public_git
/
wg-portal
mirror of https://github.com/h44z/wg-portal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
454 Commits 27 Branches 50 Tags 32 MiB
Commit Graph

230 Commits

Author SHA1 Message Date
Christoph Haas 4104fcc1d6
allow setting the DisplayName property for newly provisioned peers (#507) 2025-09-03 19:12:58 +02:00
h44z 99df4ca3cd
ensure hooks run after restart (#494) (#497) 2025-08-12 21:47:04 +02:00
h44z 9884d8c002
fix migration tool (#495) (#496) 2025-08-11 19:05:33 +02:00
h44z 112f6bfb77
Mikrotik integration (#467) 
Allow MikroTik routes as WireGuard backends
 2025-08-10 14:42:02 +02:00
Christoph Haas a86f83a219
ensure that deleted peers are restored once the interface is re-enabled 2025-08-10 14:18:43 +02:00
Christoph Haas c20f17cddf
fix multi-peer generation, fix prefix handling (#491) 2025-08-09 15:55:29 +02:00
Marcin Woźniak 3f76aa416f
chore(logs): added more debug logs and reformated those files using gofmt (#490) 2025-07-27 23:32:34 +02:00
Christoph Haas 1794b8653a
add retry handling for auth provider setup (#484) 2025-07-19 23:29:05 +02:00
h44z f286840964
fix oauth domain check (#474) (#476) 2025-06-29 20:00:15 +02:00
h44z edb88b5768
new webhook models (#444) (#471) 
warning: existing webhook receivers need to be adapted to the new models
 2025-06-29 19:49:01 +02:00
h44z 588bbca141
only execute interface hooks if the state has changed (#469) (#472) 2025-06-29 19:48:46 +02:00
h44z f08740991b
support for raw-wireguard and wg-quick style peer configurations (#441) (#473) 2025-06-29 19:47:53 +02:00
h44z dd28a8dddf
allow to hide login form (#459) (#470) 
use the `hide_login_form` parameter in the `auth` settings to configure this feature
 2025-06-27 13:50:38 +02:00
h44z be29abd29a
add webhook event for peer state change (#444) (#468) 
* add webhook event for peer state change (#444)

new event types: connect and disconnect

example payload:

```json
{
  "event": "connect",
  "entity": "peer",
  "identifier": "Fb5TaziAs1WrPBjC/MFbWsIelVXvi0hDKZ3YQM9wmU8=",
  "payload": {
    "PeerId": "Fb5TaziAs1WrPBjC/MFbWsIelVXvi0hDKZ3YQM9wmU8=",
    "IsConnected": true,
    "IsPingable": false,
    "LastPing": null,
    "BytesReceived": 1860,
    "BytesTransmitted": 10824,
    "LastHandshake": "2025-06-26T23:04:33.325216659+02:00",
    "Endpoint": "10.55.66.77:33874",
    "LastSessionStart": "2025-06-26T22:50:40.10221606+02:00"
  }
}
```

* add webhook docs (#444)
 2025-06-27 12:37:10 +02:00
h44z 94785c10ec
use website title in mail templates (#448) (#466) 
* use website title in mail templates (#448)

* change button font color to white (#448)
 2025-06-27 11:45:44 +02:00
S.J. Louw f0be66aea4
Option to limit peer count that a normal user can create (#457) 2025-06-26 20:17:45 +02:00
Christoph Haas e3b65ca337
improve logging of OAuth login issues, decrease auth-code exchange timeout (#451) 2025-06-10 17:51:45 +02:00
Christoph Haas 61d8aa6589
fix self-provisioned peer-generation (#452) 2025-06-08 11:17:04 +02:00
Christoph Haas 7fd2bbad02
Merge branch 'passkey_support' 2025-05-17 19:22:44 +02:00
Christoph Haas e9005b1b90
add minimum password length check 2025-05-16 09:55:35 +02:00
Christoph Haas 8816165260
fix duplicate creation of default peer (#437) 2025-05-15 17:59:00 +02:00
Christoph Haas ab9995350f
sanitize external_url, remove trailing slashes 2025-05-15 17:58:34 +02:00
Christoph Haas 1394be2341 add webauthn (passkey) support 2025-05-12 22:53:43 +02:00
Christoph Haas 6a96925be7 add API endpoints to prepare fresh interfaces and peers (#432) 2025-05-09 16:19:36 +02:00
Vladimir Dombrovski 3eb84f0ee9
Enable allowed_domains in oauth and oidc providers (#416) 
* Enable allowed_domains in oauth and oidc providers

Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>

* Domain check code cleanup

* Run gofmt on domain validation code

---------

Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>
 2025-05-05 18:26:19 +02:00
Christoph Haas b4aa6f8ef3 fix gorm error if no encryption is used (#427) 2025-05-04 17:42:13 +02:00
Christoph Haas 923d4a6188 docs: add reverse-proxy example, improve docker examples, fix slow_query_threshold documentation; feat: allow config.yml and config.yaml as configuration files 2025-05-03 22:21:56 +02:00
Christoph Haas b9c4ca04f5 allow to encrypt keys in db, add browser-only key generator, add hints that private keys are stored on the server (#420) 2025-05-02 18:48:35 +02:00
Christoph Haas b06c03ef8e fix missing error check (#419) 2025-05-01 19:12:19 +02:00
Vladimir Dombrovski 62f3c8d4a1
Implement EditableKeys parameter (#417) 
Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>
 2025-04-30 22:05:40 +02:00
Christoph 059234d416 never publish pointer payloads on message bus (#411) 2025-04-21 16:42:35 +02:00
Christoph e2966d32ea fix user creation (#411) 2025-04-21 15:29:53 +02:00
Christoph 9354a1d9d3 add simple webhook feature for peer, interface and user events (#398) 2025-04-19 21:29:26 +02:00
Christoph 6681dfa96f generate interface and peer configuration filenames in backend only (#395) 2025-04-19 13:12:31 +02:00
Christoph 37904f96fb run initial LDAP sync on startup (#407) 2025-04-19 12:12:45 +02:00
Christoph Haas b938bc8c4c fix: fix peer audit event 2025-03-30 23:16:10 +02:00
Christoph Haas 87bf5da5bd fix: fix session handling (remove IdleTimeout) 2025-03-30 23:14:49 +02:00
Christoph Haas 3723e4cc75 fix: fix csrf token handling after login 2025-03-29 17:21:54 +01:00
Christoph Haas 6cbccf6d43 feat: add simple audit ui 2025-03-29 16:42:31 +01:00
Christoph Haas 7d0da4e7ad chore: use interfaces for all other services 2025-03-23 23:09:47 +01:00
Christoph Haas 02ed7b19df chore: use interfaces for web related services 2025-03-09 21:48:38 +01:00
Christoph Haas 678b6c6456 Merge branch 'master' into chore-code-cleanup 
# Conflicts:
#	go.mod
#	go.sum
 2025-03-09 21:17:47 +01:00
Christoph Haas 0206952182 chore: replace gin with standard lib net/http 2025-03-09 21:16:42 +01:00
klmmr 53bae9d194
config: validate mail configuration certificates by default (#388) 
Before this commit, the default was to not validate TLS certificates of
the SMTP server. This is perhaps a rather unexpected default and can be
considered insecure. This commit activates mail server TLS cert validation
by default.

This change might break some users' email configuration, if they did not
explicitly set the `mail.cert_validation` config variable. Nonetheless,
I think that the secure option should be the default option (e.g.,
to prevent man-in-the-middle attacks and breaching mail server login
credentials).

Signed-off-by: klmmr <35450576+klmmr@users.noreply.github.com>
 2025-03-05 19:20:57 +01:00
Christoph Haas 7473132932 chore: replace logrus with standard lib log/slog 2025-03-02 08:51:13 +01:00
Christoph Haas 5c51573874 chore: update to yaml v3 2025-02-28 16:15:22 +01:00
Christoph Haas fdb436b135 chore: get rid of static code warnings 2025-02-28 16:11:55 +01:00
Christoph Haas e24acfa57d chore: cleanup code formatting 2025-02-28 08:37:55 +01:00
Christoph Haas f7d7038829 chore: update to Go 1.24, improve oauth admin mapping tests 2025-02-27 22:32:11 +01:00
Christoph Haas 66ccdc29e9 fix qr-code generation for large configurations (#374) 2025-02-26 22:59:11 +01:00