Mirrors/wg-portal
1
0
Fork 0
mirror of https://github.com/h44z/wg-portal.git synced 2025-06-28 01:07:03 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

prepare for v2 release

Browse Source
This commit is contained in:
Christoph Haas 2025-05-04 11:00:12 +02:00
parent 020ebb64e7
commit 2c8304417b
12 changed files with 64 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/docker-publish.yml vendored
View File

@ -4,7 +4,7 @@ on:
pull_request: pull_request:
branches: [master] branches: [master]
push: push:
branches: [master, stable] branches: [master, stable, legacy]
# Publish vX.X.X tags as releases. # Publish vX.X.X tags as releases.
tags: ["v*.*.*"] tags: ["v*.*.*"]

6
.github/workflows/pages.yml vendored
View File

@ -2,7 +2,11 @@ name: github-pages
on: on:
push: push:
branches: [master] branches: [master]
tags: ["v*"] tags:
- 'v*'
- '!v*-alpha*'
- '!v*-beta*'
- '!v*-rc*'
permissions: permissions:
contents: write contents: write

19
README.md
View File

@ -1,4 +1,4 @@
# WireGuard Portal (v2 - testing) # WireGuard Portal v2
[![Build Status](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml/badge.svg?event=push)](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml) [![Build Status](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml/badge.svg?event=push)](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml)
[![License: MIT](https://img.shields.io/badge/license-MIT-green.svg)](https://opensource.org/licenses/MIT) [![License: MIT](https://img.shields.io/badge/license-MIT-green.svg)](https://opensource.org/licenses/MIT)
@ -8,14 +8,6 @@
![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/h44z/wg-portal) ![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/h44z/wg-portal)
[![Docker Pulls](https://img.shields.io/docker/pulls/h44z/wg-portal.svg)](https://hub.docker.com/r/wgportal/wg-portal/) [![Docker Pulls](https://img.shields.io/docker/pulls/h44z/wg-portal.svg)](https://hub.docker.com/r/wgportal/wg-portal/)
> [!CAUTION]
> Version 2 is currently under development and may contain bugs and breaking changes.
> It is not advised to use this version in production. Use version [v1](https://github.com/h44z/wg-portal/tree/stable) instead.
> [!IMPORTANT]
> Since the project was accepted by the Docker-Sponsored Open Source Program, the Docker image location has moved to [wgportal/wg-portal](https://hub.docker.com/r/wgportal/wg-portal).
> Please update the Docker image from **h44z/wg-portal** to **wgportal/wg-portal**.
## Introduction ## Introduction
<!-- Text from this line # is included in docs/documentation/overview.md --> <!-- Text from this line # is included in docs/documentation/overview.md -->
**WireGuard Portal** is a simple, web-based configuration portal for [WireGuard](https://wireguard.com) server management. **WireGuard Portal** is a simple, web-based configuration portal for [WireGuard](https://wireguard.com) server management.
@ -23,7 +15,7 @@ The portal uses the WireGuard [wgctrl](https://github.com/WireGuard/wgctrl-go) l
interfaces. This allows for the seamless activation or deactivation of new users without disturbing existing VPN interfaces. This allows for the seamless activation or deactivation of new users without disturbing existing VPN
connections. connections.
The configuration portal supports using a database (SQLite, MySQL, MsSQL or Postgres), OAuth or LDAP The configuration portal supports using a database (SQLite, MySQL, MsSQL, or Postgres), OAuth or LDAP
(Active Directory or OpenLDAP) as a user source for authentication and profile data. (Active Directory or OpenLDAP) as a user source for authentication and profile data.
## Features ## Features
@ -44,7 +36,7 @@ The configuration portal supports using a database (SQLite, MySQL, MsSQL or Post
* Handles route and DNS settings like wg-quick does * Handles route and DNS settings like wg-quick does
* Exposes Prometheus metrics for monitoring and alerting * Exposes Prometheus metrics for monitoring and alerting
* REST API for management and client deployment * REST API for management and client deployment
* Webhook for custom actions on peer, interface or user updates * Webhook for custom actions on peer, interface, or user updates
<!-- Text to this line # is included in docs/documentation/overview.md --> <!-- Text to this line # is included in docs/documentation/overview.md -->
![Screenshot](docs/assets/images/screenshot.png) ![Screenshot](docs/assets/images/screenshot.png)
@ -68,3 +60,8 @@ For the complete documentation visit [wgportal.org](https://wgportal.org).
## License ## License
* MIT License. [MIT](LICENSE.txt) or <https://opensource.org/licenses/MIT> * MIT License. [MIT](LICENSE.txt) or <https://opensource.org/licenses/MIT>
> [!IMPORTANT]
> Since the project was accepted by the Docker-Sponsored Open Source Program, the Docker image location has moved to [wgportal/wg-portal](https://hub.docker.com/r/wgportal/wg-portal).
> Please update the Docker image from **h44z/wg-portal** to **wgportal/wg-portal**.

