mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Handle server/peer enable states
This commit is contained in:
parent
6d9eaceef7
commit
cb58e31089
@ -34,7 +34,10 @@ function DisplayWireGuardConfig()
|
|||||||
$wg_srvport = ($conf['ListenPort'] == '') ? getDefaultNetValue('wireguard','server','ListenPort') : $conf['ListenPort'];
|
$wg_srvport = ($conf['ListenPort'] == '') ? getDefaultNetValue('wireguard','server','ListenPort') : $conf['ListenPort'];
|
||||||
$wg_srvipaddress = ($conf['Address'] == '') ? getDefaultNetValue('wireguard','server','Address') : $conf['Address'];
|
$wg_srvipaddress = ($conf['Address'] == '') ? getDefaultNetValue('wireguard','server','Address') : $conf['Address'];
|
||||||
$wg_srvdns = ($conf['DNS'] == '') ? getDefaultNetValue('wireguard','server','DNS') : $conf['DNS'];
|
$wg_srvdns = ($conf['DNS'] == '') ? getDefaultNetValue('wireguard','server','DNS') : $conf['DNS'];
|
||||||
$wg_peerpubkey = $conf['PublicKey'];
|
$wg_peerpubkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-peer-public.key', $return);
|
||||||
|
if (sizeof($conf) >0) {
|
||||||
|
$wg_senabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
// todo: iterate multiple peer configs
|
// todo: iterate multiple peer configs
|
||||||
exec('sudo cat '. RASPI_WIREGUARD_PATH.'client.conf', $preturn);
|
exec('sudo cat '. RASPI_WIREGUARD_PATH.'client.conf', $preturn);
|
||||||
@ -64,6 +67,7 @@ function DisplayWireGuardConfig()
|
|||||||
"wg_srvport",
|
"wg_srvport",
|
||||||
"wg_srvipaddress",
|
"wg_srvipaddress",
|
||||||
"wg_srvdns",
|
"wg_srvdns",
|
||||||
|
"wg_senabled",
|
||||||
"wg_penabled",
|
"wg_penabled",
|
||||||
"wg_pipaddress",
|
"wg_pipaddress",
|
||||||
"wg_plistenport",
|
"wg_plistenport",
|
||||||
@ -86,7 +90,8 @@ function SaveWireGuardConfig($status)
|
|||||||
// Set defaults
|
// Set defaults
|
||||||
$good_input = true;
|
$good_input = true;
|
||||||
$peer_id = 1;
|
$peer_id = 1;
|
||||||
// Validate input
|
// Validate server input
|
||||||
|
if ($_POST['wg_senabled'] == 1) {
|
||||||
if (isset($_POST['wg_srvport'])) {
|
if (isset($_POST['wg_srvport'])) {
|
||||||
if (strlen($_POST['wg_srvport']) > 5 || !is_numeric($_POST['wg_srvport'])) {
|
if (strlen($_POST['wg_srvport']) > 5 || !is_numeric($_POST['wg_srvport'])) {
|
||||||
$status->addMessage('Invalid value for server local port', 'danger');
|
$status->addMessage('Invalid value for server local port', 'danger');
|
||||||
@ -105,18 +110,21 @@ function SaveWireGuardConfig($status)
|
|||||||
$good_input = false;
|
$good_input = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST['wg_pipaddress'])) {
|
|
||||||
if (!validateCidr($_POST['wg_pipaddress'])) {
|
|
||||||
$status->addMessage('Invalid value for peer IP address', 'danger');
|
|
||||||
$good_input = false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (isset($_POST['wg_srvdns'])) {
|
if (isset($_POST['wg_srvdns'])) {
|
||||||
if (!filter_var($_POST['wg_srvdns'],FILTER_VALIDATE_IP)) {
|
if (!filter_var($_POST['wg_srvdns'],FILTER_VALIDATE_IP)) {
|
||||||
$status->addMessage('Invalid value for DNS', 'danger');
|
$status->addMessage('Invalid value for DNS', 'danger');
|
||||||
$good_input = false;
|
$good_input = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
// Validate peer input
|
||||||
|
if ($_POST['wg_penabled'] == 1) {
|
||||||
|
if (isset($_POST['wg_pipaddress'])) {
|
||||||
|
if (!validateCidr($_POST['wg_pipaddress'])) {
|
||||||
|
$status->addMessage('Invalid value for peer IP address', 'danger');
|
||||||
|
$good_input = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) {
