wireguard

package
v1.0.19 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 26, 2023 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DeactivatedReasonExpired     = "expired"
	DeactivatedReasonUserEdit    = "user edit action"
	DeactivatedReasonUserCreate  = "user create action"
	DeactivatedReasonAdminEdit   = "admin edit action"
	DeactivatedReasonAdminCreate = "admin create action"
	DeactivatedReasonApiEdit     = "api edit action"
	DeactivatedReasonApiCreate   = "api create action"
	DeactivatedReasonLdapMissing = "missing in ldap"
	DeactivatedReasonUserMissing = "missing user"
)
View Source 
const DefaultMTU = 1420

Variables

View Source 
var Templates embed.FS

Functions

This section is empty.

Types

type Config 

type Config struct {
	DeviceNames         []string `yaml:"devices" envconfig:"WG_DEVICES"`                // managed devices
	DefaultDeviceName   string   `yaml:"defaultDevice" envconfig:"WG_DEFAULT_DEVICE"`   // this device is used for auto-created peers, use GetDefaultDeviceName() to access this field
	ConfigDirectoryPath string   `yaml:"configDirectory" envconfig:"WG_CONFIG_PATH"`    // optional, if set, updates will be written to this path, filename: <devicename>.conf
	ManageIPAddresses   bool     `yaml:"manageIPAddresses" envconfig:"MANAGE_IPS"`      // handle ip-address setup of interface
	UserManagePeers     bool     `yaml:"userManagePeers" envconfig:"USER_MANAGE_PEERS"` // user can manage own peers
}

func (Config) GetDefaultDeviceName added in v1.0.4 

func (c Config) GetDefaultDeviceName() string

type Device added in v1.0.4 

type Device struct {
	Interface *wgtypes.Device `gorm:"-" json:"-"`
	Peers     []Peer          `gorm:"foreignKey:DeviceName" binding:"-" json:"-"` // linked WireGuard peers

	Type        DeviceType `form:"devicetype" binding:"required,oneof=client server"`
	DeviceName  string     `form:"device" gorm:"primaryKey" binding:"required" validator:"regexp=[0-9a-zA-Z\\-]+"`
	DisplayName string     `form:"displayname" binding:"omitempty,max=200"`

	// Core WireGuard Settings (Interface section)
	PrivateKey   string `form:"privkey" binding:"required,base64"`
	ListenPort   int    `form:"port" binding:"required_if=Type server,omitempty,gt=0,lt=65535"`
	FirewallMark int32  `form:"firewallmark" binding:"gte=0"`
	// Misc. WireGuard Settings
	PublicKey    string `form:"pubkey" binding:"required,base64"`
	Mtu          int    `form:"mtu" binding:"gte=0,lte=1500"`   // the interface MTU, wg-quick addition
	IPsStr       string `form:"ip" binding:"required,cidrlist"` // comma separated list of the IPs of the client, wg-quick addition
	DNSStr       string `form:"dns" binding:"dnsList"`          // comma separated list of the DNS servers of the client, wg-quick addition
	RoutingTable string `form:"routingtable"`                   // the routing table, wg-quick addition
	PreUp        string `form:"preup"`                          // pre up script, wg-quick addition
	PostUp       string `form:"postup"`                         // post up script, wg-quick addition
	PreDown      string `form:"predown"`                        // pre down script, wg-quick addition
	PostDown     string `form:"postdown"`                       // post down script, wg-quick addition
	SaveConfig   bool   `form:"saveconfig"`                     // if set to `true', the configuration is saved from the current state of the interface upon shutdown, wg-quick addition

	// Settings that are applied to all peer by default
	DefaultEndpoint            string `form:"endpoint" binding:"required_if=Type server,omitempty,hostname_port"`
	DefaultAllowedIPsStr       string `form:"allowedip" binding:"cidrlist"` // comma separated list  of IPs that are used in the client config file
	DefaultPersistentKeepalive int    `form:"keepalive" binding:"gte=0"`

