Fixed missing knockout.min.js

2022-11-01 18:58:36 -06:00 · 2022-11-01 18:58:36 -06:00 · 3a327fd0fa
parent fefa92b509
commit 3a327fd0fa
5 changed files with 176 additions and 4 deletions
--- a/back/lib/admin/user/add
+++ b/back/lib/admin/user/add
@ -0,0 +1,170 @@
+#!/bin/bash
+# FILE:       	user_add
+# DESCRIPTION:	Add a new user
+# USAGE:      	add remote_ip querystring
+# QUERYSTRING:	?t=$token&host=$hostname&user=$username
+# ERRORS:
+# 	 3: bad args/usage
+# 	 4: vars file not found
+# 	 5: Wireguard not installed
+# 	 6: Hostname in use
+# 	 7: Hostname too short
+# 	 8: Invalid token
+# 	 9: Token file not found
+# 	10: Failed to get peer data from wg
+# 	11: Failed to generate new IPs
+# 	12: Servers file doesn't exist
+# 	13: Hostname or username not provided
+# 	14: Failed to parse out user's peers
+# 	15: Failed to add user to local wireguard
+# 	16: Failed to add user to federated server
+# 	17: Admin not found
+
+CONFIG_FILE='/etc/wgapi/config'
+SERVERS_FILE='/etc/wgapi/servers'
+if ! [ ${#} -eq 2 ]; then
+	printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >>"${LOGFILE}"
+	exit 3
+fi & if ! [ -x '/usr/bin/wg' ]; then
+	printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >>"${LOGFILE}"
+	exit 5
+fi & if ! [ -f "${CONFIG_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >>"${LOGFILE}"
+	exit 4
+fi
+source "${CONFIG_FILE}"
+if ! [ -f "${SERVERS_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >>"${LOGFILE}"
+	exit 12
+fi & if ! [ -f "${TOKENS_FILE}" ]; then
+	printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >>"${LOGFILE}"
+	exit 9
+fi
+ip="${1}"
+qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
+
+# Check token
+token_fail(){
+	printf 'Rejecting admin %s request for new peer due to %s token\n' "${ip}" "${1}" >>"${LOGFILE}"
+	printf 'Invalid token\n' | "${LIB_DIR}/http_res" 403
+	exit 8
+}
+saved_token="$(grep "${ip}" "${TOKENS_FILE}" | cut -f2)"
+[ "${saved_token}" == "" ] && token_fail 'missing' &
+<<<"${qs}" grep -qx "t=${saved_token}" || token_fail 'mismatched'
+printf '%s token was valid\n' "${ip}" >>"${LOGFILE}"
+
+# Parse new hostname and new username
+hostname="$(<<<"${qs}" grep -oP 'host=(.*)' | sed 's/^host=//' | xargs | tr -dc 'a-z0-9' | head -c10)"
+username="$(<<<"${qs}" grep -oP 'user=(.*)' | sed 's/^user=//')"
+if ! domain="${hostname:?}.${username:?}.${TLD:?}"; then
+	printf 'ERROR! Hostname "%s" or username "%s" or tld "%s" missing!\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"
+	printf 'Hostname or username missing!\n' | "${LIB_DIR}/http_res" 400
+	exit 13
+else
+	printf 'Admin %s requested new user created with initial peer of %s\n' "${ip}" "${domain}" >>"${LOGFILE}"
+fi
+
+# Check hostname and username length
+if ! [[ ${#hostname} -ge 3 ]]; then
+	printf 'Rejecting hostname %s because it is too short.\n' "${hostname}" >>"${LOGFILE}"
+	printf 'Hostname too short\n' | "${LIB_DIR}/http_res" 400
+	exit 7
+elif ! [[ ${#username} -ge 3 ]]; then
+	printf 'Rejecting username %s because it is too short.\n' "${username}" >>"${LOGFILE}"
+	printf 'Username too short\n' | "${LIB_DIR}/http_res" 400
