gf4
/
wagon
2
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity

fix: 🚑 Fixed mixup between client_allowedips and server_allowedips

master
Keith Irwin 2024-02-12 10:05:13 -07:00
parent aa90155dc7
commit d26b744bf6
Signed by: ki9
GPG Key ID: DF773B3F4A88DA86
2 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
back/lib/dashboard/peer/add
View File

@ -85,10 +85,11 @@ if ! printf 'IP addresses for %s created: %s %s\n' "${domain:?}" "${ipv4:?}" "${
/usr/lib/wagon/http_res 500; exit
fi
# Create wg config
# Create client config
privkey="$(/usr/bin/wg genkey)"
pubkey="$(echo "${privkey}" | /usr/bin/wg pubkey)"
address="${ipv4}/${IPV4_NET##*/},${ipv6}/${IPV6_NET##*/}"
client_allowedips="${ipv4}/32, ${ipv6}/128"
# Update nameserver
if /usr/lib/wagon/ns_update_add "${domain:?}" "${ipv4:?}" "${ipv6:?}"
@ -111,7 +112,7 @@ while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey se
if [ "${server_hostname}" == "${LOCAL_SERVER}" ]; then
server_blocks="${server_blocks}\n[Peer] # ${server_hostname:?}.${TLD:?}\nPublicKey=${server_pubkey:?}\nPresharedKey=${server_psk:?}\nAllowedIPs=${server_allowedips:?}\nEndpoint=${server_endpoint:?}\n"
# Add new user to local wireguard
if /usr/lib/wagon/wg_peer_add "${pubkey:?}" "${server_psk:?}" "${server_allowedips:?}"; then
if /usr/lib/wagon/wg_peer_add "${pubkey:?}" "${server_psk:?}" "${client_allowedips:?}"; then
printf 'Added %s to local wireguard server.\n' "${domain}" >&2
else
printf 'ERROR! Failed to add %s to local wireguard server!\n' "${domain}" >&2
@ -121,7 +122,7 @@ while IFS=$'\t' read -r server_hostname server_ipv4 server_ipv6 server_pubkey se
else
server_blocks="${server_blocks}\n[Peer] # ${server_hostname:?}.${TLD:?}\nPublicKey=${server_pubkey:?}\nPresharedKey=${server_psk:?}\nAllowedIPs=${server_allowedips:?}\nEndpoint=${server_endpoint:?}\n"
# Send new user config to federated server
if /usr/lib/wagon/fed_peer_add "${server_url:?}" "${server_secret:?}" "${pubkey:?}" "${server_psk:?}" "${server_allowedips:?}" "${server_secret:?}"; then
if /usr/lib/wagon/fed_peer_add "${server_url:?}" "${server_secret:?}" "${pubkey:?}" "${server_psk:?}" "${client_allowedips:?}"; then
printf 'Sent %s to remote wireguard server %s.\n' "${domain}" "${server_hostname}" >&2
else
printf 'ERROR! Failed to send %s to remote wireguard server %s!\n' "${domain}" "${server_hostname}" >&2

2
back/lib/fed_peer_add
View File

@ -11,4 +11,4 @@ if curl --silent -o /dev/null --fail --request POST --cacert "${SSL_CA_CERT}" "$
else
printf 'ERROR: Failed to send peer to federated server %s\n' "${url}" >&2
exit 1
fi
fi