wireguard_webadmin is a full-featured yet easy-to-configure web interface for managing WireGuard VPN instances. Designed to simplify the administration of WireGuard networks, it provides a user-friendly interface that supports multiple users with varying access levels, multiple WireGuard instances with individual peer management, and support for crypto key routing for site-to-site interconnections.
- Advanced Firewall Management: Experience effortless and comprehensive VPN firewall management, designed for simplicity and effectiveness.
- Port Forwarding: Seamlessly redirect TCP or UDP ports to peers or networks located beyond those peers with ease!
- DNS Server: DNS Service included for static DNS entries and improved privacy.
- Multi-User Support: Manage access with different permission levels for each user.
- Multiple WireGuard Instances: Enables separate management for peers across multiple instances.
- Crypto Key Routing: Simplifies the configuration for site-to-site interconnections.
This project aims to offer an intuitive and user-friendly solution for WireGuard VPN management without compromising the power and flexibility WireGuard provides.
This project is licensed under the MIT License - see the LICENSE file for details.
Displays a comprehensive list of peers, including their status and other details, allowing for easy monitoring and management of WireGuard VPN connections.
Offers a comprehensive interface for managing VPN firewall rules, enabling users to easily create, edit, and delete rules with iptables-style syntax. This feature ensures precise control over network traffic, enhancing security and connectivity for WireGuard VPN instances.
A central hub for managing settings across one or multiple WireGuard instances, enabling straightforward configuration adjustments for VPN interfaces.
Offers quick access to common debugging tools, facilitating the diagnosis and resolution of potential issues within the WireGuard VPN environment.
Supports multi-user environments by allowing the assignment of varying permission levels, from restricted access to full administrative rights, ensuring secure and tailored access control.
Based on your requirements, here's an updated set of deployment instructions incorporating the use of wget for fetching the latest docker-compose.yml files directly from your GitHub repository, and guidance on creating a .env file for environment variables. These instructions ensure users always have the most current version of your deployment configuration and clarify the setup process.
Follow these steps to deploy the WireGuard WebAdmin:
1.Prepare the Environment:
First, create a directory for the WireGuard WebAdmin project and navigate into it. This will serve as the working directory for the deployment.
mkdir wireguard_webadmin && cd wireguard_webadmin2.Fetch the Docker Compose File:
Depending on your deployment scenario, choose one of the following commands to download the appropriate docker-compose.yml file directly into your working directory. This approach ensures you're using the latest version of the deployment configuration.
For a production-ready deployment with NGINX as a reverse proxy (recommended for most users), use:
wget -O docker-compose.yml https://raw.githubusercontent.com/eduardogsilva/wireguard_webadmin/main/docker-compose.ymlThis mode is recommended for running the web admin interface. The container deployment will automatically generate a self-signed certificate for you. If you want to update your certificates, simply navigate to the certificates volume and replace nginx.pem and nginx.key with your own certificates.
For a debug environment without NGINX, suitable only for testing (not recommended for production), use:
wget -O docker-compose.yml https://raw.githubusercontent.com/eduardogsilva/wireguard_webadmin/main/docker-compose-no-nginx.yml3.Create the .env File:
Create a .env file in the same directory as your docker-compose.yml with the following content, adjusting my_server_address to your server's DNS name or IP address. This step is crucial for ensuring the application functions correctly.
# Configure SERVER_ADDRESS to match the address of the server. If you don't have a DNS name, you can use the IP address.
# A misconfigured SERVER_ADDRESS will cause the app to have CSRF errors.
SERVER_ADDRESS=my_server_address
DEBUG_MODE=FalseReplace my_server_address with your actual server address.
4.Run Docker Compose:
Execute the Docker Compose command to start your deployment.
docker compose up -dAccess the web interface using https://yourserver.example.com. If you are using a self-signed certificate, you must accept the certificate exception that your browser will present.
If you opted for the non-NGINX setup, simply run the previously fetched docker-compose-no-nginx.yml with:
docker compose -f docker-compose-no-nginx.yml up -dAccess the web interface using http://127.0.0.1:8000.
After completing these steps, your WireGuard WebAdmin should be up and running. Begin the configuration by accessing your server's web interface.
Certainly, let's refine the upgrade instructions with the inclusion of a backup step for the database and a more appropriate suggestion for transitioning users from a git clone workflow.
Upgrading your WireGuard WebAdmin installation ensures you have access to the latest features, security improvements, and bug fixes. Follow these instructions for a smooth upgrade:
1.Transitioning from a Git Clone Workflow:
Begin by navigating to your wireguard_webadmin directory:
cd path/to/wireguard_webadminIf you're upgrading from an existing git clone installation, navigate to your current project directory.
cd /path/to/wireguard_webadmin_git_clone2.Shutdown Services:
Stop all running services to prevent data loss during the upgrade.
docker compose down3.Backup Your Data:
Before making any changes, back up your database and any other important data. This step is crucial for restoring your setup if needed.
- Backup Database Command:
tar cvfz wireguard-webadmin-backup-$(date +%Y-%m-%d-%H%M%S).tar.gz /var/lib/docker/volumes/wireguard_webadmin_wireguard/_data/
Replace /var/lib/docker/volumes/wireguard_webadmin_wireguard/_data/ with the actual path to your Docker volume data if it's different. This command saves the backup to the current directory.
4.Deploy Using Docker Compose:
Follow the previously outlined Deployment Instructions.
Don't forget to update the docker-compose.yml file to the latest version by re-downloading it from the repository.
- Verify Operation: After the services start, access the web interface to ensure WireGuard WebAdmin functions as expected. Examine the application logs for potential issues.
- Support and Troubleshooting: For any complications or need for further information, consult the project's Discussions page or relevant documentation.
By adhering to these instructions, you will update your WireGuard WebAdmin to the latest version, incorporating all available enhancements and security updates. Remember, regular backups and following these upgrade steps will help maintain your deployment's health and security.
Contributions make the open-source community an amazing place to learn, inspire, and create. Your contributions are greatly appreciated.
If you encounter any issues or require assistance, please open an issue on the project's GitHub page.