[zeotroph]

"Numerous others" which also support MFA, have some (Web)-UI and are also open source? I only know of DefGuard[1], which aspires to do a lot more.

1: https://github.com/DefGuard/defguard discussed at https://news.ycombinator.com/item?id=36056080

[aragilar]

https://github.com/netbirdio/netbird seems to be completely open source (BSD), https://github.com/gravitl/netmaker?tab=License-1-ov-file#re... uses Apache for the non-pro stuff, and both of those I found by simply looking at https://github.com/topics/wireguard

This is why I asked, the phrase "I decided to reinvent the wheel which has honestly been quite fun with learning about eBPF, and recently clustering and HA with etcd" makes it sound like it's doing a bunch of cool stuff (which I want to hear about!), but the readme says nothing about those.

[Nullence]

Ah the readme is definitely more geared to "how can I use this" rather than "how does this work.

Primarily because I want people to have a reasonably good time setting it up, rather than having to go through my explanation on things!

[Nullence]

Man Deguard definitely looks slick and the UI looks really nice!

I'd be super interested to know how they track "session state" as their do seem to rely very heavily on adding proxies and other additional software layers in front of the wireguard connection itself (https://defguard.gitbook.io/defguard/admin-and-features/wire...)

With wag specifically it's all just wireguard and a tiny bit of ebpf to do the management, along with tracking the external IP to determine if its time to re-challenge a user.