Removed extraneous checks and some cleanup
parent
30b7761bc1
commit
bcc6821cca
|
@ -2,11 +2,7 @@
|
|||
# FILE: wgapi:back/admin_peer.cgi
|
||||
# DESCRIPTION: Recieves incoming admin requests for peer operations
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
case "${REQUEST_METHOD}" in
|
||||
|
||||
|
|
|
@ -2,11 +2,7 @@
|
|||
# FILE: wgapi:back/admin_user.cgi
|
||||
# DESCRIPTION: Server for requests to /user/
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
case "${REQUEST_METHOD}" in
|
||||
|
||||
|
|
|
@ -1,15 +1,8 @@
|
|||
#!/bin/bash
|
||||
# FILE: wgapi:back/dashboard.cgi
|
||||
# DESCRIPTION: Recieves incoming dashboard API requests
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Missing config file
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
case "${REQUEST_METHOD}" in
|
||||
|
||||
|
|
|
@ -1,14 +1,8 @@
|
|||
#!/bin/bash
|
||||
# FILE: wgapi:back/dashboard_ssl.cgi
|
||||
# DESCRIPTION: Sends SSL certs and keys to users
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Missing config file
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi; source "${CONFIG_FILE}"
|
||||
|
||||
source /etc/wgapi/config
|
||||
|
||||
case "${REQUEST_METHOD}" in
|
||||
|
||||
|
|
12
back/fed.cgi
12
back/fed.cgi
|
@ -1,18 +1,8 @@
|
|||
#!/bin/bash
|
||||
# FILE: wgapi:back/fed.cgi
|
||||
# DESCRIPTION: Recieves incoming federated requests
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Missing config file
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 0 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi; source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
case "${REQUEST_METHOD}" in
|
||||
|
||||
|
|
|
@ -4,28 +4,8 @@
|
|||
# USAGE: add $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&host=$newhostname&user=$username&num=$usernumber
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Check token
|
||||
token_fail(){
|
||||
|
@ -137,6 +117,6 @@ while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey se
|
|||
printf 'ERROR! Failed to send %s to remote wireguard server %s!\n' "${domain}" "${server_hostname}" >&2
|
||||
fi
|
||||
fi
|
||||
done <"${SERVERS_FILE}"
|
||||
done </etc/wgapi/servers
|
||||
wg_config="[Interface] # ${hostname}.${username}.${TLD}\nPrivateKey=${privkey:?}\nAddress=${address:?}\n${WG_DNS}\n${server_blocks:?}"
|
||||
<<<"${wg_config}" "${LIB_DIR}/http_res" 202
|
||||
|
|
|
@ -4,27 +4,8 @@
|
|||
# USAGE: del $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&pubkey=$pubkey
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Parse pubkey
|
||||
pubkey="$(<<<"${qs#}" grep 'pubkey=' | sed 's/pubkey=//')"
|
||||
|
@ -102,9 +83,7 @@ for_server_do() {
|
|||
fi
|
||||
}; while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey server_endpoint server_admin server_secret
|
||||
do for_server_do "${server_hostname}" "${server_ipv4}" "${server_ipv6}" "${server_pubkey}" "${server_endpoint}" "${server_admin}" "${server_secret}" &
|
||||
# Uncomment if SERVERS_FILE is very big
|
||||
#[ $( jobs | wc -l ) -ge $( nproc ) ] && wait
|
||||
done <"${SERVERS_FILE}" &
|
||||
done </etc/wgapi/servers &
|
||||
|
||||
# Update nameserver
|
||||
if "${LIB_DIR}/ns_update_del" "${domain:?}" "${ipv4:?}" "${ipv6:?}"
|
||||
|
|
|
@ -4,25 +4,9 @@
|
|||
# USAGE: list $remote_ip $querystring
|
||||
# QUERYSTRING: ?un=$username
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 2 ]; then # Two because even an empty string querystring will be counted
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
un="$(<<<"${qs}" grep -oP 'un=(.*)' | sed 's/^un=//' | xargs)"
|
||||
|
||||
printf 'Admin %s requested peer listing...\n' "${ip}" >&2
|
||||
|
||||
# Create token if needed
|
||||
|
|
|
@ -4,28 +4,8 @@
|
|||
# USAGE: add $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&host=$hostname&user=$username
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Check token
|
||||
token_fail(){
|
||||
|
@ -129,6 +109,6 @@ while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey se
|
|||
printf 'ERROR! Failed to send %s to remote wireguard server %s!\n' "${domain}" "${server_hostname}" >&2
|
||||
fi
|
||||
fi
|
||||
done <"${SERVERS_FILE}"
|
||||
done </etc/wgapi/servers
|
||||
wg_config="[Interface] # ${hostname}.${username}.${TLD}\nPrivateKey=${privkey:?}\nAddress=${address:?}\n${WG_DNS}\n${server_blocks:?}"
|
||||
<<<"${wg_config}" "${LIB_DIR}/http_res" 202
|
||||
|
|
|
@ -4,28 +4,8 @@
|
|||
# USAGE: del $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&user=$username&un=$usernumber
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Check token
|
||||
token_fail(){
|
||||
|
@ -102,9 +82,7 @@ delete_peer() {
|
|||
# Remove peer from wireguard
|
||||
while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey server_endpoint server_admin server_secret
|
||||
do for_server_do "${server_hostname}" "${server_ipv4}" "${server_ipv6}" "${server_pubkey}" "${server_endpoint}" "${server_admin}" "${server_secret}" &
|
||||
# Uncomment if SERVERS_FILE is very big
|
||||
#[ $( jobs | wc -l ) -ge $( nproc ) ] && wait
|
||||
done <"${SERVERS_FILE}" &
|
||||
done </etc/wgapi/servers &
|
||||
|
||||
# Remove peer from nameserver
|
||||
if "${LIB_DIR}/ns_update_del" "${domain:?}" "${ipv4:?}" "${ipv6:?}"
|
||||
|
|
|
@ -4,28 +4,8 @@
|
|||
# USAGE: add $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&name=$hostname
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Check hostname
|
||||
hostname="$(<<<"${qs}" grep -oP 'name=(.*)' | sed 's/^name//' | xargs | tr -dc 'a-z0-9' | head -c10)"
|
||||
|
@ -147,6 +127,6 @@ while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey se
|
|||
printf 'ERROR! Failed to send %s to remote wireguard server %s!\n' "${domain}" "${server_hostname}" >&2
|
||||
fi
|
||||
fi
|
||||
done <"${SERVERS_FILE}"
|
||||
done </etc/wgapi/servers
|
||||
wg_config="[Interface] # ${hostname}.${username}.${TLD}\nPrivateKey=${privkey:?}\nAddress=${address:?}\n${WG_DNS}\n${server_blocks:?}"
|
||||
<<<"${wg_config}" "${LIB_DIR}/http_res" 202
|
||||
|
|
|
@ -4,28 +4,8 @@
|
|||
# USAGE: del $remote_ip $querystring
|
||||
# QUERYSTRING: ?t=$token&pubkey=$pubkey
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${SERVERS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${SERVERS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Parse pubkey
