Wiregate

"WireGate: Secure Intranet Deployment with WireGuard, Docker, and Enhanced Network Controls"

MIT License

Stars
217
Committers
3
View Code on GitHub
Ecosystems: Docker, Python, Pi-hole

Bot releases are hidden (Show)

Wiregate - WG 0.1.6-beta-spore-prerelease Latest Release

Published by NOXCIS 10 months ago

  • Overhauled Installer
    -switched to checkbox selector menu
    +Added Darkwire.io option
Wiregate - WG 0.1.5

Published by NOXCIS 10 months ago

  • Updated UI (Thanks D.Zou @ WG-Dashboard & Contributors)
    + Dark Mode 🌗
    + Data Usage Graph 📈
  • Switched to Docker volumes for Wiregate relevant data
  • Added Nginx to serve Uwsgi
  • Nginx & Uwsgi config optimization for WG-Dashboard
  • Master Peer Named in Admin Zone
  • Zone Iptable rules now accesible in the wg_iptables: volume
  • Flask Key Rotates on Container Restarts and 4000+ charters long
  • Persists Peer Data across container updates & restarts
  • Arm 32bit builds are back (25s builds 😃)
  • Docker Image Performance Improvements & Size reduction
  • Fixed Installer
  • Added Auto Swap file for potato deployments 🥔 IE. 512 MB RAM, 1 core Linux VPS)
  • No Ipv6, increases attack surface.
  • Removed API button from Channels (Help Needed to Implement a few Ideas)
  • Renamed Channels to WireChat & changed local URL to http://wire.chat
  • Wiregate can be deployed in a standalone config for easy combination in other docker stacks -
wiregate:
image: noxcis/wg-dashboard:kraken #the latest release build tag has auto daily builds for CVE mitigation
container_name: wiregate
cap_add:
	- NET_ADMIN
	- SYS_MODULE
restart: unless-stopped
volumes:
	- wg_configs:/etc/wireguard
	- wg_data:/home/app/dashboard-config
	- wg_db:/home/app/db
	- wg_iptables:/home/app/Iptables
	- ./Master-Key:/home/app/master-key
environment:
	- WG_DASH_USER=admin
	- WG_DASH_PASS=admin
	- WG_DASH_SERVER_IP=0.0.0.0
	- WG_DASH_DNS=1.1.1.1, 1.0.0.1
	- WG_DASH_PEER_ENDPOINT_ALLOWED_IP=0.0.0.0/0
	- WG_DASH_KEEP_ALIVE=21
	- WG_DASH_MTU=1420
	- WG_DASH_PORT_RANGE_STARTPORT=443
ports:
	- "443-446:443-446/udp" # WireGuard Listen Ports
	#- 8000:80/tcp  #Uncomment to expose Wiregate dashboard to the open internet
sysctls:
	- net.ipv4.ip_forward=1
	- net.ipv4.conf.all.src_valid_mark=1

volumes:
	wg_data:
	wg_configs:
	wg_db:
	wg_iptables:
	
	````

## What's Changed
* Kraken by @NOXCIS in https://github.com/NOXCIS/Wiregate/pull/32


**Full Changelog**: https://github.com/NOXCIS/Wiregate/compare/cetus...kraken
Wiregate - WG 0.1.4

Published by NOXCIS 11 months ago

  • Minor Release

What's Changed

Full Changelog: https://github.com/NOXCIS/Wiregate/compare/mantis-shrimp...cetus

Wiregate - WG 0.1.3

Published by NOXCIS 11 months ago

  • Added iptables Rules for Wireguard Interfaces
  • Added Client Network Access Permission Zones
  • Improved Setup Script
  • Improved Folder Structure
  • Improved Security Policy
  • Removed ability to set number of interfaces
  • increased Logging output for WG-Dash container for debugging
  • Wireguard Dashboard Hardening
  • Docker Network Hardening

What's Changed

Full Changelog: https://github.com/NOXCIS/Wiregate/compare/marlin...mantis-shrimp

Wiregate - WG 0.1.2

Published by NOXCIS 11 months ago

  • Changed Name to Wiregate
  • Debian Installer Support
  • Dashboard Hardening
  • uWSGI no longer using root
  • Install Script improvements
  • Fixed Channels CVE's
  • Enjoinment Variables self Destruct
  • Bash History Self Destruct
  • Fixed Auto Prereq's check and install

What's Changed

Full Changelog: https://github.com/NOXCIS/Wiregate/compare/orca...marlin

Wiregate - WH 0.1.1

Published by NOXCIS 12 months ago

  • Improved Installer
  • Fixed uWSGI on WG-Dash
  • WG-Dash User & Pass now set from installer
  • switched from sha256 to blowfish for WG-Dash

What's Changed

Full Changelog: https://github.com/NOXCIS/Worm-Hole/compare/hammerhead...orca

Wiregate - WH 0.1.0

Published by NOXCIS 12 months ago

  • Added AdGuard Install Option
  • Improved Reset Functions
  • Improved Install Script
Wiregate - WH 0.0.9

Published by NOXCIS 12 months ago

  • Fixed Docker Image CVE's
  • Added Preset Environment Files and option in installer
  • Improved Installer
  • Fixed WireGuard Config permissions
  • Master Key Encryption
  • Added Channels messenger for Secure Private LAN based Compunction
  • Improved Folder Structure
  • Improved Unbound Configuration
  • Removed Unbound Conditional Forwarding
  • Updated Readme
Wiregate - WH 0.0.8

Published by NOXCIS 12 months ago

What's Changed

  • Added Multi Architecture Support
  • No Port Exposure
  • Dashboard Access via WireGuard Connection Only
  • Improved Install Script
  • Auto Generate Client Config
  • Improved Setup Instructions
  • Added local domains for Pihole & WireGuard Dashboards
  • Added WireGuard Reset Option

Full Changelog: https://github.com/NOXCIS/Worm-Hole/compare/stingray...squid

Wiregate - WH 0.0.9

Published by NOXCIS about 1 year ago

  • Fixed Docker Image CVE's
  • Added Preset Environment Files and option in installer
  • Improved Installer
  • Fixed WireGuard Config permissions
  • Master Key Encryption
  • Added Channels messenger for Secure Private LAN based Compunction
  • Improved Folder Structure
  • Improved Unbound Configuration
  • Removed Unbound Conditional Forwarding
  • Updated Readme

What's Changed

Full Changelog: https://github.com/NOXCIS/Worm-Hole/compare/squid-multi-arch...moray

Wiregate - WH 0.0.8

Published by NOXCIS about 1 year ago

What's Changed

Full Changelog: https://github.com/NOXCIS/Worm-Hole/compare/hammerhead...ocean-gate

Wiregate - WH 0.0.7

Published by NOXCIS over 1 year ago

  • Removed Exposed ports from WG Dashboard Dockerfile.
  • Updated WG Dashboad image to use Alpine Linux instead of Ubuntu.
  • Updated WG Dashboad image to use Uwsgi instead of Gunicorn.
  • Removed WG Dashboard volume mount (unnecessary).
  • Fixed world accessible WireGuard server config files.
  • Improvements to WG Dashboard startup script logic (wgd.sh)
  • Improvements to WG Dashboard entrypoint script logic (entrypoint.sh)
  • Improvements to installation script.
  • Improved nginx.conf
Wiregate - WH 0.0.6

Published by NOXCIS over 1 year ago

+multi interface config fixed
+interface config now auto start

Wiregate - WH 0.0.5

Published by NOXCIS over 1 year ago

  • Added custom unbound config
  • Improved installation script.
  • Updated WG-Dash docker image (no longer resets on server restart)
Wiregate - WH 0.0.4

Published by NOXCIS over 1 year ago

  • nginx

    • Dashboard redirect page now on localhost:80

  • firwallD

    • Auto Setup via setup script.
    • Added firewall rules to only allow 80,443 on public zone and 10086, 51820/udp on docker zone.

  • Portainer

    • Unexposed ports 9000 & 8000.
    • Only accessible through tunnel connection @ 10.2.0.5:9000.

  • Setup script improvements

    • Removed redundant commands
    • Added better descriptors
    • Reduced verbosity
    • Added headless setup script for faster deployment.
Wiregate - WH 0.0.3

Published by NOXCIS over 1 year ago

Working Beta

  • added Readme
  • cleaned folder structure
Wiregate - WH 0.0.2

Published by NOXCIS over 1 year ago

Working Beta

  • fixed unbound
Wiregate - WH 0.0.1

Published by NOXCIS over 1 year ago

working beta

Full Changelog: https://github.com/NOXCIS/Worm-Hole/commits/beta

Related Projects
WireGuard-Config-Generator

Generate WireGuard tunnel configs

25 Sep 2022 9