public_git
/
wg-portal
mirror of https://github.com/h44z/wg-portal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

WIP: support different interface types: server, client and custom. Show different UI for each type.

This commit is contained in:
Christoph Haas 2021-04-02 23:48:30 +02:00
parent 5017fb5759
commit 116a86c5e7
6 changed files with 338 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

273
assets/tpl/admin_edit_interface.html
View File

@ -16,100 +16,315 @@
<h1>Edit interface <strong>{{.Device.DeviceName}}</strong></h1> <h1>Edit interface <strong>{{.Device.DeviceName}}</strong></h1>
{{template "prt_flashes.html" .}} {{template "prt_flashes.html" .}}
<ul class="nav nav-tabs">
<li class="nav-item">
<a class="nav-link {{if eq .Device.Type "server"}}active{{end}}" data-toggle="tab" href="#server">Server Mode</a>
</li>
<li class="nav-item">
<a class="nav-link {{if eq .Device.Type "client"}}active{{end}}" data-toggle="tab" href="#client">Client Mode</a>
</li>
<li class="nav-item">
<a class="nav-link {{if eq .Device.Type "custom"}}active{{end}}" data-toggle="tab" href="#custom">Custom Mode</a>
</li>
</ul>
<div id="configContent" class="tab-content">
<!-- server mode -->
<div class="tab-pane fade {{if eq .Device.Type "server"}}active show{{end}}" id="server">
<form method="post" enctype="multipart/form-data"> <form method="post" enctype="multipart/form-data">
<input type="hidden" name="_csrf" value="{{.Csrf}}"> <input type="hidden" name="_csrf" value="{{.Csrf}}">
<input type="hidden" name="device" value="{{.Device.DeviceName}}"> <input type="hidden" name="device" value="{{.Device.DeviceName}}">
<input type="hidden" name="type" value="server">
<h3>Server's interface configuration</h3> <h3>Server's interface configuration</h3>
{{if .EditableKeys}} {{if .EditableKeys}}
<div class="form-row"> <div class="form-row">
<div class="form-group required col-md-12"> <div class="form-group required col-md-12">
<label for="inputServerPrivateKey">Private Key</label> <label for="server_PrivateKey">Private Key</label>
<input type="text" name="privkey" class="form-control" id="inputServerPrivateKey" value="{{.Device.PrivateKey}}"> <input type="text" name="privkey" class="form-control" id="server_PrivateKey" value="{{.Device.PrivateKey}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group required col-md-12"> <div class="form-group required col-md-12">
<label for="inputServerPublicKey">Public Key</label> <label for="server_PublicKey">Public Key</label>
<input type="text" name="pubkey" class="form-control" id="inputServerPublicKey" value="{{.Device.PublicKey}}"> <input type="text" name="pubkey" class="form-control" id="server_PublicKey" value="{{.Device.PublicKey}}">
</div> </div>
</div> </div>
{{else}} {{else}}
<input type="hidden" name="privkey" value="{{.Device.PrivateKey}}"> <input type="hidden" name="privkey" value="{{.Device.PrivateKey}}">
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-12"> <div class="form-group col-md-12">
<label for="inputServerPublicKey">Public Key</label> <label for="server_ro_PublicKey">Public Key</label>
<input type="text" name="pubkey" readonly class="form-control" id="inputServerPublicKey" value="{{.Device.PublicKey}}"> <input type="text" name="pubkey" readonly class="form-control" id="server_ro_PublicKey" value="{{.Device.PublicKey}}">
</div> </div>
</div> </div>
{{end}} {{end}}
<div class="form-row"> <div class="form-row">
<div class="form-group required col-md-6"> <div class="form-group required col-md-6">
<label for="inputListenPort">Listen port</label> <label for="server_ListenPort">Listen port</label>
<input type="number" name="port" class="form-control" id="inputListenPort" placeholder="51820" value="{{.Device.ListenPort}}"> <input type="number" name="port" class="form-control" id="server_ListenPort" placeholder="51820" value="{{.Device.ListenPort}}">
</div> </div>
<div class="form-group required col-md-6"> <div class="form-group required col-md-6">
<label for="inputIPs">Server IP address</label> <label for="server_IPs">Server IP address</label>
<input type="text" name="ip" class="form-control" id="inputIPs" placeholder="10.6.6.1/24" value="{{.Device.IPsStr}}"> <input type="text" name="ip" class="form-control" id="server_IPs" placeholder="10.6.6.1/24" value="{{.Device.IPsStr}}">
</div> </div>
</div> </div>
<h3>Client's global configuration</h3> <h3>Client's global configuration</h3>
<div class="form-row"> <div class="form-row">
<div class="form-group required col-md-12"> <div class="form-group required col-md-12">
<label for="inputPublicEndpoint">Public Endpoint for Clients</label> <label for="server_PublicEndpoint">Public Endpoint for Clients</label>
<input type="text" name="endpoint" class="form-control" id="inputPublicEndpoint" placeholder="vpn.company.com:51820" value="{{.Device.Endpoint}}"> <input type="text" name="endpoint" class="form-control" id="server_PublicEndpoint" placeholder="vpn.company.com:51820" value="{{.Device.DefaultEndpoint}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-6"> <div class="form-group col-md-6">
<label for="inputDNS">DNS Servers</label> <label for="server_DNS">DNS Servers</label>
<input type="text" name="dns" class="form-control" id="inputDNS" placeholder="1.1.1.1" value="{{.Device.DNSStr}}"> <input type="text" name="dns" class="form-control" id="server_DNS" placeholder="1.1.1.1" value="{{.Device.DNSStr}}">
</div> </div>
<div class="form-group col-md-6"> <div class="form-group col-md-6">
<label for="inputAllowedIP">Default allowed IPs</label> <label for="server_AllowedIP">Default allowed IPs</label>
<input type="text" name="allowedip" class="form-control" id="inputAllowedIP" placeholder="10.6.6.0/24" value="{{.Device.AllowedIPsStr}}"> <input type="text" name="allowedip" class="form-control" id="server_AllowedIP" placeholder="10.6.6.0/24" value="{{.Device.DefaultAllowedIPsStr}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-6"> <div class="form-group col-md-6">
<label for="inputMTU">Global MTU</label> <label for="server_MTU">Global MTU</label>
<input type="number" name="mtu" class="form-control" id="inputMTU" placeholder="0" value="{{.Device.Mtu}}"> <input type="number" name="mtu" class="form-control" id="server_MTU" placeholder="0" value="{{.Device.Mtu}}">
</div> </div>
<div class="form-group col-md-6"> <div class="form-group col-md-6">
<label for="inputPersistentKeepalive">Persistent Keepalive</label> <label for="server_PersistentKeepalive">Persistent Keepalive</label>
<input type="number" name="keepalive" class="form-control" id="inputPersistentKeepalive" placeholder="16" value="{{.Device.PersistentKeepalive}}"> <input type="number" name="keepalive" class="form-control" id="server_PersistentKeepalive" placeholder="16" value="{{.Device.DefaultPersistentKeepalive}}">
</div> </div>
</div> </div>
<h3>Interface configuration hooks</h3> <h3>Interface configuration hooks</h3>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-12"> <div class="form-group col-md-12">
<label for="inputPreUp">Pre Up</label> <label for="server_PreUp">Pre Up</label>
<input type="text" name="preup" class="form-control" id="inputPreUp" value="{{.Device.PreUp}}"> <input type="text" name="preup" class="form-control" id="server_PreUp" value="{{.Device.PreUp}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-12"> <div class="form-group col-md-12">
<label for="inputPostUp">Post Up</label> <label for="server_PostUp">Post Up</label>
<input type="text" name="postup" class="form-control" id="inputPostUp" value="{{.Device.PostUp}}"> <input type="text" name="postup" class="form-control" id="server_PostUp" value="{{.Device.PostUp}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-12"> <div class="form-group col-md-12">
<label for="inputPreDown">Pre Down</label> <label for="server_PreDown">Pre Down</label>
<input type="text" name="predown" class="form-control" id="inputPreDown" value="{{.Device.PreDown}}"> <input type="text" name="predown" class="form-control" id="server_PreDown" value="{{.Device.PreDown}}">
</div> </div>
</div> </div>
<div class="form-row"> <div class="form-row">
<div class="form-group col-md-12"> <div class="form-group col-md-12">
<label for="inputPostDown">Post Down</label> <label for="server_PostDown">Post Down</label>
<input type="text" name="postdown" class="form-control" id="inputPostDown" value="{{.Device.PostDown}}"> <input type="text" name="postdown" class="form-control" id="server_PostDown" value="{{.Device.PostDown}}">
</div> </div>
</div> </div>
<button type="submit" class="btn btn-primary">Save</button> <button type="submit" class="btn btn-primary">Save</button>
<a href="/admin" class="btn btn-secondary">Cancel</a> <a href="/admin" class="btn btn-secondary">Cancel</a>
<a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Allowed IP's to clients</a> <a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Global Settings to peers</a>
</form> </form>
</div> </div>
<!-- client mode -->
<div class="tab-pane fade {{if eq .Device.Type "client"}}active show{{end}}" id="client">
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="_csrf" value="{{.Csrf}}">
<input type="hidden" name="device" value="{{.Device.DeviceName}}">
<input type="hidden" name="type" value="client">
<h3>Client's interface configuration</h3>
{{if .EditableKeys}}
<div class="form-row">
<div class="form-group required col-md-12">
<label for="client_PrivateKey">Private Key</label>
<input type="text" name="privkey" class="form-control" id="client_PrivateKey" value="{{.Device.PrivateKey}}">
</div>
</div>
<div class="form-row">
<div class="form-group required col-md-12">
<label for="client_PublicKey">Public Key</label>
<input type="text" name="pubkey" class="form-control" id="client_PublicKey" value="{{.Device.PublicKey}}">
</div>
</div>
{{else}}
<input type="hidden" name="privkey" value="{{.Device.PrivateKey}}">
<div class="form-row">
<div class="form-group col-md-12">
<label for="client_ro_PublicKey">Public Key</label>
<input type="text" name="pubkey" readonly class="form-control" id="client_ro_PublicKey" value="{{.Device.PublicKey}}">
</div>
</div>
{{end}}
<div class="form-row">
<div class="form-group required col-md-6">
<label for="client_IPs">Client IP address</label>
<input type="text" name="ip" class="form-control" id="client_IPs" placeholder="10.6.6.1/24" value="{{.Device.IPsStr}}">
</div>
<div class="form-group col-md-6">
<label for="client_DNS">DNS Servers</label>
<input type="text" name="dns" class="form-control" id="client_DNS" placeholder="1.1.1.1" value="{{.Device.DNSStr}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-4">
<label for="client_MTU">Global MTU</label>
<input type="number" name="mtu" class="form-control" id="client_MTU" placeholder="0" value="{{.Device.Mtu}}">
</div>
<div class="form-group col-md-4">
<label for="client_FirewallMark">Firewall Mark</label>
<input type="number" name="firewallmark" class="form-control" id="client_FirewallMark" placeholder="0" value="{{.Device.FirewallMark}}">
</div>
<div class="form-group col-md-4">
<label for="client_RoutingTable">Routing Table</label>