|
if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) {
|
||||||
$wg_pendpoint_seg = substr($_POST['wg_pendpoint'],0,strpos($_POST['wg_pendpoint'],':'));
|
$wg_pendpoint_seg = substr($_POST['wg_pendpoint'],0,strpos($_POST['wg_pendpoint'],':'));
|
||||||
if (!filter_var($wg_pendpoint_seg,FILTER_VALIDATE_IP)) {
|
if (!filter_var($wg_pendpoint_seg,FILTER_VALIDATE_IP)) {
|
||||||
@ -136,13 +144,13 @@ function SaveWireGuardConfig($status)
|
|||||||
$good_input = false;
|
$good_input = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
// Save settings
|
// Save settings
|
||||||
if ($good_input) {
|
if ($good_input) {
|
||||||
// fetch private keys from filesytem
|
|
||||||
$wg_srvprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-server-private.key', $return);
|
|
||||||
$wg_peerprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-peer-private.key', $return);
|
|
||||||
|
|
||||||
// server (wg0.conf)
|
// server (wg0.conf)
|
||||||
|
if ($_POST['wg_senabled'] == 1) {
|
||||||
|
// fetch server private key from filesytem
|
||||||
|
$wg_srvprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-server-private.key', $return);
|
||||||
$config[] = '[Interface]';
|
$config[] = '[Interface]';
|
||||||
$config[] = 'Address = '.$_POST['wg_srvipaddress'];
|
$config[] = 'Address = '.$_POST['wg_srvipaddress'];
|
||||||
$config[] = 'ListenPort = '.$_POST['wg_srvport'];
|
$config[] = 'ListenPort = '.$_POST['wg_srvport'];
|
||||||
@ -162,8 +170,16 @@ function SaveWireGuardConfig($status)
|
|||||||
|
|
||||||
file_put_contents("/tmp/wgdata", $config);
|
file_put_contents("/tmp/wgdata", $config);
|
||||||
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
|
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_CONFIG, $return);
|
||||||
|
} else {
|
||||||
|
# remove selected conf + keys
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-server-private.key', $return);
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-server-public.key', $return);
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_CONFIG, $return);
|
||||||
|
}
|
||||||
// client1 (client.conf)
|
// client1 (client.conf)
|
||||||
|
if ($_POST['wg_penabled'] == 1) {
|
||||||
|
// fetch peer private key from filesystem
|
||||||
|
$wg_peerprivkey = exec('sudo cat '. RASPI_WIREGUARD_PATH .'wg-peer-private.key', $return);
|
||||||
$config = [];
|
$config = [];
|
||||||
$config[] = '[Interface]';
|
$config[] = '[Interface]';
|
||||||
$config[] = 'Address = '.trim($_POST['wg_pipaddress']);
|
$config[] = 'Address = '.trim($_POST['wg_pipaddress']);
|
||||||
@ -182,6 +198,12 @@ function SaveWireGuardConfig($status)
|
|||||||
|
|
||||||
file_put_contents("/tmp/wgdata", $config);
|
file_put_contents("/tmp/wgdata", $config);
|
||||||
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_PATH.'client.conf', $return);
|
system('sudo cp /tmp/wgdata '.RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||||
|
} else {
|
||||||
|
# remove selected conf + keys
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-peer-private.key', $return);
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_PATH .'wg-peer-public.key', $return);
|
||||||
|
system('sudo rm '. RASPI_WIREGUARD_PATH.'client.conf', $return);
|
||||||
|
}
|
||||||
|
|
||||||
// handle log option
|
// handle log option
|
||||||
if ($_POST['wg_log'] == "1") {
|
if ($_POST['wg_log'] == "1") {
|
||||||
|
@ -50,4 +50,6 @@ www-data ALL=(ALL) NOPASSWD:/bin/systemctl * wg-quick@wg0
|
|||||||
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
www-data ALL=(ALL) NOPASSWD:/usr/bin/wg
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/*.conf
|
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/*.conf
|
||||||
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg-*.key
|
www-data ALL=(ALL) NOPASSWD:/bin/cat /etc/wireguard/wg-*.key
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/wireguard/*.conf
|
||||||
|
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/wireguard/wg-*.key
|
||||||
|
|
||||||
|
@ -4,13 +4,13 @@
|
|||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<h4 class="mt-3"><?php echo _("Tunnel settings"); ?></h4>
|
<h4 class="mt-3"><?php echo _("Tunnel settings"); ?></h4>
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input type="hidden" name="tunnel-enable" value="0">
|
|
||||||
<div class="custom-control custom-switch">
|
<div class="custom-control custom-switch">
|
||||||
<input class="custom-control-input" id="tunnel-enable" type="checkbox" name="tunnel-enable" value="1" <?php echo $enabled ? ' checked="checked"' : "" ?> aria-describedby="tunnel-description">
|
<input class="custom-control-input" id="server_enabled" type="checkbox" name="wg_senabled" value="1" <?php echo $wg_senabled ? ' checked="checked"' : "" ?> aria-describedby="server-description">
|
||||||
<label class="custom-control-label" for="tunnel-enable"><?php echo _("Enable tunnel") ?></label>
|
<label class="custom-control-label" for="server_enabled"><?php echo _("Enable server") ?></label>
|
||||||
</div>
|
</div>
|
||||||
<p id="wg-description">
|
<p id="wg-description">
|
||||||
<small><?php echo _("Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers.") ?></small>
|
<small><?php echo _("Enable this option to encrypt traffic by creating a tunnel between RaspAP and configured peers.") ?></small>
|
||||||
|
<small><?php echo _("This option adds <code>wg0.conf</code> to the WireGuard configuration.") ?></small>
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
@ -4,12 +4,15 @@
|
|||||||
<div class="col-md-6">
|
<div class="col-md-6">
|
||||||
<h4 class="mt-3"><?php echo _("Peer"); ?></h4>
|
<h4 class="mt-3"><?php echo _("Peer"); ?></h4>
|
||||||
<div class="input-group">
|
<div class="input-group">
|
||||||
<input type="hidden" name="endpoint-enable" value="0">
|
|
||||||
<input type="hidden" name="peer_id" value="1">
|
<input type="hidden" name="peer_id" value="1">
|
||||||
<div class="custom-control custom-switch">
|
<div class="custom-control custom-switch">
|
||||||
<input class="custom-control-input" id="endpoint_enable" type="checkbox" name="endpoint-enable" value="1" <?php echo $enabled ? ' checked="checked"' : "" ?> aria-describedby="endpoint-description">
|
<input class="custom-control-input" id="peer_enabled" type="checkbox" name="wg_penabled" value="1" <?php echo $wg_penabled ? ' checked="checked"' : "" ?> aria-describedby="endpoint-description">
|
||||||
<label class="custom-control-label" for="endpoint_enable"><?php echo _("Enable endpoint") ?></label>
|
<label class="custom-control-label" for="peer_enabled"><?php echo _("Enable peer") ?></label>
|
||||||
</div>
|
</div>
|
||||||
|
<p id="wg-description">
|
||||||
|
<small><?php echo _("Enable this option to encrypt traffic by creating a tunnel between RaspAP and this peer.") ?></small>
|
||||||
|
<small><?php echo _("This option adds <code>client.conf</code> to the WireGuard configuration.") ?></small>
|
||||||
|
</p>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="row">
|
<div class="row">
|
||||||
|
Loading…
Reference in New Issue
Block a user