Validate, save & display wg config
This commit is contained in:
billz
parent
22651a86b7
commit
aff035122b
|
|
@ -11,25 +11,47 @@ function DisplayWireGuardConfig()
|
||||||
$status = new StatusMessages();
|
$status = new StatusMessages();
|
||||||
if (!RASPI_MONITOR_ENABLED) {
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['savewgettings'])) {
|
if (isset($_POST['savewgettings'])) {
|
||||||
# Todo: validate input
|
// Validate input
|
||||||
if (isset($_POST['authUser'])) {
|
$good_input = true;
|
||||||
$peer_id = strip_tags(trim($_POST'peer_id']));
|
$peer_id = 1;
|
||||||
|
if (isset($_POST['peer_id'])) {
|
||||||
|
$peer_id = escapeshellarg($_POST['peer_id']);
|
||||||
}
|
}
|
||||||
if (isset($_POST['wg_endpoint'])) {
|
if (isset($_POST['wg_endpoint'])) {
|
||||||
$wg_endpoint = strip_tags(trim($_POST['wg_endpoint']));
|
if (!filter_var($_POST['wg_endpoint'], FILTER_VALIDATE_IP)) {
|
||||||
|
$status->addMessage('Invalid value for endpoint address', 'danger');
|
||||||
|
$good_input = false;
|
||||||
|
} else {
|
||||||
|
$wg_endpoint = escapeshellarg($_POST['wg_endpoint']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST['wg_allowedips'])) {
|
if (isset($_POST['wg_allowedips'])) {
|
||||||
$wg_allowedips = strip_tags(trim($_POST['wg_allowedips']));
|
if (!filter_var($_POST['wg_allowedips'], FILTER_VALIDATE_IP)) {
|
||||||
|
$status->addMessage('Invalid value for allowed IPs', 'danger');
|
||||||
|
$good_input = false;
|
||||||
|
} else {
|
||||||
|
$wg_allowedips = escapeshellarg($_POST['wg_allowedips']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST['wg_pkeepalive'])) {
|
if (isset($_POST['wg_pkeepalive'])) {
|
||||||
$wg_pkeepalive = strip_tags(trim($_POST['wg_pkeepalive']));
|
if (strlen($_POST['wg_pkeepalive']) > 4 || !is_numeric($_POST['wg_pkeepalive'])) {
|
||||||
|
$status->addMessage('Invalid value for persistent keepalive', 'danger');
|
||||||
|
$good_input = false;
|
||||||
|
} else {
|
||||||
|
$wg_pkeepalive = escapeshellarg($_POST['wg_pkeepalive']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST['wg_peerpubkey'])) {
|
if (isset($_POST['wg_peerpubkey'])) {
|
||||||
$wg_endpoint = strip_tags(trim($_POST['wg_peerpubkey']));
|
$wg_endpoint = strip_tags(trim($_POST['wg_peerpubkey']));
|
||||||
}
|
}
|
||||||
file_put_contents("/tmp/wgdata", $config);
|
// Save settings
|
||||||
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
|
if ($good_input) {
|
||||||
|
file_put_contents("/tmp/wgdata", $config);
|
||||||
|
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
|
||||||
|
foreach ($return as $line) {
|
||||||
|
$status->addMessage($line, 'info');
|
||||||
|
}
|
||||||
|
}
|
||||||
if ($return == 0) {
|
if ($return == 0) {
|
||||||
$status->addMessage('Wireguard configuration updated successfully', 'success');
|
$status->addMessage('Wireguard configuration updated successfully', 'success');
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -51,8 +73,18 @@ function DisplayWireGuardConfig()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
|
// fetch wg config
|
||||||
|
exec('sudo cat '. RASPI_WIREGUARD_CONFIG, $return);
|
||||||
|
$conf = ParseConfig($return);
|
||||||
|
$wg_port = $conf['ListenPort'];
|
||||||
|
$wg_ipaddress = $conf['Address'];
|
||||||
|
$wg_pubkey = $conf['PublicKey'];
|
||||||
|
$wg_endpoint = $conf['Endpoint'];
|
||||||
|
$wg_allowedips = $conf['AllowedIPs'];
|
||||||
|
$wg_pkeepalive = $conf['PersistentKeepalive'];
|
||||||
|
|
||||||
|
// fetch service status
|
||||||
|
exec('pidof wg-crypt-wg0 | wc -l', $wgstatus);
|
||||||
$serviceStatus = $wgstatus[0] == 0 ? "down" : "up";
|
$serviceStatus = $wgstatus[0] == 0 ? "down" : "up";
|
||||||
$wg_state = ($wgstatus[0] > 0);
|
$wg_state = ($wgstatus[0] > 0);
|
||||||
|
|
||||||
|
|
@ -63,10 +95,12 @@ function DisplayWireGuardConfig()
|
||||||
"serviceStatus",
|
"serviceStatus",
|
||||||
"endpoint_enable",
|
"endpoint_enable",
|
||||||
"peer_id",
|
"peer_id",
|
||||||
|
"wg_port",
|
||||||
|
"wg_ipaddress",
|
||||||
|
"wg_pubkey",
|
||||||
"wg_endpoint",
|
"wg_endpoint",
|
||||||
"wg_allowedips",
|
"wg_allowedips",
|
||||||
"wg_pkeepalive",
|
"wg_pkeepalive"
|
||||||
"wg_peerpubkey"
|
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -41,5 +41,7 @@ www-data ALL=(ALL) NOPASSWD:/etc/raspap/adblock/update_blocklist.sh
|
||||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick up wg0
|
||||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg-quick down wg0
|
||||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg0.conf
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -36,7 +36,7 @@
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="form-group col-md-6">
|
<div class="form-group col-md-6">
|
||||||
<label for="code"><?php echo _("IP Address"); ?></label>
|
<label for="code"><?php echo _("IP Address"); ?></label>
|
||||||
<input type="text" class="form-control" name="RangeEnd" value="<?php echo htmlspecialchars($RangeEnd, ENT_QUOTES); ?>" />
|
<input type="text" class="form-control" name="wg_ipaddress" value="<?php echo htmlspecialchars($wg_ipaddress, ENT_QUOTES); ?>" />
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue