provvedo/wiregui
2
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages 1 Wiki Activity Actions
wiregui/compose.yml
Stefano Bertelli c5b66349d6
Some checks failed
Dev / test (push) Failing after 2m43s
Details
Dev / docker (push) Has been skipped
Details
feat: WireGuard metrics collector + integration test stack 
Metrics collector (wiregui/collector.py):
- Standalone process spawned by web app when WG_METRICS_ENABLED=true
- Polls wg show dump every WG_METRICS_POLL_INTERVAL seconds (default 5)
- Updates device stats in PostgreSQL
- Pushes Prometheus-format metrics to VictoriaMetrics (if configured)
- Graceful shutdown on SIGTERM

Integration test stack (compose.yml):
- Unified compose file for dev, test, and integration modes
- VictoriaMetrics single-node TSDB for metrics storage
- 3 mock WireGuard client containers generating ping traffic
- Automated setup script seeds server keypair, admin user, client devices
- make test-stack-up: one command to start everything
- make test-stack-verify: validates metrics flowing end-to-end

Infrastructure:
- Makefile with targets for dev, test, integration, and production
- Integration tests verify VictoriaMetrics has data for all 3 clients
- Fix Dockerfile to include img/ directory
- Separate TESTS.md for test tracking, clean TODO.md for features only
2026-03-31 18:30:15 -05:00

180 lines
5.5 KiB
YAML
Raw Blame History

# WireGUI — unified compose stack
#
# Dev mode (app runs on host):
# make dev — starts infra + mock IdPs, runs app locally
# make dev-up — starts infra only
#
# Integration test mode (real WireGuard + mock clients + metrics):
# make test-stack-up — seeds DB, builds, starts everything
# make test-stack-down — tears down and removes volumes
#
# Services are opt-in: only start what you need.
services:
# ---------------------------------------------------------------------------
# Core infrastructure (always needed)
# ---------------------------------------------------------------------------
postgres:
image: postgres:17
ports:
- "5432:5432"
environment:
POSTGRES_USER: wiregui
POSTGRES_PASSWORD: wiregui
POSTGRES_DB: wiregui
volumes:
- postgres_data:/var/lib/postgresql/data
valkey:
image: valkey/valkey:8
ports:
- "6379:6379"
volumes:
- valkey_data:/data
# ---------------------------------------------------------------------------
# Mock identity providers (dev + e2e tests)
# ---------------------------------------------------------------------------
# OIDC — accepts any login, issues real JWTs
# Discovery: http://localhost:9000/test-idp/.well-known/openid-configuration
mock-oidc:
image: ghcr.io/navikt/mock-oauth2-server:2.1.10
ports:
- "9000:9000"
environment:
SERVER_PORT: "9000"
JSON_CONFIG: >
{
"interactiveLogin": true,
"httpServer": "NettyWrapper",
"tokenCallbacks": [
{
"issuerId": "test-idp",
"tokenExpiry": 3600,
"requestMappings": [
{
"requestParam": "scope",
"match": "*",
"claims": {
"sub": "$${claim:sub}",
"email": "$${claim:sub}@test.local",
"name": "Test User"
}
}
]
}
]
}
# SAML — SimpleSAMLphp as IdP
# Metadata: http://localhost:8080/simplesaml/saml2/idp/metadata.php
# Admin: http://localhost:8080/simplesaml (admin / secret)
# Users: user1/password, user2/password
mock-saml:
image: kenchan0130/simplesamlphp
ports:
- "8080:8080"
environment:
SIMPLESAMLPHP_SP_ENTITY_ID: "http://localhost:13000/auth/saml/test-saml/metadata"
SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE: "http://localhost:13000/auth/saml/test-saml/callback"
SIMPLESAMLPHP_IDP_BASE_URL: http://localhost:8080/simplesaml/
volumes:
- ./docker/mock-saml/saml20-sp-remote.php:/var/www/simplesamlphp/metadata/saml20-sp-remote.php:ro
# ---------------------------------------------------------------------------
# WireGUI server (integration test mode — containerized with real WG)
# ---------------------------------------------------------------------------
wiregui:
build: .
ports:
- "13000:13000"
# 51820/udp exposed inside Docker network only — clients connect via service name
# Uncomment to expose to host: - "51820:51820/udp"
environment:
WG_DATABASE_URL: postgresql+asyncpg://wiregui:wiregui@postgres/wiregui
WG_REDIS_URL: redis://valkey:6379/0
WG_WG_ENABLED: "true"
WG_EXTERNAL_URL: http://localhost:13000
WG_ENDPOINT_HOST: wiregui
WG_METRICS_ENABLED: "true"
WG_METRICS_POLL_INTERVAL: "5"
WG_VICTORIAMETRICS_URL: http://victoriametrics:8428
WG_ADMIN_EMAIL: admin@test.local
WG_ADMIN_PASSWORD: admin123
WG_LOG_TO_FILE: "false"
WG_SECRET_KEY: test-secret-key-for-integration
cap_add:
- NET_ADMIN
sysctls:
- net.ipv4.ip_forward=1
- net.ipv6.conf.all.forwarding=1
depends_on:
- postgres
- valkey
# ---------------------------------------------------------------------------
# Metrics (integration test mode)
# ---------------------------------------------------------------------------
victoriametrics:
image: victoriametrics/victoria-metrics:v1.108.1
ports:
- "8428:8428"
command:
- "-retentionPeriod=7d"
- "-httpListenAddr=:8428"
volumes:
- vm_data:/victoria-metrics-data
# ---------------------------------------------------------------------------
# Mock WireGuard clients (integration test mode)
# Configs generated by: make test-stack-seed
# ---------------------------------------------------------------------------
client1:
build: docker/mock-clients
environment:
CLIENT_IP: ${CLIENT1_IP:-10.3.2.101}
PEER_IPS: ${CLIENT1_PEERS:-10.3.2.102 10.3.2.103}
PING_INTERVAL: "3"
volumes:
- ./docker/mock-clients/configs/client1.conf:/etc/wireguard/wg0.conf:ro
cap_add:
- NET_ADMIN
depends_on:
- wiregui
client2:
build: docker/mock-clients
environment:
CLIENT_IP: ${CLIENT2_IP:-10.3.2.102}
PEER_IPS: ${CLIENT2_PEERS:-10.3.2.101 10.3.2.103}
PING_INTERVAL: "3"
volumes:
- ./docker/mock-clients/configs/client2.conf:/etc/wireguard/wg0.conf:ro
cap_add:
- NET_ADMIN
depends_on:
- wiregui
client3:
build: docker/mock-clients
environment:
CLIENT_IP: ${CLIENT3_IP:-10.3.2.103}
PEER_IPS: ${CLIENT3_PEERS:-10.3.2.101 10.3.2.102}
PING_INTERVAL: "3"
volumes:
- ./docker/mock-clients/configs/client3.conf:/etc/wireguard/wg0.conf:ro
cap_add:
- NET_ADMIN
depends_on:
- wiregui
volumes:
postgres_data:
valkey_data:
vm_data:
Reference in a new issue View git blame Copy permalink