@ -0,0 +1,23 @@ |
|||
# http://editorconfig.org |
|||
root = true |
|||
|
|||
[*] |
|||
indent_style = space |
|||
indent_size = 2 |
|||
end_of_line = lf |
|||
charset = utf-8 |
|||
trim_trailing_whitespace = true |
|||
insert_final_newline = true |
|||
|
|||
# The JSON files contain newlines inconsistently |
|||
[*.json] |
|||
insert_final_newline = ignore |
|||
|
|||
# Minified JavaScript files shouldn't be changed |
|||
[**.min.js] |
|||
indent_style = ignore |
|||
insert_final_newline = ignore |
|||
|
|||
[*.md] |
|||
trim_trailing_whitespace = false |
|||
|
|||
@ -0,0 +1,11 @@ |
|||
WG_HOST=🚨YOUR_SERVER_IP |
|||
# (Supports: en, ru, tr, no, pl, fr, de, ca, es) |
|||
LANGUAGE=en |
|||
PORT=51821 |
|||
WG_DEVICE=eth0 |
|||
WG_PORT=51820 |
|||
WG_DEFAULT_ADDRESS=10.8.0.x |
|||
WG_DEFAULT_DNS=1.1.1.1 |
|||
WG_ALLOWED_IPS=0.0.0.0/0, ::/0 |
|||
DICEBEAR_TYPE=bottts |
|||
USE_GRAVATAR=true |
|||
@ -0,0 +1,98 @@ |
|||
name: Docker |
|||
|
|||
# This workflow uses actions that are not certified by GitHub. |
|||
# They are provided by a third-party and are governed by |
|||
# separate terms of service, privacy policy, and support |
|||
# documentation. |
|||
|
|||
on: |
|||
schedule: |
|||
- cron: '43 21 * * *' |
|||
push: |
|||
branches: [ "v14" ] |
|||
# Publish semver tags as releases. |
|||
tags: [ 'v*.*.*' ] |
|||
pull_request: |
|||
branches: [ "v14" ] |
|||
|
|||
env: |
|||
# Use docker.io for Docker Hub if empty |
|||
REGISTRY: ghcr.io |
|||
# github.repository as <account>/<repo> |
|||
IMAGE_NAME: ${{ github.repository }} |
|||
|
|||
|
|||
jobs: |
|||
build: |
|||
|
|||
runs-on: ubuntu-latest |
|||
permissions: |
|||
contents: read |
|||
packages: write |
|||
# This is used to complete the identity challenge |
|||
# with sigstore/fulcio when running outside of PRs. |
|||
id-token: write |
|||
|
|||
steps: |
|||
- name: Checkout repository |
|||
uses: actions/checkout@v5 |
|||
|
|||
# Install the cosign tool except on PR |
|||
# https://github.com/sigstore/cosign-installer |
|||
- name: Install cosign |
|||
if: github.event_name != 'pull_request' |
|||
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad #v4.0.0 |
|||
with: |
|||
cosign-release: 'v2.2.4' |
|||
|
|||
# Set up BuildKit Docker container builder to be able to build |
|||
# multi-platform images and export cache |
|||
# https://github.com/docker/setup-buildx-action |
|||
- name: Set up Docker Buildx |
|||
uses: docker/setup-buildx-action@1583c0f09d26c58c59d25b0eef29792b7ce99d9a # v3.0.0 |
|||
|
|||
# Login against a Docker registry except on PR |
|||
# https://github.com/docker/login-action |
|||
- name: Log into registry ${{ env.REGISTRY }} |
|||
if: github.event_name != 'pull_request' |
|||
uses: docker/login-action@28fdb31ff34708d19615a74d67103ddc2ea9725c # v3.0.0 |
|||
with: |
|||
registry: ${{ env.REGISTRY }} |
|||
username: ${{ github.actor }} |
|||
password: ${{ secrets.GITHUB_TOKEN }} |
|||
|
|||
# Extract metadata (tags, labels) for Docker |
|||
# https://github.com/docker/metadata-action |
|||
- name: Extract Docker metadata |
|||
id: meta |
|||
uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0 |
|||
with: |
|||
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} |
|||
|
|||
# Build and push Docker image with Buildx (don't push on PR) |
|||
# https://github.com/docker/build-push-action |
|||
- name: Build and push Docker image |
|||
id: build-and-push |
|||
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 |
|||
with: |
|||
context: . |
|||
push: ${{ github.event_name != 'pull_request' }} |
|||
tags: ${{ steps.meta.outputs.tags }} |
|||
labels: ${{ steps.meta.outputs.labels }} |
|||
cache-from: type=gha |
|||
cache-to: type=gha,mode=max |
|||
|
|||
# Sign the resulting Docker image digest except on PRs. |
|||
# This will only write to the public Rekor transparency log when the Docker |
|||
# repository is public to avoid leaking data. If you would like to publish |
|||
# transparency data even for private images, pass --force to cosign below. |
|||
# https://github.com/sigstore/cosign |
|||
- name: Sign the published Docker image |
|||
if: ${{ github.event_name != 'pull_request' }} |
|||
env: |
|||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable |
|||
TAGS: ${{ steps.meta.outputs.tags }} |
|||
DIGEST: ${{ steps.build-and-push.outputs.digest }} |
|||
# This step uses the identity token to provision an ephemeral certificate |
|||
# against the sigstore community Fulcio instance. |
|||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} |
|||
@ -1,45 +1,42 @@ |
|||
# Generating bcrypt-hashed password |
|||
# wg-password |
|||
|
|||
With version 14 of wg-easy, a password hashed with bcrypt is needed instead of the plain-text password string. This doc explains how to generate the hash based on a plain-text password. |
|||
`wg-password` (wgpw) is a script that generates bcrypt password hashes for use with `awg-easy`, enhancing security by requiring passwords. |
|||
|
|||
## Using Docker + node |
|||
## Features |
|||
|
|||
- You are using docker compose |
|||
- Generate bcrypt password hashes. |
|||
- Easily integrate with `awg-easy` to enforce password requirements. |
|||
|
|||
The easiest way to generate a bcrypt password hash with wgpw is using docker and node: |
|||
## Usage with Docker |
|||
|
|||
```sh |
|||
docker run ghcr.io/wg-easy/wg-easy:14 node -e 'const bcrypt = require("bcryptjs"); const hash = bcrypt.hashSync("YOUR_PASSWORD", 10); console.log(hash.replace(/\$/g, "$$$$"));' |
|||
``` |
|||
|
|||
The hashed password will get printed on your terminal. Copy it and use on the `PASSWORD_HASH` environment variable in your docker compose. |
|||
|
|||
- You are using `docker run` |
|||
|
|||
If you are using `docker run` for running wg-easy, you must enclose the hash string in single quotes (`'...'`). You can use this command: |
|||
|
|||
```sh |
|||
docker run --rm ghcr.io/wg-easy/wg-easy:14 node -e "const bcrypt = require('bcryptjs'); const hash = bcrypt.hashSync('YOUR_PASSWORD', 10); console.log('\'' + hash + '\'');" |
|||
``` |
|||
|
|||
The hashed password will get printed on your terminal. Copy it and use on the `PASSWORD_HASH` environment variable in your docker run command. |
|||
|
|||
## Using Docker + wgpw |
|||
|
|||
`wg-password` (wgpw) is a script that generates bcrypt password hashes. You can use it with docker: |
|||
To generate a bcrypt password hash using docker, run the following command : |
|||
|
|||
```sh |
|||
docker run ghcr.io/wg-easy/wg-easy:14 wgpw YOUR_PASSWORD |
|||
docker run -it ghcr.io/evoll/awg-easy:14 wgpw YOUR_PASSWORD |
|||
PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW' // literally YOUR_PASSWORD |
|||
``` |
|||
|
|||
You will see an output similar to this: |
|||
|
|||
If a password is not provided, the tool will prompt you for one : |
|||
```sh |
|||
docker run -it ghcr.io/evoll/awg-easy:14 wgpw |
|||
Enter your password: // hidden prompt, type in your password |
|||
PASSWORD_HASH='$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW' |
|||
``` |
|||
|
|||
In this example, the `$2b$12$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW` string is your hashed password. For using it with docker-compose, you need to escape each `$` characters by adding another `$` before them, or they will get interpreted as variables. The final password you can use in docker-compose will look like this: |
