def edit_server(data: dict, sess: Session = Depends(middleware.get_db)):
interface = data["interface"]
old = schemas.WGServer(interface=interface).from_db(sess)
# Stop if running
if script.wireguard.is_running(old):
script.wireguard.stop_interface(old)
# Update server
server = schemas.WGServer(**data["server"])
server.configuration = script.wireguard.generate_config(server)
server = old.update(sess, new=server)
# Update peers
for peer_data in server.peers:
peer = schemas.WGPeer(**peer_data)
peer.configuration = script.wireguard.generate_config(
dict(peer=peer, server=server))
peer.sync(sess)
script.wireguard.start_interface(server)
server.is_running = script.wireguard.is_running(server)
server.sync(sess)
server.from_db(sess)
return server
def edit_peer(peer: schemas.WGPeer,
sess: Session = Depends(middleware.get_db)):
server = schemas.WGServer(interface="")\
.from_orm(sess.query(models.WGServer).filter_by(id=peer.server_id).one())
peer.configuration = script.wireguard.generate_config(
dict(peer=peer, server=server))
peer.sync(sess)
return peer
def add_peer(
peer_add: schemas.WGPeerAdd,
sess: Session = Depends(middleware.get_db)
):
server = schemas.WGServer(interface=peer_add.server_interface).from_db(sess)
peer = schemas.WGPeer(server_id=server.id)
address_space = set(ipaddress.ip_network(server.address, strict=False).hosts())
occupied_space = set()
# Try add server IP to list.
try:
occupied_space.add(ipaddress.ip_address(server.address.split("/")[0]))
except ValueError:
pass
for p in server.peers:
# Try add peer ip to list.
try:
occupied_space.add(ipaddress.ip_address(p.address.split("/")[0]))
except ValueError as e:
pass # Ignore invalid addresses. These are out of address_space
address_space -= occupied_space
# Select first available address
peer.address = str(list(sorted(address_space)).pop(0)) + "/32"
# Private public key generation
keys = script.wireguard.generate_keys()
peer.private_key = keys["private_key"]
peer.public_key = keys["public_key"]
# Set 0.0.0.0/0, ::/0 as default allowed ips
peer.allowed_ips = ', '.join(const.PEER_DEFAULT_ALLOWED_IPS)
# Set unnamed
peer.name = "Unnamed"
peer.dns = server.dns
peer.configuration = script.wireguard.generate_config(dict(
peer=peer,
server=server
))
peer.sync(sess)
# If server is running. Add peer
if script.wireguard.is_running(server):
script.wireguard.add_peer(server, peer)
return peer
def delete_peer(
peer: schemas.WGPeer,
sess: Session = Depends(middleware.get_db)
):
server = sess.query(models.WGServer).filter_by(id=peer.server_id).one()
if not db.wireguard.peer_remove(sess, peer):
raise HTTPException(400, detail="Were not able to delete peer %s (%s)" % (peer.name, peer.public_key))
if script.wireguard.is_running(schemas.WGServer(interface=server.interface)):
script.wireguard.remove_peer(server, peer)
return peer
def delete_peer(
peer: schemas.WGPeer,
sess: Session = Depends(middleware.get_db)
):
peer.from_db(sess) # Sync full object
if not db.wireguard.peer_remove(sess, peer):
raise HTTPException(400, detail="Were not able to delete peer %s (%s)" % (peer.name, peer.public_key))
server = schemas.WGServer(interface=peer.server_id)
if script.wireguard.is_running(server):
script.wireguard.remove_peer(server, peer)
return peer
def add_peer(
peer_add: schemas.WGPeerConfigAdd,
sess: Session = Depends(middleware.get_db)
):
server = schemas.WGServer(interface=peer_add.server_interface).from_db(sess)
if server is None:
raise HTTPException(500, detail="The server-interface '%s' does not exist!" % peer_add.server_interface)
peer = schemas.WGPeer(server_id=server.id)
if server.v6_address:
peer.v6_address = generate_ip_address(server, v6=True)
peer.address = generate_ip_address(server, v6=False)
# Private public key generation
keys = script.wireguard.generate_keys()
peer.private_key = keys["private_key"]
peer.public_key = keys["public_key"]
# Set 0.0.0.0/0, ::/0 as default allowed ips
peer.allowed_ips = ', '.join(const.PEER_DEFAULT_ALLOWED_IPS)
# Set unnamed
peer.name = "Unnamed" if not peer_add.name else peer_add.name
peer.dns = server.dns
peer.configuration = script.wireguard.generate_config(dict(
peer=peer,
server=server
))
db_peer = models.WGPeer(**peer.dict())
sess.add(db_peer)
sess.commit()
# If server is running. Add peer
if script.wireguard.is_running(server):
script.wireguard.add_peer(server, peer)
# Update server configuration
db.wireguard.server_update_configuration(sess, db_peer.server_id)
return schemas.WGPeer.from_orm(db_peer)