Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2025-10-04 15:36:18 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
5fb651993bce9438cf938dfb4cc0a9d9d80acdcb
wg-portal/master/documentation/configuration/examples/index.html

195 lines
47 KiB
HTML
Raw Normal View History

Deployed c5fe82a to master with MkDocs 1.6.1 and mike 2.1.3
2025-09-15 20:49:23 +00:00
<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Manage WireGuard Peers and Interface using a beautiful and simple web UI."><link href=https://wgportal.org/master/documentation/configuration/examples/ rel=canonical><link href=../overview/ rel=prev><link href=../../usage/general/ rel=next><link rel=icon href=../../../assets/images/favicon-large.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.6.20"><title>Examples - WireGuard Portal</title><link rel=stylesheet href=../../../assets/stylesheets/main.e53b48f4.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.06af60db.min.css><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Examples - WireGuard Portal"><meta property=og:description content="Manage WireGuard Peers and Interface using a beautiful and simple web UI."><meta property=og:image content=https://wgportal.org/master/assets/images/social/documentation/configuration/examples.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://wgportal.org/master/documentation/configuration/examples/ property=og:url><meta name=twitter:card content=summary_large_image><meta name=twitter:title content="Examples - WireGuard Portal"><meta name=twitter:description content="Manage WireGuard Peers and Interface using a beautiful and simple web UI."><meta name=twitter:image content=https://wgportal.org/master/assets/images/social/documentation/configuration/examples.png></head> <body dir=ltr data-md-color-scheme=default data-md-color-primary=white data-md-color-accent=indigo> <input class=md-toggle data-md-toggle=drawer type=checkbox id=__drawer autocomplete=off> <input class=md-toggle data-md-toggle=search type=checkbox id=__search autocomplete=off> <label class=md-overlay for=__drawer></label> <div data-md-component=skip> <a href=#basic class=md-skip> Skip to content </a> </div> <div data-md-component=announce> </div> <div data-md-color-scheme=default data-md-component=outdated hidden> </div> <header class=md-header data-md-component=header> <nav class="md-header__inner md-grid" aria-label=Header> <a href=../../.. title="WireGuard Portal" class="md-header__button md-logo" aria-label="WireGuard Portal" data-md-component=logo> <img src=../../../assets/images/logo.svg alt=logo> </a> <label class="md-header__button md-icon" for=__drawer> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M3 6h18v2H3zm0 5h18v2H3zm0 5h18v2H3z"/></svg> </label> <div class=md-header__title data-md-component=header-title> <div class=md-header__ellipsis> <div class=md-header__topic> <span class=md-ellipsis> WireGuard Portal </span> </div> <div class=md-header__topic data-md-component=header-topic> <span class=md-ellipsis> Examples </span> </div> </div> </div> <label class="md-header__button md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.52 6.52 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5"/></svg> </label> <div class=md-search data-md-component=search role=dialog> <label class=md-search__overlay for=__search></label> <div class=md-search__inner role=search> <form class=md-search__form name=search> <input type=text class=md-search__input name=query aria-label=Search placeholder=Search autocapitalize=off autocorrect=off autocomplete=off spellcheck=false data-md-component=search-query required> <label class="md-search__ico
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=nt>admin_user</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">test@example.com</span>
<span class=w> </span><span class=nt>admin_password</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">password</span>
<span class=w> </span><span class=nt>admin_api_token</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">super-s3cr3t-api-token-or-a-UUID</span>
<span class=w> </span><span class=nt>import_existing</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class=w> </span><span class=nt>create_default_peer</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>self_provisioning_allowed</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 765fb09 to master with MkDocs 1.6.1 and mike 2.1.3
2025-09-09 19:43:55 +00:00
<span class=nt>backend</span><span class=p>:</span>
<span class=w> </span><span class=c1># default backend decides where new interfaces are created</span>
<span class=w> </span><span class=nt>default</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">mikrotik</span>
<span class=w> </span><span class=nt>mikrotik</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">mikrotik</span><span class=w> </span><span class=c1># unique id, not &quot;local&quot;</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">RouterOS RB5009</span><span class=w> </span><span class=c1># optional nice name</span>
<span class=w> </span><span class=nt>api_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://10.10.10.10/rest</span>
<span class=w> </span><span class=nt>api_user</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">wgportal</span>
<span class=w> </span><span class=nt>api_password</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">a-super-secret-password</span>
