mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Allow admin panel updates to be saved while overrides remain effective; remove WG_ENABLED 

- Remove WG_ENABLED environment variable (interface cannot be disabled)
- Allow all admin panel updates to be saved to database
- Environment variable overrides take precedence at runtime only
- Users can now update values in admin panel even when overridden
- Updated documentation to clarify override behavior

Co-authored-by: kaaax0815 <[email protected]>
copilot/add-env-variables-admin-panel
copilot-swe-agent[bot] 7 months ago
parent
67185192fd
commit
11ab71b5d2
6 changed files with 38 additions and 99 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 51
      docs/content/advanced/config/optional-config.md
  2. 16
      src/server/api/admin/general.post.ts
  3. 13
      src/server/api/admin/interface/cidr.post.ts
  4. 25
      src/server/api/admin/interface/index.post.ts
  5. 25
      src/server/api/admin/userconfig.post.ts
  6. 7
      src/server/utils/config.ts

51
docs/content/advanced/config/optional-config.md
View File

@ -23,46 +23,45 @@ This option can be removed in the future, as more devices support IPv6.
## Configuration Overrides
These environment variables allow you to override settings that would normally be configured through the Admin Panel. When set, these values take precedence over database settings and cannot be changed through the Web UI.
These environment variables allow you to override settings that would normally be configured through the Admin Panel. When set, these values take precedence over database settings at runtime.
### Interface Settings
| Env | Example | Description |
| -------------- | ----------------- | ---------------------------------- |
| `WG_PORT` | `51820` | WireGuard interface listening port |
| `WG_DEVICE` | `eth0` | Network device/interface |
| `WG_MTU` | `1420` | Maximum Transmission Unit |
| `WG_IPV4_CIDR` | `10.8.0.0/24` | IPv4 CIDR range |
| `WG_IPV6_CIDR` | `fdcc::/112` | IPv6 CIDR range |
| `WG_ENABLED` | `true` or `false` | Whether the interface is enabled |
| Env | Example | Description |
| -------------- | ------------- | ------------------------- |
| `WG_PORT` | `51820` | WireGuard interface port |
| `WG_DEVICE` | `eth0` | Network device/interface |
| `WG_MTU` | `1420` | Maximum Transmission Unit |
| `WG_IPV4_CIDR` | `10.8.0.0/24` | IPv4 CIDR range |
| `WG_IPV6_CIDR` | `fdcc::/112` | IPv6 CIDR range |
### Client Connection Settings
| Env | Example | Description |
| --------------------------------- | ----------------- | ---------------------------------------- |
| `WG_HOST` | `vpn.example.com` | Host clients will connect to |
| `WG_CLIENT_PORT` | `51820` | Port clients will connect to |
| `WG_DEFAULT_DNS` | `1.1.1.1,8.8.8.8` | Default DNS servers for clients |
| `WG_DEFAULT_ALLOWED_IPS` | `0.0.0.0/0,::/0` | Default allowed IPs for clients |
| `WG_DEFAULT_MTU` | `1420` | Default MTU for clients |
| `WG_DEFAULT_PERSISTENT_KEEPALIVE` | `25` | Default persistent keepalive for clients |
| Env | Example | Description |
| --------------------------------- | ----------------- | ------------------------------- |
| `WG_HOST` | `vpn.example.com` | Host clients will connect to |
| `WG_CLIENT_PORT` | `51820` | Port clients will connect to |
| `WG_DEFAULT_DNS` | `1.1.1.1,8.8.8.8` | Default DNS servers for clients |
| `WG_DEFAULT_ALLOWED_IPS` | `0.0.0.0/0,::/0` | Default allowed IPs for clients |
| `WG_DEFAULT_MTU` | `1420` | Default MTU for clients |
| `WG_DEFAULT_PERSISTENT_KEEPALIVE` | `25` | Default persistent keepalive |
### General Settings
| Env | Example | Description |
| ----------------------- | ----------------- | -------------------------- |
| `WG_SESSION_TIMEOUT` | `3600` | Session timeout in seconds |
| `WG_METRICS_PROMETHEUS` | `true` or `false` | Enable Prometheus metrics |
| `WG_METRICS_JSON` | `true` or `false` | Enable JSON metrics |
| Env | Example | Description |
| ----------------------- | ----------------- | ------------------------- |
| `WG_SESSION_TIMEOUT` | `3600` | Session timeout (seconds) |
| `WG_METRICS_PROMETHEUS` | `true` or `false` | Enable Prometheus metrics |
| `WG_METRICS_JSON` | `true` or `false` | Enable JSON metrics |
/// warning | Override Behavior
When these override environment variables are set:
- The specified values will be used instead of database settings
- Changes made through the Web UI to these fields will not take effect
- The Web UI will still display the overridden values
- Updates to these fields via the API will be ignored
- The specified values will be used at runtime instead of database settings
- You can still update these fields through the Web UI and they will be saved to the database
- However, the overridden values from environment variables will always take precedence
- The Web UI will display the overridden (effective) values
These overrides are useful for containerized environments where configuration should be controlled externally.

