ruslan/Wireguard_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(gui): security hardening, UI overhaul, light theme

Browse Source 
- CSRF protection on all POST forms (session token)
- ensure_schema() moved to module-level, removed from before_request
- gunicorn now binds to 127.0.0.1 only, runs as unprivileged user wgadmin
- nginx reverse proxy with HTTPS (Let's Encrypt, wg.4mont.ru)
- HTTP → HTTPS redirect before Basic Auth prompt
- Auth moved to nginx level (auth_basic), wg-peerctl called via sudo
- ufw firewall: only 22/80/443/51820 open
- fail2ban: SSH + nginx (5 attempts → 1h ban)
- Add Enable/Disable toggle buttons in peer table
- Add .conf file download route
- Light theme: white background, blue accent, subtle shadows
- Modern sidebar layout, styled badges, responsive forms

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
ruslan
2026-05-06 10:10:19 +03:00
parent 530e93c1df
commit 904582e7fa
7 changed files with 620 additions and 170 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gui/templates/peer_created.html
+21 -10
View File
@@ -1,16 +1,27 @@
{% extends 'base.html' %}
{% block content %}
<h2>Peer создан: {{ name }}</h2>
<p>PublicKey: <span class="mono">{{ public_key }}</span></p>
<p><a href="data:text/plain;charset=utf-8,{{ client_conf | urlencode }}" download="{{ name }}.conf">Скачать {{ name }}.conf</a></p>
<div class="grid2">
<div>
<h3>QR</h3>
<img alt="QR" src="data:image/png;base64,{{ qr_b64 }}" />
<div class="page-header">
<h2>{{ name }}</h2>
<a href="{{ url_for('index') }}" class="btn">← Назад</a>
</div>
<div class="peer-detail-grid">
<div class="card qr-card">
<h3>QR-код</h3>
<img src="data:image/png;base64,{{ qr_b64 }}" alt="QR" class="qr-img" />
<p class="text-muted">Отсканируйте в приложении WireGuard</p>
</div>
<div>
<h3>Client config</h3>
<pre>{{ client_conf }}</pre>
<div class="card conf-card">
<div class="conf-header">
<h3>Конфигурация</h3>
<a href="{{ url_for('peer_download', peer_id=request.view_args.get('peer_id', 0)) }}" class="btn btn-sm">↓ Скачать .conf</a>
</div>
<pre class="conf-block">{{ client_conf }}</pre>
<div class="pubkey-block">
<span class="label">Публичный ключ:</span>
<span class="mono-sm">{{ public_key }}</span>
</div>
</div>
</div>
{% endblock %}