better group database

7 months ago · b011b80765
5 changed files with 47 additions and 36 deletions
--- a/src/server/api/lang.get.ts
+++ b/src/server/api/lang.get.ts
@ -1,5 +1,5 @@
 export default defineEventHandler(async (event) => {
  setHeader(event, 'Content-Type', 'application/json');
  const system = await Database.system.get();
-  return system.lang;
+  return system.general.lang;
 });
--- a/src/server/api/session.post.ts
+++ b/src/server/api/session.post.ts
@ -30,7 +30,7 @@ export default defineEventHandler(async (event) => {
  if (remember) {
    conf.cookie = {
      ...(system.sessionConfig.cookie ?? {}),
-      maxAge: system.sessionTimeout,
+      maxAge: system.general.sessionTimeout,
    };
  }

--- a/src/server/utils/wgHelper.ts
+++ b/src/server/utils/wgHelper.ts
@ -28,8 +28,8 @@ AllowedIPs = ${allowedIps.join(', ')}`;
 [Interface]
 PrivateKey = ${system.interface.privateKey}
 Address = ${system.interface.address4}/${cidr4Block}, ${system.interface.address6}/${cidr6Block}
-ListenPort = ${system.wgPort}
-MTU = ${system.userConfig.serverMtu}
+ListenPort = ${system.interface.port}
+MTU = ${system.interface.mtu}
 PreUp = ${system.iptables.PreUp}
 PostUp = ${system.iptables.PostUp}
 PreDown = ${system.iptables.PreDown}
@ -51,7 +51,7 @@ PublicKey = ${system.interface.publicKey}
 PresharedKey = ${client.preSharedKey}
 AllowedIPs = ${client.allowedIPs.join(', ')}
 PersistentKeepalive = ${client.persistentKeepalive}
-Endpoint = ${system.wgHost}:${system.wgConfigPort}`;
+Endpoint = ${system.userConfig.host}:${system.userConfig.port}`;
  },

  generatePrivateKey: () => {
--- a/src/services/database/migrations/1.ts
+++ b/src/services/database/migrations/1.ts
@ -16,28 +16,33 @@ export async function run1(db: Low<Database>) {
  const database: Database = {
    migrations: [],
    system: {
+      // Config to configure Server
      interface: {
        privateKey: privateKey,
        publicKey: publicKey,
        address4: stringifyIp({ number: cidr4.start + 1n, version: 4 }),
        address6: stringifyIp({ number: cidr6.start + 1n, version: 6 }),
+        mtu: 1420,
+        port: 51820,
+        device: 'eth0',
+      },
+      general: {
+        sessionTimeout: 3600, // 1 hour
+        lang: 'en',
      },
-      sessionTimeout: 3600, // 1 hour
-      lang: 'en',
+      // Config to configure Peer & Client Config
      userConfig: {
        mtu: 1420,
-        serverMtu: 1420,
        persistentKeepalive: 0,
        address4Range: address4Range,
        address6Range: address6Range,
        defaultDns: ['1.1.1.1', '2606:4700:4700::1111'],
        allowedIps: ['0.0.0.0/0', '::/0'],
+        // TODO: host has to be configured when onboarding
+        host: '',
+        port: 51820,
      },
-      wgDevice: 'eth0',
-      // TODO: wgHost has to be configured when onboarding
-      wgHost: '',
-      wgPort: 51820,
-      wgConfigPort: 51820,
+      // Config to configure Firewall
      iptables: {
        PreUp: '',
        PostUp: '',
@ -57,9 +62,11 @@ export async function run1(db: Low<Database>) {
      sortClients: {
        enabled: false,
      },
-      prometheus: {
-        enabled: false,
-        password: null,
+      metrics: {
+        prometheus: {
+          enabled: false,
+          password: null,
+        },
      },
      sessionConfig: {
        // TODO: be able to invalidate all sessions
@ -73,24 +80,24 @@ export async function run1(db: Low<Database>) {
  };

  database.system.iptables.PostUp =
-    `iptables -t nat -A POSTROUTING -s ${database.system.userConfig.address4Range} -o ${database.system.wgDevice} -j MASQUERADE;
-iptables -A INPUT -p udp -m udp --dport ${database.system.wgPort} -j ACCEPT;
+    `iptables -t nat -A POSTROUTING -s ${database.system.userConfig.address4Range} -o ${database.system.interface.device} -j MASQUERADE;
+iptables -A INPUT -p udp -m udp --dport ${database.system.interface.port} -j ACCEPT;
 iptables -A FORWARD -i wg0 -j ACCEPT;
 iptables -A FORWARD -o wg0 -j ACCEPT;
-ip6tables -t nat -A POSTROUTING -s ${database.system.userConfig.address6Range} -o ${database.system.wgDevice} -j MASQUERADE;
-ip6tables -A INPUT -p udp -m udp --dport ${database.system.wgPort} -j ACCEPT;
+ip6tables -t nat -A POSTROUTING -s ${database.system.userConfig.address6Range} -o ${database.system.interface.device} -j MASQUERADE;
+ip6tables -A INPUT -p udp -m udp --dport ${database.system.interface.port} -j ACCEPT;
 ip6tables -A FORWARD -i wg0 -j ACCEPT;
 ip6tables -A FORWARD -o wg0 -j ACCEPT;`
      .split('\n')
      .join(' ');

  database.system.iptables.PostDown =
-    `iptables -t nat -D POSTROUTING -s ${database.system.userConfig.address4Range} -o ${database.system.wgDevice} -j MASQUERADE;
-iptables -D INPUT -p udp -m udp --dport ${database.system.wgPort} -j ACCEPT;
+    `iptables -t nat -D POSTROUTING -s ${database.system.userConfig.address4Range} -o ${database.system.interface.device} -j MASQUERADE;
+iptables -D INPUT -p udp -m udp --dport ${database.system.interface.port} -j ACCEPT;
 iptables -D FORWARD -i wg0 -j ACCEPT;
 iptables -D FORWARD -o wg0 -j ACCEPT;
-ip6tables -t nat -D POSTROUTING -s ${database.system.userConfig.address6Range} -o ${database.system.wgDevice} -j MASQUERADE;
-ip6tables -D INPUT -p udp -m udp --dport ${database.system.wgPort} -j ACCEPT;
+ip6tables -t nat -D POSTROUTING -s ${database.system.userConfig.address6Range} -o ${database.system.interface.device} -j MASQUERADE;
+ip6tables -D INPUT -p udp -m udp --dport ${database.system.interface.port} -j ACCEPT;
 ip6tables -D FORWARD -i wg0 -j ACCEPT;
 ip6tables -D FORWARD -o wg0 -j ACCEPT;`
      .split('\n')
--- a/src/services/database/repositories/system.ts
+++ b/src/services/database/repositories/system.ts
@ -14,16 +14,20 @@ export type WGInterface = {
  publicKey: string;
  address4: string;
  address6: string;
+  mtu: number;
+  port: number;
+  device: string;
 };

 export type WGConfig = {
  mtu: number;
-  serverMtu: number;
  persistentKeepalive: number;
  address4Range: string;
  address6Range: string;
  defaultDns: string[];
  allowedIps: string[];
+  host: string;
+  port: number;
 };

 export enum ChartType {
@ -47,27 +51,27 @@ export type Feature = {
  enabled: boolean;
 };

+export type Metrics = {
+  prometheus: Prometheus;
+};
+
+export type General = {
+  sessionTimeout: number;
+  lang: Lang;
+};
+
 /**
 * Representing the WireGuard network configuration data structure of a computer interface system.
 */
 export type System = {
  interface: WGInterface;
-
-  // maxAge
-  sessionTimeout: number;
-  lang: Lang;
-
+  general: General;
  userConfig: WGConfig;

-  wgDevice: string;
-  wgHost: string;
-  wgPort: number;
-  wgConfigPort: number;
-
  iptables: IpTables;

  trafficStats: TrafficStats;
-  prometheus: Prometheus;
+  metrics: Metrics;

  clientExpiration: Feature;
  oneTimeLinks: Feature;