16
src/server/api/admin/general.post.ts
View File

@ -9,19 +9,9 @@ export default definePermissionEventHandler(
validateZod(GeneralUpdateSchema, event)
);
// Remove overridden fields from the update data
const updateData = { ...data };
if (WG_GENERAL_OVERRIDE_ENV.SESSION_TIMEOUT !== undefined) {
delete updateData.sessionTimeout;
}
if (WG_GENERAL_OVERRIDE_ENV.METRICS_PROMETHEUS !== undefined) {
delete updateData.metricsPrometheus;
}
if (WG_GENERAL_OVERRIDE_ENV.METRICS_JSON !== undefined) {
delete updateData.metricsJson;
}
await Database.general.update(updateData);
// Allow all updates to be saved to database
// Overrides will be applied when reading/using the values
await Database.general.update(data);
return { success: true };
}
);

13
src/server/api/admin/interface/cidr.post.ts
View File

@ -9,16 +9,9 @@ export default definePermissionEventHandler(
validateZod(InterfaceCidrUpdateSchema, event)
);
// Remove overridden fields from the update data
const updateData = { ...data };
if (WG_OVERRIDE_ENV.IPV4_CIDR !== undefined) {
delete updateData.ipv4Cidr;
}
if (WG_OVERRIDE_ENV.IPV6_CIDR !== undefined) {
delete updateData.ipv6Cidr;
}
await Database.interfaces.updateCidr(updateData);
// Allow all updates to be saved to database
// Overrides will be applied when reading/using the values
await Database.interfaces.updateCidr(data);
await WireGuard.saveConfig();
return { success: true };
}

25
src/server/api/admin/interface/index.post.ts
View File

@ -9,28 +9,9 @@ export default definePermissionEventHandler(
validateZod(InterfaceUpdateSchema, event)
);
// Remove overridden fields from the update data
const updateData = { ...data };
if (WG_OVERRIDE_ENV.PORT !== undefined) {
delete updateData.port;
}
if (WG_OVERRIDE_ENV.DEVICE !== undefined) {
delete updateData.device;
}
if (WG_OVERRIDE_ENV.MTU !== undefined) {
delete updateData.mtu;
}
if (WG_OVERRIDE_ENV.IPV4_CIDR !== undefined) {
delete updateData.ipv4Cidr;
}
if (WG_OVERRIDE_ENV.IPV6_CIDR !== undefined) {
delete updateData.ipv6Cidr;
}
if (WG_OVERRIDE_ENV.ENABLED !== undefined) {
delete updateData.enabled;
}
await Database.interfaces.update(updateData);
// Allow all updates to be saved to database
// Overrides will be applied when reading/using the values
await Database.interfaces.update(data);
await WireGuard.saveConfig();
return { success: true };
}

25
src/server/api/admin/userconfig.post.ts
View File

@ -9,28 +9,9 @@ export default definePermissionEventHandler(
validateZod(UserConfigUpdateSchema, event)
);
// Remove overridden fields from the update data
const updateData = { ...data };
if (WG_CLIENT_OVERRIDE_ENV.HOST !== undefined) {
delete updateData.host;
}
if (WG_CLIENT_OVERRIDE_ENV.CLIENT_PORT !== undefined) {
delete updateData.port;
}
if (WG_CLIENT_OVERRIDE_ENV.DEFAULT_DNS !== undefined) {
delete updateData.defaultDns;
}
if (WG_CLIENT_OVERRIDE_ENV.DEFAULT_ALLOWED_IPS !== undefined) {
delete updateData.defaultAllowedIps;
}
if (WG_CLIENT_OVERRIDE_ENV.DEFAULT_MTU !== undefined) {
delete updateData.defaultMtu;
}
if (WG_CLIENT_OVERRIDE_ENV.DEFAULT_PERSISTENT_KEEPALIVE !== undefined) {
delete updateData.defaultPersistentKeepalive;
}
await Database.userConfigs.update(updateData);
// Allow all updates to be saved to database
// Overrides will be applied when reading/using the values
await Database.userConfigs.update(data);
await WireGuard.saveConfig();
return { success: true };
}

7
src/server/utils/config.ts
View File

@ -69,10 +69,6 @@ export const WG_OVERRIDE_ENV = {
IPV4_CIDR: process.env.WG_IPV4_CIDR,
/** Override the IPv6 CIDR */
IPV6_CIDR: process.env.WG_IPV6_CIDR,
/** Override the enabled status */
ENABLED: process.env.WG_ENABLED === 'true' ? true :
process.env.WG_ENABLED === 'false' ? false :
undefined,
};
export const WG_CLIENT_OVERRIDE_ENV = {
@ -125,7 +121,7 @@ function assertEnv<T extends string>(env: T) {
* Apply environment variable overrides to an interface object
*/
export function applyInterfaceOverrides<
T extends { port: number; device: string; mtu: number; ipv4Cidr: string; ipv6Cidr: string; enabled: boolean },
T extends { port: number; device: string; mtu: number; ipv4Cidr: string; ipv6Cidr: string },
>(wgInterface: T): T {
return {
...wgInterface,
@ -134,7 +130,6 @@ export function applyInterfaceOverrides<
mtu: WG_OVERRIDE_ENV.MTU ?? wgInterface.mtu,
ipv4Cidr: WG_OVERRIDE_ENV.IPV4_CIDR ?? wgInterface.ipv4Cidr,
ipv6Cidr: WG_OVERRIDE_ENV.IPV6_CIDR ?? wgInterface.ipv6Cidr,
enabled: WG_OVERRIDE_ENV.ENABLED ?? wgInterface.enabled,
};
}

Write Preview
Loading…
Cancel
Save