Rearranged code, prepared for intraserver comms (#4)
parent
0aa623f738
commit
65f8ecc251
20
add.js
20
add.js
|
@ -1,7 +1,11 @@
|
||||||
'use strict'
|
'use strict'
|
||||||
|
/* add.js
|
||||||
|
* route for a client to add a peer
|
||||||
|
*/
|
||||||
|
|
||||||
|
const env = require('./env.json')
|
||||||
const fs = require('fs').promises
|
const fs = require('fs').promises
|
||||||
const wg = require('./wireguard')
|
const wg = require('./wireguard')
|
||||||
const env = require('./env.json')
|
|
||||||
|
|
||||||
module.exports = async (req, res) => {
|
module.exports = async (req, res) => {
|
||||||
const hostname = req.query['name']
|
const hostname = req.query['name']
|
||||||
|
@ -82,13 +86,12 @@ module.exports = async (req, res) => {
|
||||||
const ipv4_addr = `${env.IPV4_NET}.${subnet}.${host}`
|
const ipv4_addr = `${env.IPV4_NET}.${subnet}.${host}`
|
||||||
const ipv6_addr = `${env.IPV6_NET}:${subnet}:${host}`
|
const ipv6_addr = `${env.IPV6_NET}:${subnet}:${host}`
|
||||||
const keypair = await wg.generateKeypair()
|
const keypair = await wg.generateKeypair()
|
||||||
const pubkey = keypair[0]
|
|
||||||
const privkey = keypair[1]
|
// Peer with each server
|
||||||
|
|
||||||
// Create [Peer] sections for each env.SERVERS
|
|
||||||
let client_peers = []
|
let client_peers = []
|
||||||
for (const server of env.SERVERS) {
|
for (const server of env.SERVERS) {
|
||||||
const psk = await wg.generatePSK()
|
const psk = await wg.generatePSK()
|
||||||
|
// Add server to client as [Peer]
|
||||||
client_peers.push(`
|
client_peers.push(`
|
||||||
[Peer] # ${server.host}.${env.TLD}
|
[Peer] # ${server.host}.${env.TLD}
|
||||||
PublicKey = ${server.pubkey}
|
PublicKey = ${server.pubkey}
|
||||||
|
@ -96,9 +99,10 @@ PresharedKey = ${psk}
|
||||||
AllowedIPs = ${server.ipv4}/32, ${server.ipv6}/128
|
AllowedIPs = ${server.ipv4}/32, ${server.ipv6}/128
|
||||||
Endpoint = ${server.endpoint}
|
Endpoint = ${server.endpoint}
|
||||||
PersistentKeepAlive = 25`)
|
PersistentKeepAlive = 25`)
|
||||||
|
// Add client to server as [Peer]
|
||||||
const server_config = `\n
|
const server_config = `\n
|
||||||
[Peer] # ${hostname}.${username}.${env.TLD}
|
[Peer] # ${hostname}.${username}.${env.TLD}
|
||||||
PublicKey = ${pubkey}
|
PublicKey = ${keypair[0]}
|
||||||
PresharedKey = ${psk}
|
PresharedKey = ${psk}
|
||||||
AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
||||||
if (server.host===env.LOCAL_SERVER) {
|
if (server.host===env.LOCAL_SERVER) {
|
||||||
|
@ -115,9 +119,9 @@ AllowedIPs = ${ipv4_addr}/32, ${ipv6_addr}/128`
|
||||||
// Generate config
|
// Generate config
|
||||||
const listen_port = Math.floor(50000 + Math.random() * 10000)
|
const listen_port = Math.floor(50000 + Math.random() * 10000)
|
||||||
const config = `[Interface]
|
const config = `[Interface]
|
||||||
PrivateKey = ${privkey}
|
PrivateKey = ${keypair[1]}
|
||||||
Address = ${ipv4_addr}/${env.IPV4_CIDR}, ${ipv6_addr}/${env.IPV6_CIDR}
|
Address = ${ipv4_addr}/${env.IPV4_CIDR}, ${ipv6_addr}/${env.IPV6_CIDR}
|
||||||
DNS = ${req.DNS_SERVERS_STRING}
|
DNS = ${res.locals.DNS_SERVERS_STRING}
|
||||||
ListenPort = ${listen_port}
|
ListenPort = ${listen_port}
|
||||||
PostUp = resolvectl domain ${env.TLD} ${env.TLD}
|
PostUp = resolvectl domain ${env.TLD} ${env.TLD}
|
||||||
${client_peers.join('\n')}`
|
${client_peers.join('\n')}`
|
||||||
|
|
4
del.js
4
del.js
|
@ -1,4 +1,8 @@
|
||||||
'use strict'
|
'use strict'
|
||||||
|
/* del.js
|
||||||
|
* route to let clients delete a peer
|
||||||
|
*/
|
||||||
|
|
||||||
const fs = require('fs').promises
|
const fs = require('fs').promises
|
||||||
const env = require('./env.json')
|
const env = require('./env.json')
|
||||||
|
|
||||||
|
|
1
env.json
1
env.json
|
@ -1,6 +1,7 @@
|
||||||
{
|
{
|
||||||
"ENV": "dev",
|
"ENV": "dev",
|
||||||
"PORT": 8080,
|
"PORT": 8080,
|
||||||
|
"ADMIN_PORT": 8081,
|
||||||
"IPV4_CIDR": 16,
|
"IPV4_CIDR": 16,
|
||||||
"IPV4_NET": "10.4",
|
"IPV4_NET": "10.4",
|
||||||
"IPV6_CIDR": 80,
|
"IPV6_CIDR": 80,
|
||||||
|
|
21
index.js
21
index.js
|
@ -1,8 +1,21 @@
|
||||||
'use strict'
|
'use strict'
|
||||||
|
/* index.js
|
||||||
|
* Entrypoint and server listener
|
||||||
|
*/
|
||||||
|
|
||||||
const env = require('./env.json')
|
const env = require('./env.json')
|
||||||
const mw = require('./middleware.js')
|
const mw = require('./middleware.js')
|
||||||
// Main
|
const app = require('express')()
|
||||||
require('express')()
|
const admin = require('express')()
|
||||||
.get('/add', mw.getRequester, mw.getDnsServers, require('./add.js'))
|
|
||||||
.get('/del', mw.getRequester, require('./del.js'))
|
app
|
||||||
|
.use(mw.getRequester)
|
||||||
|
.get('/add', mw.getDnsServers, require('./add.js'))
|
||||||
|
.get('/del', require('./del.js'))
|
||||||
.listen(env.PORT)
|
.listen(env.PORT)
|
||||||
|
admin
|
||||||
|
.use(mw.getRequester)
|
||||||
|
.use(mw.allowServers)
|
||||||
|
.post('/add', require('./srv-add.js'))
|
||||||
|
.post('/del', require('./srv-del.js'))
|
||||||
|
.listen(env.ADMIN_PORT)
|
||||||
|
|
|
@ -2,26 +2,48 @@
|
||||||
const env = require('./env.json')
|
const env = require('./env.json')
|
||||||
|
|
||||||
// Get DNS Servers in a string for peer configs
|
// Get DNS Servers in a string for peer configs
|
||||||
// Do this on start, not every request!
|
|
||||||
let DNS_SERVERS = []
|
let DNS_SERVERS = []
|
||||||
for (const server of env.SERVERS.filter((server) => server.dns) ){
|
let SERVER_IPS = []
|
||||||
if (server.ipv4) DNS_SERVERS.push(server.ipv4)
|
for (const server of env.SERVERS) {
|
||||||
if (server.ipv6) DNS_SERVERS.push(server.ipv6)
|
if (server.ipv4) {
|
||||||
|
SERVER_IPS.push(server.ipv4)
|
||||||
|
if (server.dns) DNS_SERVERS.push(server.ipv4)
|
||||||
|
}
|
||||||
|
if (server.ipv6) {
|
||||||
|
SERVER_IPS.push(server.ipv6)
|
||||||
|
if (server.dns) DNS_SERVERS.push(server.ipv6)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
const DNS_SERVERS_STRING = DNS_SERVERS.join(', ')
|
const DNS_SERVERS_STRING = DNS_SERVERS.join(', ')
|
||||||
|
|
||||||
|
const getRequester =
|
||||||
|
|
||||||
|
// Actual middleware
|
||||||
|
// These functions run every request so keep them lean
|
||||||
module.exports = {
|
module.exports = {
|
||||||
|
|
||||||
getDnsServers: (req,res,next) => {
|
getDnsServers: (req,res,next) => {
|
||||||
req.DNS_SERVERS_STRING = DNS_SERVERS_STRING
|
res.locals.DNS_SERVERS_STRING = DNS_SERVERS_STRING
|
||||||
next()
|
next()
|
||||||
},
|
},
|
||||||
|
|
||||||
getRequester: (req, res, next) => {
|
// Parse
|
||||||
req.requester = (env.ENV==='prod')
|
getRequester: (env.ENV==='prod')?
|
||||||
?req.ip.replace('::ffff:','')
|
(req, res, next) => {
|
||||||
:'10.4.1.1'
|
req.requester = req.ip.replace('::ffff:','')
|
||||||
next()
|
console.log('set requester to whaterver from',req.ip)
|
||||||
}
|
next()
|
||||||
|
}:
|
||||||
|
(req, res, next) => {
|
||||||
|
req.requester = '10.4.1.1'
|
||||||
|
console.log('set requester to 10.4.1.1')
|
||||||
|
next()
|
||||||
|
},
|
||||||
|
|
||||||
|
// Block clients, only allow servers (for intra-server peer sharing)
|
||||||
|
allowServers: (req, res, next) => {
|
||||||
|
if (SERVER_IPS.includes(req.requester)) next()
|
||||||
|
else res.send(404)
|
||||||
|
},
|
||||||
|
|
||||||
}
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
'use strict'
|
||||||
|
/* srv-add.js
|
||||||
|
* routes for intra-server peer sharing
|
||||||
|
*/
|
||||||
|
|
||||||
|
const env = require('./env.json')
|
||||||
|
const fs = require('fs').promises
|
||||||
|
|
||||||
|
module.exports = async (req, res) => {
|
||||||
|
const hostname = req.query['name']
|
||||||
|
console.log(`Received peer from ${req.requester} for ${hostname}`)
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
'use strict'
|
||||||
|
/* srv-del.js
|
||||||
|
* routes for intra-server peer sharing
|
||||||
|
*/
|
||||||
|
|
||||||
|
const env = require('./env.json')
|
||||||
|
const fs = require('fs').promises
|
||||||
|
|
||||||
|
module.exports = async (req, res) => {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue