mirror of
https://github.com/eduardogsilva/wireguard_webadmin.git
synced 2026-04-04 06:26:20 +00:00
add "auto apply" for wireguard peers and dns entries
This commit is contained in:
Eduardo Silva
@@ -25,6 +25,11 @@ TIMEZONE=America/Sao_Paulo
|
|||||||
# Example: EXTRA_ALLOWED_HOSTS=app1.example.com,app2.example.com:8443,app3.example.com
|
# Example: EXTRA_ALLOWED_HOSTS=app1.example.com,app2.example.com:8443,app3.example.com
|
||||||
#EXTRA_ALLOWED_HOSTS=app1.example.com,app2.example.com:8443,app3.example.com
|
#EXTRA_ALLOWED_HOSTS=app1.example.com,app2.example.com:8443,app3.example.com
|
||||||
|
|
||||||
|
# Disable automatic apply of WireGuard and DNS configuration changes.
|
||||||
|
# By default, changes to peers and DNS are applied immediately without requiring manual intervention.
|
||||||
|
# Set to true if you prefer to apply changes manually.
|
||||||
|
# DISABLE_AUTO_APPLY=true
|
||||||
|
|
||||||
# Set a custom MTU for WireGuard interfaces (server and client configs).
|
# Set a custom MTU for WireGuard interfaces (server and client configs).
|
||||||
# Only change this if you know what you are doing. The default WireGuard MTU (1420) works for most setups.
|
# Only change this if you know what you are doing. The default WireGuard MTU (1420) works for most setups.
|
||||||
# Must be an integer between 1280 and 9000.
|
# Must be an integer between 1280 and 9000.
|
||||||
|
|||||||
16
dns/views.py
16
dns/views.py
@@ -18,6 +18,14 @@ from .models import DNSFilterList, DNSSettings
|
|||||||
from .models import StaticHost
|
from .models import StaticHost
|
||||||
|
|
||||||
|
|
||||||
|
def _auto_apply_dns(request):
|
||||||
|
if not settings.AUTO_APPLY:
|
||||||
|
return False
|
||||||
|
export_dns_configuration()
|
||||||
|
messages.info(request, _('DNS configuration reloaded automatically.'))
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
def detect_list_format(content):
|
def detect_list_format(content):
|
||||||
for line in content.splitlines():
|
for line in content.splitlines():
|
||||||
line = line.strip()
|
line = line.strip()
|
||||||
@@ -129,9 +137,10 @@ def view_manage_static_host(request):
|
|||||||
if request.GET.get('action') == 'delete':
|
if request.GET.get('action') == 'delete':
|
||||||
if request.GET.get('confirmation') == 'delete':
|
if request.GET.get('confirmation') == 'delete':
|
||||||
static_dns.delete()
|
static_dns.delete()
|
||||||
|
messages.success(request, _('Static DNS deleted successfully'))
|
||||||
|
if not _auto_apply_dns(request):
|
||||||
dns_settings.pending_changes = True
|
dns_settings.pending_changes = True
|
||||||
dns_settings.save()
|
dns_settings.save()
|
||||||
messages.success(request, _('Static DNS deleted successfully'))
|
|
||||||
return redirect('/dns/')
|
return redirect('/dns/')
|
||||||
else:
|
else:
|
||||||
messages.warning(request, _('Static DNS not deleted|Invalid confirmation'))
|
messages.warning(request, _('Static DNS not deleted|Invalid confirmation'))
|
||||||
@@ -142,9 +151,10 @@ def view_manage_static_host(request):
|
|||||||
form = StaticHostForm(request.POST or None, instance=static_dns)
|
form = StaticHostForm(request.POST or None, instance=static_dns)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
form.save()
|
form.save()
|
||||||
|
messages.success(request, _('Static DNS saved successfully'))
|
||||||
|
if not _auto_apply_dns(request):
|
||||||
dns_settings.pending_changes = True
|
dns_settings.pending_changes = True
|
||||||
dns_settings.save()
|
dns_settings.save()
|
||||||
messages.success(request, _('Static DNS saved successfully'))
|
|
||||||
return redirect('/dns/')
|
return redirect('/dns/')
|
||||||
|
|
||||||
context = {
|
context = {
|
||||||
@@ -305,6 +315,7 @@ def view_toggle_dns_list(request):
|
|||||||
dns_list.save()
|
dns_list.save()
|
||||||
export_dns_configuration()
|
export_dns_configuration()
|
||||||
messages.success(request, _('DNS Filter List enabled successfully'))
|
messages.success(request, _('DNS Filter List enabled successfully'))
|
||||||
|
messages.info(request, _('DNS configuration reloaded automatically.'))
|
||||||
else:
|
else:
|
||||||
messages.error(request, _('DNS Filter List not enabled | No valid hosts found'))
|
messages.error(request, _('DNS Filter List not enabled | No valid hosts found'))
|
||||||
else:
|
else:
|
||||||
@@ -312,4 +323,5 @@ def view_toggle_dns_list(request):
|
|||||||
dns_list.save()
|
dns_list.save()
|
||||||
export_dns_configuration()
|
export_dns_configuration()
|
||||||
messages.success(request, _('DNS Filter List disabled successfully'))
|
messages.success(request, _('DNS Filter List disabled successfully'))
|
||||||
|
messages.info(request, _('DNS configuration reloaded automatically.'))
|
||||||
return redirect('/dns/')
|
return redirect('/dns/')
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ services:
|
|||||||
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
||||||
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
||||||
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
||||||
|
- DISABLE_AUTO_APPLY=${DISABLE_AUTO_APPLY}
|
||||||
- CADDY_ENABLED=true
|
- CADDY_ENABLED=true
|
||||||
volumes:
|
volumes:
|
||||||
- wireguard:/etc/wireguard
|
- wireguard:/etc/wireguard
|
||||||
|
|||||||
@@ -17,6 +17,7 @@ services:
|
|||||||
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
||||||
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
||||||
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
||||||
|
- DISABLE_AUTO_APPLY=${DISABLE_AUTO_APPLY}
|
||||||
- CADDY_ENABLED=true
|
- CADDY_ENABLED=true
|
||||||
volumes:
|
volumes:
|
||||||
- wireguard:/etc/wireguard
|
- wireguard:/etc/wireguard
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ services:
|
|||||||
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
- WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL=${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL}
|
||||||
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
- VPN_CLIENTS_CAN_ACCESS_DJANGO=${VPN_CLIENTS_CAN_ACCESS_DJANGO}
|
||||||
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
- WIREGUARD_MTU=${WIREGUARD_MTU}
|
||||||
|
- DISABLE_AUTO_APPLY=${DISABLE_AUTO_APPLY}
|
||||||
volumes:
|
volumes:
|
||||||
- wireguard:/etc/wireguard
|
- wireguard:/etc/wireguard
|
||||||
- static_volume:/app_static_files/
|
- static_volume:/app_static_files/
|
||||||
|
|||||||
@@ -73,6 +73,10 @@ if [ -n "${WIREGUARD_STATUS_CACHE_REFRESH_INTERVAL:-}" ]; then
|
|||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [[ "${DISABLE_AUTO_APPLY,,}" == "true" ]]; then
|
||||||
|
echo "AUTO_APPLY = False" >> /app/wireguard_webadmin/production_settings.py
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -n "${WIREGUARD_MTU:-}" ]; then
|
if [ -n "${WIREGUARD_MTU:-}" ]; then
|
||||||
if [[ "${WIREGUARD_MTU}" =~ ^[0-9]+$ ]] && [ "${WIREGUARD_MTU}" -ge 1280 ] && [ "${WIREGUARD_MTU}" -le 9000 ]; then
|
if [[ "${WIREGUARD_MTU}" =~ ^[0-9]+$ ]] && [ "${WIREGUARD_MTU}" -ge 1280 ] && [ "${WIREGUARD_MTU}" -le 9000 ]; then
|
||||||
echo "WIREGUARD_MTU = ${WIREGUARD_MTU}" >> /app/wireguard_webadmin/production_settings.py
|
echo "WIREGUARD_MTU = ${WIREGUARD_MTU}" >> /app/wireguard_webadmin/production_settings.py
