From 6aa83e71184d142e49fe0722882c7659fbae7702 Mon Sep 17 00:00:00 2001
From: James Valleroy <jvalleroy@mailbox.org>
Date: Thu, 29 Aug 2019 18:38:33 -0400
Subject: [PATCH] wireguard: Add skeleton for new app

Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Use the form from base template to show enable/disable properly]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
---
 plinth/modules/wireguard/__init__.py          |  96 ++++++++++++++
 .../data/etc/plinth/modules-enabled/wireguard |   1 +
 .../services/wireguard-freedombox.xml         |   6 +
 plinth/modules/wireguard/manifest.py          |  68 ++++++++++
 .../wireguard/templates/wireguard.html        |  43 +++++++
 plinth/modules/wireguard/urls.py              |  27 ++++
 plinth/modules/wireguard/views.py             |  34 +++++
 static/themes/default/icons/wireguard.svg     | 120 ++++++++++++++++++
 8 files changed, 395 insertions(+)
 create mode 100644 plinth/modules/wireguard/__init__.py
 create mode 100644 plinth/modules/wireguard/data/etc/plinth/modules-enabled/wireguard
 create mode 100644 plinth/modules/wireguard/data/usr/lib/firewalld/services/wireguard-freedombox.xml
 create mode 100644 plinth/modules/wireguard/manifest.py
 create mode 100644 plinth/modules/wireguard/templates/wireguard.html
 create mode 100644 plinth/modules/wireguard/urls.py
 create mode 100644 plinth/modules/wireguard/views.py
 create mode 100644 static/themes/default/icons/wireguard.svg

diff --git a/plinth/modules/wireguard/__init__.py b/plinth/modules/wireguard/__init__.py
new file mode 100644
index 000000000..6656b4cdb
--- /dev/null
+++ b/plinth/modules/wireguard/__init__.py
@@ -0,0 +1,96 @@
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+FreedomBox app for wireguard.
+"""
+
+from django.utils.translation import ugettext_lazy as _
+
+from plinth import app as app_module
+from plinth import cfg, frontpage, menu
+from plinth.modules.firewall.components import Firewall
+from plinth.utils import format_lazy
+
+from .manifest import clients  # noqa, pylint: disable=unused-import
+
+
+version = 1
+
+managed_packages = ['wireguard']
+
+name = _('WireGuard')
+
+short_description = _('Virtual Private Network')
+
+description = [
+    _('WireGuard is a fast, modern, secure VPN tunnel.'),
+    format_lazy(
+        _('It can be used to connect to a VPN provider which supports '
+          'WireGuard, and to route all outgoing traffic from {box_name} '
+          'through the VPN.'), box_name=_(cfg.box_name)),
+    format_lazy(
+        _('A second use case is to connect a mobile device to {box_name} '
+          'while travelling. While connected to a public Wi-Fi network, all '
+          'traffic can be securely relayed through {box_name}.'),
+        box_name=_(cfg.box_name))
+]
+
+clients = clients
+
+port_forwarding_info = [('UDP', 51820)]
+
+app = None
+
+
+class WireguardApp(app_module.App):
+    """FreedomBox app for wireguard."""
+
+    app_id = 'wireguard'
+
+    def __init__(self):
+        """Create components for the app."""
+        super().__init__()
+        menu_item = menu.Menu('menu-wireguard', name, short_description,
+                              'wireguard', 'wireguard:index',
+                              parent_url_name='apps')
+        self.add(menu_item)
+
+        shortcut = frontpage.Shortcut(
+            'shortcut-wireguard', name, short_description=short_description,
+            icon='wireguard', url='/wireguard', clients=clients,
+            login_required=True)
+        self.add(shortcut)
+
+        firewall = Firewall('firewall-wireguard', name,
+                            ports=['wireguard-freedombox'], is_external=True)
+        self.add(firewall)
+
+
+def init():
+    """Initialize the module."""
+    global app
+    app = WireguardApp()
+
+    setup_helper = globals()['setup_helper']
+    if setup_helper.get_state() != 'needs-setup' and app.is_enabled():
+        app.set_enabled(True)
+
+
+def setup(helper, old_version=None):
+    """Install and configure the module."""
