From 39eafa413f4b37e8dc1abff1f7d7ca2c0e1cbffa Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Mon, 30 Sep 2024 19:40:09 +0200 Subject: [PATCH] wireguard.cgi: Add controls to download configuration Signed-off-by: Michael Tremer --- config/cfgroot/wireguard-functions.pl | 43 ++++++++++++++--- doc/language_issues.de | 2 +- doc/language_issues.en | 4 +- doc/language_issues.es | 4 +- doc/language_issues.fr | 4 +- doc/language_issues.it | 4 +- doc/language_issues.nl | 4 +- doc/language_issues.pl | 4 +- doc/language_issues.ru | 4 +- doc/language_issues.tr | 4 +- doc/language_missings | 14 ++++++ html/cgi-bin/wireguard.cgi | 69 ++++++++++++++++++++++----- langs/de/cgi-bin/de.pl | 2 + langs/en/cgi-bin/en.pl | 2 + 14 files changed, 138 insertions(+), 26 deletions(-) diff --git a/config/cfgroot/wireguard-functions.pl b/config/cfgroot/wireguard-functions.pl index ef8bf9b0c..b2d9c14a0 100644 --- a/config/cfgroot/wireguard-functions.pl +++ b/config/cfgroot/wireguard-functions.pl @@ -152,6 +152,31 @@ sub dump($) { return %dump; } +sub load_peer($) { + my $key = shift; + + my $type = $peers{$key}[1]; + + my %peer = ( + "ENABLED" => $peers{$key}[0], + "TYPE" => $type, + "NAME" => $peers{$key}[2], + "PUBLIC_KEY" => $peers{$key}[3], + "PRIVATE_KEY" => $peers{$key}[4], + "PORT" => $peers{$key}[5], + "ENDPOINT_ADDR" => $peers{$key}[6], + "ENDPOINT_PORT" => $peers{$key}[7], + ($type eq "host") ? "CLIENT_ADDRESS" : "REMOTE_SUBNETS" + => &decode_subnets($peers{$key}[8]), + "REMARKS" => &decode_remarks($peers{$key}[9]), + "LOCAL_SUBNETS" => &decode_subnets($peers{$key}[10]), + "PSK" => $peers{$key}[11], + "KEEPALIVE" => $peers{$key}[12], + ); + + return %peer; +} + sub name_is_valid($) { my $name = shift; @@ -314,13 +339,19 @@ sub free_pool_addresses($$) { } sub generate_peer_configuration($) { - my $peer = shift; + my $key = shift; + + # Load the peer + my %peer = &load_peer($key); + + # Return if we could not find the peer + return undef unless (%peer); my @allowed_ips = (); my @dns = (); # Convert all subnets into CIDR notation - foreach my $subnet ($peer->{'LOCAL_SUBNETS'}) { + foreach my $subnet ($peer{'LOCAL_SUBNETS'}) { my $netaddress = &Network::get_netaddress($subnet); my $prefix = &Network::get_prefix($subnet); @@ -340,14 +371,14 @@ sub generate_peer_configuration($) { my $port = $settings{'PORT'}; # Fetch any DNS servers for hosts - if ($peer->{'TYPE'} eq 'host') { + if ($peer{'TYPE'} eq 'host') { @dns = split(/\|/, $settings{'CLIENT_DNS'}); } my @conf = ( "[Interface]", - "PrivateKey = $peer->{'PRIVATE_KEY'}", - "Address = $peer->{'CLIENT_ADDRESS'}", + "PrivateKey = $peer{'PRIVATE_KEY'}", + "Address = $peer{'CLIENT_ADDRESS'}", ); # Optionally add DNS servers @@ -363,7 +394,7 @@ sub generate_peer_configuration($) { "[Peer]", "Endpoint = ${endpoint}:${port}", "PublicKey = $settings{'PUBLIC_KEY'}", - "PresharedKey = $peer->{'PSK'}", + "PresharedKey = $peer{'PSK'}", "AllowedIPs = " . join(", ", @allowed_ips), "PersistentKeepalive = $DEFAULT_KEEPALIVE", )); diff --git a/doc/language_issues.de b/doc/language_issues.de index 8c3f8b2a0..eff641863 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -1049,6 +1049,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1061,7 +1062,6 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. WARNING: untranslated string: winbind daemon = Winbind Daemon WARNING: untranslated string: wio = unknown string WARNING: untranslated string: wio checked = unknown string diff --git a/doc/language_issues.en b/doc/language_issues.en index efad13f10..2ccf371b5 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -2156,6 +2156,7 @@ WARNING: untranslated string: weeks = Weeks WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -2166,6 +2167,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -2178,7 +2180,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_issues.es b/doc/language_issues.es index de41b16ac..37623809f 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -1115,6 +1115,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1125,6 +1126,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1137,7 +1139,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: wio = unknown string WARNING: untranslated string: wio checked = unknown string diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 96c7f9f55..3a5a949ec 