
213 lines
8.1 KiB
Raw Normal View History

2020-05-21 18:33:10 +02:00
2020-05-21 18:33:46 +02:00
# wireguard-ui
2020-04-25 06:13:29 +02:00
A web user interface to manage your WireGuard setup.
## Features
- Friendly UI
- Authentication
- Manage extra client's information (name, email, etc)
- Retrieve configs using QR code / file
## Run WireGuard-UI
Default username and password are `admin`.
2022-04-26 21:04:22 +02:00
### Using binary file
Download the binary file from the release and run it with command:
### Using docker compose
You can take a look at this example of [docker-compose.yml](https://github.com/ngoduykhanh/wireguard-ui/blob/master/docker-compose.yaml). Please adjust volume mount points to work with your setup. Then run it like below:
2020-04-25 06:13:29 +02:00
docker-compose up
2022-04-26 21:04:22 +02:00
- There is a Status option that needs docker to be able to access the network of the host in order to read the
wireguard interface stats. See the `cap_add` and `network_mode` options on the docker-compose.yaml
2022-04-26 21:04:22 +02:00
- Because the `network_mode` is set to `host`, we don't need to specify the exposed ports. The app will listen on port `5000` by default.
2022-04-26 21:04:22 +02:00
## Environment Variables
2022-04-26 21:04:22 +02:00
| Variable | Description |
| `SESSION_SECRET` | Used to encrypt the session cookies. Set this to a random value. |
| `WGUI_USERNAME` | The username for the login page. (default `admin`) |
| `WGUI_PASSWORD` | The password for the user on the login page. Will be hashed automatically. (default `admin`) |
| `WGUI_PASSWORD_HASH` | The password hash for the user on the login page. (alternative to `WGUI_PASSWORD`) |
2022-04-26 21:04:22 +02:00
| `WGUI_ENDPOINT_ADDRESS` | The default endpoint address used in global settings. (default is your public IP address) |
| `WGUI_DNS` | The default DNS servers (comma-separated-list) used in the global settings. (default ``) |
| `WGUI_MTU` | The default MTU used in global settings. (default `1450`) |
| `WGUI_PERSISTENT_KEEPALIVE` | The default persistent keepalive for WireGuard in global settings. (default `15`) |
| `WGUI_FORWARD_MARK` | The default WireGuard forward mark. (default `0xca6c`) |
| `WGUI_CONFIG_FILE_PATH` | The default WireGuard config file path used in global settings. (default `/etc/wireguard/wg0.conf`) |
| `BASE_PATH` | Set this variable if you run wireguard-ui under a subpath of your reverse proxy virtual host (e.g. /wireguard)) |
2022-04-26 21:04:22 +02:00
### Defaults for server configuration
These environment variables are used to control the default server settings used when initializing the database.
| Variable | Description |
| `WGUI_SERVER_INTERFACE_ADDRESSES` | The default interface addresses (comma-separated-list) for the WireGuard server configuration. (default ``) |
| `WGUI_SERVER_LISTEN_PORT` | The default server listen port. (default `51820`) |
| `WGUI_SERVER_POST_UP_SCRIPT` | The default server post-up script. |
| `WGUI_SERVER_POST_DOWN_SCRIPT` | The default server post-down script. |
2022-04-26 21:04:22 +02:00
### Defaults for new clients
These environment variables are used to set the defaults used in `New Client` dialog.
| Variable | Description |
| `WGUI_DEFAULT_CLIENT_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Allowed IPs` field. (default ``) |
| `WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Extra Allowed IPs` field. (default empty) |
| `WGUI_DEFAULT_CLIENT_USE_SERVER_DNS` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) |
| `WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) |
2022-04-26 21:04:22 +02:00
### Email configuration
2022-04-24 09:42:08 +02:00
To use custom `wg.conf` template set the `WG_CONF_TEMPLATE` environment variable to a path to such file. Make sure `wireguard-ui` will be able to work with it - use [default template](templates/wg.conf) for reference.
2022-01-29 09:01:37 +01:00
In order to sent the wireguard configuration to clients via email, set the following environment variables:
- using SendGrid API
SENDGRID_API_KEY: Your sendgrid api key
2021-11-09 11:01:42 +01:00
EMAIL_FROM_ADDRESS: the email address you registered on sendgrid
EMAIL_FROM_NAME: the sender's email address
2020-04-25 06:13:29 +02:00
2022-01-29 09:01:37 +01:00
- using SMTP
2022-04-26 21:11:13 +02:00
SMTP_HOSTNAME: The SMTP ip address or hostname
SMTP_PORT: the SMTP port
SMTP_USERNAME: the SMTP username to authenticate
SMTP_PASSWORD: the SMTP user password
SMTP_AUTH_TYPE: the authentication type. Possible values: PLAIN, LOGIN, NONE
SMTP_ENCRYPTION: the encryption method. Possible values: SSL, SSLTLS, TLS or STARTTLS (default)
2022-01-29 09:01:37 +01:00
EMAIL_FROM_ADDRESS: the sender's email address
EMAIL_FROM_NAME: the sender's name
2020-04-25 06:13:29 +02:00
## Auto restart WireGuard daemon
WireGuard-UI only takes care of configuration generation. You can use systemd to watch for the changes and restart the service. Following is an example:
### systemd
2020-04-25 06:13:29 +02:00
Create /etc/systemd/system/wgui.service
Description=Restart WireGuard
ExecStart=/usr/bin/systemctl restart wg-quick@wg0.service
2021-08-05 19:46:11 +02:00
2020-04-25 06:13:29 +02:00
Create /etc/systemd/system/wgui.path
Description=Watch /etc/wireguard/wg0.conf for changes
Apply it
2020-04-25 06:13:29 +02:00
systemctl enable wgui.{path,service}
systemctl start wgui.{path,service}
### openrc
Create and `chmod +x` /usr/local/bin/wgui
wg-quick down wg0
wg-quick up wg0
Create and `chmod +x` /etc/init.d/wgui
command_args="/usr/local/bin/wgui /etc/wireguard/wg0.conf:w"
Apply it
rc-service wgui start
rc-update add wgui default
## Build
### Build docker image
Go to the project root directory and run the following command:
docker build -t wireguard-ui .
### Build binary file
Prepare the assets directory
Then you can embed resources by generating Go source code
rice embed-go
go build -o wireguard-ui
Or, append resources to executable as zip file
go build -o wireguard-ui
rice append --exec wireguard-ui
2020-04-25 06:13:29 +02:00
## Screenshot
2022-07-14 08:39:01 +02:00
![wireguard-ui 0.3.7](https://user-images.githubusercontent.com/37958026/177041280-e3e7ca16-d4cf-4e95-9920-68af15e780dd.png)
2020-04-25 06:13:29 +02:00
## License
MIT. See [LICENSE](https://github.com/ngoduykhanh/wireguard-ui/blob/master/LICENSE).
2020-05-17 09:38:26 +02:00
## Support
If you like the project and want to support it, you can *buy me a coffee*
<a href="https://www.buymeacoffee.com/khanhngo" target="_blank"><img src="https://cdn.buymeacoffee.com/buttons/default-orange.png" alt="Buy Me A Coffee" height="41" width="174"></a>