WIP: more proper logging

opnsense: sanitize usernames for creating peers
connections page: update API, combine opnsense data with db data
2025-01-09 15:01:03 -08:00 · 2025-01-09 14:44:48 -08:00 · 2025-01-07 19:03:54 -08:00 · 2025-01-07 17:58:31 -08:00 · 2025-01-07 16:22:43 -08:00 · 2025-01-01 21:48:34 -08:00
91 changed files with 1726 additions and 929 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,33 @@
+node_modules
+
+# Output
+.output
+.vercel
+/.svelte-kit
+/build
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Env
+.env
+.env.*
+!.env.example
+!.env.test
+
+# Vite
+vite.config.js.timestamp-*
+vite.config.ts.timestamp-*
+
+# SQLite
+*.db
+
+# Git
+/.git
+
+# IntelliJ
+/.idea
+
+# Bruno (API Docs)
+/bruno
--- a/.env.example
+++ b/.env.example
@@ -2,9 +2,8 @@ DATABASE_URL=file:local.db
 AUTH_DOMAIN=auth.lab.cazzzer.com
 AUTH_CLIENT_ID=
 AUTH_CLIENT_SECRET=
-AUTH_REDIRECT_URI=http://localhost:5173/auth/authentik/callback

-OPNSENSE_API_URL=https://opnsense.home
+OPNSENSE_API_URL=https://opnsense.cazzzer.com
 OPNSENSE_API_KEY=
 OPNSENSE_API_SECRET=
 OPNSENSE_WG_IFNAME=wg2
@@ -16,3 +15,5 @@ IP_MAX_INDEX=100
 VPN_ENDPOINT=vpn.lab.cazzzer.com:51820
 VPN_DNS=10.18.11.1,fd00:10:18:11::1
 MAX_CLIENTS_PER_USER=20
+
+ORIGIN=http://localhost:5173
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1 @@
+*.mp4 filter=lfs diff=lfs merge=lfs -text
--- a/.idea/codeStyles/Project.xml
+++ b/.idea/codeStyles/Project.xml
@@ -9,7 +9,7 @@
      <option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
      <option name="USE_DOUBLE_QUOTES" value="false" />
      <option name="FORCE_QUOTE_STYlE" value="true" />
-      <option name="ENFORCE_TRAILING_COMMA" value="WhenMultiline" />
+      <option name="ENFORCE_TRAILING_COMMA" value="Remove" />
      <option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
      <option name="SPACES_WITHIN_IMPORTS" value="true" />
    </JSCodeStyleSettings>
@@ -120,7 +120,7 @@
      <option name="SPACE_BEFORE_FUNCTION_LEFT_PARENTH" value="false" />
      <option name="USE_DOUBLE_QUOTES" value="false" />
      <option name="FORCE_QUOTE_STYlE" value="true" />
-      <option name="ENFORCE_TRAILING_COMMA" value="WhenMultiline" />
+      <option name="ENFORCE_TRAILING_COMMA" value="Remove" />
      <option name="SPACES_WITHIN_OBJECT_LITERAL_BRACES" value="true" />
      <option name="SPACES_WITHIN_IMPORTS" value="true" />
    </TypeScriptCodeStyleSettings>
--- a/45
+++ b/45
@@ -0,0 +1,45 @@
+# use the official Bun image
+# see all versions at https://hub.docker.com/r/oven/bun/tags
+FROM oven/bun:1-alpine AS base
+WORKDIR /app
+COPY package.json bun.lockb /app/
+
+# install dependencies into temp directory
+# this will cache them and speed up future builds
+FROM base AS install
+RUN mkdir -p /temp/dev
+COPY package.json bun.lockb /temp/dev/
+RUN cd /temp/dev && bun install --frozen-lockfile
+
+# install with --production (exclude devDependencies)
+RUN mkdir -p /temp/prod
+COPY package.json bun.lockb /temp/prod/
+RUN cd /temp/prod && bun install --frozen-lockfile --production
+
+# copy node_modules from temp directory
+# then copy all (non-ignored) project files into the image
+FROM base AS builder
+COPY --from=install /temp/dev/node_modules /app/node_modules
+COPY . /app
+RUN bun run build
+
+FROM base
+# Metadata
+LABEL org.opencontainers.image.title="VPGen"
+LABEL org.opencontainers.image.description="A VPN config generator built with SvelteKit."
+LABEL org.opencontainers.image.url="https://gitea.cazzzer.com/CaZzzer/vpgen"
+LABEL org.opencontainers.image.source="https://gitea.cazzzer.com/CaZzzer/vpgen"
+LABEL org.opencontainers.image.version="0.1"
+
+COPY ./entrypoint.sh /entrypoint.sh
+COPY --from=install /temp/prod/node_modules /app/node_modules
+COPY --from=builder /app/build /app/build
+COPY --from=builder /app/drizzle /app/drizzle
+COPY --from=builder /app/drizzle.config.ts /app/
+
+EXPOSE 3000
+
+# entrypoint for drizzle migrations
+ENTRYPOINT ["sh", "/entrypoint.sh"]
+
+CMD ["bun", "./build"]
--- a/README.md
+++ b/README.md
@@ -36,3 +36,5 @@ npm run build
 You can preview the production build with `npm run preview`.

 > To deploy your app, you may need to install an [adapter](https://svelte.dev/docs/kit/adapters) for your target environment.
+
+When deploying, set `ORIGIN` to the URL of your site to prevent cross-site request errors.
--- a/bun.lockb
+++ b/bun.lockb
--- a/bunfig.toml
+++ b/bunfig.toml
@@ -0,0 +1 @@
+logLevel = "info"
--- a/components.json
+++ b/components.json
@@ -1,5 +1,5 @@
 {
-	"$schema": "https://shadcn-svelte.com/schema.json",
+	"$schema": "https://next.shadcn-svelte.com/schema.json",
 	"style": "default",
 	"tailwind": {
 		"config": "tailwind.config.ts",
@@ -8,7 +8,10 @@
 	},
 	"aliases": {
 		"components": "$lib/components",
-		"utils": "$lib/utils"
+		"utils": "$lib/utils",
+		"ui": "$lib/components/ui",
+		"hooks": "$lib/hooks"
 	},
-	"typescript": true
+	"typescript": true,
+	"registry": "https://next.shadcn-svelte.com/registry"
 }
--- a/drizzle/0000_fair_tarantula.sql
+++ b/drizzle/0000_fair_tarantula.sql
@@ -1,10 +1,22 @@
-CREATE TABLE `ip_allocations` (
+CREATE TABLE `devices` (
 	`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
-	`client_id` integer,
-	FOREIGN KEY (`client_id`) REFERENCES `wg_clients`(`id`) ON UPDATE no action ON DELETE set null
+	`user_id` text NOT NULL,
+	`name` text NOT NULL,
+	`opnsense_id` text,
+	`public_key` text NOT NULL,
+	`private_key` text,
+	`pre_shared_key` text,
+	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE no action
 );
 --> statement-breakpoint
-CREATE UNIQUE INDEX `ip_allocations_client_id_unique` ON `ip_allocations` (`client_id`);--> statement-breakpoint
+CREATE UNIQUE INDEX `devices_public_key_unique` ON `devices` (`public_key`);--> statement-breakpoint
+CREATE TABLE `ip_allocations` (
+	`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+	`device_id` integer,
+	FOREIGN KEY (`device_id`) REFERENCES `devices`(`id`) ON UPDATE no action ON DELETE set null
+);
+--> statement-breakpoint
+CREATE UNIQUE INDEX `ip_allocations_device_id_unique` ON `ip_allocations` (`device_id`);--> statement-breakpoint
 CREATE TABLE `sessions` (
 	`id` text PRIMARY KEY NOT NULL,
 	`user_id` text NOT NULL,
@@ -17,16 +29,3 @@ CREATE TABLE `users` (
 	`username` text NOT NULL,
 	`name` text NOT NULL
 );
--> statement-breakpoint
-CREATE TABLE `wg_clients` (
-	`id` integer PRIMARY KEY AUTOINCREMENT NOT NULL,
-	`user_id` text NOT NULL,
-	`name` text NOT NULL,
-	`opnsense_id` text,
-	`public_key` text NOT NULL,
-	`private_key` text,
-	`pre_shared_key` text,
-	FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON UPDATE no action ON DELETE no action
-);
--> statement-breakpoint
-CREATE UNIQUE INDEX `wg_clients_public_key_unique` ON `wg_clients` (`public_key`);
--- a/drizzle/meta/0000_snapshot.json
+++ b/drizzle/meta/0000_snapshot.json
@@ -1,9 +1,90 @@
 {
  "version": "6",
  "dialect": "sqlite",
-  "id": "29e6fd88-fa47-4f79-ad83-c52538bc36a6",
+  "id": "48b7ce55-58f1-4b97-a144-ca733576dba6",
  "prevId": "00000000-0000-0000-0000-000000000000",
  "tables": {
+    "devices": {
+      "name": "devices",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "integer",
+          "primaryKey": true,
+          "notNull": true,
+          "autoincrement": true
+        },
+        "user_id": {
+          "name": "user_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "name": {
+          "name": "name",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "opnsense_id": {
+          "name": "opnsense_id",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "public_key": {
+          "name": "public_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true,
+          "autoincrement": false
+        },
+        "private_key": {
+          "name": "private_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        },
+        "pre_shared_key": {
+          "name": "pre_shared_key",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false,
+          "autoincrement": false
+        }
+      },
+      "indexes": {
+        "devices_public_key_unique": {
+          "name": "devices_public_key_unique",
+          "columns": [
+            "public_key"
+          ],
+          "isUnique": true
+        }
+      },
+      "foreignKeys": {
+        "devices_user_id_users_id_fk": {
+          "name": "devices_user_id_users_id_fk",
+          "tableFrom": "devices",
+          "tableTo": "users",
+          "columnsFrom": [
+            "user_id"
+          ],
+          "columnsTo": [
+            "id"
+          ],
+          "onDelete": "no action",
+          "onUpdate": "no action"
+        }
+      },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "checkConstraints": {}
+    },
    "ip_allocations": {
      "name": "ip_allocations",
      "columns": {
@@ -14,8 +95,8 @@
          "notNull": true,
          "autoincrement": true
        },
-        "client_id": {
-          "name": "client_id",
+        "device_id": {
+          "name": "device_id",
          "type": "integer",
          "primaryKey": false,
          "notNull": false,
@@ -23,21 +104,21 @@
        }
      },
      "indexes": {
-        "ip_allocations_client_id_unique": {
-          "name": "ip_allocations_client_id_unique",
+        "ip_allocations_device_id_unique": {
+          "name": "ip_allocations_device_id_unique",
          "columns": [
-            "client_id"
+            "device_id"
          ],
          "isUnique": true
        }
      },
      "foreignKeys": {
-        "ip_allocations_client_id_wg_clients_id_fk": {
-          "name": "ip_allocations_client_id_wg_clients_id_fk",
+        "ip_allocations_device_id_devices_id_fk": {
+          "name": "ip_allocations_device_id_devices_id_fk",
          "tableFrom": "ip_allocations",
-          "tableTo": "wg_clients",
+          "tableTo": "devices",
          "columnsFrom": [
-            "client_id"
+            "device_id"
          ],
          "columnsTo": [
            "id"
@@ -125,87 +206,6 @@
      "compositePrimaryKeys": {},
      "uniqueConstraints": {},
      "checkConstraints": {}
-    },
-    "wg_clients": {
-      "name": "wg_clients",
-      "columns": {
-        "id": {
-          "name": "id",
-          "type": "integer",
-          "primaryKey": true,
-          "notNull": true,
-          "autoincrement": true
-        },
-        "user_id": {
-          "name": "user_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "name": {
-          "name": "name",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "opnsense_id": {
-          "name": "opnsense_id",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        },
-        "public_key": {
-          "name": "public_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": true,
-          "autoincrement": false
-        },
-        "private_key": {
-          "name": "private_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        },
-        "pre_shared_key": {
-          "name": "pre_shared_key",
-          "type": "text",
-          "primaryKey": false,
-          "notNull": false,
-          "autoincrement": false
-        }
-      },
-      "indexes": {
-        "wg_clients_public_key_unique": {
-          "name": "wg_clients_public_key_unique",
-          "columns": [
-            "public_key"
-          ],
-          "isUnique": true
-        }
-      },
-      "foreignKeys": {
-        "wg_clients_user_id_users_id_fk": {
-          "name": "wg_clients_user_id_users_id_fk",
-          "tableFrom": "wg_clients",
-          "tableTo": "users",
-          "columnsFrom": [
-            "user_id"
-          ],
-          "columnsTo": [
-            "id"
-          ],
-          "onDelete": "no action",
-          "onUpdate": "no action"
-        }
-      },
-      "compositePrimaryKeys": {},
-      "uniqueConstraints": {},
-      "checkConstraints": {}
    }
  },
  "views": {},
--- a/drizzle/meta/_journal.json
+++ b/drizzle/meta/_journal.json
@@ -5,8 +5,8 @@
    {
      "idx": 0,
      "version": "6",
-      "when": 1735028333867,
-      "tag": "0000_young_wong",
+      "when": 1736295566569,
+      "tag": "0000_fair_tarantula",
      "breakpoints": true
    }
  ]
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+# Run database migrations
+bun run db:migrate
+
+# Execute the CMD passed to the container
+exec "$@"
--- a/package.json
+++ b/package.json
@@ -17,43 +17,45 @@
 		"db:seed": "bun run ./src/lib/server/db/seed.ts"
 	},
 	"devDependencies": {
-		"@sveltejs/adapter-auto": "^3.0.0",
-		"@sveltejs/kit": "^2.0.0",
-		"@sveltejs/vite-plugin-svelte": "^4.0.0",
+		"@oslojs/crypto": "^1.0.1",
+		"@oslojs/encoding": "^1.1.0",
+		"@sveltejs/adapter-auto": "^3.3.1",
+		"@sveltejs/adapter-node": "^5.2.11",
+		"@sveltejs/kit": "^2.15.0",
+		"@sveltejs/vite-plugin-svelte": "^5.0.3",
 		"@tailwindcss/container-queries": "^0.1.1",
 		"@tailwindcss/forms": "^0.5.9",
 		"@tailwindcss/typography": "^0.5.15",
-		"@types/better-sqlite3": "^7.6.11",
-		"@types/eslint": "^9.6.0",
+		"@types/better-sqlite3": "^7.6.12",
+		"@types/eslint": "^9.6.1",
 		"@types/qrcode-svg": "^1.1.5",
+		"arctic": "^2.3.3",
 		"autoprefixer": "^10.4.20",
-		"bits-ui": "^0.21.16",
+		"bits-ui": "^0.22.0",
 		"clsx": "^2.1.1",
-		"drizzle-kit": "^0.30.1",
-		"eslint": "^9.7.0",
+		"eslint": "^9.17.0",
 		"eslint-config-prettier": "^9.1.0",
-		"eslint-plugin-svelte": "^2.36.0",
-		"globals": "^15.0.0",
-		"prettier": "^3.3.2",
-		"prettier-plugin-svelte": "^3.2.6",
-		"prettier-plugin-tailwindcss": "^0.6.5",
-		"svelte": "^5.0.0",
-		"svelte-check": "^4.0.0",
-		"tailwind-merge": "^2.5.4",
-		"tailwind-variants": "^0.2.1",
-		"tailwindcss": "^3.4.9",
-		"typescript": "^5.0.0",
-		"typescript-eslint": "^8.0.0",
-		"vite": "^5.0.3"
+		"eslint-plugin-svelte": "^2.46.1",
+		"globals": "^15.14.0",
+		"ip-address": "^10.0.1",
+		"lucide-svelte": "^0.469.0",
+		"prettier": "^3.4.2",
+		"prettier-plugin-svelte": "^3.3.2",
+		"prettier-plugin-tailwindcss": "^0.6.9",
+		"qrcode-svg": "^1.1.0",
+		"svelte": "^5.16.0",
+		"svelte-check": "^4.1.1",
+		"tailwind-merge": "^2.6.0",
+		"tailwind-variants": "^0.3.0",
+		"tailwindcss": "^3.4.17",
+		"tailwindcss-animate": "^1.0.7",
+		"typescript": "^5.7.2",
+		"typescript-eslint": "^8.18.2",
+		"vite": "^6.0.6"
 	},
 	"dependencies": {
 		"@libsql/client": "^0.14.0",
-		"@oslojs/crypto": "^1.0.1",
-		"@oslojs/encoding": "^1.1.0",
-		"arctic": "^2.2.1",
-		"drizzle-orm": "^0.38.2",
-		"ip-address": "^10.0.1",
-		"lucide-svelte": "^0.454.0",
-		"qrcode-svg": "^1.1.0"
+		"drizzle-kit": "^0.30.1",
+		"drizzle-orm": "^0.38.3"
 	}
 }
--- a/src/app.css
+++ b/src/app.css
@@ -26,6 +26,7 @@
 		--secondary-foreground: 222.2 47.4% 11.2%;

 		--accent: 210 26% 86%;
+		--accent-light: 210 26% 86%;
 		--accent-foreground: 222.2 47.4% 11.2%;

 		--destructive: 0 72.2% 50.6%;
@@ -34,6 +35,17 @@
 		--ring: 222.2 84% 4.9%;

 		--radius: 0.5rem;
+
+		--sidebar-background: 0 0% 98%;
+		--sidebar-foreground: 240 5.3% 26.1%;
+		--sidebar-primary: 240 5.9% 10%;
+		--sidebar-primary-foreground: 0 0% 98%;
+		--sidebar-accent: 240 4.8% 95.9%;
+		--sidebar-accent-foreground: 240 5.9% 10%;
+		--sidebar-border: 220 13% 91%;
+		--sidebar-ring: 217.2 91.2% 59.8%;
+
+		--surface: 210 26% 76%;
 	}

 	@media (prefers-color-scheme: dark) {
@@ -66,6 +78,17 @@
 			--destructive-foreground: 210 40% 90%;

 			--ring: 212.7 26.8% 83.9%;
+
+			--sidebar-background: 240 5.9% 10%;
+			--sidebar-foreground: 240 4.8% 95.9%;
+			--sidebar-primary: 224.3 76.3% 48%;
+			--sidebar-primary-foreground: 0 0% 100%;
+			--sidebar-accent: 240 3.7% 15.9%;
+			--sidebar-accent-foreground: 240 4.8% 95.9%;
+			--sidebar-border: 240 3.7% 15.9%;
+			--sidebar-ring: 217.2 91.2% 59.8%;
+
+			--surface: 217.2 40.6% 11.5%;
 		}
 	}
 }
@@ -78,4 +101,12 @@
 	body {
 		@apply bg-background text-foreground;
 	}
+
+	ol > li {
+		@apply flex flex-wrap gap-x-2;
+		counter-increment: counterName;
+	}
+	ol > li:before {
+		content: counter(counterName) '.';
+	}
 }
--- a/src/app.html
+++ b/src/app.html
@@ -6,7 +6,10 @@
 		<meta name="viewport" content="width=device-width, initial-scale=1" />
 		%sveltekit.head%
 	</head>
-	<body data-sveltekit-preload-data="hover">
-		<div class="flex flex-col min-h-screen">%sveltekit.body%</div>
+	<body
+		data-sveltekit-preload-data="hover"
+		class="flex min-h-screen flex-col items-center gap-8 p-4 max-sm:px-2"
+	>
+		%sveltekit.body%
 	</body>
 </html>
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,7 +1,11 @@
 import { type Handle, redirect } from '@sveltejs/kit';
+import { sequence } from '@sveltejs/kit/hooks';
 import { dev } from '$app/environment';
 import * as auth from '$lib/server/auth';
-import { sequence } from '@sveltejs/kit/hooks';
+import { fetchOpnsenseServer } from '$lib/server/opnsense';
+
+// fetch opnsense server info on startup
+await fetchOpnsenseServer();

 const handleAuth: Handle = async ({ event, resolve }) => {
 	const sessionId = event.cookies.get(auth.sessionCookieName);
@@ -35,7 +39,7 @@ const authRequired = [
 	/^\/api/,
 	/^\/user/,
 	/^\/connections/,
-	/^\/clients/,
+	/^\/devices/,
 ];
 const handleProtectedPaths: Handle = ({ event, resolve }) => {
 	const isProtected = authRequired.some((re) => re.test(event.url.pathname));
--- a/src/lib/assets/GetItOnGooglePlay_Badge_Web_color_English.png
+++ b/src/lib/assets/GetItOnGooglePlay_Badge_Web_color_English.png
--- a/src/lib/assets/guide-android.mp4
+++ b/src/lib/assets/guide-android.mp4
--- a/src/lib/clients.ts
+++ b/src/lib/clients.ts
@@ -1,33 +0,0 @@
-import type { ClientDetails } from '$lib/types/clients';
-
-/**
- * Convert client details to WireGuard configuration.
- *
- * ```conf
- * [Interface]
- * PrivateKey = wPa07zR0H4wYoc1ljfeiqlSbR8Z28pPc6jplwE7zPms=
- * Address = 10.18.11.100/32,fd00::1/128
- * DNS = 10.18.11.1,fd00::0
- *
- * [Peer]
- * PublicKey = BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=
- * PresharedKey = uhZUVqXKF0oayP0BS6yPu6Gepgh68Nz9prtbE5Cuok0=
- * Endpoint = vpn.lab.cazzzer.com:51820
- * AllowedIPs = 0.0.0.0/0,::/0
- * ```
- * @param client
- */
-export function clientDetailsToConfig(client: ClientDetails): string {
-	return `\
-[Interface]
-PrivateKey = ${client.privateKey}
-Address = ${client.ips.join(', ')}
-DNS = ${client.vpnDns}
-
-[Peer]
-PublicKey = ${client.vpnPublicKey}
-PresharedKey = ${client.preSharedKey}
-Endpoint = ${client.vpnEndpoint}
-AllowedIPs = 0.0.0.0/0,::/0
-`;
-}
--- a/src/lib/components/app/auth-form/auth-form.svelte
+++ b/src/lib/components/app/auth-form/auth-form.svelte
@@ -1,20 +1,29 @@
 <script lang="ts">
 	import { LucideLoaderCircle } from 'lucide-svelte';
-	import { Button } from "$lib/components/ui/button";
-	import { cn } from "$lib/utils.js";
+	import { Button } from '$lib/components/ui/button';
+	import { cn } from '$lib/utils.js';

-	let { class: className, ...rest }: {class: string | undefined | null, rest: { [p: string]: unknown }} = $props();
+	let { class: className, ...rest }: { class?: string; rest?: { [p: string]: unknown } } = $props();

 	let isLoading = $state(false);
 </script>

-<div class={cn("grid gap-6", className)} {...rest}>
+<div class={cn('flex gap-6', className)} {...rest}>
 	<form method="get" action="/auth/authentik">
-		<Button type="submit" onclick={() => {isLoading=true}}>
+		<Button
+			type="submit"
+			onclick={() => {
+				isLoading = true;
+			}}
+		>
 			{#if isLoading}
 				<LucideLoaderCircle class="mr-2 h-4 w-4 animate-spin" />
 			{:else}
-				<img class="mr-2 h-4 w-4" alt="Authentik Logo" src="https://auth.cazzzer.com/static/dist/assets/icons/icon.svg" />
+				<img
+					class="mr-2 h-4 w-4"
+					alt="Authentik Logo"
+					src="https://auth.cazzzer.com/static/dist/assets/icons/icon.svg"
+				/>
 			{/if}
 			Sign in with Authentik
 		</Button>
--- a/src/lib/components/app/code-snippet/code-snippet.svelte
+++ b/src/lib/components/app/code-snippet/code-snippet.svelte
@@ -0,0 +1,74 @@
+<script lang="ts">
+	import { Button } from '$lib/components/ui/button';
+	import { LucideClipboardCopy, LucideDownload } from 'lucide-svelte';
+
+	const {
+		data,
+		filename,
+		copy,
+		download,
+	}: {
+		data: string;
+		filename?: string;
+		copy?: boolean;
+		download?: boolean;
+	} = $props();
+
+	let wasCopied = $state(false);
+
+	const roundedPre = copy || download ? 'rounded-b-lg' : 'rounded-lg';
+
+	async function copyToClipboard() {
+		await navigator.clipboard.writeText(data);
+		wasCopied = true;
+	}
+</script>
+
+<div class="flex max-w-full flex-grow flex-col rounded-lg bg-accent">
+	{#if copy || download}
+		<!--Copy and download buttons-->
+		<div class="b flex flex-wrap items-center justify-between gap-4 rounded-t-lg p-2">
+			Configuration
+			<div class="flex gap-2">
+				{#if copy}
+					<Button
+						class="action-button group"
+						onclick={copyToClipboard}
+						onmouseleave={() => (wasCopied = false)}
+					>
+						<LucideClipboardCopy />
+						<span class="group-hover:block">
+							{wasCopied ? 'Copied' : 'Copy to clipboard'}
+						</span>
+					</Button>
+				{/if}
+
+				{#if download}
+					<a
+						class="contents"
+						href={`data:application/octet-stream;charset=utf-8,${encodeURIComponent(data)}`}
+						download={filename}
+					>
+						<Button class="action-button group">
+							<LucideDownload />
+							<span class="group-hover:block">Download</span>
+						</Button>
+					</a>
+				{/if}
+			</div>
+		</div>
+	{/if}
+	<div class="bg-surface flex items-start overflow-x-auto {roundedPre} p-2">
+		<pre><code>{data}</code></pre>
+	</div>
+</div>
+
+<style>
+	:global(.action-button) {
+		@apply relative size-auto p-2;
+	}
+
+	:global(.action-button > span) {
+		@apply absolute bottom-full mb-3 hidden rounded-lg bg-muted p-2 text-xs text-foreground;
+	}
+</style>
--- a/src/lib/components/app/code-snippet/index.ts
+++ b/src/lib/components/app/code-snippet/index.ts
@@ -0,0 +1,7 @@
+import Root from "./code-snippet.svelte";
+
+export {
+	Root,
+	//
+	Root as CodeSnippet,
+};
--- a/src/lib/components/app/wireguard-guide/index.ts
+++ b/src/lib/components/app/wireguard-guide/index.ts
@@ -0,0 +1,5 @@
+import WireguardGuide from "./wireguard-guide.svelte";
+
+export {
+	WireguardGuide
+};
--- a/src/lib/components/app/wireguard-guide/wireguard-guide.svelte
+++ b/src/lib/components/app/wireguard-guide/wireguard-guide.svelte
@@ -0,0 +1,85 @@
+<script lang="ts">
+	import * as Tabs from '$lib/components/ui/tabs';
+	import * as Card from '$lib/components/ui/card';
+	import getItOnGooglePlay from '$lib/assets/GetItOnGooglePlay_Badge_Web_color_English.png';
+	import guideVideoAndroid from '$lib/assets/guide-android.mp4';
+</script>
+
+<Tabs.Root value="android">
+	<Tabs.List class="grid w-full grid-cols-3">
+		<Tabs.Trigger value="android">Android</Tabs.Trigger>
+		<Tabs.Trigger value="windows">Windows</Tabs.Trigger>
+		<Tabs.Trigger value="other">Other</Tabs.Trigger>
+	</Tabs.List>
+	<Tabs.Content value="android">
+		<Card.Root>
+			<Card.Header class="max-sm:px-4 max-sm:pt-4">
+				<Card.Title>WireGuard on Android</Card.Title>
+			</Card.Header>
+			<Card.Content class="max-sm:p-4">
+				<ol class="flex flex-col gap-2">
+					<li>
+						<div class="flex flex-col gap-2">
+							Install the WireGuard app
+							<a
+								class="contents"
+								href="https://play.google.com/store/apps/details?id=com.wireguard.android"
+								target="_blank"
+								rel="noopener noreferrer"
+							>
+								<img class="size-min" alt="Get it on google play" src={getItOnGooglePlay} />
+							</a>
+						</div>
+					</li>
+					<li>
+						<div class="flex flex-col gap-2">
+							<p>Download the configuration file and import it</p>
+							<aside>Alternatively, you can scan the QR code with the WireGuard app</aside>
+							<video autoplay loop controls muted preload="metadata" class="max-h-screen">
+								<source src={guideVideoAndroid} type="video/mp4" />
+							</video>
+						</div>
+					</li>
+				</ol>
+			</Card.Content>
+		</Card.Root>
+	</Tabs.Content>
+	<Tabs.Content value="windows">
+		<Card.Root>
+			<Card.Header>
+				<Card.Title>WireGuard on Windows</Card.Title>
+			</Card.Header>
+			<Card.Content>
+				<p>
+					<a
+						class="underline"
+						href="https://download.wireguard.com/windows-client/wireguard-installer.exe"
+						target="_blank"
+						rel="noopener noreferrer"
+					>
+						Download WireGuard
+					</a>
+				</p>
+			</Card.Content>
+		</Card.Root>
+	</Tabs.Content>
+	<Tabs.Content value="other">
+		<Card.Root>
+			<Card.Header>
+				<Card.Title>WireGuard on Other Platforms</Card.Title>
+			</Card.Header>
+			<Card.Content>
+				<p>
+					You can download the WireGuard client from the <a
+						class="underline"
+						href="https://www.wireguard.com/install/"
+						target="_blank"
+						rel="noopener noreferrer"
+					>
+						official website
+					</a>.
+				</p>
+			</Card.Content>
+		</Card.Root>
+	</Tabs.Content>
+</Tabs.Root>
--- a/src/lib/components/ui/badge/badge.svelte
+++ b/src/lib/components/ui/badge/badge.svelte
@@ -1,18 +1,50 @@
+<script lang="ts" module>
+	import { type VariantProps, tv } from "tailwind-variants";
+
+	export const badgeVariants = tv({
+		base: "focus:ring-ring inline-flex items-center rounded-full border px-2.5 py-0.5 text-xs font-semibold transition-colors focus:outline-none focus:ring-2 focus:ring-offset-2",
+		variants: {
+			variant: {
+				default:
+					"bg-primary text-primary-foreground hover:bg-primary/80 border-transparent",
+				secondary:
+					"bg-secondary text-secondary-foreground hover:bg-secondary/80 border-transparent",
+				destructive:
+					"bg-destructive text-destructive-foreground hover:bg-destructive/80 border-transparent",
+				outline: "text-foreground",
+			},
+		},
+		defaultVariants: {
+			variant: "default",
+		},
+	});
+
+	export type BadgeVariant = VariantProps<typeof badgeVariants>["variant"];
+</script>
+
 <script lang="ts">
-	import { type Variant, badgeVariants } from "./index.js";
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAnchorAttributes } from "svelte/elements";
 	import { cn } from "$lib/utils.js";

-	let className: string | undefined | null = undefined;
-	export let href: string | undefined = undefined;
-	export let variant: Variant = "default";
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		href,
+		class: className,
+		variant = "default",
+		children,
+		...restProps
+	}: WithElementRef<HTMLAnchorAttributes> & {
+		variant?: BadgeVariant;
+	} = $props();
 </script>

 <svelte:element
 	this={href ? "a" : "span"}
+	bind:this={ref}
 	{href}
 	class={cn(badgeVariants({ variant, className }))}
-	{...$$restProps}
+	{...restProps}
 >
-	<slot />
+	{@render children?.()}
 </svelte:element>
--- a/src/lib/components/ui/badge/index.ts
+++ b/src/lib/components/ui/badge/index.ts
@@ -1,21 +1,2 @@
-import { type VariantProps, tv } from "tailwind-variants";
 export { default as Badge } from "./badge.svelte";
-
-export const badgeVariants = tv({
-	base: "focus:ring-ring inline-flex select-none items-center rounded-full border px-2.5 py-0.5 text-xs font-semibold transition-colors focus:outline-none focus:ring-2 focus:ring-offset-2",
-	variants: {
-		variant: {
-			default: "bg-primary text-primary-foreground hover:bg-primary/80 border-transparent",
-			secondary:
-				"bg-secondary text-secondary-foreground hover:bg-secondary/80 border-transparent",
-			destructive:
-				"bg-destructive text-destructive-foreground hover:bg-destructive/80 border-transparent",
-			outline: "text-foreground",
-		},
-	},
-	defaultVariants: {
-		variant: "default",
-	},
-});
-
-export type Variant = VariantProps<typeof badgeVariants>["variant"];
+export { badgeVariants, type BadgeVariant } from "./badge.svelte";
--- a/src/lib/components/ui/button/button.svelte
+++ b/src/lib/components/ui/button/button.svelte
@@ -1,25 +1,74 @@
-<script lang="ts">
-	import { Button as ButtonPrimitive } from "bits-ui";
-	import { type Events, type Props, buttonVariants } from "./index.js";
-	import { cn } from "$lib/utils.js";
+<script lang="ts" module>
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAnchorAttributes, HTMLButtonAttributes } from "svelte/elements";
+	import { type VariantProps, tv } from "tailwind-variants";

-	type $$Props = Props;
-	type $$Events = Events;
+	export const buttonVariants = tv({
+		base: "ring-offset-background focus-visible:ring-ring inline-flex items-center justify-center gap-2 whitespace-nowrap rounded-md text-sm font-medium transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 [&_svg]:pointer-events-none [&_svg]:size-4 [&_svg]:shrink-0",
+		variants: {
+			variant: {
+				default: "bg-primary text-primary-foreground hover:bg-primary/90",
+				destructive: "bg-destructive text-destructive-foreground hover:bg-destructive/90",
+				outline:
+					"border-input bg-background hover:bg-accent hover:text-accent-foreground border",
+				secondary: "bg-secondary text-secondary-foreground hover:bg-secondary/80",
+				ghost: "hover:bg-accent hover:text-accent-foreground",
+				link: "text-primary underline-offset-4 hover:underline",
+			},
+			size: {
+				default: "h-10 px-4 py-2",
+				sm: "h-9 rounded-md px-3",
+				lg: "h-11 rounded-md px-8",
+				icon: "h-10 w-10",
+			},
+		},
+		defaultVariants: {
+			variant: "default",
+			size: "default",
+		},
+	});

-	let className: $$Props["class"] = undefined;
-	export let variant: $$Props["variant"] = "default";
-	export let size: $$Props["size"] = "default";
-	export let builders: $$Props["builders"] = [];
-	export { className as class };
+	export type ButtonVariant = VariantProps<typeof buttonVariants>["variant"];
+	export type ButtonSize = VariantProps<typeof buttonVariants>["size"];
+
+	export type ButtonProps = WithElementRef<HTMLButtonAttributes> &
+		WithElementRef<HTMLAnchorAttributes> & {
+			variant?: ButtonVariant;
+			size?: ButtonSize;
+		};
 </script>

-<ButtonPrimitive.Root
-	{builders}
+<script lang="ts">
+	import { cn } from "$lib/utils.js";
+
+	let {
+		class: className,
+		variant = "default",
+		size = "default",
+		ref = $bindable(null),
+		href = undefined,
+		type = "button",
+		children,
+		...restProps
+	}: ButtonProps = $props();
+</script>
+
+{#if href}
+	<a
+		bind:this={ref}
 		class={cn(buttonVariants({ variant, size, className }))}
-	type="button"
-	{...$$restProps}
-	on:click
-	on:keydown
->
-	<slot />
-</ButtonPrimitive.Root>
+		{href}
+		{...restProps}
+	>
+		{@render children?.()}
+	</a>
+{:else}
+	<button
+		bind:this={ref}
+		class={cn(buttonVariants({ variant, size, className }))}
+		{type}
+		{...restProps}
+	>
+		{@render children?.()}
+	</button>
+{/if}
--- a/src/lib/components/ui/button/index.ts
+++ b/src/lib/components/ui/button/index.ts
@@ -1,49 +1,17 @@
-import { type VariantProps, tv } from "tailwind-variants";
-import type { Button as ButtonPrimitive } from "bits-ui";
-import Root from "./button.svelte";
-
-const buttonVariants = tv({
-	base: "ring-offset-background focus-visible:ring-ring inline-flex items-center justify-center whitespace-nowrap rounded-md text-sm font-medium transition-colors focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50",
-	variants: {
-		variant: {
-			default: "bg-primary text-primary-foreground hover:bg-primary/90",
-			destructive: "bg-destructive text-destructive-foreground hover:bg-destructive/90",
-			outline:
-				"border-input bg-background hover:bg-accent hover:text-accent-foreground border",
-			secondary: "bg-secondary text-secondary-foreground hover:bg-secondary/80",
-			ghost: "hover:bg-accent hover:text-accent-foreground",
-			link: "text-primary underline-offset-4 hover:underline",
-		},
-		size: {
-			default: "h-10 px-4 py-2",
-			sm: "h-9 rounded-md px-3",
-			lg: "h-11 rounded-md px-8",
-			icon: "h-10 w-10",
-		},
-	},
-	defaultVariants: {
-		variant: "default",
-		size: "default",
-	},
-});
-
-type Variant = VariantProps<typeof buttonVariants>["variant"];
-type Size = VariantProps<typeof buttonVariants>["size"];
-
-type Props = ButtonPrimitive.Props & {
-	variant?: Variant;
-	size?: Size;
-};
-
-type Events = ButtonPrimitive.Events;
+import Root, {
+	type ButtonProps,
+	type ButtonSize,
+	type ButtonVariant,
+	buttonVariants,
+} from "./button.svelte";

 export {
 	Root,
-	type Props,
-	type Events,
+	type ButtonProps as Props,
 	//
 	Root as Button,
-	type Props as ButtonProps,
-	type Events as ButtonEvents,
 	buttonVariants,
+	type ButtonProps,
+	type ButtonSize,
+	type ButtonVariant,
 };
--- a/src/lib/components/ui/card/card-content.svelte
+++ b/src/lib/components/ui/card/card-content.svelte
@@ -0,0 +1,16 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div bind:this={ref} class={cn("p-6", className)} {...restProps}>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/card/card-description.svelte
+++ b/src/lib/components/ui/card/card-description.svelte
@@ -0,0 +1,16 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLParagraphElement>> = $props();
+</script>
+
+<p bind:this={ref} class={cn("text-muted-foreground text-sm", className)} {...restProps}>
+	{@render children?.()}
+</p>
--- a/src/lib/components/ui/card/card-footer.svelte
+++ b/src/lib/components/ui/card/card-footer.svelte
@@ -0,0 +1,16 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div bind:this={ref} class={cn("flex items-center p-6 pt-0", className)} {...restProps}>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/card/card-header.svelte
+++ b/src/lib/components/ui/card/card-header.svelte
@@ -0,0 +1,16 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div bind:this={ref} class={cn("flex flex-col space-y-1.5 p-6 pb-0", className)} {...restProps}>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/card/card-title.svelte
+++ b/src/lib/components/ui/card/card-title.svelte
@@ -0,0 +1,25 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		level = 3,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> & {
+		level?: 1 | 2 | 3 | 4 | 5 | 6;
+	} = $props();
+</script>
+
+<div
+	role="heading"
+	aria-level={level}
+	bind:this={ref}
+	class={cn("text-2xl font-semibold leading-none tracking-tight", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/card/card.svelte
+++ b/src/lib/components/ui/card/card.svelte
@@ -0,0 +1,20 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div
+	bind:this={ref}
+	class={cn("bg-card text-card-foreground rounded-lg border shadow-sm", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/card/index.ts
+++ b/src/lib/components/ui/card/index.ts
@@ -0,0 +1,22 @@
+import Root from "./card.svelte";
+import Content from "./card-content.svelte";
+import Description from "./card-description.svelte";
+import Footer from "./card-footer.svelte";
+import Header from "./card-header.svelte";
+import Title from "./card-title.svelte";
+
+export {
+	Root,
+	Content,
+	Description,
+	Footer,
+	Header,
+	Title,
+	//
+	Root as Card,
+	Content as CardContent,
+	Description as CardDescription,
+	Footer as CardFooter,
+	Header as CardHeader,
+	Title as CardTitle,
+};
--- a/src/lib/components/ui/checkbox/checkbox.svelte
+++ b/src/lib/components/ui/checkbox/checkbox.svelte
@@ -1,35 +1,35 @@
 <script lang="ts">
-	import { Checkbox as CheckboxPrimitive } from "bits-ui";
+	import { Checkbox as CheckboxPrimitive, type WithoutChildrenOrChild } from "bits-ui";
 	import Check from "lucide-svelte/icons/check";
 	import Minus from "lucide-svelte/icons/minus";
 	import { cn } from "$lib/utils.js";

-	type $$Props = CheckboxPrimitive.Props;
-	type $$Events = CheckboxPrimitive.Events;
-
-	let className: $$Props["class"] = undefined;
-	export let checked: $$Props["checked"] = false;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		checked = $bindable(false),
+		indeterminate = $bindable(false),
+		class: className,
+		...restProps
+	}: WithoutChildrenOrChild<CheckboxPrimitive.RootProps> = $props();
 </script>

 <CheckboxPrimitive.Root
+	bind:ref
 	class={cn(
-		"border-primary ring-offset-background focus-visible:ring-ring data-[state=checked]:bg-primary data-[state=checked]:text-primary-foreground peer box-content h-4 w-4 shrink-0 rounded-sm border focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 data-[disabled=true]:cursor-not-allowed data-[disabled=true]:opacity-50",
+		"border-primary ring-offset-background focus-visible:ring-ring data-[state=checked]:bg-primary data-[state=checked]:text-primary-foreground peer box-content size-4 shrink-0 rounded-sm border focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 data-[disabled=true]:cursor-not-allowed data-[disabled=true]:opacity-50",
 		className
 	)}
 	bind:checked
-	{...$$restProps}
-	on:click
+	bind:indeterminate
+	{...restProps}
 >
-	<CheckboxPrimitive.Indicator
-		class={cn("flex h-4 w-4 items-center justify-center text-current")}
-		let:isChecked
-		let:isIndeterminate
-	>
-		{#if isChecked}
-			<Check class="h-3.5 w-3.5" />
-		{:else if isIndeterminate}
-			<Minus class="h-3.5 w-3.5" />
+	{#snippet children({ checked, indeterminate })}
+		<div class="flex size-4 items-center justify-center text-current">
+			{#if indeterminate}
+				<Minus class="size-3.5" />
+			{:else}
+				<Check class={cn("size-3.5", !checked && "text-transparent")} />
 			{/if}
-	</CheckboxPrimitive.Indicator>
+		</div>
+	{/snippet}
 </CheckboxPrimitive.Root>
--- a/src/lib/components/ui/dialog/dialog-content.svelte
+++ b/src/lib/components/ui/dialog/dialog-content.svelte
@@ -0,0 +1,38 @@
+<script lang="ts">
+	import { Dialog as DialogPrimitive, type WithoutChildrenOrChild } from "bits-ui";
+	import X from "lucide-svelte/icons/x";
+	import type { Snippet } from "svelte";
+	import * as Dialog from "./index.js";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		portalProps,
+		children,
+		...restProps
+	}: WithoutChildrenOrChild<DialogPrimitive.ContentProps> & {
+		portalProps?: DialogPrimitive.PortalProps;
+		children: Snippet;
+	} = $props();
+</script>
+
+<Dialog.Portal {...portalProps}>
+	<Dialog.Overlay />
+	<DialogPrimitive.Content
+		bind:ref
+		class={cn(
+			"data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=open]:fade-in-0 data-[state=closed]:zoom-out-95 data-[state=open]:zoom-in-95 data-[state=closed]:slide-out-to-left-1/2 data-[state=closed]:slide-out-to-top-[48%] data-[state=open]:slide-in-from-left-1/2 data-[state=open]:slide-in-from-top-[48%] bg-background fixed left-[50%] top-[50%] z-50 grid w-full max-w-lg translate-x-[-50%] translate-y-[-50%] gap-4 border p-6 shadow-lg duration-200 sm:rounded-lg",
+			className
+		)}
+		{...restProps}
+	>
+		{@render children?.()}
+		<DialogPrimitive.Close
+			class="ring-offset-background focus:ring-ring absolute right-4 top-4 rounded-sm opacity-70 transition-opacity hover:opacity-100 focus:outline-none focus:ring-2 focus:ring-offset-2 disabled:pointer-events-none"
+		>
+			<X class="size-4" />
+			<span class="sr-only">Close</span>
+		</DialogPrimitive.Close>
+	</DialogPrimitive.Content>
+</Dialog.Portal>
--- a/src/lib/components/ui/dialog/dialog-description.svelte
+++ b/src/lib/components/ui/dialog/dialog-description.svelte
@@ -0,0 +1,19 @@
+<script lang="ts">
+	import { Dialog as DialogPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: DialogPrimitive.DescriptionProps = $props();
+</script>
+
+<DialogPrimitive.Description
+	bind:ref
+	class={cn("text-muted-foreground text-sm", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</DialogPrimitive.Description>
--- a/src/lib/components/ui/dialog/dialog-footer.svelte
+++ b/src/lib/components/ui/dialog/dialog-footer.svelte
@@ -0,0 +1,20 @@
+<script lang="ts">
+	import type { WithElementRef } from "bits-ui";
+	import type { HTMLAttributes } from "svelte/elements";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div
+	bind:this={ref}
+	class={cn("flex flex-col-reverse sm:flex-row sm:justify-end sm:space-x-2", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/dialog/dialog-header.svelte
+++ b/src/lib/components/ui/dialog/dialog-header.svelte
@@ -0,0 +1,20 @@
+<script lang="ts">
+	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLDivElement>> = $props();
+</script>
+
+<div
+	bind:this={ref}
+	class={cn("flex flex-col space-y-1.5 text-center sm:text-left", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</div>
--- a/src/lib/components/ui/dialog/dialog-overlay.svelte
+++ b/src/lib/components/ui/dialog/dialog-overlay.svelte
@@ -0,0 +1,22 @@
+<script lang="ts">
+	import { Dialog as DialogPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: DialogPrimitive.OverlayProps = $props();
+</script>
+
+<DialogPrimitive.Overlay
+	bind:ref
+	class={cn(
+		"data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=open]:fade-in-0  fixed inset-0 z-50 bg-black/80",
+		className
+	)}
+	{...restProps}
+>
+	{@render children?.()}
+</DialogPrimitive.Overlay>
--- a/src/lib/components/ui/dialog/dialog-title.svelte
+++ b/src/lib/components/ui/dialog/dialog-title.svelte
@@ -0,0 +1,19 @@
+<script lang="ts">
+	import { Dialog as DialogPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: DialogPrimitive.TitleProps = $props();
+</script>
+
+<DialogPrimitive.Title
+	bind:ref
+	class={cn("text-lg font-semibold leading-none tracking-tight", className)}
+	{...restProps}
+>
+	{@render children?.()}
+</DialogPrimitive.Title>
--- a/src/lib/components/ui/dialog/index.ts
+++ b/src/lib/components/ui/dialog/index.ts
@@ -0,0 +1,37 @@
+import { Dialog as DialogPrimitive } from "bits-ui";
+
+import Title from "./dialog-title.svelte";
+import Footer from "./dialog-footer.svelte";
+import Header from "./dialog-header.svelte";
+import Overlay from "./dialog-overlay.svelte";
+import Content from "./dialog-content.svelte";
+import Description from "./dialog-description.svelte";
+
+const Root = DialogPrimitive.Root;
+const Trigger = DialogPrimitive.Trigger;
+const Close = DialogPrimitive.Close;
+const Portal = DialogPrimitive.Portal;
+
+export {
+	Root,
+	Title,
+	Portal,
+	Footer,
+	Header,
+	Trigger,
+	Overlay,
+	Content,
+	Description,
+	Close,
+	//
+	Root as Dialog,
+	Title as DialogTitle,
+	Portal as DialogPortal,
+	Footer as DialogFooter,
+	Header as DialogHeader,
+	Trigger as DialogTrigger,
+	Overlay as DialogOverlay,
+	Content as DialogContent,
+	Description as DialogDescription,
+	Close as DialogClose,
+};
--- a/src/lib/components/ui/input/index.ts
+++ b/src/lib/components/ui/input/index.ts
@@ -1,27 +1,5 @@
 import Root from "./input.svelte";

