wip: create/update/...

This commit is contained in:
Christoph Haas 2020-11-07 11:47:52 +01:00
parent e084a8aa66
commit ea65e6b43c
2 changed files with 47 additions and 45 deletions

View File

@ -7,6 +7,8 @@ import (
"strings" "strings"
"time" "time"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
) )
@ -273,7 +275,9 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) {
func (s *Server) GetAdminCreatePeer(c *gin.Context) { func (s *Server) GetAdminCreatePeer(c *gin.Context) {
device := s.users.GetDevice() device := s.users.GetDevice()
user := s.users.GetUserByKey(c.Query("pkey")) user := User{}
user.AllowedIPsStr = device.AllowedIPsStr
user.IPsStr = "" // TODO: add a valid ip here
c.HTML(http.StatusOK, "admin_edit_client.html", struct { c.HTML(http.StatusOK, "admin_edit_client.html", struct {
Route string Route string
@ -293,13 +297,26 @@ func (s *Server) GetAdminCreatePeer(c *gin.Context) {
} }
func (s *Server) PostAdminCreatePeer(c *gin.Context) { func (s *Server) PostAdminCreatePeer(c *gin.Context) {
device := s.users.GetDevice() user := User{}
var err error key, err := wgtypes.GeneratePrivateKey()
device.ListenPort, err = strconv.Atoi(c.PostForm("port"))
if err != nil { if err != nil {
s.setAlert(c, "invalid port: "+err.Error(), "danger") s.HandleError(c, http.StatusInternalServerError, "Private key generation error", err.Error())
c.Redirect(http.StatusSeeOther, "/admin/device/edit") return
}
user.PrivateKey = key.String()
user.PublicKey = key.PublicKey().String()
user.Identifier = c.PostForm("identifier")
if user.Identifier == "" {
s.setAlert(c, "invalid identifier, must not be empty", "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/create")
return
}
user.Email = c.PostForm("mail")
if user.Email == "" {
s.setAlert(c, "invalid email, must not be empty", "danger")
c.Redirect(http.StatusSeeOther, "/admin/peer/create")
return return
} }
@ -314,23 +331,10 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
} }
if len(validatedIPs) == 0 { if len(validatedIPs) == 0 {
s.setAlert(c, "invalid ip address", "danger") s.setAlert(c, "invalid ip address", "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin/peer/create")
return return
} }
device.IPs = validatedIPs user.IPs = validatedIPs
device.Endpoint = c.PostForm("endpoint")
dnsField := c.PostForm("dns")
dns := strings.Split(dnsField, ",")
validatedDNS := make([]string, 0, len(dns))
for i := range dns {
dns[i] = strings.TrimSpace(dns[i])
if dns[i] != "" {
validatedDNS = append(validatedDNS, dns[i])
}
}
device.DNS = validatedDNS
allowedIPField := c.PostForm("allowedip") allowedIPField := c.PostForm("allowedip")
allowedIP := strings.Split(allowedIPField, ",") allowedIP := strings.Split(allowedIPField, ",")
@ -341,40 +345,37 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
validatedAllowedIP = append(validatedAllowedIP, allowedIP[i]) validatedAllowedIP = append(validatedAllowedIP, allowedIP[i])
} }
} }
device.AllowedIPs = validatedAllowedIP user.AllowedIPs = validatedAllowedIP
device.Mtu, err = strconv.Atoi(c.PostForm("mtu")) user.IgnorePersistentKeepalive = c.PostForm("ignorekeepalive") != ""
if err != nil { disabled := c.PostForm("isdisabled") != ""
s.setAlert(c, "invalid MTU: "+err.Error(), "danger") now := time.Now()
c.Redirect(http.StatusSeeOther, "/admin/device/edit") if disabled && user.DeactivatedAt == nil {
return user.DeactivatedAt = &now
} } else if !disabled {
user.DeactivatedAt = nil
device.PersistentKeepalive, err = strconv.Atoi(c.PostForm("keepalive"))
if err != nil {
s.setAlert(c, "invalid PersistentKeepalive: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit")
return
} }
// Update WireGuard device // Update WireGuard device
err = s.wg.UpdateDevice(device.DeviceName, device.GetDeviceConfig()) if user.DeactivatedAt == nil {
err = s.wg.AddPeer(user.GetPeerConfig())
if err != nil { if err != nil {
s.setAlert(c, "failed to update device in WireGuard: "+err.Error(), "danger") s.setAlert(c, "failed to add peer in WireGuard: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin/peer/create")
return return
} }
}
// Update in database // Update in database
err = s.users.UpdateDevice(device) err = s.users.CreateUser(user)
if err != nil { if err != nil {
s.setAlert(c, "failed to update device in database: "+err.Error(), "danger") s.setAlert(c, "failed to add user in database: "+err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin/peer/create")
return return
} }
s.setAlert(c, "changes applied successfully", "success") s.setAlert(c, "client created successfully", "success")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin")
} }
func (s *Server) GetUserQRCode(c *gin.Context) { func (s *Server) GetUserQRCode(c *gin.Context) {

View File

@ -2,6 +2,7 @@ package wireguard
var ( var (
ClientCfgTpl = `[Interface] ClientCfgTpl = `[Interface]
#{{ .Client.Identifier }}
Address = {{ .Client.IPsStr }} Address = {{ .Client.IPsStr }}
PrivateKey = {{ .Client.PrivateKey }} PrivateKey = {{ .Client.PrivateKey }}
{{ if ne (len .Server.DNS) 0 -}} {{ if ne (len .Server.DNS) 0 -}}