|
||||
pubkey="$(<<<"${qs#}" grep 'pubkey=' | sed 's/pubkey=//')"
|
||||
|
@ -103,9 +83,7 @@ for_server_do() {
|
|||
fi
|
||||
}; while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey server_endpoint server_admin server_secret
|
||||
do for_server_do "${server_hostname}" "${server_ipv4}" "${server_ipv6}" "${server_pubkey}" "${server_endpoint}" "${server_admin}" "${server_secret}" &
|
||||
# Uncomment if SERVERS_FILE is very big
|
||||
#[ $( jobs | wc -l ) -ge $( nproc ) ] && wait
|
||||
done <"${SERVERS_FILE}" &
|
||||
done </etc/wgapi/servers &
|
||||
|
||||
# Update nameserver
|
||||
if "${LIB_DIR}/ns_update_del" "${domain:?}" "${ipv4:?}" "${ipv6:?}"
|
||||
|
|
|
@ -3,22 +3,7 @@
|
|||
# DESCRIPTION: List a user's peers
|
||||
# USAGE: list $remote_ip
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 1 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
if ! [ -f "${TOKENS_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${TOKENS_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source /etc/wgapi/config
|
||||
ip="${1}"
|
||||
printf '%s requested peer listing...\n' "${ip}" >&2
|
||||
|
||||
|
|
|
@ -4,20 +4,11 @@
|
|||
# USAGE: ssl remote_ip querystring
|
||||
# QUERYSTRING: ?host=$hostname&ext=crt
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
|
||||
# Parse querystring
|
||||
hostname="$(<<<"${qs}" grep -oP 'host=(.*)' | sed 's/^host=//' | xargs)"
|
||||
hostname="$(<<<"${qs}" grep -oP 'host=(.*)' | sed 's/^host=//' | xargs)" &
|
||||
ext="$(<<<"${qs}" grep -oP 'ext=(.*)' | sed 's/^ext=//' | xargs)"
|
||||
|
||||
if ! file="${hostname:?}/server.${ext:?}"; then
|
||||
|
|
|
@ -4,26 +4,14 @@
|
|||
# USAGE: add $remote_ip $querystring
|
||||
# QUERYSTRING: ?pubkey=$pubkey&psk=$psk&ips=$allowedips
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
pubkey="$(<<<"${qs}" grep -oP 'pubkey=(.*)' | sed 's/^pubkey//' | xargs)"
|
||||
psk="$(<<<"${qs}" grep -oP 'psk=(.*)' | sed 's/^psk//' | xargs)"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
pubkey="$(<<<"${qs}" grep -oP 'pubkey=(.*)' | sed 's/^pubkey//' | xargs)" &
|
||||
psk="$(<<<"${qs}" grep -oP 'psk=(.*)' | sed 's/^psk//' | xargs)" &
|
||||
allowedips="$(<<<"${qs}" grep -oP 'ips=(.*)' | sed 's/^ips//' | xargs)"
|
||||
|
||||
# Check that requesting ip is in the servers file
|
||||
if ! cat "${SERVERS_FILE}" | sed '/^#/d' | cut -f2,3 | grep -w "${ip}"; then
|
||||
if ! cat /etc/wgapi/servers | sed '/^#/d' | cut -f2,3 | grep -w "${ip}"; then
|
||||
printf "ERROR! Federated server %s requested to create new peer but isn't in servers file!/n" "${ip}" >&2
|
||||
"${LIB_DIR}/http_res" 403; exit
|
||||
fi
|
||||
|
|
|
@ -4,24 +4,12 @@
|
|||
# USAGE: del $remote_ip $querystring
|
||||
# QUERYSTRING: ?pubkey=$pubkey
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
"${LIB_DIR}/http_res" 500; exit
|
||||
fi; source "${CONFIG_FILE}"
|
||||
ip="${1}"
|
||||
qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
source /etc/wgapi/config
|
||||
ip="${1}" & qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