-export type FormInputEvent<T extends Event = Event> = T & {
-	currentTarget: EventTarget & HTMLInputElement;
-};
-export type InputEvents = {
-	blur: FormInputEvent<FocusEvent>;
-	change: FormInputEvent<Event>;
-	click: FormInputEvent<MouseEvent>;
-	focus: FormInputEvent<FocusEvent>;
-	focusin: FormInputEvent<FocusEvent>;
-	focusout: FormInputEvent<FocusEvent>;
-	keydown: FormInputEvent<KeyboardEvent>;
-	keypress: FormInputEvent<KeyboardEvent>;
-	keyup: FormInputEvent<KeyboardEvent>;
-	mouseover: FormInputEvent<MouseEvent>;
-	mouseenter: FormInputEvent<MouseEvent>;
-	mouseleave: FormInputEvent<MouseEvent>;
-	mousemove: FormInputEvent<MouseEvent>;
-	paste: FormInputEvent<ClipboardEvent>;
-	input: FormInputEvent<InputEvent>;
-	wheel: FormInputEvent<WheelEvent>;
-};
-
 export {
 	Root,
 	//
--- a/src/lib/components/ui/input/input.svelte
+++ b/src/lib/components/ui/input/input.svelte
@@ -1,42 +1,22 @@
 <script lang="ts">
 	import type { HTMLInputAttributes } from "svelte/elements";
-	import type { InputEvents } from "./index.js";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLInputAttributes;
-	type $$Events = InputEvents;
-
-	let className: $$Props["class"] = undefined;
-	export let value: $$Props["value"] = undefined;
-	export { className as class };
-
-	// Workaround for https://github.com/sveltejs/svelte/issues/9305
-	// Fixed in Svelte 5, but not backported to 4.x.
-	export let readonly: $$Props["readonly"] = undefined;
+	let {
+		ref = $bindable(null),
+		value = $bindable(),
+		class: className,
+		...restProps
+	}: WithElementRef<HTMLInputAttributes> = $props();
 </script>

 <input
+	bind:this={ref}
 	class={cn(
-		"border-input bg-background ring-offset-background placeholder:text-muted-foreground focus-visible:ring-ring flex h-10 w-full rounded-md border px-3 py-2 text-sm file:border-0 file:bg-transparent file:text-sm file:font-medium focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50",
+		"border-input bg-background ring-offset-background placeholder:text-muted-foreground focus-visible:ring-ring flex h-10 w-full rounded-md border px-3 py-2 text-base file:border-0 file:bg-transparent file:text-sm file:font-medium focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 md:text-sm",
 		className
 	)}
 	bind:value
-	{readonly}
-	on:blur
-	on:change
-	on:click
-	on:focus
-	on:focusin
-	on:focusout
-	on:keydown
-	on:keypress
-	on:keyup
-	on:mouseover
-	on:mouseenter
-	on:mouseleave
-	on:mousemove
-	on:paste
-	on:input
-	on:wheel|passive
-	{...$$restProps}
+	{...restProps}
 />
--- a/src/lib/components/ui/label/label.svelte
+++ b/src/lib/components/ui/label/label.svelte
@@ -2,20 +2,21 @@
 	import { Label as LabelPrimitive } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = LabelPrimitive.Props;
-	type $$Events = LabelPrimitive.Events;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: LabelPrimitive.RootProps = $props();
 </script>

 <LabelPrimitive.Root
+	bind:ref
 	class={cn(
 		"text-sm font-medium leading-none peer-disabled:cursor-not-allowed peer-disabled:opacity-70",
 		className
 	)}
-	{...$$restProps}
-	on:mousedown
+	{...restProps}
 >
-	<slot />
+	{@render children?.()}
 </LabelPrimitive.Root>
--- a/src/lib/components/ui/table/table-body.svelte
+++ b/src/lib/components/ui/table/table-body.svelte
@@ -1,13 +1,16 @@
 <script lang="ts">
 	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLAttributes<HTMLTableSectionElement>;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLTableSectionElement>> = $props();
 </script>

-<tbody class={cn("[&_tr:last-child]:border-0", className)} {...$$restProps}>
-	<slot />
+<tbody bind:this={ref} class={cn("[&_tr:last-child]:border-0", className)} {...restProps}>
+	{@render children?.()}
 </tbody>
--- a/src/lib/components/ui/table/table-caption.svelte
+++ b/src/lib/components/ui/table/table-caption.svelte
@@ -1,13 +1,16 @@
 <script lang="ts">
 	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLAttributes<HTMLTableCaptionElement>;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLElement>> = $props();
 </script>

-<caption class={cn("text-muted-foreground mt-4 text-sm", className)} {...$$restProps}>
-	<slot />
+<caption bind:this={ref} class={cn("text-muted-foreground mt-4 text-sm", className)} {...restProps}>
+	{@render children?.()}
 </caption>
--- a/src/lib/components/ui/table/table-cell.svelte
+++ b/src/lib/components/ui/table/table-cell.svelte
@@ -1,18 +1,20 @@
 <script lang="ts">
 	import type { HTMLTdAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLTdAttributes;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLTdAttributes> = $props();
 </script>

 <td
+	bind:this={ref}
 	class={cn("p-4 align-middle [&:has([role=checkbox])]:pr-0", className)}
-	{...$$restProps}
-	on:click
-	on:keydown
+	{...restProps}
 >
-	<slot />
+	{@render children?.()}
 </td>
--- a/src/lib/components/ui/table/table-footer.svelte
+++ b/src/lib/components/ui/table/table-footer.svelte
@@ -1,13 +1,16 @@
 <script lang="ts">
 	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLAttributes<HTMLTableSectionElement>;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLTableSectionElement>> = $props();
 </script>

-<tfoot class={cn("bg-muted/50 text-primary-foreground font-medium", className)} {...$$restProps}>
-	<slot />
+<tfoot bind:this={ref} class={cn("bg-muted/50 font-medium", className)} {...restProps}>
+	{@render children?.()}
 </tfoot>
--- a/src/lib/components/ui/table/table-head.svelte
+++ b/src/lib/components/ui/table/table-head.svelte
@@ -1,19 +1,23 @@
 <script lang="ts">
 	import type { HTMLThAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLThAttributes;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLThAttributes> = $props();
 </script>

 <th
+	bind:this={ref}
 	class={cn(
 		"text-muted-foreground h-12 px-4 text-left align-middle font-medium [&:has([role=checkbox])]:pr-0",
 		className
 	)}
-	{...$$restProps}
+	{...restProps}
 >
-	<slot />
+	{@render children?.()}
 </th>
--- a/src/lib/components/ui/table/table-header.svelte
+++ b/src/lib/components/ui/table/table-header.svelte
@@ -1,14 +1,16 @@
 <script lang="ts">
 	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLAttributes<HTMLTableSectionElement>;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLTableSectionElement>> = $props();
 </script>

-<!-- svelte-ignore a11y-no-noninteractive-element-interactions -->
-<thead class={cn("[&_tr]:border-b", className)} {...$$restProps} on:click on:keydown>
-	<slot />
+<thead bind:this={ref} class={cn("[&_tr]:border-b", className)} {...restProps}>
+	{@render children?.()}
 </thead>
--- a/src/lib/components/ui/table/table-row.svelte
+++ b/src/lib/components/ui/table/table-row.svelte
@@ -1,23 +1,23 @@
 <script lang="ts">
 	import type { HTMLAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLAttributes<HTMLTableRowElement> & {
-		"data-state"?: unknown;
-	};
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLAttributes<HTMLTableRowElement>> = $props();
 </script>

 <tr
+	bind:this={ref}
 	class={cn(
 		"hover:bg-muted/50 data-[state=selected]:bg-muted border-b transition-colors",
 		className
 	)}
-	{...$$restProps}
-	on:click
-	on:keydown
+	{...restProps}
 >
-	<slot />
+	{@render children?.()}
 </tr>
--- a/src/lib/components/ui/table/table.svelte
+++ b/src/lib/components/ui/table/table.svelte
@@ -1,15 +1,18 @@
 <script lang="ts">
 	import type { HTMLTableAttributes } from "svelte/elements";
+	import type { WithElementRef } from "bits-ui";
 	import { cn } from "$lib/utils.js";

-	type $$Props = HTMLTableAttributes;
-
-	let className: $$Props["class"] = undefined;
-	export { className as class };
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: WithElementRef<HTMLTableAttributes> = $props();
 </script>

 <div class="relative w-full overflow-auto">
-	<table class={cn("w-full caption-bottom text-sm", className)} {...$$restProps}>
-		<slot />
+	<table bind:this={ref} class={cn("w-full caption-bottom text-sm", className)} {...restProps}>
+		{@render children?.()}
 	</table>
 </div>
--- a/src/lib/components/ui/tabs/index.ts
+++ b/src/lib/components/ui/tabs/index.ts
@@ -0,0 +1,18 @@
+import { Tabs as TabsPrimitive } from "bits-ui";
+import Content from "./tabs-content.svelte";
+import List from "./tabs-list.svelte";
+import Trigger from "./tabs-trigger.svelte";
+
+const Root = TabsPrimitive.Root;
+
+export {
+	Root,
+	Content,
+	List,
+	Trigger,
+	//
+	Root as Tabs,
+	Content as TabsContent,
+	List as TabsList,
+	Trigger as TabsTrigger,
+};
--- a/src/lib/components/ui/tabs/tabs-content.svelte
+++ b/src/lib/components/ui/tabs/tabs-content.svelte
@@ -0,0 +1,22 @@
+<script lang="ts">
+	import { Tabs as TabsPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: TabsPrimitive.ContentProps = $props();
+</script>
+
+<TabsPrimitive.Content
+	bind:ref
+	class={cn(
+		"ring-offset-background focus-visible:ring-ring mt-2 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2",
+		className
+	)}
+	{...restProps}
+>
+	{@render children?.()}
+</TabsPrimitive.Content>
--- a/src/lib/components/ui/tabs/tabs-list.svelte
+++ b/src/lib/components/ui/tabs/tabs-list.svelte
@@ -0,0 +1,22 @@
+<script lang="ts">
+	import { Tabs as TabsPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: TabsPrimitive.ListProps = $props();
+</script>
+
+<TabsPrimitive.List
+	bind:ref
+	class={cn(
+		"bg-muted text-muted-foreground inline-flex h-10 items-center justify-center rounded-md p-1",
+		className
+	)}
+	{...restProps}
+>
+	{@render children?.()}
+</TabsPrimitive.List>
--- a/src/lib/components/ui/tabs/tabs-trigger.svelte
+++ b/src/lib/components/ui/tabs/tabs-trigger.svelte
@@ -0,0 +1,22 @@
+<script lang="ts">
+	import { Tabs as TabsPrimitive } from "bits-ui";
+	import { cn } from "$lib/utils.js";
+
+	let {
+		ref = $bindable(null),
+		class: className,
+		children,
+		...restProps
+	}: TabsPrimitive.TriggerProps = $props();
+</script>
+
+<TabsPrimitive.Trigger
+	bind:ref
+	class={cn(
+		"ring-offset-background focus-visible:ring-ring data-[state=active]:bg-background data-[state=active]:text-foreground inline-flex items-center justify-center whitespace-nowrap rounded-sm px-3 py-1.5 text-sm font-medium transition-all focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-offset-2 disabled:pointer-events-none disabled:opacity-50 data-[state=active]:shadow-sm",
+		className
+	)}
+	{...restProps}
+>
+	{@render children?.()}
+</TabsPrimitive.Trigger>
--- a/src/lib/connections.ts
+++ b/src/lib/connections.ts
@@ -0,0 +1,10 @@
+export type ConnectionDetails = {
+	deviceId: number;
+	deviceName: string;
+	devicePublicKey: string;
+	deviceIps: string[];
+	endpoint: string;
+	transferRx: number;
+	transferTx: number;
+	latestHandshake: number;
+};
--- a/src/lib/devices.ts
+++ b/src/lib/devices.ts
@@ -0,0 +1,43 @@
+/**
+ * Convert device details to WireGuard configuration.
+ *
+ * ```conf
+ * [Interface]
+ * PrivateKey = wPa07zR0H4wYoc1ljfeiqlSbR8Z28pPc6jplwE7zPms=
+ * Address = 10.18.11.100/32,fd00::1/128
+ * DNS = 10.18.11.1,fd00::0
+ *
+ * [Peer]
+ * PublicKey = BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=
+ * PresharedKey = uhZUVqXKF0oayP0BS6yPu6Gepgh68Nz9prtbE5Cuok0=
+ * Endpoint = vpn.lab.cazzzer.com:51820
+ * AllowedIPs = 0.0.0.0/0,::/0
+ * ```
+ * @param device
+ */
+export function deviceDetailsToConfig(device: DeviceDetails): string {
+	return `\
+[Interface]
+PrivateKey = ${device.privateKey}
+Address = ${device.ips.join(', ')}
+DNS = ${device.vpnDns}
+
+[Peer]
+PublicKey = ${device.vpnPublicKey}
+PresharedKey = ${device.preSharedKey}
+Endpoint = ${device.vpnEndpoint}
+AllowedIPs = 0.0.0.0/0,::/0
+`;
+}
+
+export type DeviceDetails = {
+	id: number;
+	name: string;
+	publicKey: string;
+	privateKey: string | null;
+	preSharedKey: string | null;
+	ips: string[];
+	vpnPublicKey: string;
+	vpnEndpoint: string;
+	vpnDns: string;
+};
--- a/src/lib/opnsense/index.ts
+++ b/src/lib/opnsense/index.ts
@@ -0,0 +1,3 @@
+export function opnsenseSanitezedUsername(username: string) {
+	return username.slice(0, 63).replace(/[^a-zA-Z0-9_-]/g, '_');
+}
--- a/src/lib/server/db/index.ts
+++ b/src/lib/server/db/index.ts
@@ -1,5 +1,5 @@
 import { drizzle } from 'drizzle-orm/libsql';
 import * as schema from './schema';
-import { DATABASE_URL } from '$env/static/private';
+import { env } from '$env/dynamic/private';

