Mirrors/wireguard_webadmin
1
0
Fork 0
mirror of https://github.com/eduardogsilva/wireguard_webadmin.git synced 2026-02-19 11:16:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

improved cron tasks output and force authentication

Browse Source
This commit is contained in:
Eduardo Silva
2026-02-09 13:09:30 -03:00
parent 05b9644cd3
commit 6c37beece0
9 changed files with 79 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
api/views.py
View File

@@ -41,6 +41,8 @@ def get_api_key(api_name):
api_file_path = '/etc/wireguard/routerfleet_key'
elif api_name == 'rrdkey':
api_file_path = '/app_secrets/rrdtool_key'
elif api_name == 'cron_key':
api_file_path = '/app_secrets/cron_key'
else:
return api_key
@@ -398,6 +400,12 @@ def func_concatenate_cluster_wireguard_status_cache() -> None:
def cron_refresh_wireguard_status_cache(request):
api_key = get_api_key('cron_key')
if api_key and api_key == request.GET.get('cron_key'):
pass
else:
return HttpResponseForbidden()
data = {'status': 'success'}
WireguardStatusCache.objects.filter(created__lt=timezone.now() - timezone.timedelta(seconds=settings.WIREGUARD_STATUS_CACHE_MAX_AGE)).delete()
@@ -414,6 +422,12 @@ def cron_refresh_wireguard_status_cache(request):
def cron_calculate_peer_schedules(request):
api_key = get_api_key('cron_key')
if api_key and api_key == request.GET.get('cron_key'):
pass
else:
return HttpResponseForbidden()
data = {
'status': 'success',
'updated_records': 0,
@@ -484,6 +498,12 @@ def cron_calculate_peer_schedules(request):
def cron_peer_scheduler(request):
api_key = get_api_key('cron_key')
if api_key and api_key == request.GET.get('cron_key'):
pass
else:
return HttpResponseForbidden()
now = timezone.now()
data = {
'status': 'success',
@@ -671,6 +691,12 @@ def legacy_wireguard_status(request):
@require_http_methods(["GET"])
def cron_update_peer_latest_handshake(request):
api_key = get_api_key('cron_key')
if api_key and api_key == request.GET.get('cron_key'):
pass
else:
return HttpResponseForbidden()
command = "wg show all latest-handshakes | expand | tr -s ' '"
process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
stdout, stderr = process.communicate()
@@ -707,6 +733,12 @@ def cron_update_peer_latest_handshake(request):
def cron_check_updates(request):
api_key = get_api_key('cron_key')
if api_key and api_key == request.GET.get('cron_key'):
pass
else:
return HttpResponseForbidden()
webadmin_settings, webadmin_settings_created = WebadminSettings.objects.get_or_create(name='webadmin_settings')
if webadmin_settings.last_checked is None or timezone.now() > (webadmin_settings.last_checked + datetime.timedelta(hours=1)):
try:

9
containers/cron/Dockerfile-cron
View File

@@ -1,15 +1,12 @@
FROM ubuntu:latest
# Instalar cron
RUN apt-get update && apt-get install -y cron curl
RUN apt-get update && apt-get install -y cron curl && rm -rf /var/lib/apt/lists/*
# Adicionar seus scripts de cron
# Adicionar apenas o entrypoint script, as tasks serão geradas lá
COPY entrypoint.sh /entrypoint.sh
COPY cron_runner.sh /cron_runner.sh
RUN chmod +x /entrypoint.sh
RUN chmod +x /cron_runner.sh
# Criar um arquivo de log para armazenar os resultados do cron
RUN touch /var/log/cron.log
# Executar o entrypoint
ENTRYPOINT ["/entrypoint.sh"]

11
containers/cron/cron_runner.sh Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/bash
set -e
[ -z "$1" ] && exit 1
ENDPOINT="$1"
CRON_KEY="$(cat /app_secrets/cron_key)"
URL="http://wireguard-webadmin:8000/api/cron/${ENDPOINT}/?cron_key=${CRON_KEY}"
BODY="$(/usr/bin/curl -sS "$URL" 2>&1 || true)"
echo "[$(date -Is)] ${ENDPOINT} -> ${BODY}"

32
containers/cron/entrypoint.sh
View File

@@ -16,32 +16,28 @@ echo "Starting cron with WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=$WIREGUARD_STAT
# Create cron tasks
cat <<EOF > /etc/cron.d/cron_tasks
*/15 * * * * root sleep 20 ; /usr/bin/curl -s http://wireguard-webadmin:8000/api/cron_check_updates/ >> /var/log/cron.log 2>&1
*/10 * * * * root sleep 15 ; /usr/bin/curl -s http://wireguard-webadmin:8000/api/cron_update_peer_latest_handshake/ >> /var/log/cron.log 2>&1
* * * * * root sleep 10 ; /usr/bin/curl -s http://wireguard-webadmin:8000/api/cron_peer_scheduler/ >> /var/log/cron.log 2>&1
* * * * * root sleep 30 ; /usr/bin/curl -s http://wireguard-webadmin:8000/api/cron_calculate_peer_schedules/ >> /var/log/cron.log 2>&1
*/15 * * * * root sleep 20 ; /cron_runner.sh check_updates >> /var/log/cron.log 2>&1
*/10 * * * * root sleep 15 ; /cron_runner.sh update_peer_latest_handshake >> /var/log/cron.log 2>&1
* * * * * root sleep 10 ; /cron_runner.sh peer_scheduler >> /var/log/cron.log 2>&1
* * * * * root sleep 30 ; /cron_runner.sh calculate_peer_schedules >> /var/log/cron.log 2>&1
EOF
CMD="/usr/bin/curl -s http://wireguard-webadmin:8000/api/cron_refresh_wireguard_status_cache/ >> /var/log/cron.log 2>&1"
CMD="echo -n cron_refresh_wireguard_status_cache ; /cron_runner.sh refresh_wireguard_status_cache >> /var/log/cron.log 2>&1"
if [ "$WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL" -eq 30 ]; then
echo "* * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "* * * * * root sleep 30; $CMD" >> /etc/cron.d/cron_tasks
echo "* * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "* * * * * root sleep 30 ; $CMD" >> /etc/cron.d/cron_tasks
elif [ "$WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL" -eq 60 ]; then
echo "* * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "* * * * * root $CMD" >> /etc/cron.d/cron_tasks
elif [ "$WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL" -eq 150 ]; then
echo "*/5 * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "*/5 * * * * root sleep 150; $CMD" >> /etc/cron.d/cron_tasks
echo "*/5 * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "*/5 * * * * root sleep 150 ; $CMD" >> /etc/cron.d/cron_tasks
elif [ "$WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL" -eq 300 ]; then
echo "*/5 * * * * root $CMD" >> /etc/cron.d/cron_tasks
echo "*/5 * * * * root $CMD" >> /etc/cron.d/cron_tasks
fi
# Permissions
chmod 0644 /etc/cron.d/cron_tasks
# crontab /etc/cron.d/cron_tasks
# Touch log file
touch /var/log/cron.log
# Execute cron
exec cron -f
echo > /var/log/cron.log
cron
tail -n 0 -F /var/log/cron.log

4
docker-compose-no-nginx-dev.yml
View File

@@ -9,7 +9,7 @@ services:
- SERVER_ADDRESS=${SERVER_ADDRESS}
- DEBUG_MODE=${DEBUG_MODE}
- DEV_MODE=True
- COMPOSE_VERSION=c1b
- COMPOSE_VERSION=c1c
- TZ=${TIMEZONE}
- EXTRA_ALLOWED_HOSTS=${EXTRA_ALLOWED_HOSTS}
- WIREGUARD_STATUS_CACHE_ENABLED=${WIREGUARD_STATUS_CACHE_ENABLED}
@@ -48,6 +48,8 @@ services:
environment:
- TZ=${TIMEZONE}
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
volumes:
- app_secrets:/app_secrets/
depends_on:
- wireguard-webadmin

4
docker-compose-no-nginx.yml
View File

@@ -7,7 +7,7 @@ services:
environment:
- SERVER_ADDRESS=${SERVER_ADDRESS}
- DEBUG_MODE=${DEBUG_MODE}
- COMPOSE_VERSION=c1b
- COMPOSE_VERSION=c1c
- TZ=${TIMEZONE}
- EXTRA_ALLOWED_HOSTS=${EXTRA_ALLOWED_HOSTS}
- WIREGUARD_STATUS_CACHE_ENABLED=${WIREGUARD_STATUS_CACHE_ENABLED}
@@ -42,6 +42,8 @@ services:
environment:
- TZ=${TIMEZONE}
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
volumes:
- app_secrets:/app_secrets/
depends_on:
- wireguard-webadmin

4
docker-compose.yml
View File

@@ -7,7 +7,7 @@ services:
environment:
- SERVER_ADDRESS=${SERVER_ADDRESS}
- DEBUG_MODE=${DEBUG_MODE}
- COMPOSE_VERSION=c1b
- COMPOSE_VERSION=c1c
- TZ=${TIMEZONE}
- EXTRA_ALLOWED_HOSTS=${EXTRA_ALLOWED_HOSTS}
- WIREGUARD_STATUS_CACHE_ENABLED=${WIREGUARD_STATUS_CACHE_ENABLED}
@@ -42,6 +42,8 @@ services:
environment:
- TZ=${TIMEZONE}
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
volumes:
- app_secrets:/app_secrets/
depends_on:
- wireguard-webadmin

6
entrypoint.sh
View File

@@ -2,7 +2,7 @@
set -e
if [[ "$COMPOSE_VERSION" != "c1b" ]]; then
if [[ "$COMPOSE_VERSION" != "c1c" ]]; then
echo "ERROR: Please upgrade your docker compose file. Exiting."
exit 1
fi
@@ -21,6 +21,10 @@ if [ ! -f /app_secrets/rrdtool_key ]; then
cat /proc/sys/kernel/random/uuid > /app_secrets/rrdtool_key
fi
if [ ! -f /app_secrets/cron_key ]; then
cat /proc/sys/kernel/random/uuid > /app_secrets/cron_key
fi
SERVER_HOSTNAME=$(echo $SERVER_ADDRESS | cut -d ':' -f 1)
EXTRA_ALLOWED_HOSTS_STRING=""
CSRF_EXTRA_TRUSTED_ORIGINS=""

10
wireguard_webadmin/urls.py
View File

@@ -87,11 +87,11 @@ urlpatterns = [
path('api/instance_info/', api_instance_info, name='api_instance_info'),
path('api/peer_info/', peer_info, name='api_peer_info'),
path('api/peer_invite/', api_peer_invite, name='api_peer_invite'),
path('api/cron_peer_scheduler/', cron_peer_scheduler, name='cron_peer_scheduler'),
path('api/cron_calculate_peer_schedules/', cron_calculate_peer_schedules, name='cron_calculate_peer_schedules'),
path('api/cron_refresh_wireguard_status_cache/', cron_refresh_wireguard_status_cache, name='cron_refresh_wireguard_status_cache'),
path('api/cron_check_updates/', cron_check_updates, name='cron_check_updates'),
path('api/cron_update_peer_latest_handshake/', cron_update_peer_latest_handshake, name='cron_update_peer_latest_handshake'),
path('api/cron/peer_scheduler/', cron_peer_scheduler, name='cron_peer_scheduler'),
path('api/cron/calculate_peer_schedules/', cron_calculate_peer_schedules, name='cron_calculate_peer_schedules'),
path('api/cron/refresh_wireguard_status_cache/', cron_refresh_wireguard_status_cache, name='cron_refresh_wireguard_status_cache'),
path('api/cron/check_updates/', cron_check_updates, name='cron_check_updates'),
path('api/cron/update_peer_latest_handshake/', cron_update_peer_latest_handshake, name='cron_update_peer_latest_handshake'),
path('api/cluster/status/', api_cluster_status, name='api_cluster_status'),
path('api/cluster/worker/get_config_files/', api_get_worker_config_files, name='api_get_worker_config_files'),
path('api/cluster/worker/get_dnsmasq_config/', api_get_worker_dnsmasq_config, name='api_get_worker_dnsmasq_config'),