diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 00000000..2d06f13e --- /dev/null +++ b/.editorconfig @@ -0,0 +1,23 @@ +# http://editorconfig.org +root = true + +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + +# The JSON files contain newlines inconsistently +[*.json] +insert_final_newline = ignore + +# Minified JavaScript files shouldn't be changed +[**.min.js] +indent_style = ignore +insert_final_newline = ignore + +[*.md] +trim_trailing_whitespace = false + diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index a30b7a1f..628ffb8d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,4 +1,6 @@ # Copyright (c) Emile Nijssen (WeeJeWel) # Founder and Codeowner of WireGuard Easy (wg-easy) -# Maintained by Philip Heiduck (pheiduck) +# Maintained by Philip Heiduck (pheiduck) and Bernd Storath (kaaax0815) +* @WeeJeWel * @pheiduck +* @kaaax0815 diff --git a/.github/ISSUE_TEMPLATE/01-bug-report.yml b/.github/ISSUE_TEMPLATE/01-bug-report.yml index 2a92e7b6..bd9b0f74 100644 --- a/.github/ISSUE_TEMPLATE/01-bug-report.yml +++ b/.github/ISSUE_TEMPLATE/01-bug-report.yml @@ -3,7 +3,7 @@ name: 🐛 Bug Report description: Create a report to help us improve title: "[Bug]: " labels: - - "bug" + - "type: bug" body: - type: markdown diff --git a/.github/ISSUE_TEMPLATE/02-feature-request.yml b/.github/ISSUE_TEMPLATE/02-feature-request.yml index d23b5f6c..b8c1f914 100644 --- a/.github/ISSUE_TEMPLATE/02-feature-request.yml +++ b/.github/ISSUE_TEMPLATE/02-feature-request.yml @@ -3,7 +3,7 @@ name: 🛠️ Feature Request description: Suggest an idea to help us improve title: "[Feat]: " labels: - - "enhancement" + - "type: feature request" body: - type: markdown diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 91a1f7c9..b0a57490 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -24,7 +24,7 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: - node-version: "20" + node-version: "lts/*" check-latest: true cache: "pnpm" diff --git a/.github/workflows/npm-update-bot.yml b/.github/workflows/npm-update-bot.yml index 720ca49a..87e40ed3 100644 --- a/.github/workflows/npm-update-bot.yml +++ b/.github/workflows/npm-update-bot.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: - node-version: "20" + node-version: "lts/*" check-latest: true cache: "pnpm" diff --git a/Dockerfile b/Dockerfile index 0a6365f3..45647025 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,7 @@ RUN pnpm build # Copy build result to a new image. # This saves a lot of disk space. -FROM docker.io/library/node:20-alpine +FROM docker.io/library/node:lts-alpine WORKDIR /app HEALTHCHECK CMD /usr/bin/timeout 5s /bin/sh -c "/usr/bin/wg show | /bin/grep -q interface || exit 1" --interval=1m --timeout=5s --retries=3 @@ -42,4 +42,4 @@ ENV DEBUG=Server,WireGuard ENV PORT=51821 # Run Web UI -CMD ["/usr/bin/dumb-init", "node", "server/index.mjs"] \ No newline at end of file +CMD ["/usr/bin/dumb-init", "node", "server/index.mjs"] diff --git a/README.md b/README.md index be8a32cb..37b158a7 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ You have found the easiest way to install & manage WireGuard on any Linux host!

