nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-13 10:30:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

wireguard: Replace nmcli use with libnm

Browse Source 
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This commit is contained in:
James Valleroy 2019-09-22 07:37:41 -04:00
parent eaa71f056a
commit 0bef87579f
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
2 changed files with 40 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
actions/wireguard
View File

@ -195,8 +195,12 @@ def _find_next_interface():
return new_interface_name return new_interface_name
def _get_connection_settings(name, interface, client_ip): def _get_connection_settings(name, interface, endpoint, client_ip, public_key,
pre_shared_key):
"""Return settings for Network Manager connection.""" """Return settings for Network Manager connection."""
with PRIVATE_KEY_PATH.open() as private_key_file:
private_key = private_key_file.read().strip()
return { return {
'common': { 'common': {
'name': name, 'name': name,
@ -212,24 +216,15 @@ def _get_connection_settings(name, interface, client_ip):
'dns': '', 'dns': '',
'second_dns': '', 'second_dns': '',
}, },
'wireguard': {
'private_key': private_key,
'peer_endpoint': endpoint,
'peer_public_key': public_key,
'preshared_key': pre_shared_key,
},
} }
def _create_connection(name, interface, client_ip):
"""Create a NetworkManager connection."""
settings = _get_connection_settings(name, interface, client_ip)
network.add_connection(settings)
subprocess.run(['nmcli', 'con', 'modify', name,
'connection.autoconnect', 'TRUE'], check=True)
with PRIVATE_KEY_PATH.open() as private_key_file:
private_key = private_key_file.read().strip()
subprocess.run(['nmcli', 'con', 'modify', name,
'wireguard.private-key', private_key], check=True)
def subcommand_add_server(arguments): def subcommand_add_server(arguments):
"""Add a server.""" """Add a server."""
new_interface_name = _find_next_interface() new_interface_name = _find_next_interface()
@ -239,16 +234,13 @@ def subcommand_add_server(arguments):
check=True) check=True)
connection_name = 'WireGuard-' + new_interface_name connection_name = 'WireGuard-' + new_interface_name
_create_connection(connection_name, new_interface_name, settings = _get_connection_settings(connection_name,
arguments.client_ip) new_interface_name,
arguments.endpoint,
# XXX: Peer is lost after connection is activated. arguments.client_ip,
args = ['wg', 'set', new_interface_name, 'peer', arguments.public_key] arguments.public_key,
if arguments.pre_shared_key: arguments.pre_shared_key)
args += ['preshared-key', arguments.pre_shared_key] network.add_connection(settings)
args += ['endpoint', arguments.endpoint]
subprocess.run(args, check=True)
def subcommand_modify_server(arguments): def subcommand_modify_server(arguments):
@ -263,19 +255,14 @@ def subcommand_modify_server(arguments):
interface_to_modify = interface['interface_name'] interface_to_modify = interface['interface_name']
if interface_to_modify: if interface_to_modify:
args = ['wg', 'set', interface_to_modify, 'peer', arguments.public_key]
if arguments.pre_shared_key:
args += ['preshared-key', arguments.pre_shared_key]
args += ['endpoint', arguments.endpoint]
subprocess.run(args, check=True)
connection = network.get_connection_by_interface_name( connection = network.get_connection_by_interface_name(
interface_to_modify) interface_to_modify)
settings = _get_connection_settings('WireGuard-' + interface_to_modify, settings = _get_connection_settings('WireGuard-' + interface_to_modify,
interface_to_modify, interface_to_modify,
arguments.client_ip) arguments.endpoint,
arguments.client_ip,
arguments.public_key,
arguments.pre_shared_key)
if connection: if connection:
network.edit_connection(connection, settings) network.edit_connection(connection, settings)

18
plinth/network.py
View File

@ -468,6 +468,21 @@ def _update_wireless_settings(connection, wireless):
return connection return connection
def _update_wireguard_settings(connection, wireguard):
"""Create/edit WireGuard settings for network manager connections."""
settings = nm.SettingWireGuard.new()
connection.add_setting(settings)
settings.set_property(nm.SETTING_WIREGUARD_PRIVATE_KEY,
wireguard['private_key'])
# XXX: not working
peer = nm.WireGuardPeer.new()
peer.set_endpoint(wireguard['peer_endpoint'], False)
peer.set_public_key(wireguard['peer_public_key'], False)
peer.set_preshared_key(wireguard['preshared_key'], False)
settings.append_peer(peer)
def _update_settings(connection, connection_uuid, settings): def _update_settings(connection, connection_uuid, settings):
"""Create/edit wifi settings for network manager connections.""" """Create/edit wifi settings for network manager connections."""
connection = _update_common_settings(connection, connection_uuid, connection = _update_common_settings(connection, connection_uuid,
@ -484,6 +499,9 @@ def _update_settings(connection, connection_uuid, settings):
if 'wireless' in settings and settings['wireless']: if 'wireless' in settings and settings['wireless']:
_update_wireless_settings(connection, settings['wireless']) _update_wireless_settings(connection, settings['wireless'])
if 'wireguard' in settings and settings['wireguard']:
_update_wireguard_settings(connection, settings['wireguard'])
return connection return connection