mirror of
https://github.com/donaldzou/WGDashboard.git
synced 2025-10-03 15:56:17 +00:00
Compare commits
18 Commits
cleanup-da
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
eb1d52ffba | ||
|
|
5db7351f8c | ||
|
5ae3a56337 | ||
|
|
e7068b472e | ||
|
|
3dc94a35a1 | ||
|
|
f82abd71a3 | ||
|
|
602238d794 | ||
|
|
4d4a15740b | ||
|
524d50ee07 | ||
|
|
fc591b7fe8 | ||
|
|
c2f06193d0 | ||
|
|
f2ead12315 | ||
|
|
ca8700ac2a | ||
|
|
10a8d22efd | ||
|
|
fc3ec61373 | ||
|
094d1c0718 | ||
|
|
0d814ec03c | ||
|
|
5ccfe07e12 |
10
.github/dependabot.yml
vendored
10
.github/dependabot.yml
vendored
@@ -8,24 +8,24 @@ updates:
|
||||
- package-ecosystem: "pip"
|
||||
directory: "/src"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
interval: "weekly"
|
||||
|
||||
- package-ecosystem: "npm"
|
||||
directory: "/src/static/app"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
interval: "weekly"
|
||||
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/.github"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
interval: "weekly"
|
||||
|
||||
- package-ecosystem: "docker"
|
||||
directory: "/docker"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
interval: "weekly"
|
||||
|
||||
- package-ecosystem: "docker-compose"
|
||||
directory: "/docker"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
interval: "weekly"
|
||||
|
||||
1
.gitignore
vendored
1
.gitignore
vendored
@@ -19,7 +19,6 @@ node_modules/**
|
||||
*/proxy.js
|
||||
src/static/app/proxy.js
|
||||
.secrets
|
||||
*.pid
|
||||
|
||||
# Logs
|
||||
logs
|
||||
|
||||
@@ -13,15 +13,15 @@ hash_password() {
|
||||
set_ini() {
|
||||
local section="$1" key="$2" value="$3"
|
||||
local current_value
|
||||
|
||||
|
||||
# Add section if it doesn't exist
|
||||
grep -q "^\[${section}\]" "$config_file" \
|
||||
|| printf "\n[%s]\n" "${section}" >> "$config_file"
|
||||
|
||||
|
||||
# Check current value if key exists
|
||||
if grep -q "^[[:space:]]*${key}[[:space:]]*=" "$config_file"; then
|
||||
current_value=$(grep "^[[:space:]]*${key}[[:space:]]*=" "$config_file" | cut -d= -f2- | xargs)
|
||||
|
||||
|
||||
# Don't display actual value if it's a password field
|
||||
if [[ "$key" == *"password"* ]]; then
|
||||
if [ "$current_value" = "$value" ]; then
|
||||
@@ -40,7 +40,7 @@ set_ini() {
|
||||
fi
|
||||
else
|
||||
sed -i "/^\[${section}\]/a ${key} = ${value}" "$config_file"
|
||||
|
||||
|
||||
# Don't display actual value if it's a password field
|
||||
if [[ "$key" == *"password"* ]]; then
|
||||
echo "- Added new setting $key (value hidden)"
|
||||
@@ -61,58 +61,58 @@ echo "Starting the WGDashboard Docker container."
|
||||
|
||||
ensure_installation() {
|
||||
echo "Quick-installing..."
|
||||
|
||||
|
||||
# Make the wgd.sh script executable.
|
||||
chmod +x "${WGDASH}"/src/wgd.sh
|
||||
cd "${WGDASH}"/src || exit
|
||||
|
||||
|
||||
# Github issue: https://github.com/donaldzou/WGDashboard/issues/723
|
||||
echo "Checking for stale pids..."
|
||||
if [[ -f ${WGDASH}/src/gunicorn.pid ]]; then
|
||||
echo "Found stale pid, removing..."
|
||||
rm ${WGDASH}/src/gunicorn.pid
|
||||
fi
|
||||
|
||||
|
||||
# Removing clear shell command from the wgd.sh script to enhance docker logging.
|
||||
echo "Removing clear command from wgd.sh for better Docker logging."
|
||||
sed -i '/clear/d' ./wgd.sh
|
||||
|
||||
|
||||
# Create required directories and links
|
||||
if [ ! -d "/data/db" ]; then
|
||||
echo "Creating database dir"
|
||||
mkdir -p /data/db
|
||||
fi
|
||||
|
||||
|
||||
if [ ! -d "${WGDASH}/src/db" ]; then
|
||||
ln -s /data/db "${WGDASH}/src/db"
|
||||
fi
|
||||
|
||||
|
||||
if [ ! -f "${config_file}" ]; then
|
||||
echo "Creating wg-dashboard.ini file"
|
||||
touch "${config_file}"
|
||||
fi
|
||||
|
||||
|
||||
if [ ! -f "${WGDASH}/src/wg-dashboard.ini" ]; then
|
||||
ln -s "${config_file}" "${WGDASH}/src/wg-dashboard.ini"
|
||||
fi
|
||||
|
||||
# Create the Python virtual environment.
|
||||
. "${WGDASH}/src/venv/bin/activate"
|
||||
|
||||
|
||||
# Use the bash interpreter to install WGDashboard according to the wgd.sh script.
|
||||
/bin/bash ./wgd.sh install
|
||||
|
||||
|
||||
echo "Looks like the installation succeeded. Moving on."
|
||||
|
||||
|
||||
# Setup WireGuard if needed
|
||||
if [ ! -f "/etc/wireguard/wg0.conf" ]; then
|
||||
if [ -z "$(ls -A /etc/wireguard)" ]; then
|
||||
cp -a "/configs/wg0.conf.template" "/etc/wireguard/wg0.conf"
|
||||
|
||||
|
||||
echo "Setting a secure private key."
|
||||
local privateKey
|
||||
privateKey=$(wg genkey)
|
||||
sed -i "s|^PrivateKey *=.*$|PrivateKey = ${privateKey}|g" /etc/wireguard/wg0.conf
|
||||
|
||||
|
||||
echo "Done setting template."
|
||||
else
|
||||
echo "Existing wg0 configuration file found, using that."
|
||||
@@ -121,51 +121,51 @@ ensure_installation() {
|
||||
|
||||
set_envvars() {
|
||||
printf "\n------------- SETTING ENVIRONMENT VARIABLES ----------------\n"
|
||||
|
||||
|
||||
# Check if config file is empty
|
||||
if [ ! -s "${config_file}" ]; then
|
||||
echo "Config file is empty. Creating initial structure."
