Connect your devices into a single private WireGuard®-based mesh network.

Wiretrustee

A WireGuard®-based mesh network that connects your devices into a single private network.

Why using Wiretrustee?

  • Connect multiple devices to each other via a secure peer-to-peer Wireguard VPN tunnel. At home, the office, or anywhere else.
  • No need to open ports and expose public IPs on the device.
  • Automatically reconnects in case of network failures or switches.
  • Automatic NAT traversal.
  • Relay server fallback in case of an unsuccessful peer-to-peer connection.
  • Private key never leaves your device.
  • Works on ARM devices (e.g. Raspberry Pi).

A bit on Wiretrustee internals

  • Wiretrustee uses WebRTC ICE implemented in pion/ice library to discover connection candidates when establishing a peer-to-peer connection between devices.
  • A connection session negotiation between peers is achieved with the Wiretrustee Signalling server signal
  • Contents of the messages sent between peers through the signaling server are encrypted with Wireguard keys, making it impossible to inspect them. The routing of the messages on a Signalling server is based on public Wireguard keys.
  • Occasionally, the NAT-traversal is unsuccessful due to strict NATs (e.g. mobile carrier-grade NAT). For that matter, there is support for a relay server fallback (TURN) and a secure Wireguard tunnel is established via TURN server. Coturn is the one that has been successfully used for STUN and TURN in Wiretrustee setups.

What Wiretrustee is not doing:

  • Wireguard key management. In consequence, you need to generate peer keys and specify them on Wiretrustee initialization step.
  • Peer address management. You have to specify a unique peer local address (e.g. 10.30.30.1/24) when configuring Wiretrustee

Product Roadmap

Client Installation

Linux

  1. Checkout Wiretrustee releases
  2. Download the latest release (Switch VERSION to the latest):

Debian packages

wget https://github.com/wiretrustee/wiretrustee/releases/download/v<VERSION>/wiretrustee_<VERSION>_linux_amd64.deb
  1. Install the package
sudo dpkg -i wiretrustee_<VERSION>_linux_amd64.deb

Fedora/Centos packages

wget https://github.com/wiretrustee/wiretrustee/releases/download/v<VERSION>/wiretrustee_<VERSION>_linux_amd64.rpm
  1. Install the package
sudo rpm -i wiretrustee_<VERSION>_linux_amd64.rpm

MACOS

  1. Checkout Wiretrustee releases
  2. Download the latest release (Switch VERSION to the latest):
curl -o ./wiretrustee_<VERSION>_darwin_amd64.tar.gz https://github.com/wiretrustee/wiretrustee/releases/download/v<VERSION>/wiretrustee_<VERSION>_darwin_amd64.tar.gz
  1. Decompress
tar xcf ./wiretrustee_<VERSION>_darwin_amd64.tar.gz
sudo mv wiretrusee /usr/local/bin/wiretrustee
chmod +x /usr/local/bin/wiretrustee

After that you may need to add /usr/local/bin in your MAC's PATH environment variable:

export PATH=$PATH:/usr/local/bin

Client Configuration

  1. Initialize Wiretrustee:

For MACOS, you need to create the configuration directory:

sudo mkdir /etc/wiretrustee

Then, for all systems:

sudo wiretrustee init \
 --stunURLs stun:stun.wiretrustee.com:3468,stun:stun.l.google.com:19302 \
 --turnURLs <TURN User>:<TURN password>@turn:stun.wiretrustee.com:3468  \
 --signalAddr signal.wiretrustee.com:10000  \
 --wgLocalAddr 10.30.30.1/24  \
 --log-level info

It is important to mention that the wgLocalAddr parameter has to be unique across your network. E.g. if you have Peer A with wgLocalAddr=10.30.30.1/24 then another Peer B can have wgLocalAddr=10.30.30.2/24

If for some reason, you already have a generated Wireguard key, you can specify it with the --wgKey parameter. If not specified, then a new one will be generated, and its corresponding public key will be output to the log. A new config will be generated and stored under /etc/wiretrustee/config.json

  1. Add a peer to connect to.
sudo wiretrustee add-peer --allowedIPs 10.30.30.2/32 --key '<REMOTE PEER WIREUARD PUBLIC KEY>'
  1. Restart Wiretrustee to reload changes For MACOS you will just start the service:
sudo wiretrustee up --log-level info 
# or
sudo wiretrustee up --log-level info & # to run it in background

For Linux systems:

sudo systemctl restart wiretrustee.service
sudo systemctl status wiretrustee.service

Running the Signal service

After installing the application, you can run the signal using the command below:

/usr/local/bin/wiretrustee signal --log-level INFO

This will launch the Signal server on port 10000, in case you want to change the port, use the flag --port.

