mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Development

Browse source
This commit is contained in:
Matthew Grotke 2026-06-07 00:21:08 -04:00
parent 563d82daf3
commit 70ccfe2c29
48 changed files with 549 additions and 578 deletions
Download patch file Download diff file Expand all files Collapse all files

60
docker/routlin-dash/app/pages/vpn/action.py
View file

@ -5,8 +5,8 @@ import ipaddress
import re
from flask import Blueprint, make_response, redirect, flash, request
from auth import require_level
from config_utils import load_config, record_group, diff_fields, verify_config_hash, CONFIGS_DIR, WEB_APP_DISPLAY_NAME
import auth
import config_utils
import sanitize
import mod_validation as validate
@ -53,7 +53,7 @@ def _row_index():
def _hash_ok():
if not verify_config_hash(request.form.get('config_hash', '')):
if not config_utils.verify_config_hash(request.form.get('config_hash', '')):
flash('Configuration was modified by another session. Please refresh and try again.', 'error')
return False
return True
@ -72,7 +72,7 @@ def _generate_wg_keypair():
def _server_pubkey(iface):
try:
with open(f'{CONFIGS_DIR}/.{iface}.pub') as f:
with open(f'{config_utils.CONFIGS_DIR}/.{iface}.pub') as f:
return f.read().strip()
except OSError:
return None
@ -101,7 +101,7 @@ def _build_client_conf(vlan, peer_name, peer_ip, private_key, server_pubkey):
allowed_ips = f'{subnet}/{prefix}' if split_tunnel else '0.0.0.0/0'
lines = [
f'# Generated by {WEB_APP_DISPLAY_NAME}', '',
f'# Generated by {config_utils.WEB_APP_DISPLAY_NAME}', '',
'[Interface]',
f'PrivateKey = {private_key}',
f'Address = {peer_ip}/{prefix}',
@ -117,7 +117,7 @@ def _build_client_conf(vlan, peer_name, peer_ip, private_key, server_pubkey):
def _conf_response(vlan, peer_name, peer_ip, private_key):
cfg = load_config()
cfg = config_utils.load_config()
iface = _wg_iface(vlan, cfg)
server_pub = _server_pubkey(iface)
if not server_pub:
@ -133,7 +133,7 @@ def _conf_response(vlan, peer_name, peer_ip, private_key):
@bp.route('/action/vpn/wireguard_apply', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def wireguard_apply():
listen_port_raw = request.form.get('vpn_listen_port', '').strip()
server_endpoint = validate.domainname(request.form.get('vpn_server_endpoint', ''))
@ -166,7 +166,7 @@ def wireguard_apply():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vpn_vlan = _wg_vlan(cfg)
if vpn_vlan is None:
flash('No WireGuard VLAN found in configuration.', 'error')
@ -201,13 +201,13 @@ def wireguard_apply():
return redirect(f'/{_PAGE}')
vlan_name = vpn_vlan['name']
changes = diff_fields(before_info, info)
flash(record_group(cfg, f'vlans[name={vlan_name}].vpn_information', None, None, changes, 'core apply'), 'success')
changes = config_utils.diff_fields(before_info, info)
flash(config_utils.record_group(cfg, f'vlans[name={vlan_name}].vpn_information', None, None, changes, 'core apply'), 'success')
return redirect(f'/{_PAGE}')
@bp.route('/action/vpn/addpeer_add', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def addpeer_add():
peer_name = sanitize.name(request.form.get('peer_name', ''))
peer_vlan_nm = request.form.get('peer_vlan', '').strip()
@ -228,7 +228,7 @@ def addpeer_add():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vpn_vlan = _wg_vlan_by_name(cfg, peer_vlan_nm)
if vpn_vlan is None:
flash(f'VPN VLAN "{peer_vlan_nm}" not found.', 'error')
@ -269,13 +269,13 @@ def addpeer_add():
flash(msg, 'error')
return redirect(f'/{_PAGE}')
changes = diff_fields(None, entry)
record_group(cfg, f'vlans[name={peer_vlan_nm}].peers', 'name', peer_name, changes, 'core apply')
changes = config_utils.diff_fields(None, entry)
