Merge remote-tracking branch 'pheiduck/main' into rebase-pheiduck

BanHammerYKT · Dec 21, 2023 · aa939d8 · aa939d8
2 parents 83ac4ff + 7198490
commit aa939d8
Show file tree

Hide file tree

Showing 29 changed files with 3,470 additions and 684 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,40 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: "15 0 * * *"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript-typescript' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@main
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@main
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@main
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@main
+      with:
+        category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/deploy-nightly.yml → .github/workflows/deploy-development.yml b/.github/workflows/deploy-nightly.yml → .github/workflows/deploy-development.yml
@@ -13,15 +13,15 @@ jobs:
       packages: write
       contents: read
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@main
       with:
         ref: production
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v1
+      uses: docker/setup-qemu-action@master
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v1
+      uses: docker/setup-buildx-action@master
 
     - name: Login to GitHub Container Registry
       uses: docker/login-action@v3
@@ -34,7 +34,7 @@ jobs:
       run: echo RELEASE=$(cat ./src/package.json | jq -r .release) >> $GITHUB_ENV
 
     - name: Build & Publish Docker Image
-      uses: docker/build-push-action@v5
+      uses: docker/build-push-action@master
       with:
         push: true
         platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8

diff --git a/.github/workflows/deploy.yml → .github/workflows/deploy-stable.yml b/.github/workflows/deploy.yml → .github/workflows/deploy-stable.yml
@@ -14,15 +14,15 @@ jobs:
       packages: write
       contents: read
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@main
       with:
         ref: production
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v1
+      uses: docker/setup-qemu-action@master
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v1
+      uses: docker/setup-buildx-action@master
 
     - name: Login to GitHub Container Registry
       uses: docker/login-action@v3
@@ -35,7 +35,7 @@ jobs:
       run: echo RELEASE=$(cat ./src/package.json | jq -r .release) >> $GITHUB_ENV
 
     - name: Build & Publish Docker Image
-      uses: docker/build-push-action@v5
+      uses: docker/build-push-action@master
       with:
         push: true
         platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64/v8

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -3,7 +3,7 @@ name: Lint
 on:
   push:
     branches:
-      - master
+      - main
       - production
   pull_request:
 
@@ -12,12 +12,21 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - name: Checkout repository
+        uses: actions/checkout@main
+      - name: Setup Node
+        uses: actions/setup-node@main
         with:
-          node-version: '18'
+          node-version: 'current'
+          check-latest: true
+          cache: 'npm'
+          cache-dependency-path: |
+            package-lock.json
+            src/package-lock.json
 
-      - run: |
+      - name: npm run lint
+        run: |
+          npm config set -g fund false
           cd src
           npm ci
           npm run lint
diff --git a/.github/workflows/npm-update-bot.yml b/.github/workflows/npm-update-bot.yml
@@ -0,0 +1,39 @@
+name: NPM Update Bot 🤖
+
+on:
+  push:
+    branches: [ "main" ]
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  npmupbot:
+    name: NPM Update Bot 🤖
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@main
+      - name: Setup Node
+        uses: actions/setup-node@main
+        with:
+          node-version: 'current'
+          check-latest: true
+          cache: 'npm'
+          cache-dependency-path: |
+            package-lock.json
+            src/package-lock.json
+
+      - name: Bot 🤖 "Updating NPM Packages..."
+        run: |
+          npm config set -g fund false
+          npm install -g --silent npm-check-updates
+          ncu -u
+          npm update
+          cd src
+          ncu -u
+          npm update
+          git config --global user.name 'NPM Update Bot'
+          git config --global user.email '[email protected]'
+          git add .
+          git commit -am "npm: package updates" || true
+          git push || true
diff --git a/Dockerfile b/Dockerfile
@@ -1,13 +1,24 @@
+# There's an issue with node:20-alpine.
+# Docker deployment is canceled after 25< minutes.
+
 FROM docker.io/library/node:18-alpine AS build_node_modules
 
+# Hide fund and update-notifier message
+RUN npm config set -g fund false &&\
+    npm config set -g update-notifier false
+
 # Copy Web UI
 COPY src/ /app/
 WORKDIR /app
-RUN npm ci --production
-
+RUN npm ci
 # Copy build result to a new image.
 # This saves a lot of disk space.
 FROM docker.io/library/node:18-alpine
+
+# Hide fund and update-notifier message
+RUN npm config set -g fund false &&\
+    npm config set -g update-notifier false
+
 COPY --from=build_node_modules /app /app
 
 # Move node_modules one directory up, so during development
@@ -21,9 +32,9 @@ RUN mv /app/node_modules /node_modules
 
 # Install Linux packages
 RUN apk add -U --no-cache \
-  iptables \
-  wireguard-tools \
-  dumb-init
+    iptables \
+    wireguard-tools \
+    dumb-init
 
 # Expose Ports
 EXPOSE 51820/udp

diff --git a/README.md b/README.md
@@ -22,6 +22,8 @@ You have found the easiest way to install & manage WireGuard on any Linux host!
 * Statistics for which clients are connected.
 * Tx/Rx charts for each connected client.
 * Gravatar support.
+* Toggleable Light / Dark Mode
+* Sessionless HTTP API authentication
 
 ## Requirements
 
@@ -72,14 +74,16 @@ The Web UI will now be available on `http://0.0.0.0:51821`.
 
 ### 3. Sponsor
 
-Are you enjoying this project? [Buy me a beer!](https://github.com/sponsors/WeeJeWel) 🍻
+Are you enjoying this project? [Buy WeeJeWel a beer!](https://github.com/sponsors/WeeJeWel) 🍻
 
 ## Options
 
 These options can be configured by setting environment variables using `-e KEY="VALUE"` in the `docker run` command.
 
 | Env | Default | Example | Description |
 | - | - | - | - |
+| `PORT` | `51821` | `6789` | TCP port for Web UI. |
+| `WEBUI_HOST` | `0.0.0.0` | `localhost` | IP address web UI binds to. |
 | `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. |
 | `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server. |
 | `WG_DEVICE` | `eth0` | `ens6f0` | Ethernet device the wireguard traffic should be forwarded through. |

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,4 +1,7 @@
 version: "3.8"
+volumes:
+  etc_wireguard:
+
 services:
   wg-easy:
     environment:
@@ -13,6 +16,7 @@ services:
       # - WG_DEFAULT_DNS=1.1.1.1
       # - WG_MTU=1420
       # - WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
+      # - WG_PERSISTENT_KEEPALIVE=25
       # - WG_PRE_UP=echo "Pre Up" > /etc/wireguard/pre-up.txt
       # - WG_POST_UP=echo "Post Up" > /etc/wireguard/post-up.txt
       # - WG_PRE_DOWN=echo "Pre Down" > /etc/wireguard/pre-down.txt
@@ -21,7 +25,7 @@ services:
     image: ghcr.io/wg-easy/wg-easy
     container_name: wg-easy
     volumes:
-      - .:/etc/wireguard
+      - etc_wireguard:/etc/wireguard
     ports:
       - "51820:51820/udp"
       - "51821:51821/tcp"

diff --git a/docs/changelog.json b/docs/changelog.json
@@ -7,4 +7,4 @@
   "6": "Many small performance improvements & bug fixes. Enjoy!",
   "7": "Improved the look & performance of the upload/download chart.",
   "8": "Updated to Node.js v18."
-}
+}
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,5 +1,5 @@
 {
-  "version": "1.0.0",
+  "version": "1.0.3",
   "scripts": {
     "build": "DOCKER_BUILDKIT=1 docker build --tag wg-easy .",
     "serve": "docker-compose -f docker-compose.yml -f docker-compose.dev.yml up",

diff --git a/src/config.js b/src/config.js
@@ -4,12 +4,13 @@ const { release } = require('./package.json');
 
 module.exports.RELEASE = release;
 module.exports.PORT = process.env.PORT || 51821;
+module.exports.WEBUI_HOST = process.env.WEBUI_HOST || '0.0.0.0';
 module.exports.PASSWORD = process.env.PASSWORD;
 module.exports.WG_PATH = process.env.WG_PATH || '/etc/wireguard/';
 module.exports.WG_DEVICE = process.env.WG_DEVICE || 'eth0';
 module.exports.WG_HOST = process.env.WG_HOST;
 module.exports.WG_PORT = process.env.WG_PORT || 51820;
-module.exports.WG_MTU = process.env.WG_MTU || null;
+module.exports.WG_MTU = process.env.WG_MTU || 1420;
 module.exports.WG_PERSISTENT_KEEPALIVE = process.env.WG_PERSISTENT_KEEPALIVE || 0;
 module.exports.WG_DEFAULT_ADDRESS = process.env.WG_DEFAULT_ADDRESS || '10.8.0.x';
 module.exports.WG_DEFAULT_DNS = typeof process.env.WG_DEFAULT_DNS === 'string'