-export const db= drizzle(DATABASE_URL, { schema });
+export const db= drizzle(env.DATABASE_URL, { schema });
--- a/src/lib/server/db/schema.ts
+++ b/src/lib/server/db/schema.ts
@@ -8,7 +8,7 @@ export const users = sqliteTable('users', {
 });

 export const usersRelations = relations(users, ({ many }) => ({
-	wgClients: many(wgClients),
+	devices: many(devices),
 }));

 export const sessions = sqliteTable('sessions', {
@@ -22,14 +22,14 @@ export const sessions = sqliteTable('sessions', {
 export const ipAllocations = sqliteTable('ip_allocations', {
 	// for now, id will be the same as the ipIndex
 	id: integer('id').primaryKey({ autoIncrement: true }),
-	// clientId is nullable because allocations can remain after the client is deleted
-	// unique for now, only allowing one allocation per client
-	clientId: integer('client_id')
+	// deviceId is nullable because allocations can remain after the device is deleted
+	// unique for now, only allowing one allocation per device
+	deviceId: integer('device_id')
 		.unique()
-		.references(() => wgClients.id, { onDelete: 'set null' }),
+		.references(() => devices.id, { onDelete: 'set null' }),
 });

-export const wgClients = sqliteTable('wg_clients', {
+export const devices = sqliteTable('devices', {
 	id: integer().primaryKey({ autoIncrement: true }),
 	userId: text('user_id')
 		.notNull()
@@ -38,7 +38,7 @@ export const wgClients = sqliteTable('wg_clients', {
 	// questioning whether this should be nullable
 	opnsenseId: text('opnsense_id'),
 	publicKey: text('public_key').notNull().unique(),
-	// nullable for the possibility of a client supplying their own private key
+	// nullable for the possibility of a user supplying their own private key
 	privateKey: text('private_key'),
 	// nullable for the possibility of no psk
 	preSharedKey: text('pre_shared_key'),
@@ -48,18 +48,18 @@ export const wgClients = sqliteTable('wg_clients', {
 	// allowedIps: text('allowed_ips').notNull(),
 });

-export const wgClientsRelations = relations(wgClients, ({ one }) => ({
+export const devicesRelations = relations(devices, ({ one }) => ({
 	user: one(users, {
-		fields: [wgClients.userId],
+		fields: [devices.userId],
 		references: [users.id],
 	}),
 	ipAllocation: one(ipAllocations, {
-		fields: [wgClients.id],
-		references: [ipAllocations.clientId],
+		fields: [devices.id],
+		references: [ipAllocations.deviceId],
 	}),
 }));

-export type WgClient = typeof wgClients.$inferSelect;
+export type Device = typeof devices.$inferSelect;

 export type Session = typeof sessions.$inferSelect;

--- a/src/lib/server/db/seed.ts
+++ b/src/lib/server/db/seed.ts
@@ -1,4 +1,4 @@
-import { ipAllocations, users, wgClients } from './schema';
+import { ipAllocations, users, devices } from './schema';
 import { eq } from 'drizzle-orm';
 import assert from 'node:assert';
 import { drizzle } from 'drizzle-orm/libsql';
@@ -11,10 +11,10 @@ async function seed() {
 	const user = await db.query.users.findFirst({ where: eq(users.username, 'CaZzzer') });
 	assert(user, 'User not found');

-	const clients: typeof wgClients.$inferInsert[] = [
+	const newDevices: typeof devices.$inferInsert[] = [
 		{
 			userId: user.id,
-			name: 'Client1',
+			name: 'Device1',
 			publicKey: 'BJ5faPVJsDP4CCxNYilmKnwlQXOtXEOJjqIwb4U/CgM=',
 			privateKey: 'KKqsHDu30WCSrVsyzMkOKbE3saQ+wlx0sBwGs61UGXk=',
 			preSharedKey: '0LWopbrISXBNHUxr+WOhCSAg+0hD8j3TLmpyzHkBHCQ=',
@@ -22,10 +22,10 @@ async function seed() {
 			// allowedIps: '10.18.11.101/32,fd00::1/112',
 		},
 	];
-	const returned = await db.insert(wgClients).values(clients).returning({ insertedId: wgClients.id });
+	const returned = await db.insert(devices).values(newDevices).returning({ insertedId: devices.id });

 	const ipAllocation: typeof ipAllocations.$inferInsert = {
-		clientId: returned[0].insertedId,
+		deviceId: returned[0].insertedId,
 	};
 	await db.insert(ipAllocations).values(ipAllocation);
 }
--- a/src/lib/server/devices.ts
+++ b/src/lib/server/devices.ts
@@ -1,23 +1,16 @@
 import type { User } from '$lib/server/db/schema';
+import { ipAllocations, devices } from '$lib/server/db/schema';
 import { db } from '$lib/server/db';
-import { wgClients, ipAllocations } from '$lib/server/db/schema';
 import { opnsenseAuth, opnsenseUrl, serverPublicKey, serverUuid } from '$lib/server/opnsense';
 import { Address4, Address6 } from 'ip-address';
-import {
-	IP_MAX_INDEX,
-	IPV4_STARTING_ADDR,
-	IPV6_CLIENT_PREFIX_SIZE,
-	IPV6_STARTING_ADDR,
-	MAX_CLIENTS_PER_USER,
-	VPN_DNS,
-	VPN_ENDPOINT,
-} from '$env/static/private';
+import { env } from '$env/dynamic/private';
 import { and, count, eq, isNull } from 'drizzle-orm';
 import { err, ok, type Result } from '$lib/types';
-import type { ClientDetails } from '$lib/types/clients';
+import type { DeviceDetails } from '$lib/devices';
+import { opnsenseSanitezedUsername } from '$lib/opnsense';

-export async function findClients(userId: string) {
-	return db.query.wgClients.findMany({
+export async function findDevices(userId: string) {
+	return db.query.devices.findMany({
 		columns: {
 			id: true,
 			name: true,
@@ -28,12 +21,12 @@ export async function findClients(userId: string) {
 		with: {
 			ipAllocation: true,
 		},
-		where: eq(wgClients.userId, userId),
+		where: eq(devices.userId, userId),
 	});
 }

-export async function findClient(userId: string, clientId: number) {
-	return db.query.wgClients.findFirst({
+export async function findDevice(userId: string, deviceId: number) {
+	return db.query.devices.findFirst({
 		columns: {
 			id: true,
 			name: true,
@@ -44,56 +37,56 @@ export async function findClient(userId: string, clientId: number) {
 		with: {
 			ipAllocation: true,
 		},
-		where: and(eq(wgClients.userId, userId), eq(wgClients.id, clientId)),
+		where: and(eq(devices.userId, userId), eq(devices.id, deviceId)),
 	});
 }

-export function mapClientToDetails(
-	client: Awaited<ReturnType<typeof findClients>>[0],
-): ClientDetails {
-	const ips = getIpsFromIndex(client.ipAllocation.id);
+export function mapDeviceToDetails(
+	device: Awaited<ReturnType<typeof findDevices>>[0],
+): DeviceDetails {
+	const ips = getIpsFromIndex(device.ipAllocation.id);
 	return {
-		id: client.id,
-		name: client.name,
-		publicKey: client.publicKey,
-		privateKey: client.privateKey,
-		preSharedKey: client.preSharedKey,
+		id: device.id,
+		name: device.name,
+		publicKey: device.publicKey,
+		privateKey: device.privateKey,
+		preSharedKey: device.preSharedKey,
 		ips,
 		vpnPublicKey: serverPublicKey,
-		vpnEndpoint: VPN_ENDPOINT,
-		vpnDns: VPN_DNS,
+		vpnEndpoint: env.VPN_ENDPOINT,
+		vpnDns: env.VPN_DNS,
 	};
 }

-export async function createClient(params: {
+export async function createDevice(params: {
 	name: string;
 	user: User;
-}): Promise<Result<null, [400 | 500, string]>> {
-	// check if user exceeds the limit of clients
-	const [{ clientCount }] = await db
-		.select({ clientCount: count() })
-		.from(wgClients)
-		.where(eq(wgClients.userId, params.user.id));
-	if (clientCount >= parseInt(MAX_CLIENTS_PER_USER))
-		return err([400, 'Maximum number of clients reached'] as [400, string]);
+}): Promise<Result<number, [400 | 500, string]>> {
+	// check if user exceeds the limit of devices
+	const [{ deviceCount }] = await db
+		.select({ deviceCount: count() })
+		.from(devices)
+		.where(eq(devices.userId, params.user.id));
+	if (deviceCount >= parseInt(env.MAX_CLIENTS_PER_USER))
+		return err([400, 'Maximum number of devices reached'] as [400, string]);

 	// this is going to be quite long
-	// 1. fetch params for new client from opnsense api
-	// 2.1 get an allocation for the client
-	// 2.2. insert new client into db
-	// 2.3. update the allocation with the client id
+	// 1. fetch params for new device from opnsense api
+	// 2.1 get an allocation for the device
+	// 2.2. insert new device into db
+	// 2.3. update the allocation with the device id
 	// 3. create the client in opnsense
 	// 4. reconfigure opnsense to enable the new client
-	const error = await db.transaction(async (tx) => {
+	return await db.transaction(async (tx) => {
 		const [keys, availableAllocation, lastAllocation] = await Promise.all([
-			// fetch params for new client from opnsense api
+			// fetch params for new device from opnsense api
 			getKeys(),
 			// find first unallocated IP
 			await tx.query.ipAllocations.findFirst({
 				columns: {
 					id: true,
 				},
-				where: isNull(ipAllocations.clientId),
+				where: isNull(ipAllocations.deviceId),
 			}),
 			// find last allocation to check if we have any IPs left
 			await tx.query.ipAllocations.findFirst({
@@ -105,7 +98,7 @@ export async function createClient(params: {
 		]);

 		// check for existing allocation or if we have any IPs left
-		if (!availableAllocation && lastAllocation && lastAllocation.id >= parseInt(IP_MAX_INDEX)) {
+		if (!availableAllocation && lastAllocation && lastAllocation.id >= parseInt(env.IP_MAX_INDEX)) {
 			return err([500, 'No more IP addresses available'] as [500, string]);
 		}

@@ -117,9 +110,9 @@ export async function createClient(params: {
 		// transaction savepoint after creating a new IP allocation
 		// TODO: not sure if this is needed
 		return await tx.transaction(async (tx2) => {
-			// create new client in db
-			const [newClient] = await tx2
-				.insert(wgClients)
+			// create new device in db
+			const [newDevice] = await tx2
+				.insert(devices)
 				.values({
 					userId: params.user.id,
 					name: params.name,
@@ -127,12 +120,12 @@ export async function createClient(params: {
 					privateKey: keys.privkey,
 					preSharedKey: keys.psk,
 				})
-				.returning({ id: wgClients.id });
+				.returning({ id: devices.id });

-			// update IP allocation with client ID
+			// update IP allocation with device ID
 			await tx2
 				.update(ipAllocations)
-				.set({ clientId: newClient.id })
+				.set({ deviceId: newDevice.id })
 				.where(eq(ipAllocations.id, ipAllocationId));

 			// create client in opnsense
@@ -151,10 +144,9 @@ export async function createClient(params: {

 			// reconfigure opnsense
 			await opnsenseReconfigure();
+			return ok(newDevice.id);
 		});
 	});
-	if (error) return error;
-	return ok(null);
 }

 async function getKeys() {
@@ -179,14 +171,14 @@ async function getKeys() {

 export function getIpsFromIndex(ipIndex: number) {
 	ipIndex -= 1; // 1-indexed in the db
-	const v4StartingAddr = new Address4(IPV4_STARTING_ADDR);
-	const v6StartingAddr = new Address6(IPV6_STARTING_ADDR);
+	const v4StartingAddr = new Address4(env.IPV4_STARTING_ADDR);
+	const v6StartingAddr = new Address6(env.IPV6_STARTING_ADDR);
 	const v4Allowed = Address4.fromBigInt(v4StartingAddr.bigInt() + BigInt(ipIndex));
-	const v6Offset = BigInt(ipIndex) << (128n - BigInt(IPV6_CLIENT_PREFIX_SIZE));
+	const v6Offset = BigInt(ipIndex) << (128n - BigInt(env.IPV6_CLIENT_PREFIX_SIZE));
 	const v6Allowed = Address6.fromBigInt(v6StartingAddr.bigInt() + v6Offset);
 	const v6AllowedShort = v6Allowed.parsedAddress.join(':');

-	return [v4Allowed.address + '/32', v6AllowedShort + '/' + IPV6_CLIENT_PREFIX_SIZE];
+	return [v4Allowed.address + '/32', v6AllowedShort + '/' + env.IPV6_CLIENT_PREFIX_SIZE];
 }

 async function opnsenseCreateClient(params: {
@@ -205,12 +197,12 @@ async function opnsenseCreateClient(params: {
 		body: JSON.stringify({
 			configbuilder: {
 				enabled: '1',
-				name: `vpgen-${params.username}`,
+				name: `vpgen-${opnsenseSanitezedUsername(params.username)}`,
 				pubkey: params.pubkey,
 				psk: params.psk,
 				tunneladdress: params.allowedIps,
 				server: serverUuid,
-				endpoint: VPN_ENDPOINT,
+				endpoint: env.VPN_ENDPOINT,
 			},
 		}),
 	});
--- a/src/lib/server/oauth.ts
+++ b/src/lib/server/oauth.ts
@@ -1,9 +1,9 @@
 import { Authentik } from 'arctic';
-import * as env from '$env/static/private';
+import { env } from '$env/dynamic/private';

 export const authentik = new Authentik(
 	env.AUTH_DOMAIN,
 	env.AUTH_CLIENT_ID,
 	env.AUTH_CLIENT_SECRET,
-	env.AUTH_REDIRECT_URI
+	`${env.ORIGIN}/auth/authentik/callback`,
 );
--- a/src/lib/server/opnsense/index.ts
+++ b/src/lib/server/opnsense/index.ts
@@ -4,11 +4,6 @@ import { encodeBasicCredentials } from 'arctic/dist/request';
 import { dev } from '$app/environment';
 import type { OpnsenseWgServers } from '$lib/opnsense/wg';

