Skip to content

Commit

Permalink
Add WireGuard persistent keepalive (#56)
Browse files Browse the repository at this point in the history 
* Add WireGuard persistent keepalive

* Update readme to include WireGuard persistent keepalive
  • Loading branch information
@xterm-inator
xterm-inator authored Dec 16, 2024
1 parent efcfb09 commit 99c4c29
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 21 deletions.
40 changes: 20 additions & 20 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,9 @@

MikroGuard is a robust web-based management tool designed to streamline the handling of WireGuard VPN clients on MikroTik routers. It simplifies user addition, access revocation, and provides a real-time view of connection statistics.

| Login | Users | Connection |
| --- | --- | --- |
![login](https://github.com/xterm-inator/MikroGuard/assets/7698065/3ea6b5b0-b9ca-4b1b-a546-955724d5bedf) | ![user](https://github.com/xterm-inator/MikroGuard/assets/7698065/4864029e-c176-4577-96f1-20bf3e982b53) | ![connection](https://github.com/xterm-inator/MikroGuard/assets/7698065/1f44b3b7-f4c6-4bd1-819a-b1e19fdf619c)

| Login | Users | Connection |
|----------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------|
| ![login](https://github.com/xterm-inator/MikroGuard/assets/7698065/3ea6b5b0-b9ca-4b1b-a546-955724d5bedf) | ![user](https://github.com/xterm-inator/MikroGuard/assets/7698065/4864029e-c176-4577-96f1-20bf3e982b53) | ![connection](https://github.com/xterm-inator/MikroGuard/assets/7698065/1f44b3b7-f4c6-4bd1-819a-b1e19fdf619c) |

## Table of Contents
- [Features](#features)
Expand Down Expand Up @@ -141,22 +140,23 @@ services:
**Environment Varibles**:
This is a list of the most useful environment variables. To find all available look in api/config files
| Variable | Description | Default |
| --- | --- | --- |
| APP_KEY* | App key used mainly for encryption, set using [this generator](https://generate-random.org/laravel-key-generator) | |
| APP_URL* | The url this instance will be accessed from, can be localhost, an IP address or a domain eg. http://localhost:8000 | http://localhost:8000 |
| GOOGLE_CLIENT_ID | Google OAuth Client ID (Only required if using google auth) | |
| GOOGLE_CLIENT_SECRET | Google OAuth Client Secret (Only required if using google auth) | |
| GOOGLE_REDIRECT_URL | Google OAuth Redirect Url, eg. https://my.public.address/api/auth/oauth/google/callback (Only required if using google auth) | |
| ROUTEROS_HOST* | IP address of your MikroTik router | |
| ROUTEROS_PORT* | API port to access the router | |
| ROUTEROS_USER* | User to log into the router | |
| ROUTEROS_PASS* | Password to use to log into the router | |
| ROUTEROS_WIREGUARD_INTERFACE* | WireGuard interface name, must match the wireguard interface name created on the MikroTik router eg. wireguard Road Warrior | |
| ROUTEROS_WIREGUARD_ENDPOINT* | Your public IP clients use to connect to your WireGurad server on your MikroTik Router including the port eg. 123.123.123.123:12345 | |
| ROUTEROS_WIREGUARD_SERVER_NAME | Default server name given to clients, can be anything | WireGuard Server |
| ROUTEROS_WIREGUARD_DNS | Client DNS server to use | 1.1.1.1 |
| ROUTEROS_WIREGUARD_ALLOWED_IPS | Client IPs to forward, Defaults to everything | 0.0.0.0/0 |
| Variable | Description | Default |
|-----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------|-----------------------|
| APP_KEY* | App key used mainly for encryption, set using [this generator](https://generate-random.org/laravel-key-generator) | |
| APP_URL* | The url this instance will be accessed from, can be localhost, an IP address or a domain eg. http://localhost:8000 | http://localhost:8000 |
| GOOGLE_CLIENT_ID | Google OAuth Client ID (Only required if using google auth) | |
| GOOGLE_CLIENT_SECRET | Google OAuth Client Secret (Only required if using google auth) | |
| GOOGLE_REDIRECT_URL | Google OAuth Redirect Url, eg. https://my.public.address/api/auth/oauth/google/callback (Only required if using google auth) | |
| ROUTEROS_HOST* | IP address of your MikroTik router | |
| ROUTEROS_PORT* | API port to access the router | |
| ROUTEROS_USER* | User to log into the router | |
| ROUTEROS_PASS* | Password to use to log into the router | |
| ROUTEROS_WIREGUARD_INTERFACE* | WireGuard interface name, must match the wireguard interface name created on the MikroTik router eg. wireguard Road Warrior | |
| ROUTEROS_WIREGUARD_ENDPOINT* | Your public IP clients use to connect to your WireGurad server on your MikroTik Router including the port eg. 123.123.123.123:12345 | |
| ROUTEROS_WIREGUARD_SERVER_NAME | Default server name given to clients, can be anything | WireGuard Server |
| ROUTEROS_WIREGUARD_DNS | Client DNS server to use | 1.1.1.1 |
| ROUTEROS_WIREGUARD_ALLOWED_IPS | Client IPs to forward, Defaults to everything | 0.0.0.0/0 |
| ROUTEROS_WIREGUARD_PERSISTENT_KEEPALIVE | WireGuard Persistent Keepalive | |
*Required
Expand Down
1 change: 1 addition & 0 deletions api/app/Http/Resources/Config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ public function toArray($request)
'peer_private_key' => $this->peer_private_key,
'peer_public_key' => $this->peer_public_key,
'peer_preshared_key' => $this->peer_preshared_key,
'peer_persistent_keepalive' => $this->when(config('services.wireguard.persistent_keepalive'), config('services.wireguard.persistent_keepalive')),
'server_name' => $this->server_name,
'server_public_key' => $this->server_public_key,
'endpoint' => $this->endpoint,
Expand Down
4 changes: 4 additions & 0 deletions api/app/RouterOS/WireGuard.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,10 @@ public static function createPeer(Peer $peer): void
->equal('preshared-key', $peer->presharedKey)
->equal($useName ? 'name' : 'comment', $peer->name);