config_utils.record_group(cfg, f'vlans[name={peer_vlan_nm}].peers', 'name', peer_name, changes, 'core apply')
return _conf_response(vpn_vlan, peer_name, peer_ip, private_key)
@bp.route('/action/vpn/peers_edit', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def peers_edit():
flat_idx = _row_index()
if flat_idx is None:
@ -292,7 +292,7 @@ def peers_edit():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vlan, peer_idx = _find_peer_by_flat_idx(cfg, flat_idx)
if vlan is None:
flash('Peer not found.', 'error')
@ -313,13 +313,13 @@ def peers_edit():
return redirect(f'/{_PAGE}')
vlan_name = vlan['name']
changes = diff_fields(before, {'name': peer_name, 'split_tunnel': split_tunnel, 'enabled': enabled})
flash(record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer_name, changes, 'core apply'), 'success')
changes = config_utils.diff_fields(before, {'name': peer_name, 'split_tunnel': split_tunnel, 'enabled': enabled})
flash(config_utils.record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer_name, changes, 'core apply'), 'success')
return redirect(f'/{_PAGE}')
@bp.route('/action/vpn/peers_toggle', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def peers_toggle():
flat_idx = _row_index()
if flat_idx is None:
@ -328,7 +328,7 @@ def peers_toggle():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vlan, peer_idx = _find_peer_by_flat_idx(cfg, flat_idx)
if vlan is None:
flash('Peer not found.', 'error')
@ -346,13 +346,13 @@ def peers_toggle():
peer_name = peers[peer_idx]['name']
vlan_name = vlan['name']
changes = diff_fields(before, peers[peer_idx])
flash(record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer_name, changes, 'core apply'), 'success')
changes = config_utils.diff_fields(before, peers[peer_idx])
flash(config_utils.record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer_name, changes, 'core apply'), 'success')
return redirect(f'/{_PAGE}')
@bp.route('/action/vpn/peers_delete', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def peers_delete():
flat_idx = _row_index()
if flat_idx is None:
@ -361,7 +361,7 @@ def peers_delete():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vlan, peer_idx = _find_peer_by_flat_idx(cfg, flat_idx)
if vlan is None:
flash('Peer not found.', 'error')
@ -376,13 +376,13 @@ def peers_delete():
return redirect(f'/{_PAGE}')
vlan_name = vlan['name']
changes = diff_fields(removed, None)
flash(record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', removed['name'], changes, 'core apply'), 'success')
changes = config_utils.diff_fields(removed, None)
flash(config_utils.record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', removed['name'], changes, 'core apply'), 'success')
return redirect(f'/{_PAGE}')
@bp.route('/action/vpn/peers_regenerate', methods=['POST'])
@require_level('administrator')
@auth.require_level('administrator')
def peers_regenerate():
flat_idx = _row_index()
if flat_idx is None:
@ -391,7 +391,7 @@ def peers_regenerate():
if not _hash_ok():
return redirect(f'/{_PAGE}')
cfg = load_config()
cfg = config_utils.load_config()
vlan, peer_idx = _find_peer_by_flat_idx(cfg, flat_idx)
if vlan is None:
flash('Peer not found.', 'error')
@ -408,6 +408,6 @@ def peers_regenerate():
return redirect(f'/{_PAGE}')
vlan_name = vlan['name']
changes = diff_fields({'public_key': old_pub_key}, {'public_key': public_key})
record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer['name'], changes, 'core apply')
changes = config_utils.diff_fields({'public_key': old_pub_key}, {'public_key': public_key})
config_utils.record_group(cfg, f'vlans[name={vlan_name}].peers', 'name', peer['name'], changes, 'core apply')
return _conf_response(vlan, peer['name'], peer['ip'], private_key)