search

ngoduykhanh / wireguard-ui

Wireguard web interface
MIT License
3.81k stars 467 forks source link

wireguard-ui doesn't read config #65

Closed coolnickname closed 3 years ago

coolnickname commented 3 years ago

I just installed wireguard-ui on top of my existing wireguard installation and think I have it set up correctly. My config file is in /etc/wireguard/wg0.conf. I used the demo docker-compose file from this repo which should link the config to the image.

However when I load the UI it doesn't show my clients and the settings do not match those of my wireguard install.

Please let me know what I'm doing wrong.

kking124 commented 3 years ago

You are not doing anything wrong; it does not read wg0.conf files, it only writes them.

coolnickname commented 3 years ago

Oh, thanks! I guess it must store a shadow config somewhere in a different format then? Could I manually convert my Wireguard configuration into that file?

kking124 commented 3 years ago

EDIT: I realized I didn't answer the question specifically.

You could overwrite the existing /app/db folder on container creation (when you ran the reference docker-compose.yaml it created and mounted a folder ./db at the point of your wireguard-ui install). If, instead of mounting an empty folder, you supplied files in that folder to the docker-compose, it would use those files instead. In fact, you could docker-compose down edit the files that got saved in the db folder and then docker-compose up again and it would mount that supplied configuration instead.

file structure for wireguard-ui

./docker-compose.yaml
./db
    /clients
        /<client1>.json
        /<client2>.json
        ....
    /server
        /global_settings.json
        /interfaces.json
        /keypair.json
        /users.json

Client data is stored in the /app/db/clients folder and the server config is in the /app/db/server folder in the container

wireguard@wireguard:~$ sudo docker exec -it wireguard-ui ls -lac /app/db/server
total 24
drwxr-xr-x    2 root     root          4096 Jun  1 13:23 .
drwxr-xr-x    4 root     root          4096 Jun  1 05:25 ..
-rw-r--r--    1 root     root           221 Jun  1 13:22 global_settings.json
-rw-r--r--    1 root     root           400 Jun  1 13:23 interfaces.json
-rw-r--r--    1 root     root           177 Jun  1 05:25 keypair.json
-rw-r--r--    1 root     root            46 Jun  1 05:25 users.json
wireguard@wireguard:~$ sudo docker exec -it wireguard-ui ls -lac /app/db/clients
total 12
drwxr-xr-x    2 root     root          4096 Jun  1 13:23 .
drwxr-xr-x    4 root     root          4096 Jun  1 05:25 ..
-rw-r--r--    1 root     root           484 Jun  1 13:23 c2r39rt24nqmc2un4sq0.json

example client.json

{
        "id": "XXXXXXXXXXXXXXXXXXXX", //note this ID matches the name of the file
        "private_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "public_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "preshared_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "name": "kking124",
        "email": "email@example.com",
        "allocated_ips": [
                "10.13.13.1/32"
        ],
        "allowed_ips": [
                "192.168.1.0/24"
        ],
        "enabled": true,
        "created_at": "2021-06-01T13:23:59.187801043Z",
        "updated_at": "2021-06-01T13:23:59.187801043Z"

example global_settings.json (general settings to pinpoint the server wg0.conf and configure client peers)

{
        "endpoint_address": "0.0.0.0", //could be an FQDN if you have one
        "dns_servers": [
                "10.13.13.1"
        ],
        "mtu": "1450",
        "persistent_keepalive": "15",
        "config_file_path": "/etc/wireguard/wg0.conf",
        "updated_at": "2021-06-01T13:22:40.070206188Z"
}

example interfaces.json (the interface settings in the wg0.conf and the address space for the client peers)

{
        "addresses": [
                "10.13.13.0/24"
        ],
        "listen_port": "51820",
        "updated_at": "2021-06-01T13:23:24.968720788Z",
        "post_up": "iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE",
        "post_down": "iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE"
}

example keypair.json (this is the key pair for the server interface)

{
        "private_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "public_key": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "updated_at": "2021-06-01T05:25:07.86299407Z"
}

To apply the changes from wireguard-ui to your wireguard instance, use the Apply Config button in the top right corner. This will update the server's wg0.conf with new server configuration and/or register newly created peers. You'll still need to trigger a wireguard service restart after the config is applied.

coolnickname commented 3 years ago

Wow, thanks so much for the detailed explanation! I got it all up and running now.

Adrianmoder commented 3 months ago

omg this worked for me too thank you so much