Author: deadboizxc
Version: 1.0 • Release: November 2025
License: NGC License - Free for personal use
License Note: NGC License v1.0 — non-commercial use permitted. commercial use requires prior written permission from the copyright holder; redistribution of modified versions must clearly indicate the original author and retain the license notice. see LICENSE_REQUEST_TEMPLATE.md for a template to request permission.
| English | Українська |
|---|---|
| README_EN.md | README_UA.md |
- Smart CLI Client - Intuitive command-line interface
- Enhanced Encryption - ChaCha20 + SHA256 security
- Unified Protocol - Single protocol for all modes
- Device Management - Saved configurations
- Extended Commands - OTA, restart, web control, crypto info
- cloud relay supports secure websocket (wss) connections from devices for nat traversal. server is a transparent pipe and does not inspect encrypted payloads. use
/api/pushand/api/pullor websocket endpoints under/api/ws/*.
curl examples:
curl -X POST "${base_url}/api/device/create" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer API_TOKEN_HERE" \
-d '{"device_id":"device_id","device_token":"device_token"}'
curl -X POST "${base_url}/api/push" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer API_TOKEN_HERE" \
-d '{"device_id":"device_id","device_token":"device_token","payload":"your_encrypted_data_here","signature":"signature","version":"1.0"}'
| Feature | Description |
|---|---|
| ChaCha20 + SHA256 | End-to-end encryption with hashing |
| Cloud + Local TCP | Dual-mode operation |
| Web UI | http://192.168.4.1 for setup |
| OTA Updates | Wireless firmware updates |
| Token Auth | Secure device & API tokens |
| Docker Server | Cloud relay in container |
| Smart CLI | Intuitive command interface |
| Zero Storage | No logs, no sensitive data stored |
# Open WakeLink.ino in Arduino IDE
# Select ESP8266/ESP32 board
# Upload to device# Connect to WakeLink-Setup (password: configure123)
# Open http://192.168.4.1 in browser
# Configure WiFi and get device tokenthe CLI follows the syntax used in client/wakelink.py. examples:
cd client
# make executable and add to PATH
chmod +x wl
sudo ln -s $(pwd)/wl /usr/local/bin/wl
# add a local tcp device (positional form)
wl add pico token your_token ip 192.168.1.50
# register a cloud device (positional form)
wl register pico device-id WL123 api-token sk-xxx
# list configured devices
wl list
# remove a device
wl remove pico
# device commands (positional device name)
wl pico ping
wl pico info
wl pico wake 00:11:22:33:44:55
wl pico restart
# alternate flag forms are also supported
wl --add-device myesp --ip 192.168.1.100 --token YOUR_DEVICE_TOKEN
wl --register-device mycloud --device-id WL123 --api-token API_TOKENWakeLink/
├── client/ # Python CLI Client
│ ├── wl # Main executable
│ ├── config/ # Device management
│ ├── protocol/ # Commands & packets
│ ├── handlers/ # TCP & Cloud clients
│ └── core/ # Crypto & base commands
├── firmware/ # ESP8266/ESP32 Firmware
│ └── WakeLink/ # Main firmware
│ ├── WakeLink.ino
│ ├── config.h/cpp
│ ├── CryptoManager.h/cpp
│ ├── command.h/cpp
│ ├── tcp_handler.h/cpp
│ ├── cloud_client.h/cpp
│ └── ... (23 files)
└── server/ # Cloud Relay (FastAPI)
├── main.py
├── core/ # Database, auth, models
├── routes/ # API endpoints
└── templates/ # Web UI
# docker-compose.yml
services:
wakelink-server:
build: ./server
ports: ["9009:9009"]
restart: unless-stopped
volumes:
- ./data:/app/datadocker-compose up -dcd server
pip install -r requirements.txt
python main.pywl --add-device myesp --ip 192.168.1.100 --token DEVICE_TOKEN
wl --add-device mycloud --token DEVICE_TOKEN --api-token API_TOKEN --cloud
wl listwl d myesp info # Device information
wl device myesp ping # Connectivity check
wl -d myesp wake AA:BB:CC:DD:EE:FF # Wake-on-LAN
wl d myesp restart # Restart device
wl device myesp ota # OTA update
wl d myesp crypto # Crypto informationwl d myesp site-on # Enable web server
wl d myesp site-off # Disable web server
wl d myesp site-status # Web server status[2 bytes: data length] + [ChaCha20 ciphertext] + [16 bytes: nonce]
{
"command": "wake",
"data": {"mac": "AA:BB:CC:DD:EE:FF"},
"device_id": "esp01",
"timestamp": 1630000000000
}- Local TCP: Port 99, encrypted JSON over TCP
- Cloud HTTP:
/api/push&/api/pullendpoints - Authentication: Device token + API token (cloud)
| Command | Parameters | Description |
|---|---|---|
ping |
- | Connectivity check |
info |
- | Device information |
wake |
mac |
Send Wake-on-LAN |
restart |
- | Restart device |
ota_start |
- | Start OTA update |
open_setup |
- | Open configuration AP |
web_control |
action |
Web server management |
crypto_info |
- | Crypto system info |
counter_info |
- | Request statistics |
reset_counter |
- | Reset request counter |
- ChaCha20 Encryption - Stream cipher for all commands
- SHA256 Hashing - Token and key derivation
- Unique Nonce - Each packet gets fresh nonce
- Request Limiting - Protection against brute force
- Token Authentication - Two-tier token system
- No Sensitive Storage - Keys not persisted
| Service | Port | Protocol | Purpose |
|---|---|---|---|
| TCP Server | 99 | TCP | Local encrypted commands |
| Web Server | 80 | HTTP | Configuration interface |
| UDP WOL | 9 | UDP | Wake-on-LAN packets |
| Cloud API | 9009 | HTTP | Cloud relay server |
- "Device not found" - Check device_token match
- "Connection refused" - Verify TCP server on port 99
- "Decrypt failed" - Ensure token consistency
- WOL not working - Check MAC format and network
# Check device status
wl d myesp info
# Monitor serial output
# Arduino IDE: Tools → Serial Monitor (115200 baud)
# Test cloud connectivity
curl http://localhost:9009/api/healthhttp://your-server:9009/dashboard
curl http://localhost:9009/api/health
curl http://localhost:9009/api/statsWakeLink v1.0 - Secure Remote Device Management
Wake your devices. Securely. From anywhere.