	CreatedAt time.Time
	UpdatedAt time.Time
}

func (Device) GetConfig added in v1.0.4 

func (d Device) GetConfig() wgtypes.Config

func (Device) GetConfigFile added in v1.0.4 

func (d Device) GetConfigFile(peers []Peer, friendlyNames bool) ([]byte, error)

func (Device) GetDNSServers added in v1.0.5 

func (d Device) GetDNSServers() []string

func (Device) GetDefaultAllowedIPs added in v1.0.5 

func (d Device) GetDefaultAllowedIPs() []string

func (Device) GetIPAddresses added in v1.0.5 

func (d Device) GetIPAddresses() []string

func (Device) IsValid added in v1.0.4 

func (d Device) IsValid() bool

func (*Device) SetDNSServers added in v1.0.5 

func (d *Device) SetDNSServers(addresses ...string)

func (*Device) SetDefaultAllowedIPs added in v1.0.5 

func (d *Device) SetDefaultAllowedIPs(addresses ...string)

func (*Device) SetIPAddresses added in v1.0.5 

func (d *Device) SetIPAddresses(addresses ...string)

type DeviceType added in v1.0.5 

type DeviceType string
const (
	DeviceTypeServer DeviceType = "server"
	DeviceTypeClient DeviceType = "client"
)

type Manager 

type Manager struct {
	Cfg *Config
	// contains filtered or unexported fields
}

Manager offers a synchronized management interface to the real WireGuard interface.

func (*Manager) AddPeer 

func (m *Manager) AddPeer(device string, cfg wgtypes.PeerConfig) error

func (*Manager) GetDeviceInfo 

func (m *Manager) GetDeviceInfo(device string) (*wgtypes.Device, error)

func (*Manager) GetIPAddress added in v1.0.2 

func (m *Manager) GetIPAddress(device string) ([]string, error)

func (*Manager) GetMTU added in v1.0.2 

func (m *Manager) GetMTU(device string) (int, error)

func (*Manager) GetPeer 

func (m *Manager) GetPeer(device string, pubKey string) (*wgtypes.Peer, error)

func (*Manager) GetPeerList 

func (m *Manager) GetPeerList(device string) ([]wgtypes.Peer, error)

func (*Manager) Init 

func (m *Manager) Init() error

func (*Manager) RemovePeer 

func (m *Manager) RemovePeer(device string, pubKey string) error

func (*Manager) SetIPAddress added in v1.0.2 

func (m *Manager) SetIPAddress(device string, cidrs []string) error

func (*Manager) SetMTU added in v1.0.2 

func (m *Manager) SetMTU(device string, mtu int) error

func (*Manager) UpdateDevice 

func (m *Manager) UpdateDevice(device string, cfg wgtypes.Config) error

func (*Manager) UpdatePeer 

func (m *Manager) UpdatePeer(device string, cfg wgtypes.PeerConfig) error

type Peer added in v1.0.4 

type Peer struct {
	Peer   *wgtypes.Peer `gorm:"-" json:"-"` // WireGuard peer
	Config string        `gorm:"-" json:"-"`

	UID                  string     `form:"uid" binding:"required,alphanum"`                            // uid for html identification
	DeviceName           string     `gorm:"index" form:"device" binding:"required"`                     // server interface name
	DeviceType           DeviceType `gorm:"-" form:"devicetype" binding:"required,oneof=client server"` // the device type of the server (not the peer device)
	Identifier           string     `form:"identifier" binding:"required,max=64"`                       // Identifier AND Email make a WireGuard peer unique
	Email                string     `gorm:"index" form:"mail" binding:"required,email"`
	IgnoreGlobalSettings bool       `form:"ignoreglobalsettings"`

	IsOnline          bool   `gorm:"-" json:"-"`
	IsNew             bool   `gorm:"-" json:"-"`
	LastHandshake     string `gorm:"-" json:"-"`
	LastHandshakeTime string `gorm:"-" json:"-"`

	// Core WireGuard Settings
	PublicKey           string `gorm:"primaryKey" form:"pubkey" binding:"required,base64"` // the public key of the peer itself
	PresharedKey        string `form:"presharedkey" binding:"omitempty,base64"`
	AllowedIPsStr       string `form:"allowedip" binding:"cidrlist"`    // a comma separated list of IPs that are used in the client config file
	AllowedIPsSrvStr    string `form:"allowedipSrv" binding:"cidrlist"` // a comma separated list of IPs that are used in the server config file
	Endpoint            string `form:"endpoint" binding:"omitempty,hostname_port"`
	PersistentKeepalive int    `form:"keepalive" binding:"gte=0"`

	// Misc. WireGuard Settings
	PrivateKey string `form:"privkey" binding:"omitempty,base64"`
	IPsStr     string `form:"ip" binding:"cidrlist,required_if=DeviceType server"` // a comma separated list of IPs of the client
	DNSStr     string `form:"dns" binding:"dnsList"`                               // comma separated list of the DNS servers for the client
	// Global Device Settings (can be ignored, only make sense if device is in server mode)
	Mtu int `form:"mtu" binding:"gte=0,lte=1500"`

	DeactivatedAt     *time.Time `json:",omitempty"`
	DeactivatedReason string     `json:",omitempty"`

	ExpiresAt *time.Time `json:",omitempty" form:"expires_at" binding:"omitempty" time_format:"2006-01-02"`

	CreatedBy string
	UpdatedBy string
	CreatedAt time.Time
	UpdatedAt time.Time
}

func (Peer) GetAllowedIPs added in v1.0.5 

func (p Peer) GetAllowedIPs() []string

func (Peer) GetAllowedIPsSrv added in v1.0.9 

func (p Peer) GetAllowedIPsSrv() []string

func (Peer) GetConfig added in v1.0.4 

func (p Peer) GetConfig(dev *Device) wgtypes.PeerConfig

func (Peer) GetConfigFile added in v1.0.4 

func (p Peer) GetConfigFile(device Device) ([]byte, error)

func (Peer) GetConfigFileName added in v1.0.4 

func (p Peer) GetConfigFileName() string

func (Peer) GetDNSServers added in v1.0.5 

func (p Peer) GetDNSServers() []string

func (Peer) GetIPAddresses added in v1.0.5 

func (p Peer) GetIPAddresses() []string

func (Peer) GetQRCode added in v1.0.4 

func (p Peer) GetQRCode() ([]byte, error)

func (Peer) IsDeactivated added in v1.0.16 

func (p Peer) IsDeactivated() bool

func (Peer) IsExpired added in v1.0.16 

func (p Peer) IsExpired() bool

func (Peer) IsValid added in v1.0.4 

func (p Peer) IsValid() bool

func (*Peer) SetAllowedIPs added in v1.0.5 

func (p *Peer) SetAllowedIPs(addresses ...string)

func (*Peer) SetDNSServers added in v1.0.5 

func (p *Peer) SetDNSServers(addresses ...string)

func (*Peer) SetIPAddresses added in v1.0.5 

func (p *Peer) SetIPAddresses(addresses ...string)

func (Peer) WillExpire added in v1.0.16 

func (p Peer) WillExpire() bool

type PeerManager added in v1.0.4 

type PeerManager struct {
	// contains filtered or unexported fields
}

func NewPeerManager added in v1.0.4 

func NewPeerManager(db *gorm.DB, wg *Manager) (*PeerManager, error)

func (*PeerManager) CreatePeer added in v1.0.4 

func (m *PeerManager) CreatePeer(peer Peer) error

func (*PeerManager) DeletePeer added in v1.0.4 

func (m *PeerManager) DeletePeer(peer Peer) error

func (*PeerManager) GetActivePeers added in v1.0.4 

func (m *PeerManager) GetActivePeers(device string) []Peer

func (*PeerManager) GetAllPeers added in v1.0.4 

func (m *PeerManager) GetAllPeers(device string) []Peer

func (*PeerManager) GetAllReservedIps added in v1.0.4 

func (m *PeerManager) GetAllReservedIps(device string) ([]string, error)

func (*PeerManager) GetAvailableIp added in v1.0.4 

func (m *PeerManager) GetAvailableIp(device string, cidr string) (string, error)

GetAvailableIp search for an available ip in cidr against a list of reserved ips

func (*PeerManager) GetDevice added in v1.0.4 

func (m *PeerManager) GetDevice(device string) Device

func (*PeerManager) GetFilteredAndSortedPeers added in v1.0.4 

func (m *PeerManager) GetFilteredAndSortedPeers(device, sortKey, sortDirection, search string) []Peer

func (*PeerManager) GetPeerByKey added in v1.0.4 

func (m *PeerManager) GetPeerByKey(publicKey string) Peer

func (*PeerManager) GetPeersByMail added in v1.0.4 

func (m *PeerManager) GetPeersByMail(mail string) []Peer

func (*PeerManager) GetSortedPeersForEmail added in v1.0.4 

func (m *PeerManager) GetSortedPeersForEmail(sortKey, sortDirection, email string) []Peer

func (*PeerManager) IsIPReserved added in v1.0.4 

func (m *PeerManager) IsIPReserved(device string, cidr string) bool

func (*PeerManager) UpdateDevice added in v1.0.4 

func (m *PeerManager) UpdateDevice(device Device) error

func (*PeerManager) UpdatePeer added in v1.0.4 

func (m *PeerManager) UpdatePeer(peer Peer) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.