|||
**Important** : make sure to enclose your password in **single quotes** when you run `docker run` command : |
|||
|
|||
```sh |
|||
$$2b$$12$$coPqCsPtcFO.Ab99xylBNOW4.Iu7OOA2/ZIboHN6/oyxca3MWo7fW |
|||
```bash |
|||
$ echo $2b$12$coPqCsPtcF <-- not correct |
|||
b2 |
|||
$ echo "$2b$12$coPqCsPtcF" <-- not correct |
|||
b2 |
|||
$ echo '$2b$12$coPqCsPtcF' <-- correct |
|||
$2b$12$coPqCsPtcF |
|||
``` |
|||
|
|||
**Important** : Please note: don't wrap the generated hash password in single quotes when you use `docker-compose.yml`. Instead, replace each `$` symbol with two `$$` symbols. For example: |
|||
|
|||
``` yaml |
|||
- PASSWORD_HASH=$$2y$$10$$hBCoykrB95WSzuV4fafBzOHWKu9sbyVa34GJr8VV5R/pIelfEMYyG |
|||
``` |
|||
|
|||
This hash is for the password 'foobar123', obtained using the command `docker run ghcr.io/evoll/awg-easy:14 wgpw foobar123` and then inserted an additional `$` before each existing `$` symbol. |
|||
|
|||
|
Before Width: | Height: | Size: 104 KiB After Width: | Height: | Size: 182 KiB |
@ -1,9 +1,9 @@ |
|||
[Unit] |
|||
Description=Wireguard VPN + Web-based Admin UI |
|||
Description=AmneziaWG VPN + Web-based Admin UI |
|||
After=network-online.target nss-lookup.target |
|||
|
|||
[Service] |
|||
Environment="WG_HOST=raspberrypi.local" # Change this to your host's public address or static public ip. |
|||
Environment="WG_HOST=local" # Change this to your host's public address or static public ip. |
|||
Environment="PASSWORD=REPLACEME" # When set, requires a password when logging in to the Web UI, to disable add a hashtag |
|||
#Environment="WG_DEFAULT_ADDRESS=10.0.8.x" #Clients IP address range. |
|||
#Environment="WG_DEFAULT_DNS=10.0.8.1, 1.1.1.1" #DNS server clients will use. If set to blank value, clients will not use any DNS. |
|||
@ -1,101 +0,0 @@ |
|||
# Contributing to wg-easy |
|||
|
|||
First and foremost, thank you! We appreciate that you want to contribute to wg-easy, your time is valuable, and your contributions mean a lot to us. |
|||
|
|||
|
|||
## Important! |
|||
|
|||
By contributing to this project, you: |
|||
|
|||
* Agree that you have authored 100% of the content |
|||
* Agree that you have the necessary rights to the content |
|||
* Agree that you have received the necessary permissions from your employer to make the contributions (if applicable) |
|||
* Agree that the content you contribute may be provided under the Project license(s) |
|||
* Agree that, if you did not author 100% of the content, the appropriate licenses and copyrights have been added along with any other necessary attribution. |
|||
|
|||
|
|||
## Getting started |
|||
|
|||
**What does "contributing" mean?** |
|||
|
|||
Creating an issue is the simplest form of contributing to a project. But there are many ways to contribute, including the following: |
|||
|
|||
- Updating or correcting documentation |
|||
- Feature requests |
|||
- Bug reports |
|||
|
|||
|
|||
## Showing support for wg-easy |
|||
|
|||
Please keep in mind that open source software is built by people like you, who spend their free time creating things the rest the community can use. |
|||
|
|||
Don't have time to contribute? No worries, here are some other ways to show your support for wg-easy: |
|||
|
|||
- star the [project](https://github.com/wg-easy/wg-easy) |
|||
- tweet your support for wg-easy |
|||
|
|||
|
|||
## Issues |
|||
|
|||