-assert(env.OPNSENSE_API_URL, 'OPNSENSE_API_URL is not set');
-assert(env.OPNSENSE_API_KEY, 'OPNSENSE_API_KEY is not set');
-assert(env.OPNSENSE_API_SECRET, 'OPNSENSE_API_SECRET is not set');
-assert(env.OPNSENSE_WG_IFNAME, 'OPNSENSE_WG_IFNAME is not set');
-
 export const opnsenseUrl = env.OPNSENSE_API_URL;
 export const opnsenseAuth =
 	'Basic ' + encodeBasicCredentials(env.OPNSENSE_API_KEY, env.OPNSENSE_API_SECRET);
@@ -17,23 +12,27 @@ export const opnsenseIfname = env.OPNSENSE_WG_IFNAME;
 // unset secret for security
 if (!dev) env.OPNSENSE_API_SECRET = '';

+export let serverUuid: string, serverPublicKey: string;
+
+export async function fetchOpnsenseServer() {
 // this might be pretty bad if the server is down and in a bunch of other cases
 // TODO: write a retry loop later
-const resServers = await fetch(`${opnsenseUrl}/api/wireguard/client/list_servers`, {
+	const resServers = await fetch(`${opnsenseUrl}/api/wireguard/client/list_servers`, {
 		method: 'GET',
 		headers: {
 			Authorization: opnsenseAuth,
 			Accept: 'application/json',
 		},
-});
-assert(resServers.ok, 'Failed to fetch OPNsense WireGuard servers');
-const servers = (await resServers.json()) as OpnsenseWgServers;
-assert.equal(servers.status, 'ok', 'Failed to fetch OPNsense WireGuard servers');
-export const serverUuid = servers.rows.find((server) => server.name === opnsenseIfname)?.uuid;
-assert(serverUuid, 'Failed to find server UUID for OPNsense WireGuard server');
-console.log('OPNsense WireGuard server UUID:', serverUuid);
+	});
+	assert(resServers.ok, 'Failed to fetch OPNsense WireGuard servers');
+	const servers = (await resServers.json()) as OpnsenseWgServers;
+	assert.equal(servers.status, 'ok', 'Failed to fetch OPNsense WireGuard servers');
+	const uuid = servers.rows.find((server) => server.name === opnsenseIfname)?.uuid;
+	assert(uuid, 'Failed to find server UUID for OPNsense WireGuard server');
+	serverUuid = uuid;
+	console.info('OPNsense WireGuard server UUID:', serverUuid);

-const resServerInfo = await fetch(
+	const resServerInfo = await fetch(
 		`${opnsenseUrl}/api/wireguard/client/get_server_info/${serverUuid}`,
 		{
 			method: 'GET',
@@ -42,8 +41,9 @@ const resServerInfo = await fetch(
 				Accept: 'application/json',
 			},
 		},
-);
-assert(resServerInfo.ok, 'Failed to fetch OPNsense WireGuard server info');
-const serverInfo = await resServerInfo.json();
-assert.equal(serverInfo.status, 'ok', 'Failed to fetch OPNsense WireGuard server info');
-export const serverPublicKey = serverInfo['pubkey'];
+	);
+	assert(resServerInfo.ok, 'Failed to fetch OPNsense WireGuard server info');
+	const serverInfo = await resServerInfo.json();
+	assert.equal(serverInfo.status, 'ok', 'Failed to fetch OPNsense WireGuard server info');
+	serverPublicKey = serverInfo['pubkey'];
+}
--- a/src/lib/types/clients.ts
+++ b/src/lib/types/clients.ts
@@ -1,11 +0,0 @@
-export type ClientDetails = {
-	id: number;
-	name: string;
-	publicKey: string;
-	privateKey: string | null;
-	preSharedKey: string | null;
-	ips: string[];
-	vpnPublicKey: string;
-	vpnEndpoint: string;
-	vpnDns: string;
-};
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -1,62 +1,6 @@
 import { type ClassValue, clsx } from "clsx";
 import { twMerge } from "tailwind-merge";
-import { cubicOut } from "svelte/easing";
-import type { TransitionConfig } from "svelte/transition";

 export function cn(...inputs: ClassValue[]) {
 	return twMerge(clsx(inputs));
 }
-
-type FlyAndScaleParams = {
-	y?: number;
-	x?: number;
-	start?: number;
-	duration?: number;
-};
-
-export const flyAndScale = (
-	node: Element,
-	params: FlyAndScaleParams = { y: -8, x: 0, start: 0.95, duration: 150 }
-): TransitionConfig => {
-	const style = getComputedStyle(node);
-	const transform = style.transform === "none" ? "" : style.transform;
-
-	const scaleConversion = (
-		valueA: number,
-		scaleA: [number, number],
-		scaleB: [number, number]
-	) => {
-		const [minA, maxA] = scaleA;
-		const [minB, maxB] = scaleB;
-
-		const percentage = (valueA - minA) / (maxA - minA);
-		const valueB = percentage * (maxB - minB) + minB;
-
-		return valueB;
-	};
-
-	const styleToString = (
-		style: Record<string, number | string | undefined>
-	): string => {
-		return Object.keys(style).reduce((str, key) => {
-			if (style[key] === undefined) return str;
-			return str + `${key}:${style[key]};`;
-		}, "");
-	};
-
-	return {
-		duration: params.duration ?? 200,
-		delay: 0,
-		css: (t) => {
-			const y = scaleConversion(t, [0, 1], [params.y ?? 5, 0]);
-			const x = scaleConversion(t, [0, 1], [params.x ?? 0, 0]);
-			const scale = scaleConversion(t, [0, 1], [params.start ?? 0.95, 1]);
-
-			return styleToString({
-				transform: `${transform} translate3d(${x}px, ${y}px, 0) scale(${scale})`,
-				opacity: t
-			});
-		},
-		easing: cubicOut
-	};
-};
--- a/src/routes/+layout.svelte
+++ b/src/routes/+layout.svelte
@@ -1,35 +1,44 @@
 <script lang="ts">
 	import '../app.css';
-	import { page } from '$app/stores';
 	import { cn } from '$lib/utils';
+	import { page } from '$app/state';

 	const { data, children } = $props();
 	const { user } = data;

 	function getNavClass(path: RegExp) {
-		return cn('hover:text-foreground/80 transition-colors',
-			path.test($page.url.pathname) ? 'text-foreground' : 'text-foreground/60');
+		return cn(
+			'hover:text-foreground/80 transition-colors',
+			path.test(page.url.pathname) ? 'text-foreground' : 'text-foreground/60',
+		);
 	}
 </script>

-<header class="p-4 sm:flex">
-	<span class=" mr-6 font-bold sm:inline-block">VPGen</span>
-	<nav class="flex items-center gap-6 text-sm">
-		<a href="/" class={getNavClass(/^\/$/)}>Home</a>
+<header class="flex w-full flex-wrap justify-between gap-x-6 gap-y-4 xl:max-w-screen-xl">
+	<a href="/" class="contents">
+		<span class="font-bold sm:inline-block">VPGen</span>
+	</a>
+	<nav class="max-w-full">
+		<ul class="flex items-center gap-6 overflow-x-auto text-sm">
+			<li><a href="/" class={getNavClass(/^\/$/)}>Home</a></li>
 			{#if user}
-			<a href="/user" class={getNavClass(/^\/user$/)}>Profile</a>
-			<a href="/connections" class={getNavClass(/^\/connections$/)}>Connections</a>
-			<a href="/clients" class={getNavClass(/^\/clients(\/\d+)?$/)}>Clients</a>
+				<li><a href="/user" class={getNavClass(/^\/user$/)}>Profile</a></li>
+				<li><a href="/connections" class={getNavClass(/^\/connections$/)}>Connections</a></li>
+				<li><a href="/devices" class={getNavClass(/^\/devices(\/\d+)?$/)}>Devices</a></li>
 			{/if}
+		</ul>
 	</nav>
 </header>
-<main class="flex flex-col flex-grow p-4">
+<main class="flex min-w-full max-w-full flex-grow flex-col gap-4 xl:min-w-[78rem]">
 	{@render children()}
 </main>

 <!--https://github.com/sveltejs/kit/discussions/7585#discussioncomment-9997936-->
 <!--Some shenanings needed to be done to get the footer position to stick correctly,
 didn't work with display: contents-->
-<footer class="p-4 relative text-center inset-x-0 bottom-0">
-	<p>&copy; 2024</p>
+<footer class="inset-x-0 bottom-0 w-full text-center">
+	<p>&copy; 2025</p>
 </footer>
+
+<style>
+</style>
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -1,4 +1,5 @@
 <script lang="ts">
+	import { Button } from '$lib/components/ui/button';
 	import { AuthForm } from '$lib/components/app/auth-form';

 	const { data } = $props();
@@ -9,10 +10,46 @@
 	<title>VPGen</title>
 </svelte:head>

-<h1>Welcome to VPGen</h1>
+<h1 class="mb-2 scroll-m-20 text-center text-3xl font-extrabold tracking-tight lg:text-4xl">
+	Welcome to VPGen
+</h1>

-{#if user }
-	<p>Hi {user.name}</p>
+{#if user}
+	<p>
+		Hi {user.name}!
+	</p>
+	<section id="get-started" class="border-l-2 pl-6">
+		<p>
+			To get started,
+			<Button class="ml-2" href="/devices?add=New+Device">Add a New Device</Button>
+		</p>
+	</section>
+	<!--	<section id="using-wireguard">-->
+	<!--		<details class="mt-10">-->
+	<!--			<summary class="relative flex flex-col gap-2 pl-10">-->
+	<!--				<h2 class="text-xl font-semibold">Using WireGuard</h2>-->
+	<!--				To use VPGen, you need to install the WireGuard app on your device.-->
+	<!--			</summary>-->
+	<!--			<WireguardGuide />-->
+	<!--		</details>-->
+	<!--	</section>-->
 {:else}
-	<AuthForm class="p-4" />
+	<AuthForm />
+	<!--	<p>VPGen is a VPN generator that allows you to create and manage VPN connections.</p>-->
 {/if}
+
+<style>
+	p {
+		@apply my-2;
+	}
+
+	/*
+	summary::before {
+		content: '▶';
+		@apply absolute -left-0;
+	}
+	details[open] summary::before {
+		content: '▼';
+	}
+	*/
+</style>
--- a/src/routes/api/clients/[id]/+server.ts
+++ b/src/routes/api/clients/[id]/+server.ts
@@ -1,20 +0,0 @@
-import { error } from '@sveltejs/kit';
-import type { RequestHandler } from './$types';
-import { findClient, mapClientToDetails } from '$lib/server/clients';
-
-export const GET: RequestHandler = async (event) => {
-	if (!event.locals.user) {
-		return error(401, 'Unauthorized');
-	}
-
-	const { id } = event.params;
-	const clientId = parseInt(id);
-	if (isNaN(clientId)) {
-		return error(400, 'Invalid client ID');
-	}
-	const client = await findClient(event.locals.user.id, clientId);
-	if (!client) {
-		return error(404, 'Client not found');
-	}
-	return new Response(JSON.stringify(mapClientToDetails(client)));
-};
--- a/src/routes/api/connections/+server.ts
+++ b/src/routes/api/connections/+server.ts
@@ -2,13 +2,56 @@ import { error } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
 import { opnsenseAuth, opnsenseUrl } from '$lib/server/opnsense';
 import type { OpnsenseWgPeers } from '$lib/opnsense/wg';
+import { findDevices } from '$lib/server/devices';
+import type { ConnectionDetails } from '$lib/connections';
+import { opnsenseSanitezedUsername } from '$lib/opnsense';

 export const GET: RequestHandler = async (event) => {
 	if (!event.locals.user) {
 		return error(401, 'Unauthorized');
 	}
-	const apiUrl = `${opnsenseUrl}/api/wireguard/service/show`;
-	const options: RequestInit = {
+	console.debug('/api/connections');
+	const peers = await fetchOpnsensePeers(event.locals.user.username);
+	console.debug('/api/connections: fetched opnsense peers', peers.rowCount);
+	const devices = await findDevices(event.locals.user.id);
+	console.debug('/api/connections: fetched db devices');
+
+	if (!peers) {
+		return error(500, 'Error getting info from OPNsense API');
+	}
+
+	// TODO: this is all garbage performance
+	// filter devices with no recent handshakes
+	peers.rows = peers.rows.filter((peer) => peer['latest-handshake']);
+
+	// start from devices, to treat db as the source of truth
+	const connections: ConnectionDetails[] = [];
+	for (const device of devices) {
+		const peerData = peers.rows.find((peer) => peer['public-key'] === device.publicKey);
+		if (!peerData) continue;
+		connections.push({
+			deviceId: device.id,
+			deviceName: device.name,
+			devicePublicKey: device.publicKey,
+			deviceIps: peerData['allowed-ips'].split(','),
+			endpoint: peerData['endpoint'],
+			// swap rx and tx, since the opnsense values are from the server perspective
+			transferRx: peerData['transfer-tx'],
+			transferTx: peerData['transfer-rx'],
+			latestHandshake: peerData['latest-handshake'] * 1000,
+		});
+	}
+
+	return new Response(JSON.stringify(connections), {
+		headers: {
+			'Content-Type': 'application/json',
+			'Cache-Control': 'max-age=5',
+		},
+	});
+};
+
+async function fetchOpnsensePeers(username: string) {
+	const res = await fetch(`${opnsenseUrl}/api/wireguard/service/show`, {
 		method: 'POST',
 		headers: {
 			Authorization: opnsenseAuth,
@@ -16,28 +59,15 @@ export const GET: RequestHandler = async (event) => {
 			'Content-Type': 'application/json',
 		},
 		body: JSON.stringify({
-			'current': 1,
+			current: 1,
 			// "rowCount": 7,
-			'sort': {},
+			sort: {},
 			// TODO: use a more unique search phrase
 			// unfortunately 64 character limit,
 			// but it should be fine if users can't change their own username
-			'searchPhrase': `vpgen-${event.locals.user.username}`,
-			'type': ['peer'],
+			searchPhrase: `vpgen-${opnsenseSanitezedUsername(username)}`,
+			type: ['peer'],
 		}),
-	};
-
-	const res = await fetch(apiUrl, options);
-	const peers = await res.json() as OpnsenseWgPeers;
-	peers.rows = peers.rows.filter(peer => peer['latest-handshake'])
-
-	if (!peers) {
-		return error(500, 'Error getting info from OPNsense API');
-	}
-	return new Response(JSON.stringify(peers), {
-		headers: {
-			'Content-Type': 'application/json',
-			'Cache-Control': 'max-age=5',
-		}
 	});
-};
+	return (await res.json()) as OpnsenseWgPeers;
+}
--- a/src/routes/api/devices/+server.ts
+++ b/src/routes/api/devices/+server.ts
@@ -1,29 +1,29 @@
 import { error } from '@sveltejs/kit';
 import type { RequestHandler } from './$types';
-import { createClient, findClients, mapClientToDetails } from '$lib/server/clients';
+import { createDevice, findDevices, mapDeviceToDetails } from '$lib/server/devices';

 export const GET: RequestHandler = async (event) => {
 	if (!event.locals.user) {
 		return error(401, 'Unauthorized');
 	}

