From fcfa70c1618282a4004fba01f8d5b55ceb9b0651 Mon Sep 17 00:00:00 2001
From: Keith Irwin <git@ki9.us>
Date: Sat, 27 Aug 2022 15:57:00 -0600
Subject: [PATCH] Moved cgi/ to srv/

---
 .gitignore               |  1 +
 cgi/client               | 16 ----------------
 nginx.conf               |  4 ++--
 srv/client               | 41 ++++++++++++++++++++++++++++++++++++++++
 srv/env.sample           | 21 ++++++++++++++++++++
 {cgi => srv}/fed         |  0
 srv/lib/get-user-from-ip | 11 +++++++++++
 {cgi => srv}/send/fed    |  0
 {cgi => srv}/send/ns     |  0
 srv/send/ssl             |  7 +++++++
 {cgi => srv}/send/wg     |  0
 11 files changed, 83 insertions(+), 18 deletions(-)
 create mode 100644 .gitignore
 delete mode 100755 cgi/client
 create mode 100755 srv/client
 create mode 100755 srv/env.sample
 rename {cgi => srv}/fed (100%)
 create mode 100755 srv/lib/get-user-from-ip
 rename {cgi => srv}/send/fed (100%)
 rename {cgi => srv}/send/ns (100%)
 create mode 100755 srv/send/ssl
 rename {cgi => srv}/send/wg (100%)

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..5e75158
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+srv/env
diff --git a/cgi/client b/cgi/client
deleted file mode 100755
index 28040ff..0000000
--- a/cgi/client
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/sh
-# client
-
-printf 'Content-Type: text/plain\n\nHello client!'
-
-#TODO List peers
-# GET /
-
-#TODO Add peer
-# POST /
-
-#TODO Delete peer
-# DELETE /mypeer
-
-#TODO Update peer
-# UPDATE /mypeer
diff --git a/nginx.conf b/nginx.conf
index 1e54c7e..6a5b2a0 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -7,7 +7,7 @@ server {
 		fastcgi_pass  unix:/var/run/fcgiwrap.socket;
 		include /etc/nginx/fastcgi_params;
 		include /etc/nginx/fastcgi.conf;
-		root /home/ki9/src/wgapi/cgi;
+		root /home/ki9/src/wgapi/srv;
 		fastcgi_index client;
 	}
 }
@@ -20,7 +20,7 @@ server {
 		fastcgi_pass  unix:/var/run/fcgiwrap.socket;
 		include /etc/nginx/fastcgi_params;
 		include /etc/nginx/fastcgi.conf;
-		root /home/ki9/src/wgapi/cgi;
+		root /home/ki9/src/wgapi/srv;
 		fastcgi_index fed;
 	}
 }
diff --git a/srv/client b/srv/client
new file mode 100755
index 0000000..8cc1b68
--- /dev/null
+++ b/srv/client
@@ -0,0 +1,41 @@
+#!/bin/sh
+# client
+
+source ./env
+
+case "${REQUEST_METHOD}" in
+
+	# List peers
+	"GET")
+		# Get user from IP
+		user="$(lib/get-user-from-ip ${REMOTE_ADDR})"
+		printf "Content-Type: text/plain\n\nHello ${user}\n"
+		printf "TLD: ${TLD}\n"
+		#TODO Get or set token
+		#TODO Send user peers
+	;;
+
+	# Add peer
+	"POST")
+		#TODO Get user from IP
+		#TODO Parse, sanitize, and validate hostname
+		#TODO Check token
+		#TODO Check if new peer already exists
+		#TODO Create IP Addresses and keys
+		#TODO Loop for each fed server
+				#TODO Add server to user config as [Peer]
+				#TODO Add new user device to server config as [Peer]
+				#TODO Add server_config to local wg (./send/wg add) or federated (./send/fed add)
+		#TODO: Update nameserver (./send/ns add)
+	;;
+
+	# Delete peer
+	"DELETE")
+	;;
+
+	# Update peer
+	"UPDATE")
+	;;
+
+	*) exit 1;;
+esac
diff --git a/srv/env.sample b/srv/env.sample
new file mode 100755
index 0000000..704c7da
--- /dev/null
+++ b/srv/env.sample
@@ -0,0 +1,21 @@
+# Change these
+export TLD='tld'
+export CA_CERT_FILE='/etc/ssl/certs/ca.pem'
+export CA_PASSPHRASE="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXx"
+export DNS_KEY="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXxw=="
+
+#TODO Parse ALL this from wg.conf file
+export WG_CONFIG_FILE="/etc/wireguard/${TLD}.conf"
+export LOCAL_SERVER="host1"
+export DNS_MASTER="10.72.0.1"
+export IPV4_NET='10.9.0.0/16'
+export IPV6_NET='fd69:1337:0:420:f4:abc2/96'
+export IPV4_CIDR="${IPV4_NET##*/}" # 16
+export IPV4_CIDR_NET="${IPV4_NET%%/*}" # 10.9.0.0
+export IPV4_FNET="10.9" # TODO Generate this from CIDR
+export IPV4_RNET="9.10" # TODO Generate this from CIDR
+export IPV6_CIDR="${IPV6_NET##*/}" # 96
+export IPV6_CIDR_NET="${IPV6_NET%%/*}" # fd69:1337:0:420:f4:abc2
+export IPV6_FNET="fd69:1337:0:420:f4:abc2" # TODO Generate this from CIDR
+export IPV6_RNET="2.c.b.a.4.f.0.0.0.2.4.0.0.0.0.0.7.3.3.1.9.6.d.f" # TODO Generate this from CIDR
+export DNS_TTL="86400"
diff --git a/cgi/fed b/srv/fed
similarity index 100%
rename from cgi/fed
rename to srv/fed
diff --git a/srv/lib/get-user-from-ip b/srv/lib/get-user-from-ip
new file mode 100755
index 0000000..ebad9cf
--- /dev/null
+++ b/srv/lib/get-user-from-ip
@@ -0,0 +1,11 @@
+#!/bin/sh
+# get-user-from-ip
+# https://gitea.ksn.gf4/gf4/wgapi/src/branch/master/includes/helpers.js#L12
+
+# Check args
+[ "$#" -ne "1" ] && exit 1
+echo "$1"
+# Get subnet
+# Read wg
+#"$1" is the request ip
+
diff --git a/cgi/send/fed b/srv/send/fed
similarity index 100%
rename from cgi/send/fed
rename to srv/send/fed
diff --git a/cgi/send/ns b/srv/send/ns
similarity index 100%
rename from cgi/send/ns
rename to srv/send/ns
diff --git a/srv/send/ssl b/srv/send/ssl
new file mode 100755
index 0000000..d048e14
--- /dev/null
+++ b/srv/send/ssl
@@ -0,0 +1,7 @@
+#!/bin/sh
+# send/ssl
+
+printf 'send/ssl\n'
+# add
+# del
+# update
diff --git a/cgi/send/wg b/srv/send/wg
similarity index 100%
rename from cgi/send/wg
rename to srv/send/wg