Please only create issues for bug reports or feature requests. Issues discussing any other topics may be closed by the project's maintainers without further explanation. |
|||
|
|||
Do not create issues about bumping dependencies unless a bug has been identified and you can demonstrate that it effects this library. |
|||
|
|||
**Help us to help you** |
|||
|
|||
Remember that we’re here to help, but not to make guesses about what you need help with: |
|||
|
|||
- Whatever bug or issue you're experiencing, assume that it will not be as obvious to the maintainers as it is to you. |
|||
- Spell it out completely. Keep in mind that maintainers need to think about _all potential use cases_ of a library. It's important that you explain how you're using a library so that maintainers can make that connection and solve the issue. |
|||
|
|||
_It can't be understated how frustrating and draining it can be to maintainers to have to ask clarifying questions on the most basic things, before it's even possible to start debugging. Please try to make the best use of everyone's time involved, including yourself, by providing this information up front._ |
|||
|
|||
### Before creating an issue |
|||
|
|||
Please try to determine if the issue is caused by an underlying library, and if so, create the issue there. Sometimes this is difficult to know. We only ask that you attempt to give a reasonable attempt to find out. Oftentimes the readme will have advice about where to go to create issues. |
|||
|
|||
Try to follow these guidelines: |
|||
|
|||
- **Avoid creating issues for implementation help** - It's much better for discoverability, SEO, and semantics - to keep the issue tracker focused on bugs and feature requests - to ask implementation-related questions on [stackoverflow.com][so] |
|||
- **Investigate the issue** - Search for exising issues (open or closed) that address the issue, and might have even resolved it already. |
|||
- **Check the readme** - oftentimes you will find notes about creating issues, and where to go depending on the type of issue. |
|||
- Create the issue in the appropriate repository. |
|||
|
|||
### Creating an issue |
|||
|
|||
Please be as descriptive as possible when creating an issue. Give us the information we need to successfully answer your question or address your issue by answering the following in your issue: |
|||
|
|||
- **description**: (required) What is the bug you're experiencing? How are you using this library/app? |
|||
- **OS**: (required) what operating system are you on? |
|||
- **version**: (required) please note the version of wg-easy are you using |
|||
- **error messages**: (required) please paste any error messages into the issue, or a [gist](https://gist.github.com/) |
|||
- **extensions, plugins, helpers, etc** (if applicable): please list any extensions you're using |
|||
|
|||
|
|||
### Closing issues |
|||
|
|||
The original poster or the maintainers of wg-easy may close an issue at any time. Typically, but not exclusively, issues are closed when: |
|||
|
|||
- The issue is resolved |
|||
- The project's maintainers have determined the issue is out of scope |
|||
- An issue is clearly a duplicate of another issue, in which case the duplicate issue will be linked. |
|||
- A discussion has clearly run its course |
|||
|
|||
|
|||
## Next steps |
|||
|
|||
**Tips for creating idiomatic issues** |
|||
|
|||
Spending just a little extra time to review best practices and brush up on your contributing skills will, at minimum, make your issue easier to read, easier to resolve, and more likely to be found by others who have the same or similar issue in the future. At best, it will open up doors and potential career opportunities by helping you be at your best. |
