From 2eb2f4e5aafdd9b121ce2336d9311dd45723f308 Mon Sep 17 00:00:00 2001 From: Keith Irwin Date: Wed, 12 Apr 2023 21:59:51 -0600 Subject: [PATCH] #9 Wrote admin peer docs --- USAGE.md | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 67 insertions(+), 4 deletions(-) diff --git a/USAGE.md b/USAGE.md index ba706f4..31bab3d 100644 --- a/USAGE.md +++ b/USAGE.md @@ -48,7 +48,7 @@ To prevent this, a token is generated on the server and sent to the user when re "ipv4": "10.99.1.1", "ipv6": "fd69:1337:0:420:f4:99:1:1", "pubkey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=" - },{ + }, { "domain": "myhost2.myuser.mynet", "ipv4": "10.99.1.2", "ipv6": "fd69:1337:0:420:f4:99:1:2", @@ -96,21 +96,84 @@ To prevent this, a token is generated on the server and sent to the user when re ### 2.1. Dashboard +There are four sections to the admin dashboard (then, at the bottom, a place where new configs are shown) +#### Add user + +This is where you add a new user. You'll have to provide a hostname for their initial device. Adding a user like this will generate a wireguard configuration that you can send to the invited person over a secure channel. + +#### Delete user + +Deletes a user and all their peers. Totally removes the user from the network and deletes all their data. + +#### Peer list + +A (possibly long) list of all peers on the network, including servers (don't delete them!). Here you can delete a single peer from any user. + +#### Add peer + +This section lets you add a new peer for any existing user. ### 2.2 API +The admin API has no authentication so it should be blocked to all except admin IP ranges. + #### 2.2.1. List devices -TODO +- **REQUEST:** `GET /peer` +- **FILE:** `back/lib/admin/peer/list` +- **QUERYSTRING:** `?un=$username` + - `un`: A username, optionally, to show only that user's peers +- **RESPONSE:** A token and array of peers in JSON +```json +{ + "token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "peers": [ + { + "domain": "myhost1.myuser.mynet", + "ipv4": "10.99.1.1", + "ipv6": "fd69:1337:0:420:f4:99:1:1", + "pubkey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=" + }, { + "domain": "myhost2.myuser.mynet", + "ipv4": "10.99.1.2", + "ipv6": "fd69:1337:0:420:f4:99:1:2", + "pubkey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=" + } + ] +} + +``` #### 2.2.2. Add device -TODO +- **REQUEST:** `POST /peer` +- **FILE:** `back/lib/admin/peer/add` +- **QUERYSTRING:** `?t=$token&host=$newhostname&user=$username&num=$usernumber` + - `t`: The token from a GET request + - `host`: The hostname chosen for the new peer + - `user`: The user's username + - `num`: The user's subnet number +- **RESPONSE:** + - `202`: Added + - `400`: Invalid input + - `403`: Bad token + - `409`: Hostname already exists + - `500`: Error #### 2.2.3. Delete device -TODO +- **REQUEST:** `DELETE /peer` +- **FILE:** `back/lib/admin/peer/del` +- **QUERYSTRING:** `?t=$token&pubkey=$pubkey` + - `t`: The token from a GET request + - `pubkey`: Wireguard public key of the peer to remove +- **RESPONSE:** + - `202`: Deleted + - `400`: Attempted to delete self + - `403`: Bad token + - `404`: Peer not found + - `500`: Other server error #### 2.2.4. List users