perara / wg-manager Goto Github PK
View Code? Open in Web Editor NEWA easy to use WireGuard dashboard and management tool
License: MIT License
A easy to use WireGuard dashboard and management tool
License: MIT License
Hi @perara,
what are your plans regarding multi-server support?
I would love to use your tool in multiple locations. Ideally I would run the frontend itself in my Kubernetes Cluster.
Could the multi-server support be implemented by adding a deployment option via SSH?
So only a single manager instance?
I had a working setup via docker-compose.
After I restarted the container via docker-compose up -d
the Dashboard fails to load, the HTTP call to /api/v1/server/all
returns error 500.
And a previously working connection from a peer does not work anymore.
In the docker logs I can see the following error when I try to access the Dashboard:
wg-manager | [2020-10-02 19:24:17 +0000] [8] [ERROR] Exception in ASGI application
wg-manager | Traceback (most recent call last):
wg-manager | File "/usr/lib/python3.8/site-packages/uvicorn/protocols/http/httptools_impl.py", line 385, in run_asgi
wg-manager | result = await app(self.scope, self.receive, self.send)
wg-manager | File "/usr/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 45, in __call__
wg-manager | return await self.app(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/fastapi/applications.py", line 146, in __call__
wg-manager | await super().__call__(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/applications.py", line 102, in __call__
wg-manager | await self.middleware_stack(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/middleware/errors.py", line 181, in __call__
wg-manager | raise exc from None
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/middleware/errors.py", line 159, in __call__
wg-manager | await self.app(scope, receive, _send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/middleware/base.py", line 25, in __call__
wg-manager | response = await self.dispatch_func(request, self.call_next)
wg-manager | File "/app/middleware.py", line 34, in db_session_middleware
wg-manager | response = await call_next(request)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/middleware/base.py", line 45, in call_next
wg-manager | task.result()
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/middleware/base.py", line 38, in coro
wg-manager | await self.app(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/exceptions.py", line 82, in __call__
wg-manager | raise exc from None
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/exceptions.py", line 71, in __call__
wg-manager | await self.app(scope, receive, sender)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/routing.py", line 550, in __call__
wg-manager | await route.handle(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/routing.py", line 227, in handle
wg-manager | await self.app(scope, receive, send)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/routing.py", line 41, in app
wg-manager | response = await func(request)
wg-manager | File "/usr/lib/python3.8/site-packages/fastapi/routing.py", line 196, in app
wg-manager | raw_response = await run_endpoint_function(
wg-manager | File "/usr/lib/python3.8/site-packages/fastapi/routing.py", line 150, in run_endpoint_function
wg-manager | return await run_in_threadpool(dependant.call, **values)
wg-manager | File "/usr/lib/python3.8/site-packages/starlette/concurrency.py", line 34, in run_in_threadpool
wg-manager | return await loop.run_in_executor(None, func, *args)
wg-manager | File "/usr/lib/python3.8/concurrent/futures/thread.py", line 57, in run
wg-manager | result = self.fn(*self.args, **self.kwargs)
wg-manager | File "/app/routers/v1/server.py", line 25, in servers_all
wg-manager | iface.is_running = script.wireguard.is_running(iface)
wg-manager | File "/app/script/wireguard.py", line 114, in is_running
wg-manager | if b'No such device' in e.output:
wg-manager | AttributeError: 'WGPermissionsError' object has no attribute 'output'
built wg-manager image from latest source today 5th Jan 2021. Few things won't work
I ve installed the docker, and when starting it from portainer throws an error:
Error starting
userland proxy: listen udp
0.0.0.0:51820: bind: address
already in use
Anyone can help with these ? 51820 is the wireguard port, and yes, its in use. But how can i solve this ?
Thanks in advance
While I don't think the page is functional (it's not even when logged in 😆 ), the page should probably be made inaccessible when logged out.
Also, as a side note, the dark theme slider is weirdly broken in that it doesn't quite know whether it's on or not when dark theme is enabled.
Hello,
Been sometime now. How are you doing ? Hope all is well.
I have a question, when i try to install the development branch of your script by replacing the line in docker-compose
From:
image:
perara/wg-manager
To:
build:
context: https://github.com/perara/wg-manager.git#dev
Such that the final docker-compose script becomes:
version: "2.1"
services:
wireguard:
container_name: wg-manager
build:
context: https://github.com/perara/wg-manager.git#dev
restart: always
sysctls:
net.ipv6.conf.all.disable_ipv6: 0 # Required for IPV6
cap_add:
- NET_ADMIN
#network_mode: host # Alternatively
ports:
- 51800-51900:51800-51900/udp
- 8888:8888
volumes:
- ./wg-manager:/config
environment:
HOST: 0.0.0.0
PORT: 8888
ADMIN_PASSWORD: admin
ADMIN_USERNAME: admin
WEB_CONCURRENCY: 1
I get error when try to lunch docker-compose.
Can you please help me or update the script so it works for the latest dev.build. Thanks
System: Raspberry PI 4 8GB with Ubuntu 20.04 64 Bit
uname -a output:
Linux glaedr 5.4.0-1025-raspi #28-Ubuntu SMP PREEMPT Wed Dec 9 17:10:53 UTC 2020 aarch64 aarch64 aarch64 GNU/Linux
Docker image id: 6d2b6854ef17
docker-compose.yaml is the example one from README.md.
Preview of docker-compose up
:
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
standard_init_linux.go:219: exec user process caused: exec format error
When I click the "SIGN IN" button, nothing happens. I'm positive that I'm using the correct username and password, and I've tried directly from the web interface without any kind of a reverse proxy.
EDIT: So I tried running it via uvicorn
instead of gunicorn
, and I get this in the logs:
INFO: Started server process [1740]
Started server process [1740]
Started server process [1740]
INFO: Waiting for application startup.
Waiting for application startup.
Waiting for application startup.
INFO: Application startup complete.
Application startup complete.
Application startup complete.
INFO: Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
INFO: 10.26.1.254:51705 - "GET / HTTP/1.1" 200 OK
INFO: 10.26.1.254:51705 - "GET /runtime-es2015.45b4bbe7850d7279dd29.js HTTP/1.1" 304 Not Modified
INFO: 10.26.1.254:51707 - "GET /main-es2015.f98a285fd184b9c231b2.js HTTP/1.1" 304 Not Modified
INFO: 10.26.1.254:51706 - "GET /polyfills-es2015.955abfefaaaee8e8cf75.js HTTP/1.1" 304 Not Modified
INFO: 10.26.1.254:51705 - "GET /5-es2015.cdaff20e03f58be99d20.js HTTP/1.1" 304 Not Modified
No row was found for one()
Traceback (most recent call last):
File "./schemas.py", line 74, in from_db
db_item = self.filter_query(sess).one()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib64/python3.6/site-packages/sqlalchemy/orm/query.py", line 3500, in one
raise orm_exc.NoResultFound("No row was found for one()")
sqlalchemy.orm.exc.NoResultFound: No row was found for one()
No row was found for one()
Traceback (most recent call last):
File "./schemas.py", line 74, in from_db
db_item = self.filter_query(sess).one()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib64/python3.6/site-packages/sqlalchemy/orm/query.py", line 3500, in one
raise orm_exc.NoResultFound("No row was found for one()")
sqlalchemy.orm.exc.NoResultFound: No row was found for one()
We did not find any records in the database that corresponds to the model. This means you are trying to fetch a unsaved schema!
We did not find any records in the database that corresponds to the model. This means you are trying to fetch a unsaved schema!
INFO: 10.26.1.254:51708 - "POST /api/v1/login HTTP/1.1" 401 Unauthorized
The id is always null.
POST: /api/v1/peer/add
{
"id": null,
"name": "Unnamed",
"address": "10.6.0.6/32",
"private_key": "sCjKRvkQO4YY6lpNnMNDPo9VDH57CY5mXmDLBlGQrVU=",
"public_key": "w4zVoiUFjqaC60bqwRJW+WnyF6KGJuTjhQ9ue79b8UY=",
"shared_key": null,
"server_id": "1",
"dns": "",
"allowed_ips": "0.0.0.0/0, ::/0",
"configuration": "[Interface]\nAddress = 10.6.0.6/24\nPrivateKey = sCjKRvkQO4YY6lpNnMNDPo9VDH57CY5mXmDLBlGQrVU=\nDNS = \n\n[Peer]\nPublicKey = jSiHMOY1tLMBjGfSdOnUWY3gJz9LU5bUKiOAmV7vGHU=\nAllowedIPs = 0.0.0.0/0, ::/0\nEndpoint = xxx.xxx.xxx.xxx:51820\n"
}
Hi,
Great project BTW,
I've been using the backend api to automate the Wireguard peer configuration from our deployment scripts. And have found an bug with the way the multi-process gunicorn server is running.