+    helper.install(managed_packages)
+    helper.call('post', app.enable)
diff --git a/plinth/modules/wireguard/data/etc/plinth/modules-enabled/wireguard b/plinth/modules/wireguard/data/etc/plinth/modules-enabled/wireguard
new file mode 100644
index 000000000..e6d87e33c
--- /dev/null
+++ b/plinth/modules/wireguard/data/etc/plinth/modules-enabled/wireguard
@@ -0,0 +1 @@
+plinth.modules.wireguard
diff --git a/plinth/modules/wireguard/data/usr/lib/firewalld/services/wireguard-freedombox.xml b/plinth/modules/wireguard/data/usr/lib/firewalld/services/wireguard-freedombox.xml
new file mode 100644
index 000000000..9aba2f29e
--- /dev/null
+++ b/plinth/modules/wireguard/data/usr/lib/firewalld/services/wireguard-freedombox.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+  <short>WireGuard</short>
+  <description>WireGuard is a fast, modern, secure VPN tunnel.</description>
+  <port protocol="udp" port="51820"/>
+</service>
diff --git a/plinth/modules/wireguard/manifest.py b/plinth/modules/wireguard/manifest.py
new file mode 100644
index 000000000..ac8c286f5
--- /dev/null
+++ b/plinth/modules/wireguard/manifest.py
@@ -0,0 +1,68 @@
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Application manifest for WireGuard.
+"""
+
+from django.utils.translation import ugettext_lazy as _
+
+from plinth.clients import store_url, validate
+
+_wireguard_package_id = 'com.wireguard.android'
+
+clients = validate([{
+    'name':
+        _('WireGuard'),
+    'platforms': [{
+        'type':
+            'download',
+        'os':
+            'windows',
+        'url':
+            'https://download.wireguard.com/windows-client/wireguard-amd64-0.0.23.msi'
+    }, {
+        'type':
+            'download',
+        'os':
+            'macos',
+        'url':
+            'https://itunes.apple.com/us/app/wireguard/id1451685025?ls=1&mt=12'
+    }, {
+        'type': 'package',
+        'format': 'deb',
+        'name': 'wireguard'
+    }, {
+        'type': 'store',
+        'os': 'android',
+        'store_name': 'f-droid',
+        'url': store_url('f-droid', _wireguard_package_id)
+    }, {
+        'type': 'store',
+        'os': 'android',
+        'store_name': 'google-play',
+        'url': store_url('google-play', _wireguard_package_id)
+    }, {
+        'type':
+            'store',
+        'os':
+            'ios',
+        'store_name':
+            'app-store',
+        'url':
+            'https://itunes.apple.com/us/app/wireguard/id1441195209?ls=1&mt=8'
+    }]
+}])
diff --git a/plinth/modules/wireguard/templates/wireguard.html b/plinth/modules/wireguard/templates/wireguard.html
new file mode 100644
index 000000000..cb59e21d5
--- /dev/null
+++ b/plinth/modules/wireguard/templates/wireguard.html
@@ -0,0 +1,43 @@
+{% extends "app.html" %}
+{% comment %}
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+{% endcomment %}
+
+{% load bootstrap %}
+{% load i18n %}
+
+{% block configuration %}
+  <h3>{% trans "Server" %}</h3>
+  <p>{% trans "Peers allowed to connect to this server" %}</p>
+  <ul>{% trans "public key" %}</ul>
+  <ul>{% trans "last connected time" %}</ul>
+  <ul>{% trans "edit" %}</ul>
+  <ul>{% trans "Add Client" %}</ul>
+
+  <h3>{% trans "Client" %}</h3>
+  <p>{% trans "Peer servers that FreedomBox will connect to" %}</p>
+  <ul>{% trans "endpoint" %}</ul>
+  <ul>{% trans "public key" %}</ul>
+  <ul>{% trans "last connected time" %}</ul>
+  <ul>{% trans "edit" %}</ul>
+  <p>{% trans "No connections to remove servers are configured yet." %}</p>
+  <ul>{% trans "Add Server" %}</ul>
+
+  {{ block.super }}
+
+{% endblock %}
diff --git a/plinth/modules/wireguard/urls.py b/plinth/modules/wireguard/urls.py
new file mode 100644
index 000000000..7fb96603b
--- /dev/null
+++ b/plinth/modules/wireguard/urls.py
@@ -0,0 +1,27 @@
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+URLs for the wireguard module.