<span class=w> </span><span class=nt>api_verify_tls</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">false</span><span class=w> </span><span class=c1># set to false only if using self-signed during testing</span>
<span class=w> </span><span class=nt>api_timeout</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">30s</span><span class=w> </span><span class=c1># maximum request duration</span>
<span class=w> </span><span class=nt>concurrency</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">5</span><span class=w> </span><span class=c1># limit parallel REST calls to device</span>
<span class=w> </span><span class=nt>debug</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">false</span><span class=w> </span><span class=c1># verbose logging for this backend</span>
<span class=w> </span><span class=nt>ignored_interfaces</span><span class=p>:</span><span class=w> </span><span class=c1># ignore these interfaces during import</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">wgTest1</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">wgTest2</span>
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>web</span><span class=p>:</span>
<span class=w> </span><span class=nt>site_title</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">My WireGuard Server</span>
<span class=w> </span><span class=nt>site_company_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">My Company</span>
<span class=w> </span><span class=nt>listening_address</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">:8080</span>
Deployed 8271dd7 to master with MkDocs 1.6.1 and mike 2.1.3
2025-05-04 18:20:11 +00:00
<span class=w> </span><span class=nt>external_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://my.external-domain.com</span>
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=nt>csrf_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">super-s3cr3t-csrf</span>
<span class=w> </span><span class=nt>session_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">super-s3cr3t-session</span>
<span class=w> </span><span class=nt>request_logging</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>advanced</span><span class=p>:</span>
<span class=w> </span><span class=nt>log_level</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">trace</span>
<span class=w> </span><span class=nt>log_pretty</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>log_json</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">false</span>
<span class=w> </span><span class=nt>config_storage_path</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">/etc/wireguard</span>
<span class=w> </span><span class=nt>expiry_check_interval</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">5m</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>database</span><span class=p>:</span>
<span class=w> </span><span class=nt>debug</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>type</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sqlite</span>
<span class=w> </span><span class=nt>dsn</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">data/sqlite.db</span>
Deployed 2b46dca to master with MkDocs 1.6.1 and mike 2.1.3
2025-05-03 06:55:37 +00:00
<span class=w> </span><span class=nt>encryption_passphrase</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">change-this-s3cr3t-encryption-passphrase</span>
Deployed 7fd2bba to master with MkDocs 1.6.1 and mike 2.1.3
2025-05-17 17:23:27 +00:00
<span class=nt>auth</span><span class=p>:</span>
<span class=w> </span><span class=nt>webauthn</span><span class=p>:</span>
<span class=w> </span><span class=nt>enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
</code></pre></div> <h2 id=ldap-authentication-and-synchronization>LDAP Authentication and Synchronization</h2> <div class=highlight><pre><span></span><code><span class=c1># ... (basic configuration)</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>auth</span><span class=p>:</span>
<span class=w> </span><span class=nt>ldap</span><span class=p>:</span>
<span class=w> </span><span class=c1># a sample LDAP provider with user sync enabled</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">ldap</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Active Directory</span>
<span class=w> </span><span class=nt>url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">ldap://srv-ad1.company.local:389</span>
<span class=w> </span><span class=nt>bind_user</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">ldap_wireguard@company.local</span>
<span class=w> </span><span class=nt>bind_pass</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">super-s3cr3t-ldap</span>
<span class=w> </span><span class=nt>base_dn</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">DC=COMPANY,DC=LOCAL</span>
<span class=w> </span><span class=nt>login_filter</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">(&amp;(objectClass=organizationalPerson)(mail={{login_identifier}})(!userAccountControl:1.2.840.113556.1.4.803:=2))</span>
<span class=w> </span><span class=nt>sync_interval</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">15m</span>
<span class=w> </span><span class=nt>sync_filter</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">(&amp;(objectClass=organizationalPerson)(!userAccountControl:1.2.840.113556.1.4.803:=2)(mail=*))</span>
