frodovdr
/
raspap-webgui
mirror of https://github.com/billz/raspap-webgui.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Validate, save & display wg config

This commit is contained in:
billz 2020-08-26 23:54:49 +01:00
parent 22651a86b7
commit aff035122b
3 changed files with 49 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
includes/wireguard.php
View File

@ -11,25 +11,47 @@ function DisplayWireGuardConfig()
$status = new StatusMessages();
if (!RASPI_MONITOR_ENABLED) {
if (isset($_POST['savewgettings'])) {
# Todo: validate input
if (isset($_POST['authUser'])) {
$peer_id = strip_tags(trim($_POST'peer_id']));
// Validate input
$good_input = true;
$peer_id = 1;
if (isset($_POST['peer_id'])) {
$peer_id = escapeshellarg($_POST['peer_id']);
}
if (isset($_POST['wg_endpoint'])) {
$wg_endpoint = strip_tags(trim($_POST['wg_endpoint']));
if (!filter_var($_POST['wg_endpoint'], FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for endpoint address', 'danger');
$good_input = false;
} else {
$wg_endpoint = escapeshellarg($_POST['wg_endpoint']);
}
}
if (isset($_POST['wg_allowedips'])) {
$wg_allowedips = strip_tags(trim($_POST['wg_allowedips']));
if (!filter_var($_POST['wg_allowedips'], FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for allowed IPs', 'danger');
$good_input = false;
} else {
$wg_allowedips = escapeshellarg($_POST['wg_allowedips']);
}
}
if (isset($_POST['wg_pkeepalive'])) {
$wg_pkeepalive = strip_tags(trim($_POST['wg_pkeepalive']));
if (strlen($_POST['wg_pkeepalive']) > 4 || !is_numeric($_POST['wg_pkeepalive'])) {
$status->addMessage('Invalid value for persistent keepalive', 'danger');
$good_input = false;
} else {
$wg_pkeepalive = escapeshellarg($_POST['wg_pkeepalive']);
}
}
if (isset($_POST['wg_peerpubkey'])) {
$wg_endpoint = strip_tags(trim($_POST['wg_peerpubkey']));
}
file_put_contents("/tmp/wgdata", $config);
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
// Save settings
if ($good_input) {
file_put_contents("/tmp/wgdata", $config);
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
foreach ($return as $line) {
$status->addMessage($line, 'info');
}
}
if ($return == 0) {
$status->addMessage('Wireguard configuration updated successfully', 'success');
} else {
@ -51,8 +73,18 @@ function DisplayWireGuardConfig()
}
}
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
// fetch wg config
exec('sudo cat '. RASPI_WIREGUARD_CONFIG, $return);
$conf = ParseConfig($return);
$wg_port = $conf['ListenPort'];
$wg_ipaddress = $conf['Address'];
$wg_pubkey = $conf['PublicKey'];
$wg_endpoint = $conf['Endpoint'];
$wg_allowedips = $conf['AllowedIPs'];
$wg_pkeepalive = $conf['PersistentKeepalive'];
// fetch service status
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
$serviceStatus = $wgstatus[0] == 0 ? "down" : "up";
$wg_state = ($wgstatus[0] > 0);
@ -63,10 +95,12 @@ function DisplayWireGuardConfig()
"serviceStatus",
"endpoint_enable",
"peer_id",
"wg_port",
"wg_ipaddress",
"wg_pubkey",
"wg_endpoint",
"wg_allowedips",
"wg_pkeepalive",
"wg_peerpubkey"
"wg_pkeepalive"
)
);
}

2
installers/raspap.sudoers
View File

@ -41,5 +41,7 @@ www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg0.conf

2
templates/wg/general.php
View File

@ -36,7 +36,7 @@
<div class="row">
<div class="form-group col-md-6">
<label for="code"><?php echo _("IP Address"); ?></label>
<input type="text" class="form-control" name="RangeEnd" value="<?php echo htmlspecialchars($RangeEnd, ENT_QUOTES); ?>" />
<input type="text" class="form-control" name="wg_ipaddress" value="<?php echo htmlspecialchars($wg_ipaddress, ENT_QUOTES); ?>" />
</div>
</div>