Docker image

We have packed the Signal server into docker image. You can pull the image from Docker Hub and execute it with the following commands:

docker pull wiretrustee/wiretrustee:signal-latest
docker run -d --name wiretrustee-signal -p 10000:10000 wiretrustee/wiretrustee:signal-latest

The default log-level is set to INFO, if you need you can change it using by updating the docker cmd as followed:

docker run -d --name wiretrustee-signal -p 10000:10000 wiretrustee/wiretrustee:signal-latest --log-level DEBUG

Running Signal and Coturn

Under infrastructure_files we have a docker-compose example to run both, Wiretrustee Signal server and an instance of Coturn, it also provides a turnserver.conf file as a simple example of Coturn configuration. You can edit the turnserver.conf file and change its Realm setting (defaults to wiretrustee.com) to your own domain and user setting (defaults to username1:password1) to proper credentials.

The example is set to use the official images from Wiretrustee and Coturn, you can find our documentation to run the signal server in docker in [Running the Signal service](#Running the Signal service) and the Coturn official documentation here.

Run Coturn at your own risk, we are just providing an example, be sure to follow security best practices and to configure proper credentials as this service can be exploited and you may face large data transfer charges.

Also, if you have an SSL certificate you can modify the docker-compose.yml file to point to its files in your host machine, then switch the domainname to your own SSL domain. If you don't already have an SSL certificate, you can follow Certbot's official documentation to generate one from Let’s Encrypt, or, we found that the example provided by BigBlueButton covers the basics to configure Coturn with Let's Encrypt certs.

Simple docker-composer execution:

cd infrastructure_files
docker-compose up -d

You can check logs by running:

cd infrastructure_files
docker-compose logs signal
docker-compose logs coturn

If you need to stop the services, run the following:

cd infrastructure_files
docker-compose down
Owner
null
https://github.com/wiretrustee/wiretrustee https://wiretrustee.com
Comments
  • Peer Status Online but not Connected.

    Peer Status Online but not Connected.

    Hello,

    I was trying to connect two windows machines and looks like they are shown online in the management dashboard but are not shown as connected is there something that I missed?

    Since they are not shown as connected I am not able to get a ping response.

    image

    image

  • Support for running NetBird without Auth0

    Support for running NetBird without Auth0

    Are there any plans to add basic support for running WireTrustee without Auth0? We are trying to find a solution for running a managed WireGuard Mesh in an airgap network, and having a requirement for Auth0 wouldn't work.

    I think it would be very beneficial if WireTrustee had support for basic auth, even if it's just an Admin Account.

  • No route between hosts

    No route between hosts

    I've installed netbird 0.8.2 on 3 hosts in 3 different locations.

    2022-07-13_10-26

    They appear to be online but netbird status on each of them doesn't seem to be seeing the other hosts:

    Daemon status: Connected
Management: Connected
Signal:  Connected
NetBird IP: 100.64.94.238/16
Interface type: Kernel
Peers count: 0/2 Connected

    On 2 of them I've enabled debugging and the log files are here: bslog1.log pcweb1.log

    I can't ping between the hosts and when trying to ssh into them, I get the error Error: dial tcp 100.64.94.238:44338: connect: no route to host

    Any idea what's wrong?

  • Fedora 35 system not seeing Debian 11.1 system and vice versa

    Fedora 35 system not seeing Debian 11.1 system and vice versa

    I have setup two systems: one Fedora 34 and the other Debian 11.1. Both were registered with the Default Keys. They have both received IP#s but the https://app.wiretrustee.com/peers only shows the Debian 11 system being online while the Fedora 35 is offline. Any tips on troubleshooting?

  • Possible to set nameservers to connecting peers

    Possible to set nameservers to connecting peers

    I am aware DNS is on the roadmap, but in the mean time would it be possible to privately provide nameservers to the client or configure the client to accept a nameserver?

    I don't know if this would be appropriate since objectively it seems you already have a plan. Although I do think it would be useful to operate a custom DNS server even if it isn't explicitly tied to the clients themselves. Unless the feature is already there and I am not seeing it?

