wg-dashboard / wg-dashboard Goto Github PK
View Code? Open in Web Editor NEWan (unmaintained) easy-to-use dashboard for wireguard vpn
License: MIT License
an (unmaintained) easy-to-use dashboard for wireguard vpn
License: MIT License
So I heard about this vps provider from Linus Tech Tips (which you can use LTT as a promo code to get 15% off at checkout), and they have plans for vps instances at $1.87 a month https://pebblehost.com/vps under their premium offering, and initially it is 100Mbps, but I recently messaged their support and they said to get it an instance bumped up to 500Mbps all you have to do is.
Just open a billing ticket and we can get the limit raised for you.
Which is similar in spec and bandwidth to vultr's pricing for their lower tiers. Also, they have hosting in Canada and Europe.
Disclaimer: I haven't used them yet, but after learning about how easy it is to increase the bandwidth I am probably going to transfer my algo vpn (wireguard) setup to them to get cheaper hosting.
Another disclaimer: I don't have any affiliation with the projects/orgs that I mentioned above (I have done like one contribution to algo), besides that I am a consumer to everything. Just saw you had a Looking for a cheap VPS? section and thought I would mention it.
first user connects no problem at all
Can add a second user no problem, save and restart the server.
Can download config and connect but then no internet.
Hi,
Would it be possible to have an option added to the dashboard to download all the created peers as a zip file? WG allows importing of a zip file that contain all the peers.conf files on most, if not all OS's so would be very handy.
Cheers.
I am using 2 NIC setup with DMZ zone.
WAN --- wireguard --- LAN
and with this config i need to masquerade traffic on TWO interfaces but when i change config from web gui it completly rewrites all my config file with custom PostUp and PostDown commands.
please add option to setup a second nic from gui or dont rewrite whole config file just replace changed value
thanx for great product!
hi, it's possible to reset password for dashboard?
or i need to reinstall dashboard?
i forget password for my dashboard.
Looks like wg-dashboard allows anyone and everyone on the internet to perform recursive DNS lookups via CoreDNS as port 53 is allowed on all interfaces.
I updated and saved my configuration including changing the DNS IP address under server settings, then clicked Save and restart. Now when I create a peer and download the txt version of the config, it appears to be using the "Virtual Address" field from the server settings as the DNS entry for the interface instead of the expected "DNS" field.
Generated config by the dashboard is not valid when using wg-quick.
[#] ip link add vl type wireguard
[#] wg setconf vl /dev/fd/63
Name or service not known: `:58210'
Configuration parsing error
[#] ip link delete dev vl
(I used X to censor data)
[Interface]
Address = 1X.XX.XX.X/24
PrivateKey = XXXXXXXXXXXXXX87pWEA3c0N+gp0/GzUk=
DNS = 10.13.37.1
[Peer]
PublicKey = XXXXXXXXXXXXXXXkJMpPAhEwlHjBcQPqcXU=
Endpoint = :58210
AllowedIPs = 0.0.0.0/0
# This is for if you're behind a NAT and
# want the connection to be kept alive.
PersistentKeepalive = 25
Hi, good morning. You did an amazing project, congratulations!
I would like to know if it will be possible to put a send email button to send an email to the peer containing the conf file and QRcode? I found this very useful. The button could be located on the side of these ones:
What do you think?
Best regards,
Could u let me know how to edit the config file to change the coredns port from 53 to 1053
This looks like a very cool project.
Only thing i am wondering is how to mange IP tables in wg*.conf. I usually add a few IPtable rules to a wg conf.
Is this currently supported or are there any plans to support this. If i add them manually will this be overwritten by the dashboard creation of the wg.conf file?
Hello your project is awasome i installed it yesterday. I hoped it had user expiration date but it hasn't so i suggest to make an automation to block users after expiration date inside peer section
Hello,
why I still have this error after clicking Save & Restart or the addition of a new peer
In my logs file I have an error 500
[18/Nov/2019:13:36:33 +0000] "POST /api/saveandrestart HTTP/1.1" 500 41 "http://127.0.0.1:3000/" "Mozilla/5.0 (X
Can you tell me where the problem comes from
NB: config gets into the file server_config.js and also in wg0.conf but the service remains stopped, I have to restart it in the terminal
From user logs in Issue #15 :
Sep 05 06:35:15 UKWG wg-quick[16346]: Warning: `/etc/wireguard/wg0.conf' is world accessible
we should make the file readable only to wg-dashboard and wireguard itself.
Good day,
I tried to run your script on GoogleCloud on both debian 10 and Ubuntu bionic
Wireguard is perfectly installed but the dashboard on localhost:3000 is not working and returns a blank page,
i tried manually installing and following your script to know what problem might be the cause but there are not errors whatsoever.
What are your recommendations
Hi, When I open the dashboard the server settings Public Host / IP is empty and the VPN isn't working even though I add the Public Host / IP manually. (It shows connected but it has no internet access). I changed the OS from ubuntu 18.0.4 to debian 10 and it didnโt work. I just realized only my Vultr servers have this issue. I even changed my VPS server location. Do you have any idea how to solve this issue? I really want my Vultr server cause they are really good.
