166e619f82
* add superadmin role, apis to create superadmin user * apis to attach and remove user from remote access gateways * add api to list user's remote client has gateway clients * remove code related user groups * remove networks and groups from user model * refactor user CRUD operations * fix network permission test * add superadmin to authorize func * remove user network and groups from cli * api to transfer superadmin role * add api to list users on a ingress gw * restrict user access to resources on server * deny request from remote access client if extclient is already created * fix user tests * fix static checks * fix static checks * add limits to extclient create handler * set username to superadmin on if masterkey is used * allow creation of extclients using masterkey * add migration func to assign superadmin role for existing admin user * check for superadmin on migration if users are present * allowe masterkey to extcleint apis * check ownerid * format error, on jwt token verification failure return unauthorized rather than forbidden * user update fix * move user remote functionality to ee * fix update user api * security patch * initalise ee user handlers * allow user to use master key to update any user * use slog * fix auth user test * table headers * remove user role, it's covered in middleware * setuser defaults fix * if ingress node is deleted, cleanup gateway clients * delete ext clients in a go routine * remove response writer from go routine |
||
|---|---|---|
| .github | ||
| auth | ||
| cli | ||
| compose | ||
| config | ||
| controllers | ||
| database | ||
| docker | ||
| functions | ||
| k8s | ||
| logger | ||
| logic | ||
| migrate | ||
| models | ||
| mq | ||
| netclient/ncutils | ||
| nginx | ||
| pro | ||
| scripts | ||
| servercfg | ||
| serverctl | ||
| test | ||
| tls | ||
| validation | ||
| .dockerignore | ||
| .fpm | ||
| .gitignore | ||
| .goreleaser.prerelease.yaml | ||
| .goreleaser.update.yaml | ||
| .goreleaser.yaml | ||
| CONTRIBUTING.md | ||
| dev.yaml | ||
| Dockerfile | ||
| Dockerfile-quick | ||
| go.mod | ||
| go.sum | ||
| LICENSE.txt | ||
| main.go | ||
| main_ee.go | ||
| README.md | ||
| release.md | ||
| SECURITY.md | ||
| swagger.yaml | ||
WireGuard® automation from homelab to enterprise
| Create | Manage | Automate |
|---|---|---|
| ✔️ WireGuard Networks | ✔️ Admin UI | ✔️ Linux |
| ✔️ Remote Access Gateways | ✔️ OAuth | ✔️ FreeBSD |
| ✔️ Mesh VPNs | ✔️ Private DNS | ✔️ Mac |
| ✔️ Site-to-Site | ✔️ Access Control Lists | ✔️ Windows |
Try Online
If you're just looking to use Netmaker, you can create an account for free at netmaker.io.
Self-Hosted Quick Start
These are the instructions for deploying a Netmaker server on your own cloud VM as quickly as possible. For more detailed instructions, visit the Install Docs.
- Get a cloud VM with Ubuntu 22.04 and a public IP.
- Open ports 443, 80, 3479, 8089 and 51821-51830/udp on the VM firewall and in cloud security settings.
- (recommended) Prepare DNS - Set a wildcard subdomain in your DNS settings for Netmaker, e.g. *.netmaker.example.com, which points to your VM's pubic IP.
- Run the script:
sudo wget -qO /root/nm-quick.sh https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/nm-quick.sh && sudo chmod +x /root/nm-quick.sh && sudo /root/nm-quick.sh
This script gives you the option to deploy the Community or Enterprise version of Netmaker. It also gives you the option to use your own domain (recommended) or an auto-generated domain.
After installing Netmaker, check out the Walkthrough and Getting Started guides to learn more about configuring networks. Or, check out some of our other Tutorials for different use cases, including Kubernetes.
Get Support
Why Netmaker + WireGuard?
-
Netmaker automates virtual networks between data centers, clouds, and edge devices, so you don't have to.
-
Kernel WireGuard offers maximum speed, performance, and security.
-
Netmaker is built to scale from the small business to the enterprise.
-
Netmaker with WireGuard can be highly customized for peer-to-peer, site-to-site, Kubernetes, and more.
Community Projects
Disclaimer
WireGuard is a registered trademark of Jason A. Donenfeld.
License
Netmaker's source code and all artifacts in this repository are freely available. All versions are published under the Server Side Public License (SSPL), version 1, which can be found here: LICENSE.txt.