mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
6e1b0a3642
- Any changes done directly using 'wg' command need to be redone after a reboot and disable/enable sequence. Let that duty be handled by network manager. - Handle (none) values for keys and 0 values for latest handshake from 'wg' dump command output. - Don't store public/private keys for wireguard in /var/lib. Let Network Manager deal with the storage of secrets. - Create client connections in the 'external' zone. - Show allowed IPs for each client in the main page. - Show server connection public key only for clients. We use different key pairs when connecting to each of the servers. - Separate out configuration information and status information in the show page. - Allocate IP addresses to each of the clients. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
86 lines
3.1 KiB
Python
86 lines
3.1 KiB
Python
#
|
|
# This file is part of FreedomBox.
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as
|
|
# published by the Free Software Foundation, either version 3 of the
|
|
# License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
#
|
|
"""
|
|
Forms for wireguard module.
|
|
"""
|
|
|
|
from django import forms
|
|
from django.utils.translation import ugettext_lazy as _
|
|
|
|
|
|
class AddClientForm(forms.Form):
|
|
"""Form to add client."""
|
|
public_key = forms.CharField(
|
|
label=_('Public Key'), strip=True,
|
|
help_text=_('Public key of the peer.'))
|
|
|
|
|
|
class AddServerForm(forms.Form):
|
|
"""Form to add server."""
|
|
peer_endpoint = forms.CharField(
|
|
label=_('Endpoint'), strip=True,
|
|
help_text=_('Server endpoint with the form "ip:port".'))
|
|
|
|
peer_public_key = forms.CharField(
|
|
label=_('Public key of the server'), strip=True,
|
|
help_text=_('Public key of the server.'))
|
|
|
|
ip_address = forms.CharField(
|
|
label=_('Client IP address provided by server'), strip=True,
|
|
help_text=_('IP address assigned to the client on the VPN after '
|
|
'connecting to the endpoint.'))
|
|
|
|
private_key = forms.CharField(
|
|
label=_('Private key of the client'), strip=True,
|
|
help_text=_('Optional. A new key is generated if left blank.'),
|
|
required=False)
|
|
|
|
preshared_key = forms.CharField(
|
|
label=_('Pre-shared key'), strip=True, required=False,
|
|
help_text=_('Optional. A shared secret key provided by the server to '
|
|
'add an additional layer of encryption.'))
|
|
|
|
default_route = forms.BooleanField(
|
|
label=_('Use this connection to send all outgoing traffic'),
|
|
required=False,
|
|
help_text=_('Use this connection to send all outgoing traffic.'))
|
|
|
|
def get_settings(self):
|
|
"""Return NM settings dict from cleaned data."""
|
|
settings = {
|
|
'common': {
|
|
'type': 'wireguard',
|
|
'zone': 'external',
|
|
},
|
|
'ipv4': {
|
|
'method': 'manual',
|
|
'address': self.cleaned_data['ip_address'],
|
|
'netmask': '',
|
|
'gateway': '',
|
|
'dns': '',
|
|
'second_dns': '',
|
|
},
|
|
'wireguard': {
|
|
'peer_endpoint': self.cleaned_data['peer_endpoint'],
|
|
'peer_public_key': self.cleaned_data['peer_public_key'],
|
|
'private_key': self.cleaned_data['private_key'],
|
|
'preshared_key': self.cleaned_data['preshared_key'],
|
|
'default_route': self.cleaned_data['default_route'],
|
|
}
|
|
}
|
|
return settings
|