Mirrors/WGDashboard
1
0
Fork 0
mirror of https://github.com/donaldzou/WGDashboard.git synced 2026-04-12 16:07:27 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Revert "Merge branch 'v4.3.3-dev' into main"
Some checks failed
CodeQL / Analyze (javascript) (push) Has been cancelled
Details
CodeQL / Analyze (python) (push) Has been cancelled
Details
Docker Build and Push / docker_build (push) Has been cancelled
Details
Docker Build and Push / docker_scan (push) Has been cancelled
Details

Browse Source 
This reverts commit 3586ddce4d, reversing
changes made to 27ec65a970.
This commit is contained in:
Daan Selen
2026-03-31 23:15:34 +02:00
parent 3586ddce4d
commit 1e495c546c
169 changed files with 1436 additions and 1909 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
docker/Dockerfile
View File

@@ -4,7 +4,7 @@
#
# Pull the current golang-alpine image.
FROM golang:1.26-alpine3.23 AS awg-go
FROM golang:1.25-alpine AS awg-go
# Install build-dependencies.
RUN apk add --no-cache \
@@ -30,7 +30,7 @@ RUN go version && \
# AWG TOOLS BUILDING STAGE
# Base: Alpine
#
FROM alpine:3.23 AS awg-tools
FROM alpine:latest AS awg-tools
# Install needed dependencies.
RUN apk add --no-cache \
@@ -55,7 +55,7 @@ RUN make && chmod +x wg*
#
# Use the python-alpine image for building pip dependencies
FROM python:3.14-alpine3.23 AS pip-builder
FROM python:3.14-alpine AS pip-builder
ARG TARGETPLATFORM
@@ -91,7 +91,7 @@ RUN . /opt/wgdashboard/src/venv/bin/activate && \
#
# Running with the python-alpine image.
FROM python:3.14-alpine3.23 AS final
FROM python:3.14-alpine AS final
LABEL maintainer="dselen@nerthus.nl"
# Install only the runtime dependencies
@@ -114,18 +114,15 @@ ENV TZ="Europe/Amsterdam" \
global_dns="9.9.9.9" \
wgd_port="10086" \
public_ip="" \
WGDASH=/opt/wgdashboard \
dynamic_config="true"
WGDASH=/opt/wgdashboard
# Create directories needed for operation
RUN mkdir /data /configs -p ${WGDASH}/src /etc/amnezia/amneziawg \
&& echo "name_servers=${global_dns}" >> /etc/resolvconf.conf
RUN mkdir /data /configs -p ${WGDASH}/src /etc/amnezia/amneziawg
# Copy the venv and source files from local compiled locations or repos
COPY ./src ${WGDASH}/src
COPY --from=pip-builder /opt/wgdashboard/src/venv /opt/wgdashboard/src/venv
COPY ./docker/wg0.conf.template /tmp/wg0.conf.template
COPY ./docker/wg-dashboard-oidc-providers.json.template /tmp/wg-dashboard-oidc-providers.json.template
# Copy in the runtime script, essential.
COPY ./docker/entrypoint.sh /entrypoint.sh

42
docker/README.md
View File

@@ -23,7 +23,7 @@ To get the container running you either pull the pre-made image from a remote re
- ghcr.io/wgdashboard/wgdashboard:<tag>
- docker.io/donaldzou/wgdashboard:<tag>
> tags should be either: latest, main, <version>, <branch-name> (if built) or <commit-sha>.
> tags should be either: latest, main, <version> or <commit-sha>.
From there either use the environment variables described below as parameters or use the Docker Compose file: `compose.yaml`.<br>
Be careful, the default generated WireGuard configuration file uses port 51820/udp. So make sure to use this port if you want to use it out of the box.<br>
@@ -95,29 +95,23 @@ Updating the WGDashboard container should be through 'The Docker Way' - by pulli
## ⚙️ Environment Variables
| Variable | Accepted Values | Default | Example | Description |
| ------------------ | ---------------------------------------- | ----------------------- | --------------------- | ----------------------------------------------------------------------- |
| `dynamic_config` | true, yes, false, no | `true` | `true` or `no` | Turns on or off the dynamic configuration feature, on by default for Docker |
| `tz` | Timezone | `Europe/Amsterdam` | `America/New_York` | Sets the container's timezone. Useful for accurate logs and scheduling. |
| `global_dns` | IPv4 and IPv6 addresses | `9.9.9.9` | `8.8.8.8`, `1.1.1.1` | Default DNS for WireGuard clients. |
| `public_ip` | Public IP address | Retrieved automatically | `253.162.134.73` | Used to generate accurate client configs. Needed if container is NATd. |
| `wgd_port` | Any port that is allowed for the process | `10086` | `443` | This port is used to set the WGDashboard web port. |
| `username` | Any nonempty string | `-` | `admin` | Username for the WGDashboard web interface account. |
| `password` | Any nonempty string | `-` | `s3cr3tP@ss` | Password for the WGDashboard web interface account (stored hashed). |
| `enable_totp` | `true`, `false` | `true` | `false` | Enable TOTPbased twofactor authentication for the account. |
| `wg_autostart` | Wireguard interface name | `false` | `true` | Autostart the WireGuard client when the container launches. |
| `email_server` | SMTP server address | `-` | `smtp.gmail.com` | SMTP server for sending email notifications. |
| `email_port` | SMTP port number | `-` | `587` | Port for connecting to the SMTP server. |
| `email_encryption` | `TLS`, `SSL`, etc. | `-` | `TLS` | Encryption method for email communication. |
| `email_username` | Any non-empty string | `-` | `user@example.com` | Username for SMTP authentication. |
| `email_password` | Any non-empty string | `-` | `app_password` | Password for SMTP authentication. |
| `email_from` | Valid email address | `-` | `noreply@example.com` | Email address used as the sender for notifications. |
| `email_template` | Path to template file | `-` | `your-template` | Custom template for email notifications. |
| `database_type` | `sqlite`, `postgresql`, `mariadb+mariadbconnector`, etc. | `-` | `postgresql` | Type of [sqlalchemy database engine](https://docs.sqlalchemy.org/en/21/core/engines.html). |
| `database_host` | Any non-empty string | `-` | `localhost` | IP-Address or hostname of the SQL-database server. |
| `database_port` | Any non-empty string (or int for port) | `-` | `5432` | Port for the database communication. |
| `database_username`| Valid database username | `-` | `database_user` | Database user username. |
| `database_password`| Valid database password | `-` | `database_password` | Database user password. |
| Variable | Accepted Values | Default | Example | Description |
| ------------------ | ---------------------------------------- | ----------------------- | ------------------------ | ----------------------------------------------------------------------- |
| `tz` | Timezone | `Europe/Amsterdam` | `America/New_York` | Sets the container's timezone. Useful for accurate logs and scheduling. |
| `global_dns` | IPv4 and IPv6 addresses | `9.9.9.9` | `8.8.8.8`, `1.1.1.1` | Default DNS for WireGuard clients. |
| `public_ip` | Public IP address | Retrieved automatically | `253.162.134.73` | Used to generate accurate client configs. Needed if container is NATd. |
| `wgd_port` | Any port that is allowed for the process | `10086` | `443` | This port is used to set the WGDashboard web port. |
| `username` | Any nonempty string | `-` | `admin` | Username for the WGDashboard web interface account. |
| `password` | Any nonempty string | `-` | `s3cr3tP@ss` | Password for the WGDashboard web interface account (stored hashed). |
| `enable_totp` | `true`, `false` | `true` | `false` | Enable TOTPbased twofactor authentication for the account. |
| `wg_autostart` | Wireguard interface name | `-` | `wg0` or `wg0\|\|wg1\|\|wg2` | Autostart the WireGuard interface when the container launches. |
| `email_server` | SMTP server address | `-` | `smtp.gmail.com` | SMTP server for sending email notifications. |
| `email_port` | SMTP port number | `-` | `587` | Port for connecting to the SMTP server. |
| `email_encryption` | `TLS`, `SSL`, etc. | `-` | `TLS` | Encryption method for email communication. |
| `email_username` | Any non-empty string | `-` | `user@example.com` | Username for SMTP authentication. |
| `email_password` | Any non-empty string | `-` | `app_password` | Password for SMTP authentication. |
| `email_from` | Valid email address | `-` | `noreply@example.com` | Email address used as the sender for notifications. |
| `email_template` | Path to template file | `-` | `your-template` | Custom template for email notifications. |
---

1
docker/compose.yaml
View File

@@ -13,7 +13,6 @@ services:
# By default its all disabled, but uncomment the following lines to apply these. (uncommenting is removing the # character)
# Refer to the documentation on https://wgdashboard.dev/ for more info on what everything means.
#environment:
#- wg_autostart=wg0
#- tz= # <--- Set container timezone, default: Europe/Amsterdam.
#- public_ip= # <--- Set public IP to ensure the correct one is chosen, defaulting to the IP give by ifconfig.me.
#- wgd_port= # <--- Set the port WGDashboard will use for its web-server.

76
docker/entrypoint.sh
View File

@@ -85,6 +85,8 @@ echo "------------------------- START ----------------------------"
echo "Starting the WGDashboard Docker container."
ensure_installation() {
echo "Quick-installing..."
# Make the wgd.sh script executable.
chmod +x "${WGDASH}"/src/wgd.sh
cd "${WGDASH}"/src || exit
@@ -100,51 +102,23 @@ ensure_installation() {
echo "Removing clear command from wgd.sh for better Docker logging."
sed -i '/clear/d' ./wgd.sh
# PERSISTENCE FOR databases directory
# Create required directories and links
if [ ! -d "/data/db" ]; then
echo "Creating database dir"
mkdir -p /data/db
fi
if [[ ! -L "${WGDASH}/src/db" ]] && [[ -d "${WGDASH}/src/db" ]]; then
echo "Removing ${WGDASH}/src/db since its not a symbolic link."
rm -rfv "${WGDASH}/src/db"
fi
if [[ -L "${WGDASH}/src/db" ]]; then
echo "${WGDASH}/src/db is a symbolic link."
else
ln -sv /data/db "${WGDASH}/src/db"
if [ ! -d "${WGDASH}/src/db" ]; then
ln -s /data/db "${WGDASH}/src/db"
fi
# PERSISTENCE FOR wg-dashboard-oidc-providers.json
if [ ! -f "/data/wg-dashboard-oidc-providers.json" ]; then
echo "Creating wg-dashboard-oidc-providers.json file"
cp -v /tmp/wg-dashboard-oidc-providers.json.template /data/wg-dashboard-oidc-providers.json
fi
if [[ ! -L "${WGDASH}/src/wg-dashboard-oidc-providers.json" ]] && [[ -f "${WGDASH}/src/wg-dashboard-oidc-providers.json" ]]; then
echo "Removing ${WGDASH}/src/wg-dashboard-oidc-providers.json since its not a symbolic link."
rm -fv "${WGDASH}/src/wg-dashboard-oidc-providers.json"
fi
if [[ -L "${WGDASH}/src/wg-dashboard-oidc-providers.json" ]]; then
echo "${WGDASH}/src/wg-dashboard-oidc-providers.json is a symbolic link."
else
ln -sv /data/wg-dashboard-oidc-providers.json "${WGDASH}/src/wg-dashboard-oidc-providers.json"
fi
# PERSISTENCE FOR wg-dashboard.ini
if [ ! -f "${config_file}" ]; then
echo "Creating wg-dashboard.ini file"
touch "${config_file}"
fi
if [[ ! -L "${WGDASH}/src/wg-dashboard.ini" ]] && [[ -f "${WGDASH}/src/wg-dashboard.ini" ]]; then
echo "Removing ${WGDASH}/src/wg-dashboard.ini since its not a symbolic link."
rm -fv "${WGDASH}/src/wg-dashboard.ini"
fi
if [[ -L "${WGDASH}/src/wg-dashboard.ini" ]]; then
echo "${WGDASH}/src/wg-dashboard.ini is a symbolic link."
else
ln -sv "${config_file}" "${WGDASH}/src/wg-dashboard.ini"
if [ ! -f "${WGDASH}/src/wg-dashboard.ini" ]; then
ln -s "${config_file}" "${WGDASH}/src/wg-dashboard.ini"
fi
# Setup WireGuard if needed
@@ -168,25 +142,14 @@ set_envvars() {
# Check if config file is empty
if [ ! -s "${config_file}" ]; then
echo "Config file is empty. Creating initial structure."
elif [[ ${dynamic_config,,} =~ ^(false|no)$ ]]; then
echo "Dynamic configuration feature turned off, not changing anything"
return
fi
echo "Checking basic configuration:"
set_ini Peers peer_global_dns "${global_dns}"
if [ -z "${public_ip}" ]; then
public_ip=$(curl -s https://ifconfig.me)
if [ -z "${public_ip}" ]; then
echo "Using fallback public IP resolution website"
public_ip=$(curl -s https://api.ipify.org)
fi
if [ -z "${public_ip}" ]; then
echo "Failed to resolve publicly. Using private address."
public_ip=$(hostname -i)
fi
echo "Automatically detected public IP: ${public_ip}"
public_ip=$(curl -s ifconfig.me)
echo "Automatically detected public IP: ${public_ip}"
fi
set_ini Peers remote_endpoint "${public_ip}"
@@ -220,24 +183,6 @@ set_envvars() {
set_ini WireGuardConfiguration autostart "${wg_autostart}"
fi
# Database (check if any settings need to be configured)
database_vars=("database_type" "database_host" "database_port" "database_username" "database_password")
for var in "${database_vars[@]}"; do
if [ -n "${!var}" ]; then
echo "Configuring database settings:"
break
fi
done
# Database (iterate through all possible fields)
database_fields=("type:database_type" "host:database_host" "port:database_port"
"username:database_username" "password:database_password")
for field_pair in "${database_fields[@]}"; do
IFS=: read -r field var <<< "$field_pair"
[[ -n "${!var}" ]] && set_ini Database "$field" "${!var}"
done
# Email (check if any settings need to be configured)
email_vars=("email_server" "email_port" "email_encryption" "email_username" "email_password" "email_from" "email_template")
for var in "${email_vars[@]}"; do
@@ -262,9 +207,6 @@ set_envvars() {
start_and_monitor() {
printf "\n---------------------- STARTING CORE -----------------------\n"
# Due to resolvconf resetting the DNS we echo back the one we defined (or fallback to default).
resolvconf -u
# Due to some instances complaining about this, making sure its there every time.
mkdir -p /dev/net
mknod /dev/net/tun c 10 200

16
docker/wg-dashboard-oidc-providers.json.template
View File

@@ -1,16 +0,0 @@
{
"Admin": {
"Provider": {
"client_id": "",
"client_secret": "",
"issuer": ""
}
},
"Client": {
"Provider": {
"client_id": "",
"client_secret": "",
"issuer": ""
}
}
}