2
docker-compose.yml
View File

@ -1,7 +1,7 @@
--- ---
services: services:
wg-portal: wg-portal:
image: wgportal/wg-portal:latest image: wgportal/wg-portal:v2
container_name: wg-portal container_name: wg-portal
restart: unless-stopped restart: unless-stopped
logging: logging:

10
docs/documentation/configuration/overview.md
View File

@ -4,7 +4,7 @@ You can supply these configurations in a **YAML** file (e.g. `config.yaml`) when
The path of the configuration file defaults to **config/config.yaml** (or config/config.yml) in the working directory of the executable. The path of the configuration file defaults to **config/config.yaml** (or config/config.yml) in the working directory of the executable.
It is possible to override configuration filepath using the environment variable `WG_PORTAL_CONFIG`. It is possible to override configuration filepath using the environment variable `WG_PORTAL_CONFIG`.
For example: `WG_PORTAL_CONFIG=/etc/wg-portal/config.yaml ./wg-portal`. For example: `WG_PORTAL_CONFIG=/etc/wg-portal/config.yaml ./wg-portal`.
Also, environment variable substitution in config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs). Also, environment variable substitution in the config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs).
Configuration examples are available on the [Examples](./examples.md) page. Configuration examples are available on the [Examples](./examples.md) page.
@ -15,6 +15,7 @@ Configuration examples are available on the [Examples](./examples.md) page.
core: core:
admin_user: admin@wgportal.local admin_user: admin@wgportal.local
admin_password: wgportal admin_password: wgportal
admin_api_token: ""
editable_keys: true editable_keys: true
create_default_peer: false create_default_peer: false
create_default_peer_on_creation: false create_default_peer_on_creation: false
@ -35,6 +36,7 @@ advanced:
config_storage_path: "" config_storage_path: ""
expiry_check_interval: 15m expiry_check_interval: 15m
rule_prio_offset: 20000 rule_prio_offset: 20000
route_table_offset: 20000
api_admin_only: true api_admin_only: true
database: database:
@ -42,6 +44,7 @@ database:
slow_query_threshold: "0" slow_query_threshold: "0"
type: sqlite type: sqlite
dsn: data/sqlite.db dsn: data/sqlite.db
encryption_passphrase: ""
statistics: statistics:
use_ping_checks: true use_ping_checks: true
@ -79,6 +82,7 @@ web:
session_secret: very_secret session_secret: very_secret
csrf_secret: extremely_secret csrf_secret: extremely_secret
request_logging: false request_logging: false
expose_host_info: false
cert_file: "" cert_file: ""
key_File: "" key_File: ""
@ -607,6 +611,10 @@ Without a valid `external_url`, the login process may fail due to CSRF protectio
- **Default:** `false` - **Default:** `false`
- **Description:** Log all HTTP requests. - **Description:** Log all HTTP requests.
### `expose_host_info`
- **Default:** `false`
- **Description:** Expose the hostname and version of the WireGuard Portal server in an HTTP header. This is useful for debugging but may expose sensitive information.
### `cert_file` ### `cert_file`
- **Default:** *(empty)* - **Default:** *(empty)*
- **Description:** (Optional) Path to the TLS certificate file. - **Description:** (Optional) Path to the TLS certificate file.