<span class=w> </span><span class=nt>disable_missing</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>field_map</span><span class=p>:</span>
<span class=w> </span><span class=nt>user_identifier</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sAMAccountName</span>
<span class=w> </span><span class=nt>email</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">mail</span>
<span class=w> </span><span class=nt>firstname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">givenName</span>
<span class=w> </span><span class=nt>lastname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sn</span>
<span class=w> </span><span class=nt>phone</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">telephoneNumber</span>
<span class=w> </span><span class=nt>department</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">department</span>
<span class=w> </span><span class=nt>memberof</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">memberOf</span>
<span class=w> </span><span class=nt>admin_group</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">CN=WireGuardAdmins,OU=Some-OU,DC=COMPANY,DC=LOCAL</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>log_user_info</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
</code></pre></div> <h2 id=openid-connect-oidc-authentication>OpenID Connect (OIDC) Authentication</h2> <div class=highlight><pre><span></span><code><span class=c1># ... (basic configuration)</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>auth</span><span class=p>:</span>
<span class=w> </span><span class=nt>oidc</span><span class=p>:</span>
Deployed 99d6ce7 to master with MkDocs 1.6.1 and mike 2.1.3
2025-05-05 16:33:38 +00:00
<span class=w> </span><span class=c1># A sample Entra ID provider with environment variable substitution.</span>
<span class=w> </span><span class=c1># Only users with an @outlook.com email address are allowed to register or login.</span>
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">azure</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">azure</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Login with&lt;/br&gt;Entra ID</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>base_url</span><span class=p>:</span><span class=w> </span><span class=s>&quot;https://login.microsoftonline.com/${AZURE_TENANT_ID}/v2.0&quot;</span>
<span class=w> </span><span class=nt>client_id</span><span class=p>:</span><span class=w> </span><span class=s>&quot;${AZURE_CLIENT_ID}&quot;</span>
<span class=w> </span><span class=nt>client_secret</span><span class=p>:</span><span class=w> </span><span class=s>&quot;${AZURE_CLIENT_SECRET}&quot;</span>
Deployed 99d6ce7 to master with MkDocs 1.6.1 and mike 2.1.3
2025-05-05 16:33:38 +00:00
<span class=w> </span><span class=nt>allowed_domains</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=s>&quot;outlook.com&quot;</span>
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=nt>extra_scopes</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">profile</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=c1># a sample provider where users with the attribute `wg_admin` set to `true` are considered as admins</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">oidc-with-admin-attribute</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Login with&lt;/br&gt;Google</span>
<span class=w> </span><span class=nt>base_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://accounts.google.com</span>
<span class=w> </span><span class=nt>client_id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">the-client-id-1234.apps.googleusercontent.com</span>
<span class=w> </span><span class=nt>client_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">A_CLIENT_SECRET</span>
<span class=w> </span><span class=nt>extra_scopes</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://www.googleapis.com/auth/userinfo.email</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://www.googleapis.com/auth/userinfo.profile</span>
<span class=w> </span><span class=nt>field_map</span><span class=p>:</span>
<span class=w> </span><span class=nt>user_identifier</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sub</span>
<span class=w> </span><span class=nt>email</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class=nt>firstname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">given_name</span>
<span class=w> </span><span class=nt>lastname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">family_name</span>
<span class=w> </span><span class=nt>phone</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">phone_number</span>
<span class=w> </span><span class=nt>department</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">department</span>
<span class=w> </span><span class=nt>is_admin</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">wg_admin</span>
<span class=w> </span><span class=nt>admin_mapping</span><span class=p>:</span>
<span class=w> </span><span class=nt>admin_value_regex</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">^true$</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>log_user_info</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=c1># a sample provider where users in the group `the-admin-group` are considered as admins</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">oidc-with-admin-group</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google2</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Login with&lt;/br&gt;Google2</span>
