From de6ad0557703aff49481fe3e5c5cdd12c1e85eb0 Mon Sep 17 00:00:00 2001 From: mojothemonkey2 <117033380+mojothemonkey2@users.noreply.github.com> Date: Tue, 13 Dec 2022 18:50:14 +0000 Subject: [PATCH 1/6] Manage Wireguard restarts from docker container (#267) --- Dockerfile | 8 ++++---- README.md | 16 ++++++++++++++++ docker-compose.yaml | 2 ++ init.sh | 23 +++++++++++++++++++++++ 4 files changed, 45 insertions(+), 4 deletions(-) create mode 100755 init.sh diff --git a/Dockerfile b/Dockerfile index 21394c1..a30cefe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -62,17 +62,17 @@ FROM alpine:3.16 RUN addgroup -S wgui && \ adduser -S -D -G wgui wgui -RUN apk --no-cache add ca-certificates +RUN apk --no-cache add ca-certificates wireguard-tools jq WORKDIR /app RUN mkdir -p db # Copy binary files -COPY --from=builder --chown=wgui:wgui /build/wg-ui /app - +COPY --from=builder --chown=wgui:wgui /build/wg-ui . RUN chmod +x wg-ui +COPY init.sh . EXPOSE 5000/tcp HEALTHCHECK CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1:5000/_health"] -ENTRYPOINT ["./wg-ui"] +ENTRYPOINT ["./init.sh"] diff --git a/README.md b/README.md index 3f87609..5e77d58 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,7 @@ Note: - There is a Status option that needs docker to be able to access the network of the host in order to read the wireguard interface stats. See the `cap_add` and `network_mode` options on the docker-compose.yaml +- Similarly the `WGUI_MANAGE_START` and `WGUI_MANAGE_RESTART` settings need the same access, in order to restart the wireguard interface. - Because the `network_mode` is set to `host`, we don't need to specify the exposed ports. The app will listen on port `5000` by default. @@ -75,6 +76,15 @@ These environment variables are used to set the defaults used in `New Client` di | `WGUI_DEFAULT_CLIENT_USE_SERVER_DNS` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) | | `WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) | +### Docker only + +These environment variables only apply to the docker container. + +| Variable | Description | +|-----------------------|----------------------------------------------------------------------------------| +| `WGUI_MANAGE_START` | Start/stop WireGaurd when the container is started/stopped. (default `false`) | +| `WGUI_MANAGE_RESTART` | Auto restart WireGuard when we Apply Config changes in the UI. (default `false`) | + ### Email configuration To use custom `wg.conf` template set the `WG_CONF_TEMPLATE` environment variable to a path to such file. Make sure `wireguard-ui` will be able to work with it - use [default template](templates/wg.conf) for reference. @@ -168,6 +178,12 @@ rc-service wgui start rc-update add wgui default ``` +### docker + +Set `WGUI_MANAGE_RESTART=true` to manage Wireguard interface restarts. +Using `WGUI_MANAGE_START=true` can also replace the function of `wg-quick@wg0` service, to start Wireguard at boot, by running the container with `restart: unless-stopped`. +These settings can also pick up changes to Wireguard Config File Path, after restarting the container. + ## Build ### Build docker image diff --git a/docker-compose.yaml b/docker-compose.yaml index f5be7b2..a7d49c0 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -16,6 +16,8 @@ services: - WGUI_USERNAME=alpha - WGUI_PASSWORD=this-unusual-password - WG_CONF_TEMPLATE + - WGUI_MANAGE_START=false + - WGUI_MANAGE_RESTART=false logging: driver: json-file options: diff --git a/init.sh b/init.sh new file mode 100755 index 0000000..08b98e8 --- /dev/null +++ b/init.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# extract wg config file path, or use default +conf="$(jq -r .config_file_path db/server/global_settings.json || echo /etc/wireguard/wg0.conf)" + +# manage wireguard stop/start with the container +case $WGUI_MANAGE_START in (1|t|T|true|True|TRUE) + wg-quick up "$conf" + trap 'wg-quick down "$conf"' SIGTERM # catches container stop +esac + +# manage wireguard restarts +case $WGUI_MANAGE_RESTART in (1|t|T|true|True|TRUE) + [[ -f $conf ]] || touch "$conf" # inotifyd needs file to exist + inotifyd - "$conf":w | while read -r event file; do + wg-quick down "$file" + wg-quick up "$file" + done & +esac + + +./wg-ui & +wait $! From d32064dd0ed5a7a197a45e2f682e41c0bd79ec84 Mon Sep 17 00:00:00 2001 From: Paul Dee Date: Tue, 13 Dec 2022 21:29:07 +0100 Subject: [PATCH 2/6] Fix login redirect problems. (#270) After login, my browser gets a 404 for `/wireguard`. `wireguard` might not be explicitly set by `BASE_PATH`, so just use the `{{.basePath}}` instead. Fixes #259. --- templates/login.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/login.html b/templates/login.html index 1f0e338..c75aa39 100644 --- a/templates/login.html +++ b/templates/login.html @@ -85,7 +85,7 @@ if (nextURL) { window.location.href = nextURL; } else { - window.location.href = '/wireguard/'; + window.location.href = '/{{.basePath}}'; } } From 99b586f1f741c4252eb90ab911ec237c6be0d9d3 Mon Sep 17 00:00:00 2001 From: Paul Dee Date: Tue, 13 Dec 2022 21:31:19 +0100 Subject: [PATCH 3/6] README improvements. (#268) --- README.md | 52 +++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 37 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 5e77d58..49a3755 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ A web user interface to manage your WireGuard setup. ## Features - Friendly UI - Authentication -- Manage extra client's information (name, email, etc) +- Manage extra client information (name, email, etc) - Retrieve configs using QR code / file ## Run WireGuard-UI @@ -87,9 +87,9 @@ These environment variables only apply to the docker container. ### Email configuration -To use custom `wg.conf` template set the `WG_CONF_TEMPLATE` environment variable to a path to such file. Make sure `wireguard-ui` will be able to work with it - use [default template](templates/wg.conf) for reference. +To use a custom `wg.conf` template, set the `WG_CONF_TEMPLATE` environment variable to a path to such file. To make sure `wireguard-ui` will be able to work with it - refer to the [default template](templates/wg.conf). -In order to sent the wireguard configuration to clients via email, set the following environment variables: +In order to send the wireguard configuration to clients via email, set the following environment variables: - using SendGrid API @@ -117,9 +117,11 @@ WireGuard-UI only takes care of configuration generation. You can use systemd to ### systemd -Create /etc/systemd/system/wgui.service +Create `/etc/systemd/system/wgui.service` -``` +```bash +cd /etc/systemd/system/ +cat << EOF > wgui.service [Unit] Description=Restart WireGuard After=network.target @@ -130,11 +132,14 @@ ExecStart=/usr/bin/systemctl restart wg-quick@wg0.service [Install] RequiredBy=wgui.path +EOF ``` -Create /etc/systemd/system/wgui.path +Create `/etc/systemd/system/wgui.path` -``` +```bash +cd /etc/systemd/system/ +cat << EOF > wgui.path [Unit] Description=Watch /etc/wireguard/wg0.conf for changes @@ -143,39 +148,52 @@ PathModified=/etc/wireguard/wg0.conf [Install] WantedBy=multi-user.target +EOF ``` Apply it -``` +```sh systemctl enable wgui.{path,service} systemctl start wgui.{path,service} + ``` ### openrc Create and `chmod +x` /usr/local/bin/wgui -``` +```sh +cd /usr/local/bin/ +cat << EOF > wgui #!/bin/sh wg-quick down wg0 wg-quick up wg0 +EOF +chmod +x wgui + ``` Create and `chmod +x` /etc/init.d/wgui -``` +```sh +cd /etc/init.d/ +cat << EOF > wgui #!