|
||||||
|
|||||||
@@ -20,6 +20,18 @@ from wireguard_tools.views import export_wireguard_configuration
|
|||||||
from .functions import func_create_new_peer
|
from .functions import func_create_new_peer
|
||||||
|
|
||||||
|
|
||||||
|
def _auto_apply(request, instance):
|
||||||
|
if not settings.AUTO_APPLY:
|
||||||
|
return False
|
||||||
|
export_wireguard_configuration(instance)
|
||||||
|
success, message = func_reload_wireguard_interface(instance)
|
||||||
|
if success:
|
||||||
|
messages.info(request, _('wg%(id)s reloaded automatically.') % {'id': instance.instance_id})
|
||||||
|
else:
|
||||||
|
messages.warning(request, _('Auto-apply failed for wg%(id)s: ') % {'id': instance.instance_id} + message)
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
def view_wireguard_peer_list(request):
|
def view_wireguard_peer_list(request):
|
||||||
user_acl = get_object_or_404(UserAcl, user=request.user)
|
user_acl = get_object_or_404(UserAcl, user=request.user)
|
||||||
@@ -148,6 +160,7 @@ def view_wireguard_peer_create(request):
|
|||||||
new_peer, message = func_create_new_peer(current_instance)
|
new_peer, message = func_create_new_peer(current_instance)
|
||||||
if new_peer:
|
if new_peer:
|
||||||
messages.success(request, _('Peer created|Peer created successfully.'))
|
messages.success(request, _('Peer created|Peer created successfully.'))
|
||||||
|
if not _auto_apply(request, new_peer.wireguard_instance):
|
||||||
new_peer.wireguard_instance.pending_changes = True
|
new_peer.wireguard_instance.pending_changes = True
|
||||||
new_peer.wireguard_instance.save()
|
new_peer.wireguard_instance.save()
|
||||||
return redirect('/peer/manage/?peer=' + str(new_peer.uuid))
|
return redirect('/peer/manage/?peer=' + str(new_peer.uuid))
|
||||||
@@ -173,10 +186,11 @@ def view_wireguard_peer_manage(request):
|
|||||||
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=30).exists():
|
if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=30).exists():
|
||||||
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
return render(request, 'access_denied.html', {'page_title': 'Access Denied'})
|
||||||
if request.GET.get('confirmation') == 'delete':
|
if request.GET.get('confirmation') == 'delete':
|
||||||
current_peer.wireguard_instance.pending_changes = True
|
|
||||||
current_peer.wireguard_instance.save()
|
|
||||||
current_peer.delete()
|
current_peer.delete()
|
||||||
messages.success(request, _('Peer deleted|Peer deleted successfully.'))
|
messages.success(request, _('Peer deleted|Peer deleted successfully.'))
|
||||||
|
if not _auto_apply(request, current_instance):
|
||||||
|
current_instance.pending_changes = True
|
||||||
|
current_instance.save()
|
||||||
return redirect('/peer/list/?uuid=' + str(current_instance.uuid))
|
return redirect('/peer/list/?uuid=' + str(current_instance.uuid))
|
||||||
else:
|
else:
|
||||||
messages.warning(request, _('Error deleting peer|Invalid confirmation message. Type "delete" to confirm.'))
|
messages.warning(request, _('Error deleting peer|Invalid confirmation message. Type "delete" to confirm.'))
|
||||||
@@ -224,6 +238,7 @@ def view_wireguard_peer_edit_field(request):
|
|||||||
form = FormClass(request.POST or None, instance=current_peer)
|
form = FormClass(request.POST or None, instance=current_peer)
|
||||||
if form.is_valid():
|
if form.is_valid():
|
||||||
form.save()
|
form.save()
|
||||||
|
if group != 'name' and not _auto_apply(request, current_peer.wireguard_instance):
|
||||||
current_peer.wireguard_instance.pending_changes = True
|
current_peer.wireguard_instance.pending_changes = True
|
||||||
current_peer.wireguard_instance.save()
|
current_peer.wireguard_instance.save()
|
||||||
messages.success(request, _('Peer updated|Peer updated successfully.'))
|
messages.success(request, _('Peer updated|Peer updated successfully.'))
|
||||||
@@ -266,8 +281,10 @@ def view_manage_ip_address(request):
|
|||||||
|
|
||||||
if request.GET.get('action') == 'delete':
|
if request.GET.get('action') == 'delete':
|
||||||
if request.GET.get('confirmation') == 'delete':
|
if request.GET.get('confirmation') == 'delete':
|
||||||
|
is_server_side = current_ip.config_file == 'server'
|
||||||
current_ip.delete()
|
current_ip.delete()
|
||||||
messages.success(request, _('IP address deleted|IP address deleted successfully.'))
|
messages.success(request, _('IP address deleted|IP address deleted successfully.'))
|
||||||
|
if is_server_side and not _auto_apply(request, current_peer.wireguard_instance):
|
||||||
current_peer.wireguard_instance.pending_changes = True
|
current_peer.wireguard_instance.pending_changes = True
|
||||||
current_peer.wireguard_instance.save()
|
current_peer.wireguard_instance.save()
|
||||||
return redirect('/peer/manage/?peer=' + str(current_peer.uuid))
|
return redirect('/peer/manage/?peer=' + str(current_peer.uuid))
|
||||||
@@ -289,6 +306,7 @@ def view_manage_ip_address(request):
|
|||||||
this_form.peer = current_peer
|
this_form.peer = current_peer
|
||||||
this_form.config_file = config_file
|
this_form.config_file = config_file
|
||||||
this_form.save()
|
this_form.save()
|
||||||
|
if config_file == 'server' and not _auto_apply(request, current_peer.wireguard_instance):
|
||||||
current_peer.wireguard_instance.pending_changes = True
|
current_peer.wireguard_instance.pending_changes = True
|
||||||
current_peer.wireguard_instance.save()
|
current_peer.wireguard_instance.save()
|
||||||
if current_ip:
|
if current_ip:
|
||||||
|
|||||||
@@ -174,7 +174,7 @@ WIREGUARD_STATUS_CACHE_WEB_LOAD_PREVIOUS_COUNT = 9
|
|||||||
DNS_CONFIG_FILE = '/etc/dnsmasq/wireguard_webadmin_dns.conf'
|
DNS_CONFIG_FILE = '/etc/dnsmasq/wireguard_webadmin_dns.conf'
|
||||||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||||||
|
|
||||||
WIREGUARD_WEBADMIN_VERSION = 9978
|
WIREGUARD_WEBADMIN_VERSION = 9979
|
||||||
|
|
||||||
CLUSTER_WORKER_CURRENT_VERSION = 11
|
CLUSTER_WORKER_CURRENT_VERSION = 11
|
||||||
CLUSTER_WORKER_MINIMUM_VERSION = 11
|
CLUSTER_WORKER_MINIMUM_VERSION = 11
|
||||||
@@ -183,4 +183,6 @@ CADDY_ENABLED = os.getenv("CADDY_ENABLED", "false").lower() == "true"
|
|||||||
|
|
||||||
WIREGUARD_MTU = None
|
WIREGUARD_MTU = None
|
||||||
|
|
||||||
|
AUTO_APPLY = True
|
||||||
|
|
||||||
from wireguard_webadmin.production_settings import *
|
from wireguard_webadmin.production_settings import *
|
||||||
|
|||||||
Reference in New Issue
Block a user