<span class=w> </span><span class=nt>base_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://accounts.google.com</span>
<span class=w> </span><span class=nt>client_id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">another-client-id-1234.apps.googleusercontent.com</span>
<span class=w> </span><span class=nt>client_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">A_CLIENT_SECRET</span>
<span class=w> </span><span class=nt>extra_scopes</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://www.googleapis.com/auth/userinfo.email</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://www.googleapis.com/auth/userinfo.profile</span>
<span class=w> </span><span class=nt>field_map</span><span class=p>:</span>
<span class=w> </span><span class=nt>user_identifier</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sub</span>
<span class=w> </span><span class=nt>email</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class=nt>firstname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">given_name</span>
<span class=w> </span><span class=nt>lastname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">family_name</span>
<span class=w> </span><span class=nt>phone</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">phone_number</span>
<span class=w> </span><span class=nt>department</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">department</span>
<span class=w> </span><span class=nt>user_groups</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">groups</span>
<span class=w> </span><span class=nt>admin_mapping</span><span class=p>:</span>
<span class=w> </span><span class=nt>admin_group_regex</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">^the-admin-group$</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>log_user_info</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
</code></pre></div> <h2 id=plain-oauth2-authentication>Plain OAuth2 Authentication</h2> <div class=highlight><pre><span></span><code><span class=c1># ... (basic configuration)</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=nt>auth</span><span class=p>:</span>
<span class=w> </span><span class=nt>oauth</span><span class=p>:</span>
<span class=w> </span><span class=c1># a sample provider where users with the attribute `this-attribute-must-be-true` set to `true` or `True`</span>
<span class=w> </span><span class=c1># are considered as admins</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google_plain_oauth-with-admin-attribute</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google3</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Login with&lt;/br&gt;Google3</span>
<span class=w> </span><span class=nt>client_id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">another-client-id-1234.apps.googleusercontent.com</span>
<span class=w> </span><span class=nt>client_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">A_CLIENT_SECRET</span>
<span class=w> </span><span class=nt>auth_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://accounts.google.com/o/oauth2/v2/auth</span>
<span class=w> </span><span class=nt>token_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://oauth2.googleapis.com/token</span>
<span class=w> </span><span class=nt>user_info_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://openidconnect.googleapis.com/v1/userinfo</span>
<span class=w> </span><span class=nt>scopes</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">openid</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">profile</span>
<span class=w> </span><span class=nt>field_map</span><span class=p>:</span>
<span class=w> </span><span class=nt>user_identifier</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sub</span>
<span class=w> </span><span class=nt>email</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class=nt>firstname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">name</span>
<span class=w> </span><span class=nt>is_admin</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">this-attribute-must-be-true</span>
<span class=w> </span><span class=nt>admin_mapping</span><span class=p>:</span>
<span class=w> </span><span class=nt>admin_value_regex</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">^(True|true)$</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed 662e9c0 to master with MkDocs 1.6.1 and mike 2.1.3
2025-01-18 10:57:16 +00:00
Deployed 801ce76 to master with MkDocs 1.6.1 and mike 2.1.3
2025-04-07 16:31:58 +00:00
<span class=w> </span><span class=c1># a sample provider where either users with the attribute `this-attribute-must-be-true` set to `true` or </span>
<span class=w> </span><span class=c1># users in the group `admin-group-name` are considered as admins</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class=nt>id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google_plain_oauth_with_groups</span>
<span class=w> </span><span class=nt>provider_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">google4</span>
<span class=w> </span><span class=nt>display_name</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">Login with&lt;/br&gt;Google4</span>
<span class=w> </span><span class=nt>client_id</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">another-client-id-1234.apps.googleusercontent.com</span>
