wg-manager/README.md

# WG-MANAGER

This simple Django web interface helps to manage wg connections in a client/server scenario.
Users are allowed to create, enable and disable wg peers.

**Warning**  
this program is **alpha quality**, not fully tested and can break your computer :D
also it must run with *root privileges* :(

## Quickstart container

The container version is made of 3 containers a valkey/redis container a celery worker backend and the django app as frontend.   
The django apps invokes the worker via celery through valkey, the worker executes the privileged operations on the wireguard interfaces, the celery worker container ha **NET_ADMIN** capability and lives in the **host network**

there's a sample compose file `compose.yaml`.

### first prepare the environment

in `wg_manager` dir
create your own `settings.py`:
```python
from .settings_dist import *
# your customization here
```
or simply make a symbolic link:
```bash
ln -s settings_dist.py settings.py
```
copy `.env-dist` and create your own `.env` set the variable `WG_INTERFACE` according to the name of the wg interface you want to manage

### star the service

you can start the service running:

```bash
docker compose up
```
The you can connect to the web interface on [http://127.0.0.1:4000](http://127.0.0.1:4000) default superuser credentials are:
* user: admin 
* password: admin

you can import existing wireguard peer by visiting the `/sync` url [http://127.0.0.1:4000/sync](http://127.0.0.1:4000/sync)

Remember that the db insiede the container get destroyed every time the container get destroyed.  
You can mount the db as a volume by adding the db as volume in the `wg-manager` service:
```yaml
volumes:
    #...
    - ./db.sqlite3:/app/db.sqlite3
    #...
```



## Quickstart standalone

create a python venv:
```bash
python -m venv venv
```
activate it
```bash
. venv/bin/activate
```
install the requirements
```bash
pip install -r requirements.txt
```
in `wg_manager` dir
create your own `settings.py`:
```python
from .settings_dist import *
# your customization here
```
or simply make a symbolic link:
```bash
ln -s settings_dist.py settings.py
```
copy `.env-dist` and create your own `.env` set the variable `WG_INTERFACE` according to the name of the wg interface you want to manage

set `USE_CELERY=False` in environemnt to use only the django app without the privileged worker

create the sqlite db:
```bash
./manage.py migrate
```
collect static assets:
```bash
./manage.py collectstatic
```
create the superuser:
```bash
./manage.py createsuperuser
```
if you already have connections you can import them in the db with:
```bash
./manage.py sync
```
you can test with the integrated dev server:
```bash
./manage.py runserver
```
and then deploy it using a proper web server like [gunicorn](https://gunicorn.org/):
```bash
gunicorn wg_manager.wsgi
```
with a proper tls enabled reverse proxy before it.