-	const clients = await findClients(event.locals.user.id);
+	const devices = await findDevices(event.locals.user.id);
 	return new Response(
 		JSON.stringify({
-			clients: clients.map(mapClientToDetails),
+			devices: devices.map(mapDeviceToDetails),
 		}),
 	);
 };


-export type Clients = Awaited<ReturnType<typeof findClients>>;
+export type Devices = Awaited<ReturnType<typeof findDevices>>;

 export const POST: RequestHandler = async (event) => {
 	if (!event.locals.user) {
 		return error(401, 'Unauthorized');
 	}
 	const { name } = await event.request.json();
-	const res = await createClient({
+	const res = await createDevice({
 		name,
 		user: event.locals.user,
 	});
--- a/src/routes/api/devices/[id]/+server.ts
+++ b/src/routes/api/devices/[id]/+server.ts
@@ -0,0 +1,20 @@
+import { error } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { findDevice, mapDeviceToDetails } from '$lib/server/devices';
+
+export const GET: RequestHandler = async (event) => {
+	if (!event.locals.user) {
+		return error(401, 'Unauthorized');
+	}
+
+	const { id } = event.params;
+	const deviceId = parseInt(id);
+	if (isNaN(deviceId)) {
+		return error(400, 'Invalid device ID');
+	}
+	const device = await findDevice(event.locals.user.id, deviceId);
+	if (!device) {
+		return error(404, 'Device not found');
+	}
+	return new Response(JSON.stringify(mapDeviceToDetails(device)));
+};
--- a/src/routes/auth/authentik/callback/+server.ts
+++ b/src/routes/auth/authentik/callback/+server.ts
@@ -34,8 +34,8 @@ export async function GET(event: RequestEvent): Promise<Response> {
 			status: 400
 		});
 	}
-	const claims = decodeIdToken(tokens.idToken());
-	console.log("claims", claims);
+	const claims = decodeIdToken(tokens.idToken()) as { sub: string, preferred_username: string, name: string };
+	console.info("claims", claims);
 	const userId: string = claims.sub;
 	const username: string = claims.preferred_username;

--- a/src/routes/clients/+page.svelte
+++ b/src/routes/clients/+page.svelte
@@ -1,55 +0,0 @@
-<script lang="ts">
-	import * as Table from '$lib/components/ui/table';
-	import { Badge } from '$lib/components/ui/badge';
-	import { Button } from '$lib/components/ui/button';
-	import { Input } from '$lib/components/ui/input';
-	import type { PageData } from './$types';
-	import { LucidePlus } from 'lucide-svelte';
-
-	const { data }: { data: PageData } = $props();
-</script>
-
-<svelte:head>
-	<title>Clients</title>
-</svelte:head>
-
-<Table.Root class="bg-accent rounded-lg overflow-hidden divide-y-2 divide-background">
-	<Table.Header>
-		<Table.Row>
-			<Table.Head scope="col">Name</Table.Head>
-			<Table.Head scope="col">Public Key</Table.Head>
-<!--			<Table.Head scope="col">Private Key</Table.Head>-->
-<!--			<Table.Head scope="col">Pre-Shared Key</Table.Head>-->
-			<Table.Head scope="col">IP Allocation</Table.Head>
-		</Table.Row>
-	</Table.Header>
-	<Table.Body class="divide-y-2 divide-background">
-		{#each data.clients as client}
-			<Table.Row class="hover:bg-background hover:bg-opacity-40 group">
-				<Table.Head scope="row">
-					<a href={`/clients/${client.id}`} class="flex items-center size-full group-hover:underline">
-						{client.name}
-					</a>
-				</Table.Head>
-				<Table.Cell class="truncate">{client.publicKey}</Table.Cell>
-<!--				<Table.Cell class="truncate max-w-[10ch]">{client.privateKey}</Table.Cell>-->
-<!--				<Table.Cell class="truncate max-w-[10ch]">{client.preSharedKey}</Table.Cell>-->
-				<Table.Cell class="flex flex-wrap gap-1">
-					{#each client.ips as ip}
-						<Badge class="bg-background select-auto" variant="secondary">{ip}</Badge>
-					{/each}
-				</Table.Cell>
-			</Table.Row>
-		{/each}
-	</Table.Body>
-</Table.Root>
-
-<!--Floating action button for adding a new client-->
-<!--Not sure if this is the best place for the input field, will think about it later-->
-<form class="flex self-end mt-auto pt-4" method="post" action="?/create">
-	<Input type="text" name="name" placeholder="New Client" class="mr-2" />
-	<Button type="submit">
-		<LucidePlus class="mr-2 h-4 w-4" />
-		Add Client
-	</Button>
-</form>
--- a/src/routes/clients/+page.ts
+++ b/src/routes/clients/+page.ts
@@ -1,9 +0,0 @@
-import type { PageLoad } from './$types';
-import type { ClientDetails } from '$lib/types/clients';
-
-export const load: PageLoad = async ({ fetch }) => {
-	const res = await fetch('/api/clients');
-	const { clients } = await res.json() as { clients: ClientDetails[] };
-
-	return { clients };
-};
--- a/src/routes/clients/[id]/+page.svelte
+++ b/src/routes/clients/[id]/+page.svelte
@@ -1,55 +0,0 @@
-<script lang="ts">
-	import type { PageData } from './$types';
-	import { LucideClipboardCopy } from 'lucide-svelte';
-	import { Button } from '$lib/components/ui/button';
-	import QRCode from 'qrcode-svg';
-
-	const { data }: { data: PageData } = $props();
-
-	let tooltipText = $state('Copy to clipboard');
-	let qrCode = new QRCode({
-		content: data.config,
-		join: true,
-	});
-
-	async function copyToClipboard() {
-		await navigator.clipboard.writeText(data.config);
-		tooltipText = 'Copied!';
-	}
-
-	function onMouseLeave() {
-		tooltipText = 'Copy to clipboard';
-	}
-</script>
-
-<svelte:head>
-	<title></title>
-</svelte:head>
-
-<h1 class="bg-accent text-lg w-fit rounded-lg p-2 mb-4">{data.client.name}</h1>
-
-<div class="flex flex-wrap gap-4">
-	<div class="relative bg-accent rounded-lg max-w-fit">
-		<div class="flex items-start p-2 overflow-x-auto">
-			<pre><code>{data.config}</code></pre>
-
-			<!--Copy button for the configuration-->
-			<!--Flex reverse for peer hover to work properly-->
-			<div class="absolute group flex flex-row-reverse items-center gap-1 right-2">
-				<Button class="peer size-10 p-2"
-								onclick={copyToClipboard}
-								onmouseleave={onMouseLeave}
-				>
-					<LucideClipboardCopy />
-				</Button>
-				<span class="hidden peer-hover:block bg-background text-xs rounded-lg p-2">
-				{tooltipText}
-			</span>
-			</div>
-		</div>
-	</div>
-
-	<div class="rounded-lg overflow-hidden">
-		{@html qrCode.svg()}
-	</div>
-</div>
--- a/src/routes/clients/[id]/+page.ts
+++ b/src/routes/clients/[id]/+page.ts
@@ -1,16 +0,0 @@
-import type { PageLoad } from './$types';
-import type { ClientDetails } from '$lib/types/clients';
-import { clientDetailsToConfig } from '$lib/clients';
-import { error } from '@sveltejs/kit';
-
-export const load: PageLoad = async ({ fetch, params }) => {
-	const res = await fetch(`/api/clients/${params.id}`);
-	const resJson = await res.json();
-	if (!res.ok) {
-		return error(res.status, resJson['message']);
-	}
-	const client = resJson as ClientDetails;
-	const config = clientDetailsToConfig(client);
-
-	return { client, config };
-};
--- a/src/routes/connections/+page.svelte
+++ b/src/routes/connections/+page.svelte
@@ -16,14 +16,12 @@
 		return () => clearInterval(interval);
 	});

-	function getSize(size: number) {
-		let sizes = ['Bytes', 'KiB', 'MiB', 'GiB',
-			'TiB', 'PiB', 'EiB', 'ZiB', 'YiB'];
+	function toSizeString(size: number) {
+		let sizes = ['Bytes', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB'];

 		for (let i = 1; i < sizes.length; i++) {
 			if (size < Math.pow(1024, i))
-				return (Math.round((size / Math.pow(
-					1024, i - 1)) * 100) / 100) + ' ' + sizes[i - 1];
+				return Math.round((size / Math.pow(1024, i - 1)) * 100) / 100 + ' ' + sizes[i - 1];
 		}
 		return size;
 	}
@@ -33,38 +31,34 @@
 	<title>Connections</title>
 </svelte:head>

-<Table.Root class="bg-accent rounded-lg overflow-hidden divide-y-2 divide-background">
+<Table.Root class="divide-y-2 divide-background overflow-hidden rounded-lg bg-accent">
 	<Table.Header>
 		<Table.Row>
-			<Table.Head scope="col">Name</Table.Head>
+			<Table.Head scope="col">Device</Table.Head>
 			<Table.Head scope="col">Public Key</Table.Head>
 			<Table.Head scope="col">Endpoint</Table.Head>
-			<Table.Head scope="col">Allowed IPs</Table.Head>
+			<Table.Head scope="col">Device IPs</Table.Head>
 			<Table.Head scope="col">Latest Handshake</Table.Head>
 			<Table.Head scope="col">RX</Table.Head>
 			<Table.Head scope="col">TX</Table.Head>
-			<Table.Head scope="col" class="hidden">Persistent Keepalive</Table.Head>
-			<Table.Head scope="col" class="hidden">Interface Name</Table.Head>
 		</Table.Row>
 	</Table.Header>
 	<Table.Body class="divide-y-2 divide-background">
-		{#each data.peers.rows as peer}
-			<Table.Row class="hover:bg-background hover:bg-opacity-40">
-				<Table.Head scope="row">{peer.name}</Table.Head>
-				<Table.Cell class="truncate max-w-[10ch]">{peer['public-key']}</Table.Cell>
-				<Table.Cell>{peer.endpoint}</Table.Cell>
+		{#each data.connections as conn}
+			<Table.Row class="hover:bg-surface">
+				<Table.Head scope="row">{conn.deviceName}</Table.Head>
+				<Table.Cell class="max-w-[10ch] truncate">{conn.devicePublicKey}</Table.Cell>
+				<Table.Cell>{conn.endpoint}</Table.Cell>
 				<Table.Cell>
 					<div class="flex flex-wrap gap-1">
-						{#each peer['allowed-ips'].split(',') as addr}
-							<Badge class="bg-background select-auto" variant="secondary">{addr}</Badge>
+						{#each conn.deviceIps as addr}
+							<Badge class="select-auto bg-background" variant="secondary">{addr}</Badge>
 						{/each}
 					</div>
 				</Table.Cell>
-				<Table.Cell>{new Date(peer['latest-handshake'] * 1000).toLocaleString()}</Table.Cell>
-				<Table.Cell>{getSize(peer['transfer-rx'])}</Table.Cell>
-				<Table.Cell>{getSize(peer['transfer-tx'])}</Table.Cell>
-				<Table.Cell class="hidden">{peer['persistent-keepalive']}</Table.Cell>
-				<Table.Cell class="hidden">{peer.ifname}</Table.Cell>
+				<Table.Cell>{new Date(conn.latestHandshake).toLocaleString()}</Table.Cell>
+				<Table.Cell>{toSizeString(conn.transferRx)}</Table.Cell>
+				<Table.Cell>{toSizeString(conn.transferTx)}</Table.Cell>
 			</Table.Row>
 		{/each}
 	</Table.Body>
--- a/src/routes/connections/+page.ts
+++ b/src/routes/connections/+page.ts
@@ -1,9 +1,9 @@
 import type { PageLoad } from './$types';
-import type { OpnsenseWgPeers } from '$lib/opnsense/wg';
+import type { ConnectionDetails } from '$lib/connections';

 export const load: PageLoad = async ({ fetch }) => {
 	const res = await fetch('/api/connections');
-	const peers = await res.json() as OpnsenseWgPeers;
+	const connections = await res.json() as ConnectionDetails[];

-	return { peers };
+	return { connections };
 };
--- a/src/routes/devices/+page.server.ts
+++ b/src/routes/devices/+page.server.ts
@@ -1,6 +1,6 @@
 import type { Actions } from './$types';
-import { createClient } from '$lib/server/clients';
-import { error } from '@sveltejs/kit';
+import { createDevice } from '$lib/server/devices';
+import { error, redirect } from '@sveltejs/kit';

 export const actions = {
 	create: async (event) => {
@@ -8,16 +8,14 @@ export const actions = {
 		const formData = await event.request.formData();
 		const name = formData.get('name');
 		if (typeof name !== 'string' || name.trim() === '') return error(400, 'Invalid name');
-		const res = await createClient({
+		const res = await createDevice({
 			name: name.trim(),
 			user: event.locals.user,
 		});