<span class=w> </span><span class=nt>client_secret</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">A_CLIENT_SECRET</span>
<span class=w> </span><span class=nt>auth_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://accounts.google.com/o/oauth2/v2/auth</span>
<span class=w> </span><span class=nt>token_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://oauth2.googleapis.com/token</span>
<span class=w> </span><span class=nt>user_info_url</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">https://openidconnect.googleapis.com/v1/userinfo</span>
<span class=w> </span><span class=nt>scopes</span><span class=p>:</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">openid</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">profile</span>
<span class=w> </span><span class="p p-Indicator">-</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">i-want-some-groups</span>
<span class=w> </span><span class=nt>field_map</span><span class=p>:</span>
<span class=w> </span><span class=nt>email</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">email</span>
<span class=w> </span><span class=nt>firstname</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">name</span>
<span class=w> </span><span class=nt>user_identifier</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">sub</span>
<span class=w> </span><span class=nt>is_admin</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">this-attribute-must-be-true</span>
<span class=w> </span><span class=nt>user_groups</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">groups</span>
<span class=w> </span><span class=nt>admin_mapping</span><span class=p>:</span>
<span class=w> </span><span class=nt>admin_value_regex</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">^true$</span>
<span class=w> </span><span class=nt>admin_group_regex</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">^admin-group-name$</span>
<span class=w> </span><span class=nt>registration_enabled</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
<span class=w> </span><span class=nt>log_user_info</span><span class=p>:</span><span class=w> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
Deployed c5fe82a to master with MkDocs 1.6.1 and mike 2.1.3
2025-09-15 20:49:23 +00:00
</code></pre></div> <p>For more information, check out the usage documentation (e.g. <a href=../../usage/general/ >General Configuration</a> or <a href=../../usage/backends/ >Backends Configuration</a>).</p> </article> </div> <script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script> </div> </main> <!-- Application footer --> <footer class=md-footer> <!-- Further information --> <div class="md-footer-meta md-typeset" style="background-color: #fff;"> <div class="md-footer-meta__inner md-grid" style="background-color: #fff;"> <!-- Copyright and theme information --> <div class=md-footer-copyright> <div class=md-footer-copyright__highlight style="color: rgb(38, 38, 38);"> Copyright &copy; 2023-2025 WireGuard Portal Project </div> <div style="color: rgb(38, 38, 38);"> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener style="color: black;"> Material for MkDocs </a> </div> </div> <!-- Social links --> <div class=md-social> <a href=https://github.com/h44z/wg-portal target=_blank rel=noopener title=github.com class=md-social__link> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 512 512"><!-- Font Awesome Free 7.0.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2025 Fonticons, Inc.--><path d="M202.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1M496 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2m-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3m-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1"/></svg> </a> <a href=https://hub.docker.com/r/wgportal/wg-portal target=_blank rel=noopener title=hub.docker.com class=md-social__link> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 640 512"><!-- Font Awesome Free 7.0.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2025 Fonticons, Inc.--><path d="M349.9 236.3h-66.1v-59.4h66.1zm0-204.3h-66.1v60.7h66.1zm78.2 144.8H362v59.4h66.1zm-156.3-72.1h-66.1v60.1h66.1zm78.1 0h-66.1v60.1h66.1zm276.8 100c-14.4-9.7-47.6-13.2-73.1-8.4-3.3-24-16.7-44.9-41.1-63.7l-14-9.3-9.3 14c-18.4 27.8-23.4 73.6-3.7 103.8-8.7 4.7-25.8 11.1-48.4 10.7H2.4c-8.7 50.8 5.8 116.8 44 162.1 37.1 43.9 92.7 66.2 165.4 66.2 157.4 0 273.9-72.5 328.4-204.2 21.4.4 67.6.1 91.3-45.2 1.5-2.5 6.6-13.2 8.5-17.1zm-511.1-27.9h-66v59.4h66.1v-59.4zm78.1 0h-66.1v59.4h66.1zm78.1 0h-66.1v59.4h66.1zm-78.1-72.1h-66.1v60.1h66.1z"/></svg> </a> <a href=https://twitter.com/chris_h44z target=_blank rel=noopener title=twitter.com class=md-social__link> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 512 512"><!-- Font Awesome Free 7.0.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2025 Fonticons, Inc.--><path d="M459.4 151.7c.3 4.5.3 9.1.3 13.6 0 138.7-105.6 298.6-298.6 298.6-59.5 0-114.7-17.2-161.1-47.1 8.4 1 16.6 1.3 25.3 1.3 49.1 0 94.2-16.6 130.3-44.8-46.1-1-84.8-31.2-98.1-72.8 6.5 1 13 1.6 19.8 1.6 9.4 0 18.8-1.3 27.6-3.6-48.1-9.7-84.1-52-84.1-103v-1.3c14 7.8 30.2 12.7 47.4 13.3-28.3-18.8-46.8-51-46.8-87.4 0-19.5 5.2-37.4 14.3-53C87.4 130.8 165 172.4 252.1 176.9c-1.6-7.8-2.6-15.9-2.6-24C249.5 95.1 296.3 48 354.4 48c30.2 0 57.5 12.7 76.7 33.1 23.7-4.5 46.5-13.3 66.6-25.3-7.8 24.4-24.4 44.8-46.1 57.8 21.1
Reference in New Issue Copy Permalink