Secure remote access gateway for Raspberry Pi. SSH + VPN setup in under 10 minutes.

Pi Gateway transforms your Raspberry Pi into a secure remote access gateway with hardened SSH, WireGuard VPN, and firewall protection. Simple, focused, and production-ready.

Pi Gateway is for you if:

• You want SSH hardening, VPN, and firewall configured together as a single setup
• You prefer an opinionated, tested configuration over assembling pieces yourself
• You want dry-run mode to preview changes before they touch your system

Consider alternatives if:

• You only need a VPN — PiVPN is simpler for WireGuard-only setups
• You want fine-grained control over every setting — manual setup gives you that
• You're running on non-Raspberry Pi hardware — this project targets Pi OS specifically

curl -sSL https://raw.githubusercontent.com/1mb-dev/pi-gateway/main/scripts/quick-install.sh | bash

# Clone the repository
git clone https://github.com/1mb-dev/pi-gateway.git
cd pi-gateway

# Check system requirements
make check

# Run the setup (on your Raspberry Pi)
make setup

curl -sSL https://raw.githubusercontent.com/1mb-dev/pi-gateway/main/scripts/quick-install.sh | bash -s -- --interactive

Core Security:

• SSH hardening with key-based authentication and fail2ban
• WireGuard VPN server with client management
• Firewall configuration (UFW) with secure defaults
• System security hardening

Optional Components:

• Remote desktop access (VNC)
• Dynamic DNS integration
• Custom port configuration

Quality:

• Dry-run mode for safe testing
• Docker and QEMU-based integration testing

• Raspberry Pi 500 (or compatible Pi 4/5)
• Raspberry Pi OS (Lite or Desktop)
• 32GB+ MicroSD card
• Reliable power supply & network connection

• Administrator access to home router
• Dynamic DNS provider account (DuckDNS, No-IP, etc.)
• SSH client for initial access

Advanced features moved to extensions/ directory:

• Container orchestration (Docker/Podman)
• Web status dashboard
• Cloud backup integration
• Network optimization
• Automated maintenance
• System monitoring

See extensions/README.md for installation instructions.

Full documentation at 1mb-dev.github.io/pi-gateway.

• Quick Start Guide - 15-minute setup guide
• Setup Guide - Detailed installation instructions
• Deployment Guide - Production deployment

• Daily Operations - How to use installed services
• Troubleshooting - Common issues and solutions

• Extension Development - Creating custom extensions
• Security Updates - Security hardening and updates
• Technical Architecture - Technical deep dive
• Release Notes - Version history

pi-gateway/
├── setup.sh                      # Master setup script
├── scripts/                      # Modular service scripts
├── config/                       # Configuration templates
├── docs/                         # Documentation
├── extensions/                   # Optional future services
└── tests/                       # Validation scripts

make test-dry-run           # Safe dry-run testing (no system changes)
make test-unit              # BATS unit tests
make test-docker            # Docker integration tests
make test-all-integration   # Complete test suite
make lint                   # Code quality checks

For end-to-end testing with Pi simulation, see tests/docker/.

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Run make test and make validate
5. Submit a pull request

MIT License - see LICENSE file for details.

For issues and feature requests, please visit the GitHub Issues page.