mirror of
https://github.com/WeeJeWel/wg-easy.git
synced 2025-01-10 06:55:44 +08:00
commit
0c0314b36c
@ -1,4 +1,4 @@
|
|||||||
FROM node:14-alpine
|
FROM docker.io/library/node:14-alpine@sha256:dc92f36e7cd917816fa2df041d4e9081453366381a00f40398d99e9392e78664
|
||||||
|
|
||||||
# Install Linux packages
|
# Install Linux packages
|
||||||
RUN apk add -U --no-cache wireguard-tools dumb-init
|
RUN apk add -U --no-cache wireguard-tools dumb-init
|
||||||
@ -7,6 +7,8 @@ RUN apk add -U --no-cache wireguard-tools dumb-init
|
|||||||
COPY src/ /app/
|
COPY src/ /app/
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
RUN npm ci --production
|
RUN npm ci --production
|
||||||
|
RUN npm i -g nodemon
|
||||||
|
RUN mv /app/node_modules/ /node_modules/
|
||||||
|
|
||||||
# Expose Ports
|
# Expose Ports
|
||||||
EXPOSE 51820/udp
|
EXPOSE 51820/udp
|
||||||
|
17
README.md
17
README.md
@ -35,11 +35,12 @@ If you haven't installed Docker yet, install it by running:
|
|||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ curl -sSL https://get.docker.com | sh
|
$ curl -sSL https://get.docker.com | sh
|
||||||
$ sudo sh get-docker.sh
|
|
||||||
$ sudo usermod -aG docker $(whoami)
|
$ sudo usermod -aG docker $(whoami)
|
||||||
$ bash
|
$ exit
|
||||||
```
|
```
|
||||||
|
|
||||||
|
And log in again.
|
||||||
|
|
||||||
You might need to install docker-compose separately. For example, on a Raspberry Pi:
|
You might need to install docker-compose separately. For example, on a Raspberry Pi:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
@ -80,12 +81,12 @@ These options can be configured in `docker-compose.yml` under `environment`.
|
|||||||
| Env | Default | Example | Description |
|
| Env | Default | Example | Description |
|
||||||
| - | - | - | - |
|
| - | - | - | - |
|
||||||
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
|
| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
|
||||||
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server |
|
| `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
|
||||||
| `WG_PORT` | `51820` | `51820` | The public UDP port of your VPN server |
|
| `WG_PORT` | `51820` | `12345` | The public UDP port of your VPN server. WireGuard will always listen on `51820` inside the Docker container. |
|
||||||
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open |
|
| `WG_PERSISTENT_KEEPALIVE` | `0` | `25` | Value in seconds to keep the "connection" open. |
|
||||||
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range |
|
| `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range. |
|
||||||
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use |
|
| `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use. |
|
||||||
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use |
|
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | `192.168.15.0/24, 10.0.1.0/24` | Allowed IPs clients will use. |
|
||||||
|
|
||||||
> If you change `WG_PORT`, make sure to also change the exposed port.
|
> If you change `WG_PORT`, make sure to also change the exposed port.
|
||||||
|
|
||||||
|
4
package-lock.json
generated
Normal file
4
package-lock.json
generated
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
{
|
||||||
|
"version": "1.0.0",
|
||||||
|
"lockfileVersion": 1
|
||||||
|
}
|
@ -5,4 +5,4 @@
|
|||||||
"serve": "docker-compose -f docker-compose.yml -f docker-compose.dev.yml up",
|
"serve": "docker-compose -f docker-compose.yml -f docker-compose.dev.yml up",
|
||||||
"start": "docker run --env WG_HOST=0.0.0.0 --name wg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/wireguard -p 51820:51820/udp -p 51821:51821/tcp wg-easy"
|
"start": "docker run --env WG_HOST=0.0.0.0 --name wg-easy --cap-add=NET_ADMIN --cap-add=SYS_MODULE --sysctl=\"net.ipv4.conf.all.src_valid_mark=1\" --mount type=bind,source=\"$(pwd)\"/config,target=/etc/wireguard -p 51820:51820/udp -p 51821:51821/tcp wg-easy"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -99,7 +99,8 @@ module.exports = class Server {
|
|||||||
const { clientId } = req.params;
|
const { clientId } = req.params;
|
||||||
const client = await WireGuard.getClient({ clientId });
|
const client = await WireGuard.getClient({ clientId });
|
||||||