/sbin/openrc-run command=/sbin/inotifyd command_args="/usr/local/bin/wgui /etc/wireguard/wg0.conf:w" pidfile=/run/${RC_SVCNAME}.pid command_background=yes +EOF +chmod +x wgui + ``` Apply it -``` +```sh rc-service wgui start rc-update add wgui default + ``` ### docker @@ -190,30 +208,34 @@ These settings can also pick up changes to Wireguard Config File Path, after res Go to the project root directory and run the following command: -``` +```sh docker build -t wireguard-ui . + ``` ### Build binary file Prepare the assets directory -``` +```sh ./prepare_assets.sh + ``` Then you can embed resources by generating Go source code -``` +```sh rice embed-go go build -o wireguard-ui + ``` Or, append resources to executable as zip file -``` +```sh go build -o wireguard-ui rice append --exec wireguard-ui + ``` ## Screenshot From 4b0a0d90619ee177efbe966007168e53811202bb Mon Sep 17 00:00:00 2001 From: Paul Dee Date: Tue, 13 Dec 2022 21:35:13 +0100 Subject: [PATCH 4/6] Skip PresharedKey generation (#271) Helpful for those who already have users deployed. Enter `-` in the Preshared Key field at user creation time to skip its creation. The template conf takes care of the rest. Fixes issue #235 --- handler/routes.go | 3 +++ templates/base.html | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/handler/routes.go b/handler/routes.go index ea34b8a..9439977 100644 --- a/handler/routes.go +++ b/handler/routes.go @@ -231,6 +231,9 @@ func NewClient(db store.IStore) echo.HandlerFunc { }) } client.PresharedKey = presharedKey.String() + } else if client.PresharedKey == "-" { + client.PresharedKey = "" + log.Infof("skipped PresharedKey generation for user: %v", client.Name) } else { _, err := wgtypes.ParseKey(client.PresharedKey) if err != nil { diff --git a/templates/base.html b/templates/base.html index d92e107..03d91bf 100644 --- a/templates/base.html +++ b/templates/base.html @@ -206,7 +206,7 @@ Public and Preshared Keys @@ -220,7 +220,7 @@ - + From ea55b36a6fb954a999aad91c3ee1acfd5f862c6c Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Tue, 13 Dec 2022 22:44:11 +0100 Subject: [PATCH 5/6] Update readme and code comments (#272) --- README.md | 142 ++++++++++++++++++--------------------- handler/routes.go | 18 ++--- main.go | 4 +- model/client_defaults.go | 2 +- util/config.go | 2 - util/util.go | 14 ++-- 6 files changed, 83 insertions(+), 99 deletions(-) diff --git a/README.md b/README.md index 49a3755..1f9fbe8 100644 --- a/README.md +++ b/README.md @@ -5,18 +5,21 @@ A web user interface to manage your WireGuard setup. ## Features + - Friendly UI - Authentication - Manage extra client information (name, email, etc) -- Retrieve configs using QR code / file +- Retrieve client config using QR code / file / email + +![wireguard-ui 0.3.7](https://user-images.githubusercontent.com/37958026/177041280-e3e7ca16-d4cf-4e95-9920-68af15e780dd.png) ## Run WireGuard-UI -Default username and password are `admin`. +> ⚠️The default username and password are `admin`. Please change it to secure your setup. ### Using binary file -Download the binary file from the release and run it with command: +Download the binary file from the release page and run it directly on the host machine ``` ./wireguard-ui @@ -24,7 +27,9 @@ Download the binary file from the release and run it with command: ### Using docker compose -You can take a look at this example of [docker-compose.yml](https://github.com/ngoduykhanh/wireguard-ui/blob/master/docker-compose.yaml). Please adjust volume mount points to work with your setup. Then run it like below: +You can take a look at this example +of [docker-compose.yml](https://github.com/ngoduykhanh/wireguard-ui/blob/master/docker-compose.yaml). Please adjust +volume mount points to work with your setup. Then run it like below: ``` docker-compose up @@ -32,49 +37,60 @@ docker-compose up Note: -- There is a Status option that needs docker to be able to access the network of the host in order to read the -wireguard interface stats. See the `cap_add` and `network_mode` options on the docker-compose.yaml -- Similarly the `WGUI_MANAGE_START` and `WGUI_MANAGE_RESTART` settings need the same access, in order to restart the wireguard interface. -- Because the `network_mode` is set to `host`, we don't need to specify the exposed ports. The app will listen on port `5000` by default. - +- There is a Status page that needs docker to be able to access the network of the host in order to read the + wireguard interface stats. See the `cap_add` and `network_mode` options on the docker-compose.yaml +- Similarly, the `WGUI_MANAGE_START` and `WGUI_MANAGE_RESTART` settings need the same access, in order to restart the + wireguard interface. +- Because the `network_mode` is set to `host`, we don't need to specify the exposed ports. The app will listen on + port `5000` by default. ## Environment Variables -| Variable | Description | -|-----------------------------|-----------------------------------------------------------------------------------------------------------------| -| `SESSION_SECRET` | Used to encrypt the session cookies. Set this to a random value. | -| `WGUI_USERNAME` | The username for the login page. (default `admin`) | -| `WGUI_PASSWORD` | The password for the user on the login page. Will be hashed automatically. (default `admin`) | -| `WGUI_PASSWORD_HASH` | The password hash for the user on the login page. (alternative to `WGUI_PASSWORD`) | -| `WGUI_ENDPOINT_ADDRESS` | The default endpoint address used in global settings. (default is your public IP address) | -| `WGUI_DNS` | The default DNS servers (comma-separated-list) used in the global settings. (default `1.1.1.1`) | -| `WGUI_MTU` | The default MTU used in global settings. (default `1450`) | -| `WGUI_PERSISTENT_KEEPALIVE` | The default persistent keepalive for WireGuard in global settings. (default `15`) | -| `WGUI_FORWARD_MARK` | The default WireGuard forward mark. (default `0xca6c`) | -| `WGUI_CONFIG_FILE_PATH` | The default WireGuard config file path used in global settings. (default `/etc/wireguard/wg0.conf`) | -| `BASE_PATH` | Set this variable if you run wireguard-ui under a subpath of your reverse proxy virtual host (e.g. /wireguard)) | +| Variable | Description | Default | +|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------| +| `BASE_PATH` | Set this variable if you run wireguard-ui under a subpath of your reverse proxy virtual host (e.g. /wireguard)) | N/A | +| `SESSION_SECRET` | The secret key used to encrypt the session cookies. Set this to a random value. | N/A | +| `WGUI_USERNAME` | The username for the login page | `admin` | +| `WGUI_PASSWORD` | The password for the user on the login page. Will be hashed automatically | `admin` | +| `WGUI_PASSWORD_HASH` | The password hash for the user on the login page. (alternative to `WGUI_PASSWORD`) | N/A | +| `WGUI_ENDPOINT_ADDRESS` | The default endpoint address used in global settings | Resolved to your public ip address | +| `WGUI_DNS` | The default DNS servers (comma-separated-list) used in the global settings | `1.1.1.1` | +| `WGUI_MTU` | The default MTU used in global settings | `1450` | +| `WGUI_PERSISTENT_KEEPALIVE` | The default persistent keepalive for WireGuard in global settings | `15` | +| `WGUI_FORWARD_MARK` | The default WireGuard forward mark | `0xca6c` | +| `WGUI_CONFIG_FILE_PATH` | The default WireGuard config file path used in global settings | `/etc/wireguard/wg0.conf` | +| `WG_CONF_TEMPLATE` | The custom `wg.conf` config file template. Please refer to our [default template](https://github.com/ngoduykhanh/wireguard-ui/blob/master/templates/wg.conf) | N/A | +| `EMAIL_FROM_ADDRESS` | The sender email address | N/A | +| `EMAIL_FROM_NAME` | The sender name | `WireGuard UI` | +| `SENDGRID_API_KEY` | The SendGrid api key | N/A | +| `SMTP_HOSTNAME` | The SMTP IP address or hostname | `127.0.0.1` | +| `SMTP_PORT` | The SMTP port | `25` | +| `SMTP_USERNAME` | The SMTP username | N/A | +| `SMTP_PASSWORD` | The SMTP user password | N/A | +| `SMTP_AUTH_TYPE` | The SMTP authentication type. Possible values: `PLAIN`, `LOGIN`, `NONE` | `NONE` | +| `SMTP_ENCRYPTION` | the encryption method. Possible values: `SSL`, `SSLTLS`, `TLS`, `STARTTLS` | `STARTTLS` | ### Defaults for server configuration These environment variables are used to control the default server settings used when initializing the database. -| Variable | Description | -|-----------------------------------|--------------------------------------------------------------------------------------------------------------------------| -| `WGUI_SERVER_INTERFACE_ADDRESSES` | The default interface addresses (comma-separated-list) for the WireGuard server configuration. (default `10.252.1.0/24`) | -| `WGUI_SERVER_LISTEN_PORT` | The default server listen port. (default `51820`) | -| `WGUI_SERVER_POST_UP_SCRIPT` | The default server post-up script. | -| `WGUI_SERVER_POST_DOWN_SCRIPT` | The default server post-down script. | +| Variable | Description | Default | +|-----------------------------------|-----------------------------------------------------------------------------------------------|-----------------| +| `WGUI_SERVER_INTERFACE_ADDRESSES` | The default interface addresses (comma-separated-list) for the WireGuard server configuration | `10.252.1.0/24` | +| `WGUI_SERVER_LISTEN_PORT` | The default server listen port | `51820` | +| `WGUI_SERVER_POST_UP_SCRIPT` | The default server post-up script | N/A | +| `WGUI_SERVER_POST_DOWN_SCRIPT` | The default server post-down script | N/A | ### Defaults for new clients These environment variables are used to set the defaults used in `New Client` dialog. -| Variable | Description | -|---------------------------------------------|------------------------------------------------------------------------------------------------------------------| -| `WGUI_DEFAULT_CLIENT_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Allowed IPs` field. (default `0.0.0.0/0`) | -| `WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Extra Allowed IPs` field. (default empty) | -| `WGUI_DEFAULT_CLIENT_USE_SERVER_DNS` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) | -| `WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] (default `true`) | +| Variable | Description | Default | +|---------------------------------------------|-------------------------------------------------------------------------------------------------|-------------| +| `WGUI_DEFAULT_CLIENT_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Allowed IPs` field. (default ) | `0.0.0.0/0` | +| `WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS` | Comma-separated-list of CIDRs for the `Extra Allowed IPs` field. (default empty) | N/A | +| `WGUI_DEFAULT_CLIENT_USE_SERVER_DNS` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] | `true` | +| `WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION` | Boolean value [`0`, `f`, `F`, `false`, `False`, `FALSE`, `1`, `t`, `T`, `true`, `True`, `TRUE`] | `true` | ### Docker only @@ -85,37 +101,12 @@ These environment variables only apply to the docker container. | `WGUI_MANAGE_START` | Start/stop WireGaurd when the container is started/stopped. (default `false`) | | `WGUI_MANAGE_RESTART` | Auto restart WireGuard when we Apply Config changes in the UI. (default `false`) | -### Email configuration - -To use a custom `wg.conf` template, set the `WG_CONF_TEMPLATE` environment variable to a path to such file. To make sure `wireguard-ui` will be able to work with it - refer to the [default template](templates/wg.conf). - -In order to send the wireguard configuration to clients via email, set the following environment variables: - -- using SendGrid API - -``` -SENDGRID_API_KEY: Your sendgrid api key -EMAIL_FROM_ADDRESS: the email address you registered on sendgrid -EMAIL_FROM_NAME: the sender's email address -``` - -- using SMTP - -``` -SMTP_HOSTNAME: The SMTP ip address or hostname -SMTP_PORT: the SMTP port -SMTP_USERNAME: the SMTP username to authenticate -SMTP_PASSWORD: the SMTP user password -SMTP_AUTH_TYPE: the authentication type. Possible values: PLAIN, LOGIN, NONE -SMTP_ENCRYPTION: the encryption method. Possible values: SSL, SSLTLS, TLS or STARTTLS (default) -EMAIL_FROM_ADDRESS: the sender's email address -EMAIL_FROM_NAME: the sender's name -``` - ## Auto restart WireGuard daemon -WireGuard-UI only takes care of configuration generation. You can use systemd to watch for the changes and restart the service. Following is an example: -### systemd +WireGuard-UI only takes care of configuration generation. You can use systemd to watch for the changes and restart the +service. Following is an example: + +### Using systemd Create `/etc/systemd/system/wgui.service` @@ -156,12 +147,12 @@ Apply it ```sh systemctl enable wgui.{path,service} systemctl start wgui.{path,service} - ``` -### openrc +### Using openrc Create and `chmod +x` /usr/local/bin/wgui + ```sh cd /usr/local/bin/ cat << EOF > wgui @@ -170,10 +161,10 @@ wg-quick down wg0 wg-quick up wg0 EOF chmod +x wgui - ``` Create and `chmod +x` /etc/init.d/wgui + ```sh cd /etc/init.d/ cat << EOF > wgui @@ -185,7 +176,6 @@ pidfile=/run/${RC_SVCNAME}.pid command_background=yes EOF chmod +x wgui - ``` Apply it @@ -193,14 +183,15 @@ Apply it ```sh rc-service wgui start rc-update add wgui default - ``` -### docker +### Using Docker Set `WGUI_MANAGE_RESTART=true` to manage Wireguard interface restarts. -Using `WGUI_MANAGE_START=true` can also replace the function of `wg-quick@wg0` service, to start Wireguard at boot, by running the container with `restart: unless-stopped`. -These settings can also pick up changes to Wireguard Config File Path, after restarting the container. +Using `WGUI_MANAGE_START=true` can also replace the function of `wg-quick@wg0` service, to start Wireguard at boot, by +running the container with `restart: unless-stopped`. These settings can also pick up changes to Wireguard Config File +Path, after restarting the container. Please make sure you have `--cap-add=NET_ADMIN` in your container config to make this +feature work. ## Build @@ -210,7 +201,6 @@ Go to the project root directory and run the following command: ```sh docker build -t wireguard-ui . - ``` ### Build binary file @@ -219,7 +209,6 @@ Prepare the assets directory ```sh ./prepare_assets.sh - ``` Then you can embed resources by generating Go source code @@ -227,7 +216,6 @@ Then you can embed resources by generating Go source code ```sh rice embed-go go build -o wireguard-ui - ``` Or, append resources to executable as zip file @@ -235,16 +223,14 @@ Or, append resources to executable as zip file ```sh go build -o wireguard-ui rice append --exec wireguard-ui - ``` -## Screenshot -![wireguard-ui 0.3.7](https://user-images.githubusercontent.com/37958026/177041280-e3e7ca16-d4cf-4e95-9920-68af15e780dd.png) - ## License + MIT. See [LICENSE](https://github.com/ngoduykhanh/wireguard-ui/blob/master/LICENSE). ## Support + If you like the project and want to support it, you can *buy me a coffee* ☕ Buy Me A Coffee diff --git a/handler/routes.go b/handler/routes.go index 9439977..1019183 100644 --- a/handler/routes.go +++ b/handler/routes.go @@ -256,7 +256,7 @@ func NewClient(db store.IStore) echo.HandlerFunc { } } -// EmailClient handler to sent the configuration via email +// EmailClient handler to send the configuration via email func EmailClient(db store.IStore, mailer emailer.Emailer, emailSubject, emailContent string) echo.HandlerFunc { type clientIdEmailPayload struct { ID string `json:"id"` @@ -285,17 +285,17 @@ func EmailClient(db store.IStore, mailer emailer.Emailer, emailSubject, emailCon globalSettings, _ := db.GetGlobalSettings() config := util.BuildClientConfig(*clientData.Client, server, globalSettings) - cfg_att := emailer.Attachment{"wg0.conf", []byte(config)} + cfgAtt := emailer.Attachment{"wg0.conf", []byte(config)} var attachments []emailer.Attachment if clientData.Client.PrivateKey != "" { qrdata, err := base64.StdEncoding.DecodeString(strings.TrimPrefix(clientData.QRCode, "data:image/png;base64,")) if err != nil { return c.JSON(http.StatusInternalServerError, jsonHTTPResponse{false, "decoding: " + err.Error()}) } - qr_att := emailer.Attachment{"wg.png", qrdata} - attachments = []emailer.Attachment{cfg_att, qr_att} + qrAtt := emailer.Attachment{"wg.png", qrdata} + attachments = []emailer.Attachment{cfgAtt, qrAtt} } else { - attachments = []emailer.Attachment{cfg_att} + attachments = []emailer.Attachment{cfgAtt} } err = mailer.Send( clientData.Client.Name, @@ -385,12 +385,12 @@ func SetClientStatus(db store.IStore) echo.HandlerFunc { clientID := data["id"].(string) status := data["status"].(bool) - clientdata, err := db.GetClientByID(clientID, model.QRCodeSettings{Enabled: false}) + clientData, err := db.GetClientByID(clientID, model.QRCodeSettings{Enabled: false}) if err != nil { return c.JSON(http.StatusNotFound, jsonHTTPResponse{false, err.Error()}) } - client := *clientdata.Client + client := *clientData.Client client.Enabled = status if err := db.SaveClient(client); err != nil { @@ -558,7 +558,7 @@ func Status(db store.IStore) echo.HandlerFunc { } return func(c echo.Context) error { - wgclient, err := wgctrl.New() + wgClient, err := wgctrl.New() if err != nil { return c.Render(http.StatusInternalServerError, "status.html", map[string]interface{}{ "baseData": model.BaseData{Active: "status", CurrentUser: currentUser(c)}, @@ -567,7 +567,7 @@ func Status(db store.IStore) echo.HandlerFunc { }) } - devices, err := wgclient.Devices() + devices, err := wgClient.Devices() if err != nil { return c.Render(http.StatusInternalServerError, "status.html", map[string]interface{}{ "baseData": model.BaseData{Active: "status", CurrentUser: currentUser(c)}, diff --git a/main.go b/main.go index 84f1b78..2887fad 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ var ( flagSmtpPort int = 25 flagSmtpUsername string flagSmtpPassword string - flagSmtpAuthType string = "None" + flagSmtpAuthType string = "NONE" flagSmtpNoTLSCheck bool = false flagSmtpEncryption string = "STARTTLS" flagSendgridApiKey string @@ -62,7 +62,7 @@ func init() { flag.StringVar(&flagSmtpPassword, "smtp-password", util.LookupEnvOrString("SMTP_PASSWORD", flagSmtpPassword), "SMTP Password") flag.BoolVar(&flagSmtpNoTLSCheck, "smtp-no-tls-check", util.LookupEnvOrBool("SMTP_NO_TLS_CHECK", flagSmtpNoTLSCheck), "Disable TLS verification for SMTP. This is potentially dangerous.") flag.StringVar(&flagSmtpEncryption, "smtp-encryption", util.LookupEnvOrString("SMTP_ENCRYPTION", flagSmtpEncryption), "SMTP Encryption : SSL, SSLTLS, TLS or STARTTLS (by default)") - flag.StringVar(&flagSmtpAuthType, "smtp-auth-type", util.LookupEnvOrString("SMTP_AUTH_TYPE", flagSmtpAuthType), "SMTP Auth Type : Plain, Login or None.") + flag.StringVar(&flagSmtpAuthType, "smtp-auth-type", util.LookupEnvOrString("SMTP_AUTH_TYPE", flagSmtpAuthType), "SMTP Auth Type : PLAIN, LOGIN or NONE.") flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", util.LookupEnvOrString("SENDGRID_API_KEY", flagSendgridApiKey), "Your sendgrid api key.") flag.StringVar(&flagEmailFrom, "email-from", util.LookupEnvOrString("EMAIL_FROM_ADDRESS", flagEmailFrom), "'From' email address.") flag.StringVar(&flagEmailFromName, "email-from-name", util.LookupEnvOrString("EMAIL_FROM_NAME", flagEmailFromName), "'From' email name.") diff --git a/model/client_defaults.go b/model/client_defaults.go index e73fcfd..615ebed 100644 --- a/model/client_defaults.go +++ b/model/client_defaults.go @@ -1,6 +1,6 @@ package model -// Defaults for creation of new clients used in the templates +// ClientDefaults Defaults for creation of new clients used in the templates type ClientDefaults struct { AllowedIps []string ExtraAllowedIps []string diff --git a/util/config.go b/util/config.go index 6a08904..63044ca 100644 --- a/util/config.go +++ b/util/config.go @@ -16,8 +16,6 @@ var ( SendgridApiKey string EmailFrom string EmailFromName string - EmailSubject string - EmailContent string SessionSecret []byte WgConfTemplate string BasePath string diff --git a/util/util.go b/util/util.go index 56acc3b..40eb357 100644 --- a/util/util.go +++ b/util/util.go @@ -82,15 +82,15 @@ func BuildClientConfig(client model.Client, server model.Server, setting model.G return strConfig } -// Read the default values for creating a new client from the environment or use sane defaults +// ClientDefaultsFromEnv to read the default values for creating a new client from the environment or use sane defaults func ClientDefaultsFromEnv() model.ClientDefaults { - client_defaults := model.ClientDefaults{} - client_defaults.AllowedIps = LookupEnvOrStrings(DefaultClientAllowedIpsEnvVar, []string{"0.0.0.0/0"}) - client_defaults.ExtraAllowedIps = LookupEnvOrStrings(DefaultClientExtraAllowedIpsEnvVar, []string{}) - client_defaults.UseServerDNS = LookupEnvOrBool(DefaultClientUseServerDNSEnvVar, true) - client_defaults.EnableAfterCreation = LookupEnvOrBool(DefaultClientEnableAfterCreationEnvVar, true) + clientDefaults := model.ClientDefaults{} + clientDefaults.AllowedIps = LookupEnvOrStrings(DefaultClientAllowedIpsEnvVar, []string{"0.0.0.0/0"}) + clientDefaults.ExtraAllowedIps = LookupEnvOrStrings(DefaultClientExtraAllowedIpsEnvVar, []string{}) + clientDefaults.UseServerDNS = LookupEnvOrBool(DefaultClientUseServerDNSEnvVar, true) + clientDefaults.EnableAfterCreation = LookupEnvOrBool(DefaultClientEnableAfterCreationEnvVar, true) - return client_defaults + return clientDefaults } // ValidateCIDR to validate a network CIDR From 24a0a9f5ee61e49739348c7a6d671860c051e801 Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Tue, 13 Dec 2022 22:48:00 +0100 Subject: [PATCH 6/6] Update readme --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1f9fbe8..2dad719 100644 --- a/README.md +++ b/README.md @@ -96,10 +96,10 @@ These environment variables are used to set the defaults used in `New Client` di These environment variables only apply to the docker container. -| Variable | Description | -|-----------------------|----------------------------------------------------------------------------------| -| `WGUI_MANAGE_START` | Start/stop WireGaurd when the container is started/stopped. (default `false`) | -| `WGUI_MANAGE_RESTART` | Auto restart WireGuard when we Apply Config changes in the UI. (default `false`) | +| Variable | Description | Default | +|-----------------------|---------------------------------------------------------------|---------| +| `WGUI_MANAGE_START` | Start/stop WireGaurd when the container is started/stopped | `false` | +| `WGUI_MANAGE_RESTART` | Auto restart WireGuard when we Apply Config changes in the UI | `false` | ## Auto restart WireGuard daemon @@ -151,7 +151,7 @@ systemctl start wgui.{path,service} ### Using openrc -Create and `chmod +x` /usr/local/bin/wgui +Create `/usr/local/bin/wgui` file and make it executable ```sh cd /usr/local/bin/ @@ -163,7 +163,7 @@ EOF chmod +x wgui ``` -Create and `chmod +x` /etc/init.d/wgui +Create `/etc/init.d/wgui` file and make it executable ```sh cd /etc/init.d/ @@ -190,7 +190,8 @@ rc-update add wgui default Set `WGUI_MANAGE_RESTART=true` to manage Wireguard interface restarts. Using `WGUI_MANAGE_START=true` can also replace the function of `wg-quick@wg0` service, to start Wireguard at boot, by running the container with `restart: unless-stopped`. These settings can also pick up changes to Wireguard Config File -Path, after restarting the container. Please make sure you have `--cap-add=NET_ADMIN` in your container config to make this +Path, after restarting the container. Please make sure you have `--cap-add=NET_ADMIN` in your container config to make +this feature work. ## Build