Rearranged code, prepared for intraserver comms (#4)
parent
0aa623f738
commit
65f8ecc251
20
add.js
20
add.js
|
@ -1,7 +1,11 @@
|
|||
'use strict'
|
||||
/* add.js
|
||||
* route for a client to add a peer
|
||||
*/
|
||||
|
||||
const env = require('./env.json')
|
||||
const fs = require('fs').promises
|
||||
const wg = require('./wireguard')
|
||||
const env = require('./env.json')
|
||||
|
||||
module.exports = async (req, res) => {
|
||||
const hostname = req.query['name']
|
||||
|
@ -82,13 +86,12 @@ module.exports = async (req, res) => {
|
|||
const ipv4_addr = `${env.IPV4_NET}.${subnet}.${host}`
|
||||
const ipv6_addr = `${env.IPV6_NET}:${subnet}:${host}`
|
||||
const keypair = await wg.generateKeypair()
|
||||
const pubkey = keypair[0]
|
||||
const privkey = keypair[1]
|
||||
|
||||
// Create [Peer] sections for each env.SERVERS
|
||||
|
||||
// Peer with each server
|
||||
let client_peers = []
|
||||
for (const server of env.SERVERS) {
|
||||
const psk = await wg.generatePSK()
|
||||
// Add server to client as [Peer]
|
||||
client_peers.push(`
|
||||
[Peer] # ${server.host}.${env.TLD}
|
||||
PublicKey = ${server.pubkey}
|
||||
|
@ -96,9 +99,10 @@ PresharedKey = ${psk}
|
|||
AllowedIPs = ${server.ipv4}/32, ${server.ipv6}/128
|
||||
Endpoint = ${server.endpoint}
|
||||
PersistentKeepAlive = 25`)
|
||||
// Add client to server as [Peer]
|
||||
const server_config = `\n
|
||||
[Peer] # ${hostname}.${username}.${env.TLD}
|
||||
PublicKey = ${pubkey}
|
||||
PublicKey = ${keypair[0]}
|
||||
PresharedKey = ${psk}
|
||||
AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
||||
if (server.host===env.LOCAL_SERVER) {
|
||||
|
@ -115,9 +119,9 @@ AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
|||
// Generate config
|
||||
const listen_port = Math.floor(50000 + Math.random() * 10000)
|
||||
const config = `[Interface]
|
||||
PrivateKey = ${privkey}
|
||||
PrivateKey = ${keypair[1]}
|
||||
Address = ${ipv4_addr}/${env.IPV4_CIDR}, ${ipv6_addr}/${env.IPV6_CIDR}
|
||||
DNS = ${req.DNS_SERVERS_STRING}
|
||||
DNS = ${res.locals.DNS_SERVERS_STRING}
|
||||
ListenPort = ${listen_port}
|
||||
PostUp = resolvectl domain ${env.TLD} ${env.TLD}
|
||||
${client_peers.join('\n')}`
|
||||
|
|
4
del.js
4
del.js
|
@ -1,4 +1,8 @@
|
|||
'use strict'
|
||||
/* del.js
|
||||
* route to let clients delete a peer
|
||||
*/
|
||||
|
||||
const fs = require('fs').promises
|
||||
const env = require('./env.json')
|
||||
|
||||
|
|
1
env.json
1
env.json
|
@ -1,6 +1,7 @@
|
|||
{
|
||||
"ENV": "dev",
|
||||
"PORT": 8080,
|
||||
"ADMIN_PORT": 8081,
|
||||
"IPV4_CIDR": 16,
|
||||
"IPV4_NET": "10.4",
|
||||
"IPV6_CIDR": 80,
|
||||
|
|
21
index.js
21
index.js
|
@ -1,8 +1,21 @@
|
|||
'use strict'
|
||||
/* index.js
|
||||
* Entrypoint and server listener
|
||||
*/
|
||||
|
||||
const env = require('./env.json')
|
||||
const mw = require('./middleware.js')
|
||||
// Main
|
||||
require('express')()
|
||||
.get('/add', mw.getRequester, mw.getDnsServers, require('./add.js'))
|
||||
.get('/del', mw.getRequester, require('./del.js'))
|
||||
const app = require('express')()
|
||||
const admin = require('express')()
|
||||
|
||||
app
|
||||
.use(mw.getRequester)
|
||||
.get('/add', mw.getDnsServers, require('./add.js'))
|
||||
.get('/del', require('./del.js'))
|
||||
.listen(env.PORT)
|
||||
admin
|
||||
.use(mw.getRequester)
|
||||
.use(mw.allowServers)
|
||||
.post('/add', require('./srv-add.js'))
|
||||
.post('/del', require('./srv-del.js'))
|
||||
.listen(env.ADMIN_PORT)
|
||||
|
|
|
@ -2,26 +2,48 @@
|
|||
const env = require('./env.json')
|
||||
|
||||
// Get DNS Servers in a string for peer configs
|
||||
// Do this on start, not every request!
