WGDashboard ist ein weiters Webinterface, um die Einrichtung von WireGuard und Verwaltung der Clients zu vereinfachen.
Gute Alternative für das, leider nicht mehr weiterentwickelte, wg-dashboard. (mein Artikel dazu)
Installiert wird auf einem Raspberry Pi 3 Model B mit einem frischen Raspberry Pi OS Lite. (Image: 28.01.2022, 32-bit, Kernel 5.10, Debian 11 bullseye)
WGDashboard installieren
Benötigten Pakete installieren.
apt install -y git iptables python3-pip libopenjp2-7 wireguard-tools
WGDashboard installieren.
cd /opt git clone -b v3.0.5 https://github.com/donaldzou/WGDashboard.git wgdashboard cd wgdashboard/src ./wgd.sh install ------------------------------------------------------------ | Starting to install WGDashboard | | Upgrading pip | | Installing latest Python dependencies | | WGDashboard installed successfully! | | Enter ./wgd.sh start to start the dashboard | ------------------------------------------------------------
Systemd Startskript /etc/systemd/system/wgdashboard.service erstellen.
[Unit] After=syslog.target network-online.target ConditionPathIsDirectory=/etc/wireguard [Service] WorkingDirectory=/opt/wgdashboard/src ExecStart=/usr/bin/python3 /opt/wgdashboard/src/dashboard.py PrivateTmp=yes Restart=always [Install] WantedBy=multi-user.target
Dienste beim booten aktivieren.
systemctl enable wg-quick@wg0.service systemctl enable wgdashboard.service
IP forwarding aktivieren.
sysctl -w net.ipv4.ip_forward=1 echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
WireGuard /etc/wireguard/wg0.conf erstellen.
# privatekey erstellen und in die wg0.conf einfügen wg genkey 6Fh5foC38RcvH9HB+6bzVdl3LXva0OEntSOsYuUO5mE= # wg0.conf [Interface] Address = 10.10.10.1/24 SaveConfig = true ListenPort = 51820 PrivateKey = 6Fh5foC38RcvH9HB+6bzVdl3LXva0OEntSOsYuUO5mE= PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Dienste starten.
systemctl start wg-quick@wg0.service systemctl start wgdashboard.service
Dienste überprüfen.
### WireGuard
systemctl status wg-quick@wg0.service
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
Active: active (exited) since Sat 2022-02-12 20:57:50 CET; 5s ago
Docs: man:wg-quick(8)
man:wg(8)
https://www.wireguard.com/
https://www.wireguard.com/quickstart/
https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
Process: 2873 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
Main PID: 2873 (code=exited, status=0/SUCCESS)
CPU: 194ms
Feb 12 20:57:49 rpi systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Feb 12 20:57:49 rpi wg-quick[2873]: [#] ip link add wg0 type wireguard
Feb 12 20:57:49 rpi wg-quick[2873]: [#] wg setconf wg0 /dev/fd/63
Feb 12 20:57:49 rpi wg-quick[2873]: [#] ip -4 address add 10.10.10.1/24 dev wg0
Feb 12 20:57:49 rpi wg-quick[2873]: [#] ip link set mtu 1420 up dev wg0
Feb 12 20:57:49 rpi wg-quick[2873]: [#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Feb 12 20:57:50 rpi systemd[1]: Finished WireGuard via wg-quick(8) for wg0.
### WGDashboard
systemctl status wgdashboard.service
● wgdashboard.service
Loaded: loaded (/etc/systemd/system/wgdashboard.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-02-12 20:58:08 CET; 7s ago
Main PID: 2929 (python3)
Tasks: 1 (limit: 1597)
CPU: 1.537s
CGroup: /system.slice/wgdashboard.service
└─2929 /usr/bin/python3 /opt/wgdashboard/src/dashboard.py
Feb 12 20:58:08 rpi systemd[1]: Started wgdashboard.service.
Feb 12 20:58:10 rpi python3[2929]: * Serving Flask app 'WGDashboard' (lazy loading)
Feb 12 20:58:10 rpi python3[2929]: * Environment: production
Feb 12 20:58:10 rpi python3[2929]: WARNING: This is a development server. Do not use it in a production deployment.
Feb 12 20:58:10 rpi python3[2929]: Use a production WSGI server instead.
Feb 12 20:58:10 rpi python3[2929]: * Debug mode: off
Feb 12 20:58:10 rpi python3[2929]: * Running on all addresses.
Feb 12 20:58:10 rpi python3[2929]: WARNING: This is a development server. Do not use it in a production deployment.
Feb 12 20:58:10 rpi python3[2929]: * Running on http://192.168.50.176:10086/ (Press CTRL+C to quit)
Sollte der WGDashboard Service nicht starten, einfach mal wgd.sh start ausführen. Dann sieht man eher wo es klemmt.
cd /opt/wgdashboard/src ./wgd.sh start ------------------------------------------------------------ | Starting WGDashboard with Gunicorn in the background. | Failed to read config file: /opt/wgdashboard/src/gunicorn.conf.py Traceback (most recent call last): File "/usr/local/lib/python3.9/dist-packages/gunicorn/app/base.py", line 111, in get_config_from_filename
WGDashboard
Das Webinterface sollte jetzt unter http://raspi-ip:10086 erreichbar sein. (username admin, password admin)
In den Settings die globalen Einstellungen anpassen, da diese beim anlegen der Peers übernommen werden.
Der Rest sollte selbsterklärend sein. Peers anlegen, etc.
WGDashboard updaten
Bisher noch nicht nötig gewesen, da es nichts zu updaten gibt. Sollte aber problemlos funktionieren.
systemctl stop wgdashboard.service cd /opt/wgdashboard/src ./wgd.sh update ------------------------------------------------------------ | Are you sure you want to update to the v3.0.5? (Y/N): Y | Shutting down WGDashboard... | Downloading v3.0.5 from GitHub... | Upgrading pip | Installing latest Python dependencies | Update Successfully! ------------------------------------------------------------ systemctl start wgdashboard.service
WGDashboard mods
Mich stört der sich bewegende Text beim Mouseover im linken Menü. Lässt sich natürlich ändern.
# /opt/wgdashboard/src/static/css/dashboard.css (Zeile 54)
.nav-link:hover {
/* padding-left: 30px; */
background-color: #dfdfdf;
}