KiriVPN is a self-hosted, full-stack WireGuard VPN service built from scratch. It's not a wrapper around an existing product — it's a complete system with its own API backend, user auth, server management, and clients for every major platform.
WireGuard itself is just a kernel tunnel; KiriVPN is the everything-around-it: account management, server selection, config generation, and one-click connect across desktop, mobile, and NAS appliances.
Laravel (PHP) REST API. Handles login, OAuth, server management, WireGuard config generation.
Shell-script server management layer. Generates client keys, allocates IPs, manages WireGuard peers.
Electron app for Windows & Linux. Server list, connect/disconnect, auto-connect on startup.
Native Android app with Google OAuth, server browser, and persistent connection management.
Docker container packaged as a TrueNAS SCALE app. Web UI on port 8080 with auto-login support.
The TrueNAS client is the most documented component — it ships as a Docker image and can be deployed as a custom app on TrueNAS SCALE in a few minutes. It requires NET_ADMIN, SYS_MODULE capabilities and /dev/net/tun. Supports auto-login and auto-connect via environment variables.