<input type="text" name="routingtable" class="form-control" id="client_RoutingTable" placeholder="0" value="{{.Device.RoutingTable}}">
</div>
</div>
<h3>Interface configuration hooks</h3>
<div class="form-row">
<div class="form-group col-md-12">
<label for="client_PreUp">Pre Up</label>
<input type="text" name="preup" class="form-control" id="client_PreUp" value="{{.Device.PreUp}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="client_PostUp">Post Up</label>
<input type="text" name="postup" class="form-control" id="client_PostUp" value="{{.Device.PostUp}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="client_PreDown">Pre Down</label>
<input type="text" name="predown" class="form-control" id="client_PreDown" value="{{.Device.PreDown}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="client_PostDown">Post Down</label>
<input type="text" name="postdown" class="form-control" id="client_PostDown" value="{{.Device.PostDown}}">
</div>
</div>
<button type="submit" class="btn btn-primary">Save</button>
<a href="/admin" class="btn btn-secondary">Cancel</a>
<a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Global Settings to peers</a>
</form>
</div>
<!-- custom mode -->
<div class="tab-pane fade {{if eq .Device.Type "custom"}}active show{{end}}" id="custom">
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="_csrf" value="{{.Csrf}}">
<input type="hidden" name="device" value="{{.Device.DeviceName}}">
<input type="hidden" name="type" value="custom">
<h3>Custom interface configuration</h3>
{{if .EditableKeys}}
<div class="form-row">
<div class="form-group required col-md-12">
<label for="custom_PrivateKey">Private Key</label>
<input type="text" name="privkey" class="form-control" id="custom_PrivateKey" value="{{.Device.PrivateKey}}">
</div>
</div>
<div class="form-row">
<div class="form-group required col-md-12">
<label for="custom_PublicKey">Public Key</label>
<input type="text" name="pubkey" class="form-control" id="custom_PublicKey" value="{{.Device.PublicKey}}">
</div>
</div>
{{else}}
<input type="hidden" name="privkey" value="{{.Device.PrivateKey}}">
<div class="form-row">
<div class="form-group col-md-12">
<label for="custom_ro_PublicKey">Public Key</label>
<input type="text" name="pubkey" readonly class="form-control" id="custom_ro_PublicKey" value="{{.Device.PublicKey}}">
</div>
</div>
{{end}}
<div class="form-row">
<div class="form-group col-md-6">
<label for="custom_ListenPort">Listen port</label>
<input type="number" name="port" class="form-control" id="custom_ListenPort" placeholder="51820" value="{{.Device.ListenPort}}">
</div>
<div class="form-group col-md-6">
<label for="custom_IPs">Interface IP address</label>
<input type="text" name="ip" class="form-control" id="custom_IPs" placeholder="10.6.6.1/24" value="{{.Device.IPsStr}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="custom_MTU">Global MTU</label>
<input type="number" name="mtu" class="form-control" id="custom_MTU" placeholder="0" value="{{.Device.Mtu}}">
</div>
<div class="form-group col-md-6">
<label for="custom_SaveConfig">Save Configuration</label>
<input type="number" name="saveconfig" class="form-control" id="custom_SaveConfig" placeholder="0" value="{{.Device.SaveConfig}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="custom_FirewallMark">Firewall Mark</label>
<input type="number" name="firewallmark" class="form-control" id="custom_FirewallMark" placeholder="0" value="{{.Device.FirewallMark}}">
</div>
<div class="form-group col-md-6">
<label for="custom_RoutingTable">Routing Table</label>
<input type="text" name="routingtable" class="form-control" id="custom_RoutingTable" placeholder="0" value="{{.Device.RoutingTable}}">
</div>
</div>
<h3>Peer's global configuration</h3>
<div class="form-row">
<div class="form-group col-md-6">
<label for="custom_PublicEndpoint">Public Endpoint for Clients</label>
<input type="text" name="endpoint" class="form-control" id="custom_PublicEndpoint" placeholder="vpn.company.com:51820" value="{{.Device.DefaultEndpoint}}">
</div>
<div class="form-group col-md-6">
<label for="custom_PersistentKeepalive">Persistent Keepalive</label>
<input type="number" name="keepalive" class="form-control" id="custom_PersistentKeepalive" placeholder="16" value="{{.Device.DefaultPersistentKeepalive}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="custom_DNS">DNS Servers</label>
<input type="text" name="dns" class="form-control" id="custom_DNS" placeholder="1.1.1.1" value="{{.Device.DNSStr}}">
</div>
<div class="form-group col-md-6">
<label for="custom_AllowedIP">Default allowed IPs</label>
<input type="text" name="allowedip" class="form-control" id="custom_AllowedIP" placeholder="10.6.6.0/24" value="{{.Device.DefaultAllowedIPsStr}}">
</div>
</div>
<h3>Interface configuration hooks</h3>
<div class="form-row">
<div class="form-group col-md-12">
<label for="custom_PreUp">Pre Up</label>
<input type="text" name="preup" class="form-control" id="custom_PreUp" value="{{.Device.PreUp}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="server_PostUp">Post Up</label>
<input type="text" name="postup" class="form-control" id="custom_PostUp" value="{{.Device.PostUp}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="custom_PreDown">Pre Down</label>
<input type="text" name="predown" class="form-control" id="custom_PreDown" value="{{.Device.PreDown}}">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-12">
<label for="server_PostDown">Post Down</label>
<input type="text" name="postdown" class="form-control" id="custom_PostDown" value="{{.Device.PostDown}}">
</div>
</div>
<button type="submit" class="btn btn-primary">Save</button>
<a href="/admin" class="btn btn-secondary">Cancel</a>
<a href="/admin/device/applyglobals" class="btn btn-dark float-right">Apply Global Settings to clients</a>
</form>
</div>
</div>
</div>
{{template "prt_footer.html" .}} {{template "prt_footer.html" .}}
<script src="/js/jquery.min.js"></script> <script src="/js/jquery.min.js"></script>
<script src="/js/bootstrap.bundle.min.js"></script> <script src="/js/bootstrap.bundle.min.js"></script>

6
assets/tpl/admin_index.html
View File

@ -35,7 +35,7 @@
</tr> </tr>
<tr> <tr>
<td>Public Endpoint:</td> <td>Public Endpoint:</td>
<td>{{.Device.Endpoint}}</td> <td>{{.Device.DefaultEndpoint}}</td>
</tr> </tr>
<tr> <tr>
<td>Listening Port:</td> <td>Listening Port:</td>
@ -61,7 +61,7 @@
</tr> </tr>
<tr> <tr>
<td>Default allowed IP's:</td> <td>Default allowed IP's:</td>
<td>{{.Device.AllowedIPsStr}}</td> <td>{{.Device.DefaultAllowedIPsStr}}</td>
</tr> </tr>
<tr> <tr>
<td>Default DNS servers:</td> <td>Default DNS servers:</td>
@ -73,7 +73,7 @@
</tr> </tr>
<tr> <tr>
<td>Default Keepalive Interval:</td> <td>Default Keepalive Interval:</td>
<td>{{.Device.PersistentKeepalive}}</td> <td>{{.Device.DefaultPersistentKeepalive}}</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>

2
internal/common/db.go
View File

@ -38,7 +38,7 @@ func GetDatabaseForConfig(cfg *DatabaseConfig) (db *gorm.DB, err error) {
return return
} }
} }
db, err = gorm.Open(sqlite.Open(cfg.Database), &gorm.Config{}) db, err = gorm.Open(sqlite.Open(cfg.Database), &gorm.Config{DisableForeignKeyConstraintWhenMigrating: true})
if err != nil { if err != nil {
return return
} }

8
internal/server/handlers_interface.go
View File

@ -45,10 +45,10 @@ func (s *Server) PostAdminEditInterface(c *gin.Context) {
} }
// Clean list input // Clean list input
formDevice.IPs = common.ParseStringList(formDevice.IPsStr) formDevice.IPs = common.ParseStringList(formDevice.IPsStr)
formDevice.AllowedIPs = common.ParseStringList(formDevice.AllowedIPsStr) formDevice.DefaultAllowedIPs = common.ParseStringList(formDevice.DefaultAllowedIPsStr)
formDevice.DNS = common.ParseStringList(formDevice.DNSStr) formDevice.DNS = common.ParseStringList(formDevice.DNSStr)
formDevice.IPsStr = common.ListToString(formDevice.IPs) formDevice.IPsStr = common.ListToString(formDevice.IPs)
formDevice.AllowedIPsStr = common.ListToString(formDevice.AllowedIPs) formDevice.DefaultAllowedIPsStr = common.ListToString(formDevice.DefaultAllowedIPs)
formDevice.DNSStr = common.ListToString(formDevice.DNS) formDevice.DNSStr = common.ListToString(formDevice.DNS)
// Update WireGuard device // Update WireGuard device
@ -122,8 +122,8 @@ func (s *Server) GetApplyGlobalConfig(c *gin.Context) {
peers := s.peers.GetAllPeers(device.DeviceName) peers := s.peers.GetAllPeers(device.DeviceName)
for _, peer := range peers { for _, peer := range peers {
peer.AllowedIPs = device.AllowedIPs peer.AllowedIPs = device.DefaultAllowedIPs
peer.AllowedIPsStr = device.AllowedIPsStr peer.AllowedIPsStr = device.DefaultAllowedIPsStr
if err := s.peers.UpdatePeer(peer); err != nil { if err := s.peers.UpdatePeer(peer); err != nil {
SetFlashMessage(c, err.Error(), "danger") SetFlashMessage(c, err.Error(), "danger")
c.Redirect(http.StatusSeeOther, "/admin/device/edit") c.Redirect(http.StatusSeeOther, "/admin/device/edit")

4
internal/server/server_helper.go
View File

@ -23,7 +23,7 @@ func (s *Server) PrepareNewPeer(device string) (wireguard.Peer, error) {
peer := wireguard.Peer{} peer := wireguard.Peer{}
peer.IsNew = true peer.IsNew = true
peer.AllowedIPsStr = dev.AllowedIPsStr peer.AllowedIPsStr = dev.DefaultAllowedIPsStr
peer.IPs = make([]string, len(dev.IPs)) peer.IPs = make([]string, len(dev.IPs))
for i := range dev.IPs { for i := range dev.IPs {
freeIP, err := s.peers.GetAvailableIp(device, dev.IPs[i]) freeIP, err := s.peers.GetAvailableIp(device, dev.IPs[i])
@ -77,7 +77,7 @@ func (s *Server) CreatePeerByEmail(device, email, identifierSuffix string, disab
// This function also configures the new peer on the physical WireGuard interface if the peer is not deactivated. // This function also configures the new peer on the physical WireGuard interface if the peer is not deactivated.
func (s *Server) CreatePeer(device string, peer wireguard.Peer) error { func (s *Server) CreatePeer(device string, peer wireguard.Peer) error {
dev := s.peers.GetDevice(device) dev := s.peers.GetDevice(device)
peer.AllowedIPsStr = dev.AllowedIPsStr peer.AllowedIPsStr = dev.DefaultAllowedIPsStr
if peer.IPs == nil || len(peer.IPs) == 0 { if peer.IPs == nil || len(peer.IPs) == 0 {
peer.IPs = make([]string, len(dev.IPs)) peer.IPs = make([]string, len(dev.IPs))
for i := range dev.IPs { for i := range dev.IPs {

75
internal/wireguard/peermanager.go
View File

@ -1,5 +1,7 @@
package wireguard package wireguard
// WireGuard documentation: https://manpages.debian.org/unstable/wireguard-tools/wg.8.en.html
import ( import (
"bytes" "bytes"
"crypto/md5" "crypto/md5"
@ -64,6 +66,7 @@ func init() {
type Peer struct { type Peer struct {
Peer *wgtypes.Peer `gorm:"-"` // WireGuard peer Peer *wgtypes.Peer `gorm:"-"` // WireGuard peer
Device *Device `gorm:"foreignKey:DeviceName"` // linked WireGuard device
Config string `gorm:"-"` Config string `gorm:"-"`
UID string `form:"uid" binding:"alphanum"` // uid for html identification UID string `form:"uid" binding:"alphanum"` // uid for html identification
@ -73,16 +76,23 @@ type Peer struct {
Email string `gorm:"index" form:"mail" binding:"required,email"` Email string `gorm:"index" form:"mail" binding:"required,email"`
LastHandshake string `gorm:"-"` LastHandshake string `gorm:"-"`
LastHandshakeTime string `gorm:"-"` LastHandshakeTime string `gorm:"-"`
IgnoreGlobalSettings bool `form:"ignoreglobalsettings"`
DeviceName string `gorm:"index"`
IgnorePersistentKeepalive bool `form:"ignorekeepalive"` // Core WireGuard Settings
PublicKey string `gorm:"primaryKey" form:"pubkey" binding:"required,base64"`
PresharedKey string `form:"presharedkey" binding:"omitempty,base64"` PresharedKey string `form:"presharedkey" binding:"omitempty,base64"`
AllowedIPsStr string `form:"allowedip" binding:"cidrlist"` AllowedIPsStr string `form:"allowedip" binding:"cidrlist"`
IPsStr string `form:"ip" binding:"cidrlist"`
AllowedIPs []string `gorm:"-"` // IPs that are used in the client config file AllowedIPs []string `gorm:"-"` // IPs that are used in the client config file
IPs []string `gorm:"-"` // The IPs of the client Endpoint string `form:"endpoint" binding:"hostname_port"`
PersistentKeepalive int `form:"keepalive" binding:"gte=0"`
// Misc. WireGuard Settings
PrivateKey string `form:"privkey" binding:"omitempty,base64"` PrivateKey string `form:"privkey" binding:"omitempty,base64"`
PublicKey string `gorm:"primaryKey" form:"pubkey" binding:"required,base64"` IPsStr string `form:"ip" binding:"cidrlist"`
DeviceName string `gorm:"index"` IPs []string `gorm:"-"` // The IPs of the client
DNSStr string `form:"dns" binding:"iplist"` // comma separated list of:
DNS []string `gorm:"-"` // the DNS servers for the client
DeactivatedAt *time.Time DeactivatedAt *time.Time
CreatedBy string CreatedBy string
@ -189,26 +199,44 @@ func (p Peer) GetConfigFileName() string {
// DEVICE -------------------------------------------------------------------------------------- // DEVICE --------------------------------------------------------------------------------------
// //
type DeviceType string
const (
DeviceTypeServer DeviceType = "server"
DeviceTypeClient DeviceType = "client"
DeviceTypeCustom DeviceType = "custom"
)
type Device struct { type Device struct {
Interface *wgtypes.Device `gorm:"-"` Interface *wgtypes.Device `gorm:"-"`
Type DeviceType `form:"devicetype"`
DeviceName string `form:"device" gorm:"primaryKey" binding:"required,alphanum"` DeviceName string `form:"device" gorm:"primaryKey" binding:"required,alphanum"`
// Core WireGuard Settings (Interface section)
PrivateKey string `form:"privkey" binding:"required,base64"` PrivateKey string `form:"privkey" binding:"required,base64"`
PublicKey string `form:"pubkey" binding:"required,base64"`
PersistentKeepalive int `form:"keepalive" binding:"gte=0"`
ListenPort int `form:"port" binding:"required,gt=0"` ListenPort int `form:"port" binding:"required,gt=0"`
Mtu int `form:"mtu" binding:"gte=0,lte=1500"` FirewallMark int32 `form:"firewallmark"`
Endpoint string `form:"endpoint" binding:"required,hostname_port"` // Misc. WireGuard Settings
AllowedIPsStr string `form:"allowedip" binding:"cidrlist"` PublicKey string `form:"pubkey" binding:"required,base64"`
IPsStr string `form:"ip" binding:"required,cidrlist"` Mtu int `form:"mtu" binding:"gte=0,lte=1500"` // the interface MTU, wg-quick addition
AllowedIPs []string `gorm:"-"` // IPs that are used in the client config file IPsStr string `form:"ip" binding:"required,cidrlist"` // comma separated list of:
IPs []string `gorm:"-"` // The IPs of the client IPs []string `gorm:"-"` // the IPs of the client, wg-quick addition
DNSStr string `form:"dns" binding:"iplist"` DNSStr string `form:"dns" binding:"iplist"` // comma separated list of:
