mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add wg_path, update documentation

pull/1349/head
Bernd Storath 8 months ago
parent
1a5eb65f17
commit
d1b5e1c757
No known key found for this signature in database GPG Key ID: D6C85685A555540F
8 changed files with 18 additions and 66 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      Dockerfile
  2. 1
      Dockerfile.dev
  3. 44
      README.md
  4. 2
      docker-compose.dev.yml
  5. 29
      docker-compose.yml
  6. 2
      src/server/utils/WireGuard.ts
  7. 2
      src/server/utils/config.ts
  8. 3
      src/services/database/lowdb.ts

1
Dockerfile
View File

@ -36,6 +36,7 @@ RUN update-alternatives --install /sbin/iptables iptables /sbin/iptables-legacy
# Set Environment # Set Environment
ENV DEBUG=Server,WireGuard,LowDB ENV DEBUG=Server,WireGuard,LowDB
ENV PORT=51821 ENV PORT=51821
ENV HOST=0.0.0.0
# Run Web UI # Run Web UI
CMD ["/usr/bin/dumb-init", "node", "server/index.mjs"] CMD ["/usr/bin/dumb-init", "node", "server/index.mjs"]

1
Dockerfile.dev
View File

@ -26,3 +26,4 @@ RUN update-alternatives --install /sbin/iptables iptables /sbin/iptables-legacy
# Set Environment # Set Environment
ENV DEBUG=Server,WireGuard,LowDB ENV DEBUG=Server,WireGuard,LowDB
ENV PORT=51821 ENV PORT=51821
ENV HOST=0.0.0.0

44
README.md
View File

@ -27,7 +27,7 @@ You have found the easiest way to install & manage WireGuard on any Linux host!
- Traffic Stats (default off) - Traffic Stats (default off)
- One Time Links (default off) - One Time Links (default off)
- Client Expiration (default off) - Client Expiration (default off)
- Prometheus metrics support - Prometheus metrics support (default off)
## Requirements ## Requirements
@ -41,7 +41,7 @@ For **stable** versions instead of nightly or development please read **README**
| tag | Branch | Example | Description | | tag | Branch | Example | Description |
| ------------- | ------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------ | | ------------- | ------------- | ------------------------------------------------------------- | ------------------------------------------------------------------------------------ |
| `latest` | production | `ghcr.io/wg-easy/wg-easy:latest` or `ghcr.io/wg-easy/wg-easy` | stable as possbile get bug fixes quickly when needed, deployed against `production`. | | `latest` | production | `ghcr.io/wg-easy/wg-easy:latest` or `ghcr.io/wg-easy/wg-easy` | stable as possible get bug fixes quickly when needed, deployed against `production`. |
| `13` | production | `ghcr.io/wg-easy/wg-easy:13` | same as latest, stick to a version tag. | | `13` | production | `ghcr.io/wg-easy/wg-easy:13` | same as latest, stick to a version tag. |
| `nightly` | master | `ghcr.io/wg-easy/wg-easy:nightly` | mostly unstable gets frequent package and code updates, deployed against `master`. | | `nightly` | master | `ghcr.io/wg-easy/wg-easy:nightly` | mostly unstable gets frequent package and code updates, deployed against `master`. |
| `development` | pull requests | `ghcr.io/wg-easy/wg-easy:development` | used for development, testing code from PRs before landing into `master`. | | `development` | pull requests | `ghcr.io/wg-easy/wg-easy:development` | used for development, testing code from PRs before landing into `master`. |
@ -64,13 +64,10 @@ And log in again.
To automatically install & run wg-easy, simply run: To automatically install & run wg-easy, simply run:
``` ```bash
docker run -d \ docker run -d \
--name=wg-easy \ --name=wg-easy \
-e LANG=de \
-e WG_HOST=<🚨YOUR_SERVER_IP> \
-e PORT=51821 \ -e PORT=51821 \
-e WG_PORT=51820 \
-v ~/.wg-easy:/etc/wireguard \ -v ~/.wg-easy:/etc/wireguard \
-p 51820:51820/udp \ -p 51820:51820/udp \
-p 51821:51821/tcp \ -p 51821:51821/tcp \
@ -102,34 +99,11 @@ Are you enjoying this project? [Buy Emile a beer!](https://github.com/sponsors/W
These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command. These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command.
| Env | Default | Example | Description | | Env | Default | Example | Description |
| ----------------------------- | ----------------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | --------- | ----------------- | ------------- | -------------------------------------------- |
| `PORT` | `51821` | `6789` | TCP port for Web UI. | | `PORT` | `51821` | `6789` | TCP port for Web UI. |
| `WEBUI_HOST` | `0.0.0.0` | `localhost` | IP address web UI binds to. | | `HOST` | `0.0.0.0` | `localhost` | IP address web UI binds to. |
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. | | `WG_PATH` | `/etc/wireguard/` | `/home/user/` | The Path your `wg0.conf` and `db.json` lives |
| `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will listen on that (othwise default) inside the Docker container. |
| `WG_CONFIG_PORT` | `51820` | `12345` | The UDP port used on [Home Assistant Plugin](https://github.com/adriy-be/homeassistant-addons-jdeath/tree/main/wgeasy) |
| `WG_MTU` | `null` | `1420` | The MTU the clients will use. Server uses default WG MTU. |
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive. |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. If set to blank value, clients will not use any DNS. |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
| `WG_PRE_UP` | `...` | - | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L19) for the default value. |
| `WG_POST_UP` | `...` | `iptables ...` | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L20) for the default value. |
| `WG_PRE_DOWN` | `...` | - | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L27) for the default value. |
| `WG_POST_DOWN` | `...` | `iptables ...` | See [config.js](https://github.com/wg-easy/wg-easy/blob/master/src/config.js#L28) for the default value. |
| `WG_ENABLE_EXPIRES_TIME` | `false` | `true` | Enable expire time for clients |
| `LANG` | `en` | `de` | Web UI language (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi). |
| `UI_TRAFFIC_STATS` | `false` | `true` | Enable detailed RX / TX client stats in Web UI |
| `UI_CHART_TYPE` | `0` | `1` | UI_CHART_TYPE=0 # Charts disabled, UI_CHART_TYPE=1 # Line chart, UI_CHART_TYPE=2 # Area chart, UI_CHART_TYPE=3 # Bar chart |
| `WG_ENABLE_ONE_TIME_LINKS` | `false` | `true` | Enable display and generation of short one time download links (expire after 5 minutes) |
| `MAX_AGE` | `0` | `1440` | The maximum age of Web UI sessions in minutes. `0` means that the session will exist until the browser is closed. |
| `UI_ENABLE_SORT_CLIENTS` | `false` | `true` | Enable UI sort clients by name |
| `ENABLE_PROMETHEUS_METRICS` | `false` | `true` | Enable Prometheus metrics `http://0.0.0.0:51821/metrics` and `http://0.0.0.0:51821/metrics/json` |
| `PROMETHEUS_METRICS_PASSWORD` | - | `$2y$05$Ci...` | If set, Basic Auth is required when requesting metrics. See [How to generate an bcrypt hash.md]("https://github.com/wg-easy/wg-easy/blob/master/How_to_generate_an_bcrypt_hash.md") for know how generate the hash. |
> If you change `WG_PORT`, make sure to also change the exposed port.
## Updating ## Updating
@ -148,7 +122,7 @@ With Docker Compose WireGuard Easy can be updated with a single command:
Compose file and it is not `latest`, make sure that it is changed to the desired Compose file and it is not `latest`, make sure that it is changed to the desired
one; by default it is omitted and one; by default it is omitted and
[defaults to `latest`](https://docs.docker.com/engine/reference/run/#image-references)). \ [defaults to `latest`](https://docs.docker.com/engine/reference/run/#image-references)). \
The WireGuared Easy container will be automatically recreated if a newer image The WireGuard Easy container will be automatically recreated if a newer image
was pulled. was pulled.
## Common Use Cases ## Common Use Cases

2
docker-compose.dev.yml
View File

@ -14,8 +14,6 @@ services:
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
- SYS_MODULE - SYS_MODULE
environment:
- WG_HOST=192.168.1.233
# folders should be generated inside container # folders should be generated inside container
volumes: volumes:

29
docker-compose.yml
View File

@ -4,33 +4,10 @@ volumes:
services: services:
wg-easy: wg-easy:
environment: environment:
# Change Language: - PORT=51821
# (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi)
- LANG=en
# ⚠️ Required:
# Change this to your host's public address
- WG_HOST=raspberrypi.local
# Optional: # Optional:
# - PORT=51821 # - HOST=0.0.0.0
# - WG_PORT=51820 # - WG_PATH=/etc/wireguard/
# - WG_CONFIG_PORT=92820
# - WG_DEFAULT_ADDRESS=10.8.0.x
# - WG_DEFAULT_DNS=1.1.1.1
# - WG_MTU=1420
# - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
# - WG_PERSISTENT_KEEPALIVE=25
# - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
# - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
# - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
# - WG_POST_DOWN=echo "Post Down" > /etc/wireguard/post-down.txt
# - UI_TRAFFIC_STATS=true
# - UI_CHART_TYPE=0 # (0 Charts disabled, 1 # Line chart, 2 # Area chart, 3 # Bar chart)
# - WG_ENABLE_ONE_TIME_LINKS=true
# - UI_ENABLE_SORT_CLIENTS=true
# - WG_ENABLE_EXPIRES_TIME=true
# - ENABLE_PROMETHEUS_METRICS=false
# - PROMETHEUS_METRICS_PASSWORD=$$2a$$12$$vkvKpeEAHD78gasyawIod.1leBMKg8sBwKW.pQyNsq78bXV3INf2G # (needs double $$, hash of 'prometheus_password'; see "How_to_generate_an_bcrypt_hash.md" for generate the hash)
image: ghcr.io/wg-easy/wg-easy image: ghcr.io/wg-easy/wg-easy
container_name: wg-easy container_name: wg-easy

2
src/server/utils/WireGuard.ts
View File

@ -47,7 +47,7 @@ AllowedIPs = ${client.address}/32`;
} }
DEBUG('Config saving...'); DEBUG('Config saving...');
await fs.writeFile(path.join('/etc/wireguard', 'wg0.conf'), result, { await fs.writeFile(path.join(WG_PATH, 'wg0.conf'), result, {
mode: 0o600, mode: 0o600,
}); });
DEBUG('Config saved.'); DEBUG('Config saved.');

2
src/server/utils/logger.ts → src/server/utils/config.ts
View File

@ -1,3 +1,5 @@
import debug from 'debug'; import debug from 'debug';
export const WG_PATH = process.env.WG_PATH || '/etc/wireguard/';
export const SERVER_DEBUG = debug('Server'); export const SERVER_DEBUG = debug('Server');

3
src/services/database/lowdb.ts
View File

@ -21,9 +21,8 @@ export default class LowDB extends DatabaseProvider {
#db!: Low<Database>; #db!: Low<Database>;
#connected = false; #connected = false;
// is this really needed?
private async __init() { private async __init() {
const dbFilePath = join('/etc/wireguard', 'db.json'); const dbFilePath = join(WG_PATH, 'db.json');
this.#db = await JSONFilePreset(dbFilePath, DEFAULT_DATABASE); this.#db = await JSONFilePreset(dbFilePath, DEFAULT_DATABASE);
} }

Write Preview
Loading…
Cancel
Save