chore: initial project scaffold with admin web, backend, desktop client, and deployment setup
Add monorepo structure for NexaVPN WireGuard control plane including: - .gitignore for node_modules, build artifacts, and environment files - README with project overview, monorepo layout, and quick start guide - Admin web UI with React, Vite, TypeScript, and nginx reverse proxy - API client with type definitions for users, devices, policies, gateways, and audit logs - Admin pages for dashboard, users, devices, policies, g
This commit is contained in:
60
README.md
Normal file
60
README.md
Normal file
@@ -0,0 +1,60 @@
|
||||
# NexaVPN
|
||||
|
||||
NexaVPN is a production-oriented, self-hosted WireGuard control plane for remote access.
|
||||
It combines:
|
||||
|
||||
- A Go backend and PostgreSQL control plane
|
||||
- A React admin console
|
||||
- A Tauri desktop client for Windows and macOS
|
||||
- WireGuard gateway and firewall policy enforcement
|
||||
- Docker Compose deployment assets
|
||||
|
||||
## Monorepo Layout
|
||||
|
||||
- `docs/` architecture, schema, API, and deployment design
|
||||
- `backend/` Go API, migrations, seeds, and domain services
|
||||
- `admin-web/` React + Vite admin UI
|
||||
- `desktop-client/` Tauri desktop client
|
||||
- `deploy/` Docker Compose, reverse proxy, and gateway assets
|
||||
|
||||
## Phase Status
|
||||
|
||||
This repository contains the initial production-minded MVP scaffold:
|
||||
|
||||
- Phase 1: architecture, schema, API, enrollment, provisioning, gateway design
|
||||
- Phase 2: backend scaffold, migrations, auth, CRUD, audit, profile generation
|
||||
- Phase 3: admin UI scaffold and core pages
|
||||
- Phase 4: desktop client scaffold, enrollment flow, profile provisioning abstraction
|
||||
- Phase 5: deployment assets, bootstrap scripts, and hardening notes
|
||||
|
||||
## Quick Start
|
||||
|
||||
1. Copy `deploy/.env.example` to `deploy/.env`.
|
||||
2. Review `docs/architecture.md` and `docs/deployment.md`.
|
||||
3. Start the stack with Docker Compose from `deploy/`.
|
||||
4. Open `http://localhost`.
|
||||
5. On the admin login screen, choose the bootstrap flow if this is a fresh install.
|
||||
6. Create the initial admin, then sign in.
|
||||
|
||||
## Important MVP Notes
|
||||
|
||||
- WireGuard remains the tunnel transport. NexaVPN is the control plane around it.
|
||||
- Client private keys are generated on-device and are not stored server-side.
|
||||
- Gateway-side enforcement uses nftables generated from issued policy state.
|
||||
- The Tauri client is structured around embedded tunnel management. Native system WireGuard import can be added as an optional integration later.
|
||||
- The current desktop client now performs real backend login and enrollment calls, but secure OS key storage and native tunnel activation are still the next hardening step.
|
||||
|
||||
## Local Test Flow
|
||||
|
||||
```bash
|
||||
cd deploy
|
||||
cp .env.example .env
|
||||
docker compose up --build
|
||||
```
|
||||
|
||||
Then:
|
||||
|
||||
1. Visit `http://localhost`
|
||||
2. Bootstrap the first admin account
|
||||
3. Create a user or use the desktop client against `http://localhost`
|
||||
4. Sign in from the NexaVPN desktop app with that user
|
||||
Reference in New Issue
Block a user