import os from flask import Blueprint, request, redirect, flash from auth import require_level from config_utils import (load_core, save_core, verify_core_hash, queued_msg, flush_pending_to_queue, get_dashboard_pending, _is_locked, _format_timing, _seconds_until_next_run) import sanitize import validation as validate bp = Blueprint('action_general', __name__) _VIEW = '/view/view_general' _EXCLUDE_PREFIXES = ('lo', 'wg', 'docker', 'br-', 'veth', 'tun', 'tap', 'ppp', 'virbr', 'podman', 'vnet', 'macvtap', 'fc-') def _get_system_interfaces(): try: return { n for n in os.listdir('/sys/class/net') if not n.startswith(_EXCLUDE_PREFIXES) and os.path.exists(f'/sys/class/net/{n}/device') } except Exception: return set() @bp.route('/action/general_cardnetworkinterface_save', methods=['POST']) @require_level('administrator') def general_cardnetworkinterface_save(): wan = sanitize.interface_name(request.form.get('wan_interface', '')) lan = sanitize.interface_name(request.form.get('lan_interface', '')) if not wan or not lan: flash('Both WAN and LAN interfaces are required.', 'error') return redirect(_VIEW) if wan == lan: flash('WAN and LAN interfaces must be different.', 'error') return redirect(_VIEW) if not verify_core_hash(request.form.get('config_hash', '')): flash('Configuration was modified by another session. Please refresh and try again.', 'error') return redirect(_VIEW) available = _get_system_interfaces() for iface in (wan, lan): if available and iface not in available: flash(f"Interface '{iface}' does not exist on this system.", 'error') return redirect(_VIEW) core = load_core() gen = core.setdefault('general', {}) gen['wan_interface'] = wan gen['lan_interface'] = lan errors = validate.validate_config(core) if errors: for msg in errors: flash(msg, 'error') return redirect(_VIEW) save_core(core) flash(queued_msg('core apply'), 'success') return redirect(_VIEW) @bp.route('/action/general_cardupstreamdns_save', methods=['POST']) @require_level('administrator') def general_cardupstreamdns_save(): strict_order = 'strict_order' in request.form cache_size_raw = request.form.get('cache_size', '').strip() submitted = request.form.getlist('upstream_servers') for s in submitted: if not s.strip(): flash('Remove blank server entries before saving.', 'error') return redirect(_VIEW) upstream_servers = [] for s in submitted: clean = sanitize.ip(s.strip()) if not clean: flash(f"'{s.strip()}' is not a valid IP address.", 'error') return redirect(_VIEW) upstream_servers.append(clean) cache_size = validate.int_range(cache_size_raw, 0, None) if cache_size is None: flash('Cache Size must be a non-negative integer.', 'error') return redirect(_VIEW) if not verify_core_hash(request.form.get('config_hash', '')): flash('Configuration was modified by another session. Please refresh and try again.', 'error') return redirect(_VIEW) core = load_core() current = core.get('upstream_dns', {}) if (strict_order == bool(current.get('strict_order', False)) and cache_size == int(current.get('cache_size', 0)) and upstream_servers == current.get('upstream_servers', [])): flash('No changes detected.', 'info') return redirect(_VIEW) core.setdefault('upstream_dns', {}).update({ 'strict_order': strict_order, 'cache_size': cache_size, 'upstream_servers': upstream_servers, }) errors = validate.validate_config(core) if errors: for msg in errors: flash(msg, 'error') return redirect(_VIEW) save_core(core) flash(queued_msg('core apply'), 'success') return redirect(_VIEW) @bp.route('/action/general_cardlogging_save', methods=['POST']) @require_level('administrator') def general_cardlogging_save(): log_max_kb_raw = request.form.get('log_max_kb', '').strip() log_errors_only = 'log_errors_only' in request.form dnsmasq_log_queries = 'dnsmasq_log_queries' in request.form log_max_kb = validate.int_range(log_max_kb_raw, 64, None) if log_max_kb is None: flash('Max Log Size must be a number >= 64.', 'error') return redirect(_VIEW) if not verify_core_hash(request.form.get('config_hash', '')): flash('Configuration was modified by another session. Please refresh and try again.', 'error') return redirect(_VIEW) core = load_core() core.setdefault('general', {}).update({ 'log_max_kb': log_max_kb, 'log_errors_only': log_errors_only, 'dnsmasq_log_queries': dnsmasq_log_queries, }) errors = validate.validate_config(core) if errors: for msg in errors: flash(msg, 'error') return redirect(_VIEW) save_core(core) flash(queued_msg('core apply'), 'success') return redirect(_VIEW) @bp.route('/action/general_cardpendingchanges_save', methods=['POST']) @require_level('administrator') def general_cardpendingchanges_save(): if not verify_core_hash(request.form.get('config_hash', '')): flash('Configuration was modified by another session. Please refresh and try again.', 'error') return redirect(_VIEW) core = load_core() core.setdefault('general', {})['apply_on_save'] = 'apply_on_save' in request.form save_core(core) flash(queued_msg('core apply'), 'success') return redirect(_VIEW) @bp.route('/action/general_cardpendingchanges_applyselected', methods=['POST']) @require_level('administrator') def general_cardpendingchanges_applyselected(): items = get_dashboard_pending() if not items: flash('No pending changes to apply.', 'info') return redirect(_VIEW) flush_pending_to_queue() if _is_locked(): msg = 'Changes queued. They are being applied now.' else: timing = _format_timing(_seconds_until_next_run()) if timing: msg = f'Changes queued. They will be applied {timing}.' else: msg = 'Changes queued. The processing service is not running.' flash(msg, 'success') return redirect(_VIEW) @bp.route('/action/general_cardpendingchanges_deleteselected', methods=['POST']) @require_level('administrator') def general_cardpendingchanges_deleteselected(): flash('Not yet implemented.', 'info') return redirect(_VIEW)