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -1055,6 +1055,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1065,6 +1066,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1077,7 +1079,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: wio = unknown string WARNING: untranslated string: wio checked = unknown string diff --git a/doc/language_issues.it b/doc/language_issues.it index e2568c347..459723c53 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -1401,6 +1401,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1411,6 +1412,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1423,7 +1425,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 49be29522..640172f9f 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -1422,6 +1422,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1432,6 +1433,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1444,7 +1446,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 832fb403f..55725f2b6 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -1664,6 +1664,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1674,6 +1675,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1686,7 +1688,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_issues.ru b/doc/language_issues.ru index 96832e9ff..5ec251532 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -1657,6 +1657,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1667,6 +1668,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1679,7 +1681,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 860580123..7ad028fe8 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -1284,6 +1284,7 @@ WARNING: untranslated string: warning = Warning WARNING: untranslated string: wg client pool = Client Pool WARNING: untranslated string: wg create peer = Create A New Peer WARNING: untranslated string: wg dns = DNS +WARNING: untranslated string: wg download configuration = Download Configuration WARNING: untranslated string: wg download configuration file = Download the configuration file WARNING: untranslated string: wg edit peer = Edit Peer WARNING: untranslated string: wg host to net client settings = Host-To-Net Client Settings @@ -1294,6 +1295,7 @@ WARNING: untranslated string: wg invalid endpoint port = Invalid endpoint port WARNING: untranslated string: wg invalid keepalive interval = Invalid Keepalive Interval (Must be between 0 and 65535) WARNING: untranslated string: wg invalid local subnet = Invalid local subnet WARNING: untranslated string: wg invalid name = Invalid name (Only letters, numbers, space and hyphen are allowed) +WARNING: untranslated string: wg invalid private key = unknown string WARNING: untranslated string: wg invalid psk = Invalid pre-shared key WARNING: untranslated string: wg invalid public key = Invalid public key WARNING: untranslated string: wg invalid remote subnet = Invalid remote subnet @@ -1306,7 +1308,7 @@ WARNING: untranslated string: wg peer configuration = Peer Configuration WARNING: untranslated string: wg peer does not exist = Peer does not exist WARNING: untranslated string: wg rw peers = WireGuard Roadwarrior Peers WARNING: untranslated string: wg scan the qr code = Scan the QR code to import the WireGuard configuration into a mobile client. -WARNING: untranslated string: wg warning configuration only shown once = Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire. +WARNING: untranslated string: wg show configuration qrcode = Show Configuration QR Code WARNING: untranslated string: whitelisted = Whitelisted WARNING: untranslated string: whois results from = WHOIS results from WARNING: untranslated string: winbind daemon = Winbind Daemon diff --git a/doc/language_missings b/doc/language_missings index b97d8ca9c..52d323f5d 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -231,6 +231,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -254,6 +255,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < wireguard @@ -319,6 +321,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -342,6 +345,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < wireguard @@ -861,6 +865,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -884,6 +889,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < whois results from @@ -1479,6 +1485,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -1502,6 +1509,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < whois results from @@ -2513,6 +2521,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -2536,6 +2545,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < whois results from @@ -3584,6 +3594,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -3607,6 +3618,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < whois results from @@ -4032,6 +4044,7 @@ < wg client pool < wg create peer < wg dns +< wg download configuration < wg download configuration file < wg edit peer < wg host to net client settings @@ -4055,6 +4068,7 @@ < wg pre-shared key (optional) < wg rw peers < wg scan the qr code +< wg show configuration qrcode < wg warning configuration only shown once < whitelisted < whois results from diff --git a/html/cgi-bin/wireguard.cgi b/html/cgi-bin/wireguard.cgi index d0105b34f..dfb95a062 100644 --- a/html/cgi-bin/wireguard.cgi +++ b/html/cgi-bin/wireguard.cgi @@ -450,6 +450,42 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { if ($Wireguard::settings{'ENABLED'} eq "on") { &General::system("/usr/local/bin/wireguardctrl", "start"); } + +# Download configuration +} elsif ($cgiparams{'ACTION'} eq 'CONFIG') { + my $key = $cgiparams{'KEY'} || 0; + + # Load the peer + my %peer = &Wireguard::load_peer($key); + + # Make the filename for files + my $filename = &Header::normalize($peer{'NAME'}) . ".conf"; + + # Generate the client configuration + my $config = &Wireguard::generate_peer_configuration($key); + + # Send the configuration + if (defined $config) { + print "Content-Type: application/octet-stream\n"; + print "Content-Disposition: filename=\"${filename}\"\n"; + print "\n"; + print $config; + + # If there is no configuration, we return 404 + } else { + &CGI::header(status => 404); + } + + exit(0); + +# Show the configuration as QR code +} elsif ($cgiparams{'ACTION'} eq 'CONFIG-QRCODE') { + my $key = $cgiparams{'KEY'} || 0; + + # Show the configuration + &show_peer_configuration($key); + + exit(0); } # The main page starts here @@ -560,7 +596,7 @@ END $Lang::tr{'status'} - + $Lang::tr{'action'} @@ -658,6 +694,24 @@ END } print < +
+ + + +
+ + + +
+ + + +
+ +
$Wireguard::peers{$key}[2], - "PUBLIC_KEY" => $Wireguard::peers{$key}[3], - "PRIVATE_KEY" => $Wireguard::peers{$key}[4], - "CLIENT_ADDRESS" => $Wireguard::peers{$key}[8], - "LOCAL_SUBNETS" => &Wireguard::decode_subnets($Wireguard::peers{$key}[10]), - "PSK" => $Wireguard::peers{$key}[11], - ); + # Load the peer + my %peer = &Wireguard::load_peer($key); # Generate the client configuration - my $config = &Wireguard::generate_peer_configuration(\%peer); + my $config = &Wireguard::generate_peer_configuration($key); # Create a QR code generator my $qrgen = Imager::QRCode->new( diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index cc5fcf3a9..5ae432721 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -2954,6 +2954,8 @@ 'week-graph' => 'Woche', 'weekly firewallhits' => 'wöchentliche Firewalltreffer', 'weeks' => 'Wochen', +'wg download configuration' => 'Konfiguration herunterladen', +'wg show configuration qrcode' => 'Konfigurations-QR-Code anzeigen', 'whitelisted' => 'Ausgenommen', 'whois results from' => 'WHOIS-Ergebnisse von', 'wildcards' => 'Wildcards', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index 79634e90b..af2c3b338 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -3054,6 +3054,7 @@ 'wg client pool' => 'Client Pool', 'wg create peer' => 'Create A New Peer', 'wg dns' => 'DNS', +'wg download configuration' => 'Download Configuration', 'wg download configuration file' => 'Download the configuration file', 'wg edit peer' => 'Edit Peer', 'wg host to net client settings' => 'Host-To-Net Client Settings', @@ -3077,6 +3078,7 @@ 'wg pre-shared key (optional)' => 'Pre-Shared Key (optional)', 'wg rw peers' => 'WireGuard Roadwarrior Peers', 'wg scan the qr code' => 'Scan the QR code to import the WireGuard configuration into a mobile client.', +'wg show configuration qrcode' => 'Show Configuration QR Code', 'wg warning configuration only shown once' => 'Attention: This WireGuard configuration file will only be shown this one time as it contains private key material that is not being stored on IPFire.', 'whitelisted' => 'Whitelisted', 'whois results from' => 'WHOIS results from', -- 2.39.5