const config = await WireGuard.getClientConfiguration({ clientId });
|
const config = await WireGuard.getClientConfiguration({ clientId });
|
||||||
res.header('Content-Disposition', `attachment; filename="${client.name}.conf"`);
|
const configName = client.name.replace(/[^a-zA-Z0-9_=+.-]/g, '-').replace(/(-{2,}|-$)/g, '-').replace(/-$/, '').substring(0, 32);
|
||||||
|
res.header('Content-Disposition', `attachment; filename="${configName}.conf"`);
|
||||||
res.header('Content-Type', 'text/plain');
|
res.header('Content-Type', 'text/plain');
|
||||||
res.send(config);
|
res.send(config);
|
||||||
}))
|
}))
|
||||||
|
@ -52,9 +52,16 @@ module.exports = class Util {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
static async exec(cmd) {
|
static async exec(cmd, {
|
||||||
// eslint-disable-next-line no-console
|
log = true,
|
||||||
console.log(`$ ${cmd}`);
|
} = {}) {
|
||||||
|
if (typeof log === 'string') {
|
||||||
|
// eslint-disable-next-line no-console
|
||||||
|
console.log(`$ ${log}`);
|
||||||
|
} else if (log === true) {
|
||||||
|
// eslint-disable-next-line no-console
|
||||||
|
console.log(`$ ${cmd}`);
|
||||||
|
}
|
||||||
|
|
||||||
if (process.platform !== 'linux') {
|
if (process.platform !== 'linux') {
|
||||||
return '';
|
return '';
|
||||||
|
@ -37,7 +37,9 @@ module.exports = class WireGuard {
|
|||||||
debug('Configuration loaded.');
|
debug('Configuration loaded.');
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
const privateKey = await Util.exec('wg genkey');
|
const privateKey = await Util.exec('wg genkey');
|
||||||
const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`);
|
const publicKey = await Util.exec(`echo ${privateKey} | wg pubkey`, {
|
||||||
|
log: 'echo ***hidden*** | wg pubkey',
|
||||||
|
});
|
||||||
const address = WG_DEFAULT_ADDRESS.replace('x', '1');
|
const address = WG_DEFAULT_ADDRESS.replace('x', '1');
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
@ -52,7 +54,7 @@ module.exports = class WireGuard {
|
|||||||
}
|
}
|
||||||
|
|
||||||
await this.__saveConfig(config);
|
await this.__saveConfig(config);
|
||||||
await Util.exec('wg-quick down wg0').catch(() => {});
|
await Util.exec('wg-quick down wg0').catch(() => { });
|
||||||
await Util.exec('wg-quick up wg0');
|
await Util.exec('wg-quick up wg0');
|
||||||
await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o eth0 -j MASQUERADE`);
|
await Util.exec(`iptables -t nat -A POSTROUTING -s ${WG_DEFAULT_ADDRESS.replace('x', '0')}/24 -o eth0 -j MASQUERADE`);
|
||||||
await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT');
|
await Util.exec('iptables -A INPUT -p udp -m udp --dport 51820 -j ACCEPT');
|
||||||
@ -127,7 +129,9 @@ AllowedIPs = ${client.address}/32`;
|
|||||||
}));
|
}));
|
||||||
|
|
||||||
// Loop WireGuard status
|
// Loop WireGuard status
|
||||||
const dump = await Util.exec('wg show wg0 dump');
|
const dump = await Util.exec('wg show wg0 dump', {
|
||||||
|
log: false,
|
||||||
|
});
|
||||||
dump
|
dump
|
||||||
.trim()
|
.trim()
|
||||||
.split('\n')
|
.split('\n')
|
||||||
|
822
src/package-lock.json
generated
822
src/package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@ -15,7 +15,6 @@
|
|||||||
"debug": "^4.3.1",
|
"debug": "^4.3.1",
|
||||||
"express": "^4.17.1",
|
"express": "^4.17.1",
|
||||||
"express-session": "^1.17.1",
|
"express-session": "^1.17.1",
|
||||||
"nodemon": "^2.0.12",
|
|
||||||
"qrcode": "^1.4.4",
|
"qrcode": "^1.4.4",
|
||||||
"uuid": "^8.3.2"
|
"uuid": "^8.3.2"
|
||||||
},
|
},
|
||||||
@ -31,4 +30,4 @@
|
|||||||
"engines": {
|
"engines": {
|
||||||
"node": "14"
|
"node": "14"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -47,8 +47,6 @@ new Vue({
|
|||||||
|
|
||||||
return client;
|
return client;
|
||||||
});
|
});
|
||||||
|
|
||||||
console.log(clients);
|
|
||||||
},
|
},
|
||||||
login(e) {
|
login(e) {
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
@ -71,6 +69,7 @@ new Vue({
|
|||||||
})
|
})
|
||||||
.finally(() => {
|
.finally(() => {
|
||||||
this.authenticating = false;
|
this.authenticating = false;
|
||||||
|
this.password = null;
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
logout(e) {
|
logout(e) {
|
||||||
|
Loading…
Reference in New Issue
Block a user