  • Run netbird behind reverse proxy

    Run netbird behind reverse proxy

    I'm looking into setting up netbird on a server where I have several other services already running, with nginx acting as a reverse proxy. I see in the documentation and docker-compose that netbird tries to expose ports 80 and 443 on the host machine and get letsencrypt certs by itself, but is there a way to have it run in http-only mode and have my host nginx handle all the letsencrypt and tls stuff?

    I also see that the management service in the docker-compose file also requires access to the letsencrypt certs, but I could just mount those from my host system, right?

  • Add device flow scope.

    Add device flow scope.

    Describe your changes

    Most of IDP require a base scope, so add the openid as the base scope.

    Issue ticket number and link

    Na

    Checklist

    • [x] Is it a bug fix
    • [ ] Is a typo/documentation fix
    • [ ] Is a feature enhancement
    • [ ] Created tests that fail without the change (if possible)
    • [ ] Extended the README / documentation, if necessary
  • using the Self-hosting Guide without success

    using the Self-hosting Guide without success

    1:management.json: management json

    2:docker-compose.yml: 2022-02-27_214029

    3:Coturn_log.txt

    4:https://github.com/wiretrustee/wiretrustee/blob/main/docs/self-hosting.md vs README.md start with ""Running Dashboard, Management, Signal and Coturn" The descriptions are inconsistent.

    In addition to modifying setup.env, what else do I need to modify? Can the documentation be improved? Thank you.

  • Do we need to trust signal server?

    Do we need to trust signal server?

    From docs it is not clear, how setup key is used during adding new peer. However, given that:

    • setup key looks like uuid
    • setup key shown in web interface equals to one used in command line on peer

    I assume that it is used like a shared secret.

    This probably means that malicious signal server can insert a MITM between your peers; and when app.wiretrustee.com is hacked, all networks using it are at risk.

    It would be nice if less trust is required to signal server. It seems to be possible with public key cryptography, for example:

    • to setup a new network one obtain private key with wg genkey
    • app.wiretrustee.com identifies the network by its public counterpart
    • when new peer is added, it uses private network key to sign own public key and send it via signal server's pub-sub topic, identified by public network key
    • other peers from the given network check signature and only after verification start to trust new public key
    • they send to new peer their public keys, also signed with private network key, plus info about their endpoints, suggested IP for new peer and so on

    For enterprise-grade setups with ACLs, audit et cetera one may use private network key as certificate authority which issues keys for joining the network, keys for server(s) who is responsible for IP assigning, keys for audit servers and so on.

    Web UI for management in this case may run on any server in the network, and it is safer because sysadmin knows that he/she runs a binary compiled from official sources.

    Authorization at app.wiretrustee.com is not mandatory at all, though may be used to manage some additional services like TURN which is not open for anyone.

    Do you consider such a scheme? Or am I wrong about currently used one?

  • Journallog shows read/write error

    Journallog shows read/write error

    journalctl -u netbird.service:

    Oct 03 07:45:47 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:47 could not write packet: io: read/write on closed pipe
Oct 03 07:45:49 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:49 could not write packet: io: read/write on closed pipe
Oct 03 07:45:49 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:49 could not write packet: io: read/write on closed pipe
Oct 03 07:45:49 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:49 could not write packet: io: read/write on closed pipe
Oct 03 07:45:50 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:50 could not write packet: io: read/write on closed pipe
Oct 03 07:45:50 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:50 could not write packet: io: read/write on closed pipe
Oct 03 07:45:50 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:50 could not write packet: io: read/write on closed pipe
Oct 03 07:45:50 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:50 could not write packet: io: read/write on closed pipe
Oct 03 07:45:51 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:51 could not write packet: io: read/write on closed pipe
Oct 03 07:45:51 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:51 could not write packet: io: read/write on closed pipe
Oct 03 07:45:53 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:53 could not write packet: io: read/write on closed pipe
Oct 03 07:45:53 octopi netbird[605]: ice ERROR: 2022/10/03 07:45:53 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe
Oct 03 07:46:20 octopi netbird[605]: ice ERROR: 2022/10/03 07:46:20 could not write packet: io: read/write on closed pipe

    This is a fresh setup of netbird on a raspberry pi 4b. netbird status works and shows the IPs, but pinging the device or from the device to other netbird clients is not working. I already tried apt-purging it, deleting the config files and reinstalling, but that did not help.