+"""
+
+from django.conf.urls import url
+
+from plinth.modules.wireguard import views
+
+urlpatterns = [
+    url(r'^apps/wireguard/$', views.WireguardView.as_view(), name='index'),
+]
diff --git a/plinth/modules/wireguard/views.py b/plinth/modules/wireguard/views.py
new file mode 100644
index 000000000..7962659ec
--- /dev/null
+++ b/plinth/modules/wireguard/views.py
@@ -0,0 +1,34 @@
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Views for WireGuard application.
+"""
+
+import plinth.modules.wireguard as wireguard
+from plinth.views import AppView
+
+
+class WireguardView(AppView):
+    """Serve configuration page."""
+    app_id = 'wireguard'
+    clients = wireguard.clients
+    name = wireguard.name
+    description = wireguard.description
+    diagnostics_module_name = 'wireguard'
+    show_status_block = False
+    template_name = 'wireguard.html'
+    port_forwarding_info = wireguard.port_forwarding_info
diff --git a/static/themes/default/icons/wireguard.svg b/static/themes/default/icons/wireguard.svg
new file mode 100644
index 000000000..5e54e35a2
--- /dev/null
+++ b/static/themes/default/icons/wireguard.svg
@@ -0,0 +1,120 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Generator: Adobe Illustrator 16.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   id="Capa_1"
+   x="0px"
+   y="0px"
+   width="512"
+   height="512"
+   viewBox="0 0 511.99999 511.99999"
+   xml:space="preserve"
+   sodipodi:docname="sharing.svg"
+   inkscape:version="0.92.4 (5da689c313, 2019-01-14)"><metadata
+   id="metadata75653"><rdf:RDF><cc:Work
+       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
+         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title></dc:title></cc:Work></rdf:RDF></metadata><defs
+   id="defs75651" /><sodipodi:namedview
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1"
+   objecttolerance="10"
+   gridtolerance="10"
+   guidetolerance="10"
+   inkscape:pageopacity="0"
+   inkscape:pageshadow="2"
+   inkscape:window-width="1633"
+   inkscape:window-height="1332"
+   id="namedview75649"
+   showgrid="false"
+   fit-margin-top="0"
+   fit-margin-left="0"
+   fit-margin-right="0"
+   fit-margin-bottom="0"
+   inkscape:zoom="0.60618513"
+   inkscape:cx="10.196697"
+   inkscape:cy="-371.50636"
+   inkscape:window-x="1613"
+   inkscape:window-y="500"
+   inkscape:window-maximized="0"
+   inkscape:current-layer="Capa_1" />
+<g
+   id="g75616"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+	<g
+   id="g75614">
+		<path
+   d="m 40.332,31.592 c -2.377,0 -4.515,1 -6.033,2.598 L 16.562,25.504 c 0.061,-0.406 0.103,-0.82 0.103,-1.246 0,-0.414 -0.04,-0.818 -0.098,-1.215 l 17.711,-8.589 c 1.519,1.609 3.666,2.619 6.054,2.619 4.603,0 8.333,-3.731 8.333,-8.333 0,-4.603 -3.73,-8.333 -8.333,-8.333 -4.603,0 -8.333,3.73 -8.333,8.333 0,0.414 0.04,0.817 0.098,1.215 L 14.388,18.544 C 12.869,16.935 10.722,15.925 8.334,15.925 3.73,15.925 0,19.656 0,24.258 c 0,4.603 3.73,8.333 8.333,8.333 2.377,0 4.515,-1 6.033,-2.596 l 17.736,8.685 c -0.062,0.406 -0.104,0.82 -0.104,1.245 0,4.604 3.73,8.333 8.333,8.333 4.603,0 8.333,-3.729 8.333,-8.333 10e-4,-4.603 -3.729,-8.333 -8.332,-8.333 z"
+   id="path75612"
+   inkscape:connector-curvature="0" />
+	</g>
+</g>
+<g
+   id="g75618"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75620"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75622"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75624"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75626"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75628"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75630"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75632"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75634"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75636"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75638"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75640"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75642"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75644"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+<g
+   id="g75646"
+   transform="matrix(10.520908,0,0,10.520908,6.09e-6,6.09e-6)">
+</g>
+</svg>
\ No newline at end of file