gf4
/
wagon
2
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity

list peers working

master
Keith Irwin 2022-08-27 21:25:53 -06:00
parent fcfa70c161
commit 355c527871
Signed by: ki9
GPG Key ID: DF773B3F4A88DA86
8 changed files with 55 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
srv/env
srv/tokens

18
README.md Normal file
View File

@ -0,0 +1,18 @@
# wgapi
2022 Keith Irwin (ki9.gf4.pw)
### Allow cgi scripts to run as root
To ensure the `srv/send/wg` and `srv/send/ssl` commands can run as root, run
```sh
sudo visudo
```
And add these lines:
```
# Let http run these cgi scripts as root
http ALL=(ALL) NOPASSWD: /path/to/wgapi/srv/send/ssl
http ALL=(ALL) NOPASSWD: /path/to/wgapi/srv/send/wg
```

24
srv/client
View File

@ -1,19 +1,25 @@
#!/bin/sh
# client
TOKENS_FILE='tokens'
source ./env
case "${REQUEST_METHOD}" in
# List peers
"GET")
# Get user from IP
user="$(lib/get-user-from-ip ${REMOTE_ADDR})"
printf "Content-Type: text/plain\n\nHello ${user}\n"
printf "TLD: ${TLD}\n"
#TODO Get or set token
#TODO Send user peers
;;
'GET')
# Get username (rDNS lookup) TODO Handle timeout
username="$(nslookup ${REMOTE_ADDR} ${DNS_MASTER} | cut -d'=' -f2 | cut -d'.' -f3)"
# Get token
token="$(grep ${REMOTE_ADDR} ${TOKENS_FILE} | cut -f2)"
# Set token?
if [ "${token}" == "" ]; then
token="$(</dev/urandom tr -dc '[:alnum:]' | fold -w 64 | head -n 1)"
printf "${REMOTE_ADDR}\t${token}\n" >>"${TOKENS_FILE}"
fi
# Get peers
peers="[\n$(sudo send/wg get_peers ${TLD} ${REMOTE_ADDR} ${DNS_MASTER})\n\t]"
# Send response
printf "Content-Type: text/json\n\n{\n\t\"name\": \"${username}\",\n\t\"token\": \"${token}\",\n\t\"peers\": ${peers}\n}";;
# Add peer
"POST")

11
srv/lib/get-user-from-ip
View File

@ -1,11 +0,0 @@
#!/bin/sh
# get-user-from-ip
# https://gitea.ksn.gf4/gf4/wgapi/src/branch/master/includes/helpers.js#L12
# Check args
[ "$#" -ne "1" ] && exit 1
echo "$1"
# Get subnet
# Read wg
#"$1" is the request ip

0
srv/send/fed Executable file → Normal file
View File

0
srv/send/ns Executable file → Normal file
View File

0
srv/send/ssl Executable file → Normal file
View File

23
srv/send/wg Executable file → Normal file
View File

@ -1,4 +1,23 @@
#!/bin/sh
# send/wg
# wg
printf 'send/wg\n'
case "${1}" in
'get_peers') shift
wg show "${1}" allowed-ips | \
grep '/32\|/128' | grep ${2%[.:]*} | \
while read pubkey ipv4 ipv6; do
ipv4="${ipv4%%/*}"
ipv6="${ipv6%%/*}"
hostname="$(nslookup ${ipv4} ${3} | cut -d'=' -f2 | cut -d'.' -f1 | xargs)"
printf " {
\"hostname\": \"${hostname}\",
\"ipv4\": \"${ipv4}\",
\"ipv6\": \"${ipv6}\",
\"pubkey\": \"${pubkey}\"
},\n"
done
;;
*) exit 1;;
esac