How to automate users management in Wireguard

Introduction to Asteroid, Dailymotion’s open-source application

Ben
Ben
Jul 2 · 3 min read
Image for post
Image for post

ur philosophy at Dailymotion is that if nothing fits our technical needs, we’ll create it. That’s why we developed Asteroid, our home-made open-source application to easily manage our Wireguard server. The app is written in Go and has greatly improved our efficiency when adding and removing access to our infrastructure.

When I joined the Dailymotion Ad-tech team, a VPN was almost always required to access infrastructure resources, and for this we were using OpenVPN. Out of curiousity, we decided to trial Wireguard. We quickly saw many benefits, including but not limited to: reduced latency, improved performances and an easier and faster setup.

After this initial testing phase, we started adding more and more people to the system. Unhappy with the need to manually add and remove users, we searched far and wide but were unable to find a tool to automate this aspect of the Wireguard server management.

Asteroid, our app created with Go

We wanted an application that allows us to easily add, remove and view peers on our Wireguard server. We chose the Go programming language as it has a small footprint and is easy to deploy as a single binary.

While implementing the ssh connection with Wireguard, we faced some issues with shell escape sequences. They look something like:

\e[0; 33m 

They are used for coloring the output on our remote systems. They’re easy to overlook because your local shell might also hide them.

Adding a new peer or user with Asteroid

Here’s how Asteroid works; to add a new peer or user, we just run these commands:

$ asteroid add -address=”172.16.0.7/32" -key 
“eXaMPL3Ave8q+kmNVmiw4KdKiXc//M0EGOY6K9C14nw
Image for post
Image for post

Removing a peer or user with Asteroid

Removing a peer or user is also extremely simple:

$ asteroid delete -key “eXaMPL3Ave8q+kmNVmiw4KdKiXc//M0EGOY6K9C14nw
Image for post
Image for post

Viewing peers or users added to the server with Asteroid

To view peers or users added to the server, we use the view command:

$ asteroid view
Image for post
Image for post

The help command

The “help” command is very useful to check what each command does or which arguments to give:

$ asteroid -h
Image for post
Image for post

Why we chose to go for open source

Wireguard was built as an open-source component to improve upon the OpenVPN status-quo. We’re happy to have switched to this new alternative and open-sourcing our Asteroid tool is a way of giving back to the open-source community. In the coming weeks, we’re thinking of adding a way to batch adding and removing users.

If you want to try it out and contribute, please visit: https://github.com/dailymotion/asteroid

Dailymotion

The home for videos that matter

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store