Steps to reproduce
If you run the generate_psk a number of time most of the time you get "Could not validate credentials" with the occasional success.
I think this is due to gunicorn running separate processes for the python scripts, each time on startup its generating a separate secret_key per process meaning the JWT fails its signing check when decoding, if login occurred on a different process.
const.py
SECRET_KEY = ''.join(random.choices(string.ascii_uppercase + string.digits, k=64))
I've worked around this by reducing the workers to 1. I think its not seen in Angular as the HTTP connection is held open holding the connection on the same node the login occurred on.
docker/gunicorn_config.py - force workers to 1
#workers = web_concurrency
workers = 1
I would expect that with an invalid apikey but it does that with "valid" apikeys; and also no server can be added via the web interface (because it uses the api too)
Hi,
Noobie to this, but really like the platform, would it be possible to get full installation instructions for this onto a server? Setting up users, autostart etc.
Thanks
Just wanna say I love the project!
I prefer to deploy with docker (docker hub more specifically). I've noticed the docker hub repo is a bit out of date and doesn't have the recent modifications.
Can we setup automatic builds from github if possible?
The documentation should be revised so that it is more clear for everyone on how to setup. I think the docker guide is OK, but any improvements are welcome.
The bare metal is perhaps the one lacking details.
Using Centos 7 and Docker
In the compose file, I tried changing the
ADMIN_PASSWORD: admin
ADMIN_USERNAME: admin
variables and re-running compose, but the password seemingly never changed. I was unable to login using the new password and was forced to use admin/admin.
I tried a few times.
Hello,
I want to use wireguard configuration file manager in my local server.
So, I followed the install guide in bare metal 'ubuntu-18.04'
I have an issue 'raise RuntimeError("Database does not exist and the environment variable ADMIN_USERNAME is set")
RuntimeError: Database does not exist and the environment variable ADMIN_USERNAME is set'
Should I set the DB information?
Please advise to me. I attached the error message below.
alot of errors just goes silently. this should be improved.
Thanks for the Gui, Ive tried a couple and this one works the best for my needs.
I was having some issues with the docker install so installed onto bare metal, but now need to make a backup of all the configurations. Where are they saved? I have looked through the files and cannot find the client and server files.
Thanks
expected behavior:
show the dashboard, or watever is shown after login
actual bahavior:
"nothing" (it stays on the login page, no errors shown) on client side;
error in server console serverlog.txt
new-serverlog.txt
If a peer is created on a sever and then deleted it still remains in the server configuration an is still able to connect.
If a new peer is created on the same server both peers are visible in server config and able to connect.
The old deleted peer dissappears from server configuration after server restart, but only if a new peer was created afterwards.
Steps to reproduce:
Adding a peer first sets the name and other settings to default values.
If I try to change the name or generate a pre-shared key right away and click save, the changes will not get saved.
However, if I refresh the page and then change the values the will get saved.
when doing "git pull" in the directory it pulls the latest commit, (before I was on the commit as of "v1.0"
now when starting the server it throws an error (relevant part):
sqlalchemy.exc.OperationalError: (sqlite3.OperationalError) no such column: server.subnet
full log:
Traceback (most recent call last):
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 1248, in _execute_context
cursor, statement, parameters, context
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/default.py", line 590, in do_execute
cursor.execute(statement, parameters)
sqlite3.OperationalError: no such column: server.subnet
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/opt/wg-manager/wg_dashboard_backend/venv/bin/uvicorn", line 10, in <module>
sys.exit(main())
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/click/core.py", line 829, in __call__
return self.main(*args, **kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/main.py", line 331, in main
run(**kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/main.py", line 354, in run
server.run()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/main.py", line 382, in run
loop.run_until_complete(self.serve(sockets=sockets))
File "uvloop/loop.pyx", line 1456, in uvloop.loop.Loop.run_until_complete
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/main.py", line 389, in serve
config.load()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/config.py", line 288, in load
self.loaded_app = import_from_string(self.app)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/uvicorn/importer.py", line 20, in import_from_string
module = importlib.import_module(module_str)
File "/usr/lib/python3.7/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1006, in _gcd_import
File "<frozen importlib._bootstrap>", line 983, in _find_and_load
File "<frozen importlib._bootstrap>", line 967, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 677, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 728, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "./main.py", line 76, in <module>
servers: typing.List[models.WGServer] = _db.query(models.WGServer).all()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/orm/query.py", line 3246, in all
return list(self)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/orm/query.py", line 3405, in __iter__
return self._execute_and_instances(context)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/orm/query.py", line 3430, in _execute_and_instances
result = conn.execute(querycontext.statement, self._params)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 984, in execute
return meth(self, multiparams, params)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/sql/elements.py", line 293, in _execute_on_connection
return connection._execute_clauseelement(self, multiparams, params)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 1103, in _execute_clauseelement
distilled_params,
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 1288, in _execute_context
e, statement, parameters, cursor, context
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 1482, in _handle_dbapi_exception
sqlalchemy_exception, with_traceback=exc_info[2], from_=e
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/util/compat.py", line 178, in raise_
raise exception
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/base.py", line 1248, in _execute_context
cursor, statement, parameters, context
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.7/site-packages/sqlalchemy/engine/default.py", line 590, in do_execute
cursor.execute(statement, parameters)
sqlalchemy.exc.OperationalError: (sqlite3.OperationalError) no such column: server.subnet
[SQL: SELECT server.id AS server_id, server.interface AS server_interface, server.subnet AS server_subnet, server.address AS server_address, server.v6_address AS server_v6_address, server.v6_subnet AS server_v6_subnet, server.listen_port AS server_listen_port, server.private_key AS server_private_key, server.public_key AS server_public_key, server.endpoint AS server_endpoint, server.dns AS server_dns, server.read_only AS server_read_only, server.post_up AS server_post_up, server.post_down AS server_post_down, server.is_running AS server_is_running, server.configuration AS server_configuration, peer_1.id AS peer_1_id, peer_1.name AS peer_1_name, peer_1.address AS peer_1_address, peer_1.v6_address AS peer_1_v6_address, peer_1.public_key AS peer_1_public_key, peer_1.private_key AS peer_1_private_key, peer_1.shared_key AS peer_1_shared_key, peer_1.dns AS peer_1_dns, peer_1.allowed_ips AS peer_1_allowed_ips, peer_1.read_only AS peer_1_read_only, peer_1.server_id AS peer_1_server_id, peer_1.configuration AS peer_1_configuration
FROM server LEFT OUTER JOIN peer AS peer_1 ON server.id = peer_1.server_id]
(Background on this error at: http://sqlalche.me/e/e3q8)
so is there a "convert-database.sh" or similar script to add that column?
I copied all commands from install.md, it only failed on the last command.
the only thing I changed was the PORT from 80 to 8888
expected output: (something like)
#INFO: Started server process [259296] #INFO: Waiting for application startup. #INFO: Application startup complete. #INFO: Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
actual output:
`Traceback (most recent call last):
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/repository.py", line 95, in verify
cls.require_found(os.path.join(path, cls._config))
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/pathed.py", line 72, in require_found
raise exceptions.PathNotFoundError(path)
migrate.exceptions.PathNotFoundError: migrations/migrate.cfg
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/wg-manager/wg_dashboard_backend/venv/bin/uvicorn", line 8, in
sys.exit(main())
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/click/core.py", line 829, in call
return self.main(*args, **kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/main.py", line 331, in main
run(**kwargs)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/main.py", line 354, in run
server.run()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/main.py", line 382, in run
loop.run_until_complete(self.serve(sockets=sockets))
File "uvloop/loop.pyx", line 1456, in uvloop.loop.Loop.run_until_complete
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/main.py", line 389, in serve
config.load()
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/config.py", line 288, in load
self.loaded_app = import_from_string(self.app)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/uvicorn/importer.py", line 20, in import_from_string
module = importlib.import_module(module_str)
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 975, in _find_and_load_unlocked
File "", line 671, in _load_unlocked
File "", line 783, in exec_module
File "", line 219, in _call_with_frames_removed
File "./main.py", line 8, in
import middleware
File "./middleware.py", line 14, in
import schemas
File "./schemas.py", line 6, in
import models
File "./models.py", line 5, in
from database import Base
File "./database.py", line 19, in
main(["version_control", DATABASE_URL, "migrations"])
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/shell.py", line 209, in main
ret = command_func(**kwargs)
File "", line 2, in version_control
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/util/init.py", line 167, in with_engine
return f(*a, **kw)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/api.py", line 250, in version_control
ControlledSchema.create(engine, repository, version)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/schema.py", line 139, in create
repository = Repository(repository)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/repository.py", line 77, in init
self.verify(path)
File "/opt/wg-manager/wg_dashboard_backend/venv/lib/python3.8/site-packages/migrate/versioning/repository.py", line 98, in verify
raise exceptions.InvalidRepositoryError(path)
migrate.exceptions.InvalidRepositoryError: migrations`
Hi!
So it looks like we've got our configuration now running very stably, very swimmingly - but it LOOKS like, from the interface, I can create AND manage multiple WireGuard servers/interfaces. Trouble is, it doesn't seem like I can do that - I've created wg1
and wg2
interfaces with the intent of segregating users and their access to our internal resources, but I don't get any kind of a management UI below the wg0
one. I just get an error: "The server interface or ip wg1 already exists in the database".
EDIT 2019 on 12 February 2021:
When I try, I get nothing in the Gunicorn error log, and the following in the access log:
192.168.1.254:0 - "POST /api/v1/server/add HTTP/1.1" 400
Hi
I appreciate your done, it was great, but i have a question When are you going to release the full mesh VPN Network mgmt console
Do not use rolling version, but set fixed versions for all dependencies. This will prevent things to break from time to time
On creating a Server IP, even if I assign it a /27, it still outputs it as a /24 when assigning the clients. Not a train smash, but would be nice if you could pull in the mask defined and then use it for the clients.
I would recommend stating that the mask needs to be defined, such as /24 - /30, (understanding that some people might want bigger ranges for a lot of clients, especially now (Covid and more requirements to work remotely, so some people might want a /23, /22, /21, etc)), and then carrying that value across to the clients.
I'm not a coder, but I've had a look, and think that you are setting it manually in:
https://github.com/perara/wg-manager/blob/master/wg_dashboard_backend/templates/peer.j2
Address = {{ data.peer.address.replace("/32", "/24") }}
On a separate note, I'm running it in docker and works like a charm. Amazing. Such a great product. Nice work. :)
Hi, I've noticed quite a lot of activity for wg-manager which I find exciting. I would very much want to address all of the issues/bugs but are currently on parent leave with very little time for extracurricular projects.
I'm very open to additional contributions to the project, and please, do not hesitate to PR whatever you find useful for this project.
Came back after weeks and the container is now running properly, as I can see. :-)
No Net Host mode, ports all default...
You advised to open http://localhost:8888
Maybe a stupid question, but my Ubuntu Host is headless, so I tried to use http://:8888 but never get it running, also not with "--net host" option. Where I'm wrong?
Is it required to use the container on a server with head running?
Hello,
I check this tutorial:
https://github.com/perara/wg-manager/blob/master/docs/install.md
is it possible to automate this installation?
forgive me if this is wrong but been trying to use the instructions for a bare metal install which i am assuming is meant for installing directly on a server and not running in docker?
However seems to fail to install and around the backend and frontend sections
can you verify this should work and give a presistent server even if rebooted on Ubuntu 20.04.1 without havng to use docker?
I have
AUTOSTART_INTERFACES = wg0
When I restart the container, wg0 comes up as expected.
When I restart the docker host, the container comes up but wg0 doesn't come up.
I don't even know how to start troubleshooting this ...
halp plz ?
Whow! Love the interface! The only thing that it's lacking, is IPv6 support within the docker.
When I use
iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
in the Post-up script, wg0 refuses to start. If I remove the ip6tables part, it works fine!
So, please advise how I can add ip6tables support to the current docker?
when changing the ipv6 address of a server to something other than the default fd42:42:42::1/64 to lets say fd69:69:69::1/64 the clients still get an address like fd42:42:42::x; on the server the interface will get an fd69:.. address
creating a server with the fd69:... address:
the client generated on the wg69 server (as it can be seen: the client has fd42:... address):
Hi, given the screen shots this seems to be exactly what I need ;) but the Docker approach is not possible for me, so I had to go the Method #2: Bare Metal way on a Debian 10 Server and after a clean install I followed the guidelines in Method 2#.
pip install uvicorn
will not compile so I got over that with apt-get install python3-dev
But the main problem comes at uvicorn main:app --host=0.0.0.0
exits with RuntimeError: Database does not exist and no ADMIN_USER is set
At this point I'm not sure if the database has to be seperately created before and the admin user and password to be set by hand, if so a small how-to will help.
anyone with success on Debian bare-metal way ?
It appears that upon restarting the container, the wireguard servers don't restart themselves. This is pretty much the only missing feature from this management interface.
While this might be considered out of the scope of this project, it might be cool to include an option to obfuscate traffic using udptunnel
or udp2raw
as mentioned in https://www.wireguard.com/known-limitations/ (TCP Mode).
While it can be done manually, adding Unbound DNS and PiHole to the script and be automatically configured, would attract a lot of users especially those who aren't versatile in linux.
I know this is a wireguard manager only however, I think it can be relatively easy to add these 2 options. Thanks
docker run -d \
...
-e ADMIN_PASSWORD="admin" \
...
Missed out one quotation mark.
When you add a new peer from the API or the Angular Interface, and immediately edit the name it doesn't save the changes to the name.
If you add a new peer, this returns the peer config with "id":null.
change the name and save
The edit is looks successful by doesn't save changes with this as null.
If you reload website this peer has an ID and the edit works.
Hya, how can the service be started at boot time on bare metal, no docker?
Thx in advance
Shouldn't clients be given a /32 subnet mask in their configs? Or, at the very least, could the admins have the option to set that? Right now, I set my server to have a 192.168.42.1/24
subnet, and clients each inherit successive 192.168.42.x/24
values for the Address
directive in their configs. Assuming we want clients to stay on the same IP (we certainly do), shouldn't that be a /32
on each client config, and not /24
?
I'm really not an linux expert, I only can copy and paste and did not really understand what some lines are meaning... So only some hints for other linux noobs that wan't to start with...
I tried the given steps in a default Raspian "Desktop" Environment, hosted in a Hyper-V virtual machine, caused by missing RPi4 physical in the Datacenter. (my other endpint is a physical RPi 3 B @ home)
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
Linux version 4.19.0-8-amd64 ([email protected]) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP Debian 4.19.98-1 (2020-01-26)
sudo nano ~/.bashrc
Then add these lines at the end of the file (customize some Values if required, I tried with the listed defaults)
# ADD Environment Variables for wg-manager export GUNICORN_CONF="default" export WORKERS_PER_CORE="default" export WEB_CONCURRENCY="1" export HOST="0.0.0.0" export PORT="80" export LOG_LEVEL="info" export ADMIN_USERNAME="admin" export ADMIN_PASSWORD="admin"
sudo apt update
sudo apt upgrade
sudo apt install nodejs npm ### prevent missing pm message
sudo npm cache clean -f
sudo npm install npm@latest -g ### prevent issue "npm does not support Node.js v10.15.2"
sudo node_modules/@angular/cli/bin/ng build --configuration="production" > /dev/null
I'm still in /opt/wg-manager/wg_dashboard_frontend if it's important.
Also I tried to move forward with:
sudo mv dist ../wg_dashboard_backend/build
File or Folder not found...
I'm not sure what's going on, but I'm sure I'm unable to fix this... :-)
Just installed this manually on a Debian 10 server, and found some issues with the frontend.
I was unable to add a server via the web interface. Clicking Add Server gave me a not too helpful red popup in the corner saying [Object object]. In the web console I was getting a 422 response.
I copied the POST JSON body and tried adding a server using the API instead, which gave me more useful errors. From there I deduced that read_only
was being sent as an empty string, where an integer was expected. I was also required to add a value for v6_subnet
not to get a null constraint database error even though I unchecked IPv6 support.
Whats the required/recommended Docker location? Is it possible to run the image on a different docker host or must the docker container run directly at the Wireguard "Server"?
Can you please add, on client configuration file download, the PersistentKeepalive parameter? I think this is the only missing parameter at this time!
thank you!
Fix CI configs and add various distros to ensure wide support
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.