-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #45 from YunoHost-Apps/testing
Testing
- Loading branch information
Showing
29 changed files
with
210 additions
and
310 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,5 @@ | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.2.7/wireguard-ui-v0.2.7-linux-amd64.tar.gz | ||
SOURCE_SUM=DC0FF54ABD2E08DB5ED722E07CEDA6E007CD5E6DFABD3A3B5A948CC8275D8100 | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.3.2/wireguard-ui-v0.3.2-linux-amd64.tar.gz | ||
SOURCE_SUM=71972b81f2d2ade50484cc1501a5896c8a08cfd82297f81c1d6279d7e0ff1f35 | ||
SOURCE_SUM_PRG=sha256sum | ||
SOURCE_FORMAT=tar.gz | ||
SOURCE_IN_SUBDIR=false | ||
SOURCE_FILENAME= |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,5 @@ | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.2.7/wireguard-ui-v0.2.7-linux-arm64.tar.gz | ||
SOURCE_SUM=32331E591B0C3B9E4EC360B53B967A3CCEEEFE5B7FFEC3ADD61A9483B50B9F0D | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.3.2/wireguard-ui-v0.3.2-linux-arm64.tar.gz | ||
SOURCE_SUM=8d31fc39495f8a6480531859f225f0fee36788515532d75d9cfaaa866000f52f | ||
SOURCE_SUM_PRG=sha256sum | ||
SOURCE_FORMAT=tar.gz | ||
SOURCE_IN_SUBDIR=false | ||
SOURCE_FILENAME= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.3.2/wireguard-ui-v0.3.2-linux-arm.tar.gz | ||
SOURCE_SUM=4632fd96c7574321031907695fbbe6535884a8006b517c7f7d3ab289fb94be5f | ||
SOURCE_SUM_PRG=sha256sum | ||
SOURCE_FORMAT=tar.gz | ||
SOURCE_IN_SUBDIR=false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
SOURCE_URL=https://github.com/ngoduykhanh/wireguard-ui/releases/download/v0.3.2/wireguard-ui-v0.3.2-linux-386.tar.gz | ||
SOURCE_SUM=f76fc030d54e735977236d1984a906e749abb038208f410b406a2972498e3b9e | ||
SOURCE_SUM_PRG=sha256sum | ||
SOURCE_FORMAT=tar.gz | ||
SOURCE_IN_SUBDIR=false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,9 @@ | ||
{ | ||
"addresses": [ | ||
"10.10.10.0/24" | ||
"10.10.10.0/24", | ||
"fd42::/112" | ||
], | ||
"listen_port": "__PORT_WG__", | ||
"post_up": "", | ||
"post_down": "" | ||
"post_up": "iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o __INTERFACE__ -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -A FORWARD -o %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o __INTERFACE__ -j MASQUERADE; ip link set multicast on dev %i", | ||
"post_down": "iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o __INTERFACE__ -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -D FORWARD -o %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o __INTERFACE__ -j MASQUERADE" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
net.ipv4.ip_forward = 1 | ||
net.ipv6.conf.all.forwarding = 1 |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
[Unit] | ||
Description=Watch WireGuard %I.conf for changes | ||
|
||
[Path] | ||
PathModified=/etc/wireguard/%I.conf | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
[Unit] | ||
Description=WireGuard on %I | ||
After=network-online.target nss-lookup.target | ||
Wants=network-online.target nss-lookup.target | ||
|
||
[Service] | ||
Type=oneshot | ||
User=root | ||
RemainAfterExit=yes | ||
ExecStart=/bin/systemctl restart wg-quick@%I.service | ||
ExecStop=/bin/systemctl stop wg-quick@%I.service | ||
|
||
[Install] | ||
WantedBy=multi-user.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
WireGuard® is fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,32 +1,9 @@ | ||
* WireGuard for YunoHost will add a DMKS module to your Linux kernel. | ||
* You may need to reboot your server for WireGuard to be able to start. | ||
* The package includes WireGuard and non-official web UI to configure it. | ||
* Avoid altering the configuration files via the command line interface, though. | ||
* Do not manually alter the configuration files. | ||
* Use YunoHost permissions panel to allow users to access the web UI. | ||
* Only one network interface, *wg0*, can be managed with this app at the moment. | ||
* `Status` page is not working for the time being. | ||
|
||
### Make your server share its Internet connection | ||
|
||
#### Enable port forwarding | ||
|
||
```bash | ||
sudo nano /etc/sysctl.conf | ||
# Uncomment the following lines: | ||
net.ipv4.ip_forward = 1 | ||
net.ipv6.conf.all.forwarding = 1 | ||
# Save and quit (CTRL+O, CTRL+X) | ||
sudo sysctl -p | ||
``` | ||
|
||
Add the following commands in `WireGuard Server` menu, like in [this picture](https://user-images.githubusercontent.com/8769166/124400150-cf354980-dd20-11eb-87c6-9478938d9c82.png). Replace `eth0` with the interface connected to the Internet: | ||
|
||
#### Post Up Script | ||
``` | ||
iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | ||
``` | ||
|
||
#### Post Down Script | ||
``` | ||
iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE | ||
``` | ||
|
||
After installation, you need to `Apply Config` once in the UI before the VPN service can be started. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,32 +1,9 @@ | ||
* Cette application ajoutera un module DMKS à votre noyau Linux. | ||
* Vous devriez redémarrer votre serveur pour que WireGuard puisse se lancer. | ||
* Cette application inclut WireGuard et une interface web non-officielle pour le configurer. | ||
* Évitez de modifier les fichiers de configuration via la ligne de commande. | ||
* Ne modifiez pas les fichiers de configuration à la main. | ||
* Utiliser le panneau de permissions de YunoHost pour autoriser des utilisateurs à accéder à WireGuard UI. | ||
* Une seule interface réseau, *wg0*, peut actuellement être gérée par cette app. | ||
* La page `Status` demeure non fonctionnelle pour l'instant. | ||
|
||
### Partagez votre connexion Internet via WireGuard | ||
|
||
#### Activez le *port forwarding* | ||
|
||
```bash | ||
sudo nano /etc/sysctl.conf | ||
# Décommentez les lignes suivantes : | ||
net.ipv4.ip_forward = 1 | ||
net.ipv6.conf.all.forwarding = 1 | ||
# Sauvegardez et quittez (CTRL+O, CTRL+X) | ||
sudo sysctl -p | ||
``` | ||
|
||
Ajoutez les commandes suivantes dans le menu `WireGuard Server`, tel que dans [cette image](https://user-images.githubusercontent.com/8769166/124400150-cf354980-dd20-11eb-87c6-9478938d9c82.png). Remplacez `eth0` avec l'interface connectée à Internet : | ||
|
||
#### Post Up Script | ||
``` | ||
iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | ||
``` | ||
|
||
#### Post Down Script | ||
``` | ||
iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE | ||
``` | ||
|
||
Après installation, vous devrez cliquer sur `Apply Config` une fois dans l'UI avant que le service VPN puisse être démarré. |
Oops, something went wrong.