Skip to content

Latest commit

 

History

History
235 lines (166 loc) · 6.74 KB

README.md

File metadata and controls

235 lines (166 loc) · 6.74 KB

WireGuard UI

Fork Info

Combines these two containers into one:

Almost all of the documentation at https://github.com/EmbarkStudios/wg-ui is still relevant.

version: "3.7"
services:
  wireguard:
    image: adrum/wireguard-ui
    container_name: wireguard-ui
    privileged: true
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - WIREGUARD_UI_LISTEN_ADDRESS=:8080
      - WIREGUARD_UI_LOG_LEVEL=debug
      - WIREGUARD_UI_DATA_DIR=/data
      - WIREGUARD_UI_WG_ENDPOINT=your-endpoint-address:51820
      - WIREGUARD_UI_CLIENT_IP_RANGE=192.168.10.0/24
      - WIREGUARD_UI_WG_DNS=1.1.1.1
      - WIREGUARD_UI_NAT=true
      - WIREGUARD_UI_NAT_DEVICE=eth0
    volumes:
      - ./data:/data
      - /lib/modules:/lib/modules
    network_mode: "host"
    restart: unless-stopped

Docker environment variables

The following is a list of docker environment variables available with their default values.

WIREGUARD_UI_DATA_DIR="/var/lib/wireguard-ui"
WIREGUARD_UI_LISTEN_ADDRESS=":8080"
WIREGUARD_UI_NAT=true
WIREGUARD_UI_NAT_DEVICE="eth0"
WIREGUARD_UI_CLIENT_IP_RANGE="172.31.255.0/24"
WIREGUARD_UI_AUTH_USER_HEADER="X-Forwarded-User"
WIREGUARD_UI_MAX_NUMBER_CLIENT_CONFIG=0

WIREGUARD_UI_WG_DEVICE_NAME=wg0
WIREGUARD_UI_WG_LISTEN_PORT=51820
WIREGUARD_UI_WG_ENDPOINT="127.0.0.1:51820"
WIREGUARD_UI_WG_ALLOWED_IPS="0.0.0.0/0"
WIREGUARD_UI_WG_POST_UP="iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE"
WIREGUARD_UI_WG_POST_DOWN="iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE"
WIREGUARD_UI_WG_DNS=
WIREGUARD_UI_WG_KEEPALIVE=

Info

Build Status Embark Contributor Covenant

A basic, self-contained management service for WireGuard with a self-serve web UI. Current stable release: v1.1.0

Features

  • Self-serve and web based
  • QR-Code for convenient mobile client configuration
  • Optional multi-user support behind an authenticating proxy
  • Zero external dependencies - just a single binary using the wireguard kernel module
  • Binary and container deployment

Screenshot

Running

The easiest way to run wg-ui is using the container image. To test it, run:

docker run --rm -it --privileged --entrypoint "/wireguard-ui" -v /tmp/wireguard-ui:/data -p 8080:8080 -p 5555:5555 embarkstudios/wireguard-ui:latest --data-dir=/data --log-level=debug

When running in production, we recommend using the latest release as opposed to latest.

Important to know is that you need to have WireGuard installed on the machine in order for this to work, as this is 'just' a UI to manage WireGuard configs.

Configuration

You can configure wg-ui using commandline flags or environment variables. To see all available flags run:

docker run --rm -it embarkstudios/wireguard-ui:latest -h
./wireguard-ui -h

You can alternatively specify each flag through an environment variable of the form WIREGUARD_UI_<FLAG_NAME>, where <FLAG_NAME> is replaced with the flag name transformed to CONSTANT_CASE, e.g.

docker run --rm -it embarkstudios/wireguard-ui:latest --log-level=debug

and

docker run --rm -it -e WIREGUARD_UI_LOG_LEVEL=debug embarkstudios/wireguard-ui:latest

are the same.

Docker images

There are two ways to run wg-ui today, you can run it with kernel module installed on your host which is the best way to do it if you want performance.

docker pull embarkstudios/wireguard-ui:latest

If you however do not have the possibility or interest in having kernel module loaded on your host, there is now a solution for that using a docker image based on wireguard-go. Keep in mind that this runs in userspace and not in kernel module.

docker pull embarkstudios/wireguard-ui:userspace

Both images are built for linux/amd64, linux/arm64 and linux/arm/v7. If you would need it for any other platform you can build wg-ui binaries with help from the documentation.

Install without Docker

You need to have WireGuard installed on the machine running wg-ui.

Unless you use the userspace version with docker you're required to have WireGuard installed on your host machine.

A few installation guides:
Ubuntu 20.04 LTS
CentOS 8
Debian 10

Go installation (Debian)

Install latest version of Go from (https://golang.org/dl/)

sudo tar -C /usr/local -xzf go$VERSION.$OS-$ARCH.tar.gz

Setup environment

Bash: ~/.bash_profile
ZSH: ~/.zshrc

export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin
export GOPATH=$HOME/go

Install LTS version of nodejs for frontend.

sudo apt-get install curl software-properties-common
curl -sL https://deb.nodesource.com/setup_12.x | sudo bash -
sudo apt-get install nodejs

Fetch wg-ui

git clone https://github.com/EmbarkStudios/wg-ui.git && cd wg-ui

Build binary with ui

make build

Crosscompiling

make build-amd64
make build-armv5
make build-armv6
make build-armv7

Build step by step

make ui
make assets
make build

Developing

Start frontend server

npm install --prefix=ui
npm run --prefix=ui dev

Use frontend server when running the server

make build
sudo ./bin/wireguard-ui --log-level=debug --dev-ui-server http://localhost:5000

Contributing

We welcome community contributions to this project.

Please read our Contributor Guide for more information on how to get started.

License

Licensed under either of

at your option.

FOSSA Status