|
||||
fi
|
||||
|
||||
|
||||
echo "Checking basic configuration:"
|
||||
set_ini Peers peer_global_dns "${global_dns}"
|
||||
|
||||
|
||||
if [ -z "${public_ip}" ]; then
|
||||
public_ip=$(curl -s ifconfig.me)
|
||||
echo "Automatically detected public IP: ${public_ip}"
|
||||
fi
|
||||
|
||||
|
||||
set_ini Peers remote_endpoint "${public_ip}"
|
||||
set_ini Server app_port "${wgd_port}"
|
||||
|
||||
|
||||
# Account settings - process all parameters
|
||||
[[ -n "$username" ]] && echo "Configuring user account:"
|
||||
# Basic account variables
|
||||
[[ -n "$username" ]] && set_ini Account username "${username}"
|
||||
|
||||
|
||||
if [[ -n "$password" ]]; then
|
||||
echo "- Setting password"
|
||||
set_ini Account password "$(hash_password "${password}")"
|
||||
fi
|
||||
|
||||
|
||||
# Additional account variables
|
||||
[[ -n "$enable_totp" ]] && set_ini Account enable_totp "${enable_totp}"
|
||||
[[ -n "$totp_verified" ]] && set_ini Account totp_verified "${totp_verified}"
|
||||
[[ -n "$totp_key" ]] && set_ini Account totp_key "${totp_key}"
|
||||
|
||||
|
||||
# Welcome session
|
||||
[[ -n "$welcome_session" ]] && set_ini Other welcome_session "${welcome_session}"
|
||||
# If username and password are set but welcome_session isn't, disable it
|
||||
if [[ -n "$username" && -n "$password" && -z "$welcome_session" ]]; then
|
||||
set_ini Other welcome_session "false"
|
||||
fi
|
||||
|
||||
|
||||
# Autostart WireGuard
|
||||
if [[ -n "$wg_autostart" ]]; then
|
||||
echo "Configuring WireGuard autostart:"
|
||||
set_ini WireGuardConfiguration autostart "${wg_autostart}"
|
||||
fi
|
||||
|
||||
|
||||
# Email (check if any settings need to be configured)
|
||||
email_vars=("email_server" "email_port" "email_encryption" "email_username" "email_password" "email_from" "email_template")
|
||||
for var in "${email_vars[@]}"; do
|
||||
@@ -174,12 +174,12 @@ set_envvars() {
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
|
||||
# Email (iterate through all possible fields)
|
||||
email_fields=("server:email_server" "port:email_port" "encryption:email_encryption"
|
||||
"username:email_username" "email_password:email_password"
|
||||
"send_from:email_from" "email_template:email_template")
|
||||
|
||||
|
||||
for field_pair in "${email_fields[@]}"; do
|
||||
IFS=: read -r field var <<< "$field_pair"
|
||||
[[ -n "${!var}" ]] && set_ini Email "$field" "${!var}"
|
||||
@@ -189,7 +189,7 @@ set_envvars() {
|
||||
# Start service and monitor logs
|
||||
start_and_monitor() {
|
||||
printf "\n---------------------- STARTING CORE -----------------------\n"
|
||||
|
||||
|
||||
# Due to some instances complaining about this, making sure its there every time.
|
||||
mkdir -p /dev/net
|
||||
mknod /dev/net/tun c 10 200
|
||||
@@ -198,15 +198,15 @@ start_and_monitor() {
|
||||
# Actually starting WGDashboard
|
||||
echo "Activating Python venv and executing the WireGuard Dashboard service."
|
||||
bash ./wgd.sh start
|
||||
|
||||
|
||||
# Wait a second before continuing, to give the python program some time to get ready.
|
||||
sleep 1
|
||||
echo -e "\nEnsuring container continuation."
|
||||
|
||||
|
||||
# Find and monitor log file
|
||||
local logdir="${WGDASH}/src/log"
|
||||
latestErrLog=$(find "$logdir" -name "error_*.log" -type f -print | sort -r | head -n 1)
|
||||
|
||||
|
||||
# Only tail the logs if they are found
|
||||
if [ -n "$latestErrLog" ]; then
|
||||
tail -f "$latestErrLog" &
|
||||
@@ -221,4 +221,4 @@ start_and_monitor() {
|
||||
# Main execution flow
|
||||
ensure_installation
|
||||
set_envvars
|
||||
start_and_monitor
|
||||
start_and_monitor
|
||||
|
||||
692
src/dashboard.py
692
src/dashboard.py
@@ -1,45 +1,27 @@
|
||||
# --- Standard library imports ---
|
||||
import configparser
|
||||
import hashlib
|
||||
import ipaddress
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
import random
|
||||
import re
|
||||
import secrets
|
||||
import shutil
|
||||
import sqlite3
|
||||
import subprocess
|
||||
import threading
|
||||
import time
|
||||
import random, shutil, sqlite3, configparser, hashlib, ipaddress, json, os, secrets, subprocess
|
||||
import time, re, uuid, bcrypt, psutil, pyotp, threading
|
||||
import traceback
|
||||
import uuid
|
||||
from datetime import datetime, timedelta
|
||||
from itertools import islice
|
||||
from uuid import uuid4
|
||||
from zipfile import ZipFile
|
||||
from datetime import datetime, timedelta
|
||||
|
||||
# --- Third-party imports ---
|
||||
import bcrypt
|
||||
import psutil
|
||||
import pyotp
|
||||
import sqlalchemy
|
||||
from flask import Flask, request, render_template, session, send_file, Response
|
||||
from flask_cors import CORS
|
||||
from flask.json.provider import DefaultJSONProvider
|
||||
from icmplib import ping, traceroute
|
||||
from jinja2 import Template
|
||||
from packaging import version
|
||||
from flask import Flask, request, render_template, session, send_file
|
||||
from flask_cors import CORS
|
||||
from icmplib import ping, traceroute
|
||||
from flask.json.provider import DefaultJSONProvider
|
||||
from itertools import islice
|
||||
|
||||
from sqlalchemy import RowMapping
|
||||
|
||||
# --- Local module imports ---
|
||||
from client import createClientBlueprint
|
||||
from modules.Utilities import (
|
||||
RegexMatch, StringToBoolean,
|
||||
ValidateIPAddressesWithRange, ValidateDNSAddress,
|
||||
GenerateWireguardPublicKey, GenerateWireguardPrivateKey
|
||||
)
|
||||
from packaging import version
|
||||
from modules.Email import EmailSender
|
||||
from modules.DashboardLogger import DashboardLogger
|
||||
from modules.PeerJob import PeerJob
|
||||
@@ -49,15 +31,16 @@ from modules.PeerJobs import PeerJobs
|
||||
from modules.DashboardConfig import DashboardConfig
|
||||
from modules.WireguardConfiguration import WireguardConfiguration
|
||||
from modules.AmneziaWireguardConfiguration import AmneziaWireguardConfiguration
|
||||
|
||||
from client import createClientBlueprint
|
||||
|
||||
from logging.config import dictConfig
|
||||
|
||||
from modules.DashboardClients import DashboardClients
|
||||
from modules.DashboardPlugins import DashboardPlugins
|
||||
from modules.DashboardWebHooks import DashboardWebHooks
|
||||
from modules.NewConfigurationTemplates import NewConfigurationTemplates
|
||||
|
||||
# --- Logging configuration ---
|
||||
from logging.config import dictConfig
|
||||
|
||||
|
||||
class CustomJsonEncoder(DefaultJSONProvider):
|
||||
def __init__(self, app):
|
||||
super().__init__(app)
|
||||
@@ -72,6 +55,7 @@ class CustomJsonEncoder(DefaultJSONProvider):
|
||||
return super().default(self)
|
||||
|
||||
|
||||
|
||||
'''
|
||||
Response Object
|
||||
'''
|
||||
@@ -211,12 +195,12 @@ with app.app_context():
|
||||
EmailSender = EmailSender(DashboardConfig)
|
||||
AllPeerShareLinks: PeerShareLinks = PeerShareLinks(DashboardConfig, WireguardConfigurations)
|
||||
AllPeerJobs: PeerJobs = PeerJobs(DashboardConfig, WireguardConfigurations)
|
||||
DashboardLogger = DashboardLogger()
|
||||
DashboardPlugins = DashboardPlugins(app, WireguardConfigurations)
|
||||
DashboardWebHooks = DashboardWebHooks(DashboardConfig)
|
||||
NewConfigurationTemplates = NewConfigurationTemplates()
|
||||
DashboardLogger: DashboardLogger = DashboardLogger()
|
||||
DashboardPlugins: DashboardPlugins = DashboardPlugins(app, WireguardConfigurations)
|
||||
DashboardWebHooks: DashboardWebHooks = DashboardWebHooks(DashboardConfig)
|
||||
NewConfigurationTemplates: NewConfigurationTemplates = NewConfigurationTemplates()
|
||||
InitWireguardConfigurationsList(startup=True)
|
||||
DashboardClients = DashboardClients(WireguardConfigurations)
|
||||
DashboardClients: DashboardClients = DashboardClients(WireguardConfigurations)
|
||||
app.register_blueprint(createClientBlueprint(WireguardConfigurations, DashboardConfig, DashboardClients))
|
||||
|
||||
_, APP_PREFIX = DashboardConfig.GetConfig("Server", "app_prefix")
|
||||
@@ -229,103 +213,32 @@ _, app_ip = DashboardConfig.GetConfig("Server", "app_ip")
|
||||
_, app_port = DashboardConfig.GetConfig("Server", "app_port")
|
||||
_, WG_CONF_PATH = DashboardConfig.GetConfig("Server", "wg_conf_path")
|
||||
|
||||
|
||||
'''
|
||||
API Routes
|
||||
'''
|
||||
|
||||
def _enforce_session_auth():
|
||||
"""Enforce session authentication for non-API key access."""
|
||||
white_list = [
|
||||
'/static/',
|
||||
'validateAuthentication',
|
||||
'authenticate',
|
||||
'getDashboardConfiguration',
|
||||
'getDashboardTheme',
|
||||
'getDashboardVersion',
|
||||
'sharePeer/get',
|
||||
'isTotpEnabled',
|
||||
'locale',
|
||||
'/fileDownload',
|
||||
'/client'
|
||||
]
|
||||
|
||||
path_ok = (
|
||||
("username" in session and session.get("role") == "admin")
|
||||
or (f"{APP_PREFIX}/" == request.path or f"{APP_PREFIX}" == request.path)
|
||||
or not all(sub not in request.path for sub in white_list)
|
||||
)
|
||||
|
||||
if not path_ok:
|
||||
response = Flask.make_response(app, {
|
||||
"status": False,
|
||||
"message": "Unauthorized access.",
|
||||
"data": None
|
||||
})
|
||||
response.content_type = "application/json"
|
||||
response.status_code = 401
|
||||
return response
|
||||
|
||||
|
||||
def _login_with_token(key):
|
||||
auth_token = hashlib.sha256(f"{key}{datetime.now()}".encode()).hexdigest()
|
||||
session.update({'role': 'admin', 'username': auth_token})
|
||||
session.permanent = True
|
||||
resp = ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
|
||||
resp.set_cookie("authToken", auth_token)
|
||||
return resp
|
||||
|
||||
|
||||
def _login_with_credentials(data):
|
||||
username = data.get('username')
|
||||
password = data.get('password')
|
||||
totp_code = data.get('totp')
|
||||
|
||||
valid_password = bcrypt.checkpw(password.encode("utf-8"),
|
||||
DashboardConfig.GetConfig("Account", "password")[1].encode("utf-8"))
|
||||
totp_enabled = DashboardConfig.GetConfig("Account", "enable_totp")[1]
|
||||
totp_valid = pyotp.TOTP(DashboardConfig.GetConfig("Account", "totp_key")[1]).now() == totp_code if totp_enabled else True
|
||||
|
||||
if username == DashboardConfig.GetConfig("Account", "username")[1] and valid_password and totp_valid:
|
||||
auth_token = hashlib.sha256(f"{username}{datetime.now()}".encode()).hexdigest()
|
||||
session.update({'role': 'admin', 'username': auth_token})
|
||||
session.permanent = True
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"Login success: {username}")
|
||||
resp = ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
|
||||
resp.set_cookie("authToken", auth_token)
|
||||
return resp
|
||||
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"Login failed: {username}")
|
||||
msg = "Sorry, your username, password or OTP is incorrect." if totp_enabled else "Sorry, your username or password is incorrect."
|
||||
return ResponseObject(False, msg)
|
||||
|
||||
|
||||
@app.before_request
|
||||
def auth_req():
|
||||
# Skip preflight requests
|
||||
if request.method.lower() == 'options':
|
||||
return ResponseObject(True)
|
||||
return ResponseObject(True)
|
||||
|
||||
DashboardConfig.APIAccessed = False
|
||||
|
||||
# Logging
|
||||
if "api" in request.path:
|
||||
log_message = str(request.args) if request.method.upper() == "GET" else f"Request Args: {str(request.args)} Body:{str(request.get_json())}"
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=log_message)
|
||||
|
||||
authentication_required = DashboardConfig.GetConfig("Server", "auth_req")[1]
|
||||
headers = request.headers
|
||||
|
||||
if authentication_required:
|
||||
api_key = headers.get('wg-dashboard-apikey')
|
||||
api_key_enabled = DashboardConfig.GetConfig("Server", "dashboard_api_key")[1]
|
||||
|
||||
# API key authentication
|
||||
if api_key and api_key_enabled:
|
||||
api_key_exists = any(k.Key == api_key for k in DashboardConfig.DashboardAPIKeys)
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"API Key Access: {api_key_exists} - Key: {api_key}")
|
||||
|
||||
if not api_key_exists:
|
||||
if str(request.method) == "GET":
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=str(request.args))
|
||||
elif str(request.method) == "POST":
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"Request Args: {str(request.args)} Body:{str(request.get_json())}")
|
||||
|
||||
|
||||
authenticationRequired = DashboardConfig.GetConfig("Server", "auth_req")[1]
|
||||
d = request.headers
|
||||
if authenticationRequired:
|
||||
apiKey = d.get('wg-dashboard-apikey')
|
||||
apiKeyEnabled = DashboardConfig.GetConfig("Server", "dashboard_api_key")[1]
|
||||
if apiKey is not None and len(apiKey) > 0 and apiKeyEnabled:
|
||||
apiKeyExist = len(list(filter(lambda x : x.Key == apiKey, DashboardConfig.DashboardAPIKeys))) == 1
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"API Key Access: {('true' if apiKeyExist else 'false')} - Key: {apiKey}")
|
||||
if not apiKeyExist:
|
||||
DashboardConfig.APIAccessed = False
|
||||
response = Flask.make_response(app, {
|
||||
"status": False,
|
||||
@@ -335,49 +248,84 @@ def auth_req():
|
||||
response.content_type = "application/json"
|
||||
response.status_code = 401
|
||||
return response
|
||||
|
||||
DashboardConfig.APIAccessed = True
|
||||
else:
|
||||
DashboardConfig.APIAccessed = False
|
||||
_enforce_session_auth()
|
||||
|
||||
whiteList = [
|
||||
'/static/', 'validateAuthentication', 'authenticate', 'getDashboardConfiguration',
|
||||
'getDashboardTheme', 'getDashboardVersion', 'sharePeer/get', 'isTotpEnabled', 'locale',
|
||||
'/fileDownload',
|
||||
'/client'
|
||||
]
|
||||
|
||||
if (("username" not in session or session.get("role") != "admin")
|
||||
and (f"{(APP_PREFIX if len(APP_PREFIX) > 0 else '')}/" != request.path
|
||||
and f"{(APP_PREFIX if len(APP_PREFIX) > 0 else '')}" != request.path)
|
||||
and len(list(filter(lambda x : x not in request.path, whiteList))) == len(whiteList)
|
||||
):
|
||||
response = Flask.make_response(app, {
|
||||
"status": False,
|
||||
"message": "Unauthorized access.",
|
||||
"data": None
|
||||
})
|
||||
response.content_type = "application/json"
|
||||
response.status_code = 401
|
||||
return response
|
||||
|
||||
@app.route(f'{APP_PREFIX}/api/handshake', methods=["GET", "OPTIONS"])
|
||||
def API_Handshake():
|
||||
return ResponseObject(True)
|
||||
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/validateAuthentication')
|
||||
def API_ValidateAuthentication():
|
||||
token = request.cookies.get("authToken")
|
||||
auth_required = DashboardConfig.GetConfig("Server", "auth_req")[1]
|
||||
|
||||
if auth_required and (not token or "username" not in session or session["username"] != token):
|
||||
return ResponseObject(False, "Invalid authentication.",
|
||||
status_code=401)
|
||||
|
||||
if DashboardConfig.GetConfig("Server", "auth_req")[1]:
|
||||
if token is None or token == "" or "username" not in session or session["username"] != token:
|
||||
return ResponseObject(False, "Invalid authentication.")
