smecontribs/smeserver-wireguard
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: smecontribs:1_0-23_el8_sme
Branches Tags
smecontribs:master
smecontribs:1_0-28_el8_sme smecontribs:1_0-27_el8_sme smecontribs:1_0-26_el8_sme smecontribs:1_0-25_el8_sme smecontribs:1_0-24_el8_sme smecontribs:1_0-23_el8_sme smecontribs:1.0-21
...
compare: smecontribs:master
Branches Tags
smecontribs:master
smecontribs:1_0-28_el8_sme smecontribs:1_0-27_el8_sme smecontribs:1_0-26_el8_sme smecontribs:1_0-25_el8_sme smecontribs:1_0-24_el8_sme smecontribs:1_0-23_el8_sme smecontribs:1.0-21

5 Commits
1_0-23_el8 ... master

Author SHA1 Message Date
Brian Read
a2c3f3cdb4 * Fri Oct 03 2025 Brian Read <brianr@koozali.org> 1.0-28.sme 
- Add in UTF8 to ConfigDB open [SME: 13209]
 2025-10-03 15:33:04 +01:00
Brian Read
367e4da9e8 * Fri Oct 03 2025 Brian Read <brianr@koozali.org> 1.0-27.sme 
- Remove smanager-refresh from spec file [SME: 13212]
 2025-10-03 13:10:43 +01:00
Brian Read
5858500b80 * Fri Sep 26 2025 Brian Read <brianr@koozali.org> 1.0-26.sme 
- Fix remove logic, add in user name to rem panel re-format templates,  add space to list panel [SME: 13168]
 2025-09-26 11:16:13 +01:00
Brian Read
2e7e5047d8 * Thu Sep 25 2025 Brian Read <brianr@koozali.org> 1.0-25.sme 
- Sort outy Remove panel placement and operation of buttons [SME: 13168]
 2025-09-25 19:02:35 +01:00
Brian Read
bd88797db8 * Wed Sep 24 2025 Brian Read <brianr@koozali.org> 1.0-24.sme 
- Sort out access to DB vis a vis caching [SME: 13168]
 2025-09-24 15:04:09 +01:00
6 changed files with 578 additions and 596 deletions
Expand all files Collapse all files

420
root/usr/share/smanager/lib/SrvMngr/Controller/Wireguard.pm
View File

@@ -15,75 +15,67 @@ package SrvMngr::Controller::Wireguard;
use strict; use strict;
use warnings; use warnings;
use Mojo::Base 'Mojolicious::Controller'; use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext; use Locale::gettext;
use SrvMngr::I18N; use SrvMngr::I18N;
use SrvMngr qw( theme_list init_session is_normal_password ); use SrvMngr qw( theme_list init_session is_normal_password );
use esmith::ConfigDB::UTF8;
use esmith::ConfigDB;
use Net::IP; use Net::IP;
my $adb;
our $adb = esmith::AccountsDB->open() || die "Couldn't open accounts DB\ndb"; my $cdb;
our $cdb = esmith::ConfigDB->open() || die "Couldn't open config DB\n"; my $wdb;
our $wdb = esmith::ConfigDB->open('wireguard') || esmith::ConfigDB->create('wireguard'); my $ndb;
our $ndb = esmith::NetworksDB->open_ro || die "Error opening networks DB\n";
sub main { sub main {
my $c = shift; my $c = shift;
$c->app->log->info($c->log_req); $c->app->log->info($c->log_req);
my %wrg_datas = (); my %wrg_datas = ();
$wdb = esmith::ConfigDB::UTF8->open('wireguard') || esmith::ConfigDB::UTF8->create('wireguard');
my $title = $c->l('wrg_FORM_TITLE'); my $title = $c->l('wrg_FORM_TITLE');
$wrg_datas{'trt'} = 'LST'; $wrg_datas{'trt'} = 'LST';
$cdb = esmith::ConfigDB::UTF8->open() || die "Couldn't open config DB\n";
$cdb = esmith::ConfigDB->open() || die "Couldn't open config DB\n";
my $wg = $cdb->get('wg-quick@wg0'); my $wg = $cdb->get('wg-quick@wg0');
$wrg_datas{'wgpub'} = $wg->prop('public'); $wrg_datas{'wgpub'} = $wg->prop('public');
$wrg_datas{'wgip'} = $wg->prop('ip'); $wrg_datas{'wgip'} = $wg->prop('ip');
$wrg_datas{'wgmask'} = $wg->prop('mask'); $wrg_datas{'wgmask'} = $wg->prop('mask');
$wrg_datas{'wgport'} = $wg->prop('UDPPort'); $wrg_datas{'wgport'} = $wg->prop('UDPPort');
$wrg_datas{'sstatus'} = $wg->prop('status'); $wrg_datas{'sstatus'} = $wg->prop('status');
my @wgstatus = `/usr/bin/wg show wg0 dump`; my @wgstatus = `/usr/bin/wg show wg0 dump`;
my $type = 'wg0'; my $type = 'wg0';
my @wgconf = $wdb->get_all_by_prop(type=>$type); my @wgconf = $wdb->get_all_by_prop(type => $type);
$c->stash(
$c->stash( title => $title, wrg_datas => \%wrg_datas, title => $title,
wgstatus => \@wgstatus, wgconf => \@wgconf ); wrg_datas => \%wrg_datas,
wgstatus => \@wgstatus,
wgconf => \@wgconf
);
$c->render(template => 'wireguard'); $c->render(template => 'wireguard');
} ## end sub main
};
sub do_display { sub do_display {
my $c = shift; my $c = shift;
$c->app->log->info($c->log_req); $c->app->log->info($c->log_req);
my $rt = $c->current_route; my $rt = $c->current_route;
my $trt = ($c->param('trt') || ''); my $trt = ($c->param('trt') || '');
my $wgconf = $c->param('Wgconf') || ''; my $wgconf = $c->param('Wgconf') || '';
my %wrg_datas = (); my %wrg_datas = ();
my $title = $c->l('wrg_FORM_TITLE'); my $title = $c->l('wrg_FORM_TITLE');
my $modul = ''; my $modul = '';
$adb = esmith::AccountsDB->open() || die "Couldn't open accounts DB\ndb";
$cdb = esmith::ConfigDB::UTF8->open() || die "Couldn't open config DB\n";
$wdb = esmith::ConfigDB::UTF8->open('wireguard') || esmith::ConfigDB::UTF8->create('wireguard');
#$ndb = esmith::NetworksDB->open_ro || die "Error opening networks DB\n";
$wrg_datas{'trt'} = $trt; $wrg_datas{'trt'} = $trt;
if ( $trt eq 'QRC' ) { if ($trt eq 'QRC') {
$wrg_datas{'wgconf'} = $wgconf; $wrg_datas{'wgconf'} = $wgconf;
} }
if ( $trt eq 'MOD' ) { if ($trt eq 'MOD') {
$wrg_datas{'wgconf'} = $wgconf; $wrg_datas{'wgconf'} = $wgconf;
my $rec = $wdb->get($wgconf); my $rec = $wdb->get($wgconf);
if ( $rec ) {
if ($rec) {
$wrg_datas{'info'} = $rec->prop('info') || ''; $wrg_datas{'info'} = $rec->prop('info') || '';
$wrg_datas{'allowedips'} = $rec->prop('allowedips') || ''; $wrg_datas{'allowedips'} = $rec->prop('allowedips') || '';
$wrg_datas{'private'} = $rec->prop('private') || ''; $wrg_datas{'private'} = $rec->prop('private') || '';
@@ -91,148 +83,150 @@ sub do_display {
$wrg_datas{'account'} = $rec->prop('user') || ''; $wrg_datas{'account'} = $rec->prop('user') || '';
$wrg_datas{'status'} = $rec->prop('status') || ''; $wrg_datas{'status'} = $rec->prop('status') || '';
$wrg_datas{'dns'} = $rec->prop('dns') || ''; $wrg_datas{'dns'} = $rec->prop('dns') || '';
} } ## end if ($rec)
} } ## end if ($trt eq 'MOD')
if ( $trt eq 'REM' ) { if ($trt eq 'REM') {
$wrg_datas{'wgconf'} = $wgconf; $wrg_datas{'wgconf'} = $wgconf;
my $rec = $wdb->get($wgconf); my $rec = $wdb->get($wgconf);
$wrg_datas{'wgcomment'} = $rec->prop('info') || ''; $wrg_datas{'wgcomment'} = $rec->prop('info') || '';
} }
if ( $trt eq 'NEW' ) { if ($trt eq 'NEW') {
# nothing for a new client # nothing for a new client
} }
if ( $trt eq 'UPD' ) { if ($trt eq 'UPD') {
my $wg = $cdb->get('wg-quick@wg0'); my $wg = $cdb->get('wg-quick@wg0');
$wrg_datas{'ip'} = $wg->prop('ip'); $wrg_datas{'ip'} = $wg->prop('ip');
$wrg_datas{'mask'} = $wg->prop('mask'); $wrg_datas{'mask'} = $wg->prop('mask');
$wrg_datas{'private'} = $wg->prop('private'); $wrg_datas{'private'} = $wg->prop('private');
$wrg_datas{'public'} = $wg->prop('public'); $wrg_datas{'public'} = $wg->prop('public');
$wrg_datas{'status'} = $wg->prop('status'); $wrg_datas{'status'} = $wg->prop('status');
} } ## end if ($trt eq 'UPD')
if ( $trt eq 'LST' ) { if ($trt eq 'LST') {
my @wgss = $adb->wgss(); my @wgss = $adb->wgss();
$c->stash( wgss => \@wgss ); $c->stash(wgss => \@wgss);
} }
$c->stash(title => $title, modul => $modul, wrg_datas => \%wrg_datas);
$c->stash( title => $title, modul => $modul, wrg_datas => \%wrg_datas ); $c->render(template => 'wireguard');
$c->render( template => 'wireguard' ); } ## end sub do_display
};
sub do_action { sub do_action {
my $c = shift; my $c = shift;
$c->app->log->info($c->log_req); $c->app->log->info($c->log_req);
my $rt = $c->current_route; my $rt = $c->current_route;
my $trt = ($c->param('trt') || ''); my $trt = ($c->param('trt') || '');
my %wrg_datas = (); my %wrg_datas = ();
my $title = $c->l('wrg_FORM_TITLE'); my $title = $c->l('wrg_FORM_TITLE');
$wrg_datas{'trt'} = $trt; $wrg_datas{'trt'} = $trt;
my $result = ''; my $result = '';
my $res = ''; my $res = '';
$adb = esmith::AccountsDB->open() || die "Couldn't open accounts DB\ndb";
$cdb = esmith::ConfigDB::UTF8->open() || die "Couldn't open config DB\n";
$wdb = esmith::ConfigDB::UTF8->open('wireguard') || esmith::ConfigDB::UTF8->create('wireguard');
$ndb = esmith::NetworksDB->open_ro || die "Error opening networks DB\n";
if ($trt eq 'QRC') {
if ( $trt eq 'QRC' ) {
# NEVER # NEVER
} }
if ( $trt eq 'LST' ) { if ($trt eq 'LST') {
# NEVER # NEVER
} }
if ( $trt eq 'MOD' ) { if ($trt eq 'MOD') {
$wrg_datas{'wgconf'} = $c->param('Wgconf'); $wrg_datas{'wgconf'} = $c->param('Wgconf');
# controls # controls
$res = 'OK'; # no controls here... $res = 'OK'; # no controls here...
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = performModifyClient( $c ); if (!$result) {
$res = performModifyClient($c);
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
if (!$result) {
$result = $c->l('wrg_SUCCESSFULLY_MODIFIED_CONF'); $result = $c->l('wrg_SUCCESSFULLY_MODIFIED_CONF');
} }
} } ## end if (!$result)
} } ## end if ($trt eq 'MOD')
if ( $trt eq 'REM' ) { if ($trt eq 'REM') {
if ($c->param("cancel")) { if ($c->param("cancel")) {
$c->stash( error => $c->l('wrg_CANCELLED') ); $c->stash(error => $c->l('wrg_CANCELLED'));
$c->redirect_to('/wireguard'); $c->redirect_to('/wireguard');
} }
# controls # controls
$res = 'OK'; # no controls here... $res = 'OK'; # no controls here...
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = performRemoveClient( $c ); if (!$result) {
$res = performRemoveClient($c);
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
if (!$result) {
$result = $c->l('wrg_SUCCESSFULLY_REMOVED_CONF'); $result = $c->l('wrg_SUCCESSFULLY_REMOVED_CONF');
} }
} } ## end if (!$result)
} } ## end if ($trt eq 'REM')
if ( $trt eq 'NEW' ) { if ($trt eq 'NEW') {
# controls # controls
$res = 'OK'; # no controls here... $res = 'OK'; # no controls here...
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = performCreateClient( $c ); if (!$result) {
$res = performCreateClient($c);
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
if (!$result) {
$result = $c->l('wrg_SUCCESSFULLY_ADDED_CONF'); $result = $c->l('wrg_SUCCESSFULLY_ADDED_CONF');
} }
} } ## end if (!$result)
} } ## end if ($trt eq 'NEW')
if ( $trt eq 'UPD' ) { if ($trt eq 'UPD') {
# controls # controls
$res = 'OK'; # no controls here... $res = 'OK'; # no controls here...
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = performUpdateConfig( $c ); if (!$result) {
$res = performUpdateConfig($c);
$result .= $res unless $res eq 'OK'; $result .= $res unless $res eq 'OK';
if ( ! $result ) {
if (!$result) {
$result = $c->l('wrg_SUCCESSFULLY_UPDATED_CONF'); $result = $c->l('wrg_SUCCESSFULLY_UPDATED_CONF');
} }
} } ## end if (!$result)
} } ## end if ($trt eq 'UPD')
# common parts # common parts
if ($res ne 'OK') { if ($res ne 'OK') {
$c->stash( error => $result ); $c->stash(error => $result);
$c->stash( title => $title, wrg_datas => \%wrg_datas ); $c->stash(title => $title, wrg_datas => \%wrg_datas);
return $c->render('wireguard'); return $c->render('wireguard');
} }
#force reload as successfull (for Main) #force reload as successfull (for Main)
$wdb = esmith::ConfigDB->open('wireguard'); $wdb = esmith::ConfigDB::UTF8->open('wireguard');
my $message = "'Wireguard' update ($trt) DONE"; my $message = "'Wireguard' update ($trt) DONE";
$c->app->log->info($message); $c->app->log->info($message);
$c->flash( success => $result ); $c->flash(success => $result);
$c->redirect_to('/wireguard'); $c->redirect_to('/wireguard');
} } ## end sub do_action
# action for 'MOD' # action for 'MOD'
sub performModifyClient{ sub performModifyClient {
my $c = shift; my $c = shift;
my $msg = "OK"; my $msg = "OK";
my $wgacc = $c->param('Wgconf'); my $wgacc = $c->param('Wgconf');
my $account = $c->param('Account'); my $account = $c->param('Account');
my $private = $c->param('Private') || ''; my $private = $c->param('Private') || '';
@@ -242,52 +236,44 @@ sub performModifyClient{
my $allowedips = $c->param('Allowedips') || ''; my $allowedips = $c->param('Allowedips') || '';
#todo validate fields #todo validate fields
# Untaint info and account before use in system()
# Untaint info and account before use in system()
($info) = $info =~ /([A-Za-z0-9_\-. ]+)/; ($info) = $info =~ /([A-Za-z0-9_\-. ]+)/;
# trim both ends
# trim both ends
$info =~ s/^ +| +$//g; $info =~ s/^ +| +$//g;
($account) = $account =~ /([A-Za-z0-9_-]+)/; ($account) = $account =~ /([A-Za-z0-9_-]+)/;
return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($account and $info); return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($account and $info);
my %props = (
my %props = ('user' => $account 'user' => $account,
,'private' => $private 'private' => $private,
,'public' => $public 'public' => $public,
,'info' => $info 'info' => $info,
,'status' => $status 'status' => $status,
,'allowedips' => $allowedips 'allowedips' => $allowedips
); );
$wdb->get($wgacc)->merge_props(%props) $wdb->get($wgacc)->merge_props(%props)
or $msg = "Error occurred while modifying pseudonym in database."; or $msg = "Error occurred while modifying pseudonym in database.";
# Untaint before use in system() # Untaint before use in system()
($wgacc) = ($wgacc =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/); ($wgacc) = ($wgacc =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
system( "/sbin/e-smith/signal-event", "wireguard-user-modify", "$wgacc",) system("/sbin/e-smith/signal-event", "wireguard-user-modify", "$wgacc",) == 0
== 0 or $msg = "Error occurred while modifying wirequard account."; or $msg = "Error occurred while modifying wirequard account.";
return "$msg";
return "$msg" } ## end sub performModifyClient
}
# action for 'NEW' # action for 'NEW'
sub performCreateClient { sub performCreateClient {
my $c = shift; my $c = shift;
my $type = shift; my $type = shift;
my $username = $c->param('Account'); my $username = $c->param('Account');
my $info = $c->param('Info'); my $info = $c->param('Info');
# Untaint info and account before use in system() # Untaint info and account before use in system()
($info) = $info =~ /([A-Za-z0-9_\-. ]+)/; ($info) = $info =~ /([A-Za-z0-9_\-. ]+)/;
# trim both ends
# trim both ends
$info =~ s/^ +| +$//g; $info =~ s/^ +| +$//g;
($username) = $username =~ /([A-Za-z0-9_-]+)/; ($username) = $username =~ /([A-Za-z0-9_-]+)/;
return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($username and $info); return $c->l('wrg_ERROR_FIELD_CONTENT') unless ($username and $info);
#get username #get username
@@ -296,20 +282,16 @@ sub performCreateClient {
$username = $user->key; $username = $user->key;
# execute the event wireguard-user-create username info # execute the event wireguard-user-create username info
unless ( system ("/sbin/e-smith/signal-event", "wireguard-user-create", "$username" , "$info") == 0 ){ unless (system("/sbin/e-smith/signal-event", "wireguard-user-create", "$username", "$info") == 0) {
return $c->error('wrg_ERROR_OCCURED'); return $c->error('wrg_ERROR_OCCURED');
} }
return 'OK'; return 'OK';
} } ## end sub performCreateClient
# action for 'UPD' # action for 'UPD'
sub performUpdateConfig { sub performUpdateConfig {
my $c = shift; my $c = shift;
my $msg = "OK"; my $msg = "OK";
my $ip = $c->param('Ip'); my $ip = $c->param('Ip');
my $mask = $c->param('Mask'); my $mask = $c->param('Mask');
my $private = $c->param('Private'); my $private = $c->param('Private');
@@ -317,122 +299,108 @@ sub performUpdateConfig {
my $status = $c->param('Status'); my $status = $c->param('Status');
unless (defined $private) { unless (defined $private) {
$private =`/usr/bin/wg genkey`; $private = `/usr/bin/wg genkey`;
($private) = ($private =~ /(\w+)/); ($private) = ($private =~ /(\w+)/);
$public = `/usr/bin/echo $private | /usr/bin/wg pubkey`; $public = `/usr/bin/echo $private | /usr/bin/wg pubkey`;
} }
# we get number of entries in wireguard db # we get number of entries in wireguard db
my @num=$wdb->get_all_by_prop(type=>"wg0"); my @num = $wdb->get_all_by_prop(type => "wg0");
if ( scalar @num >0 ) {
if (scalar @num > 0) {
# we get current values # we get current values
my $pprivate=$cdb->get('wg-quick@wg0')->prop('private'); my $pprivate = $cdb->get('wg-quick@wg0')->prop('private');
my $ppublic=$cdb->get('wg-quick@wg0')->prop('public'); my $ppublic = $cdb->get('wg-quick@wg0')->prop('public');
my $pip=$cdb->get('wg-quick@wg0')->prop('ip'); my $pip = $cdb->get('wg-quick@wg0')->prop('ip');
my $pmask=$cdb->get('wg-quick@wg0')->prop('mask'); my $pmask = $cdb->get('wg-quick@wg0')->prop('mask');
# if # entries >0 and private |public | ip is chnaged then we push an error and stop # if # entries >0 and private |public | ip is chnaged then we push an error and stop
if ($pprivate ne $private || $ppublic ne $public || $pip ne $ip || $mask ne $pmask) { if ($pprivate ne $private || $ppublic ne $public || $pip ne $ip || $mask ne $pmask) {
return $c->l('wrg_CLIENTS_ALREADY_CONFIGURED'); return $c->l('wrg_CLIENTS_ALREADY_CONFIGURED');
} }
} } ## end if (scalar @num > 0)
#todo validate fields #todo validate fields
my %props = (
my %props = ('ip' => $ip 'ip' => $ip,
,'mask' => $mask 'mask' => $mask,
,'private' => $private 'private' => $private,
,'public' => $public 'public' => $public,
,'status' => $status 'status' => $status
); );
# Test Ip is inside CIDR # Test Ip is inside CIDR
if (!test_for_private_ip($ip,$mask)) { if (!test_for_private_ip($ip, $mask)) {
$msg = "IP must be in private range"; $msg = "IP must be in private range";
#$fm->error($msg);return; #$fm->error($msg);return;
} }
$cdb->get('wg-quick@wg0')->merge_props(%props) $cdb->get('wg-quick@wg0')->merge_props(%props)
or $msg = "Error occurred while modifying server details."; or $msg = "Error occurred while modifying server details.";
if ($msg eq "OK") {
if ($msg eq "OK"){
# Untaint before use in system() # Untaint before use in system()
($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/); ($ip) = ($ip =~ /(\d+\.+\d+\.+\d+\.+\d+\.+\/\d+\.+)/);
system( "/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",) system("/sbin/e-smith/signal-event", "wireguard-conf-modify", "$ip",) == 0
== 0 or $msg = "Error occurred while modifying wireguard conf."; or $msg = "Error occurred while modifying wireguard conf.";
} } ## end if ($msg eq "OK")
return "$msg"; return "$msg";
} ## end sub performUpdateConfig
}
# action for 'REM' # action for 'REM'
sub performRemoveClient{ sub performRemoveClient {
my ($c) = @_; my ($c) = @_;
my $conf = $c->param('Wgconf'); my $conf = $c->param('Wgconf');
if ($c->param("remove")){
unless ($wdb->get($conf)->delete()){ if ($c->param("remove")) {
unless ($wdb->get($conf)->delete()) {
return $c->l('wrg_ERROR_OCCURED'); return $c->l('wrg_ERROR_OCCURED');
} }
unless (system ("/sbin/e-smith/signal-event", "wireguard-user-delete") == 0 ){
unless (system("/sbin/e-smith/signal-event", "wireguard-user-delete") == 0) {
return $c->l('wrg_ERROR_OCCURED'); return $c->l('wrg_ERROR_OCCURED');
} }
return 'OK'; return 'OK';
} } ## end if ($c->param("remove"...))
return $c->l('wrg_CANCELLED'); return $c->l('wrg_CANCELLED');
} ## end sub performRemoveClient
}
# called from templates # called from templates
sub get_existing_accounts { sub get_existing_accounts {
my $c = shift; my $c = shift;
my @existingAccounts = ('Administrator'); my @existingAccounts = ('Administrator');
foreach my $account ($adb->get_all_by_prop(type=>'user')) { foreach my $account ($adb->get_all_by_prop(type => 'user')) {
push @existingAccounts, $account->key; push @existingAccounts, $account->key;
} }
return \@existingAccounts; return \@existingAccounts;
} ## end sub get_existing_accounts
}
# called from templates # called from templates
sub get_wgs_info { sub get_wgs_info {
my ($c, $attr, $data) = @_; my ($c, $attr, $data) = @_;
return undef if (not defined $attr or not defined $data);
return undef if ( not defined $attr or not defined $data );
my $value; my $value;
$value = $wdb->get("$data")->prop('info') if ( $attr eq 'info' and $wdb->get("$data") ); $value = $wdb->get("$data")->prop('info') if ($attr eq 'info' and $wdb->get("$data"));
$value = $wdb->get("$data")->prop('user') if ( $attr eq 'user' and $wdb->get("$data") ); $value = $wdb->get("$data")->prop('user') if ($attr eq 'user' and $wdb->get("$data"));
return $value; return $value;
} ## end sub get_wgs_info
}
# called from templates # called from templates
sub get_conf_info { sub get_conf_info {
my ($c, $ipacc) = @_;
my ( $c, $ipacc ) = @_;
##my $ipacc = $c->param('Wgconf'); ##my $ipacc = $c->param('Wgconf');
#untaint #untaint
($ipacc) = $ipacc =~ /(\d+\.\d+\.\d+\.\d+\/\d+)/; ($ipacc) = $ipacc =~ /(\d+\.\d+\.\d+\.\d+\/\d+)/;
#get from db
#get from db
# return if does not exist # return if does not exist
my $acc = $wdb->get($ipacc) or return undef; my $acc = $wdb->get($ipacc) or return undef;
# return if current user is not admin or the user # return if current user is not admin or the user
return undef unless $c->is_admin; return undef unless $c->is_admin;
my $key = $acc->key; my $key = $acc->key;
my $info = $acc->prop('info'); my $info = $acc->prop('info');
my $private = $acc->prop('private'); my $private = $acc->prop('private');
@@ -449,9 +417,8 @@ sub get_conf_info {
#DNS #DNS
my $IPAddress = $cdb->get('InternalInterface')->prop('IPAddress'); my $IPAddress = $cdb->get('InternalInterface')->prop('IPAddress');
my $dns = ($allowedips =~ /0.0.0.0\/0/)? "DNS = $IPAddress" : "" ; my $dns = ($allowedips =~ /0.0.0.0\/0/) ? "DNS = $IPAddress" : "";
my $fulltext = "#configuration for $key $info
my $fulltext ="#configuration for $key $info
[Interface] [Interface]
PrivateKey = $private PrivateKey = $private
Address = $key Address = $key
@@ -462,25 +429,17 @@ PublicKey = $ServPublic
AllowedIPs = $allowedips AllowedIPs = $allowedips
Endpoint = $ExternalIP:$Port Endpoint = $ExternalIP:$Port
"; ";
my @fulltext = split( "\n", $fulltext); my @fulltext = split("\n", $fulltext);
return \@fulltext; return \@fulltext;
} ## end sub get_conf_info
}
# called from templates # called from templates
sub get_conf_qr { sub get_conf_qr {
my ($c, $fulltext, $type) = @_;
my ( $c, $fulltext, $type) = @_; my $qr = `echo "$fulltext" |qrencode -t PNG -o - |base64`;
my $qr=`echo "$fulltext" |qrencode -t PNG -o - |base64`;
return $qr; return $qr;
} }
sub get_internet_ip_address { sub get_internet_ip_address {
#we could use DNS to do this faster but some provider will block DNS #we could use DNS to do this faster but some provider will block DNS
@@ -489,32 +448,29 @@ sub get_internet_ip_address {
#here a list of available site with https #here a list of available site with https
use Net::DNS; use Net::DNS;
use LWP::Simple; use LWP::Simple;
my $timeout=1; my $timeout = 1;
my @httpslist = qw(
my @httpslist=qw( checkip.amazonaws.com
checkip.amazonaws.com myexternalip.com/raw
myexternalip.com/raw ifconfig.me/
ifconfig.me/ icanhazip.com/
icanhazip.com/ ident.me/
ident.me/ tnx.nl/ip
tnx.nl/ip ipecho.net/plain
ipecho.net/plain wgetip.com/
wgetip.com/ ip.tyk.nu/
ip.tyk.nu/ bot.whatismyipaddress.com/
bot.whatismyipaddress.com/ ipof.in/txt
ipof.in/txt l2.io/ip
l2.io/ip eth0.me/ );
eth0.me/ );
my @dns = ( my @dns = (
['myip.opendns.com', 'resolver1.opendns.com', 'A'], [ 'myip.opendns.com', 'resolver1.opendns.com', 'A' ],
['myip.opendns.com', 'resolver2.opendns.com', 'A'], [ 'myip.opendns.com', 'resolver2.opendns.com', 'A' ],
['myip.opendns.com', 'resolver3.opendns.com', 'A'], [ 'myip.opendns.com', 'resolver3.opendns.com', 'A' ],
['myip.opendns.com', 'resolver4.opendns.com', 'A'], [ 'myip.opendns.com', 'resolver4.opendns.com', 'A' ],
['whoami.akamai.net', 'ns1-1.akamaitech.net', 'A'], [ 'whoami.akamai.net', 'ns1-1.akamaitech.net', 'A' ],
['o-o.myaddr.l.google.com', 'ns1.google.com', 'TXT'] [ 'o-o.myaddr.l.google.com', 'ns1.google.com', 'TXT' ]
); );
my $ip; my $ip;
#foreach my $i ( 0 .. $#dns) { #foreach my $i ( 0 .. $#dns) {
@@ -525,51 +481,47 @@ eth0.me/ );
udp_timeout => $timeout, udp_timeout => $timeout,
tcp_timeout => $timeout tcp_timeout => $timeout
); );
my $reply = $res->search($dns[$i][0], $dns[$i][2]); my $reply = $res->search($dns[$i][0], $dns[$i][2]);
if ($reply) { if ($reply) {
foreach my $rr ($reply->answer) { foreach my $rr ($reply->answer) {
$ip= $rr->txtdata if $rr->can("txtdata"); $ip = $rr->txtdata if $rr->can("txtdata");
$ip= $rr->address if $rr->can("address"); $ip = $rr->address if $rr->can("address");
# untaint, dns output is tainted # untaint, dns output is tainted
($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/;
return $ip if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; return $ip if $ip =~ /(\d+\.\d+\.\d+\.\d+)/;
} } ## end foreach my $rr ($reply->answer)
} else { } else {
warn "query failed: ", $res->errorstring, "\n"; warn "query failed: ", $res->errorstring, "\n";
} }
#}
#}
# https calls # https calls
my $ii=0; my $ii = 0;
my $service; my $service;
while ( $ii <5 ) {
$service=$httpslist[rand(@httpslist)]; while ($ii < 5) {
$ip = (get "https://$service" ); $service = $httpslist[ rand(@httpslist) ];
$ip = (get "https://$service");
chomp $ip; chomp $ip;
$ii++; $ii++;
last if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; last if $ip =~ /(\d+\.\d+\.\d+\.\d+)/;
} } ## end while ($ii < 5)
# not needed but in case, untaint # not needed but in case, untaint
($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/;
return $ip; return $ip;
} ## end sub get_internet_ip_address
}
sub test_for_private_ip { sub test_for_private_ip {
use NetAddr::IP; use NetAddr::IP;
$_ = shift; $_ = shift;
my $mask = shift; my $mask = shift;
return unless /(\d+\.\d+\.\d+\.\d+)/; return unless /(\d+\.\d+\.\d+\.\d+)/;
my $iprange = NetAddr::IP->new($1,"$mask"); my $iprange = NetAddr::IP->new($1, "$mask");
return unless $iprange; return unless $iprange;
return ($iprange->first()->is_rfc1918() and $iprange->last()->is_rfc1918()); return ($iprange->first()->is_rfc1918() and $iprange->last()->is_rfc1918());
} ## end sub test_for_private_ip
}
1 1
__END__ __END__

2
root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Wireguard/wireguard_en.lex
View File

@@ -46,7 +46,7 @@
'wrg_ERROR_WRONG_ACCT_TYPE' => 'The associated account shoult be a user or admin account.', 'wrg_ERROR_WRONG_ACCT_TYPE' => 'The associated account shoult be a user or admin account.',
'wrg_ERROR_OCCURED' => 'An error occured', 'wrg_ERROR_OCCURED' => 'An error occured',
'wrg_CLIENTS_ALREADY_CONFIGURED' => 'You can not alter the server ip, mask, private and public key as there are already some clients configured.', 'wrg_CLIENTS_ALREADY_CONFIGURED' => 'You can not alter the server ip, mask, private and public key as there are already some clients configured.',
'wrg_NO_CONF' => 'No configured client', 'wrg_NO_CONF' => 'No configured clients',
'wrg_INTERFACE' => 'Interface', 'wrg_INTERFACE' => 'Interface',
'wrg_CANCELLED' => 'Operation cancelled', 'wrg_CANCELLED' => 'Operation cancelled',
'wrg_SUCCESSFULLY_MODIFIED_CONF' => 'Client configuration successfully modified', 'wrg_SUCCESSFULLY_MODIFIED_CONF' => 'Client configuration successfully modified',

48
root/usr/share/smanager/themes/default/templates/partials/_wrg_list.html.ep
View File

@@ -1,59 +1,60 @@
<div id='wrg_list'> <div id='wrg_list'>
<p><%=l 'wrg_DESC_MAIN_PAGE'%><br></p> <p><%= l 'wrg_DESC_MAIN_PAGE' %><br></p>
%= form_for 'wireguard' => (method => 'POST') => begin %= form_for 'wireguard' => (method => 'POST') => begin
%= hidden_field 'trt' => 'UPD' %= hidden_field 'trt' => 'UPD'
<p><%=l 'wrg_LABEL_CONFIG'%><br><br></p> <p><%= l 'wrg_LABEL_CONFIG' %><br><br></p>
%= submit_button l('wrg_EDIT_CONFIG'), class => 'action' %= submit_button l('wrg_EDIT_CONFIG'), class => 'action'
% end % end
<p><span class=label> <p><span class=label>
%=l 'wrg_INTERFACE' %= l 'wrg_INTERFACE'
</span> wg0<br></p> </span> wg0<br></p>
<p><span class=label> <p><span class=label>
%=l 'wrg_LABEL_STATUS' %= l 'wrg_LABEL_STATUS'
</span> </span>
%= $wrg_datas->{sstatus} %= $wrg_datas->{sstatus}
<br></p> <br></p>
<p><span class=label> <p><span class=label>
%=l 'wrg_PUBLIC_KEY' %= l 'wrg_PUBLIC_KEY'
</span> </span>
