From 065fc450df60aa5d7a81eab237ab8a2bf8e1e46f Mon Sep 17 00:00:00 2001 From: Bernd Storath <999999bst@gmail.com> Date: Thu, 5 Sep 2024 14:33:59 +0200 Subject: [PATCH] improve wireguard helpers --- src/server/utils/WireGuard.ts | 31 ++++++++++++++-------------- src/server/utils/wgHelper.ts | 39 ++++++++++++++++++++++++++--------- 2 files changed, 44 insertions(+), 26 deletions(-) diff --git a/src/server/utils/WireGuard.ts b/src/server/utils/WireGuard.ts index 593fc5a7..bb77f404 100644 --- a/src/server/utils/WireGuard.ts +++ b/src/server/utils/WireGuard.ts @@ -78,16 +78,15 @@ class WireGuard { persistentKeepalive, }) => { const client = clients.find((client) => client.publicKey === publicKey); - if (!client) return; - - client.latestHandshakeAt = - latestHandshakeAt === '0' - ? null - : new Date(Number(`${latestHandshakeAt}000`)); - client.endpoint = endpoint === '(none)' ? null : (endpoint ?? null); - client.transferRx = Number(transferRx); - client.transferTx = Number(transferTx); - client.persistentKeepalive = persistentKeepalive ?? null; + if (!client) { + return; + } + + client.latestHandshakeAt = latestHandshakeAt; + client.endpoint = endpoint; + client.transferRx = transferRx; + client.transferTx = transferTx; + client.persistentKeepalive = persistentKeepalive; } ); @@ -423,15 +422,15 @@ class WireGuard { returnText += '\n# HELP wireguard_configured_peers\n'; returnText += '# TYPE wireguard_configured_peers gauge\n'; - returnText += `wireguard_configured_peers{interface="wg0"} ${Number(wireguardPeerCount)}\n`; + returnText += `wireguard_configured_peers{interface="wg0"} ${wireguardPeerCount}\n`; returnText += '\n# HELP wireguard_enabled_peers\n'; returnText += '# TYPE wireguard_enabled_peers gauge\n'; - returnText += `wireguard_enabled_peers{interface="wg0"} ${Number(wireguardEnabledPeersCount)}\n`; + returnText += `wireguard_enabled_peers{interface="wg0"} ${wireguardEnabledPeersCount}\n`; returnText += '\n# HELP wireguard_connected_peers\n'; returnText += '# TYPE wireguard_connected_peers gauge\n'; - returnText += `wireguard_connected_peers{interface="wg0"} ${Number(wireguardConnectedPeersCount)}\n`; + returnText += `wireguard_connected_peers{interface="wg0"} ${wireguardConnectedPeersCount}\n`; returnText += '\n# HELP wireguard_sent_bytes Bytes sent to the peer\n'; returnText += '# TYPE wireguard_sent_bytes counter\n'; @@ -465,9 +464,9 @@ class WireGuard { } } return { - wireguard_configured_peers: Number(wireguardPeerCount), - wireguard_enabled_peers: Number(wireguardEnabledPeersCount), - wireguard_connected_peers: Number(wireguardConnectedPeersCount), + wireguard_configured_peers: wireguardPeerCount, + wireguard_enabled_peers: wireguardEnabledPeersCount, + wireguard_connected_peers: wireguardConnectedPeersCount, }; } } diff --git a/src/server/utils/wgHelper.ts b/src/server/utils/wgHelper.ts index a1420a98..5ebd0217 100644 --- a/src/server/utils/wgHelper.ts +++ b/src/server/utils/wgHelper.ts @@ -4,11 +4,17 @@ import type { System } from '~~/services/database/repositories/system'; export const wg = { generateServerPeer: (client: Client) => { + const allowedIps = [ + `${client.address4}/32`, + `${client.address6}/128`, + ...(client.serverAllowedIPs ?? []), + ]; + return `# Client: ${client.name} (${client.id}) [Peer] PublicKey = ${client.publicKey} PresharedKey = ${client.preSharedKey} -AllowedIPs = ${client.address4}/32, ${client.address6}/128${client.serverAllowedIPs ? ` ${client.serverAllowedIPs.join(', ')}` : ''}`; +AllowedIPs = ${allowedIps.join(', ')}`; }, generateServerInterface: (system: System) => { @@ -47,8 +53,6 @@ PersistentKeepalive = ${client.persistentKeepalive} Endpoint = ${system.wgHost}:${system.wgConfigPort}`; }, - // TODO?: generate keys using plain javascript - generatePrivateKey: () => { return exec('wg genkey'); }, @@ -75,16 +79,28 @@ Endpoint = ${system.wgHost}:${system.wgConfigPort}`; return exec('wg syncconf wg0 <(wg-quick strip wg0)'); }, - // TODO: properly convert dump: async () => { const rawDump = await exec('wg show wg0 dump', { log: false, }); + + type wgDumpLine = [ + string, + string, + string, + string, + string, + string, + string, + string, + ]; + return rawDump .trim() .split('\n') .slice(1) .map((line) => { + const splitLines = line.split('\t'); const [ publicKey, preSharedKey, @@ -94,17 +110,20 @@ Endpoint = ${system.wgHost}:${system.wgConfigPort}`; transferRx, transferTx, persistentKeepalive, - ] = line.split('\t'); + ] = splitLines as wgDumpLine; return { publicKey, preSharedKey, - endpoint, + endpoint: endpoint === '(none)' ? null : endpoint, allowedIPs, - latestHandshakeAt, - transferRx, - transferTx, - persistentKeepalive, + latestHandshakeAt: + latestHandshakeAt === '0' + ? null + : new Date(Number.parseInt(`${latestHandshakeAt}000`)), + transferRx: Number.parseInt(transferRx), + transferTx: Number.parseInt(transferTx), + persistentKeepalive: persistentKeepalive, }; }); },