||||
pubkey="$(<<<"${qs}" grep -oP 'pubkey=(.*)' | sed 's/^pubkey//' | xargs)"
|
||||
|
||||
# Check that requesting ip is in the servers file
|
||||
if ! cat "${SERVERS_FILE}" | sed '/^#/d' | cut -f2,3 | grep -w "${ip}"; then
|
||||
if ! cat /etc/wgapi/servers | sed '/^#/d' | cut -f2,3 | grep -w "${ip}"; then
|
||||
printf "ERROR! Federated server %s requested to create new peer but isn't in servers file!/n" "${ip}" >&2
|
||||
"${LIB_DIR}/http_res" 403; exit
|
||||
fi
|
||||
|
|
|
@ -2,31 +2,13 @@
|
|||
# FILE: fed_peer_add
|
||||
# DESCRIPTION: Sends details about a new peer to a federated server
|
||||
# USAGE: fed_peer_add server pubkey psk allowedips
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Config file not found
|
||||
# 5: wg binary not found
|
||||
# 6: curl command failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 4 ]; then
|
||||
printf '%s Bad usage: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi & if [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR: %s could not find config at %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi & if [ -x /usr/bin/wg ]; then
|
||||
printf 'ERROR: /usr/bin/wg not found\n' >&2
|
||||
exit 5
|
||||
fi; source "${CONFIG_FILE}"
|
||||
server="${1}"
|
||||
pubkey="${2}"
|
||||
psk="${3}"
|
||||
allowedips="${4}"
|
||||
source /etc/wgapi/config
|
||||
server="${1}" & pubkey="${2}" & psk="${3}" & allowedips="${4}"
|
||||
|
||||
if res="$(curl --silent --request POST "wg-test-fed.${server}.${TLD}?pubkey=${pubkey}&psk=${psk}&ips=${allowedips}")"; then
|
||||
printf 'Sent peer %s to federated server %s\n' "${pubkey}" "${server}" >&2
|
||||
else
|
||||
printf 'ERROR: Failed to send peer to federated server %s: %s\n' "${server}" "${res}" >&2
|
||||
exit 6
|
||||
exit 1
|
||||
fi
|
|
@ -2,29 +2,13 @@
|
|||
# FILE: fed_peer_del
|
||||
# DESCRIPTION: Sends details to a federated server about a peer to be deleted
|
||||
# USAGE: fed_peer_del server pubkey
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Config file not found
|
||||
# 5: wg binary not found
|
||||
# 6: curl command failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 4 ]; then
|
||||
printf '%s Bad usage: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi & if [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR: %s could not find config at %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi & if [ -x /usr/bin/wg ]; then
|
||||
printf 'ERROR: /usr/bin/wg not found\n' >&2
|
||||
exit 5
|
||||
fi; source "${CONFIG_FILE}"
|
||||
server="${1}"
|
||||
pubkey="${2}"
|
||||
source /etc/wgapi/config
|
||||
server="${1}" & pubkey="${2}"
|
||||
|
||||
if res="$(curl --silent --request DELETE "wg-test-fed.${server}.${TLD}?pubkey=${pubkey}")"; then
|
||||
printf 'Sent peer %s to federated server %s\n' "${pubkey}" "${server}" >&2
|
||||
else
|
||||
printf 'ERROR: Failed to send peer to federated server %s: %s\n' "${server}" "${res}" >&2
|
||||
exit 6
|
||||
exit 1
|
||||
fi
|
|
@ -9,18 +9,7 @@
|
|||
# 5: Invalid format
|
||||
# 6: Config file not found
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s Config file not found\n' "${0}" >&2
|
||||
exit 6
|
||||
fi & if ! [ ${#} -eq 1 ] || [ ${#} -eq 3 ]; then
|
||||
printf 'ERROR! Bad usage: %s %s\n' "$0" "$*" >&2
|
||||
exit 3
|
||||
fi & if ! [ -x /usr/bin/wg ]; then
|
||||
printf 'ERROR! %s /usr/bin/wg not found\n' "${0}" >&2
|
||||
exit 5
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
format="${1}"
|
||||
|
||||
# Perform AXFR lookup
|
||||
|
|
|
@ -4,23 +4,18 @@
|
|||
# USAGE: rdns ip
|
||||
# OUTPUT: The domain for that IP
|
||||
# ERRORS:
|
||||
# 3: bad usage
|
||||
# 4: not found
|
||||
# 5: server down
|
||||
# 6: nslookup not found
|
||||
# 7: config not found
|
||||
# 3: Not found
|
||||
# 4: Server down
|
||||
# 5: nslookup not found
|
||||
# 6: Bad usage
|
||||
|
||||
# Accept exactly one argument
|
||||
[ ${#} -eq 1 ] || exit 3
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
[ -f "${CONFIG_FILE}" ] || exit 7
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
domain="$("${LIB_DIR}/ns_lookup_send" "${1}")"
|
||||
case $? in
|
||||
0) printf '%s' "${domain%.}" | cut -d'=' -f2 | xargs -0; exit 0;;
|
||||
4) printf 'Domain for %s not found!\n' "${1}" >&2; exit 4;;
|
||||
5) printf 'Nameserver not available: %s\n' "${DNS_MASTER}" >&2; exit 5;;
|
||||
6) printf 'nslookup not installed!\n' >&2; exit 6;;
|
||||
*) printf 'Bad usage: %s %s\n' "${0}" "${@}" >&2; exit 3;;
|
||||
4) printf 'Domain for %s not found!\n' "${1}" >&2; exit 3;;
|
||||
5) printf 'Nameserver not available: %s\n' "${DNS_MASTER}" >&2; exit 4;;
|
||||
6) printf 'nslookup not installed!\n' >&2; exit 5;;
|
||||
*) printf 'Bad usage: %s %s\n' "${0}" "${@}" >&2; exit 6;;
|
||||
esac
|
||||
|
|
|
@ -4,19 +4,14 @@
|
|||
# USAGE: ns_lookup_rxfr
|
||||
# OUTPUT: The complete set of records for the TLD
|
||||
# ERRORS:
|
||||
# 3: bad usage
|
||||
# 4: not found
|
||||
# 5: server down
|
||||
# 3: Bad usage
|
||||
# 4: Domain not found
|
||||
# 5: Server down
|
||||
# 6: nslookup not found
|
||||
# 7: config not found
|
||||
# 8: nslookup refused
|
||||
# 9: nslookup error
|
||||
# 7: nslookup refused
|
||||
# 8: nslookup error
|
||||
|
||||
# Accept no arguments
|
||||
[ ${#} -eq 0 ] || exit 3
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
[ -f "${CONFIG_FILE}" ] || exit 7
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
res="$("${LIB_DIR}/ns_lookup_send" "-query=AXFR" "${TLD}.")"
|
||||
case $? in
|
||||
|
@ -24,7 +19,7 @@ case $? in
|
|||
4) printf 'Domain for %s not found!\n' "${1}" >&2; exit 4;;
|
||||
5) printf 'Nameserver not available: %s\n' "${DNS_MASTER}" >&2; exit 5;;
|
||||
6) printf 'nslookup not installed!\n' >&2; exit 6;;
|
||||
8) printf 'nslookup threw an error!\n' >&2; exit 9;;
|
||||
9) printf 'nslookup refused RXFR request!\n' >&2; exit 8;;
|
||||
8) printf 'nslookup threw an error!\n' >&2; exit 8;;
|
||||
9) printf 'nslookup refused RXFR request!\n' >&2; exit 7;;
|
||||
*) printf 'Bad usage: %s %s\n' "${0}" "${@}" >&2; exit 3;;
|
||||
esac
|
||||
|
|
|
@ -3,28 +3,21 @@
|
|||
# DESCRIPTION: Send nslookup command to DNS master server
|
||||
# USAGE: send [option] cmd
|
||||
# ERRORS:
|
||||
# 3: bad usage
|
||||
# 4: not found
|
||||
# 5: server down
|
||||
# 6: nslookup not found
|
||||
# 7: config file not found
|
||||
# 8: other nslookup error
|
||||
# 9: nslookup refused
|
||||
# 3: not found
|
||||
# 4: server down
|
||||
# 5: other nslookup error
|
||||
# 6: nslookup refused
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
[ ${#} -eq 1 ] || [ ${#} -eq 2 ] || exit 3
|
||||
[ -f "${CONFIG_FILE}" ] || exit 7
|
||||
[ -x /usr/bin/nslookup ] || exit 6
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
if ! res="$(/usr/bin/nslookup ${@} "${DNS_MASTER}")"
|
||||
then exit 8
|
||||
then exit 5
|
||||
fi
|
||||
if <<<"${res}" grep ';; .* timed out'
|
||||
then exit 5
|
||||
elif <<<"${res}" grep "\*\* .*: NXDOMAIN\|\*\*\* .*: No answer"
|
||||
then exit 4
|
||||
elif <<<"${res}" grep "\*\* .*: NXDOMAIN\|\*\*\* .*: No answer"
|
||||
then exit 3
|
||||
elif <<<"${res}" grep "\*\* .*: REFUSED"
|
||||
then exit 9
|
||||
then exit 6
|
||||
else printf '%s' "${res}"
|
||||
fi
|
||||
|
|
|
@ -2,20 +2,8 @@
|
|||
# FILE: wgapi:back/lib/ns/update/add
|
||||
# DESCRIPTION: Add a new peer's domain to nameserver
|
||||
# USAGE: add domain ipv4 ipv6
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: config file not found
|
||||
# 5: nsupdate failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 3 ]; then
|
||||
printf 'ERROR! Invalid number of arguments to %s: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi; if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s couldnt find %s\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
"${LIB_DIR}/ns_update_send" "update add ${1}. ${DNS_TTL} A ${2}
|
||||
update add ${1}. ${DNS_TTL} AAAA ${3}
|
||||
|
@ -23,4 +11,4 @@ update add *.${1}. ${DNS_TTL} CNAME ${1}.
|
|||
send
|
||||
update add $("${LIB_DIR}/ns_update_rev_ipv4" "${2}") ${DNS_TTL} PTR ${1}.
|
||||
send
|
||||
update add $("${LIB_DIR}/ns_update_rev_ipv6" "${3}") ${DNS_TTL} PTR ${1}." || exit 5
|
||||
update add $("${LIB_DIR}/ns_update_rev_ipv6" "${3}") ${DNS_TTL} PTR ${1}." || exit 1
|
||||
|
|
|
@ -2,20 +2,8 @@
|
|||
# FILE: wgapi:back/lib/ns/update/del
|
||||
# DESCRIPTION: Use nsupdate to delete host RRs
|
||||
# USAGE: del domain ipv4 ipv6
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Config not found
|
||||
# 5: nsupdate failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 3 ]; then
|
||||
printf 'ERROR! Invalid number of arguments to %s: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi; if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s couldnt find %s\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
"${LIB_DIR}/ns_update_send" "update delete ${1}. A
|
||||
update delete ${1}. AAAA
|
||||
|
@ -23,4 +11,4 @@ update delete *.${1}. CNAME
|
|||
send
|
||||
update delete $("${LIB_DIR}/ns_update_rev_ipv4" "${2}") PTR
|
||||
send
|
||||
update delete $("${LIB_DIR}/ns_update_rev_ipv6" "${3}") PTR" || exit 5
|
||||
update delete $("${LIB_DIR}/ns_update_rev_ipv6" "${3}") PTR" || exit 1
|
||||
|
|
|
@ -2,13 +2,8 @@
|
|||
# FILE: wgapi:back/lib/ns/update/send
|
||||
# DESCRIPTION: Send stuff to the nsupdate server
|
||||
# USAGE: send cmd
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Missing config file
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
[ ${#} -eq 1 ] || exit 3
|
||||
[ -f "${CONFIG_FILE}" ] || exit 4
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
printf 'server %s\n%s\nsend\n' "${DNS_MASTER}" "${1}" \
|
||||
| nsupdate -y "${DNS_KEY}" | tee >(cat 1>&2)
|
||||
|
|
|
@ -3,32 +3,12 @@
|
|||
# DESCRIPTION: Create SSL certs for a new host
|
||||
# USAGE: add hostname username ipstring
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: config file not found
|
||||
# 5: openssl or config not found
|
||||
# 6: not root
|
||||
# 7: openssl failed
|
||||
# 8: failed to set permissions
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 3 ]; then
|
||||
printf 'ERROR! Invalid number of arguments to %s: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi; if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s couldnt find %s\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi; if ! [ -x '/usr/bin/openssl' ]; then
|
||||
printf 'ERROR! /usr/bin/openssl not found!\n' >&2
|
||||
exit 5
|
||||
fi; if ! [ -f '/etc/ssl/openssl.cnf' ]; then
|
||||
printf 'ERROR! /etc/ssl/openssl.cnf not found!\n' >&2
|
||||
exit 5
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
|
||||
hostname="${1}"
|
||||
username="${2}"
|
||||
ipstring="${3}"
|
||||
source /etc/wgapi/config
|
||||
hostname="${1}" & username="${2}" & ipstring="${3}"
|
||||
|
||||
# Make a directory for the new files
|
||||
if ! sudo mkdir "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/"; then
|
||||
|
|
|
@ -2,24 +2,11 @@
|
|||
# FILE: wgapi:back/lib/ssl/peer/del
|
||||
# DESCRIPTION: Delete SSL cert for a removed device
|
||||
# USAGE: del hostname username
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: Missing config file
|
||||
# 5: Failed to delete files
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 2 ]; then
|
||||
printf 'ERROR! Invalid number of arguments to %s: %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi; if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s couldnt find %s\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 4
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
hostname="${1}"
|
||||
username="${2}"
|
||||
source /etc/wgapi/config
|
||||
hostname="${1}" & username="${2}"
|
||||
|
||||
if ! sudo rm -rf "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/" 2>/dev/null; then
|
||||
printf 'ERROR! %s failed to delete %s!\n' "${0}" "${SSL_CONFIG_DIR}/${username}/${hostname}/" >&2
|
||||
exit 5
|
||||
exit 1
|
||||
fi
|
||||
|
|
|
@ -2,28 +2,11 @@
|
|||
# FILE: wgapi:back/lib/wg/peer/add
|
||||
# DESCRIPTION: Add a new peer to a wireguard interface
|
||||
# USAGE: add pubkey psk allowedips
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: config not found
|
||||
# 5: wg binary not found
|
||||
# 6: wg command failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 3 ]; then
|
||||
printf 'ERROR! %s Bad usage: %s\n' "${0}" "${*}"
|
||||
exit 3
|
||||
fi & if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find config at %s!\n' "${0}" "${CONFIG_FILE}"
|
||||
exit 4
|
||||
fi & if ! [ -x /usr/bin/wg ]; then
|
||||
printf 'ERROR! /usr/bin/wg not found\n'
|
||||
exit 5
|
||||
fi; source "${CONFIG_FILE}"
|
||||
pubkey="${1}"
|
||||
psk="${2}"
|
||||
allowedips="${3}"
|
||||
source /etc/wgapi/config
|
||||
pubkey="${1}" & psk="${2}" & allowedips="${3}"
|
||||
|
||||
if ! res="$(printf '%s\n' "${psk}" | sudo /usr/bin/wg set "${TLD}" peer "${pubkey}" preshared-key /dev/stdin allowed-ips "${allowedips}")"; then
|
||||
printf '%s %s\n' "${?}" "${res}" >&2
|
||||
exit 6
|
||||
exit 1
|
||||
fi
|
|
@ -2,27 +2,10 @@
|
|||
# FILE: wgapi:back/lib/wg/peer/del
|
||||
# DESCRIPTION: Delete a peer from a wireguard interface
|
||||
# USAGE: del pubkey
|
||||
# ERRORS:
|
||||
# 3: Bad usage
|
||||
# 4: wg binary not found
|
||||
# 5: config not found
|
||||
# 6: wg command failed
|
||||
# 7: Not root
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
if ! [ ${#} -eq 1 ]; then
|
||||
printf 'ERROR! Bad input: %s %s\n' "${0}" "${*}" >&2
|
||||
exit 3
|
||||
fi; if ! [ -x '/usr/bin/wg' ]; then
|
||||
printf 'ERROR! %s could not find /usr/bin/wg\n' "${0}" >&2
|
||||
exit 4
|
||||
fi; if ! [ -f "${CONFIG_FILE}" ]; then
|
||||
printf 'ERROR! %s could not find %s!\n' "${0}" "${CONFIG_FILE}" >&2
|
||||
exit 5
|
||||
fi
|
||||
source "${CONFIG_FILE}"
|
||||
source /etc/wgapi/config
|
||||
|
||||
if ! res="$(sudo /usr/bin/wg set "${TLD}" peer "${1}" remove)"; then
|
||||
printf 'ERROR! Wireguard failed: %s\n' "${res}" >&2
|
||||
exit 6
|
||||
exit 1
|
||||
fi
|
||||
|
|
|
@ -2,20 +2,11 @@
|
|||
# FILE: wgapi:back/lib/wg/user/list
|
||||
# DESCRIPTION: List all devices from all users
|
||||
# USAGE: list json|tsv
|
||||
# ERRORS:
|
||||
# 3: bad usage
|
||||
# 4: nslookup failed
|
||||
# 5: Config not found
|
||||
# 6: wg failed
|
||||
|
||||
CONFIG_FILE='/etc/wgapi/config'
|
||||
[ ${#} -eq 1 ] || exit 3
|
||||
[ -f "${CONFIG_FILE}" ] || exit 5
|
||||
source "${CONFIG_FILE}"
|
||||
#/usr/bin/wg show ${TLD} allowed-ips
|
||||
source /etc/wgapi/config
|
||||
|
||||
/usr/bin/wg show "${TLD}" allowed-ips \
|
||||
| while IFS=$' ' read -r pubkey ipv4 ipv6; do
|
||||
while IFS=$' ' read -r pubkey ipv4 ipv6; do
|
||||
ipv4="${ipv4%%/*}"
|
||||
ipv6="${ipv6%%/*}"
|
||||
domain="$("${LIB_DIR}/ns_lookup_rdns" "${ipv4}")" || exit 4
|
||||
|
|
|
@ -21,8 +21,8 @@
|
|||
[X] Prevent deleting user's only peer
|
||||
[X] Remove bash errors
|
||||
[X] Move loging to STDERR
|
||||
[X] Remove extraneous checks
|
||||
[ ] Federated servers
|
||||
[ ] Remove extraneous checks
|
||||
[ ] shellcheck
|
||||
[ ] Deploy on GF4
|
||||
[ ] Prepare for IPv4 exhaustion
|
||||
|
|
|
@ -5,7 +5,6 @@ IPV6_NET='fd69:1337:0:420:f4:f3::/96'
|
|||
WG_DNS='DNS=10.3.0.1,10.3.0.2,fd69:1337:0:420:f4:f3:0:1,fd69:1337:0:420:f4:f3:0:2'
|
||||
LIB_DIR='/usr/local/bin'
|
||||
TOKENS_FILE='/var/local/wgapi_tokens'
|
||||
SERVERS_FILE='/etc/wgapi/servers'
|
||||
SSL_CONFIG_DIR="/etc/ssl/private/${TLD}"
|
||||
SSL_CA_CERT="${SSL_CONFIG_DIR}/_ca.crt"
|
||||
SSL_CA_KEY="${SSL_CONFIG_DIR}/_ca.key"
|
||||
|
|
Loading…
Reference in New Issue