d3v/D3V-Server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
D3V-Server/README.md

149 lines
4.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# D3V Gateway — Reverse Proxy + WireGuard VPN
A lightweight all-in-one Docker deployment that combines reverse proxy management with SSL and **WireGuard VPN** in a single web interface.
## Features
### Gateway
- Reverse proxy management with SSL (Let's Encrypt)
- Proxy hosts, redirection hosts, streams, and 404 hosts
- Access control lists and audit logging
### WireGuard VPN Manager
- Create, enable, disable, and delete VPN clients
- QR code generation for mobile clients
- Download `.conf` configuration files
- Real-time client status (connected, idle, data transfer)
- Client expiration support
- Auto-sync WireGuard configs
- Client isolation (block inter-client traffic)
- Encrypted per-client file storage
### Forgejo Integration (optional)
- Self-hosted Git server on the same VPS
- Accessible only via domain through NPM proxy
- CI/CD via Forgejo Runner for automated Docker builds
### Blog Starter
- `blog-starter/` contains a ready-to-use Hugo + LoveIt starter
- includes a Forgejo Actions workflow that deploys generated files to `/opt/blog/public`
- intended to be used as the base of a separate blog repository
- `install.sh blog-deploy-info` prints the deploy user and the secret values needed by Forgejo Actions
---
## Quick Start
```bash
curl -sSL https://src.d3v.ac/d3v/D3V-Server/raw/branch/master/install.sh -o install.sh
chmod +x install.sh
sudo ./install.sh
```
**Main menu:**
- `1` Gateway
- `2` Blog
- `3` Forgejo
- `4` Status / Logs / Health Check
- `5` Exit
**Gateway submenu:**
- `1` Install Gateway
- `2` Uninstall Gateway
- `3` Uninstall Gateway + Docker (Purge)
- `4` Reset Admin Password
- `5` Update Gateway
- `6` Manage Custom Stream Ports
- `7` Toggle Admin Port 81 (Block/Unblock)
You can also run commands directly:
```bash
sudo ./install.sh {gateway|gateway-install|gateway-uninstall|gateway-purge|gateway-reset|gateway-update|manage-ports|toggle-port|blog|blog-install|blog-update|blog-uninstall|forgejo|runner-update|ops}
```
---
## Manual Docker Compose
```yaml
services:
d3v-npmwg:
image: src.d3v.ac/d3v/d3v-server:latest
container_name: d3v-npmwg
restart: unless-stopped
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.src_valid_mark=1
ports:
- "80:80"
- "81:81"
- "443:443"
- "51820-51830:51820-51830/udp"
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
- ./wireguard:/etc/wireguard
environment:
WG_HOST: "your.server.ip" # REQUIRED
```
---
## Environment Variables
| Variable | Default | Description |
|----------|---------|-------------|
| `WG_HOST` | *(required)* | Public IP or domain of your server |
| `WG_ENABLED` | `true` | Enable/disable WireGuard |
| `WG_PORT` | `51820` | WireGuard UDP listen port |
| `WG_DEFAULT_ADDRESS` | `10.8.0.0/24` | VPN subnet CIDR |
| `WG_DNS` | `1.1.1.1, 8.8.8.8` | DNS servers for VPN clients |
| `WG_MTU` | `1420` | MTU value |
| `WG_ALLOWED_IPS` | `0.0.0.0/0, ::/0` | Default allowed IPs for clients |
| `WG_PERSISTENT_KEEPALIVE` | `25` | Keepalive interval in seconds |
## Ports
| Port | Protocol | Description |
|------|----------|-------------|
| `80` | TCP | HTTP |
| `81` | TCP | Admin Web UI |
| `443` | TCP | HTTPS |
| `5182051830` | UDP | WireGuard Multi-Server |
---
## Building from Source
```bash
git clone https://src.d3v.ac/d3v/D3V-Server.git
cd D3V-Server
cd frontend && yarn install && yarn locale-compile && yarn build && cd ..
docker build -t d3v-gateway -f docker/Dockerfile .
```
### CI/CD
Pushes to `master` that touch `backend/`, `frontend/`, or `docker/` automatically build and push the Docker image to `src.d3v.ac/d3v/d3v-server:latest` via Forgejo Actions.
---
## Requirements
- Docker with Linux containers
- Host kernel with WireGuard support (Linux 5.6+)
- `NET_ADMIN` and `SYS_MODULE` capabilities
- `net.ipv4.ip_forward=1`
## Credits
- [Nginx Proxy Manager](https://github.com/NginxProxyManager/nginx-proxy-manager) — Original proxy manager
- [wg-easy](https://github.com/wg-easy/wg-easy) — WireGuard management inspiration
## License
MIT License
Reference in a new issue View git blame Copy permalink