|
||||
let DNS_SERVERS = []
|
||||
for (const server of env.SERVERS.filter((server) => server.dns) ){
|
||||
if (server.ipv4) DNS_SERVERS.push(server.ipv4)
|
||||
if (server.ipv6) DNS_SERVERS.push(server.ipv6)
|
||||
let SERVER_IPS = []
|
||||
for (const server of env.SERVERS) {
|
||||
if (server.ipv4) {
|
||||
SERVER_IPS.push(server.ipv4)
|
||||
if (server.dns) DNS_SERVERS.push(server.ipv4)
|
||||
}
|
||||
if (server.ipv6) {
|
||||
SERVER_IPS.push(server.ipv6)
|
||||
if (server.dns) DNS_SERVERS.push(server.ipv6)
|
||||
}
|
||||
}
|
||||
const DNS_SERVERS_STRING = DNS_SERVERS.join(', ')
|
||||
|
||||
const getRequester =
|
||||
|
||||
// Actual middleware
|
||||
// These functions run every request so keep them lean
|
||||
module.exports = {
|
||||
|
||||
getDnsServers: (req,res,next) => {
|
||||
req.DNS_SERVERS_STRING = DNS_SERVERS_STRING
|
||||
res.locals.DNS_SERVERS_STRING = DNS_SERVERS_STRING
|
||||
next()
|
||||
},
|
||||
|
||||
getRequester: (req, res, next) => {
|
||||
req.requester = (env.ENV==='prod')
|
||||
?req.ip.replace('::ffff:','')
|
||||
:'10.4.1.1'
|
||||
next()
|
||||
}
|
||||
// Parse
|
||||
getRequester: (env.ENV==='prod')?
|
||||
(req, res, next) => {
|
||||
req.requester = req.ip.replace('::ffff:','')
|
||||
console.log('set requester to whaterver from',req.ip)
|
||||
next()
|
||||
}:
|
||||
(req, res, next) => {
|
||||
req.requester = '10.4.1.1'
|
||||
console.log('set requester to 10.4.1.1')
|
||||
next()
|
||||
},
|
||||
|
||||
// Block clients, only allow servers (for intra-server peer sharing)
|
||||
allowServers: (req, res, next) => {
|
||||
if (SERVER_IPS.includes(req.requester)) next()
|
||||
else res.send(404)
|
||||
},
|
||||
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
'use strict'
|
||||
/* srv-add.js
|
||||
* routes for intra-server peer sharing
|
||||
*/
|
||||
|
||||
const env = require('./env.json')
|
||||
const fs = require('fs').promises
|
||||
|
||||
module.exports = async (req, res) => {
|
||||
const hostname = req.query['name']
|
||||
console.log(`Received peer from ${req.requester} for ${hostname}`)
|
||||
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
'use strict'
|
||||
/* srv-del.js
|
||||
* routes for intra-server peer sharing
|
||||
*/
|
||||
|
||||
const env = require('./env.json')
|
||||
const fs = require('fs').promises
|
||||
|
||||
module.exports = async (req, res) => {
|
||||
|
||||
|
||||
|
||||
}
|
Loading…
Reference in New Issue