Jay Taylor's notes

back to listing index

Place1/wg-access-server: An all-in-one WireGuard VPN solution with a web ui for connecting devices

[web search]
Original source (github.com)
Tags: user-interface wireguard github.com
Clipped on: 2020-04-12

Skip to content
Image (Asset 1/7) alt= You have unread notifications
An all-in-one WireGuard VPN solution with a web ui for connecting devices
TypeScript Go Python Smarty HTML Dockerfile Other
Branch: master
New pull request
Clone or download

Latest commit

Latest commit 48f842f 12 hours ago

Files

Type Name Latest commit message Commit time
deploy 0.1.1 13 days ago
docs 0.1.1 13 days ago
internal Client network config (#25) 12 hours ago
pkg/authnz show the owner name in admin UI (#24) 14 hours ago
proto Client network config (#25) 12 hours ago
screenshots basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago
website Client network config (#25) 12 hours ago
.dockerignore initial commit 6 months ago
.gitignore gitignore for built docs 22 days ago
CHANGELOG.md Client network config (#25) 12 hours ago
Dockerfile basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago
LICENSE Create LICENSE 5 months ago
README.md updated docs 22 days ago
TODO.md updated todo 5 days ago
codegen.sh update codegen.sh last month
docker-compose.yml Fix example docker-compose.yml last month
go.mod basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago
go.sum basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago
main.go Client network config (#25) 12 hours ago
mkdocs.yml basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago
publish.py 0.1.0 22 days ago
requirements-docs.txt basic admin feature, network isolation, docs, helm, k8s, docs (#15) 22 days ago

README.md

wg-access-server

wg-access-server is a single binary that provides a WireGuard VPN server and device management web ui. We support user authentication, 1 click device registration that works with Mac, Linux, Windows, Ios and Android including QR codes. You can configure different network isolation modes for better control and more.

This project aims to deliver a simple VPN solution for developers, homelab enthusiasts and anyone else feeling adventurous.

wg-access-server is a functional but young project. Contributes are welcome!

Documentation

See our documentation website

Running with Docker

Here's a quick command to run the server to try it out.

docker run \
  -it \
  --rm \
  --cap-add NET_ADMIN \
  --device /dev/net/tun:/dev/net/tun \
  -v wg-access-server-data:/data \
  -e "WIREGUARD_PRIVATE_KEY=$(wg genkey)" \
  -p 8000:8000/tcp \
  -p 51820:51820/udp \
  place1/wg-access-server

If you open your browser using your LAN ip address you can even connect your phone to try it out: for example, i'll open my browser at http://192.168.0.XX:8000 using the local LAN IP address.

You can connect to the web server on the local machine browser at http://localhost:8000

Running with Docker-Compose

You modify the docker-compose.yml file for you need then run this following command.

docker-compose up

You can connect to the web server on the local machine browser at http://localhost:8000

If you open your browser to your machine's LAN IP address you'll be able to connect your phone using the UI and QR code!

Screenshots

Image (Asset 4/7) alt=Changelog

See the CHANGELOG.md file

Development

The software is made up a Golang Server and React App.

Here's how I develop locally:

  1. run cd website && npm install && npm start to get the frontend running on :3000
  2. run sudo go run ./main.go to get the server running on :8000

Here are some notes about the development configuration:

  • sudo is required because the server uses iptables/ip to configure the VPN networking
  • you'll access the website on :3000 and it'll proxy API requests to :8000 thanks to webpack
  • in-memory storage and generated wireguard keys will be used

GRPC codegeneration:

The client communicates with the server via gRPC-Web. You can edit the API specification in ./proto/*.proto.

After changing a service or message definition you'll want to re-generate server and client code using: ./codegen.sh.