Adding whitelist control.
This commit is contained in:
parent
87299898fc
commit
2e21e6122f
|
|
@ -65,6 +65,7 @@ sub startup ($self) {
|
|||
$routes->post('/vpn/user/:id/download')->to('Main#download_file');
|
||||
$routes->post('/vpn/user/:id/enable')->to('Main#enable_user');
|
||||
$routes->post('/vpn/user/:id/disable')->to('Main#disable_user');
|
||||
# $routes->post('/vpn/save')->to('Main#save_vpn_settings');
|
||||
$routes->post('/whitelist/add')->to('Main#whitelist_add');
|
||||
$routes->post('/whitelist/:id/remove')->to('Main#whitelist_remove');
|
||||
}
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,11 @@ use Path::Tiny;
|
|||
sub main($self) {
|
||||
my $resultset = VPNManager::Schema->Schema->resultset('VPNUser');
|
||||
my @users = $resultset->search( {} );
|
||||
my $resultset_console = VPNManager::Schema->Schema->resultset('WhitelistConsole');
|
||||
my @whitelist_users = $resultset_console->search({});
|
||||
warn @whitelist_users;
|
||||
$self->stash( users => \@users );
|
||||
$self->stash( whitelist_users => \@whitelist_users );
|
||||
$self->render( template => 'main/index' );
|
||||
}
|
||||
|
||||
|
|
@ -162,34 +166,20 @@ sub disable_user($self) {
|
|||
return $self->redirect_to('/');
|
||||
}
|
||||
|
||||
#sub save_vpn_settings($self) {
|
||||
# my $out_dir = path(__FILE__)->parent->parent->parent->parent->child('out');
|
||||
# $out_dir->mkpath;
|
||||
# system 'chmod', '700', $out_dir;
|
||||
# my $config = $self->config;
|
||||
# my $vpn_config = <<"EOF";
|
||||
#[Interface]
|
||||
#Address = @{[$config->{vpn}{host}]}/@{[$config->{vpn}{submask}]}
|
||||
#MTU = @{[$config->{vpn}{mtu}]}
|
||||
#SaveConfig = false
|
||||
#ListenPort = @{[$config->{vpnclients}{server_port}]}
|
||||
#PrivateKey = @{[$config->{vpn}{privkey}]}
|
||||
#EOF
|
||||
# my $resultset = VPNManager::Schema->Schema->resultset('VPNUser');
|
||||
# my @users = $resultset->search( {} );
|
||||
#
|
||||
# for my $user (@users) {
|
||||
# next if !$user->is_enabled;
|
||||
#
|
||||
# $vpn_config .= <<"EOF";
|
||||
#
|
||||
#[Peer]
|
||||
#PublicKey = @{[$user->publickey]}
|
||||
#AllowedIPs = @{[$user->ip_to_text]}/32
|
||||
#Endpoint = @{[$config->{vpn}{endpoint}]}:@{[$config->{vpnclients}{server_port}]}
|
||||
#EOF
|
||||
# }
|
||||
# $out_dir->child('wg0.conf')->spew_raw($vpn_config);
|
||||
# return $self->redirect_to('/');
|
||||
#}
|
||||
1;
|
||||
sub whitelist_add($self) {
|
||||
my $resultset = VPNManager::Schema->Schema->resultset('WhitelistConsole');
|
||||
my $username = $self->param('username');
|
||||
eval {
|
||||
$resultset->populate([{username => $username}]);
|
||||
};
|
||||
if ($@) {
|
||||
warn $@;
|
||||
}
|
||||
return $self->redirect_to('/');
|
||||
}
|
||||
sub whitelist_remove($self) {
|
||||
my $resultset = VPNManager::Schema->Schema->resultset('WhitelistConsole');
|
||||
my $id = $self->param('id');
|
||||
$resultset->search({id => $id})->delete;
|
||||
return $self->redirect_to('/');
|
||||
}1;
|
||||
|
|
|
|||
|
|
@ -31,6 +31,10 @@ sub MIGRATIONS {
|
|||
'ALTER TABLE vpn_users rename column is_protected to is_protected_old;',
|
||||
'ALTER TABLE vpn_users add is_protected NOT NULL DEFAULT false;',
|
||||
'UPDATE vpn_users set is_protected = is_protected_old;',
|
||||
'CREATE TABLE whitelist_console (
|
||||
id INTEGER PRIMARY KEY,
|
||||
username TEXT NOT NULL UNIQUE
|
||||
);',
|
||||
);
|
||||
}
|
||||
1;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env perl
|
||||
use v5.38.2;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use Moo;
|
||||
use File::Basename qw/dirname/;
|
||||
use lib dirname(dirname(__FILE__)).'/lib';
|
||||
use VPNManager::Schema;
|
||||
use JSON::PP;
|
||||
|
||||
sub get_json($self) {
|
||||
require VPNManager;
|
||||
my $config = VPNManager->new->config;
|
||||
my $resultset = VPNManager::Schema->Schema->resultset('WhitelistConsole');
|
||||
my @users = map { $_->username } $resultset->search( {} );
|
||||
my $json = JSON::PP->new;
|
||||
$json->canonical([1]);
|
||||
$json->pretty([1]);
|
||||
print $json->encode([@users]);
|
||||
}
|
||||
__PACKAGE__->new->get_json;
|
||||
|
|
@ -13,7 +13,8 @@ if ($> != 0) {
|
|||
|
||||
while (1) {
|
||||
eval {
|
||||
install_if_new();
|
||||
# install_if_new_wireguard();
|
||||
install_if_new_whitelist();
|
||||
sleep 15;
|
||||
};
|
||||
if ($@) {
|
||||
|
|
@ -21,22 +22,30 @@ while (1) {
|
|||
}
|
||||
}
|
||||
|
||||
sub install_if_new {
|
||||
my $script_get_wg_config = abs_path(dirname(__FILE__).'/get_wg_config.pl');
|
||||
my $user = 'vpnmanager';
|
||||
open my $fh, '-|', 'sudo', '-i', '-u', $user, 'perl', $script_get_wg_config;
|
||||
sub install_from_script($script, $output_file) {
|
||||
my $script_abs = abs_path(dirname(__FILE__). '/'. $script);
|
||||
my $user = 'sergio';
|
||||
open my $fh, '-|', 'sudo', '-i', '-u', $user, 'perl', $script_abs;
|
||||
my $contents = join '', <$fh>;
|
||||
my $output_file = '/etc/wireguard/wg0.conf';
|
||||
my $output_exists;
|
||||
open $fh, '<', $output_file and ($output_exists = 1);
|
||||
my $contents_output_file = '';
|
||||
$contents_output_file = join '', <$fh> if $output_exists;
|
||||
if ($contents ne $contents_output_file) {
|
||||
say 'Writting new file';
|
||||
say "Writting new file for $script -> $output_file";;
|
||||
system 'mkdir', '-p', dirname($output_file);
|
||||
open $fh, '>', $output_file;
|
||||
print $fh $contents;
|
||||
system 'systemctl', 'restart', 'wg-quick@wg0';
|
||||
return;
|
||||
return 1;
|
||||
}
|
||||
say 'Files equal';
|
||||
say "Files equal for $script -> $output_file";;
|
||||
}
|
||||
|
||||
sub install_if_new_wireguard {
|
||||
system 'systemctl', 'restart', 'wg-quick@wg0' if install_from_script('get_wg_config.pl', '/etc/wireguard/wg5.conf');
|
||||
}
|
||||
|
||||
sub install_if_new_whitelist {
|
||||
install_from_script('get_whitelist_json.pl', '/etc/geyser-console/whitelist.json');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
<link rel="stylesheet" href="/style.css"/>
|
||||
</head>
|
||||
<body class="main">
|
||||
<h2>VPN Users</h2>
|
||||
<p><a href="/vpn/create-user">Create new vpn user</a>.</p>
|
||||
% if (defined $users && @$users) {
|
||||
<ul>
|
||||
|
|
@ -15,8 +16,25 @@
|
|||
% }
|
||||
% }
|
||||
</ul>
|
||||
<form action="/vpn/save" method="post">
|
||||
<input type="submit" value="Save VPN Settings"/>
|
||||
<h2>Console whitelist</h2>
|
||||
<h3>Add a user to the console whitelist</h3>
|
||||
<form action="/whitelist/add" method="post">
|
||||
<div>
|
||||
<label for="name">Name</label>
|
||||
<input name="username"/>
|
||||
</div>
|
||||
<input type="submit" value="Submit"/>
|
||||
</form>
|
||||
% my $whitelist_users = stash 'whitelist_users';
|
||||
% if (defined $whitelist_users && @$whitelist_users) {
|
||||
<h3>List of console users in whitelist</h3>
|
||||
<ul>
|
||||
% for my $user (@$whitelist_users) {
|
||||
<li><%=$user->username%> <form class="inline" method="post" action="/whitelist/<%=$user->id%>/remove">
|
||||
<input type="submit" value="Delete"/>
|
||||
</form></li>
|
||||
% }
|
||||
</ul>
|
||||
% }
|
||||
</body>
|
||||
</html>
|
||||
|
|
|
|||
Loading…
Reference in New Issue