    Other clients have this output when pinging the raspberry:

    From laptop (100.xx.xx.xx) icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Required key not available
  • macOS: problem installing from Homebrew cask / M1 Mac Mini?

    macOS: problem installing from Homebrew cask / M1 Mac Mini?

    Wanted to try this out so I followed the install instructions, but it's failing. Seems to be related to wiretrustee dependency.

    macOS 12.5 / M1 Mac Mini.

    $ brew install netbirdio/tap/netbird
==> Downloading https://github.com/netbirdio/netbird/releases/download/v0.8.5/netbird_0.8.5_darwin_arm64.tar.gz
Already downloaded: /Users/luke/Library/Caches/Homebrew/downloads/e57146d1abdb10de1d122c8031f374f8a3a978f2d3713bb64c207b2ede0c314a--netbird_0.8.5_darwin_arm64.tar.gz
==> Installing netbird from netbirdio/tap
Warning: netbird: No available formula with the name "wiretrustee". Did you mean wiredtiger?
'conflicts_with "wiretrustee"' should be removed from netbird.rb.
Warning: No available formula with the name "wiretrustee". Did you mean wiredtiger?
==> Searching for similarly named formulae...
This similarly named formula was found:
wiredtiger
To install it, run:
  brew install wiredtiger
==> Searching for a previously deleted formula (in the last month)...
Error: No previously deleted formula found.
==> Searching taps on GitHub...
Error: No formulae found in taps.

$ brew install --cask netbirdio/tap/netbird-ui
==> Downloading https://github.com/netbirdio/netbird/releases/download/v0.8.5/netbird-ui_0.8.5_darwin_arm64_signed.zip
Already downloaded: /Users/luke/Library/Caches/Homebrew/downloads/764db04869eba635b474cf8c5b946c62055e3a93bdff2f25d9bd812e94c6ed4d--netbird-ui_0.8.5_darwin_arm64_signed.zip
==> Installing dependencies: netbird
==> Downloading https://github.com/netbirdio/netbird/releases/download/v0.8.5/netbird_0.8.5_darwin_arm64.tar.gz
Already downloaded: /Users/luke/Library/Caches/Homebrew/downloads/e57146d1abdb10de1d122c8031f374f8a3a978f2d3713bb64c207b2ede0c314a--netbird_0.8.5_darwin_arm64.tar.gz
Warning: netbird: No available formula with the name "wiretrustee". Did you mean wiredtiger?
'conflicts_with "wiretrustee"' should be removed from netbird.rb.
Warning: No available formula with the name "wiretrustee". Did you mean wiredtiger?
==> Searching for similarly named formulae...
This similarly named formula was found:
wiredtiger
To install it, run:
  brew install wiredtiger
==> Searching for a previously deleted formula (in the last month)...
Error: No previously deleted formula found.
==> Searching taps on GitHub...
Error: No formulae found in taps.
  • Would it be possible to create a SNAP for Netbird?

    Would it be possible to create a SNAP for Netbird?

    Is your feature request related to a problem? Please describe. No

    Describe the solution you'd like I'd like to see a Netbird SNAP available. That could enable installation by end-users with a single command such as:

    $ sudo snap install netbird-ui
    or
    $ sudo snap install netbird-cli*

    SNAPs utilize a release Channel concept (ie stable, candidate, beta, edge) They define which release of a snap is installed and tracked for updates. SNAPs can be updated or rolled-back to a previous version if an update does happen to cause some problem for a user.

    Describe alternatives you've considered none. But I'd imagine there would be interest in a Flatpak installer.

    Additional context Add any other context or screenshots about the feature request here.

  • [Feature Request] Custom Protocol for Netbird configuration

    [Feature Request] Custom Protocol for Netbird configuration

    Is your feature request related to a problem? Please describe. Configuration for Novice users is quite complicated

    Describe the solution you'd like We should have a Custom Protocol address (netbird://) that will allow Users to click a link in the web-ui and it will configure the VPN for them. the link would look like this for example: netbird://domain.com:33073/setup-key

    This would open netbird up --management-url https://domain.com:33073 --setup-key setup-key

    Describe alternatives you've considered Already discussed with @mlsmaycon

    Additional context This could be installed with the service (netbird service install)

    here is a nodejs implementation (to show you how to do it) https://www.npmjs.com/package/protocol-registry

  • Ubuntu on Oracle cloud. Connecting issue.

    Ubuntu on Oracle cloud. Connecting issue.

    Describe the problem Can't reach ip of remote computer which is a VM of Oracle cloud service.

    To Reproduce First of all installation command wasn't going through normally, I divided them and ran one by one. After running netbird up command I've link as it expected and add computer to my network. It's appeared on Dashboard but as offline. Running netbird status -d gaves this error: Error: status failed: received error "address already in use" while configuring interface wt0 with port 51820 Is anything extra have to be done? Thank you.

  • Proxy (TS_DEST_IP feature equivalent)

    Proxy (TS_DEST_IP feature equivalent)

    Is your feature request related to a problem? Please describe.

    Currently, we can't forward all traffic to a specific IP.

    Describe the solution you'd like

    I would like to be able to redirect all traffic to a specific IP so I can setup a wildcard DNS on Netbird Node and redirect all traffic to my Ingress controller (static IP).

    Describe alternatives you've considered

    I didn't find one.

    Additional context

  • wrong detected endpoint / ICE candidate for server behind cloud firewall

    wrong detected endpoint / ICE candidate for server behind cloud firewall

    Describe the problem

    TLDR the ICE candidate is host/prflx or host/host. If it would be prflx/prflx it would work because TURN server would come into play.

    Netbird detected endpoint for my server as publicIP:51820. Because of that I can't connect from the server to my laptop and vice versa. Why is netbird detecting endpoint for my server to be publicIP:51820 while the port is blocked by cloud firewall?

    To Reproduce Steps to reproduce the behavior:

    1. netbird @ laptop behind NAT and server on digitalocean (or probably any other cloud) with allowed incoming ICMP, blocked UDP and TCP (some TCP ports are whitelisted - 22, 80, 443)
    2. cannot connect from laptop to server and vice versa because the laptop side endpoint is set to blocked port @ serverPublicIP:51820

    Expected behavior

    Server with public IP and blocked 51820 port is clasified as prflx/prflx in ICE candidate field which would lead to use of TURN server relay.

    NetBird status -d output:

    # server to laptop
root@masked ~ # netbird status -d | grep -A 10 laptop
 northys-laptop.netbird.selfhosted:
  NetBird IP: 100.70.11.95
  Public key: maskedPublicKey1=
  Status: Connected
  -- detail --
  Connection type: P2P
  Direct: false
  ICE candidate (Local/Remote): host/prflx
  Last connection update: 2022-12-30 11:19:13

# laptop to server
 masked.netbird.selfhosted:
  NetBird IP: 100.70.55.22
  Public key: maskedPublicKey2=
  Status: Connected
  -- detail --
  Connection type: P2P
  Direct: true
  ICE candidate (Local/Remote): host/host
  Last connection update: 2022-12-30 12:19:13

    Additional context

    # get public key of masked
northys at laptop in ~
» netbird status -d | grep -A 5 masked
 masked.netbird.selfhosted:
  NetBird IP: 100.70.55.22
  Public key: maskedPublicKey=
  Status: Connected
  -- detail --
  Connection type: P2P
  Direct: true
  ICE candidate (Local/Remote): host/host
  Last connection update: 2022-12-30 12:19:13

# grep public key in wg to see endpoint
northys at laptop in ~
» sudo wg | grep -A 5 maskedPublicKey=
[sudo] password for northys: 
peer: maskedPublicKey=
  endpoint: maskedPublicIP:51820
  allowed ips: 100.70.55.22/32
  transfer: 0 B received, 19.08 KiB sent
  persistent keepalive: every 25 seconds

# check masked's publicIP
northys at laptop in ~
» dig +short masked
maskedPublicIP

# can't ping because my laptop cannot connect to maskedPublicIP:51820 because port is blocked
northys at laptop in ~
» ping masked.netbird.selfhosted
PING masked.netbird.selfhosted (100.70.55.22) 56(84) bytes of data.
^C
--- masked.netbird.selfhosted ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4083ms
Related tags
Network golang mesh-networks nat-traversal vpn mesh wireguard zerotrust wireguard-vpn wiretrustee
🐉 Simple WireGuard proxy with minimal overhead for WireGuard traffic.

swgp-go ?? Simple WireGuard proxy with minimal overhead for WireGuard traffic. Proxy Modes 1. Zero overhead Simply AES encrypt the first 16 bytes of a

Jan 8, 2023
NAT puncher for Wireguard mesh networking.

natpunch-go This is a NAT hole punching tool designed for creating Wireguard mesh networks. It was inspired by Tailscale and informed by this example.