+	exit 7
+fi
+
+# Check if new user already exists
+#TODO
+if "${LIB_DIR}/ns_lookup_send" "${domain}" >/dev/null; then
+	printf '%s already exists!\n' "${domain}" >>"${LOGFILE}"
+	printf 'Host %s already exists!\n' "${domain}" | "${LIB_DIR}/http_res" 409
+	exit 6
+fi
+
+# Get all peer IPs
+if ! wg_output="$(sudo /usr/bin/wg show "${TLD}" allowed-ips)"; then
+	printf 'ERROR! Wireguard failed!\n' >>"${LOGFILE}"
+	printf 'Wireguard failed!\n' | "${LIB_DIR}/http_res" 500
+	exit 5
+fi
+
+# Filter out the user's
+user_peers="$(grep "${IPV4_NET%.*.*}.${usernumber}." <<<"${wg_output}" 2>/dev/null)"
+if [ "${user_peers}" == "" ]; then
+	printf "ERROR! Couldn't find any peers for %s!\n" "${IPV4_NET%.*.*}.${usernumber}." >>"${LOGFILE}"
+	printf 'No user peers found for %s!\n' "${IPV4_NET%.*.*}.${usernumber}" | "${LIB_DIR}/http_res" 404
+	exit 14
+fi
+
+# Get user peer domains
+if ! peers="$("${LIB_DIR}/ips_to_peers_rdns" tsv <<<"${user_peers}")"; then
+	printf 'ERROR! Failed to retrieve peers for %s!\n' "${${IPV4_NET%.*.*}.${usernumber}}" >>"${LOGFILE}"
+	printf 'Failed to retrieve peers for %s!\n' "${IPV4_NET%.*.*}.${usernumber}" | "${LIB_DIR}/http_res" 500
+	exit 10
+fi
+
+# Create new IPs
+hostnames="$(<<<"${peers}" awk '{print $1}' | cut -d'.' -f1)"
+ipv4s="$(<<<"${peers}" awk '{print $2}')"
+ipv6s="$(<<<"${peers}" awk '{print $3}')"
+# Increment hostnumber from 1 until an unused one is found
+used_hostnumbers="$(<<<"${ipv4s}" cut -d'.' -f4 | sort | uniq)"
+hostnumber=1; while <<<"${used_hostnumbers}" grep -q "${hostnumber}"
+	do ((hostnumber++))
+done
+ipv4="${IPV4_NET%.*.*}.${usernumber}.${hostnumber}"
+ipv6="${IPV6_NET%:*:*}:${usernumber}:${hostnumber}"
+if ! printf 'IP addresses for %s created: %s %s\n' "${domain:?}" "${ipv4:?}" "${ipv6:?}" \
+	>>"${LOGFILE}"; then
+		printf 'ERROR! Failed to create IP addresses for %s!' "${domain}" >>"${LOGFILE}"
+		exit 11
+fi
+
+# Create wg config
+privkey="$(/usr/bin/wg genkey)"
+pubkey="$(echo "${privkey}" | /usr/bin/wg pubkey)"
+address="${ipv4}/${IPV4_NET##*/},${ipv6}/${IPV6_NET##*/}"
+
+# Update nameserver
+if "${LIB_DIR}/ns_update_add" "${domain:?}" "${ipv4:?}" "${ipv6:?}"
+	then printf 'Successfully added %s to DNS server.\n' "${domain}" >>"${LOGFILE}"
+	else printf 'ERROR! Failed to add %s %s %s to DNS server!\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
+fi &
+
+# Create SSL cert
+if "${LIB_DIR}/ssl_peer_add" "${hostname:?}" "${username:?}" "IP:${ipv4},IP:${ipv6}"
+	then printf 'Successfully signed SSL certs for %s\n' "${domain}" >>"${LOGFILE}"
+	else printf 'ERROR! Failed to create certs for %s with IPS: %s %s!\n' "${domain}" "${ipv4}" "${ipv6}" >>"${LOGFILE}"
+fi
+
+# Do the wireguard and tell the user
+server_blocks=''
+while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey server_endpoint server_admin server_secret; do
+	[[ ${server_hostname:0:1} = \# ]] && continue
+	server_psk="$(/usr/bin/wg genpsk)"
+	server_blocks="${server_blocks}\n[Peer] # ${server_hostname}.${TLD}\nPublicKey=${server_pubkey}\nPresharedKey=${server_psk}\nAllowedIPs=${server_ipv4}/32,${server_ipv6}/128\nEndpoint=${server_endpoint}\n"
