux Kernel >= 5.6 (Alternatively: wireguard-dkms)

Common Installation Steps

  1. Enable ip forwarding: 
    sysctl -w net.ipv4.ip_forward=1 # IPV4 Support
sysctl -w net.ipv6.conf.all.forwarding=1  # IPV6 Support
  2. For persistent configuration: 
    cat > /etc/sysctl.d/99-sysctl.conf << EOF
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding=1
EOF
  3. It is recommended to have a firewall protecting your servers

Notes

  • A few people has experienced issues with running the dockerized method using bridged networking. To workaround this, you can use network_mode: host. Note that you can no longer reverse-proxy the web interface from reverse proxies such as jwilder/nginx-proxy.

Method #1: Docker-compose

version: "2.1"
services:
  wireguard:
    container_name: wg-manager
    image: perara/wg-manager
    restart: always
    sysctls:
      net.ipv6.conf.all.disable_ipv6: 0  # Required for IPV6
    cap_add:
      - NET_ADMIN
    #network_mode: host # Alternatively
    ports:
       - 51800-51900:51800-51900/udp
       - 8888:8888
    volumes:
      - ./wg-manager:/config
    environment:
      HOST: 0.0.0.0
      PORT: 8888
      ADMIN_USERNAME: admin
      ADMIN_PASSWORD: admin
      WEB_CONCURRENCY: 1

or plain docker here or build docker image from github

Method #2: Bare Metal

Using the development branch

As there is no builds for the development branch, you have to do the following: Change image: perara/wg-manager to

build:
      context: https://github.com/perara/wg-manager.git#dev

Guides

Usage

When docker container/server has started, go to http://localhost:8888

API Docs

The API docs is found here.

API-Keys

  1. Login to wg-manager
  2. Go to edit profile
  3. Create API-Key and take note of the key. Use the X-API-Key header to authenticate.
  4. Example: curl -i -H "X-API-Key: <key-goes-here>" http://<host>:<port>/api/v1/users/api-key/list
  5. Example 2: curl -X POST "http://<host>:<port>/api/v1/peer/configuration/add" -H "accept: application/json" -H "Content-Type: application/json" -H "X-API-Key: <api-key-here>" -d "{\"server_interface\":\"wg0\"}"

Client Mode

wg-manager can also run in client-mode, with near-automatic setup and connection. To automatically setup the client, you will need:

  1. wg-manager server url
  2. name of the interface the client should run on
  3. wg-manager server api key

You can setup multiple clients using the numbered environment variables. The following configuration runs a server and client automatically:

version: "2.1"
services:

  server:
    container_name: wg-manager
    build: .
    restart: always
    sysctls:
      net.ipv6.conf.all.disable_ipv6: 0
    cap_add:
      - NET_ADMIN
    #network_mode: host # Alternatively
    ports:
      - 11820:11820/udp
      - 51800-51900:51800-51900/udp
      - 8888:8888
    environment:
      HOST: 0.0.0.0
      PORT: 8888
      ADMIN_USERNAME: admin
      ADMIN_PASSWORD: admin
      WEB_CONCURRENCY: 2
      SERVER_INIT_INTERFACE_START: 1

      #endpoint dynamic variables: ||external|| , ||internal||
      SERVER_INIT_INTERFACE: '{"address":"10.0.200.1","v6_address":"fd42:42:42::1","subnet":24,"v6_subnet":64,"interface":"wg0","listen_port":"51820","endpoint":"server","dns":"10.0.200.1,8.8.8.8","private_key":"","public_key":"","post_up":"","post_down":"","configuration":"","is_running":false,"peers":[]}'
      SERVER_STARTUP_API_KEY: thisisasecretkeythatnobodyknows
    networks:
      - wg-manager-net

  client:
    container_name: wg-manager-server-with-client
    build: .
    restart: always
    sysctls:
      net.ipv6.conf.all.disable_ipv6: 0
    cap_add:
      - NET_ADMIN
    ports:
      - 8889:8889
    privileged: true
    environment:
      HOST: 0.0.0.0  # Optional (For Accessing WEB-Gui)
      PORT: 8889  # Optional (Web-GUI Listen Port)
      WEB_CONCURRENCY: 1  # Optional
      ADMIN_USERNAME: admin
      ADMIN_PASSWORD: admin
      INIT_SLEEP: 5  # If you run into concurrency issues
      SERVER: 0  # If you want to host a server as well
      CLIENT: 1  # If you want to connect to servers
      CLIENT_START_AUTOMATICALLY: 1  # If you want the client to start automatically
      CLIENT_1_NAME: "client-1"   # Name of first client
      CLIENT_1_SERVER_HOST: "http://server:8888"  # Endpoint of first server
      CLIENT_1_SERVER_INTERFACE: "wg0"  # Interface of first server (to get config)
      CLIENT_1_API_KEY: "thisisasecretkeythatnobodyknows"  # API-Key of first server (to get config)
    networks:
      - wg-manager-net

networks:
  wg-manager-net:
    driver: bridge

Environment variables

Environment Description Recommended
GUNICORN_CONF Location of custom gunicorn configuration default
WORKERS_PER_CORE How many concurrent workers should there be per available core (Gunicorn) default
WEB_CONCURRENCY The number of worker processes for handling requests. (Gunicorn) 1
HOST 0.0.0.0 or unix:/tmp/gunicorn.sock if reverse proxy. Remember to mount 0.0.0.0
PORT The port to use if running with IP host bind 80
LOG_LEVEL Logging level of gunicorn/python info
ADMIN_USERNAME Default admin username on database creation admin
ADMIN_PASSWORD Default admin password on database creation admin
POST_UP The POST_UP Command (version 4) default
POST_DOWN The POST_DOWN Command (version 4) default
POST_UP_V6 The POST_UP Command (version 6) default
POST_DOWN_V6 The POST_DOWN Command (version 6) default
INIT_SLEEP Sleep before bootstrap. Useful for delaying client boot integer
SERVER_STARTUP_API_KEY Create a initial, and known API key on server init secret
SERVER_INIT_INTERFACE Create a initial wireguard interface on server init. See docs json
SERVER_INIT_INTERFACE_START If the interface should start immediately 1 or 0
SERVER If the container should enable server-mode 1 or 0
CLIENT If the container should enable client-mode 1 or 0
CLIENT_START_AUTOMATICALLY If client is enabled. should it start immediately? 1 or 0
CLIENT_X_NAME Name of the automatically generated client. X = incremental number from 1 string
CLIENT_X_SERVER_HOST The url to wg-manager server e.g. "http://server:8888" See docs url
CLIENT_X_SERVER_INTERFACE The wg-interface to create client on e.g"wg0". See docs string
CLIENT_X_API_KEY A valid API-Key that is active on the server. Works well with SERVER_STARTUP_API_KEY string

Q&A

I'm trying to start the device but recieve the message: Perhaps ip6tables or your kernel needs to be upgraded.. Try: modprobe ip6table_nat on the host.

Showcase

Illustration

Illustration

Illustration

Illustration

Illustration

Illustration

Illustration

Illustration

Illustration

Roadmap

Primaries

  • Implement multi-server support (setting up site-2-site servers from the GUI)
  • Extending multi-server support to enable custom access lists (A peer can be assigned to multiple servers, as part of the ACL)

wg-manager's People

Contributors

perara avatar tony1661 avatar simonlerpard avatar rezor92 avatar slokhorst avatar lombra avatar aaronnad avatar 2l3r4 avatar davidnoyes avatar hmrodrigues avatar dependabot[bot] avatar flippy1345 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.