fix a few bugs, add instructions for raspberry pi

This commit is contained in:
Christoph Haas 2020-12-17 16:10:05 +01:00
parent edd09a9e13
commit 262e8e2047
8 changed files with 89 additions and 5 deletions

View File

@ -8,10 +8,12 @@ IMAGE=h44z/wg-portal
.PHONY: all test clean phony .PHONY: all test clean phony
all: dep test build all: dep build
build: dep $(addprefix $(BUILDDIR)/,$(BINARIES)) build: dep $(addprefix $(BUILDDIR)/,$(BINARIES))
cp -r assets $(BUILDDIR) cp -r assets $(BUILDDIR)
cp scripts/wg-portal.service $(BUILDDIR)
cp scripts/wg-portal.env $(BUILDDIR)
dep: dep:
$(GOCMD) mod download $(GOCMD) mod download
@ -43,5 +45,8 @@ docker-build:
docker-push: docker-push:
docker push $(IMAGE) docker push $(IMAGE)
# For arch install: arm-linux-gnueabihf-gcc and aarch64-linux-gnu-gcc to crosscompile for arm
$(BUILDDIR)/%: cmd/%/main.go dep phony $(BUILDDIR)/%: cmd/%/main.go dep phony
$(GOCMD) build -o $@ $< GOOS=linux GOARCH=amd64 $(GOCMD) build -o $@-amd64 $<
CGO_ENABLED=1 CC=aarch64-linux-gnu-gcc GOOS=linux GOARCH=arm64 $(GOCMD) build -ldflags "-linkmode external -extldflags -static" -o $@-arm64 $<
CGO_ENABLED=1 CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=7 $(GOCMD) build -ldflags "-linkmode external -extldflags -static" -o $@-arm $<

44
README-RASPBERRYPI.md Normal file
View File

@ -0,0 +1,44 @@
# WireGuard Portal on Raspberry Pi
This readme only contains a detailed explanation of how to setup the WireGuard Portal service on a raspberry pi (>= 3).
## Setup
You can download prebuild binaries from the [release page](https://github.com/h44z/wg-portal/releases). If you want to build the binary yourself,
use the following instructions:
### Building
This section describes how to build the WireGuard Portal code.
To compile the final binary, use the Makefile provided in the repository.
As WireGuard Portal is written in Go, **golang >= 1.14** must be installed prior to building.
```
make
```
The compiled binary and all necessary assets will be located in the dist folder.
### Service setup
- Copy the contents from the dist folder (or from the downloaded zip file) to `/opt/wg-portal`. You can choose a different path as well, but make sure to update the systemd service file accordingly.
- Update the provided systemd `wg-portal.service` file:
- Make sure that the binary matches the system architecture.
- There are three pre-build binaries available: wg-portal-**amd64**, wg-portal-**arm64** and wg-portal-**arm**.
- For a raspberry pi use the arm binary if you are using armv7l architecture. If armv8 is used, the arm64 version should work.
- Make sure that the paths to the binary and the working directory are set correctly (defaults to /opt/wg-portal/wg-portal-amd64):
- ConditionPathExists
- WorkingDirectory
- ExecStart
- EnvironmentFile
- Update environment variables in the `wg-portal.env` file to fit your needs
- Link the system service file to the correct folder:
- `sudo ln -s /opt/wg-portal/wg-portal.service /etc/systemd/system/wg-portal.service`
- Reload the systemctl daemon:
- `sudo systemctl daemon-reload`
### Manage the service
Once the service has been setup, you can simply manage the service using `systemctl`:
- Enable on startup: `systemctl enable wg-portal.service`
- Start: `systemctl start wg-portal.service`
- Stop: `systemctl stop wg-portal.service`
- Status: `systemctl status wg-portal.service`

View File

@ -34,7 +34,7 @@ will only be available in combination with LDAP.
### Docker ### Docker
The easiest way to run WireGuard Portal is using the provided docker image. The easiest way to run WireGuard Portal is using the provided docker image.
Docker compose snippet, used for demo server Docker compose snippet with sample values:
``` ```
version: '3.6' version: '3.6'
services: services:
@ -77,6 +77,7 @@ make
``` ```
The compiled binary and all necessary assets will be located in the dist folder. The compiled binary and all necessary assets will be located in the dist folder.
A detailed description for using this software with a raspberry pi can be found in the [README-RASPBERRYPI.md](README-RASPBERRYPI.md).
## What is out of scope ## What is out of scope

View File

@ -91,7 +91,7 @@
<button type="submit" class="btn btn-primary">Save</button> <button type="submit" class="btn btn-primary">Save</button>
<a href="/admin" class="btn btn-secondary">Cancel</a> <a href="/admin" class="btn btn-secondary">Cancel</a>
<a href="/admin/applyglobals" class="btn btn-dark float-right">Apply Allowed IP's to clients</a> <a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Allowed IP's to clients</a>
</form> </form>
</div> </div>
{{template "prt_footer.html" .}} {{template "prt_footer.html" .}}

View File

@ -100,7 +100,7 @@
<th class="column-top" width="280" style="font-size:0pt; line-height:0pt; padding:0; margin:0; font-weight:normal; vertical-align:top;"> <th class="column-top" width="280" style="font-size:0pt; line-height:0pt; padding:0; margin:0; font-weight:normal; vertical-align:top;">
<table width="100%" border="0" cellspacing="0" cellpadding="0"> <table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr> <tr>
{{if not .Client.LdapUser}} {{if .Client.LdapUser}}
<td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello {{.Client.LdapUser.Firstname}} {{.Client.LdapUser.Lastname}}</td> <td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello {{.Client.LdapUser.Firstname}} {{.Client.LdapUser.Lastname}}</td>
{{else}} {{else}}
<td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello</td> <td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello</td>

View File

@ -73,6 +73,15 @@ func (s *Server) PostAdminEditInterface(c *gin.Context) {
return return
} }
// Update WireGuard config file
err = s.WriteWireGuardConfigFile()
if err != nil {
_ = s.updateFormInSession(c, formDevice)
s.setFlashMessage(c, "Failed to update wireguard config-file: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit?formerr=update")
return
}
s.setFlashMessage(c, "Changes applied successfully!", "success") s.setFlashMessage(c, "Changes applied successfully!", "success")
s.setFlashMessage(c, "WireGuard must be restarted to apply ip changes.", "warning") s.setFlashMessage(c, "WireGuard must be restarted to apply ip changes.", "warning")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin/device/edit")

6
scripts/wg-portal.env Normal file
View File

@ -0,0 +1,6 @@
LISTENING_ADDRESS=:8080
EXTERNAL_URL=https://vpn.company.com
WEBSITE_TITLE=WireGuard VPN
COMPANY_NAME=Your Company Name
ADMIN_USER=admin
ADMIN_PASS=supersecret

19
scripts/wg-portal.service Normal file
View File

@ -0,0 +1,19 @@
[Unit]
Description=WireGuard Portal
ConditionPathExists=/opt/wg-portal/wg-portal-amd64
After=network.target
[Service]
Type=simple
User=root
Group=root
Restart=on-failure
RestartSec=10
WorkingDirectory=/opt/wg-portal
ExecStart=/opt/wg-portal/wg-portal-amd64
EnvironmentFile=/opt/wg-portal/wg-portal.env
[Install]
WantedBy=multi-user.target