diff --git a/issue_template.md b/.github/ISSUE_TEMPLATE.md similarity index 85% rename from issue_template.md rename to .github/ISSUE_TEMPLATE.md index 188971b..2729a6b 100644 --- a/issue_template.md +++ b/.github/ISSUE_TEMPLATE.md @@ -6,11 +6,11 @@ about: When creating a bug report, please use the following template to provide **How to post a meaningful bug report** 1. *Read this whole template first.* -2. *Make sure you are on the right place:* - - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change url...), you are on the right place!* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* - - *In doubt, ask here and we will figure it out together.* -3. *Delete these italic comments as you write over them below, and remove this guide.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* --- ### Describe the bug @@ -22,7 +22,7 @@ about: When creating a bug report, please use the following template to provide - Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* - YunoHost version: x.x.x - I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* -- Are you in a special context or did you perform some particular tweaking on your YunoHost instance ?: *no / yes* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* - If yes, please explain: - Using, or trying to install package version/branch: - If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* @@ -31,13 +31,13 @@ about: When creating a bug report, please use the following template to provide - *If you performed a command from the CLI, the command itself is enough. For example:* ```sh - sudo yunohost app install wireguard + sudo yunohost app install the_app ``` - *If you used the webadmin, please perform the equivalent command from the CLI first.* - *If the error occurs in your browser, explain what you did:* 1. *Go to '...'* - 2. *Click on '....'* - 3. *Scroll down to '....'* + 2. *Click on '...'* + 3. *Scroll down to '...'* 4. *See error* ### Expected behavior diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/README.md b/README.md index 442dc52..f260b47 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,8 @@ + + # WireGuard for YunoHost [![Integration level](https://dash.yunohost.org/integration/wireguard.svg)](https://dash.yunohost.org/appci/app/wireguard) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.maintain.svg) @@ -5,25 +10,30 @@ *[Lire ce readme en français.](./README_fr.md)* -:warning: This app is still experimental. Check its compatibility before running it on a production system. :warning: - -:exclamation: WireGuard for YunoHost will add a DMKS module to your Linux kernel. - -> *This package allows you to install WireGuard quickly and simply on a YunoHost server. +> *This package allows you to install WireGuard quickly and simply on a YunoHost server. If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -This app installs WireGuard, a software to create and manage virtual private networks (VPN), along with WireGuard UI to avoid having to use the command line to manage them. -**Shipped version of the web UI:** 0.2.7 +Virtual Private Networks (VPN) via WireGuard, with a web UI to ease configuration + +**Shipped version:** 0.2.7~ynh4 + + ## Screenshots -![](https://user-images.githubusercontent.com/6447444/80270680-76adf980-86e4-11ea-8ca1-9237f0dfa249.png) +![](./doc/screenshots/screenshot.png) +![](./doc/screenshots/screenshot.png:Zone.Identifier) -## Configuration +## Disclaimers / important information -WireGuard can be configured via a non-official web UI. Avoid altering the configuration files via the command line interface, though. +* WireGuard for YunoHost will add a DMKS module to your Linux kernel. + * You may need to reboot your server for WireGuard to be able to start. +* The package includes WireGuard and non-official web UI to configure it. + * Avoid altering the configuration files via the command line interface, though. +* Use YunoHost permissions panel to allow users to access the web UI. +* Only one network interface, *wg0*, can be managed with this app at the moment. ### Make your server share its Internet connection @@ -50,42 +60,16 @@ iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptabl iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE ``` -## Documentation - * Official documentation: https://www.wireguard.com/quickstart/ - +## Documentation and resources -## YunoHost specific features +* Official app website: https://www.wireguard.com/ +* Upstream app code repository: https://github.com/ngoduykhanh/wireguard-ui +* YunoHost documentation for this app: https://yunohost.org/app_wireguard +* Report a bug: https://github.com/YunoHost-Apps/wireguard_ynh/issues -#### Multi-user support +## Developer info -* Are LDAP and HTTP auth supported? No, use YunoHost permissions panel to allow users to access the web UI. -* Can the app be used by multiple users? Yes, but any user allowed to access the web UI will be able to alter the VPN settings and access the clients credentials. - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/wireguard%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/wireguard/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/wireguard%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/wireguard/) - -## Limitations - -* :construction: The web UI can only be installed at the root of a domain. -* :construction: Only one network interface, *wg0* can be managed with this app. - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/wireguard_ynh/issues - * App website: https://www.wireguard.com - * Upstream app repository: https://www.wireguard.com/repositories - * Upstream web UI repository: https://github.com/ngoduykhanh/wireguard-ui - * YunoHost website: https://yunohost.org/ - ---- - -Developer info ----------------- - -**Only if you want to use a testing branch for coding, instead of merging directly into master.** Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing). To try the testing branch, please proceed like that. @@ -94,3 +78,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh/tree/te or sudo yunohost app upgrade wireguard -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md index 817e7dc..e874063 100644 --- a/README_fr.md +++ b/README_fr.md @@ -3,41 +3,48 @@ [![Niveau d'intégration](https://dash.yunohost.org/integration/wireguard.svg)](https://dash.yunohost.org/appci/app/wireguard) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wireguard.maintain.svg) [![Installer WireGuard avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wireguard) -*[Read this readme in english.](./README.md)* +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* -:warning: Cette app est encore expérimentale. Vérifiez sa compatibilté avant de lancer l'installation sur un serveur de production. :warning: - -:exclamation: WireGuard pour YunoHost ajoutera un module DKMS à votre noyau Linux. - -> *Ce package vous permet d'installer WireGuard rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.* +> *Ce package vous permet d'installer WireGuard rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* ## Vue d'ensemble -Cette application installe WireGuard, logiciel permettant de créer des réseaux privés virtuels (VPN), accompagné de WireGuard UI pour éviter de les configurer par la ligne de commande. -**Version de la web UI incluse :** 0.2.7 +Réseaux Privés Virtuels (VPN) via WireGuard, avec une web UI pour faciliter sa configuration -## Capture d'écran +**Version incluse :** 0.2.7~ynh4 -![](https://user-images.githubusercontent.com/6447444/80270680-76adf980-86e4-11ea-8ca1-9237f0dfa249.png) -## Configuration -WireGuard est configurable via une web UI non-officielle. Évitez de toucher aux fichiers de configuration via la ligne de commande. +## Captures d'écran -### Partager la connexion Internet de votre serveur +![](./doc/screenshots/screenshot.png) +![](./doc/screenshots/screenshot.png:Zone.Identifier) -#### Activer le *port forwarding* +## Avertissements / informations importantes + +* Cette application ajoutera un module DMKS à votre noyau Linux. + * Vous devriez redémarrer votre serveur pour que WireGuard puisse se lancer. +* Cette application inclut WireGuard et une interface web non-officielle pour le configurer. + * Évitez de modifier les fichiers de configuration via la ligne de commande. +* Utiliser le panneau de permissions de YunoHost pour autoriser des utilisateurs à accéder à WireGuard UI. +* Une seule interface réseau, *wg0*, peut actuellement être gérée par cette app. + +### Partagez votre connexion Internet via WireGuard + +#### Activez le *port forwarding* ```bash sudo nano /etc/sysctl.conf -# It should have an uncommented line: +# Décommentez les lignes suivantes : net.ipv4.ip_forward = 1 -# Save and quit (CTRL+O, CTRL+X) +net.ipv6.conf.all.forwarding = 1 +# Sauvegardez et quittez (CTRL+O, CTRL+X) sudo sysctl -p ``` -Ajoutez les commandes suivantes dans le menu `WireGuard Server`. Remplacez `eth0` par l'interface connectée à l'Internet. +Ajoutez les commandes suivantes dans le menu `WireGuard Server`. Remplacez `eth0` avec l'interface connectée à Internet : #### Post Up Script ``` @@ -49,42 +56,16 @@ iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptabl iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE ``` -## Documentation - * Documentation officielle : https://www.wireguard.com/quickstart/ - +## Documentations et ressources -## Caractéristiques spécifiques YunoHost +* Site officiel de l'app : https://www.wireguard.com/ +* Dépôt de code officiel de l'app : https://github.com/ngoduykhanh/wireguard-ui +* Documentation YunoHost pour cette app : https://yunohost.org/app_wireguard +* Signaler un bug : https://github.com/YunoHost-Apps/wireguard_ynh/issues -#### Support multi-utilisateur +## Informations pour les développeurs -* L'authentification LDAP et HTTP est-elle prise en charge ? Non, utilisez le système de permissions de YunoHost pour permettre à vos utilisateurs d'utiliser la web UI. -* L'application peut-elle être utilisée par plusieurs utilisateurs ? Oui, mais tout utilisateur aura la main sur la configuration du VPN et les identifiants de ses clients. - -#### Architectures supportées - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/wireguard%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/wireguard/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/wireguard%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/wireguard/) - -## Limitations - -* :construction: La web UI ne peut être installée qu'à la racine d'un domaine. -* :construction: Seulement une seule interface réseau, *wg0*, peut être gérée par l'application. - -## Liens - - * Signaler un bug : https://github.com/YunoHost-Apps/wireguard_ynh/issues - * Site de l'application : https://www.wireguard.com - * Dépôt de l'application principale : https://www.wireguard.com/repositories - * Dépôt de la web UI : https://github.com/ngoduykhanh/wireguard-ui - * Site web YunoHost : https://yunohost.org/ - ---- - -Informations pour les développeurs ----------------- - -**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.** Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. @@ -93,3 +74,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh/tree/te ou sudo yunohost app upgrade wireguard -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug ``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..c380634 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,32 @@ +* WireGuard for YunoHost will add a DMKS module to your Linux kernel. + * You may need to reboot your server for WireGuard to be able to start. +* The package includes WireGuard and non-official web UI to configure it. + * Avoid altering the configuration files via the command line interface, though. +* Use YunoHost permissions panel to allow users to access the web UI. +* Only one network interface, *wg0*, can be managed with this app at the moment. + +### Make your server share its Internet connection + +#### Enable port forwarding + +```bash +sudo nano /etc/sysctl.conf +# Uncomment the following lines: +net.ipv4.ip_forward = 1 +net.ipv6.conf.all.forwarding = 1 +# Save and quit (CTRL+O, CTRL+X) +sudo sysctl -p +``` + +Add the following commands in `WireGuard Server` menu. Replace `eth0` with the interface connected to the Internet: + +#### Post Up Script +``` +iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +``` + +#### Post Down Script +``` +iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE +``` + diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..77bd45e --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,32 @@ +* Cette application ajoutera un module DMKS à votre noyau Linux. + * Vous devriez redémarrer votre serveur pour que WireGuard puisse se lancer. +* Cette application inclut WireGuard et une interface web non-officielle pour le configurer. + * Évitez de modifier les fichiers de configuration via la ligne de commande. +* Utiliser le panneau de permissions de YunoHost pour autoriser des utilisateurs à accéder à WireGuard UI. +* Une seule interface réseau, *wg0*, peut actuellement être gérée par cette app. + +### Partagez votre connexion Internet via WireGuard + +#### Activez le *port forwarding* + +```bash +sudo nano /etc/sysctl.conf +# Décommentez les lignes suivantes : +net.ipv4.ip_forward = 1 +net.ipv6.conf.all.forwarding = 1 +# Sauvegardez et quittez (CTRL+O, CTRL+X) +sudo sysctl -p +``` + +Ajoutez les commandes suivantes dans le menu `WireGuard Server`. Remplacez `eth0` avec l'interface connectée à Internet : + +#### Post Up Script +``` +iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +``` + +#### Post Down Script +``` +iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE +``` + diff --git a/doc/screenshots/screenshot.png b/doc/screenshots/screenshot.png new file mode 100644 index 0000000..21c3545 Binary files /dev/null and b/doc/screenshots/screenshot.png differ diff --git a/doc/screenshots/screenshot.png:Zone.Identifier b/doc/screenshots/screenshot.png:Zone.Identifier new file mode 100644 index 0000000..5ff913c --- /dev/null +++ b/doc/screenshots/screenshot.png:Zone.Identifier @@ -0,0 +1,3 @@ +[ZoneTransfer] +ZoneId=3 +HostUrl=https://user-images.githubusercontent.com/6447444/80270680-76adf980-86e4-11ea-8ca1-9237f0dfa249.png diff --git a/manifest.json b/manifest.json index 9890c4a..4d0c395 100644 --- a/manifest.json +++ b/manifest.json @@ -3,11 +3,16 @@ "id": "wireguard", "packaging_format": 1, "description": { - "en": "Virtual Private Networks (VPN) via WireGuard, with a web UI", - "fr": "Réseaux Privés Virtuels (VPN) via WireGuard, avec une web UI" + "en": "Virtual Private Networks (VPN) via WireGuard, with a web UI to ease configuration", + "fr": "Réseaux Privés Virtuels (VPN) via WireGuard, avec une web UI pour faciliter sa configuration" }, - "version": "0.2.7~ynh3", + "version": "0.2.7~ynh4", "url": "https://github.com/ngoduykhanh/wireguard-ui", + "upstream": { + "license": "MIT", + "website": "https://www.wireguard.com/", + "code": "https://github.com/ngoduykhanh/wireguard-ui" + }, "license": "MIT", "maintainer": { "name": "tituspijean", diff --git a/pull_request_template.md b/pull_request_template.md deleted file mode 100644 index ee0c7e3..0000000 --- a/pull_request_template.md +++ /dev/null @@ -1,18 +0,0 @@ -## Problem -- *Description of why you made this PR* - -## Solution -- *And how do you fix that problem* - -## PR Status -- [ ] Code finished. -- [ ] Tested with Package_check. -- [ ] Fix or enhancement tested. -- [ ] Upgrade from last version tested. -- [ ] Can be reviewed and tested. - -## Package_check results ---- -*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* - -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/wireguard_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/wireguard_ynh%20PR-NUM-%20(USERNAME)/) diff --git a/scripts/_common.sh b/scripts/_common.sh index 45ec5ac..bfd7caa 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="wireguard-dkms wireguard" +pkg_dependencies="linux-headers-$(uname -r) wireguard-dkms wireguard" #================================================= # PERSONAL HELPERS diff --git a/scripts/remove b/scripts/remove index c6577b8..e6aaf28 100644 --- a/scripts/remove +++ b/scripts/remove @@ -98,7 +98,7 @@ ynh_remove_logrotate if yunohost firewall list | grep -q "\- $port_wg$" then ynh_script_progression --message="Closing port $port_wg..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port_wg + ynh_exec_warn_less yunohost firewall disallow UDP $port_wg fi if yunohost firewall list | grep -q "\- $port$"