3.8 KiB
WireGuard for YunoHost
⚠️ This app is still experimental. Check its compatibility before running it on a production system. ⚠️
❗ WireGuard for YunoHost will add a DMKS module to your Linux kernel.
This package allows you to install WireGuard quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult the guide to learn how to install it.
Overview
This app installs WireGuard, a software to create and manage virtual private networks (VPN), along with WireGuard UI to avoid having to use the command line to manage them.
Shipped version of the web UI: 0.2.7
Screenshots
Configuration
WireGuard can be configured via a non-official web UI. Avoid altering the configuration files via the command line interface, though.
Make your server share its Internet connection
Enable port forwarding
sudo nano /etc/sysctl.conf
# Uncomment the following lines:
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
# Save and quit (CTRL+O, CTRL+X)
sudo sysctl -p
Add the following commands in WireGuard Server
menu. Replace eth0
with the interface connected to the Internet:
Post Up Script
iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Post Down Script
iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Documentation
- Official documentation: https://www.wireguard.com/quickstart/
YunoHost specific features
Multi-user support
- Are LDAP and HTTP auth supported? No, use YunoHost permissions panel to allow users to access the web UI.
- Can the app be used by multiple users? Yes, but any user allowed to access the web UI will be able to alter the VPN settings and access the clients credentials.
Supported architectures
Limitations
- 🚧 The web UI can only be installed at the root of a domain.
- 🚧 Only one network interface, wg0 can be managed with this app.
Links
- Report a bug: https://github.com/YunoHost-Apps/wireguard_ynh/issues
- App website: https://www.wireguard.com
- Upstream app repository: https://www.wireguard.com/repositories
- Upstream web UI repository: https://github.com/ngoduykhanh/wireguard-ui
- YunoHost website: https://yunohost.org/
Developer info
Only if you want to use a testing branch for coding, instead of merging directly into master. Please send your pull request to the testing branch.
To try the testing branch, please proceed like that.
sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug
or
sudo yunohost app upgrade wireguard -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug