helps to manage wg connections in a client/server scenario

Find a file

Andrea Zucchelli f3c87deb32 chore: refresh button		2024-10-13 23:47:36 +02:00
static/css	Merge remote-tracking branch 'origin/feat/css'	2024-10-07 14:41:34 +02:00
templates	chore: refresh button	2024-10-13 23:47:36 +02:00
test	feat: test	2024-10-09 18:44:53 +02:00
wg_connection_manager	chore: refresh button	2024-10-13 23:47:36 +02:00
wg_connection_manager_worker	fix: sort out sub	2024-10-13 21:24:56 +02:00
wg_manager	feat: wrapping up containers	2024-10-13 23:37:56 +02:00
.env-dist	feat: celery decoupling	2024-10-13 18:55:39 +02:00
.gitignore	Merge remote-tracking branch 'origin/feat/css'	2024-10-07 14:41:34 +02:00
compose.yaml	feat: wrapping up containers	2024-10-13 23:37:56 +02:00
Containerfile	feat: wrapping up containers	2024-10-13 23:37:56 +02:00
Containerfile-worker	chore: optimize image build	2024-10-13 20:29:29 +02:00
LICENSE	first import	2024-10-06 12:56:12 +02:00
manage.py	first import	2024-10-06 12:56:12 +02:00
pyproject.toml	feat: test wip	2024-10-08 23:37:00 +02:00
README.md	feat: wrapping up containers	2024-10-13 23:37:56 +02:00
requirements-test.txt	chore: requirements-test.txt	2024-10-09 18:56:11 +02:00
requirements-worker.txt	feat: celery decoupling	2024-10-13 18:55:39 +02:00
requirements.txt	fix: sync command	2024-10-13 19:24:06 +02:00

README.md

WG-MANAGER

This simple Django web interface helps to manage wg connections in a client/server scenario. Users are allowed to create, enable and disable wg peers.

Warning
this program is alpha quality, not fully tested and can break your computer :D also it must run with root privileges :(

Quickstart container

The container version is made of 3 containers a valkey/redis container a celery worker backend and the django app as frontend.
The django apps invokes the worker via celery through valkey, the worker executes the privileged operations on the wireguard interfaces, the celery worker container ha NET_ADMIN capability and lives in the host network

there's a sample compose file compose.yaml.

first prepare the environment

in wg_manager dir create your own settings.py:

from .settings_dist import *
# your customization here

or simply make a symbolic link:

ln -s settings_dist.py settings.py

copy .env-dist and create your own .env set the variable WG_INTERFACE according to the name of the wg interface you want to manage

star the service

you can start the service running:

docker compose up

The you can connect to the web interface on http://127.0.0.1:4000 default superuser credentials are:

user: admin
password: admin

you can import existing wireguard peer by visiting the /sync url http://127.0.0.1:4000/sync

Remember that the db insiede the container get destroyed every time the container get destroyed.
You can mount the db as a volume by adding the db as volume in the wg-manager service:

volumes:
    #...
    - ./db.sqlite3:/app/db.sqlite3
    #...

Quickstart standalone

create a python venv:

python -m venv venv

activate it

. venv/bin/activate

install the requirements

pip install -r requirements.txt

in wg_manager dir create your own settings.py:

from .settings_dist import *
# your customization here

or simply make a symbolic link:

ln -s settings_dist.py settings.py

copy .env-dist and create your own .env set the variable WG_INTERFACE according to the name of the wg interface you want to manage

set USE_CELERY=False in environemnt to use only the django app without the privileged worker

create the sqlite db:

./manage.py migrate

collect static assets:

./manage.py collectstatic

create the superuser:

./manage.py createsuperuser

if you already have connections you can import them in the db with:

./manage.py sync

you can test with the integrated dev server:

./manage.py runserver

and then deploy it using a proper web server like gunicorn:

gunicorn wg_manager.wsgi

with a proper tls enabled reverse proxy before it.