14
docs/documentation/getting-started/binaries.md
View File

@ -3,6 +3,12 @@ These binary versions can be manually downloaded and installed.
## Download ## Download
Make sure that you download the correct binary for your architecture. The available binaries are:
- `wg-portal_linux_amd64` - Linux x86_64
- `wg-portal_linux_arm64` - Linux ARM 64-bit
- `wg-portal_linux_arm_v7` - Linux ARM 32-bit
With `curl`: With `curl`:
```shell ```shell
@ -21,6 +27,8 @@ with `gh cli`:
gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64' gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64'
``` ```
## Install ## Install
```shell ```shell
@ -28,7 +36,7 @@ sudo mkdir -p /opt/wg-portal
sudo install wg-portal /opt/wg-portal/ sudo install wg-portal /opt/wg-portal/
``` ```
## Unreleased ## Unreleased versions (master branch builds)
Unreleased versions can be fetched directly from the artifacts section of the [GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster).
Unreleased versions could be downloaded from
[GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster) artifacts also.

12
docs/documentation/getting-started/docker.md
View File

@ -10,7 +10,7 @@ The recommended method for deploying WireGuard Portal is via Docker Compose for
A sample docker-compose.yml (managing WireGuard interfaces directly on the host) is provided below: A sample docker-compose.yml (managing WireGuard interfaces directly on the host) is provided below:
```yaml ```yaml
--8<-- "docker-compose.yml::17" --8<-- "docker-compose.yml::18"
``` ```
By default, the webserver is listening on port **8888**. By default, the webserver is listening on port **8888**.
@ -39,7 +39,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
```yaml ```yaml
services: services:
wg-portal: wg-portal:
image: wgportal/wg-portal:latest image: wgportal/wg-portal:v2
container_name: wg-portal container_name: wg-portal
... ...
cap_add: cap_add:
@ -65,7 +65,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
```yaml ```yaml
services: services:
wg-portal: wg-portal:
image: wgportal/wg-portal:latest image: wgportal/wg-portal:v2
container_name: wg-portal container_name: wg-portal
... ...
cap_add: cap_add:
@ -118,11 +118,11 @@ These are official releases of WireGuard Portal. They correspond to the GitHub t
Once these tags show up in this repository, they will never change. Once these tags show up in this repository, they will never change.
For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:1.0.19**, instead of the latest or canary tags. For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:2.0.0**, instead of the latest or canary tags.
If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v1` or `1.0`. If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v2` or `2.0`.
Version **1** is currently **stable**, version **2** is in **development**. Version **2** is the current stable release. Version **1** has moved to legacy status and is no longer recommended.
#### latest #### latest

2
docs/documentation/getting-started/reverse-proxy.md
View File

@ -44,7 +44,7 @@ services:
- 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https' - 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'
wg-portal: wg-portal:
image: wgportal/wg-portal:latest image: wgportal/wg-portal:v2
container_name: wg-portal container_name: wg-portal
restart: unless-stopped restart: unless-stopped
logging: logging:

2
docs/documentation/monitoring/prometheus.md
View File

@ -13,7 +13,7 @@ By default, WG-Portal exposes Prometheus metrics on port `8787` if interface/pee
## Prometheus Config ## Prometheus Config
Add following scrape job to your Prometheus config file: Add the following scrape job to your Prometheus config file:
```yaml ```yaml
# prometheus.yaml # prometheus.yaml

2
docs/documentation/overview.md
View File

@ -1 +1 @@
--8<-- "README.md:20:47" --8<-- "README.md:12:41"

5
docs/documentation/upgrade/v1.md
View File

@ -1,5 +1,4 @@
For production deployments of WireGuard Portal, we strongly recommend using version 1. Major upgrades between different versions may require special procedures, which are described in the following sections.
If you want to use version 2, please be aware that it is still a release candidate and not yet fully stable.
## Upgrade from v1 to v2 ## Upgrade from v1 to v2
@ -29,7 +28,7 @@ If you are using Docker, you can adapt the docker-compose.yml file to start the
```yaml ```yaml
services: services:
wg-portal: wg-portal:
image: wgportal/wg-portal:latest image: wgportal/wg-portal:v2
# ... other settings # ... other settings
restart: no restart: no
command: ["-migrateFrom=/app/data/wg_portal.db"] command: ["-migrateFrom=/app/data/wg_portal.db"]

9
mkdocs.yml
View File

@ -30,6 +30,15 @@ plugins:
- minify: - minify:
minify_html: true minify_html: true
- swagger-ui-tag - swagger-ui-tag
- mike:
# These fields are all optional; the defaults are as below...
alias_type: symlink
redirect_template: null
deploy_prefix: ''
canonical_version: null
version_selector: true
css_dir: css
javascript_dir: js
extra: extra:
version: version: