frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity

Validate, save & display wg config

Browse Source
This commit is contained in:
billz 2020-08-26 23:54:49 +01:00
parent 22651a86b7
commit aff035122b
3 changed files with 49 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
includes/wireguard.php
View File

@ -11,25 +11,47 @@ function DisplayWireGuardConfig()
$status = new StatusMessages(); $status = new StatusMessages();
if (!RASPI_MONITOR_ENABLED) { if (!RASPI_MONITOR_ENABLED) {
if (isset($_POST['savewgettings'])) { if (isset($_POST['savewgettings'])) {
# Todo: validate input // Validate input
if (isset($_POST['authUser'])) { $good_input = true;
$peer_id = strip_tags(trim($_POST'peer_id'])); $peer_id = 1;
if (isset($_POST['peer_id'])) {
$peer_id = escapeshellarg($_POST['peer_id']);
} }
if (isset($_POST['wg_endpoint'])) { if (isset($_POST['wg_endpoint'])) {
$wg_endpoint = strip_tags(trim($_POST['wg_endpoint'])); if (!filter_var($_POST['wg_endpoint'], FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for endpoint address', 'danger');
$good_input = false;
} else {
$wg_endpoint = escapeshellarg($_POST['wg_endpoint']);
}
} }
if (isset($_POST['wg_allowedips'])) { if (isset($_POST['wg_allowedips'])) {
$wg_allowedips = strip_tags(trim($_POST['wg_allowedips'])); if (!filter_var($_POST['wg_allowedips'], FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for allowed IPs', 'danger');
$good_input = false;
} else {
$wg_allowedips = escapeshellarg($_POST['wg_allowedips']);
}
} }
if (isset($_POST['wg_pkeepalive'])) { if (isset($_POST['wg_pkeepalive'])) {
$wg_pkeepalive = strip_tags(trim($_POST['wg_pkeepalive'])); if (strlen($_POST['wg_pkeepalive']) > 4 || !is_numeric($_POST['wg_pkeepalive'])) {
$status->addMessage('Invalid value for persistent keepalive', 'danger');
$good_input = false;
} else {
$wg_pkeepalive = escapeshellarg($_POST['wg_pkeepalive']);
}
} }
if (isset($_POST['wg_peerpubkey'])) { if (isset($_POST['wg_peerpubkey'])) {
$wg_endpoint = strip_tags(trim($_POST['wg_peerpubkey'])); $wg_endpoint = strip_tags(trim($_POST['wg_peerpubkey']));
} }
// Save settings
if ($good_input) {
file_put_contents("/tmp/wgdata", $config); file_put_contents("/tmp/wgdata", $config);
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return); system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
foreach ($return as $line) {
$status->addMessage($line, 'info');
}
}
if ($return == 0) { if ($return == 0) {
$status->addMessage('Wireguard configuration updated successfully', 'success'); $status->addMessage('Wireguard configuration updated successfully', 'success');
} else { } else {
@ -51,8 +73,18 @@ function DisplayWireGuardConfig()
} }
} }
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus); // fetch wg config
exec('sudo cat '. RASPI_WIREGUARD_CONFIG, $return);
$conf = ParseConfig($return);
$wg_port = $conf['ListenPort'];
$wg_ipaddress = $conf['Address'];
$wg_pubkey = $conf['PublicKey'];
$wg_endpoint = $conf['Endpoint'];
$wg_allowedips = $conf['AllowedIPs'];
$wg_pkeepalive = $conf['PersistentKeepalive'];
// fetch service status
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
$serviceStatus = $wgstatus[0] == 0 ? "down" : "up"; $serviceStatus = $wgstatus[0] == 0 ? "down" : "up";
$wg_state = ($wgstatus[0] > 0); $wg_state = ($wgstatus[0] > 0);
@ -63,10 +95,12 @@ function DisplayWireGuardConfig()
"serviceStatus", "serviceStatus",
"endpoint_enable", "endpoint_enable",
"peer_id", "peer_id",
"wg_port",
"wg_ipaddress",
"wg_pubkey",
"wg_endpoint", "wg_endpoint",
"wg_allowedips", "wg_allowedips",
"wg_pkeepalive", "wg_pkeepalive"
"wg_peerpubkey"
) )
); );
} }

2
installers/raspap.sudoers
View File

@ -41,5 +41,7 @@ www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0 www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0 www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg0.conf

2
templates/wg/general.php
View File

@ -36,7 +36,7 @@
<div class="row"> <div class="row">
<div class="form-group col-md-6"> <div class="form-group col-md-6">
<label for="code"><?php echo _("IP Address"); ?></label> <label for="code"><?php echo _("IP Address"); ?></label>
<input type="text" class="form-control" name="RangeEnd" value="<?php echo htmlspecialchars($RangeEnd, ENT_QUOTES); ?>" /> <input type="text" class="form-control" name="wg_ipaddress" value="<?php echo htmlspecialchars($wg_ipaddress, ENT_QUOTES); ?>" />
</div> </div>
</div> </div>