provvedo/wiregui
2
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages 1 Wiki Activity Actions
53 commits 3 branches 8 tags 1.5 MiB
Commit graph

4 commits

Author SHA1 Message Date
Stefano Bertelli
554da599ba fix: stop patching wiregui.db globally — broke e2e tests
Some checks failed
Dev / test (push) Failing after 4m3s
Details
Dev / docker (push) Has been skipped
Details 
Remove module-level engine/session replacement that affected all tests
including e2e. The test engine is now only used via the session fixture,
so e2e tests keep using the real DB the app writes to.
 2026-03-31 22:14:34 -05:00
Stefano Bertelli
a012635dff fix: remove unit tests redundant with e2e, fix test DB isolation
Some checks failed
Dev / test (push) Failing after 7m41s
Details
Dev / docker (push) Has been skipped
Details 
Remove 7 test files fully covered by e2e tests (admin, account, models,
API routes, integration MFA/OIDC, notifications). Trim 5 more files to
keep only edge cases not reachable via e2e.

Fix conftest to replace wiregui.db engine/session at import time so all
code uses the test database. Use session-scoped tables with per-test
savepoint isolation to prevent data leaking between tests.
 2026-03-31 21:27:46 -05:00
Stefano Bertelli
2ecd0bbc33 fix: CI test DB — use main DB in CI, skip test DB creation
Some checks failed
CI / release (push) Blocked by required conditions
Details
CI / docker (push) Blocked by required conditions
Details
CI / test (push) Has been cancelled
Details
2026-03-30 18:55:09 -05:00
Stefano Bertelli
0546b44507 feat: initial WireGUI implementation — full VPN management platform
Some checks failed
CI / test (push) Failing after 26s
Details
CI / release (push) Has been skipped
Details
CI / docker (push) Has been skipped
Details 
Complete Python/NiceGUI rewrite of the Wirezone (Elixir/Phoenix) VPN
management platform. All 10 implementation phases delivered.

Core stack:
- NiceGUI reactive UI with SQLModel ORM on PostgreSQL (asyncpg)
- Alembic migrations, Valkey/Redis cache, pydantic-settings config
- WireGuard management via subprocess (wg/ip/nft CLIs)
- 164 tests passing, 35% code coverage

Features:
- User/device/rule CRUD with admin and unprivileged roles
- Full device config form with per-device WG overrides
- WireGuard client config generation with QR codes
- REST API (v0) with Bearer token auth for all resources
- TOTP MFA with QR registration and challenge flow
- OIDC SSO with authlib (provider registry, auto-create users)
- Magic link passwordless sign-in via email
- SAML SP-initiated SSO with IdP metadata parsing
- WebAuthn/FIDO2 security key registration
- nftables firewall with per-user chains and masquerade
- Background tasks: WG stats polling, VPN session expiry,
  OIDC token refresh, WAN connectivity checks
- Startup reconciliation (DB ↔ WireGuard state sync)
- In-memory notification system with header badge
- Admin UI: users, devices, rules, settings (3 tabs), diagnostics
- Loguru logging with optional timestamped file output

Deployment:
- Multi-stage Dockerfile (python:3.13-slim)
- Docker Compose prod stack (bridge networking, NET_ADMIN, nftables)
- Forgejo CI: tests → semantic versioning → Docker registry push
- Health endpoint at /api/health
 2026-03-30 16:53:46 -05:00