Dec 12, 2022
Mount your podman container into WireGuard networks on spawn

wg-pod A tool to quickly join your podman container/pod into a WireGuard network. Explanation wg-pod wires up the tools ip,route,wg and podman. It cre

Aug 14, 2022
inlets-connect is a proxy that supports HTTPS and the CONNECT method

inlets-connect inlets-connect is a proxy that supports HTTPS and the CONNECT method. It can be deployed as a side-car or stand-alone to proxy to a sin

Nov 7, 2022
Minekube Connect allows you to connect any Minecraft server

Minekube Connect allows you to connect any Minecraft server, whether online mode, public, behind your protected home network or anywhere else in the world, with our highly available, performant and low latency edge proxies network nearest to you.

Dec 27, 2022
Generates file.key file for IPFS Private Network.

ipfs-keygen Generates file.key file for IPFS Private Network. Installation go get -u github.com/reixmor/ipfs-keygen/ipfs-keygen Usage ipfs-keygen > ~/

Jan 18, 2022
wire protocol for multiplexing connections or streams into a single connection, based on a subset of the SSH Connection Protocol

qmux qmux is a wire protocol for multiplexing connections or streams into a single connection. It is based on the SSH Connection Protocol, which is th

Dec 26, 2022
Tool for monitoring network devices (mainly using SNMP) - monitoring check plugin
 Tool for monitoring network devices (mainly using SNMP) - monitoring check plugin

Thola Description A tool for monitoring network devices written in Go. It features a check mode which complies with the monitoring plugins development

Dec 29, 2022
Prometheus exporter for counting connected devices to a network using nmap

nmapprom Prometheus exporter for counting the hosts connected to a network using nmap · Report Bug · Request Feature Table of Contents About The Proje

Oct 17, 2021
Simple Web based configuration generator for WireGuard. Demo:
 Simple Web based configuration generator for WireGuard. Demo:

Wg Gen Web Simple Web based configuration generator for WireGuard. Why another one ? All WireGuard UI implementations are trying to manage the service

Jan 1, 2023
A tool helps connect to your AriPods when sound playing in your Mac

Auto connect to airpods this tool helps connect to your AriPods when sound playing in your Mac. dependencenes SwitchAudioSource $ brew install switcha

Dec 9, 2021
Proxtor - A simple tool to connect to the network using Tor

Proxtor A simple tool to connect to the network using Tor. Installing Go to rele

Jan 1, 2022
Totem - A Go library that can turn a single gRPC stream into bidirectional unary gRPC servers

Totem is a Go library that can turn a single gRPC stream into bidirectional unar

Jan 6, 2023
A fork of the simple WireGuard VPN server GUI community maintained
 A fork of the simple WireGuard VPN server GUI community maintained

Subspace - A simple WireGuard VPN server GUI Subspace - A simple WireGuard VPN server GUI Slack Screenshots Features Contributing Setup 1. Get a serve

Dec 25, 2022
A flexible configuration manager for Wireguard networks
 A flexible configuration manager for Wireguard networks

Drago A flexible configuration manager for WireGuard networks Drago is a flexible configuration manager for WireGuard networks which is designed to ma

Jan 7, 2023
The easiest, most secure way to use WireGuard and 2FA.

This repository contains all the open source Tailscale client code and the tailscaled daemon and tailscale CLI tool. The tailscaled daemon runs primarily on Linux; it also works to varying degrees on FreeBSD, OpenBSD, Darwin, and Windows.

Jan 8, 2023
An userspace SORACOM Arc client powered by wireguard-go

soratun An easy-to-use, userspace SORACOM Arc client powered by wireguard-go. For deploying and scaling Linux servers/Raspberry Pi devices working wit

Jun 2, 2022
A Wireguard VPN Server Manager and API to add and remove clients

Wireguard Manager And API A manager and API to add, remove clients as well as other features such as an auto reapplier which deletes and adds back a c

Dec 22, 2022
Layer2 version of wireguard with Floyd Warshall implement in go.

Etherguard 中文版README A Full Mesh Layer2 VPN based on wireguard-go OSPF can find best route based on it's cost. But sometimes the lentancy are differen

Dec 29, 2022