* Added migrations, needs testing

* Shared-keys are now per-peer basis and not global. They also reflect on the server config...
5 years ago · a56509ab66
21 changed files with 132 additions and 41 deletions
--- a/docker/push.sh
+++ b/docker/push.sh
@ -0,0 +1,5 @@
 #!/usr/bin/env bash
 docker login
 docker build -t perara/wg-manager .
 docker push perara/wg-manager
--- a/wg_dashboard_backend/database.py
+++ b/wg_dashboard_backend/database.py
@ -11,3 +11,12 @@ engine = sqlalchemy.create_engine(
 SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
 Base = declarative_base()
 from const import DATABASE_URL
 from migrate import DatabaseAlreadyControlledError
 from migrate.versioning.shell import main
 try:
    main(["version_control", DATABASE_URL, "migrations"])
 except DatabaseAlreadyControlledError:
    pass
 main(["upgrade", DATABASE_URL, "migrations"])
--- a/wg_dashboard_backend/db/wireguard.py
+++ b/wg_dashboard_backend/db/wireguard.py
@ -22,6 +22,10 @@ def start_client(sess: Session, peer: schemas.WGPeer):
    output = subprocess.check_output(const.CMD_WG_QUICK + ["up", client_file], stderr=subprocess.STDOUT)
 def get_server_by_id(sess: Session, server_id):
    return sess.query(models.WGServer).filter_by(id=server_id).one()
 def peer_query_get_by_address(sess: Session, address: str, server: str):
    return sess.query(models.WGPeer) \
        .filter(models.WGPeer.address == address) \
--- a/wg_dashboard_backend/migrations/init.py
+++ b/wg_dashboard_backend/migrations/init.py
--- a/wg_dashboard_backend/migrations/versions/001_add_dns_column.py
+++ b/wg_dashboard_backend/migrations/versions/001_add_dns_column.py
@ -0,0 +1,17 @@
 from sqlalchemy import Table, MetaData, String, Column, Text
 def upgrade(migrate_engine):
    try:
        meta = MetaData(bind=migrate_engine)
        account = Table('peer', meta, autoload=True)
        dns = Column('dns', Text)
        dns.create(account)
    except:
        pass
 def downgrade(migrate_engine):
    meta = MetaData(bind=migrate_engine)
    dns = Table('peer', meta, autoload=True)
    dns.c.email.drop()
--- a/wg_dashboard_backend/migrations/versions/002_remove_server_shared_key.py
+++ b/wg_dashboard_backend/migrations/versions/002_remove_server_shared_key.py
@ -0,0 +1,16 @@
 from sqlalchemy import *
 from migrate import *
 def upgrade(migrate_engine):
    meta = MetaData(bind=migrate_engine)
    server = Table('server', meta, autoload=True)
    server.c.shared_key.drop()
 def downgrade(migrate_engine):
    meta = MetaData(bind=migrate_engine)
    account = Table('server', meta, autoload=True)
    shared_key = Column('shared_key', Text)
    shared_key.create(account)
--- a/wg_dashboard_backend/migrations/versions/003_create_client_shared_key.py
+++ b/wg_dashboard_backend/migrations/versions/003_create_client_shared_key.py
@ -0,0 +1,19 @@
 from sqlalchemy import *
 from migrate import *
 def upgrade(migrate_engine):
    try:
        meta = MetaData(bind=migrate_engine)
        peer = Table('peer', meta, autoload=True)
        shared_key = Column('shared_key', Text)
        shared_key.create(peer)
    except:
        pass
 def downgrade(migrate_engine):
    meta = MetaData(bind=migrate_engine)
    dns = Table('peer', meta, autoload=True)
    dns.c.shared_key.drop()
--- a/wg_dashboard_backend/migrations/versions/init.py
+++ b/wg_dashboard_backend/migrations/versions/init.py
--- a/wg_dashboard_backend/models.py
+++ b/wg_dashboard_backend/models.py
@ -1,7 +1,7 @@
 import sqlalchemy
 from sqlalchemy import Integer, Column
 from sqlalchemy.orm import relationship, backref
 from database import Base
@ -25,7 +25,6 @@ class WGServer(Base):
    listen_port = Column(sqlalchemy.String, unique=True)
    private_key = Column(sqlalchemy.String)
    public_key = Column(sqlalchemy.String)
    shared_key = Column(sqlalchemy.String)
    endpoint = Column(sqlalchemy.String)
    dns = Column(sqlalchemy.String)
@ -45,11 +44,10 @@ class WGPeer(Base):
    address = Column(sqlalchemy.String)
    public_key = Column(sqlalchemy.String)
    private_key = Column(sqlalchemy.String)
-    dns = Column(sqlalchemy.String)
+    shared_key = Column(sqlalchemy.Text)
    dns = Column(sqlalchemy.Text)
    allowed_ips = Column(sqlalchemy.String)
    server_id = Column(Integer, sqlalchemy.ForeignKey('server.id', ondelete="CASCADE", onupdate="CASCADE"))
    server = relationship("WGServer", backref=backref("server"))
    configuration = Column(sqlalchemy.Text)
--- a/wg_dashboard_backend/requirements.txt
+++ b/wg_dashboard_backend/requirements.txt
@ -10,4 +10,5 @@ bcrypt
 python-multipart
 jinja2
 sqlalchemy_utils
 sqlalchemy-migrate
 requests
--- a/wg_dashboard_backend/routers/v1/peer.py
+++ b/wg_dashboard_backend/routers/v1/peer.py
@ -87,22 +87,32 @@ def delete_peer(
    return peer
-@router.post("/edit", response_model=schemas.WGPeer)
+@router.post("/edit")
 def edit_peer(
        peer: schemas.WGPeer,
        sess: Session = Depends(middleware.get_db)
 ):
-    server = schemas.WGServer(interface="")\
+    # Retrieve server from db
-            .from_orm(sess.query(models.WGServer).filter_by(id=peer.server_id).one())
+    server: models.WGServer = db.wireguard.get_server_by_id(sess, peer.server_id)
    # Generate peer configuration
    peer.configuration = script.wireguard.generate_config(dict(
        peer=peer,
        server=server
    ))
    # Update database record for Peer
    sess.query(models.WGPeer)\
        .filter_by(id=peer.id)\
        .update(peer.dict(exclude={"id"}))
    # Generate server configuration
    server.configuration = script.wireguard.generate_config(server)
    sess.add(server)
    sess.commit()
-    return peer
+    return dict(
        peer=peer,
        server_configuration=server.configuration
    )
--- a/wg_dashboard_backend/schemas.py
+++ b/wg_dashboard_backend/schemas.py
@ -116,6 +116,7 @@ class WGPeer(GenericModel):
    address: str = None
    private_key: str = None
    public_key: str = None
    shared_key: str = None
    server_id: str
    dns: str = None
    allowed_ips: str = None
@ -148,7 +149,6 @@ class WGServer(GenericModel):
    endpoint: str = None
    private_key: str = None
    public_key: str = None
    shared_key: str = None
    is_running: bool = None
    configuration: str = None
    post_up: str = None
--- a/wg_dashboard_backend/script/wireguard.py
+++ b/wg_dashboard_backend/script/wireguard.py
@ -5,6 +5,7 @@ import tempfile
 import typing
 import const
 import models
 import schemas
 import os
 import re
@ -195,7 +196,7 @@ def move_server_dir(interface, interface1):
 def generate_config(obj: typing.Union[typing.Dict[schemas.WGPeer, schemas.WGServer], schemas.WGServer]):
    if isinstance(obj, dict) and "server" in obj and "peer" in obj:
        template = "peer.j2"
-    elif isinstance(obj, schemas.WGServer):
+    elif isinstance(obj, schemas.WGServer) or isinstance(obj, models.WGServer):
        template = "server.j2"
    else:
        raise ValueError("Incorrect input type. Should be WGPeer or WGServer")
--- a/wg_dashboard_backend/templates/peer.j2
+++ b/wg_dashboard_backend/templates/peer.j2
@ -7,6 +7,6 @@ DNS = {{ data.peer.dns }}
 PublicKey = {{ data.server.public_key }}
 AllowedIPs = {{ data.peer.allowed_ips }}
 Endpoint = {{ data.server.endpoint }}:{{ data.server.listen_port }}
-{% if data.server.shared_key %}
+{% if data.peer.shared_key %}
-PresharedKey = {{ data.server.shared_key }}
+PresharedKey = {{ data.peer.shared_key }}
 {% endif %}
--- a/wg_dashboard_backend/templates/server.j2
+++ b/wg_dashboard_backend/templates/server.j2
@ -10,8 +10,8 @@ PostDown = {{ data.post_down }}
 [Peer]
 # Client Name: {{ peer.name }}
 PublicKey = {{ peer.public_key }}
-{%- if peer.preshared_key -%}
+{%- if peer.shared_key %}
-PresharedKey = {{ peer.preshared_key }}
+PresharedKey = {{ peer.shared_key }}
-{% endif %}
+{%- endif %}
 AllowedIPs = {{ peer.address }}
 {% endfor %}
--- a/wg_dashboard_frontend/src/app/interfaces/peer.ts
+++ b/wg_dashboard_frontend/src/app/interfaces/peer.ts
@ -3,6 +3,7 @@ export interface Peer {
  address: string;