|
||||
return ResponseObject(True)
|
||||
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/requireAuthentication')
|
||||
def API_RequireAuthentication():
|
||||
return ResponseObject(data=DashboardConfig.GetConfig("Server", "auth_req")[1])
|
||||
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/authenticate')
|
||||
def API_AuthenticateLogin():
|
||||
data = request.get_json()
|
||||
auth_req = DashboardConfig.GetConfig("Server", "auth_req")[1]
|
||||
|
||||
if not auth_req:
|
||||
if not DashboardConfig.GetConfig("Server", "auth_req")[1]:
|
||||
return ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
|
||||
|
||||
# API key login
|
||||
|
||||
if DashboardConfig.APIAccessed:
|
||||
return _login_with_token(request.headers.get('wg-dashboard-apikey'))
|
||||
authToken = hashlib.sha256(f"{request.headers.get('wg-dashboard-apikey')}{datetime.now()}".encode()).hexdigest()
|
||||
session['role'] = 'admin'
|
||||
session['username'] = authToken
|
||||
resp = ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
|
||||
resp.set_cookie("authToken", authToken)
|
||||
session.permanent = True
|
||||
return resp
|
||||
valid = bcrypt.checkpw(data['password'].encode("utf-8"),
|
||||
DashboardConfig.GetConfig("Account", "password")[1].encode("utf-8"))
|
||||
totpEnabled = DashboardConfig.GetConfig("Account", "enable_totp")[1]
|
||||
totpValid = False
|
||||
if totpEnabled:
|
||||
totpValid = pyotp.TOTP(DashboardConfig.GetConfig("Account", "totp_key")[1]).now() == data['totp']
|
||||
|
||||
# User login
|
||||
return _login_with_credentials(data)
|
||||
if (valid
|
||||
and data['username'] == DashboardConfig.GetConfig("Account", "username")[1]
|
||||
and ((totpEnabled and totpValid) or not totpEnabled)
|
||||
):
|
||||
authToken = hashlib.sha256(f"{data['username']}{datetime.now()}".encode()).hexdigest()
|
||||
session['role'] = 'admin'
|
||||
session['username'] = authToken
|
||||
resp = ResponseObject(True, DashboardConfig.GetConfig("Other", "welcome_session")[1])
|
||||
resp.set_cookie("authToken", authToken)
|
||||
session.permanent = True
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"Login success: {data['username']}")
|
||||
return resp
|
||||
DashboardLogger.log(str(request.url), str(request.remote_addr), Message=f"Login failed: {data['username']}")
|
||||
if totpEnabled:
|
||||
return ResponseObject(False, "Sorry, your username, password or OTP is incorrect.")
|
||||
else:
|
||||
return ResponseObject(False, "Sorry, your username or password is incorrect.")
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/signout')
|
||||
def API_SignOut():
|
||||
@@ -389,7 +337,7 @@ def API_SignOut():
|
||||
@app.get(f'{APP_PREFIX}/api/getWireguardConfigurations')
|
||||
def API_getWireguardConfigurations():
|
||||
InitWireguardConfigurationsList()
|
||||
return ResponseObject(data=list(WireguardConfigurations.values()))
|
||||
return ResponseObject(data=[wc for wc in WireguardConfigurations.values()])
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/newConfigurationTemplates')
|
||||
def API_NewConfigurationTemplates():
|
||||
@@ -402,255 +350,193 @@ def API_NewConfigurationTemplates_CreateTemplate():
|
||||
@app.post(f'{APP_PREFIX}/api/newConfigurationTemplates/updateTemplate')
|
||||
def API_NewConfigurationTemplates_UpdateTemplate():
|
||||
data = request.get_json()
|
||||
template = data.get('Template')
|
||||
|
||||
template = data.get('Template', None)
|
||||
if not template:
|
||||
return ResponseObject(False, "Please provide template",
|
||||
status_code=400)
|
||||
|
||||
return ResponseObject(False, "Please provide template")
|
||||
|
||||
status, msg = NewConfigurationTemplates.UpdateTemplate(template)
|
||||
|
||||
return ResponseObject(status, msg)
|
||||
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/newConfigurationTemplates/deleteTemplate')
|
||||
def API_NewConfigurationTemplates_DeleteTemplate():
|
||||
data = request.get_json()
|
||||
template = data.get('Template')
|
||||
|
||||
template = data.get('Template', None)
|
||||
if not template:
|
||||
return ResponseObject(False, "Please provide template",
|
||||
status_code=400)
|
||||
|
||||
return ResponseObject(False, "Please provide template")
|
||||
|
||||
status, msg = NewConfigurationTemplates.DeleteTemplate(template)
|
||||
|
||||
return ResponseObject(status, msg)
|
||||
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/addWireguardConfiguration')
|
||||
def API_addWireguardConfiguration():
|
||||
data = request.get_json()
|
||||
protocol = data.get("Protocol")
|
||||
requiredKeys = [
|
||||
"ConfigurationName", "Address", "ListenPort", "PrivateKey", "Protocol"
|
||||
]
|
||||
for i in requiredKeys:
|
||||
if i not in data.keys():
|
||||
return ResponseObject(False, "Please provide all required parameters.")
|
||||
|
||||
if data.get("Protocol") not in ProtocolsEnabled():
|
||||
return ResponseObject(False, "Please provide a valid protocol: wg / awg.")
