wg-selfserve

Author	SHA1	Message	Date
Erik Thuning	c1538a8912	Moved qr code generation to server side in order to get more compatible codes	2025-03-28 15:44:59 +01:00
Erik Thuning	e5d1b9809e	Apparently wg-quick did handle the routes correctly after all?	2025-03-26 16:27:41 +01:00
Erik Thuning	580b10137f	Typo + oversight	2025-03-26 15:59:07 +01:00
Erik Thuning	184d914107	Implemented adding of routes for all clients on startup	2025-03-26 15:55:13 +01:00
Erik Thuning	670c88c7f3	Added display of expiration date to the user interface Also stopped ever displaying creation time and rearranged some CSS	2025-03-26 15:34:55 +01:00
Erik Thuning	ca3d536868	Added support for limited client validity A new /cron endpoint has been introduced, which triggers a cleanup routine. The cleanup routine loops over all existing clients and deletes all that are older than the value configured in config.ini. Periodically calling the cron endpoint is the responsibility of the server admin.	2025-03-26 13:30:53 +01:00
Erik Thuning	20107335d8	Simplified calls reading and writing json	2025-03-25 16:40:01 +01:00
Erik Thuning	3f0280d3ca	Removed obsolete import	2025-03-24 16:17:57 +01:00
Erik Thuning	09babb829a	FIX: case mismatch when comparing strings	2025-03-21 11:53:14 +01:00
Erik Thuning	5a14f225b4	Added documentation for setting up the service. Also made a small change to the python startup handling, ensuring that there is always a tunnel configuration file as soon as the service successfully starts for the first time.	2025-03-11 16:31:59 +01:00
Erik Thuning	5c783d95aa	Started logging client creation/deletion directly to syslog	2025-03-06 15:48:41 +01:00
Erik Thuning	ebc430407a	Added rudimentary logging Only logging creation and deletion of configs for the time being, log goes straight to stdout	2025-03-04 15:30:11 +01:00
Erik Thuning	c72d079342	Fixing a wireguard warning by setting restrictive access to the interface config file.	2025-03-04 14:06:24 +01:00
Erik Thuning	b6865f9635	Working around an issue with configparser insisting on a default section	2025-03-04 14:02:25 +01:00
Erik Thuning	ee83905291	Typo	2025-03-04 13:28:49 +01:00
Erik Thuning	edcabb3160	Configparser does some interpolations by default They interfere with wildcards passed to wireguard, so disabling it.	2025-03-04 13:27:09 +01:00
Erik Thuning	f0169b89bb	Accidentally committed some debug changes, reverting	2025-03-04 13:06:07 +01:00
Erik Thuning	dc051e9439	Implemented support for configurable client configuration fragments	2025-03-04 13:05:51 +01:00
Erik Thuning	49abf8ad21	Implemented handling of client limits, and some general tweaks - The create button is now disabled when reaching the client limit - The client list is now always sorted by case-insensitive config name - Focus moves to the form when opening a dialog - Fixed some inconsistent use of snake_case vs perlCase	2025-03-04 11:14:02 +01:00
Erik Thuning	c886a7b32c	Implemented support for limiting number of clients per user The setting is global for all users and optional.	2025-03-03 13:49:42 +01:00
Erik Thuning	a636f4f84a	Apparently shell=True caused problems instead of solving them	2025-02-27 15:35:44 +01:00
Erik Thuning	59ae5f96a5	Fixed a typo and hopefully prevented sudo issues with shell=True	2025-02-27 15:29:25 +01:00
Erik Thuning	116a480e41	Fixed a typo, added a comment regarding sudo safety and set commands.sh executable	2025-02-27 15:05:16 +01:00
Erik Thuning	bc44648c30	Setting routes and dealing more robustly with privileged operations - Created commands.sh, which is now responsible for all operations that require root permissions: addin/deleting routes and reloading wireguard - Added creation and deletion of routes when creating or deleting a client. This feels like a bug in wg-quick, considering that the routes are created/deleted as expected on start/stop. Reload informs wireguard of a peer's existence but fails to set routes. For now, this is a suitable workaround.	2025-02-27 14:59:21 +01:00
Erik Thuning	2a3e529111	Calling systemctl with fully qualified path	2025-02-25 16:55:39 +01:00
Erik Thuning	1a3d13e503	Started creating the ini data in a slightly more structured way	2025-02-25 16:25:16 +01:00
Erik Thuning	372f258b01	Revert "Trying to get the tunnel working" This reverts commit 1374533819719f76231303de4af0488569376d1a.	2025-02-25 15:22:55 +01:00
Erik Thuning	f13e78cc91	Revert "Still trying to get the tunnel going" This reverts commit 2bdb6e35c63dffbf3aede91ad40b796b74a1719a.	2025-02-25 15:22:45 +01:00
Erik Thuning	2bdb6e35c6	Still trying to get the tunnel going	2025-02-20 18:07:00 +01:00
Erik Thuning	1374533819	Trying to get the tunnel working	2025-02-20 17:56:40 +01:00
Erik Thuning	432fe8955b	Using the wireguard service instead of direct wg call for reload	2025-02-20 16:11:54 +01:00
Erik Thuning	48fc34d315	Added optional support for extra server settings to be included in the server config	2025-02-20 16:04:11 +01:00
Erik Thuning	b1ff300fc8	Expanded locking to the entire config creation function This to eliminate certain race conditions. Also initial attempt at dealing with the wireguard interface.	2025-02-19 21:11:41 +01:00
Erik Thuning	2616c59769	The collected serverside config should work now Also did some type hint housekeeping and formatting tweaks	2025-02-19 18:29:42 +01:00
Erik Thuning	e3d6e52217	Added a thread-safe solution to finding the next free ip	2025-02-19 18:10:04 +01:00
Erik Thuning	8c9842484f	Added type hints	2025-02-19 18:08:08 +01:00
Erik Thuning	463fc62d60	Added example config and made wireguard.py read its server keys from disk	2025-02-19 15:35:11 +01:00
Erik Thuning	b454faea98	Switched to UUID/arbitrary ID:s for configs Names are now for human readability only	2025-02-18 17:56:41 +01:00
Erik Thuning	b316356de7	FIX: missing member variables	2025-02-18 17:53:27 +01:00
Erik Thuning	cfed319563	Moving closer to actual functional wireguard handling	2025-02-14 15:54:15 +01:00
Erik Thuning	bc4dd5d6f9	Further along the way to MVP	2025-02-13 16:51:28 +01:00
Erik Thuning	3213604a78	Initial commit	2025-02-12 16:35:20 +01:00

42 Commits