mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add custom port and interface

pull/700/head
Comet1903 1 year ago
parent
1e6e8d25a4
commit
6e08e5a824
No known key found for this signature in database GPG Key ID: 1AF8DB863707AC92
3 changed files with 18 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      docker-compose.yml
  2. 7
      src/config.js
  3. 25
      src/lib/WireGuard.js

1
docker-compose.yml
View File

@ -9,6 +9,7 @@ services:
# Optional:
# - PASSWORD=foobar123
# - WG_PORT=51820
# - WG_INTERFACE=wg0
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
# - WG_MTU=1420

7
src/config.js
View File

@ -7,6 +7,7 @@ module.exports.PORT = process.env.PORT || 51821;
module.exports.PASSWORD = process.env.PASSWORD;
module.exports.WG_PATH = process.env.WG_PATH || '/etc/wireguard/';
module.exports.WG_DEVICE = process.env.WG_DEVICE || 'eth0';
module.exports.WG_INTERFACE = process.env.WG_INTERFACE.toLowerCase() || 'wg0'
module.exports.WG_HOST = process.env.WG_HOST;
module.exports.WG_PORT = process.env.WG_PORT || 51820;
module.exports.WG_MTU = process.env.WG_MTU || null;
@ -20,9 +21,9 @@ module.exports.WG_ALLOWED_IPS = process.env.WG_ALLOWED_IPS || '0.0.0.0/0, ::/0';
module.exports.WG_PRE_UP = process.env.WG_PRE_UP || '';
module.exports.WG_POST_UP = process.env.WG_POST_UP || `
iptables -t nat -A POSTROUTING -s ${module.exports.WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ${module.exports.WG_DEVICE} -j MASQUERADE;
iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT;
iptables -A FORWARD -i wg0 -j ACCEPT;
iptables -A FORWARD -o wg0 -j ACCEPT;
iptables -A INPUT -p udp -m udp --dport ${module.exports.WG_PORT} -j ACCEPT;
iptables -A FORWARD -i ${module.exports.WG_INTERFACE} -j ACCEPT;
iptables -A FORWARD -o ${module.exports.WG_INTERFACE} -j ACCEPT;
`.split('\n').join(' ');
module.exports.WG_PRE_DOWN = process.env.WG_PRE_DOWN || '';

25
src/lib/WireGuard.js
View File

@ -23,6 +23,7 @@ const {
WG_POST_UP,
WG_PRE_DOWN,
WG_POST_DOWN,
WG_INTERFACE
} = require('../config');
module.exports = class WireGuard {
@ -59,18 +60,18 @@ module.exports = class WireGuard {
}
await this.__saveConfig(config);
await Util.exec('wg-quick down wg0').catch(() => { });
await Util.exec('wg-quick up wg0').catch(err => {
if (err && err.message && err.message.includes('Cannot find device "wg0"')) {
throw new Error('WireGuard exited with the error: Cannot find device "wg0"\nThis usually means that your host\'s kernel does not support WireGuard!');
await Util.exec('wg-quick down ' + WG_INTERFACE).catch(() => { });
await Util.exec('wg-quick up ' + WG_INTERFACE).catch(err => {
if (err && err.message && err.message.includes('Cannot find device ' + WG_INTERFACE)) {
throw new Error('WireGuard exited with the error: Cannot find device ' + WG_INTERFACE + '\nThis usually means that your host\'s kernel does not support WireGuard!');
}
throw err;
});
// await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o eth0 -j MASQUERADE`);
// await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT');
// await Util.exec('iptables -A FORWARD -i wg0 -j ACCEPT');
// await Util.exec('iptables -A FORWARD -o wg0 -j ACCEPT');
// await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o ' + WG_DEVICE + ' -j MASQUERADE`);
// await Util.exec('iptables -A INPUT -p udp -m udp --dport ' + WG_PORT + ' -j ACCEPT');
// await Util.exec('iptables -A FORWARD -i ' + WG_INTERFACE + ' -j ACCEPT');
// await Util.exec('iptables -A FORWARD -o ' + WG_INTERFACE + ' -j ACCEPT');
await this.__syncConfig();
return config;
@ -95,7 +96,7 @@ module.exports = class WireGuard {
[Interface]
PrivateKey = ${config.server.privateKey}
Address = ${config.server.address}/24
ListenPort = 51820
ListenPort = ${WG_PORT}
PreUp = ${WG_PRE_UP}
PostUp = ${WG_POST_UP}
PreDown = ${WG_PRE_DOWN}
@ -118,7 +119,7 @@ AllowedIPs = ${client.address}/32`;
await fs.writeFile(path.join(WG_PATH, 'wg0.json'), JSON.stringify(config, false, 2), {
mode: 0o660,
});
await fs.writeFile(path.join(WG_PATH, 'wg0.conf'), result, {
await fs.writeFile(path.join(WG_PATH, WG_INTERFACE + '.conf'), result, {
mode: 0o600,
});
debug('Config saved.');
@ -126,7 +127,7 @@ AllowedIPs = ${client.address}/32`;
async __syncConfig() {
debug('Config syncing...');
await Util.exec('wg syncconf wg0 <(wg-quick strip wg0)');
await Util.exec('wg syncconf ' + WG_INTERFACE + ' <(wg-quick strip ' + WG_INTERFACE + ')');
debug('Config synced.');
}
@ -149,7 +150,7 @@ AllowedIPs = ${client.address}/32`;
}));
// Loop WireGuard status
const dump = await Util.exec('wg show wg0 dump', {
const dump = await Util.exec('wg show ' + WG_INTERFACE + ' dump', {
log: false,
});
dump

Write Preview
Loading…
Cancel
Save