%= $wrg_datas->{wgpub} %= $wrg_datas->{wgpub}
<br></p> <br></p>
<p><span class=label> <p><span class=label>
%=l 'wrg_IP' %= l 'wrg_IP'
</span> </span>
%= $wrg_datas->{wgip}.'/'.$wrg_datas->{wgmask} %= $wrg_datas->{wgip}.'/'.$wrg_datas->{wgmask}
<br></p> <br></p>
<p><span class=label> <p><span class=label>
%=l 'wrg_PORT' %= l 'wrg_PORT'
</span> </span>
%= $wrg_datas->{wgport} %= $wrg_datas->{wgport}
<br></p> <br></p>
<br />
<table class="sme-border"><tbody> <table class="sme-border"><tbody>
<tr> <tr>
<th class='sme-border'> <th class='sme-border'>
%=l 'wrg_PUBLIC_KEY' %= l 'wrg_PUBLIC_KEY'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_INFO' %= l 'wrg_INFO'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_ENDPOINT' %= l 'wrg_ENDPOINT'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_VPN_IP' %= l 'wrg_VPN_IP'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_LATEST_HANDSHAKE' %= l 'wrg_LATEST_HANDSHAKE'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_RECEIVED' %= l 'wrg_RECEIVED'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_SENT' %= l 'wrg_SENT'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_KEEPALIVE' %= l 'wrg_KEEPALIVE'
</th> </th>
</tr> </tr>
@@ -83,26 +84,27 @@
%= form_for 'wireguard' => (method => 'POST') => begin %= form_for 'wireguard' => (method => 'POST') => begin
<hr class='sectionbar'/> <hr class='sectionbar'/>
<p><%=l 'wrg_LABEL_CLIENTS'%><br><br></p> <p><%= l 'wrg_LABEL_CLIENTS' %><br><br></p>
%= hidden_field 'trt' => 'NEW' %= hidden_field 'trt' => 'NEW'
%= submit_button l('wrg_ADD_CLIENT'), class => 'action' %= submit_button l('wrg_ADD_CLIENT'), class => 'action'
% end % end
% if ( scalar @$wgconf == 0 ) { % if ( scalar @$wgconf == 0 ) {
%=l 'wrg_NO_CONF' %= l 'wrg_NO_CONF'
% } else { % } else {
<br />
<table class="sme-border"><tbody> <table class="sme-border"><tbody>
<tr> <tr>
<th class='sme-border'> <th class='sme-border'>
%=l 'wrg_CONF_NAME' %= l 'wrg_CONF_NAME'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_USER' %= l 'wrg_USER'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_INFO' %= l 'wrg_INFO'
</th><th class='sme-border'> </th><th class='sme-border'>
%=l 'wrg_LABEL_STATUS' %= l 'wrg_LABEL_STATUS'
</th><th class='sme-border' colspan='3'> </th><th class='sme-border' colspan='3'>
%=l 'ACTION' %= l 'ACTION'
</th> </th>
</tr> </tr>
% foreach my $conf (@$wgconf) { % foreach my $conf (@$wgconf) {
@@ -125,6 +127,6 @@
% } % }
</tbody> </tbody>
</table> </table>
%} % }
<hr class='sectionbar'/> <hr class='sectionbar'/>
</div> </div>

47
root/usr/share/smanager/themes/default/templates/partials/_wrg_mod.html.ep
View File

@@ -1,85 +1,94 @@
Mojolicious Template Code Formatter vmojofmt 0.1.9
Input data:
Upload a file:
(none)
Remove empty lines from output
Formatted Output:
Output Syntax:
<div id='wrg_mod'> <div id='wrg_mod'>
%= form_for '/wireguard2' => (method => 'POST') => begin %= form_for '/wireguard2' => (method => 'POST') => begin
<p> <p>
%=l 'wrg_DESC_MODIFY_CLIENT_PAGE' %= l 'wrg_DESC_MODIFY_CLIENT_PAGE'
</p> </p>
<hr class='sectionbar'/> <hr class='sectionbar'/>
<p> <p>
%=l 'wrg_DESC_CONF_NAME' %= l 'wrg_DESC_CONF_NAME'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_CONF_NAME' %= l 'wrg_CONF_NAME'
</span> </span>
%= $wrg_datas->{wgconf} %= $wrg_datas->{wgconf}
<br></p> <br></p>
<p> <p>
%=l 'wrg_DESC_SELECT_ACCOUNT' %= l 'wrg_DESC_SELECT_ACCOUNT'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_SELECT_ACCOUNT' %= l 'wrg_SELECT_ACCOUNT'
</span><span class=data> </span><span class=data>
% param 'Account' => $wrg_datas->{account} unless param 'Account'; % param 'Account' => $wrg_datas->{account} unless param 'Account';
%= select_field 'Account' => $c->get_existing_accounts(), class => 'input' %= select_field 'Account' => $c->get_existing_accounts(), class => 'input'
<br></span></p> <br></span></p>
<p> <p>
%=l 'wrg_DESC_INFO_ACC_WIREGUARD' %= l 'wrg_DESC_INFO_ACC_WIREGUARD'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_INFO_ACC_WIREGUARD' %= l 'wrg_INFO_ACC_WIREGUARD'
</span><span class=data> </span><span class=data>
% param 'Info' => $wrg_datas->{info} unless param 'Info'; % param 'Info' => $wrg_datas->{info} unless param 'Info';
%=text_field 'Info' => size => '45', class => 'input' %= text_field 'Info' => size => '45', class => 'input'
<br></span></p> <br></span></p>
<p> <p>
%=l 'wrg_DESC_PRIVATE' %= l 'wrg_DESC_PRIVATE'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_LABEL_PRIVATE' %= l 'wrg_LABEL_PRIVATE'
</span><span class=data> </span><span class=data>
% param 'Private' => $wrg_datas->{private} unless param 'Private'; % param 'Private' => $wrg_datas->{private} unless param 'Private';
%=text_field 'Private' => size => '45', class => 'input' %= text_field 'Private' => size => '45', class => 'input'
<br></span></p> <br></span></p>
<p> <p>
%=l 'wrg_DESC_PUBLIC' %= l 'wrg_DESC_PUBLIC'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_LABEL_PUBLIC' %= l 'wrg_LABEL_PUBLIC'
</span><span class=data> </span><span class=data>
% param 'Public' => $wrg_datas->{public} unless param 'Public'; % param 'Public' => $wrg_datas->{public} unless param 'Public';
%=text_field 'Public' => size => '45', class => 'input' %= text_field 'Public' => size => '45', class => 'input'
<br></span></p> <br></span></p>
<p> <p>
%=l 'wrg_DESC_STATUS' %= l 'wrg_DESC_STATUS'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_LABEL_STATUS' %= l 'wrg_LABEL_STATUS'
</span><span class=data> </span><span class=data>
% param 'Status' => $wrg_datas->{status} unless param 'Status'; % param 'Status' => $wrg_datas->{status} unless param 'Status';
%= select_field 'Status' => [[ (l 'DISABLED') => 'disabled'], [ (l 'ENABLED') => 'enabled']], class => 'input' %= select_field 'Status' => [[ (l 'DISABLED') => 'disabled'], [ (l 'ENABLED') => 'enabled']], class => 'input'
<br></span></p> <br></span></p>
<p> <p>
%=l 'wrg_DESC_ALLOWEDIPS' %= l 'wrg_DESC_ALLOWEDIPS'
</p> </p>
<p><span class=label> <p><span class=label>
%=l 'wrg_LABEL_ALLOWEDIPS' %= l 'wrg_LABEL_ALLOWEDIPS'
</span><span class=data> </span><span class=data>
% param 'Allowedips' => $wrg_datas->{allowedips} unless param 'Allowedips'; % param 'Allowedips' => $wrg_datas->{allowedips} unless param 'Allowedips';
%=text_field 'Allowedips' => size => '45', class => 'input' %= text_field 'Allowedips' => size => '45', class => 'input'
<br></span></p> <br></span></p>
<div class='center'> <div class='center'>

34
root/usr/share/smanager/themes/default/templates/partials/_wrg_rem.html.ep
View File

@@ -2,24 +2,32 @@
%= form_for '/wireguard2' => (method => 'POST') => begin %= form_for '/wireguard2' => (method => 'POST') => begin
<p> <p>
%=l 'wrg_DESC_REMOVE_CLIENT' %= l 'wrg_DESC_REMOVE_CLIENT'
</p> </p>
<p><br><span class=label> <p><span class=label>
%=l 'wrg_CONF_NAME' %= l 'wrg_USER'
</span> </span><span class=data>
%= $wrg_datas->{wgconf} %= $wrg_datas->{account}
<br></p> </p>
<p><span class=label> <p><span class=label>
%=l 'COMMENT' %= l 'wrg_CONF_NAME'
</span><span class=data>
%= $wrg_datas->{wgconf}
</span> </span>
%= $wrg_datas->{wgcomment} </p>
<br></p>
<div class='center'> <p><span class=label>
%= submit_button l('CANCEL'), name => 'cancel', class => 'action' %= l 'COMMENT'
%= submit_button l('REMOVE'), name => 'remove', class => 'action' </span><span class=data>
%= $wrg_datas->{wgcomment}
</span>
</p>
<div class="center">
%= submit_button l('REMOVE'), name => 'remove', class => 'action left-btn'
%= submit_button l('CANCEL'), name => 'cancel', class => 'action center-btn'
</div> </div>
%= hidden_field 'trt' => $wrg_datas->{trt} %= hidden_field 'trt' => $wrg_datas->{trt}
@@ -27,4 +35,4 @@
% end % end
</div> </div>

21
smeserver-wireguard.spec
View File

@@ -1,4 +1,4 @@
%define release 23 %define release 28
%define version 1.0 %define version 1.0
%define debug_package %{nil} %define debug_package %{nil}
@@ -54,13 +54,24 @@ cat %{name}-%{version}-filelist
#%doc COPYING #%doc COPYING
%post %post
if (systemctl list-unit-files |grep smanager) then
echo "Smanager restart in spec file"
/sbin/e-smith/signal-event smanager-refresh;
fi
%changelog %changelog
* Fri Oct 03 2025 Brian Read <brianr@koozali.org> 1.0-28.sme
- Add in UTF8 to ConfigDB open [SME: 13209]
* Fri Oct 03 2025 Brian Read <brianr@koozali.org> 1.0-27.sme
- Remove smanager-refresh from spec file [SME: 13212]
* Fri Sep 26 2025 Brian Read <brianr@koozali.org> 1.0-26.sme
- Fix remove logic, add in user name to rem panel re-format templates, add space to list panel [SME: 13168]
* Thu Sep 25 2025 Brian Read <brianr@koozali.org> 1.0-25.sme
- Sort outy Remove panel placement and operation of buttons [SME: 13168]
* Wed Sep 24 2025 Brian Read <brianr@koozali.org> 1.0-24.sme
- Sort out access to DB vis a vis caching [SME: 13168]
* Mon Sep 22 2025 Brian Read <brianr@koozali.org> 1.0-23.sme * Mon Sep 22 2025 Brian Read <brianr@koozali.org> 1.0-23.sme
- add debuginfo define to suppress it [SME: 13168] - add debuginfo define to suppress it [SME: 13168]
- Fix config call in layout [SME: 13168] - Fix config call in layout [SME: 13168]