MigrateRepos
/
wg-easy
mirror of https://github.com/WeeJeWel/wg-easy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #114 from WeeJeWel/master 

mmip
This commit is contained in:
Emile Nijssen 2021-11-12 22:29:29 +01:00 committed by GitHub
parent e280bed71c e843593b17
commit 0c0314b36c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 70 additions and 811 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Dockerfile
View File

@ -1,4 +1,4 @@
FROM node:14-alpine
FROM docker.io/library/node:14-alpine@sha256:dc92f36e7cd917816fa2df041d4e9081453366381a00f40398d99e9392e78664
# Install Linux packages
RUN apk add -U --no-cache wireguard-tools dumb-init
@ -7,6 +7,8 @@ RUN apk add -U --no-cache wireguard-tools dumb-init
COPY src/ /app/
WORKDIR /app
RUN npm ci --production
RUN npm i -g nodemon
RUN mv /app/node_modules/ /node_modules/
# Expose Ports
EXPOSE 51820/udp

17
README.md
View File

@ -35,11 +35,12 @@ If you haven't installed Docker yet, install it by running:
```bash
$ curl -sSL https://get.docker.com | sh
$ sudo sh get-docker.sh
$ sudo usermod -aG docker $(whoami)
$ bash
$ exit
```
And log in again.
You might need to install docker-compose separately. For example, on a Raspberry Pi:
```bash
@ -80,12 +81,12 @@ These options can be configured in `docker-compose.yml` under `environment`.
| Env | Default | Example | Description |
| - | - | - | - |
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server |
| `WG_PORT` | `51820` | `51820` | The public UDP port of your VPN server |
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use |
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on `51820` inside the Docker container. |
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. |
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
> If you change `WG_PORT`, make sure to also change the exposed port.

4
package-lock.json generated Normal file
View File

@ -0,0 +1,4 @@
{
"version": "1.0.0",
"lockfileVersion": 1
}

2
package.json
View File

@ -5,4 +5,4 @@
"serve": "docker-compose -f docker-compose.yml -f docker-compose.dev.yml up",
"start": "docker run --env WG_HOST=0.0.0.0 --name wg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/wireguard -p 51820:51820/udp -p 51821:51821/tcp wg-easy"
}
}
}

3
src/lib/Server.js
View File

@ -99,7 +99,8 @@ module.exports = class Server {
const { clientId } = req.params;
const client = await WireGuard.getClient({ clientId });
const config = await WireGuard.getClientConfiguration({ clientId });
res.header('Content-Disposition', `attachment; filename="${client.name}.conf"`);
const configName = client.name.replace(/[^a-zA-Z0-9_=+.-]/g, '-').replace(/(-{2,}|-$)/g, '-').replace(/-$/, '').substring(0, 32);
res.header('Content-Disposition', `attachment; filename="${configName}.conf"`);
res.header('Content-Type', 'text/plain');
res.send(config);
}))

13
src/lib/Util.js
View File

@ -52,9 +52,16 @@ module.exports = class Util {
};
}
static async exec(cmd) {
// eslint-disable-next-line no-console
console.log(`$ ${cmd}`);
static async exec(cmd, {
log = true,
} = {}) {
if (typeof log === 'string') {
// eslint-disable-next-line no-console
console.log(`$ ${log}`);
} else if (log === true) {
// eslint-disable-next-line no-console
console.log(`$ ${cmd}`);
}
if (process.platform !== 'linux') {
return '';

10
src/lib/WireGuard.js
View File

@ -37,7 +37,9 @@ module.exports = class WireGuard {
debug('Configuration loaded.');
} catch (err) {
const privateKey = await Util.exec('wg genkey');
const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`);
const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`, {
log: 'echo ***hidden*** | wg pubkey',
});
const address = WG_DEFAULT_ADDRESS.replace('x', '1');
config = {
@ -52,7 +54,7 @@ module.exports = class WireGuard {
}
await this.__saveConfig(config);
await Util.exec('wg-quick down wg0').catch(() => {});
await Util.exec('wg-quick down wg0').catch(() => { });
await Util.exec('wg-quick up wg0');
await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o eth0 -j MASQUERADE`);
await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT');
@ -127,7 +129,9 @@ AllowedIPs = ${client.address}/32`;
}));
// Loop WireGuard status
const dump = await Util.exec('wg show wg0 dump');
const dump = await Util.exec('wg show wg0 dump', {
log: false,
});
dump
.trim()
.split('\n')

822
src/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

3
src/package.json
View File

@ -15,7 +15,6 @@
"debug": "^4.3.1",
"express": "^4.17.1",
"express-session": "^1.17.1",
"nodemon": "^2.0.12",
"qrcode": "^1.4.4",
"uuid": "^8.3.2"
},
@ -31,4 +30,4 @@
"engines": {
"node": "14"
}
}
}

3
src/www/js/app.js
View File

@ -47,8 +47,6 @@ new Vue({
return client;
});
console.log(clients);
},
login(e) {
e.preventDefault();
@ -71,6 +69,7 @@ new Vue({
})
.finally(() => {
this.authenticating = false;
this.password = null;
});
},
logout(e) {