YunoHost-Apps/wireguard_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/wireguard_ynh.git synced 2024-09-03 20:35:58 +02:00
Code Issues Activity Actions
WireGuard VPN software with a web UI configuration companion, packaged for YunoHost.
60 commits 3 branches 0 tags 575 KiB
Shell 100%
Find a file
tituspijean 8a8a05b0fe Add instructions to enable port forwarding
2021-03-02 19:02:56 +01:00
conf No need to start UI after wireguard.path service 2021-01-22 21:12:50 +01:00
scripts Try to appease the CI 2021-01-21 22:15:43 +01:00
.gitignore Initial commit 2020-10-11 14:45:13 +02:00
check_process Remove is_public argument 2021-01-21 19:55:16 +01:00
issue_template.md Initial commit 2020-10-11 14:45:13 +02:00
LICENSE Initial commit 2020-10-11 14:45:13 +02:00
manifest.json Update warnings 2021-01-22 21:23:38 +01:00
pull_request_template.md Initial commit 2020-10-11 14:45:13 +02:00
README.md Add instructions to enable port forwarding 2021-03-02 19:02:56 +01:00
README_fr.md Add instructions to enable port forwarding 2021-03-02 19:02:56 +01:00

README.md

WireGuard for YunoHost

Integration level
Install WireGuard with YunoHost

Lire ce readme en français.

⚠️ This app is still experimental. Check its compatibility before running it on a production system. ⚠️

WireGuard for YunoHost will add a DMKS module to your Linux kernel.

This package allows you to install WireGuard quickly and simply on a YunoHost server.
If you don't have YunoHost, please consult the guide to learn how to install it.

Overview

This app installs WireGuard, a software to create and manage virtual private networks (VPN), along with WireGuard UI to avoid having to use the command line to manage them.

Shipped version of the web UI: 0.2.7

Screenshots

Configuration

WireGuard can be configured via a non-official web UI. Avoid altering the configuration files via the command line interface, though.

Make your server share its Internet connection

Enable port forwarding

sudo nano /etc/sysctl.conf
# It should have an uncommented line:
net.ipv4.ip_forward = 1
# Save and quit (CTRL+O, CTRL+X)
sudo sysctl -p

Add the following commands in WireGuard Server menu. Replace eth0 with the interface connected to the Internet:

Post Up Script

iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Post Down Script

iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

Documentation

YunoHost specific features

Multi-user support

  • Are LDAP and HTTP auth supported? No, use YunoHost permissions panel to allow users to access the web UI.
  • Can the app be used by multiple users? Yes, but any user allowed to access the web UI will be able to alter the VPN settings and access the clients credentials.

Supported architectures

  • x86-64 - Build Status
  • ARMv8-A - Build Status

Limitations

  • 🚧 The web UI can only be installed at the root of a domain.
  • 🚧 Only one network interface, wg0 can be managed with this app.

Links

Developer info

Only if you want to use a testing branch for coding, instead of merging directly into master. Please send your pull request to the testing branch.

To try the testing branch, please proceed like that.

sudo yunohost app install https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug
or
sudo yunohost app upgrade wireguard -u https://github.com/YunoHost-Apps/wireguard_ynh/tree/testing --debug