From d47d14a7d35ed40bfce402d521ee81bbdb2b6b79 Mon Sep 17 00:00:00 2001 From: Maycon Santos Date: Tue, 11 May 2021 22:40:09 +0500 Subject: [PATCH 1/4] add end of line --- AUTHORS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/AUTHORS b/AUTHORS index e7c69175edc..38ff6d3e3dc 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,2 +1,2 @@ Mikhail Bragin (https://github.com/braginini) -Maycon Santos (https://github.com/mlsmaycon) \ No newline at end of file +Maycon Santos (https://github.com/mlsmaycon) From 7446ef857b5275a46022e62ac7d76dd0d6178fe7 Mon Sep 17 00:00:00 2001 From: Mikhail Bragin Date: Wed, 12 May 2021 20:02:07 +0200 Subject: [PATCH 2/4] docs: fix TURN note --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 22adc8a5811..16ae66e3813 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ A WireGuard®-based mesh network that connects your devices into a single privat * Contents of the messages sent between peers through the signalling server are encrypted with Wireguard keys, making it impossible to inspect them. The routing of the messages on a Signalling server is based on public Wireguard keys. * Occasionally, the NAT-traversal is unsuccessful due to strict NATs (e.g. mobile carrier grade NAT). - For that matter, there is support for a relay server fallback (TURN). So in case, the (NAT-traversal is unsuccessful???), a secure Wireguard tunnel is established via TURN server. + For that matter, there is support for a relay server fallback (TURN) and a secure Wireguard tunnel is established via TURN server. [Coturn](https://github.com/coturn/coturn) is the one that has been successfully used for STUN and TURN in Wiretrustee setups. ### What Wiretrustee is not doing: @@ -74,4 +74,4 @@ docker run -d --name wiretrustee-signal -p 10000:10000 ghcr.io/wiretrustee/wiret ```` ### Roadmap * Android app - \ No newline at end of file + From 33e9ecfcb9b9fbbfc671760ca5235b36c719144f Mon Sep 17 00:00:00 2001 From: mlsmaycon Date: Sat, 15 May 2021 11:58:31 +0500 Subject: [PATCH 3/4] using docker hub --- .github/workflows/release.yml | 7 +++---- .goreleaser.yaml | 16 ++++++++-------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 95a6426e692..4f3fbae9fa3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,12 +37,11 @@ jobs: name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - name: Login to GitHub Packages Docker Registry + name: Login to Docker hub uses: docker/login-action@v1 with: - registry: ghcr.io - username: ${{ secrets.GITHUB_TOKEN }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_TOKEN }} - name: Run GoReleaser uses: goreleaser/goreleaser-action@v2 diff --git a/.goreleaser.yaml b/.goreleaser.yaml index e59cf0f91f2..9b1c2ba55c3 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -30,7 +30,7 @@ nfpms: postinstall: "release_files/post_install.sh" dockers: - image_templates: - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 + - wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 goarch: amd64 use_buildx: true dockerfile: Dockerfile @@ -43,7 +43,7 @@ dockers: - "--label=org.opencontainers.image.version={{.Version}}" - "--label=maintainer=wiretrustee@wiretrustee.com" - image_templates: - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 + - wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 goarch: arm64 use_buildx: true dockerfile: Dockerfile @@ -57,12 +57,12 @@ dockers: - "--label=maintainer=wiretrustee@wiretrustee.com" docker_manifests: - - name_template: ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }} + - name_template: wiretrustee/wiretrustee:signal-{{ .Version }} image_templates: - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 + - wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 + - wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 - - name_template: ghcr.io/wiretrustee/wiretrustee:signal-latest + - name_template: wiretrustee/wiretrustee:signal-latest image_templates: - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 - - ghcr.io/wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 \ No newline at end of file + - wiretrustee/wiretrustee:signal-{{ .Version }}-arm64v8 + - wiretrustee/wiretrustee:signal-{{ .Version }}-amd64 \ No newline at end of file From a9d3ce227a685e6665f9e2073e70ea9377f4fb90 Mon Sep 17 00:00:00 2001 From: mlsmaycon Date: Sat, 15 May 2021 11:58:59 +0500 Subject: [PATCH 4/4] updated doc with docker hub registry --- README.md | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 16ae66e3813..886da8ac16d 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ A WireGuard®-based mesh network that connects your devices into a single privat ### A bit on Wiretrustee internals * Wiretrustee uses WebRTC ICE implemented in [pion/ice library](https://github.com/pion/ice) to discover connection candidates when establishing a peer-to-peer connection between devices. * A connection session negotiation between peers is achieved with the Wiretrustee Signalling server [signal](signal/) -* Contents of the messages sent between peers through the signalling server are encrypted with Wireguard keys, making it impossible to inspect them. +* Contents of the messages sent between peers through the signaling server are encrypted with Wireguard keys, making it impossible to inspect them. The routing of the messages on a Signalling server is based on public Wireguard keys. -* Occasionally, the NAT-traversal is unsuccessful due to strict NATs (e.g. mobile carrier grade NAT). +* Occasionally, the NAT-traversal is unsuccessful due to strict NATs (e.g. mobile carrier-grade NAT). For that matter, there is support for a relay server fallback (TURN) and a secure Wireguard tunnel is established via TURN server. [Coturn](https://github.com/coturn/coturn) is the one that has been successfully used for STUN and TURN in Wiretrustee setups. @@ -63,14 +63,20 @@ sudo systemctl restart wiretrustee.service sudo systemctl status wiretrustee.service ``` ### Running the Signal service -We have packed the signal into docker images. You can pull the images from the Github registry and execute it with the following commands: +After installing the application, you can run the signal using the command below: ````shell -docker pull ghcr.io/wiretrustee/wiretrustee:signal-latest -docker run -d --name wiretrustee-signal -p 10000:10000 ghcr.io/wiretrustee/wiretrustee:signal-latest +/usr/local/bin/wiretrustee signal --log-level INFO +```` +This will launch the signal service on port 10000, in case you want to change the port, use the flag --port. +#### Docker image +We have packed the signal into docker images. You can pull the images from the Docker Hub and execute it with the following commands: +````shell +docker pull wiretrustee/wiretrustee:signal-latest +docker run -d --name wiretrustee-signal -p 10000:10000 wiretrustee/wiretrustee:signal-latest ```` The default log-level is set to INFO, if you need you can change it using by updating the docker cmd as followed: ````shell -docker run -d --name wiretrustee-signal -p 10000:10000 ghcr.io/wiretrustee/wiretrustee:signal-latest --log-level DEBUG +docker run -d --name wiretrustee-signal -p 10000:10000 wiretrustee/wiretrustee:signal-latest --log-level DEBUG ```` ### Roadmap * Android app