mirror of
https://github.com/h44z/wg-portal.git
synced 2025-10-05 16:06:17 +00:00
Compare commits
1 Commits
fix_oauth_
...
improve_we
| Author | SHA1 | Date | |
|---|---|---|---|
|
9c1e037166 |
@@ -50,7 +50,7 @@ const selectedStats = computed(() => {
|
||||
|
||||
if (!s) {
|
||||
if (!!props.peerId || props.peerId.length) {
|
||||
s = profile.Statistics(props.peerId)
|
||||
p = profile.Statistics(props.peerId)
|
||||
} else {
|
||||
s = freshStats() // dummy stats to avoid 'undefined' exceptions
|
||||
}
|
||||
@@ -79,19 +79,13 @@ const title = computed(() => {
|
||||
}
|
||||
})
|
||||
|
||||
const configStyle = ref("wgquick")
|
||||
|
||||
watch(() => props.visible, async (newValue, oldValue) => {
|
||||
if (oldValue === false && newValue === true) { // if modal is shown
|
||||
await peers.LoadPeerConfig(selectedPeer.value.Identifier, configStyle.value)
|
||||
await peers.LoadPeerConfig(selectedPeer.value.Identifier)
|
||||
configString.value = peers.configuration
|
||||
}
|
||||
})
|
||||
|
||||
watch(() => configStyle.value, async () => {
|
||||
await peers.LoadPeerConfig(selectedPeer.value.Identifier, configStyle.value)
|
||||
configString.value = peers.configuration
|
||||
})
|
||||
}
|
||||
)
|
||||
|
||||
function download() {
|
||||
// credit: https://www.bitdegree.org/learn/javascript-download
|
||||
@@ -109,7 +103,7 @@ function download() {
|
||||
}
|
||||
|
||||
function email() {
|
||||
peers.MailPeerConfig(settings.Setting("MailLinkOnly"), configStyle.value, [selectedPeer.value.Identifier]).catch(e => {
|
||||
peers.MailPeerConfig(settings.Setting("MailLinkOnly"), [selectedPeer.value.Identifier]).catch(e => {
|
||||
notify({
|
||||
title: "Failed to send mail with peer configuration!",
|
||||
text: e.toString(),
|
||||
@@ -120,7 +114,7 @@ function email() {
|
||||
|
||||
function ConfigQrUrl() {
|
||||
if (props.peerId.length) {
|
||||
return apiWrapper.url(`/peer/config-qr/${base64_url_encode(props.peerId)}?style=${configStyle.value}`)
|
||||
return apiWrapper.url(`/peer/config-qr/${base64_url_encode(props.peerId)}`)
|
||||
}
|
||||
return ''
|
||||
}
|
||||
@@ -130,15 +124,6 @@ function ConfigQrUrl() {
|
||||
<template>
|
||||
<Modal :title="title" :visible="visible" @close="close">
|
||||
<template #default>
|
||||
<div class="d-flex justify-content-end align-items-center mb-1">
|
||||
<span class="me-2">{{ $t('modals.peer-view.style-label') }}: </span>
|
||||
<div class="btn-group btn-switch-group" role="group" aria-label="Configuration Style">
|
||||
<input type="radio" class="btn-check" name="configstyle" id="raw" value="raw" autocomplete="off" checked="" v-model="configStyle">
|
||||
<label class="btn btn-outline-primary btn-sm" for="raw">Raw</label>
|
||||
<input type="radio" class="btn-check" name="configstyle" id="wgquick" value="wgquick" autocomplete="off" checked="" v-model="configStyle">
|
||||
<label class="btn btn-outline-primary btn-sm" for="wgquick">WG-Quick</label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="accordion" id="peerInformation">
|
||||
<div class="accordion-item">
|
||||
<h2 class="accordion-header">
|
||||
@@ -228,14 +213,6 @@ function ConfigQrUrl() {
|
||||
</template>
|
||||
</Modal></template>
|
||||
|
||||
<style>
|
||||
.config-qr-img {
|
||||
<style>.config-qr-img {
|
||||
max-width: 100%;
|
||||
}
|
||||
|
||||
.btn-switch-group .btn {
|
||||
border-width: 1px;
|
||||
padding: 5px;
|
||||
line-height: 1;
|
||||
}
|
||||
</style>
|
||||
}</style>
|
||||
|
||||
@@ -467,8 +467,7 @@
|
||||
"connected-since": "Verbunden seit",
|
||||
"endpoint": "Endpunkt",
|
||||
"button-download": "Konfiguration herunterladen",
|
||||
"button-email": "Konfiguration per E-Mail senden",
|
||||
"style-label": "Konfigurationsformat"
|
||||
"button-email": "Konfiguration per E-Mail senden"
|
||||
},
|
||||
"peer-edit": {
|
||||
"headline-edit-peer": "Peer bearbeiten:",
|
||||
|
||||
@@ -468,8 +468,7 @@
|
||||
"connected-since": "Connected since",
|
||||
"endpoint": "Endpoint",
|
||||
"button-download": "Download configuration",
|
||||
"button-email": "Send configuration via E-Mail",
|
||||
"style-label": "Configuration Style"
|
||||
"button-email": "Send configuration via E-Mail"
|
||||
},
|
||||
"peer-edit": {
|
||||
"headline-edit-peer": "Edit peer:",
|
||||
|
||||
@@ -142,8 +142,8 @@ export const peerStore = defineStore('peers', {
|
||||
})
|
||||
})
|
||||
},
|
||||
async MailPeerConfig(linkOnly, style, ids) {
|
||||
return apiWrapper.post(`${baseUrl}/config-mail?style=${style}`, {
|
||||
async MailPeerConfig(linkOnly, ids) {
|
||||
return apiWrapper.post(`${baseUrl}/config-mail`, {
|
||||
Identifiers: ids,
|
||||
LinkOnly: linkOnly
|
||||
})
|
||||
@@ -158,8 +158,8 @@ export const peerStore = defineStore('peers', {
|
||||
throw new Error(error)
|
||||
})
|
||||
},
|
||||
async LoadPeerConfig(id, style) {
|
||||
return apiWrapper.get(`${baseUrl}/config/${base64_url_encode(id)}?style=${style}`)
|
||||
async LoadPeerConfig(id) {
|
||||
return apiWrapper.get(`${baseUrl}/config/${base64_url_encode(id)}`)
|
||||
.then(this.setPeerConfig)
|
||||
.catch(error => {
|
||||
this.configuration = ""
|
||||
|
||||
@@ -819,12 +819,6 @@
|
||||
"schema": {
|
||||
"$ref": "#/definitions/model.PeerMailRequest"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"description": "The configuration style",
|
||||
"name": "style",
|
||||
"in": "query"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
@@ -864,12 +858,6 @@
|
||||
"name": "id",
|
||||
"in": "path",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"description": "The configuration style",
|
||||
"name": "style",
|
||||
"in": "query"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
@@ -911,12 +899,6 @@
|
||||
"name": "id",
|
||||
"in": "path",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"description": "The configuration style",
|
||||
"name": "style",
|
||||
"in": "query"
|
||||
}
|
||||
],
|
||||
"responses": {
|
||||
|
||||
@@ -1072,10 +1072,6 @@ paths:
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/model.PeerMailRequest'
|
||||
- description: The configuration style
|
||||
in: query
|
||||
name: style
|
||||
type: string
|
||||
produces:
|
||||
- application/json
|
||||
responses:
|
||||
@@ -1101,10 +1097,6 @@ paths:
|
||||
name: id
|
||||
required: true
|
||||
type: string
|
||||
- description: The configuration style
|
||||
in: query
|
||||
name: style
|
||||
type: string
|
||||
produces:
|
||||
- image/png
|
||||
- application/json
|
||||
@@ -1133,10 +1125,6 @@ paths:
|
||||
name: id
|
||||
required: true
|
||||
type: string
|
||||
- description: The configuration style
|
||||
in: query
|
||||
name: style
|
||||
type: string
|
||||
produces:
|
||||
- application/json
|
||||
responses:
|
||||
|
||||
@@ -27,12 +27,12 @@ type PeerServicePeerManager interface {
|
||||
}
|
||||
|
||||
type PeerServiceConfigFileManager interface {
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
}
|
||||
|
||||
type PeerServiceMailManager interface {
|
||||
SendPeerEmail(ctx context.Context, linkOnly bool, style string, peers ...domain.PeerIdentifier) error
|
||||
SendPeerEmail(ctx context.Context, linkOnly bool, peers ...domain.PeerIdentifier) error
|
||||
}
|
||||
|
||||
// endregion dependencies
|
||||
@@ -95,24 +95,16 @@ func (p PeerService) DeletePeer(ctx context.Context, id domain.PeerIdentifier) e
|
||||
return p.peers.DeletePeer(ctx, id)
|
||||
}
|
||||
|
||||
func (p PeerService) GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error) {
|
||||
return p.configFile.GetPeerConfig(ctx, id, style)
|
||||
func (p PeerService) GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error) {
|
||||
return p.configFile.GetPeerConfig(ctx, id)
|
||||
}
|
||||
|
||||
func (p PeerService) GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (
|
||||
io.Reader,
|
||||
error,
|
||||
) {
|
||||
return p.configFile.GetPeerConfigQrCode(ctx, id, style)
|
||||
func (p PeerService) GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error) {
|
||||
return p.configFile.GetPeerConfigQrCode(ctx, id)
|
||||
}
|
||||
|
||||
func (p PeerService) SendPeerEmail(
|
||||
ctx context.Context,
|
||||
linkOnly bool,
|
||||
style string,
|
||||
peers ...domain.PeerIdentifier,
|
||||
) error {
|
||||
return p.mailer.SendPeerEmail(ctx, linkOnly, style, peers...)
|
||||
func (p PeerService) SendPeerEmail(ctx context.Context, linkOnly bool, peers ...domain.PeerIdentifier) error {
|
||||
return p.mailer.SendPeerEmail(ctx, linkOnly, peers...)
|
||||
}
|
||||
|
||||
func (p PeerService) GetPeerStats(ctx context.Context, id domain.InterfaceIdentifier) ([]domain.PeerStatus, error) {
|
||||
|
||||
@@ -34,11 +34,11 @@ type PeerService interface {
|
||||
// DeletePeer deletes the peer with the given id.
|
||||
DeletePeer(ctx context.Context, id domain.PeerIdentifier) error
|
||||
// GetPeerConfig returns the peer configuration for the given id.
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
// GetPeerConfigQrCode returns the peer configuration as qr code for the given id.
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
// SendPeerEmail sends the peer configuration via email.
|
||||
SendPeerEmail(ctx context.Context, linkOnly bool, style string, peers ...domain.PeerIdentifier) error
|
||||
SendPeerEmail(ctx context.Context, linkOnly bool, peers ...domain.PeerIdentifier) error
|
||||
// GetPeerStats returns the peer stats for the given interface.
|
||||
GetPeerStats(ctx context.Context, id domain.InterfaceIdentifier) ([]domain.PeerStatus, error)
|
||||
}
|
||||
@@ -355,7 +355,6 @@ func (e PeerEndpoint) handleDelete() http.HandlerFunc {
|
||||
// @Summary Get peer configuration as string.
|
||||
// @Produce json
|
||||
// @Param id path string true "The peer identifier"
|
||||
// @Param style query string false "The configuration style"
|
||||
// @Success 200 {object} string
|
||||
// @Failure 400 {object} model.Error
|
||||
// @Failure 500 {object} model.Error
|
||||
@@ -370,9 +369,7 @@ func (e PeerEndpoint) handleConfigGet() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
configStyle := e.getConfigStyle(r)
|
||||
|
||||
configTxt, err := e.peerService.GetPeerConfig(r.Context(), domain.PeerIdentifier(id), configStyle)
|
||||
configTxt, err := e.peerService.GetPeerConfig(r.Context(), domain.PeerIdentifier(id))
|
||||
if err != nil {
|
||||
respond.JSON(w, http.StatusInternalServerError, model.Error{
|
||||
Code: http.StatusInternalServerError, Message: err.Error(),
|
||||
@@ -400,7 +397,6 @@ func (e PeerEndpoint) handleConfigGet() http.HandlerFunc {
|
||||
// @Produce png
|
||||
// @Produce json
|
||||
// @Param id path string true "The peer identifier"
|
||||
// @Param style query string false "The configuration style"
|
||||
// @Success 200 {file} binary
|
||||
// @Failure 400 {object} model.Error
|
||||
// @Failure 500 {object} model.Error
|
||||
@@ -415,9 +411,7 @@ func (e PeerEndpoint) handleQrCodeGet() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
configStyle := e.getConfigStyle(r)
|
||||
|
||||
configQr, err := e.peerService.GetPeerConfigQrCode(r.Context(), domain.PeerIdentifier(id), configStyle)
|
||||
configQr, err := e.peerService.GetPeerConfigQrCode(r.Context(), domain.PeerIdentifier(id))
|
||||
if err != nil {
|
||||
respond.JSON(w, http.StatusInternalServerError, model.Error{
|
||||
Code: http.StatusInternalServerError, Message: err.Error(),
|
||||
@@ -444,7 +438,6 @@ func (e PeerEndpoint) handleQrCodeGet() http.HandlerFunc {
|
||||
// @Summary Send peer configuration via email.
|
||||
// @Produce json
|
||||
// @Param request body model.PeerMailRequest true "The peer mail request data"
|
||||
// @Param style query string false "The configuration style"
|
||||
// @Success 204 "No content if mail sending was successful"
|
||||
// @Failure 400 {object} model.Error
|
||||
// @Failure 500 {object} model.Error
|
||||
@@ -467,13 +460,11 @@ func (e PeerEndpoint) handleEmailPost() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
configStyle := e.getConfigStyle(r)
|
||||
|
||||
peerIds := make([]domain.PeerIdentifier, len(req.Identifiers))
|
||||
for i := range req.Identifiers {
|
||||
peerIds[i] = domain.PeerIdentifier(req.Identifiers[i])
|
||||
}
|
||||
if err := e.peerService.SendPeerEmail(r.Context(), req.LinkOnly, configStyle, peerIds...); err != nil {
|
||||
if err := e.peerService.SendPeerEmail(r.Context(), req.LinkOnly, peerIds...); err != nil {
|
||||
respond.JSON(w, http.StatusInternalServerError,
|
||||
model.Error{Code: http.StatusInternalServerError, Message: err.Error()})
|
||||
return
|
||||
@@ -513,11 +504,3 @@ func (e PeerEndpoint) handleStatsGet() http.HandlerFunc {
|
||||
respond.JSON(w, http.StatusOK, model.NewPeerStats(e.cfg.Statistics.CollectPeerData, stats))
|
||||
}
|
||||
}
|
||||
|
||||
func (e PeerEndpoint) getConfigStyle(r *http.Request) string {
|
||||
configStyle := request.QueryDefault(r, "style", domain.ConfigStyleWgQuick)
|
||||
if configStyle != domain.ConfigStyleWgQuick && configStyle != domain.ConfigStyleRaw {
|
||||
configStyle = domain.ConfigStyleWgQuick // default to wg-quick style
|
||||
}
|
||||
return configStyle
|
||||
}
|
||||
|
||||
@@ -23,8 +23,8 @@ type ProvisioningServicePeerManagerRepo interface {
|
||||
}
|
||||
|
||||
type ProvisioningServiceConfigFileManagerRepo interface {
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
}
|
||||
|
||||
type ProvisioningService struct {
|
||||
@@ -96,7 +96,7 @@ func (p ProvisioningService) GetPeerConfig(ctx context.Context, peerId domain.Pe
|
||||
return nil, err
|
||||
}
|
||||
|
||||
peerCfgReader, err := p.configFiles.GetPeerConfig(ctx, peer.Identifier, domain.ConfigStyleWgQuick)
|
||||
peerCfgReader, err := p.configFiles.GetPeerConfig(ctx, peer.Identifier)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -119,7 +119,7 @@ func (p ProvisioningService) GetPeerQrPng(ctx context.Context, peerId domain.Pee
|
||||
return nil, err
|
||||
}
|
||||
|
||||
peerCfgQrReader, err := p.configFiles.GetPeerConfigQrCode(ctx, peer.Identifier, domain.ConfigStyleWgQuick)
|
||||
peerCfgQrReader, err := p.configFiles.GetPeerConfigQrCode(ctx, peer.Identifier)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -434,10 +434,6 @@ func (a *Authenticator) OauthLoginStep2(ctx context.Context, providerId, nonce,
|
||||
return nil, fmt.Errorf("unable to parse user information: %w", err)
|
||||
}
|
||||
|
||||
if !isDomainAllowed(userInfo.Email, oauthProvider.GetAllowedDomains()) {
|
||||
return nil, fmt.Errorf("user %s is not in allowed domains", userInfo.Email)
|
||||
}
|
||||
|
||||
ctx = domain.SetUserInfo(ctx,
|
||||
domain.SystemAdminContextUserInfo()) // switch to admin user context to check if user exists
|
||||
user, err := a.processUserInfo(ctx, userInfo, domain.UserSourceOauth, oauthProvider.GetName(),
|
||||
@@ -454,6 +450,10 @@ func (a *Authenticator) OauthLoginStep2(ctx context.Context, providerId, nonce,
|
||||
return nil, fmt.Errorf("unable to process user information: %w", err)
|
||||
}
|
||||
|
||||
if !isDomainAllowed(userInfo.Email, oauthProvider.GetAllowedDomains()) {
|
||||
return nil, fmt.Errorf("user is not in allowed domains: %w", err)
|
||||
}
|
||||
|
||||
if user.IsLocked() || user.IsDisabled() {
|
||||
a.bus.Publish(app.TopicAuditLoginFailed, domain.AuditEventWrapper[audit.AuthEvent]{
|
||||
Ctx: ctx,
|
||||
|
||||
@@ -46,7 +46,7 @@ type TemplateRenderer interface {
|
||||
// GetInterfaceConfig returns the configuration file for the given interface.
|
||||
GetInterfaceConfig(iface *domain.Interface, peers []domain.Peer) (io.Reader, error)
|
||||
// GetPeerConfig returns the configuration file for the given peer.
|
||||
GetPeerConfig(peer *domain.Peer, style string) (io.Reader, error)
|
||||
GetPeerConfig(peer *domain.Peer) (io.Reader, error)
|
||||
}
|
||||
|
||||
type EventBus interface {
|
||||
@@ -186,7 +186,7 @@ func (m Manager) GetInterfaceConfig(ctx context.Context, id domain.InterfaceIden
|
||||
|
||||
// GetPeerConfig returns the configuration file for the given peer.
|
||||
// The file is structured in wg-quick format.
|
||||
func (m Manager) GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error) {
|
||||
func (m Manager) GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error) {
|
||||
peer, err := m.wg.GetPeer(ctx, id)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to fetch peer %s: %w", id, err)
|
||||
@@ -196,11 +196,11 @@ func (m Manager) GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, st
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return m.tplHandler.GetPeerConfig(peer, style)
|
||||
return m.tplHandler.GetPeerConfig(peer)
|
||||
}
|
||||
|
||||
// GetPeerConfigQrCode returns a QR code image containing the configuration for the given peer.
|
||||
func (m Manager) GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error) {
|
||||
func (m Manager) GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error) {
|
||||
peer, err := m.wg.GetPeer(ctx, id)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to fetch peer %s: %w", id, err)
|
||||
@@ -210,7 +210,7 @@ func (m Manager) GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifi
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cfgData, err := m.tplHandler.GetPeerConfig(peer, style)
|
||||
cfgData, err := m.tplHandler.GetPeerConfig(peer)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get peer config for %s: %w", id, err)
|
||||
}
|
||||
|
||||
@@ -55,12 +55,11 @@ func (c TemplateHandler) GetInterfaceConfig(cfg *domain.Interface, peers []domai
|
||||
}
|
||||
|
||||
// GetPeerConfig returns the rendered configuration file for a WireGuard peer.
|
||||
func (c TemplateHandler) GetPeerConfig(peer *domain.Peer, style string) (io.Reader, error) {
|
||||
func (c TemplateHandler) GetPeerConfig(peer *domain.Peer) (io.Reader, error) {
|
||||
var tplBuff bytes.Buffer
|
||||
|
||||
err := c.templates.ExecuteTemplate(&tplBuff, "wg_peer.tpl", map[string]any{
|
||||
"Style": style,
|
||||
"Peer": peer,
|
||||
"Peer": peer,
|
||||
"Portal": map[string]any{
|
||||
"Version": "unknown",
|
||||
},
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
# AUTOGENERATED FILE - DO NOT EDIT
|
||||
# This file uses {{ .Style }} format.
|
||||
{{- if eq .Style "wgquick"}}
|
||||
# This file uses wg-quick format.
|
||||
# See https://man7.org/linux/man-pages/man8/wg-quick.8.html#CONFIGURATION
|
||||
{{- end}}
|
||||
# Lines starting with the -WGP- tag are used by
|
||||
# the WireGuard Portal configuration parser.
|
||||
|
||||
@@ -23,27 +21,22 @@
|
||||
|
||||
# Core settings
|
||||
PrivateKey = {{ .Peer.Interface.KeyPair.PrivateKey }}
|
||||
{{- if eq .Style "wgquick"}}
|
||||
Address = {{ CidrsToString .Peer.Interface.Addresses }}
|
||||
{{- end}}
|
||||
|
||||
# Misc. settings (optional)
|
||||
{{- if eq .Style "wgquick"}}
|
||||
{{- if .Peer.Interface.DnsStr.GetValue}}
|
||||
DNS = {{ .Peer.Interface.DnsStr.GetValue }} {{- if .Peer.Interface.DnsSearchStr.GetValue}}, {{ .Peer.Interface.DnsSearchStr.GetValue }} {{- end}}
|
||||
{{- end}}
|
||||
{{- if ne .Peer.Interface.Mtu.GetValue 0}}
|
||||
MTU = {{ .Peer.Interface.Mtu.GetValue }}
|
||||
{{- end}}
|
||||
{{- if ne .Peer.Interface.RoutingTable.GetValue ""}}
|
||||
Table = {{ .Peer.Interface.RoutingTable.GetValue }}
|
||||
{{- end}}
|
||||
{{- end}}
|
||||
{{- if ne .Peer.Interface.FirewallMark.GetValue 0}}
|
||||
FwMark = {{ .Peer.Interface.FirewallMark.GetValue }}
|
||||
{{- end}}
|
||||
{{- if ne .Peer.Interface.RoutingTable.GetValue ""}}
|
||||
Table = {{ .Peer.Interface.RoutingTable.GetValue }}
|
||||
{{- end}}
|
||||
|
||||
{{- if eq .Style "wgquick"}}
|
||||
# Interface hooks (optional)
|
||||
{{- if .Peer.Interface.PreUp.GetValue}}
|
||||
PreUp = {{ .Peer.Interface.PreUp.GetValue }}
|
||||
@@ -57,7 +50,6 @@ PreDown = {{ .Peer.Interface.PreDown.GetValue }}
|
||||
{{- if .Peer.Interface.PostDown.GetValue}}
|
||||
PostDown = {{ .Peer.Interface.PostDown.GetValue }}
|
||||
{{- end}}
|
||||
{{- end}}
|
||||
|
||||
[Peer]
|
||||
PublicKey = {{ .Peer.EndpointPublicKey.GetValue }}
|
||||
|
||||
@@ -21,9 +21,9 @@ type ConfigFileManager interface {
|
||||
// GetInterfaceConfig returns the configuration for the given interface.
|
||||
GetInterfaceConfig(ctx context.Context, id domain.InterfaceIdentifier) (io.Reader, error)
|
||||
// GetPeerConfig returns the configuration for the given peer.
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfig(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
// GetPeerConfigQrCode returns the QR code for the given peer.
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier, style string) (io.Reader, error)
|
||||
GetPeerConfigQrCode(ctx context.Context, id domain.PeerIdentifier) (io.Reader, error)
|
||||
}
|
||||
|
||||
type UserDatabaseRepo interface {
|
||||
@@ -89,7 +89,7 @@ func NewMailManager(
|
||||
}
|
||||
|
||||
// SendPeerEmail sends an email to the user linked to the given peers.
|
||||
func (m Manager) SendPeerEmail(ctx context.Context, linkOnly bool, style string, peers ...domain.PeerIdentifier) error {
|
||||
func (m Manager) SendPeerEmail(ctx context.Context, linkOnly bool, peers ...domain.PeerIdentifier) error {
|
||||
for _, peerId := range peers {
|
||||
peer, err := m.wg.GetPeer(ctx, peerId)
|
||||
if err != nil {
|
||||
@@ -123,7 +123,7 @@ func (m Manager) SendPeerEmail(ctx context.Context, linkOnly bool, style string,
|
||||
continue
|
||||
}
|
||||
|
||||
err = m.sendPeerEmail(ctx, linkOnly, style, user, peer)
|
||||
err = m.sendPeerEmail(ctx, linkOnly, user, peer)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to send peer email for %s: %w", peerId, err)
|
||||
}
|
||||
@@ -132,13 +132,7 @@ func (m Manager) SendPeerEmail(ctx context.Context, linkOnly bool, style string,
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m Manager) sendPeerEmail(
|
||||
ctx context.Context,
|
||||
linkOnly bool,
|
||||
style string,
|
||||
user *domain.User,
|
||||
peer *domain.Peer,
|
||||
) error {
|
||||
func (m Manager) sendPeerEmail(ctx context.Context, linkOnly bool, user *domain.User, peer *domain.Peer) error {
|
||||
qrName := "WireGuardQRCode.png"
|
||||
configName := peer.GetConfigFileName()
|
||||
|
||||
@@ -154,12 +148,12 @@ func (m Manager) sendPeerEmail(
|
||||
}
|
||||
|
||||
} else {
|
||||
peerConfig, err := m.configFiles.GetPeerConfig(ctx, peer.Identifier, style)
|
||||
peerConfig, err := m.configFiles.GetPeerConfig(ctx, peer.Identifier)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to fetch peer config for %s: %w", peer.Identifier, err)
|
||||
}
|
||||
|
||||
peerConfigQr, err := m.configFiles.GetPeerConfigQrCode(ctx, peer.Identifier, style)
|
||||
peerConfigQr, err := m.configFiles.GetPeerConfigQrCode(ctx, peer.Identifier)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to fetch peer config QR code for %s: %w", peer.Identifier, err)
|
||||
}
|
||||
|
||||
@@ -461,7 +461,7 @@ func (m Manager) DeleteInterface(ctx context.Context, id domain.InterfaceIdentif
|
||||
|
||||
physicalInterface, _ := m.wg.GetInterface(ctx, id)
|
||||
|
||||
if err := m.handleInterfacePreSaveHooks(existingInterface, !existingInterface.IsDisabled(), false); err != nil {
|
||||
if err := m.handleInterfacePreSaveHooks(true, existingInterface); err != nil {
|
||||
return fmt.Errorf("pre-delete hooks failed: %w", err)
|
||||
}
|
||||
|
||||
@@ -490,7 +490,7 @@ func (m Manager) DeleteInterface(ctx context.Context, id domain.InterfaceIdentif
|
||||
Table: existingInterface.GetRoutingTable(),
|
||||
})
|
||||
|
||||
if err := m.handleInterfacePostSaveHooks(existingInterface, !existingInterface.IsDisabled(), false); err != nil {
|
||||
if err := m.handleInterfacePostSaveHooks(true, existingInterface); err != nil {
|
||||
return fmt.Errorf("post-delete hooks failed: %w", err)
|
||||
}
|
||||
|
||||
@@ -509,9 +509,9 @@ func (m Manager) saveInterface(ctx context.Context, iface *domain.Interface) (
|
||||
return nil, fmt.Errorf("interface validation failed: %w", err)
|
||||
}
|
||||
|
||||
oldEnabled, newEnabled := m.getInterfaceStateHistory(ctx, iface)
|
||||
stateChanged := m.hasInterfaceStateChanged(ctx, iface)
|
||||
|
||||
if err := m.handleInterfacePreSaveHooks(iface, oldEnabled, newEnabled); err != nil {
|
||||
if err := m.handleInterfacePreSaveHooks(stateChanged, iface); err != nil {
|
||||
return nil, fmt.Errorf("pre-save hooks failed: %w", err)
|
||||
}
|
||||
|
||||
@@ -551,7 +551,7 @@ func (m Manager) saveInterface(ctx context.Context, iface *domain.Interface) (
|
||||
m.bus.Publish(app.TopicRouteUpdate, "interface updated: "+string(iface.Identifier))
|
||||
}
|
||||
|
||||
if err := m.handleInterfacePostSaveHooks(iface, oldEnabled, newEnabled); err != nil {
|
||||
if err := m.handleInterfacePostSaveHooks(stateChanged, iface); err != nil {
|
||||
return nil, fmt.Errorf("post-save hooks failed: %w", err)
|
||||
}
|
||||
|
||||
@@ -566,13 +566,32 @@ func (m Manager) saveInterface(ctx context.Context, iface *domain.Interface) (
|
||||
return iface, nil
|
||||
}
|
||||
|
||||
func (m Manager) getInterfaceStateHistory(ctx context.Context, iface *domain.Interface) (oldEnabled, newEnabled bool) {
|
||||
func (m Manager) hasInterfaceStateChanged(ctx context.Context, iface *domain.Interface) bool {
|
||||
oldInterface, err := m.db.GetInterface(ctx, iface.Identifier)
|
||||
if err != nil {
|
||||
return false, !iface.IsDisabled() // if the interface did not exist, we assume it was not enabled
|
||||
return false
|
||||
}
|
||||
|
||||
return !oldInterface.IsDisabled(), !iface.IsDisabled()
|
||||
if oldInterface.IsDisabled() != iface.IsDisabled() {
|
||||
return true // interface in db has changed
|
||||
}
|
||||
|
||||
wgInterface, err := m.wg.GetInterface(ctx, iface.Identifier)
|
||||
if err != nil {
|
||||
return true // interface might not exist - so we assume that there must be a change
|
||||
}
|
||||
|
||||
// compare physical interface settings
|
||||
if len(wgInterface.Addresses) != len(iface.Addresses) ||
|
||||
wgInterface.Mtu != iface.Mtu ||
|
||||
wgInterface.FirewallMark != iface.FirewallMark ||
|
||||
wgInterface.ListenPort != iface.ListenPort ||
|
||||
wgInterface.PrivateKey != iface.PrivateKey ||
|
||||
wgInterface.PublicKey != iface.PublicKey {
|
||||
return true
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func (m Manager) handleInterfacePreSaveActions(iface *domain.Interface) error {
|
||||
@@ -588,14 +607,12 @@ func (m Manager) handleInterfacePreSaveActions(iface *domain.Interface) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m Manager) handleInterfacePreSaveHooks(iface *domain.Interface, oldEnabled, newEnabled bool) error {
|
||||
if oldEnabled == newEnabled {
|
||||
func (m Manager) handleInterfacePreSaveHooks(stateChanged bool, iface *domain.Interface) error {
|
||||
if !stateChanged {
|
||||
return nil // do nothing if state did not change
|
||||
}
|
||||
|
||||
slog.Debug("executing pre-save hooks", "interface", iface.Identifier, "up", newEnabled)
|
||||
|
||||
if newEnabled {
|
||||
if !iface.IsDisabled() {
|
||||
if err := m.quick.ExecuteInterfaceHook(iface.Identifier, iface.PreUp); err != nil {
|
||||
return fmt.Errorf("failed to execute pre-up hook: %w", err)
|
||||
}
|
||||
@@ -607,14 +624,12 @@ func (m Manager) handleInterfacePreSaveHooks(iface *domain.Interface, oldEnabled
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m Manager) handleInterfacePostSaveHooks(iface *domain.Interface, oldEnabled, newEnabled bool) error {
|
||||
if oldEnabled == newEnabled {
|
||||
func (m Manager) handleInterfacePostSaveHooks(stateChanged bool, iface *domain.Interface) error {
|
||||
if !stateChanged {
|
||||
return nil // do nothing if state did not change
|
||||
}
|
||||
|
||||
slog.Debug("executing post-save hooks", "interface", iface.Identifier, "up", newEnabled)
|
||||
|
||||
if newEnabled {
|
||||
if !iface.IsDisabled() {
|
||||
if err := m.quick.ExecuteInterfaceHook(iface.Identifier, iface.PostUp); err != nil {
|
||||
return fmt.Errorf("failed to execute post-up hook: %w", err)
|
||||
}
|
||||
|
||||
@@ -62,7 +62,4 @@ const (
|
||||
|
||||
LockedReasonAdmin = "locked by admin"
|
||||
LockedReasonApi = "locked by admin"
|
||||
|
||||
ConfigStyleRaw = "raw"
|
||||
ConfigStyleWgQuick = "wgquick"
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user