forks/amnezia-wg-easy
1
0
Fork 0
forked from mirrors/amnezia-wg-easy
Code Pull requests Activity
The easiest way to run WireGuard VPN + Web-based Admin UI.
1101 commits 1 branch 0 tags 3.7 MiB
Find a file
Vadim Babadzhanyan 7be9884aec
Feat Prometheus metrics (#1299) 
* Russian translation

* Add Prometheus metrics
[Feat]: Simple Stats API #1285

* Revert "Add Prometheus metrics"

This reverts commit a998f6be8a0c54a5daffe70a0fc3d8b9ed53a960.

* Add Prometheus metrics
[Feat]: Simple Stats API #1285

* Fix short link. Generate One Time Link (#1301)

Co-authored-by: Vadim Babadzhanyan <vadim.babadzhanyan@my.games>

* fix one time links (#1304)

Closes #1302
Co-authored-by: Bernd Storath <999999bst@gmail.com>

* fixup: issue templates due to labels reorg

Signed-off-by: Philip H <47042125+pheiduck@users.noreply.github.com>

* Separate port for prometheus metrics
Add Prometheus metrics [Feat]: Simple Stats API #1285

* Separate port for prometheus metrics
Add Prometheus metrics [Feat]: Simple Stats API #1285

* Fix port in Readme
Separate port for prometheus metrics
Add Prometheus metrics [Feat]: Simple Stats API #1285

* Add Prometheus port in Service
Separate port for prometheus metrics
Add Prometheus metrics [Feat]: Simple Stats API #1285

* Revert "Add Prometheus port in Service"

This reverts commit a7376abcf1fe2b729ab05ba0d49977ab5a2642ea.

* Revert "Fix port in Readme"

This reverts commit 9760bde2f2dc4428b0bf0b27d91bbded1c2ad05d.

* Revert "Separate port for prometheus metrics"

This reverts commit 58f5b6806e20c7704ff04247f384d30c2845a34e.

* Revert "Separate port for prometheus metrics"

This reverts commit 6d246ea4bda265f8b8b9e99acb336aeb26c9fa17.

* Add Prometheus metrics with Basic Auth
[Feat]: Simple Stats API #1285

* Disable by default
[Feat]: Simple Stats API #1285

* [Feat]: Simple Stats API #1285

* Update README.md

---------

Co-authored-by: Vadim Babadzhanyan <vadim.babadzhanyan@my.games>
Co-authored-by: Bernd Storath <bernd.storath@offizium.de>
Co-authored-by: Philip H <47042125+pheiduck@users.noreply.github.com>
2024-08-23 12:10:20 +02:00
.github rename features, fix formatting 2024-08-23 08:32:47 +02:00
assets refactor: optimize build config, factorize code, enhance SVG icons 2024-07-11 12:58:25 +02:00
docs prepare: version bump and changelog 2024-07-24 17:46:31 +02:00
src Feat Prometheus metrics (#1299) 2024-08-23 12:10:20 +02:00
.dockerignore Added nodemon as a dev dependency and removed unnecessary instructions from the Dockerfile 2024-04-30 17:03:48 +02:00
.editorconfig Feat expiration date (#1296) 2024-08-18 23:18:09 +02:00
.gitignore [combine] gitignore 2024-04-14 19:16:41 +02:00
contributing.md contributing.md: remove stackoverflow link 2024-01-07 20:06:43 +01:00
docker-compose.dev.yml fixup: docker-compose.dev.yml 2024-08-01 17:20:11 +02:00
docker-compose.yml Feat Prometheus metrics (#1299) 2024-08-23 12:10:20 +02:00
Dockerfile nodejs: use lts as version tag 2024-08-19 14:30:41 +02:00
How_to_generate_an_bcrypt_hash.md fix(Doc): fix escaping issue for PASSWORD_HASH in docker-compose.yml 2024-08-12 11:25:17 +08:00
LICENSE Rename LICENSE.md to LICENSE 2024-01-12 00:11:42 +01:00
package-lock.json npm: package updates 2023-12-21 21:05:31 +00:00
package.json fix: lint error with workspaces 2024-07-22 13:05:18 +02:00
README.md Feat Prometheus metrics (#1299) 2024-08-23 12:10:20 +02:00
wg-easy.service wg-easy.service: remove double '+' 2024-02-22 18:14:29 +01:00

README.md

WireGuard Easy

Build & Publish Docker Image to Docker Hub Lint Docker Sponsor GitHub Stars

You have found the easiest way to install & manage WireGuard on any Linux host!

Features

  • All-in-one: WireGuard + Web UI.
  • Easy installation, simple to use.
  • List, create, edit, delete, enable & disable clients.
  • Show a client's QR code.
  • Download a client's configuration file.
  • Statistics for which clients are connected.
  • Tx/Rx charts for each connected client.
  • Gravatar support.
  • Automatic Light / Dark Mode
  • Multilanguage Support
  • Traffic Stats (default off)
  • One Time Links (default off)
  • Client Expiry (default off)
  • Prometheus metrics support

Requirements

  • A host with a kernel that supports WireGuard (all modern kernels).
  • A host with Docker installed.

Versions

We provide more then 1 docker image to get, this will help you decide which one is best for you.
For stable versions instead of nightly or development please read README from the production branch!

tag Branch Example Description
latest production ghcr.io/wg-easy/wg-easy:latest or ghcr.io/wg-easy/wg-easy stable as possbile get bug fixes quickly when needed, deployed against production.
13 production ghcr.io/wg-easy/wg-easy:13 same as latest, stick to a version tag.
nightly master ghcr.io/wg-easy/wg-easy:nightly mostly unstable gets frequent package and code updates, deployed against master.
development pull requests ghcr.io/wg-easy/wg-easy:development used for development, testing code from PRs before landing into master.

Installation

1. Install Docker

If you haven't installed Docker yet, install it by running:

curl -sSL https://get.docker.com | sh
sudo usermod -aG docker $(whoami)
exit

And log in again.

2. Run WireGuard Easy

To automatically install & run wg-easy, simply run:

  docker run -d \
  --name=wg-easy \
  -e LANG=de \
  -e WG_HOST=<🚨YOUR_SERVER_IP> \
  -e PASSWORD_HASH=<🚨YOUR_ADMIN_PASSWORD_HASH> \
  -e PORT=51821 \
  -e WG_PORT=51820 \
  -v ~/.wg-easy:/etc/wireguard \
  -p 51820:51820/udp \
  -p 51821:51821/tcp \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --sysctl="net.ipv4.ip_forward=1" \
  --restart unless-stopped \
  ghcr.io/wg-easy/wg-easy

💡 Replace YOUR_SERVER_IP with your WAN IP, or a Dynamic DNS hostname.

💡 Replace YOUR_ADMIN_PASSWORD_HASH with a bcrypt password hash to log in on the Web UI. See How_to_generate_an_bcrypt_hash.md for know how generate the hash.

The Web UI will now be available on http://0.0.0.0:51821.

The Prometheus metrics will now be available on http://0.0.0.0:51821/metrics. Grafana dashboard 21733

💡 Your configuration files will be saved in ~/.wg-easy

WireGuard Easy can be launched with Docker Compose as well - just download docker-compose.yml, make necessary adjustments and execute docker compose up --detach.

3. Sponsor

Are you enjoying this project? Buy Emile a beer! 🍻

Options

These options can be configured by setting environment variables using -e KEY="VALUE" in the docker run command.

Env Default Example Description
PORT 51821 6789 TCP port for Web UI.
WEBUI_HOST 0.0.0.0 localhost IP address web UI binds to.
PASSWORD_HASH - $2y$05$Ci... When set, requires a password when logging in to the Web UI. See How to generate an bcrypt hash.md for know how generate the hash.
WG_HOST - vpn.myserver.com The public hostname of your VPN server.
WG_DEVICE eth0 ens6f0 Ethernet device the wireguard traffic should be forwarded through.
WG_PORT 51820 12345 The public UDP port of your VPN server. WireGuard will listen on that (othwise default) inside the Docker container.
WG_CONFIG_PORT 51820 12345 The UDP port used on Home Assistant Plugin
WG_MTU null 1420 The MTU the clients will use. Server uses default WG MTU.
WG_PERSISTENT_KEEPALIVE 0 25 Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive.
WG_DEFAULT_ADDRESS 10.8.0.x 10.6.0.x Clients IP address range.
WG_DEFAULT_DNS 1.1.1.1 8.8.8.8, 8.8.4.4 DNS server clients will use. If set to blank value, clients will not use any DNS.
WG_ALLOWED_IPS 0.0.0.0/0, ::/0 192.168.15.0/24, 10.0.1.0/24 Allowed IPs clients will use.
WG_PRE_UP ... - See config.js for the default value.
WG_POST_UP ... iptables ... See config.js for the default value.
WG_PRE_DOWN ... - See config.js for the default value.
WG_POST_DOWN ... iptables ... See config.js for the default value.
WG_ENABLE_EXPIRES_TIME false true Enable expire time for clients
LANG en de Web UI language (Supports: en, ua, ru, tr, no, pl, fr, de, ca, es, ko, vi, nl, is, pt, chs, cht, it, th, hi).
UI_TRAFFIC_STATS false true Enable detailed RX / TX client stats in Web UI
UI_CHART_TYPE 0 1 UI_CHART_TYPE=0 # Charts disabled, UI_CHART_TYPE=1 # Line chart, UI_CHART_TYPE=2 # Area chart, UI_CHART_TYPE=3 # Bar chart
WG_ENABLE_ONE_TIME_LINKS false true Enable display and generation of short one time download links (expire after 5 minutes)
MAX_AGE 0 1440 The maximum age of Web UI sessions in minutes. 0 means that the session will exist until the browser is closed.
UI_ENABLE_SORT_CLIENTS false true Enable UI sort clients by name
ENABLE_PROMETHEUS_METRICS false true Enable Prometheus metrics http://0.0.0.0:51821/metrics and http://0.0.0.0:51821/metrics/json
PROMETHEUS_METRICS_PASSWORD - $2y$05$Ci... If set, Basic Auth is required when requesting metrics. See How to generate an bcrypt hash.md for know how generate the hash.

If you change WG_PORT, make sure to also change the exposed port.

Updating

To update to the latest version, simply run:

docker stop wg-easy
docker rm wg-easy
docker pull ghcr.io/wg-easy/wg-easy

And then run the docker run -d \ ... command above again.

With Docker Compose WireGuard Easy can be updated with a single command: docker compose up --detach --pull always (if an image tag is specified in the Compose file and it is not latest, make sure that it is changed to the desired one; by default it is omitted and defaults to latest).
The WireGuared Easy container will be automatically recreated if a newer image was pulled.

Common Use Cases

For less common or specific edge-case scenarios, please refer to the detailed information provided in the Wiki.