  public_key: string;
  private_key: string;
  shared_key: string;
  dns: string;
  allowed_ips: string;
  name: string;
--- a/wg_dashboard_frontend/src/app/page/dashboard/add-server/add-server.component.html
+++ b/wg_dashboard_frontend/src/app/page/dashboard/add-server/add-server.component.html
@ -74,22 +74,12 @@
        </mat-form-field>
      </p>
      <p>
        <mat-form-field class="add-server-full-width">
          <mat-label>Shared-Key</mat-label>
          <input formControlName="shared_key" matInput>
        </mat-form-field>
      </p>
      <div class="button-row">
        <button type="button" [disabled]="!isEdit" (click)="getKeyPair()" mat-raised-button color="primary">
          <i class="material-icons">vpn_key</i>
          Generate KeyPair
        </button>
-        <button type="button" [disabled]="!isEdit" (click)="getPSK()" mat-raised-button color="primary">
+
          <i class="material-icons">share</i>
          Generate PSK
        </button>
      </div>
      <p><b>Scripts</b></p>
--- a/wg_dashboard_frontend/src/app/page/dashboard/add-server/add-server.component.ts
+++ b/wg_dashboard_frontend/src/app/page/dashboard/add-server/add-server.component.ts
@ -47,7 +47,6 @@ export class AddServerComponent implements OnInit {
      dns: new FormControl(''),
      private_key: new FormControl('' ),
      public_key: new FormControl('' ),
      shared_key: new FormControl('' ),
      post_up: new FormControl(''),
      post_down: new FormControl(''),
@ -216,13 +215,7 @@ export class AddServerComponent implements OnInit {
    });
  }
-  getPSK() {
+
    this.serverAPI.getPSK().subscribe((psk: any) => {
      this.serverForm.patchValue({
        shared_key: psk.psk,
      });
    });
  }
  resetForm() {
    this.isEdit = false;
--- a/wg_dashboard_frontend/src/app/page/dashboard/peer/peer.component.html
+++ b/wg_dashboard_frontend/src/app/page/dashboard/peer/peer.component.html
@ -56,6 +56,29 @@
        </mat-form-field>
      </p>
      <table class="full-width" cellspacing="0"><tr>
        <td width="80%">
          <mat-form-field class="full-width">
            <mat-label>PreShared-Key</mat-label>
            <input [disabled]="!peer._edit" name="shared_key" [(ngModel)]="peer.shared_key" matInput>
          </mat-form-field>
        </td>
        <td>
          <button type="button" [disabled]="!peer._edit" (click)="getPSK()" mat-raised-button color="primary">
            <i class="material-icons">share</i>
            Generate PSK
          </button>
        </td>
      </tr></table>
      <p>
      </p>
      <button
        [hidden]="!peer._edit"
        [disabled]="!peerForm.valid"
--- a/wg_dashboard_frontend/src/app/page/dashboard/peer/peer.component.ts
+++ b/wg_dashboard_frontend/src/app/page/dashboard/peer/peer.component.ts
@ -41,9 +41,10 @@ export class PeerComponent implements OnInit {
      // Submit the edit (True -> False)
      const idx = this.server.peers.indexOf(this.peer);
-      this.serverAPI.editPeer(this.peer).subscribe((newPeer) => {
+      this.serverAPI.editPeer(this.peer).subscribe((data) => {
-        Object.keys(newPeer).forEach(k => {
+        this.server.configuration = data.server_configuration;
-          this.server.peers[idx][k] = newPeer[k];
+        Object.keys(data.peer).forEach(k => {
          this.server.peers[idx][k] = data.peer[k];
        });
      });
@ -65,7 +66,10 @@ export class PeerComponent implements OnInit {
    });
  }
-
+  getPSK() {
-
+    this.serverAPI.getPSK().subscribe((psk: any) => {
      this.peer.shared_key = psk.psk;
    });
  }
 }
--- a/wg_dashboard_frontend/src/app/services/server.service.ts
+++ b/wg_dashboard_frontend/src/app/services/server.service.ts
@ -35,7 +35,7 @@ export class ServerService {
    return this.http.post(this.peerURL + '/add', server_interface);
  }
-  public editPeer(peer: Peer): Subscribable<Peer> {
+  public editPeer(peer: Peer): Subscribable<{ peer: Peer, server_configuration: string }> {
    return this.http.post(this.peerURL + '/edit', peer);
  }