I just wanted to message and let this project know that it is possible to run wireguard in a docker container. If you checkout this project (sorry for linking a competitor in your github repo) https://github.com/subspacecloud/subspace#run-as-a-docker-container they show you what capabilities you have to add to run it, but it is possible.
The reason why adding it might be useful is modularity in environments. I heard about this project from the project chat for this project, and they heavily use docker containers.
I just wanted to give you a heads up, but really cool project ๐
lsb_release -rs returns 9.12
So install_script.sh crashes on line 45 with syntax error because of fractional part ".12"
There is another problem when I override version checking of script. I tried to install wg-dashboard in LXC container. "uname -r" returned custom kernel version of host system (4.15.18-27-pve) which not found in virtual machine repos. So install_script.sh interrupts in attempt of install not existing package. Actually there is no need to install modules in virtual machine. Modules should be installed on host system manually in this case.
BTW I successfully installed wg-dashboard on Debian 9.12 by manual way.
Installation looks like functional.
Maybe you should lower the system requirements?
Manually setting up WG for Ubuntu I run "sudo systemctl enable wg-quick@wg0" so that WG always comes back up automatically after a reboot of the server, is it possible to include this with your install script?
Hi,
Are there any plans on adding IPv6 support?
It's hard to set up manually because wg-dashboard keeps overwriting the wg0.conf, but IPv6 does seem to work with some config changes.
Example IPv6 server config:
Address = 10.13.37.1/24,fd10:37:37::1/64
PrivateKey = REDACTED
ListenPort = 58210
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -A FORWARD -o %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -D FORWARD -o %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE
SaveConfig = false
[Peer]
# client
PublicKey = REDACTED
AllowedIPs = 10.13.37.2/32,fd10:37:37::2/128
PrivateKey = REDACTED
Address = 10.13.37.2/24, fd10:37:37::2/64
DNS = 10.13.37.1
[Peer]
PublicKey = REDACTED
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = REDACTED
PersistentKeepalive = 25
Also, net.ipv6.conf.all.forwarding=1 has to be set in the sysctl.conf
Another one :)
The dashboard automagically grabs the network adapter (eth0 / ens3 etc) but appears to leave the public IP blank by default. Would it be possible for the installation to pre-populate the IP field with the IP of the network adapter it assigns? Doing so would more often than not allow your script to create a fully automated setup of WG.
hi, i installed dashboard, all ok, but i want to open access from outside, in ufw i open port 3000, but, it's not accessible, which configuration need to make, to have access not only from localhost?
<3 ya'll thank you so much for making this. I've wanted a nice wireguard gui for a long time.
I'm going to link it all over the https://github.com/pirate/wireguard-docs
(you can close this once you see it, just wanted to say thanks)
All peers have AllowedIPs = 0.0.0.0/0
That useful feature not implemented in wg-dashboard
_ underscores are not compatible with wireguard Android create by file, need to rename the file each time.
(Files are also downloading .conf.txt not sure if that's chrome on mobile or that how it's being served - have not tried on desktop yet)
Hi
Check options I discover how after disable DNS over TLS using button I can't re-enable again, because appears button moved but not text field of file. When you saves and reload appears disabled again.
I want to modify wg-dashboard listen address to LAN ip instead , not only localhost , and I read #5 , but I can not find the string in src/httpServer.js
2019-12-04 10:18:06 [minion@hqs004 wg-dashboard]$ grep "localhost" src/httpServer.js
2019-12-04 10:21:35 [minion@hqs004 wg-dashboard]$
as you can see , there's no "localhost" in httpServer.js , so how do I modify the listen address now ?
Hey there, I just found out that the Installer says
# get the latest stable snapshot
curl -L https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20190601.tar.xz --output WireGuard.tar.xz
wich implies that the "latest stable snapshot" is actually a fixed version. Should it find the latest stable version by itself? Because right now it would be WireGuard-0.0.20191219.tar.xz
.
Thank you so much for putting this together. It made my life a whole lot easier!
Currently we're able to set one ip per peer. How about fields to set allowed subnets behind that peer. And also be able to group peers by department or building etc. Thank you and once again, great job.
I have more questions than issues. Thanks for your help in clarifying this.
Hi,
I got this quite scary message when installing wg-dashboard:
found 33 high severity vulnerabilities in 2514 scanned packages
I ran npm audit fix
which seems to have worked.
Also, consider mentioning that doing the automatic install will end up installing kernel modules and run the software as root. I read the script in advance of running it, and that definitively came as a surprise
Just changed my server port from 58210 to a non-standard port and immediately became unable to connect. Looks like wg-dashboard doesn't update/verify UFW rules when the server port is changed.
Manual installation without UFW (i'm doesnt need it), UFW checked as "option".
I'm try to configure server with web UI (change subnet, external ip).
Optional: Enable ufw and forward port 22 and the desired port of the wireguard instance
How i can fix it?
Please consider to change the port to 3001 or something as 3000 is already used by Grafana :-)
I already have WireGuard installed and configured as VPN server.
When I install wg-dashboard, it doesn't correctly read and display existing configuration.
For example, my server pubkey is /m/cR7xfgePNY5Xo0xjmEBPVIzXNZFqJXNtIPQ1CwTU=
, but wg-dashboard displayed ph7o+zVZV78yMPErK3PaHrJOHeadJ52624QvO2OMUxM=
.
The install script appears to open port 22 to the world; I don't see why the dashboard needs to make any changes to SSH access?
By default no 'admin' ports should ever be opened to the world because, security. Could the install be changed not to touch SSH access?
The install command in the readme references wg-dashboard. The actual location is wireguard-dashboard.
For some reason after setting the password I am having issues. How do I reset or change it withoug redoing everything again?
Hello someone know how to solve this problem ?
i open the 3000 port, but i f i go to my ip:3000 doesn't work
Thank you
how i can remove wg-dashboard? or disable service that listen 3000 port?
after reboot server wireguard dont run auto start automatic?
Sorry.. not an issue, I really love this useful script and dashboard. However currently I have running Wireguard-Go on a cheap OpenVZ instance that I install manually. Is there any way to just install the dashboard only on already setup Wireguard-Go instance? Any help would be greatly appreciated. Thank you!
This would be by far the best update to your awesome project. Keep up the good work.
Looking for some additional features and willing to financially support the request.
Sent you an email. Please get back to me.
Debian GNU/Linux 9.9 (stretch)
log console:
root@node-red:~# curl https://raw.githubusercontent.com/team-centric-software/wireguard-dashboard/master/install_script.sh | bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 5048 100 5048 0 0 92288 0 --:--:-- --:--:-- --:--:-- 93481
net.ipv4.ip_forward = 1
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 11646 100 11646 0 0 110k 0 --:--:-- --:--:-- --:--:-- 110k
apt-get update
for you...sudo apt-get install -y nodejs
to install Node.js 10.x and npm sudo apt-get install gcc g++ make
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt-get update && sudo apt-get install yarn
Reading package lists... Done
Building dependency tree
Reading state information... Done
nodejs is already the newest version (11.15.0-1nodesource1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
--2019-07-10 19:51:18-- https://github.com/team-centric-software/wireguard-dashboard/releases/latest
Resolving github.com (github.com)... 140.82.118.4
Connecting to github.com (github.com)|140.82.118.4|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://github.com/wireguard-dashboard/wireguard-dashboard/releases/latest [following]
--2019-07-10 19:51:18-- https://github.com/wireguard-dashboard/wireguard-dashboard/releases/latest
Reusing existing connection to github.com:443.
HTTP request sent, awaiting response... 302 Found
Location: https://github.com/wireguard-dashboard/wireguard-dashboard/releases/tag/v0.14 [following]
--2019-07-10 19:51:19-- https://github.com/wireguard-dashboard/wireguard-dashboard/releases/tag/v0.14
Reusing existing connection to github.com:443.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: โSTDOUTโ
[ <=> ] 69.12K --.-KB/s in 0.006s
2019-07-10 19:51:20 (11.3 MB/s) - written to stdout [70778]
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 146 0 146 0 0 635 0 --:--:-- --:--:-- --:--:-- 637
100 1299k 0 1299k 0 0 904k 0 --:--:-- 0:00:01 --:--:-- 2119k
[email protected] install /opt/wireguard-dashboard/node_modules/bcrypt
node-pre-gyp install --fallback-to-build
node-pre-gyp WARN Using needle for node-pre-gyp https download
[bcrypt] Success: "/opt/wireguard-dashboard/node_modules/bcrypt/lib/binding/bcrypt_lib.node" is installed via remote
npm WARN [email protected] scripts['server'] should probably be scripts['start'].
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
added 260 packages from 189 contributors and audited 2514 packages in 13.786s
found 0 vulnerabilities
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ โ
โ New minor version of npm available! 6.7.0 โ 6.10.0 โ
โ Changelog: https://github.com/npm/cli/releases/tag/v6.10.0 โ
โ Run npm install -g npm to update! โ
โ โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
Rules updated
Rules updated (v6)
Firewall is active and enabled on system startup
Rule added
Rule added (v6)
Rule added
Rule added (v6)
tar (child): coredns.tgz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
how to fix it?
p.s also, please enable automatic ufw install!
Hey guys, curious as to whether this is possible or not. I'd like to be able to access this dashboard from another computer within my LAN (e.g. at http://192.168.x.x:3000), but at present I can't seem to figure out how that might be allowed. Any advice? Thanks!
Hi, When I add a peer from dashboard I have to press the save and restart button to make the peer works. The problem is that when I press that button the wg service restarts and all current connected peers donโt have connection for some seconds. Is it possible to add a peer and make it works without interrupting other connected peers? I just recently moved from a script to your dashboard and I remember on the old script when I add a new peer it wouldn't interrupt other connections.
Thank you for your great job.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.