|
||||
|
||||
required_keys = {"ConfigurationName", "Address", "ListenPort", "PrivateKey", "Protocol"}
|
||||
if not required_keys.issubset(data.keys()):
|
||||
return ResponseObject(False, "Please provide all required parameters.", status_code=400)
|
||||
# Check duplicate names, ports, address
|
||||
for i in WireguardConfigurations.values():
|
||||
if i.Name == data['ConfigurationName']:
|
||||
return ResponseObject(False,
|
||||
f"Already have a configuration with the name \"{data['ConfigurationName']}\"",
|
||||
"ConfigurationName")
|
||||
|
||||
if protocol not in ProtocolsEnabled():
|
||||
return ResponseObject(False, "Please provide a valid protocol: wg / awg.", status_code=400)
|
||||
if str(i.ListenPort) == str(data["ListenPort"]):
|
||||
return ResponseObject(False,
|
||||
f"Already have a configuration with the port \"{data['ListenPort']}\"",
|
||||
"ListenPort")
|
||||
|
||||
for cfg in WireguardConfigurations.values():
|
||||
duplicates = {
|
||||
"ConfigurationName": cfg.Name == data['ConfigurationName'],
|
||||
"ListenPort": str(cfg.ListenPort) == str(data["ListenPort"]),
|
||||
"Address": cfg.Address == data["Address"]
|
||||
if i.Address == data["Address"]:
|
||||
return ResponseObject(False,
|
||||
f"Already have a configuration with the address \"{data['Address']}\"",
|
||||
"Address")
|
||||
|
||||
if "Backup" in data.keys():
|
||||
path = {
|
||||
"wg": DashboardConfig.GetConfig("Server", "wg_conf_path")[1],
|
||||
"awg": DashboardConfig.GetConfig("Server", "awg_conf_path")[1]
|
||||
}
|
||||
for key, is_duplicate in duplicates.items():
|
||||
if is_duplicate:
|
||||
return ResponseObject(
|
||||
False,
|
||||
f"Already have a configuration with the {key.lower()} \"{data[key]}\"",
|
||||
key,
|
||||
status_code=400
|
||||
)
|
||||
|
||||
paths = {
|
||||
"wg": DashboardConfig.GetConfig("Server", "wg_conf_path")[1],
|
||||
"awg": DashboardConfig.GetConfig("Server", "awg_conf_path")[1]
|
||||
}
|
||||
|
||||
if "Backup" in data:
|
||||
backup_file = data["Backup"]
|
||||
protocol_detected = None
|
||||
for proto, base_path in paths.items():
|
||||
conf_path = os.path.join(base_path, 'WGDashboard_Backup', backup_file)
|
||||
sql_path = os.path.join(base_path, 'WGDashboard_Backup', backup_file.replace('.conf', '.sql'))
|
||||
if os.path.exists(conf_path) and os.path.exists(sql_path):
|
||||
protocol_detected = proto
|
||||
break
|
||||
|
||||
if not protocol_detected:
|
||||
return ResponseObject(False, "Backup does not exist", status_code=400)
|
||||
|
||||
|
||||
if (os.path.exists(os.path.join(path['wg'], 'WGDashboard_Backup', data["Backup"])) and
|
||||
os.path.exists(os.path.join(path['wg'], 'WGDashboard_Backup', data["Backup"].replace('.conf', '.sql')))):
|
||||
protocol = "wg"
|
||||
elif (os.path.exists(os.path.join(path['awg'], 'WGDashboard_Backup', data["Backup"])) and
|
||||
os.path.exists(os.path.join(path['awg'], 'WGDashboard_Backup', data["Backup"].replace('.conf', '.sql')))):
|
||||
protocol = "awg"
|
||||
else:
|
||||
return ResponseObject(False, "Backup does not exist")
|
||||
|
||||
shutil.copy(
|
||||
os.path.join(paths[protocol_detected], 'WGDashboard_Backup', backup_file),
|
||||
os.path.join(paths[protocol_detected], f'{data["ConfigurationName"]}.conf')
|
||||
os.path.join(path[protocol], 'WGDashboard_Backup', data["Backup"]),
|
||||
os.path.join(path[protocol], f'{data["ConfigurationName"]}.conf')
|
||||
)
|
||||
protocol = protocol_detected # Use backup protocol
|
||||
WireguardConfigurations[data['ConfigurationName']] = (
|
||||
WireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, data=data, name=data['ConfigurationName'])) if protocol == 'wg' else (
|
||||
AmneziaWireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, data=data, name=data['ConfigurationName']))
|
||||
else:
|
||||
conf_path = os.path.join(paths[protocol], f'{data["ConfigurationName"]}.conf')
|
||||
if not os.path.exists(conf_path):
|
||||
with open(conf_path, 'w') as f:
|
||||
f.write(
|
||||
f"[Interface]\n"
|
||||
f"Address = {data['Address']}\n"
|
||||
f"ListenPort = {data['ListenPort']}\n"
|
||||
f"PrivateKey = {data['PrivateKey']}\n"
|
||||
)
|
||||
os.chmod(conf_path, 0o600) # secure file permissions
|
||||
|
||||
ConfigClass = WireguardConfiguration if protocol == "wg" else AmneziaWireguardConfiguration
|
||||
|
||||
WireguardConfigurations[data['ConfigurationName']] = ConfigClass(
|
||||
DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks,
|
||||
data=data, name=data['ConfigurationName']
|
||||
)
|
||||
|
||||
WireguardConfigurations[data['ConfigurationName']] = (
|
||||
WireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, data=data)) if data.get('Protocol') == 'wg' else (
|
||||
AmneziaWireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, data=data))
|
||||
return ResponseObject()
|
||||
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/toggleWireguardConfiguration')
|
||||
def API_toggleWireguardConfiguration():
|
||||
configuration_name = request.args.get('configurationName')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
return ResponseObject(False, "Please provide a valid configuration name",
|
||||
status_code=404)
|
||||
|
||||
target_configuration = WireguardConfigurations[configuration_name]
|
||||
status, msg = target_configuration.toggleConfiguration()
|
||||
configuration_status = target_configuration.Status
|
||||
|
||||
return ResponseObject(status, msg, configuration_status)
|
||||
|
||||
configurationName = request.args.get('configurationName')
|
||||
if configurationName is None or len(
|
||||
configurationName) == 0 or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Please provide a valid configuration name", status_code=404)
|
||||
toggleStatus, msg = WireguardConfigurations[configurationName].toggleConfiguration()
|
||||
return ResponseObject(toggleStatus, msg, WireguardConfigurations[configurationName].Status)
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/updateWireguardConfiguration')
|
||||
def API_updateWireguardConfiguration():
|
||||
data = request.get_json() or {}
|
||||
data = request.get_json()
|
||||
requiredKeys = ["Name"]
|
||||
for i in requiredKeys:
|
||||
if i not in data.keys():
|
||||
return ResponseObject(False, "Please provide these following field: " + ", ".join(requiredKeys))
|
||||
name = data.get("Name")
|
||||
if name not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
if not name:
|
||||
return ResponseObject(False, "Please provide the field: Name",
|
||||
status_code=400)
|
||||
status, msg = WireguardConfigurations[name].updateConfigurationSettings(data)
|
||||
|
||||
if name not in WireguardConfigurations:
|
||||
return ResponseObject(False, "Configuration does not exist",
|
||||
status_code=404)
|
||||
|
||||
target_configuration = WireguardConfigurations[name]
|
||||
status, msg = target_configuration.updateConfigurationSettings(data)
|
||||
|
||||
return ResponseObject(status, msg, target_configuration)
|
||||
|
||||
return ResponseObject(status, message=msg, data=WireguardConfigurations[name])
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/updateWireguardConfigurationInfo')
|
||||
def API_updateWireguardConfigurationInfo():
|
||||
data = request.get_json() or {}
|
||||
data = request.get_json()
|
||||
name = data.get('Name')
|
||||
key = data.get('Key')
|
||||
value = data.get('Value')
|
||||
|
||||
if not all([name, key, value]): # Required values
|
||||
return ResponseObject(False, "Please provide configuration name, key, and value")
|
||||
|
||||
if name not in WireguardConfigurations:
|
||||
if not all([data, key, name]):
|
||||
return ResponseObject(status=False, message="Please provide configuration name, key and value")
|
||||
if name not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
target_configuration = WireguardConfigurations[name]
|
||||
status, msg, key = target_configuration.updateConfigurationInfo(key, value)
|
||||
|
||||
return ResponseObject(status, msg, key)
|
||||
|
||||
status, msg, key = WireguardConfigurations[name].updateConfigurationInfo(key, value)
|
||||
|
||||
return ResponseObject(status=status, message=msg, data=key)
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/getWireguardConfigurationRawFile')
|
||||
def API_getWireguardConfigurationRawFile():
|
||||
configuration_name = request.args.get('configurationName')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
def API_GetWireguardConfigurationRawFile():
|
||||
configurationName = request.args.get('configurationName')
|
||||
if configurationName is None or len(
|
||||
configurationName) == 0 or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Please provide a valid configuration name", status_code=404)
|
||||
|
||||
config = WireguardConfigurations[configuration_name]
|
||||
|
||||
return ResponseObject(data={
|
||||
"path": config.configPath,
|
||||
"content": config.getRawConfigurationFile()
|
||||
"path": WireguardConfigurations[configurationName].configPath,
|
||||
"content": WireguardConfigurations[configurationName].getRawConfigurationFile()
|
||||
})
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/updateWireguardConfigurationRawFile')
|
||||
def API_UpdateWireguardConfigurationRawFile():
|
||||
data = request.get_json() or {}
|
||||
configuration_name = data.get('configurationName')
|
||||
raw_configuration = data.get('rawConfiguration')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
data = request.get_json()
|
||||
configurationName = data.get('configurationName')
|
||||
rawConfiguration = data.get('rawConfiguration')
|
||||
if configurationName is None or len(
|
||||
configurationName) == 0 or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Please provide a valid configuration name")
|
||||
|
||||
if not raw_configuration:
|
||||
if rawConfiguration is None or len(rawConfiguration) == 0:
|
||||
return ResponseObject(False, "Please provide content")
|
||||
|
||||
config = WireguardConfigurations[configuration_name]
|
||||
status, err = config.updateRawConfigurationFile(raw_configuration)
|
||||
status, err = WireguardConfigurations[configurationName].updateRawConfigurationFile(rawConfiguration)
|
||||
|
||||
return ResponseObject(status, err)
|
||||
return ResponseObject(status=status, message=err)
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/deleteWireguardConfiguration')
|
||||
def API_deleteWireguardConfiguration():
|
||||
data = request.get_json() or {}
|
||||
configuration_name = data.get("ConfigurationName")
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
data = request.get_json()
|
||||
if "ConfigurationName" not in data.keys() or data.get("ConfigurationName") is None or data.get("ConfigurationName") not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Please provide the configuration name you want to delete", status_code=404)
|
||||
rp = WireguardConfigurations.pop(data.get("ConfigurationName"))
|
||||
|
||||
rp = WireguardConfigurations.pop(configuration_name)
|
||||
status = rp.deleteConfiguration()
|
||||
|
||||
if not status:
|
||||
WireguardConfigurations[configuration_name] = rp
|
||||
|
||||
WireguardConfigurations[data.get("ConfigurationName")] = rp
|
||||
return ResponseObject(status)
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/renameWireguardConfiguration')
|
||||
def API_renameWireguardConfiguration():
|
||||
data = request.get_json() or {}
|
||||
|
||||
old_name = data.get("ConfigurationName")
|
||||
new_name = data.get("NewConfigurationName")
|
||||
|
||||
if not old_name or old_name not in WireguardConfigurations:
|
||||
return ResponseObject(False, "Please provide a valid configuration name to rename", status_code=404)
|
||||
data = request.get_json()
|
||||
keys = ["ConfigurationName", "NewConfigurationName"]
|
||||
for k in keys:
|
||||
if (k not in data.keys() or data.get(k) is None or len(data.get(k)) == 0 or
|
||||
(k == "ConfigurationName" and data.get(k) not in WireguardConfigurations.keys())):
|
||||
return ResponseObject(False, "Please provide the configuration name you want to rename", status_code=404)
|
||||
|
||||
if not new_name:
|
||||
return ResponseObject(False, "Please provide a new configuration name", status=400)
|
||||
if data.get("NewConfigurationName") in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration name already exist", status_code=400)
|
||||
|
||||
if new_name in WireguardConfigurations:
|
||||
return ResponseObject(False, "The configuration name already exists", status_code=400)
|
||||
rc = WireguardConfigurations.pop(data.get("ConfigurationName"))
|
||||
|
||||
rc = WireguardConfigurations.pop(old_name)
|
||||
status, message = rc.renameConfiguration(new_name)
|
||||
|
||||
status, message = rc.renameConfiguration(data.get("NewConfigurationName"))
|
||||
if status:
|
||||
if rc.Protocol == 'wg':
|
||||
ConfigClass = WireguardConfiguration
|
||||
else:
|
||||
ConfigClass = AmneziaWireguardConfiguration
|
||||
|
||||
WireguardConfigurations[new_name] = ConfigClass(
|
||||
DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, new_name
|
||||
)
|
||||
WireguardConfigurations[data.get("NewConfigurationName")] = (WireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, data.get("NewConfigurationName")) if rc.Protocol == 'wg' else AmneziaWireguardConfiguration(DashboardConfig, AllPeerJobs, AllPeerShareLinks, DashboardWebHooks, data.get("NewConfigurationName")))
|
||||
else:
|
||||
WireguardConfigurations[old_name] = rc
|
||||
|
||||
WireguardConfigurations[data.get("ConfigurationName")] = rc
|
||||
return ResponseObject(status, message)
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/getWireguardConfigurationRealtimeTraffic')
|
||||
def API_getWireguardConfigurationRealtimeTraffic():
|
||||
configuration_name = requests.args.get('configurationName')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
configurationName = request.args.get('configurationName')
|
||||
if configurationName is None or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
