Mandatory fields

[xgusto]

First of all, I want to thank the author for a really great project. I am very pleased that I found this project. I'm used to configuring wireguard through the linux terminal.
I started to configure the first instance (wg0.conf) via wg webadmin.
When I configured wg0.conf through the terminal (nano editor), it looked like this

[Interface]
PrivateKey = <PrivateKey>
Address = 10.10.5.1/24
ListenPort = 51830

You can see that 3 parameters are enough for it to work (PrivateKey, Address, ListenPort).
Now I want to set wg0.conf via wg webadmin and many fields are mandatory. Why do I have to enter Public Key, Primary DNS, Secondary DNS?

Once again, many thanks for a great project, I'm still learning.

[eduardogsilva]

Hello @xgusto, I'm pleased to see that you found my wireguard_webadmin enjoyable!

Indeed, starting a wireguard instance only requires those three parameters. The Public Server Key is essential for the client configuration to establish a connection with the wireguard server. To clarify, the client must have the server's interface public key to connect. Therefore, when you set up a new server configuration, the webadmin automatically generates both the public and private keys.

Regarding the DNS servers, only the primary DNS is necessary; the secondary is optional. I've noticed that some of my forms lack indicators for which fields are required and which are not.

The three fields you've mentioned are utilized not on the server side but to create the client configuration and the QR code for mobile use. I hadn't given much thought to the implications of not providing DNS server information to clients during VPN setup. It might be functional if the client system uses a public DNS server. However, if their DHCP assigns a private DNS server, DNS name resolution might fail.

As a suggestion, take a look on the generated wg0.conf and the client config after configuring the server instance and some peers.

Should this be a significant concern, I'm open to adjusting these fields. However, my priority is ensuring that the "default configuration" provides a seamless experience for new users right out of the box.

If you need anything else, please let me know ;)

[xgusto]

Thank you, I appreciate your work. I copied the key from my previously sent wg0.conf configuration and it seemed strange to me that the public key is also mandatory.
I understand it now.
I would still suggest, where there are private keys, that the field with the key be invisible (star *****) + a button to display the key.

[eduardogsilva]

Thank you! I will add the stars with a toggle button to the private key fields.
Let me know if you have any other question.
Cheers

[eduardogsilva]

@xgusto Private keys are now hidden by default ;)

[xgusto]

Great tutorial on firewall. I was used to writing iptables rules by hand, but I hope to quickly learn to use the web firewall.
Although I am not an expert on firewalls, I always started writing firewalls from scratch.
Is it possible to add another button to the firewall setting to reset the firewall all?
I would also like to not have to confirm the deletion of the rules by typing the key word "delete".
Also, for example when resetting the firewall to default, the administrator must write the keyword "delete all rules and reset firewall".
I'm not saying that what you did is wrong (admin think twice about what he's going to do), but man is a lazy creature and it's easier to click.
Thank you for your work.

[eduardogsilva]

I believe that asking for a confirmation forces the user to review its decision to delete. Since I don't have any way of reverting a removal, I believe that it's a good way of preventing a miss click to remove a rule by accident.

Regarding the long confirmation phrase on resetting the firewall, this is an event that will be triggered once or twice for the same user, and it really can delete a large amount of rules.... asking the user to type this message, confirms that he knows the effect of this specific button. (other systems also ask for similar confirmation. As an example, github asks for a long confirmation when deleting a repository)

I didn't understood the other button that you requested.

When I designed this firewall form, I implemented based on my previous experience with iptables. The idea is to make one that is used to write iptables rules by hand quite comfortable. The rule list (that remember somehow) iptables -L -nv and the rule edit form also works like iptables parameters.
I believe that you will get this pretty fast.

Let me know if you need something else!