fix a few bugs, add instructions for raspberry pi

This commit is contained in:
Christoph Haas 2020-12-17 16:10:05 +01:00
parent edd09a9e13
commit 262e8e2047
8 changed files with 89 additions and 5 deletions

View File

@ -8,10 +8,12 @@ IMAGE=h44z/wg-portal
.PHONY: all test clean phony
all: dep test build
all: dep build
build: dep $(addprefix $(BUILDDIR)/,$(BINARIES))
cp -r assets $(BUILDDIR)
cp scripts/wg-portal.service $(BUILDDIR)
cp scripts/wg-portal.env $(BUILDDIR)
dep:
$(GOCMD) mod download
@ -43,5 +45,8 @@ docker-build:
docker-push:
docker push $(IMAGE)
# For arch install: arm-linux-gnueabihf-gcc and aarch64-linux-gnu-gcc to crosscompile for arm
$(BUILDDIR)/%: cmd/%/main.go dep phony
$(GOCMD) build -o $@ $<
GOOS=linux GOARCH=amd64 $(GOCMD) build -o $@-amd64 $<
CGO_ENABLED=1 CC=aarch64-linux-gnu-gcc GOOS=linux GOARCH=arm64 $(GOCMD) build -ldflags "-linkmode external -extldflags -static" -o $@-arm64 $<
CGO_ENABLED=1 CC=arm-linux-gnueabihf-gcc GOOS=linux GOARCH=arm GOARM=7 $(GOCMD) build -ldflags "-linkmode external -extldflags -static" -o $@-arm $<

44
README-RASPBERRYPI.md Normal file
View File

@ -0,0 +1,44 @@
# WireGuard Portal on Raspberry Pi
This readme only contains a detailed explanation of how to setup the WireGuard Portal service on a raspberry pi (>= 3).
## Setup
You can download prebuild binaries from the [release page](https://github.com/h44z/wg-portal/releases). If you want to build the binary yourself,
use the following instructions:
### Building
This section describes how to build the WireGuard Portal code.
To compile the final binary, use the Makefile provided in the repository.
As WireGuard Portal is written in Go, **golang >= 1.14** must be installed prior to building.
```
make
```
The compiled binary and all necessary assets will be located in the dist folder.
### Service setup
- Copy the contents from the dist folder (or from the downloaded zip file) to `/opt/wg-portal`. You can choose a different path as well, but make sure to update the systemd service file accordingly.
- Update the provided systemd `wg-portal.service` file:
- Make sure that the binary matches the system architecture.
- There are three pre-build binaries available: wg-portal-**amd64**, wg-portal-**arm64** and wg-portal-**arm**.
- For a raspberry pi use the arm binary if you are using armv7l architecture. If armv8 is used, the arm64 version should work.
- Make sure that the paths to the binary and the working directory are set correctly (defaults to /opt/wg-portal/wg-portal-amd64):
- ConditionPathExists
- WorkingDirectory
- ExecStart
- EnvironmentFile
- Update environment variables in the `wg-portal.env` file to fit your needs
- Link the system service file to the correct folder:
- `sudo ln -s /opt/wg-portal/wg-portal.service /etc/systemd/system/wg-portal.service`
- Reload the systemctl daemon:
- `sudo systemctl daemon-reload`
### Manage the service
Once the service has been setup, you can simply manage the service using `systemctl`:
- Enable on startup: `systemctl enable wg-portal.service`
- Start: `systemctl start wg-portal.service`
- Stop: `systemctl stop wg-portal.service`
- Status: `systemctl status wg-portal.service`

View File

@ -34,7 +34,7 @@ will only be available in combination with LDAP.
### Docker
The easiest way to run WireGuard Portal is using the provided docker image.
Docker compose snippet, used for demo server
Docker compose snippet with sample values:
```
version: '3.6'
services:
@ -77,6 +77,7 @@ make
```
The compiled binary and all necessary assets will be located in the dist folder.
A detailed description for using this software with a raspberry pi can be found in the [README-RASPBERRYPI.md](README-RASPBERRYPI.md).
## What is out of scope

View File

@ -91,7 +91,7 @@
<button type="submit" class="btn btn-primary">Save</button>
<a href="/admin" class="btn btn-secondary">Cancel</a>
<a href="/admin/applyglobals" class="btn btn-dark float-right">Apply Allowed IP's to clients</a>
<a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Allowed IP's to clients</a>
</form>
</div>
{{template "prt_footer.html" .}}

View File

@ -100,7 +100,7 @@
<th class="column-top" width="280" style="font-size:0pt; line-height:0pt; padding:0; margin:0; font-weight:normal; vertical-align:top;">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
{{if not .Client.LdapUser}}
{{if .Client.LdapUser}}
<td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello {{.Client.LdapUser.Firstname}} {{.Client.LdapUser.Lastname}}</td>
{{else}}
<td class="h4 pb20" style="color:#000000; font-family:'Muli', Arial,sans-serif; font-size:20px; line-height:28px; text-align:left; padding-bottom:20px;">Hello</td>

View File

@ -73,6 +73,15 @@ func (s *Server) PostAdminEditInterface(c *gin.Context) {
return
}
// Update WireGuard config file
err = s.WriteWireGuardConfigFile()
if err != nil {
_ = s.updateFormInSession(c, formDevice)
s.setFlashMessage(c, "Failed to update wireguard config-file: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit?formerr=update")
return
}
s.setFlashMessage(c, "Changes applied successfully!", "success")
s.setFlashMessage(c, "WireGuard must be restarted to apply ip changes.", "warning")
c.Redirect(http.StatusSeeOther, "/admin/device/edit")

6
scripts/wg-portal.env Normal file
View File

@ -0,0 +1,6 @@
LISTENING_ADDRESS=:8080
EXTERNAL_URL=https://vpn.company.com
WEBSITE_TITLE=WireGuard VPN
COMPANY_NAME=Your Company Name
ADMIN_USER=admin
ADMIN_PASS=supersecret

19
scripts/wg-portal.service Normal file
View File

@ -0,0 +1,19 @@
[Unit]
Description=WireGuard Portal
ConditionPathExists=/opt/wg-portal/wg-portal-amd64
After=network.target
[Service]
Type=simple
User=root
Group=root
Restart=on-failure
RestartSec=10
WorkingDirectory=/opt/wg-portal
ExecStart=/opt/wg-portal/wg-portal-amd64
EnvironmentFile=/opt/wg-portal/wg-portal.env
[Install]
WantedBy=multi-user.target