rt_traffic_usage = WireguardConfigurations[configuration_name]
|
||||
return ResponseObject(data=rt_traffic_usage)
|
||||
return ResponseObject(data=WireguardConfigurations[configurationName].getRealtimeTrafficUsage())
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/getWireguardConfigurationBackup')
|
||||
def API_getWireguardConfigurationBackup():
|
||||
configuration_name = request.args.get('configurationName')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
configurationName = request.args.get('configurationName')
|
||||
if configurationName is None or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
target_configuration = WireguardConfigurations[configuration_name]
|
||||
return ResponseObject(data=target_configuration.getBackups())
|
||||
return ResponseObject(data=WireguardConfigurations[configurationName].getBackups())
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/getAllWireguardConfigurationBackup')
|
||||
def API_getAllWireguardConfigurationBackup():
|
||||
@@ -658,86 +544,47 @@ def API_getAllWireguardConfigurationBackup():
|
||||
"ExistingConfigurations": {},
|
||||
"NonExistingConfigurations": {}
|
||||
}
|
||||
|
||||
existing_configurations = WireguardConfigurations.keys()
|
||||
|
||||
for single_conf in existing_configurations:
|
||||
backups = WireguardConfigurations[single_conf].getBackups(True)
|
||||
if len(backups) > 0:
|
||||
data['ExistingConfigurations'][single_conf] = WireguardConfigurations[single_conf].getBackups(True)
|
||||
|
||||
existingConfiguration = WireguardConfigurations.keys()
|
||||
for i in existingConfiguration:
|
||||
b = WireguardConfigurations[i].getBackups(True)
|
||||
if len(b) > 0:
|
||||
data['ExistingConfigurations'][i] = WireguardConfigurations[i].getBackups(True)
|
||||
|
||||
for protocol in ProtocolsEnabled():
|
||||
config_path_info = DashboardConfig.GetConfig("Server", f"{protocol}_conf_path")
|
||||
configuration_path = config_path_info[1]
|
||||
backup_directory = os.path.join(configuration_path, 'WGDashboard_Backup')
|
||||
|
||||
if not os.path.exists(backup_directory):
|
||||
continue
|
||||
|
||||
backup_files = []
|
||||
for file_name in os.listdir(backup_directory):
|
||||
full_file_path = os.path.join(backup_directory, file_name)
|
||||
if os.path.isfile(full_file_path):
|
||||
creation_time = os.path.getctime(full_file_path)
|
||||
backup_files.append((file_name, creation_time))
|
||||
|
||||
backup_files.sort(key=lambda file_info: file_info[1], reverse=True)
|
||||
|
||||
for file_name, creation_time in backup_files:
|
||||
pattern = r"^(.*)_(.*)\.conf$"
|
||||
match_result = re.match(pattern, file_name)
|
||||
|
||||
if not match_result:
|
||||
continue
|
||||
|
||||
configuration_name = match_result.group(1)
|
||||
backup_date = match_result.group(2)
|
||||
|
||||
if configuration_name in existing_configurations:
|
||||
continue
|
||||
|
||||
if 'NonExistingConfigurations' not in data:
|
||||
data['NonExistingConfigurations'] = {}
|
||||
|
||||
if configuration_name not in data['NonExistingConfigurations']:
|
||||
data['NonExistingConfigurations'][configuration_name] = []
|
||||
|
||||
configuration_file_path = os.path.join(backup_directory, file_name)
|
||||
with open(configuration_file_path, 'r') as configuration_file:
|
||||
configuration_content = configuration_file.read()
|
||||
|
||||
backup_data = {
|
||||
"protocol": protocol,
|
||||
"filename": file_name,
|
||||
"backupDate": backup_date,
|
||||
"content": configuration_content
|
||||
}
|
||||
|
||||
sql_file_name = file_name.replace(".conf", ".sql")
|
||||
sql_file_path = os.path.join(backup_directory, sql_file_name)
|
||||
|
||||
if os.path.isfile(sql_file_path):
|
||||
with open(sql_file_path, 'r') as sql_file:
|
||||
sql_content = sql_file.read()
|
||||
|
||||
backup_data["database"] = True
|
||||
backup_data["databaseContent"] = sql_content
|
||||
|
||||
data['NonExistingConfigurations'][configuration_name].append(backup_data)
|
||||
|
||||
directory = os.path.join(DashboardConfig.GetConfig("Server", f"{protocol}_conf_path")[1], 'WGDashboard_Backup')
|
||||
if os.path.exists(directory):
|
||||
files = [(file, os.path.getctime(os.path.join(directory, file)))
|
||||
for file in os.listdir(directory) if os.path.isfile(os.path.join(directory, file))]
|
||||
files.sort(key=lambda x: x[1], reverse=True)
|
||||
|
||||
for f, ct in files:
|
||||
if RegexMatch(r"^(.*)_(.*)\.(conf)$", f):
|
||||
s = re.search(r"^(.*)_(.*)\.(conf)$", f)
|
||||
name = s.group(1)
|
||||
if name not in existingConfiguration:
|
||||
if name not in data['NonExistingConfigurations'].keys():
|
||||
data['NonExistingConfigurations'][name] = []
|
||||
|
||||
date = s.group(2)
|
||||
d = {
|
||||
"protocol": protocol,
|
||||
"filename": f,
|
||||
"backupDate": date,
|
||||
"content": open(os.path.join(DashboardConfig.GetConfig("Server", f"{protocol}_conf_path")[1], 'WGDashboard_Backup', f), 'r').read()
|
||||
}
|
||||
if f.replace(".conf", ".sql") in list(os.listdir(directory)):
|
||||
d['database'] = True
|
||||
d['databaseContent'] = open(os.path.join(DashboardConfig.GetConfig("Server", f"{protocol}_conf_path")[1], 'WGDashboard_Backup', f.replace(".conf", ".sql")), 'r').read()
|
||||
data['NonExistingConfigurations'][name].append(d)
|
||||
return ResponseObject(data=data)
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/createWireguardConfigurationBackup')
|
||||
def API_createWireguardConfigurationBackup():
|
||||
configuration_name = request.args.get('configurationName')
|
||||
|
||||
if not configuration_name or configuration_name not in WireguardConfigurations:
|
||||
configurationName = request.args.get('configurationName')
|
||||
if configurationName is None or configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
conf_backup_file = WireguardConfigurations[configuration_name].backupConfigurationFile()[0]
|
||||
conf_backups = WireguardConfigurations[configuration_name].getBackups()
|
||||
|
||||
return ResponseObject(status=conf_backup_file,data=conf_backups)
|
||||
return ResponseObject(status=WireguardConfigurations[configurationName].backupConfigurationFile()[0],
|
||||
data=WireguardConfigurations[configurationName].getBackups())
|
||||
|
||||
@app.post(f'{APP_PREFIX}/api/deleteWireguardConfigurationBackup')
|
||||
def API_deleteWireguardConfigurationBackup():
|
||||
@@ -769,19 +616,18 @@ def API_downloadWireguardConfigurationBackup():
|
||||
@app.post(f'{APP_PREFIX}/api/restoreWireguardConfigurationBackup')
|
||||
def API_restoreWireguardConfigurationBackup():
|
||||
data = request.get_json()
|
||||
configuration_name = data['ConfigurationName']
|
||||
backup_file_name = data['BackupFileName']
|
||||
|
||||
if ("ConfigurationName" not in data.keys() or
|
||||
"BackupFileName" not in data.keys() or
|
||||
len(data['ConfigurationName']) == 0 or
|
||||
len(data['BackupFileName']) == 0):
|
||||
return ResponseObject(False,"Please provide ConfigurationName and BackupFileName in body", status_code=400)
|
||||
|
||||
if configuration_name not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False,
|
||||
"Please provide ConfigurationName and BackupFileName in body", status_code=400)
|
||||
configurationName = data['ConfigurationName']
|
||||
backupFileName = data['BackupFileName']
|
||||
if configurationName not in WireguardConfigurations.keys():
|
||||
return ResponseObject(False, "Configuration does not exist", status_code=404)
|
||||
|
||||
status = WireguardConfigurations[configuration_name].restoreBackup(backup_file_name)
|
||||
status = WireguardConfigurations[configurationName].restoreBackup(backupFileName)
|
||||
return ResponseObject(status=status, message=(None if status else 'Restore backup failed'))
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/getDashboardConfiguration')
|
||||
@@ -1523,6 +1369,31 @@ def API_Welcome_Finish():
|
||||
DashboardConfig.SetConfig("Other", "welcome_session", False)
|
||||
return ResponseObject()
|
||||
|
||||
class Locale:
|
||||
def __init__(self):
|
||||
self.localePath = './static/locales/'
|
||||
self.activeLanguages = {}
|
||||
with open(os.path.join(f"{self.localePath}supported_locales.json"), "r") as f:
|
||||
self.activeLanguages = sorted(json.loads(''.join(f.readlines())), key=lambda x : x['lang_name'])
|
||||
|
||||
def getLanguage(self) -> dict | None:
|
||||
currentLanguage = DashboardConfig.GetConfig("Server", "dashboard_language")[1]
|
||||
if currentLanguage == "en":
|
||||
return None
|
||||
if os.path.exists(os.path.join(f"{self.localePath}{currentLanguage}.json")):
|
||||
with open(os.path.join(f"{self.localePath}{currentLanguage}.json"), "r") as f:
|
||||
return dict(json.loads(''.join(f.readlines())))
|
||||
else:
|
||||
return None
|
||||
|
||||
def updateLanguage(self, lang_id):
|
||||
if not os.path.exists(os.path.join(f"{self.localePath}{lang_id}.json")):
|
||||
DashboardConfig.SetConfig("Server", "dashboard_language", "en-US")
|
||||
else:
|
||||
DashboardConfig.SetConfig("Server", "dashboard_language", lang_id)
|
||||
|
||||
Locale = Locale()
|
||||
|
||||
@app.get(f'{APP_PREFIX}/api/locale')
|
||||
def API_Locale_CurrentLang():
|
||||
return ResponseObject(data=Locale.getLanguage())
|
||||
@@ -1607,31 +1478,6 @@ def API_SystemStatus():
|
||||
def API_ProtocolsEnabled():
|
||||
return ResponseObject(data=ProtocolsEnabled())
|
||||
|
||||
class Locale:
|
||||
def __init__(self):
|
||||
self.localePath = './static/locales/'
|
||||
self.activeLanguages = {}
|
||||
with open(os.path.join(f"{self.localePath}supported_locales.json"), "r") as f:
|
||||
self.activeLanguages = sorted(json.loads(''.join(f.readlines())), key=lambda x : x['lang_name'])
|
||||
|
||||
def getLanguage(self) -> dict | None:
|
||||
currentLanguage = DashboardConfig.GetConfig("Server", "dashboard_language")[1]
|
||||
if currentLanguage == "en":
|
||||
return None
|
||||
if os.path.exists(os.path.join(f"{self.localePath}{currentLanguage}.json")):
|
||||
with open(os.path.join(f"{self.localePath}{currentLanguage}.json"), "r") as f:
|
||||
return dict(json.loads(''.join(f.readlines())))
|
||||
else:
|
||||
return None
|
||||
|
||||
def updateLanguage(self, lang_id):
|
||||
if not os.path.exists(os.path.join(f"{self.localePath}{lang_id}.json")):
|
||||
DashboardConfig.SetConfig("Server", "dashboard_language", "en-US")
|
||||
else:
|
||||
DashboardConfig.SetConfig("Server", "dashboard_language", lang_id)
|
||||
|
||||
Locale = Locale()
|
||||
|
||||
'''
|
||||
OIDC Controller
|
||||
'''
|
||||
|
||||
@@ -184,7 +184,7 @@ class PeerJobs:
|
||||
f"Somehow can't find this peer {job.Peer} from {c.Name} failed {job.Action}ed."
|
||||
)
|
||||
else:
|
||||
current_app.logger.warning(f"Somehow can't find this peer {job.Peer} from {c.Name} failed {job.Action}ed.")
|
||||
current_app.logger.warning(f"Somehow can't find this peer {job.Peer} from {job.Configuration} failed {job.Action}ed.")
|
||||
self.JobLogger.log(job.JobID, False,
|
||||
f"Somehow can't find this peer {job.Peer} from {job.Configuration} failed {job.Action}ed."
|
||||
)
|
||||
|
||||
1312
src/static/app/package-lock.json
generated
1312
src/static/app/package-lock.json
generated
File diff suppressed because it is too large
Load Diff
@@ -13,7 +13,7 @@
|
||||
},
|
||||
"dependencies": {
|
||||
"@volar/language-server": "2.4.23",
|
||||
"@vue/language-server": "3.0.7",
|
||||
"@vue/language-server": "3.1.0",
|
||||
"@vuepic/vue-datepicker": "^11.0.2",
|
||||
"@vueuse/core": "^13.5.0",
|
||||
"@vueuse/shared": "^13.5.0",
|
||||
@@ -27,20 +27,20 @@
|
||||
"fuse.js": "^7.0.0",
|
||||
"i": "^0.3.7",
|
||||
"is-cidr": "^5.0.3",
|
||||
"npm": "^10.5.0",
|
||||
"npm": "^11.6.1",
|
||||
"ol": "^10.2.1",
|
||||
"pinia": "^3.0.3",
|
||||
"pinia-plugin-persistedstate": "^4.5.0",
|
||||
"qrcode": "^1.5.3",
|
||||
"qrcodejs": "^1.0.0",
|
||||
"simple-code-editor": "^2.0.9",
|
||||
"uuid": "^11.1.0",
|
||||
"vue": "^3.5.17",
|
||||
"uuid": "^13.0.0",
|
||||
"vue": "^3.5.22",
|
||||
"vue-chartjs": "^5.3.0",
|
||||
"vue-router": "^4.2.5"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@vitejs/plugin-vue": "^6.0.0",
|
||||
"vite": "^7.1.6"
|
||||
"vite": "^7.1.7"
|
||||
}
|
||||
}
|
||||
|
||||
43
src/wgd.sh
43
src/wgd.sh
@@ -464,47 +464,6 @@ stop_wgd() {
|
||||
fi
|
||||
}
|
||||
|
||||
# ============= Docker Functions =============
|
||||
startwgd_docker() {
|
||||
_checkWireguard
|
||||
printf "[WGDashboard][Docker] WireGuard configuration started\n"
|
||||
{ date; start_core ; printf "\n\n"; } >> ./log/install.txt
|
||||
gunicorn_start
|
||||
}
|
||||
|
||||
start_core() {
|
||||
# Re-assign config_files to ensure it includes any newly created configurations
|
||||
local config_files=$(find /etc/wireguard -type f -name "*.conf")
|
||||
|
||||
# Set file permissions
|
||||
find /etc/wireguard -type f -name "*.conf" -exec chmod 600 {} \;
|
||||
find "$iptable_dir" -type f -name "*.sh" -exec chmod +x {} \;
|
||||
|
||||
# Start WireGuard for each config file
|
||||
for file in $config_files; do
|
||||
config_name=$(basename "$file" ".conf")
|
||||
wg-quick up "$config_name"
|
||||
done
|
||||
}
|
||||
|
||||
newconf_wgd() {
|
||||
local wg_port_listen=$wg_port
|
||||
local wg_addr_range=$wg_net
|
||||
private_key=$(wg genkey)
|
||||
public_key=$(echo "$private_key" | wg pubkey)
|
||||
cat <<EOF >"/etc/wireguard/wg0.conf"
|
||||
[Interface]
|
||||
PrivateKey = $private_key
|
||||
Address = $wg_addr_range
|
||||
ListenPort = $wg_port_listen
|
||||
SaveConfig = true
|
||||
PostUp = /opt/wireguarddashboard/src/iptable-rules/postup.sh
|
||||
PreDown = /opt/wireguarddashboard/src/iptable-rules/postdown.sh
|
||||
EOF
|
||||
}
|
||||
|
||||
# ============= Docker Functions =============
|
||||
|
||||
start_wgd_debug() {
|
||||
_checkWireguard
|
||||
printf "[WGDashboard] Starting WGDashboard in the foreground.\n"
|
||||
@@ -600,4 +559,4 @@ else
|
||||
help
|
||||
fi
|
||||
fi
|
||||
printf "%s\n" "$dashes"
|
||||
printf "%s\n" "$dashes"
|
||||
|
||||
Reference in New Issue
Block a user