 		switch (res._tag) {
 			case 'ok': {
-				return {
-					status: 201,
-				};
+				return redirect(303, `/devices/${res.value}`);
 			}
 			case 'err': {
 				const [status, message] = res.error;
--- a/src/routes/devices/+page.svelte
+++ b/src/routes/devices/+page.svelte
@@ -0,0 +1,99 @@
+<script lang="ts">
+	import * as Table from '$lib/components/ui/table';
+	import * as Dialog from '$lib/components/ui/dialog';
+	import { Badge } from '$lib/components/ui/badge';
+	import { Button, buttonVariants } from '$lib/components/ui/button';
+	import { Input } from '$lib/components/ui/input';
+	import { LucideLoaderCircle, LucidePlus } from 'lucide-svelte';
+	import type { PageData } from './$types';
+	import { Label } from '$lib/components/ui/label';
+	import { page } from '$app/state';
+
+	const { data }: { data: PageData } = $props();
+
+	let dialogOpen = $state(page.url.searchParams.has('add'));
+	let dialogVal = $state(page.url.searchParams.get('add') ?? '');
+	let submitted = $state(false);
+
+	$effect(() => {
+		if (dialogOpen) page.url.searchParams.set('add', dialogVal);
+		else page.url.searchParams.delete('add');
+
+		window.history.replaceState(history.state, '', page.url);
+	});
+</script>
+
+<svelte:head>
+	<title>Devices</title>
+</svelte:head>
+
+<Table.Root class="divide-y-2 divide-background overflow-hidden rounded-lg bg-accent">
+	<Table.Header>
+		<Table.Row>
+			<Table.Head scope="col">Name</Table.Head>
+			<Table.Head scope="col">Public Key</Table.Head>
+			<!--			<Table.Head scope="col">Private Key</Table.Head>-->
+			<!--			<Table.Head scope="col">Pre-Shared Key</Table.Head>-->
+			<Table.Head scope="col">IP Allocation</Table.Head>
+		</Table.Row>
+	</Table.Header>
+	<Table.Body class="divide-y-2 divide-background">
+		{#each data.devices as device}
+			<Table.Row class="hover:bg-surface group">
+				<Table.Head scope="row">
+					<a
+						href="/devices/{device.id}"
+						class="flex size-full items-center group-hover:underline"
+					>
+						{device.name}
+					</a>
+				</Table.Head>
+				<Table.Cell class="truncate">{device.publicKey}</Table.Cell>
+				<!--				<Table.Cell class="truncate max-w-[10ch]">{device.privateKey}</Table.Cell>-->
+				<!--				<Table.Cell class="truncate max-w-[10ch]">{device.preSharedKey}</Table.Cell>-->
+				<Table.Cell class="flex flex-wrap gap-1">
+					{#each device.ips as ip}
+						<Badge class="select-auto bg-background" variant="secondary">{ip}</Badge>
+					{/each}
+				</Table.Cell>
+			</Table.Row>
+		{/each}
+	</Table.Body>
+</Table.Root>
+
+<!--Floating action button for adding a new device-->
+<Dialog.Root bind:open={dialogOpen}>
+	<div class="mt-auto flex self-end pt-4">
+		<Dialog.Trigger class={buttonVariants({ variant: 'default' }) + ' flex gap-4'}>
+			<LucidePlus />
+			New Device
+		</Dialog.Trigger>
+	</div>
+	<Dialog.Content class="max-w-xs">
+		<form class="contents" method="post" onsubmit={() => submitted = true} action="?/create">
+			<Dialog.Header class="">
+				<Dialog.Title>Add a new device</Dialog.Title>
+			</Dialog.Header>
+			<div class="flex flex-wrap items-center justify-between gap-4">
+				<Label for="name">Name</Label>
+				<Input
+					bind:value={dialogVal}
+					required
+					pattern=".*[^\s]+.*"
+					type="text"
+					name="name"
+					placeholder="New Device"
+					class="max-w-[20ch]"
+				/>
+			</div>
+			<Dialog.Footer>
+				<Button type="submit" disabled={submitted}>
+					{#if submitted}
+						<LucideLoaderCircle class="size-4 mr-2 animate-spin" />
+					{/if}
+					Add
+				</Button>
+			</Dialog.Footer>
+		</form>
+	</Dialog.Content>
+</Dialog.Root>
--- a/src/routes/devices/+page.ts
+++ b/src/routes/devices/+page.ts
@@ -0,0 +1,9 @@
+import type { PageLoad } from './$types';
+import type { DeviceDetails } from '$lib/devices';
+
+export const load: PageLoad = async ({ fetch }) => {
+	const res = await fetch('/api/devices');
+	const { devices } = await res.json() as { devices: DeviceDetails[] };
+
+	return { devices };
+};
--- a/src/routes/devices/[id]/+page.svelte
+++ b/src/routes/devices/[id]/+page.svelte
@@ -0,0 +1,41 @@
+<script lang="ts">
+	import type { PageData } from './$types';
+	import QRCode from 'qrcode-svg';
+	import { CodeSnippet } from '$lib/components/app/code-snippet';
+	import { WireguardGuide } from '$lib/components/app/wireguard-guide';
+
+	const { data }: { data: PageData } = $props();
+
+	// Clean the device name for the wg config filename,
+	// things can break otherwise (too long or invalid characters)
+	// https://github.com/pirate/wireguard-docs
+	const deviceWgCleanedName =
+		data.device.name.slice(0, 15).replace(/[^a-zA-Z0-9_=+.-]/g, '_') + '.conf';
+
+	let qrCode = new QRCode({
+		content: data.config,
+		join: true,
+		background: 'hsl(var(--accent-light))',
+		width: 296,
+		height: 296,
+	});
+</script>
+
+<svelte:head>
+	<title>{data.device.name}</title>
+</svelte:head>
+
+<h1 class="w-fit rounded-lg bg-accent p-2 text-lg">{data.device.name}</h1>
+
+<section id="device-configuration" class="flex flex-wrap items-center justify-center gap-4">
+	<CodeSnippet data={data.config} filename={deviceWgCleanedName} copy download />
+
+	<div class="size-fit overflow-auto rounded-lg">
+		{@html qrCode.svg()}
+	</div>
+</section>
+<section id="usage" class="flex w-full flex-col gap-2">
+	<h2 class="text-xl font-semibold">Usage</h2>
+	<p>To use VPGen, you need to install the WireGuard app on your device.</p>
+	<WireguardGuide />
+</section>
--- a/src/routes/devices/[id]/+page.ts
+++ b/src/routes/devices/[id]/+page.ts
@@ -0,0 +1,15 @@
+import type { PageLoad } from './$types';
+import { type DeviceDetails, deviceDetailsToConfig } from '$lib/devices';
+import { error } from '@sveltejs/kit';
+
+export const load: PageLoad = async ({ fetch, params }) => {
+	const res = await fetch(`/api/devices/${params.id}`);
+	const resJson = await res.json();
+	if (!res.ok) {
+		return error(res.status, resJson['message']);
+	}
+	const device = resJson as DeviceDetails;
+	const config = deviceDetailsToConfig(device);
+
+	return { device, config };
+};
--- a/src/routes/user/+page.svelte
+++ b/src/routes/user/+page.svelte
@@ -2,6 +2,7 @@
 	import { invalidate, invalidateAll } from '$app/navigation';
 	import { Button } from '$lib/components/ui/button';
 	import { LucideLoaderCircle, LucideLogOut, LucideRefreshCw } from 'lucide-svelte';
+	import { CodeSnippet } from '$lib/components/app/code-snippet/index.js';

 	let { data } = $props();
 	let isLoadingSignOut = $state(false);
@@ -16,19 +17,21 @@
 	}
 </script>

-<svelte:head>
-	<title>User Profile</title>
-</svelte:head>
+<div class="flex flex-col gap-2">
+	<CodeSnippet data={JSON.stringify(data.user, null, 2)} />

-<pre>{JSON.stringify(data.user, null, 2)}</pre>
-
-<div class="flex gap-2">
+	<div class="flex gap-2">
 		<Button onclick={refetch}>
 			<LucideRefreshCw class="mr-2 h-4 w-4" />
 			Invalidate Data
 		</Button>
 		<form class="inline-flex" method="post" action="/auth?/logout">
-		<Button type="submit" onclick={() => {isLoadingSignOut = true}}>
+			<Button
+				type="submit"
+				onclick={() => {
+					isLoadingSignOut = true;
+				}}
+			>
 				{#if isLoadingSignOut}
 					<LucideLoaderCircle class="mr-2 h-4 w-4 animate-spin" />
 				{:else}
@@ -37,4 +40,5 @@
 				Sign Out
 			</Button>
 		</form>
+	</div>
 </div>
--- a/svelte.config.js
+++ b/svelte.config.js
@@ -1,4 +1,4 @@
-import adapter from '@sveltejs/adapter-auto';
+import adapter from '@sveltejs/adapter-node';
 import { vitePreprocess } from '@sveltejs/vite-plugin-svelte';

 /** @type {import('@sveltejs/kit').Config} */
--- a/tailwind.config.ts
+++ b/tailwind.config.ts
@@ -1,64 +1,97 @@
-import { fontFamily } from "tailwindcss/defaultTheme";
-import type { Config } from "tailwindcss";
+import { fontFamily } from 'tailwindcss/defaultTheme';
+import type { Config } from 'tailwindcss';
+import tailwindcssAnimate from 'tailwindcss-animate';

 const config: Config = {
-	darkMode: ["class"],
-	content: ["./src/**/*.{html,js,svelte,ts}"],
-	safelist: ["dark"],
+	darkMode: ['media'],
+	content: ['./src/**/*.{html,js,svelte,ts}'],
+	safelist: ['dark'],
 	theme: {
 		container: {
 			center: true,
-			padding: "2rem",
+			padding: '2rem',
 			screens: {
-				"2xl": "1400px"
-			}
+				'2xl': '1400px',
+			},
 		},
 		extend: {
 			colors: {
-				border: "hsl(var(--border) / <alpha-value>)",
-				input: "hsl(var(--input) / <alpha-value>)",
-				ring: "hsl(var(--ring) / <alpha-value>)",
-				background: "hsl(var(--background) / <alpha-value>)",
-				foreground: "hsl(var(--foreground) / <alpha-value>)",
+				border: 'hsl(var(--border) / <alpha-value>)',
+				input: 'hsl(var(--input) / <alpha-value>)',
+				ring: 'hsl(var(--ring) / <alpha-value>)',
+				background: 'hsl(var(--background) / <alpha-value>)',
+				foreground: 'hsl(var(--foreground) / <alpha-value>)',
 				primary: {
-					DEFAULT: "hsl(var(--primary) / <alpha-value>)",
-					foreground: "hsl(var(--primary-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--primary) / <alpha-value>)',
+					foreground: 'hsl(var(--primary-foreground) / <alpha-value>)',
 				},
 				secondary: {
-					DEFAULT: "hsl(var(--secondary) / <alpha-value>)",
-					foreground: "hsl(var(--secondary-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--secondary) / <alpha-value>)',
+					foreground: 'hsl(var(--secondary-foreground) / <alpha-value>)',
 				},
 				destructive: {
-					DEFAULT: "hsl(var(--destructive) / <alpha-value>)",
-					foreground: "hsl(var(--destructive-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--destructive) / <alpha-value>)',
+					foreground: 'hsl(var(--destructive-foreground) / <alpha-value>)',
 				},
 				muted: {
-					DEFAULT: "hsl(var(--muted) / <alpha-value>)",
-					foreground: "hsl(var(--muted-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--muted) / <alpha-value>)',
+					foreground: 'hsl(var(--muted-foreground) / <alpha-value>)',
 				},
 				accent: {
-					DEFAULT: "hsl(var(--accent) / <alpha-value>)",
-					foreground: "hsl(var(--accent-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--accent) / <alpha-value>)',
+					foreground: 'hsl(var(--accent-foreground) / <alpha-value>)',
 				},
 				popover: {
-					DEFAULT: "hsl(var(--popover) / <alpha-value>)",
-					foreground: "hsl(var(--popover-foreground) / <alpha-value>)"
+					DEFAULT: 'hsl(var(--popover) / <alpha-value>)',
+					foreground: 'hsl(var(--popover-foreground) / <alpha-value>)',
 				},
 				card: {
-					DEFAULT: "hsl(var(--card) / <alpha-value>)",
-					foreground: "hsl(var(--card-foreground) / <alpha-value>)"
-				}
+					DEFAULT: 'hsl(var(--card) / <alpha-value>)',
+					foreground: 'hsl(var(--card-foreground) / <alpha-value>)',
+				},
+				sidebar: {
+					DEFAULT: 'hsl(var(--sidebar-background))',
+					foreground: 'hsl(var(--sidebar-foreground))',
+					primary: 'hsl(var(--sidebar-primary))',
+					'primary-foreground': 'hsl(var(--sidebar-primary-foreground))',
+					accent: 'hsl(var(--sidebar-accent))',
+					'accent-foreground': 'hsl(var(--sidebar-accent-foreground))',
+					border: 'hsl(var(--sidebar-border))',
+					ring: 'hsl(var(--sidebar-ring))',
+				},
+				surface: 'hsl(var(--surface) / <alpha-value>)',
 			},
 			borderRadius: {
-				lg: "var(--radius)",
-				md: "calc(var(--radius) - 2px)",
-				sm: "calc(var(--radius) - 4px)"
+				xl: 'calc(var(--radius) + 4px)',
+				lg: 'var(--radius)',
+				md: 'calc(var(--radius) - 2px)',
+				sm: 'calc(var(--radius) - 4px)',
 			},
 			fontFamily: {
-				sans: [...fontFamily.sans]
-			}
-		}
+				sans: [...fontFamily.sans],
 			},
+			keyframes: {
+				'accordion-down': {
+					from: { height: '0' },
+					to: { height: 'var(--bits-accordion-content-height)' },
+				},
+				'accordion-up': {
+					from: { height: 'var(--bits-accordion-content-height)' },
+					to: { height: '0' },
+				},
+				'caret-blink': {
+					'0%,70%,100%': { opacity: '1' },
+					'20%,50%': { opacity: '0' },
+				},
+			},
+			animation: {
+				'accordion-down': 'accordion-down 0.2s ease-out',
+				'accordion-up': 'accordion-up 0.2s ease-out',
+				'caret-blink': 'caret-blink 1.25s ease-out infinite',
+			},
+		},
+	},
+	plugins: [tailwindcssAnimate],
 };

 export default config;
Author	SHA1	Message	Date
Yuri Tatishchev	b38ab19c3e	WIP: more proper logging	2025-01-09 15:01:03 -08:00
Yuri Tatishchev	80acec720c	opnsense: sanitize usernames for creating peers	2025-01-09 14:44:48 -08:00
Yuri Tatishchev	29fbccc953	connections page: update API, combine opnsense data with db data	2025-01-07 19:03:54 -08:00
Yuri Tatishchev	76559d2931	update guide video for android	2025-01-07 17:58:31 -08:00
Yuri Tatishchev	cc7c94417d	rename clients to devices	2025-01-07 16:22:43 -08:00
Yuri Tatishchev	d99ee9ef1e	more layout improvements	2025-01-01 21:48:34 -08:00
Yuri Tatishchev	32ab4104a7	super mega layout improvements	2025-01-01 17:15:12 -08:00
Yuri Tatishchev	923c24a93e	client page: add tutorial, layout ui improvements	2024-12-26 01:45:58 -08:00
Yuri Tatishchev	3861c30ffd	update shadcn, upgrade and fix components, everything to latest	2024-12-26 01:41:14 -08:00
Yuri Tatishchev	423165e105	home page improvements: link to create new client	2024-12-25 17:00:42 -08:00
Yuri Tatishchev	015bb7b05b	clients page dialog improvements: state in url params	2024-12-25 16:16:13 -08:00
Yuri Tatishchev	62daabcd4c	client page ui improvements, refactor code-snippet into separate component	2024-12-25 13:15:36 -08:00
Yuri Tatishchev	ea11bf8a72	clients page: make add form a modal	2024-12-25 12:09:57 -08:00
Yuri Tatishchev	a40757c325	get rid of AUTH_REDIRECT_URL	2024-12-25 03:30:31 -08:00
Yuri Tatishchev	b8279e3c43	clients page: add required to new client input	2024-12-25 03:30:27 -08:00
Yuri Tatishchev	bc2cf3c7ca	client page: fix config overflow, add download button	2024-12-24 23:24:50 -08:00
Yuri Tatishchev	c734b445a8	docker build setup	2024-12-24 03:59:41 -08:00
Yuri Tatishchev	7b3c45d845	prepare for deployment	2024-12-24 01:30:41 -08:00
Yuri Tatishchev	3372575e9a	change env static variables to dynamic	2024-12-24 00:52:02 -08:00