if (config('services.wireguard.persistent_keepalive')) {
$query->equal('persistent-keepalive', config('services.wireguard.persistent_keepalive'));
}

$routerOS->client->query($query)->read();
}

Expand Down
3 changes: 2 additions & 1 deletion api/config/services.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@
'endpoint' => env('ROUTEROS_WIREGUARD_ENDPOINT'),
'server_name' => env('ROUTEROS_WIREGUARD_SERVER_NAME', 'WireGuard Server'),
'dns' => env('ROUTEROS_WIREGUARD_DNS', '1.1.1.1'),
'allowed_ips' => env('ROUTEROS_WIREGUARD_ALLOWED_IPS', '0.0.0.0/0')
'allowed_ips' => env('ROUTEROS_WIREGUARD_ALLOWED_IPS', '0.0.0.0/0'),
'persistent_keepalive' => env('ROUTEROS_WIREGUARD_PERSISTENT_KEEPALIVE'),
]

];
1 change: 1 addition & 0 deletions frontend/src/stores/config.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ export interface Config {
peer_private_key: string
peer_public_key: string
peer_preshared_key: string
peer_persistent_keepalive?: number
server_name: string
server_public_key: string
endpoint: string
Expand Down
1 change: 1 addition & 0 deletions frontend/src/utils/config-string-generator.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ PresharedKey=${config.peer_preshared_key}
PublicKey=${config.server_public_key}
Endpoint=${config.endpoint}
AllowedIPs=${config.allowed_ips}
${config.peer_persistent_keepalive ? `PersistentKeepalive=${config.peer_persistent_keepalive}` : ''}
`
}

Expand Down

0 comments on commit 99c4c29

Please sign in to comment.