DNS []string `gorm:"-"` // The DNS servers of the client DNS []string `gorm:"-"` // the DNS servers of the client, wg-quick addition
PreUp string `form:"preup"` RoutingTable string `form:"routingtable"` // the routing table, wg-quick addition
PostUp string `form:"postup"` PreUp string `form:"preup"` // pre up script, wg-quick addition
PreDown string `form:"predown"` PostUp string `form:"postup"` // post up script, wg-quick addition
PostDown string `form:"postdown"` PreDown string `form:"predown"` // pre down script, wg-quick addition
PostDown string `form:"postdown"` // post down script, wg-quick addition
SaveConfig bool `form:"saveconfig"` // if set to `true', the configuration is saved from the current state of the interface upon shutdown, wg-quick addition
// Settings that are applied to all peer by default
DefaultEndpoint string `form:"endpoint" binding:"required,hostname_port"`
DefaultAllowedIPsStr string `form:"allowedip" binding:"cidrlist"`
DefaultAllowedIPs []string `gorm:"-"` // IPs that are used in the client config file
DefaultPersistentKeepalive int `form:"keepalive" binding:"gte=0"`
CreatedAt time.Time CreatedAt time.Time
UpdatedAt time.Time UpdatedAt time.Time
} }
@ -220,7 +248,7 @@ func (d Device) IsValid() bool {
if len(d.IPs) == 0 { if len(d.IPs) == 0 {
return false return false
} }
if d.Endpoint == "" { if d.DefaultEndpoint == "" {
return false return false
} }
@ -370,12 +398,13 @@ func (m *PeerManager) validateOrCreateDevice(dev wgtypes.Device, ipAddresses []s
m.db.Where("device_name = ?", dev.Name).FirstOrInit(&device) m.db.Where("device_name = ?", dev.Name).FirstOrInit(&device)
if device.PublicKey == "" { // device not found, create if device.PublicKey == "" { // device not found, create
device.Type = DeviceTypeCustom // imported device, we do not (easily) know if it is a client or server
device.PublicKey = dev.PublicKey.String() device.PublicKey = dev.PublicKey.String()
device.PrivateKey = dev.PrivateKey.String() device.PrivateKey = dev.PrivateKey.String()
device.DeviceName = dev.Name device.DeviceName = dev.Name
device.ListenPort = dev.ListenPort device.ListenPort = dev.ListenPort
device.Mtu = 0 device.Mtu = 0
device.PersistentKeepalive = 16 // Default device.DefaultPersistentKeepalive = 16 // Default
device.IPsStr = strings.Join(ipAddresses, ", ") device.IPsStr = strings.Join(ipAddresses, ", ")
if mtu == DefaultMTU { if mtu == DefaultMTU {
mtu = 0 mtu = 0
@ -423,7 +452,7 @@ func (m *PeerManager) populatePeerData(peer *Peer) {
// populateDeviceData enriches the device struct with WireGuard live data like interface information // populateDeviceData enriches the device struct with WireGuard live data like interface information
func (m *PeerManager) populateDeviceData(device *Device) { func (m *PeerManager) populateDeviceData(device *Device) {
device.AllowedIPs = strings.Split(device.AllowedIPsStr, ", ") device.DefaultAllowedIPs = strings.Split(device.DefaultAllowedIPsStr, ", ")
device.IPs = strings.Split(device.IPsStr, ", ") device.IPs = strings.Split(device.IPsStr, ", ")
device.DNS = strings.Split(device.DNSStr, ", ") device.DNS = strings.Split(device.DNSStr, ", ")
@ -621,7 +650,7 @@ func (m *PeerManager) DeletePeer(peer Peer) error {
func (m *PeerManager) UpdateDevice(device Device) error { func (m *PeerManager) UpdateDevice(device Device) error {
device.UpdatedAt = time.Now() device.UpdatedAt = time.Now()
device.AllowedIPsStr = strings.Join(device.AllowedIPs, ", ") device.DefaultAllowedIPsStr = strings.Join(device.DefaultAllowedIPs, ", ")
device.IPsStr = strings.Join(device.IPs, ", ") device.IPsStr = strings.Join(device.IPs, ", ")
device.DNSStr = strings.Join(device.DNS, ", ") device.DNSStr = strings.Join(device.DNS, ", ")