|||
|
|||
The following resources were hand-picked to help you be the most effective contributor you can be: |
|||
|
|||
- The [Guide to Idiomatic Contributing](https://github.com/jonschlinkert/idiomatic-contributing) is a great place for newcomers to start, but there is also information for experienced contributors there. |
|||
- Take some time to learn basic markdown. We can't stress this enough. Don't start pasting code into GitHub issues before you've taken a moment to review this [markdown cheatsheet](https://gist.github.com/jonschlinkert/5854601) |
|||
- The GitHub guide to [basic markdown](https://help.github.com/articles/markdown-basics/) is another great markdown resource. |
|||
- Learn about [GitHub Flavored Markdown](https://help.github.com/articles/github-flavored-markdown/). And if you want to really go above and beyond, read [mastering markdown](https://guides.github.com/features/mastering-markdown/). |
|||
|
|||
At the very least, please try to: |
|||
|
|||
- Use backticks to wrap code. This ensures that it retains its formatting and isn't modified when it's rendered by GitHub, and makes the code more readable to others |
|||
- When applicable, use syntax highlighting by adding the correct language name after the first "code fence" |
|||
@ -1,11 +1,11 @@ |
|||
{ |
|||
"name": "wg-easy", |
|||
"version": "1.0.1", |
|||
"name": "awg-easy", |
|||
"version": "14.0.0", |
|||
"lockfileVersion": 3, |
|||
"requires": true, |
|||
"packages": { |
|||
"": { |
|||
"version": "1.0.1" |
|||
"version": "14.0.0" |
|||
} |
|||
} |
|||
} |
|||
|
|||
@ -1,10 +1,10 @@ |
|||
{ |
|||
"version": "1.0.1", |
|||
"version": "14.0.0", |
|||
"scripts": { |
|||
"sudobuild": "DOCKER_BUILDKIT=1 sudo docker build --tag wg-easy .", |
|||
"build": "DOCKER_BUILDKIT=1 docker build --tag wg-easy .", |
|||
"sudobuild": "DOCKER_BUILDKIT=1 sudo docker build --tag awg-easy .", |
|||
"build": "DOCKER_BUILDKIT=1 docker build --tag awg-easy .", |
|||
"serve": "docker compose -f docker-compose.yml -f docker-compose.dev.yml up", |
|||
"sudostart": "sudo docker run --env WG_HOST=0.0.0.0 --name wg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/wireguard -p 51820:51820/udp -p 51821:51821/tcp wg-easy", |
|||
"start": "docker run --env WG_HOST=0.0.0.0 --name wg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/wireguard -p 51820:51820/udp -p 51821:51821/tcp wg-easy" |
|||
"sudostart": "sudo docker run --env WG_HOST=0.0.0.0 --name awg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/amnezia/amneziawg -p 51820:51820/udp -p 51821:51821/tcp awg-easy", |
|||
"start": "docker run --env WG_HOST=0.0.0.0 --name awg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/amnezia/amneziawg -p 51820:51820/udp -p 51821:51821/tcp awg-easy" |
|||
} |
|||
} |
|||
} |
|||
|
|||
|
Before Width: | Height: | Size: 69 KiB After Width: | Height: | Size: 14 KiB |
|
After Width: | Height: | Size: 32 KiB |
|
Before Width: | Height: | Size: 2.9 KiB |
|
Before Width: | Height: | Size: 3.0 KiB After Width: | Height: | Size: 16 KiB |
|
After Width: | Height: | Size: 28 KiB |
@ -1,11 +1,11 @@ |
|||
{ |
|||
"name": "WireGuard", |
|||
"name": "AmneziaWG", |
|||
"display": "standalone", |
|||
"background_color": "#fff", |
|||
"icons": [ |
|||
{ |
|||
"src": "img/favicon.png", |
|||
"type": "image/png" |
|||
"src": "img/favicon.ico", |
|||
"type": "image/x-icon" |
|||
} |
|||
] |
|||
} |
|||
|
|||
@ -1,3 +1,7 @@ |
|||
@tailwind base; |
|||
@tailwind components; |
|||
@tailwind utilities; |
|||
|
|||
.p-0 { |
|||
padding: 0; |
|||
} |
|||
|
|||