## Features + * All-in-one: WireGuard + Web UI. * Easy installation, simple to use. * List, create, edit, delete, enable & disable clients. @@ -23,7 +24,10 @@ You have found the easiest way to install & manage WireGuard on any Linux host! * Gravatar support. * Automatic Light / Dark Mode * Multilanguage Support -* UI_TRAFFIC_STATS (default off) +* Traffic Stats (default off) +* One Time Links (default off) +* Client Expiry (default off) +* Prometheus metrics support ## Requirements @@ -85,6 +89,8 @@ To automatically install & run wg-easy, simply run: The Web UI will now be available on `http://0.0.0.0:51821`. +The Prometheus metrics will now be available on `http://0.0.0.0:51821/metrics`. Grafana dashboard [21733](https://grafana.com/grafana/dashboards/21733-wireguard/) + > 💡 Your configuration files will be saved in `~/.wg-easy` WireGuard Easy can be launched with Docker Compose as well - just download @@ -107,19 +113,25 @@ These options can be configured by setting environment variables using `-e KEY=" | `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. | | `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. | | `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will listen on that (othwise default) inside the Docker container. | -| `WG_CONFIG_PORT`| `51820` | `12345` | The UDP port used on [Home Assistant Plugin](https://github.com/adriy-be/homeassistant-addons-jdeath/tree/main/wgeasy) +| `WG_CONFIG_PORT`| `51820` | `12345` | The UDP port used on [Home Assistant Plugin](https://github.com/adriy-be/homeassistant-addons-jdeath/tree/main/wgeasy) | `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. | | `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. | -| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. | -| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. If set to blank value, clients will not use any DNS. | -| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. | +| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. | +| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. If set to blank value, clients will not use any DNS. | +| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. | | `WG_PRE_UP` | `...` | - | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L19) for the default value. | | `WG_POST_UP` | `...` | `iptables ...` | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L20) for the default value. | | `WG_PRE_DOWN` | `...` | - | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L27) for the default value. | | `WG_POST_DOWN` | `...` | `iptables ...` | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L28) for the default value. | +| `WG_ENABLE_EXPIRES_TIME` | `false` | `true` | Enable expire time for clients | | `LANG` | `en` | `de` | Web UI language (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi). | -| `UI_TRAFFIC_STATS` | `false` | `true` | Enable detailed RX / TX client stats in Web UI | -| `UI_CHART_TYPE` | `0` | `1` | UI_CHART_TYPE=0 # Charts disabled, UI_CHART_TYPE=1 # Line chart, UI_CHART_TYPE=2 # Area chart, UI_CHART_TYPE=3 # Bar chart | +| `UI_TRAFFIC_STATS` | `false` | `true` | Enable detailed RX / TX client stats in Web UI | +| `UI_CHART_TYPE` | `0` | `1` | UI_CHART_TYPE=0 # Charts disabled, UI_CHART_TYPE=1 # Line chart, UI_CHART_TYPE=2 # Area chart, UI_CHART_TYPE=3 # Bar chart | +| `WG_ENABLE_ONE_TIME_LINKS` | `false` | `true` | Enable display and generation of short one time download links (expire after 5 minutes) | +| `MAX_AGE` | `0` | `1440` | The maximum age of Web UI sessions in minutes. `0` means that the session will exist until the browser is closed. | +| `UI_ENABLE_SORT_CLIENTS` | `false` | `true` | Enable UI sort clients by name | +| `ENABLE_PROMETHEUS_METRICS` | `false` | `true` | Enable Prometheus metrics `http://0.0.0.0:51821/metrics` and `http://0.0.0.0:51821/metrics/json`| +| `PROMETHEUS_METRICS_PASSWORD` | - | `$2y$05$Ci...` | If set, Basic Auth is required when requesting metrics. See [How to generate an bcrypt hash.md]("https://github.com/wg-easy/wg-easy/blob/master/How_to_generate_an_bcrypt_hash.md") for know how generate the hash. | > If you change `WG_PORT`, make sure to also change the exposed port. diff --git a/docker-compose.yml b/docker-compose.yml index 3f11cc6b..095557bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: environment: # Change Language: # (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi) - - LANG=de + - LANG=en # ⚠️ Required: # Change this to your host's public address - WG_HOST=raspberrypi.local @@ -27,6 +27,11 @@ services: # - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt # - UI_TRAFFIC_STATS=true # - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart) + # - WG_ENABLE_ONE_TIME_LINKS=true + # - UI_ENABLE_SORT_CLIENTS=true + # - WG_ENABLE_EXPIRES_TIME=true + # - ENABLE_PROMETHEUS_METRICS=false + # - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash) image: ghcr.io/wg-easy/wg-easy container_name: wg-easy diff --git a/src/package.json b/src/package.json index 40d9d777..85b2482d 100644 --- a/src/package.json +++ b/src/package.json @@ -23,14 +23,17 @@ "@nuxtjs/i18n": "^8.3.3", "@nuxtjs/tailwindcss": "^6.12.1", "@pinia/nuxt": "^0.5.3", + "@tailwindcss/forms": "^0.5.7", "apexcharts": "^3.51.0", + "basic-auth": "^2.0.1", "bcryptjs": "^2.4.3", + "crc-32": "^1.2.2", "debug": "^4.3.6", "js-sha256": "^0.11.0", "nuxt": "^3.12.4", "pinia": "^2.2.1", "qrcode": "^1.5.4", - "tailwindcss": "^3.4.9", + "tailwindcss": "^3.4.10", "timeago.js": "^4.0.2", "vue": "latest", "vue3-apexcharts": "^1.5.3",