- Notifications
You must be signed in to change notification settings - Fork1
Self-service for wireguard users leveraging Open ID Connect and git as storage
License
kubism/smorgasbord
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
a range of open sandwiches and delicacies served as hors d'oeuvres or a buffet
Smorgasbord purpose is to ease up the administration of a wireguard-based VPN.
It creates, stores and distributes client configurations for its users and canderive server configuration using the provided agent.Users can self-service their public keys after authenticating via OpenID Connect.Rather than using a database the public keys and metadata are commited to agit repository, which is used as storage endpoint.
Smorgasbord primary goal is to provide a minimalistic environment to manageusers across multiple wireguard servers applicable to embedded systems as wellas more complex installments.
The backlog contains some bigger topics, which we might implement in the future.However feel free to implement them yourself you need them.
Currently it is required to manage the removal/deactivation of users manually,e.g. admin removing entries from git repository.
However if the information about the deactivation is available via OIDC, e.g.refresh token failing. It would be possible to deactivate users automatically.
Rather than provide the configuration and issuing a command (e.g.wg syncconf)the agent could configure wireguard interface directly using thego library.
This project started a late night project and the name was essentially whatcame up first after googling "synonym self-service".It might therefore be subject to change.