+	if [ "${server_hostname}" == "${LOCAL_SERVER}" ]; then
+		# Add new user to local server
+		if "${LIB_DIR}/wg_peer_add" "${pubkey}" "${server_psk}" "${ipv4}/32,${ipv6}/128"; then
+			printf 'Added %s to local wireguard server.\n' "${domain}" >>"${LOGFILE}"
+		else
+			printf 'ERROR! Failed to add %s to local wireguard server!\n' "${domain}" >>"${LOGFILE}"
+			# TODO: clear existing progress
+			exit 15
+		fi
+	# TODO: Send new user config to federated server
+	#else
+	#	if "${LIB_DIR}/fed_peer_add" "${server_admin}" "${pubkey}" "${server_psk}" "${ipv4}/32,${ipv6}/128" "${server_secret}"; then
+	#	printf 'Sent %s to remote wireguard server %s.\n' "${domain}" "${server_hostname}" >>"${LOGFILE}"
+	#else
+	#	printf 'ERROR! Failed to send %s to remote wireguard server %s!\n' "${domain}" "${server_hostname}" >>"${LOGFILE}"
+	#	# TODO: clear existing progress
+	# exit 16
+	#fi
+	fi
+done <"${SERVERS_FILE}"
+wg_config="[Interface] # ${hostname}.${username}.${TLD}\nPrivateKey=${privkey:?}\nAddress=${address:?}\n${WG_DNS}\n${server_blocks:?}"
+<<<"${wg_config}" "${LIB_DIR}/http_res" 202
--- a/front/admin.Dockerfile
+++ b/front/admin.Dockerfile
@ -1,3 +1,4 @@
 FROM httpd:2.4
 COPY admin.html /usr/local/apache2/htdocs/index.html
 COPY admin.js /usr/local/apache2/htdocs/admin.js
+COPY knockout.min.js /usr/local/apache/htdocs/knockout.min.js
--- a/front/dashboard.Dockerfile
+++ b/front/dashboard.Dockerfile
@ -1,3 +1,4 @@
 FROM httpd:2.4
 COPY dashboard.html /usr/local/apache2/htdocs/index.html
 COPY dashboard.js /usr/local/apache2/htdocs/dashboard.js
+COPY knockout.min.js /usr/local/apache/htdocs/knockout.min.js
--- a/front/dashboard.html
+++ b/front/dashboard.html
@ -4,7 +4,7 @@
 </head>
 <body>
 	<p>Use this console to edit your network-connected devices.  </p>
-	
+
 	<h2>Your peers</h2>
 	<table>
 		<thead><tr>
@ -15,7 +15,7 @@
 			<td><button style="float:right" data-bind="click:$parent.delPeer,disable:$data.isDeleting,text:deleteText">Delete</button></td>
 		</tr></tbody>
 	</table>
-	
+
 	<h2>Add a peer</h2>
 	<p>To add a new peer, type in a hostname and click add.  The hostname must be 3-10 lowercase letters and numbers <code>/[a-z0-9]{3,10}/</code>.  Keep it short for your own sake!</p>
 	<div>
@ -25,8 +25,8 @@
 	<p>After clicking "Add", the new peer's config will appear below.  Copy and paste it into your wireguard client and start the service.  <b>This configuration will not be shown again!</b>If you lose the config, you will need to delete the peer and recreate it.  </p>
 	<hr>
 	<pre data-bind="text:newConfigText"></pre>
-	
-	<script src="https://cdnjs.cloudflare.com/ajax/libs/knockout/3.5.1/knockout-latest.js" integrity="sha512-2AL/VEauKkZqQU9BHgnv48OhXcJPx9vdzxN1JrKDVc4FPU/MEE/BZ6d9l0mP7VmvLsjtYwqiYQpDskK9dG8KBA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+	<script src="/knockout.min.js" integrity="sha512-2AL/VEauKkZqQU9BHgnv48OhXcJPx9vdzxN1JrKDVc4FPU/MEE/BZ6d9l0mP7VmvLsjtYwqiYQpDskK9dG8KBA=="></script>
 	<script src="/dashboard.js"></script>
 </body>
 </html>
--- a/front/knockout-latest.min.js
+++ b/front/knockout-latest.min.js