2026-03-19 05:56:05 +00:00
# D3V Gateway — Reverse Proxy + WireGuard VPN
2026-03-07 13:49:44 +00:00
2026-03-19 05:56:05 +00:00
A lightweight all-in-one Docker deployment that combines reverse proxy management with SSL and **WireGuard VPN** in a single web interface.
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Features
2026-03-07 13:49:44 +00:00
2026-03-19 05:56:05 +00:00
### Gateway
2026-03-17 16:13:01 +00:00
- Reverse proxy management with SSL (Let's Encrypt)
- Proxy hosts, redirection hosts, streams, and 404 hosts
- Access control lists and audit logging
2026-03-07 13:49:44 +00:00
### WireGuard VPN Manager
2026-03-17 16:13:01 +00:00
- Create, enable, disable, and delete VPN clients
- QR code generation for mobile clients
- Download `.conf` configuration files
- Real-time client status (connected, idle, data transfer)
- Client expiration support
- Auto-sync WireGuard configs
- Client isolation (block inter-client traffic)
- Encrypted per-client file storage
### Forgejo Integration (optional)
- Self-hosted Git server on the same VPS
- Accessible only via domain through NPM proxy
- CI/CD via Forgejo Runner for automated Docker builds
2026-03-07 13:49:44 +00:00
2026-03-19 06:32:15 +00:00
### Blog Starter
- `blog-starter/` contains a ready-to-use Hugo + LoveIt starter
- includes a Forgejo Actions workflow that deploys generated files to `/opt/blog/public`
- intended to be used as the base of a separate blog repository
2026-03-19 07:38:22 +00:00
- `install.sh blog-deploy-info` prints the deploy user and the secret values needed by Forgejo Actions
2026-03-19 06:32:15 +00:00
2026-03-17 16:13:01 +00:00
---
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Quick Start
2026-03-07 13:49:44 +00:00
```bash
2026-03-19 05:56:05 +00:00
curl -sSL https://src.d3v.ac/d3v/D3V-Server/raw/branch/master/install.sh -o install.sh
2026-03-07 13:49:44 +00:00
chmod +x install.sh
sudo ./install.sh
```
2026-03-19 05:56:05 +00:00
**Main menu:**
- `1` Gateway
- `2` Blog
- `3` Forgejo
- `4` Status / Logs / Health Check
- `5` Exit
**Gateway submenu:**
- `1` Install Gateway
- `2` Uninstall Gateway
- `3` Uninstall Gateway + Docker (Purge)
2026-03-17 16:13:01 +00:00
- `4` Reset Admin Password
2026-03-19 05:56:05 +00:00
- `5` Update Gateway
2026-03-17 16:13:01 +00:00
- `6` Manage Custom Stream Ports
- `7` Toggle Admin Port 81 (Block/Unblock)
You can also run commands directly:
```bash
2026-03-19 05:56:05 +00:00
sudo ./install.sh {gateway|gateway-install|gateway-uninstall|gateway-purge|gateway-reset|gateway-update|manage-ports|toggle-port|blog|blog-install|blog-update|blog-uninstall|forgejo|runner-update|ops}
2026-03-17 16:13:01 +00:00
```
2026-03-07 13:49:44 +00:00
---
2026-03-17 16:13:01 +00:00
## Manual Docker Compose
2026-03-07 13:49:44 +00:00
```yaml
services:
2026-03-17 16:13:01 +00:00
d3v-npmwg:
2026-03-19 05:56:05 +00:00
image: src.d3v.ac/d3v/d3v-server:latest
2026-03-17 16:13:01 +00:00
container_name: d3v-npmwg
2026-03-07 13:49:44 +00:00
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
2026-03-08 08:13:32 +00:00
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
ports:
2026-03-17 16:13:01 +00:00
- "80:80"
- "81:81"
- "443:443"
- "51820-51830:51820-51830/udp"
2026-03-07 13:49:44 +00:00
volumes:
2026-03-17 16:13:01 +00:00
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
- ./wireguard:/etc/wireguard
2026-03-07 13:49:44 +00:00
environment:
2026-03-17 16:13:01 +00:00
WG_HOST: "your.server.ip" # REQUIRED
2026-03-07 13:49:44 +00:00
```
2026-03-17 16:13:01 +00:00
---
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Environment Variables
2026-03-07 13:49:44 +00:00
| Variable | Default | Description |
|----------|---------|-------------|
| `WG_HOST` | *(required)* | Public IP or domain of your server |
2026-03-17 16:13:01 +00:00
| `WG_ENABLED` | `true` | Enable/disable WireGuard |
2026-03-07 13:49:44 +00:00
| `WG_PORT` | `51820` | WireGuard UDP listen port |
| `WG_DEFAULT_ADDRESS` | `10.8.0.0/24` | VPN subnet CIDR |
| `WG_DNS` | `1.1.1.1, 8.8.8.8` | DNS servers for VPN clients |
| `WG_MTU` | `1420` | MTU value |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | Default allowed IPs for clients |
| `WG_PERSISTENT_KEEPALIVE` | `25` | Keepalive interval in seconds |
2026-03-17 16:13:01 +00:00
## Ports
2026-03-07 13:49:44 +00:00
| Port | Protocol | Description |
|------|----------|-------------|
| `80` | TCP | HTTP |
| `81` | TCP | Admin Web UI |
| `443` | TCP | HTTPS |
2026-03-17 16:13:01 +00:00
| `51820– | UDP | WireGuard Multi-Server |
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
---
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Building from Source
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
```bash
2026-03-19 05:56:05 +00:00
git clone https://src.d3v.ac/d3v/D3V-Server.git
2026-03-17 16:13:01 +00:00
cd D3V-Server
2026-03-07 14:07:37 +00:00
2026-03-17 16:13:01 +00:00
cd frontend & & yarn install & & yarn locale-compile & & yarn build & & cd ..
2026-03-19 05:56:05 +00:00
docker build -t d3v-gateway -f docker/Dockerfile .
2026-03-17 16:13:01 +00:00
```
2026-03-07 14:07:37 +00:00
2026-03-17 16:13:01 +00:00
### CI/CD
2026-03-07 13:49:44 +00:00
2026-03-19 05:56:05 +00:00
Pushes to `master` that touch `backend/` , `frontend/` , or `docker/` automatically build and push the Docker image to `src.d3v.ac/d3v/d3v-server:latest` via Forgejo Actions.
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
---
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Requirements
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
- Docker with Linux containers
- Host kernel with WireGuard support (Linux 5.6+)
- `NET_ADMIN` and `SYS_MODULE` capabilities
- `net.ipv4.ip_forward=1`
2026-03-07 13:49:44 +00:00
2026-03-17 16:13:01 +00:00
## Credits
2026-03-07 13:49:44 +00:00
2026-03-19 05:56:05 +00:00
- [Nginx Proxy Manager ](https://github.com/NginxProxyManager/nginx-proxy-manager ) — Original proxy manager
2026-03-07 13:49:44 +00:00
- [wg-easy ](https://github.com/wg-easy/wg-easy ) — WireGuard management inspiration
2026-03-17 16:13:01 +00:00
## License
2026-03-07 13:49:44 +00:00
MIT License
