Initial daemon draft.
This commit is contained in:
commit
8481ff63d5
4 changed files with 1396 additions and 0 deletions
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
/target
|
1200
Cargo.lock
generated
Normal file
1200
Cargo.lock
generated
Normal file
File diff suppressed because it is too large
Load diff
14
Cargo.toml
Normal file
14
Cargo.toml
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
[package]
|
||||||
|
name = "wgvirtipd"
|
||||||
|
version = "0.1.0"
|
||||||
|
edition = "2021"
|
||||||
|
|
||||||
|
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||||
|
|
||||||
|
[dependencies]
|
||||||
|
cidr = { version = "0" }
|
||||||
|
bytes = { version = "1" }
|
||||||
|
serde = "1"
|
||||||
|
tokio = { version = "1", features=["full"] }
|
||||||
|
clap = { version = "4", features=["derive"] }
|
||||||
|
warp = "0"
|
181
src/main.rs
Normal file
181
src/main.rs
Normal file
|
@ -0,0 +1,181 @@
|
||||||
|
use clap::Parser;
|
||||||
|
use std::str::FromStr;
|
||||||
|
use warp::Filter;
|
||||||
|
|
||||||
|
#[derive(Parser, Debug)]
|
||||||
|
#[command(author, version, about, long_about = None)]
|
||||||
|
struct CliArguments {
|
||||||
|
#[arg(short, long)]
|
||||||
|
addr: std::net::SocketAddr,
|
||||||
|
#[arg(short, long)]
|
||||||
|
link: String,
|
||||||
|
}
|
||||||
|
|
||||||
|
type WgLink = String;
|
||||||
|
type WgPeer = String;
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
struct RejectCommandFailedToExecute;
|
||||||
|
impl warp::reject::Reject for RejectCommandFailedToExecute {}
|
||||||
|
|
||||||
|
#[derive(Debug)]
|
||||||
|
struct CommandError {
|
||||||
|
stdout: String,
|
||||||
|
stderr: String,
|
||||||
|
}
|
||||||
|
impl warp::reject::Reject for CommandError {}
|
||||||
|
impl From<std::process::Output> for CommandError {
|
||||||
|
fn from(value: std::process::Output) -> Self {
|
||||||
|
CommandError {
|
||||||
|
stdout: std::str::from_utf8(value.stdout.as_ref()).unwrap().into(),
|
||||||
|
stderr: std::str::from_utf8(value.stderr.as_ref()).unwrap().into(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn split_allowed_ips_text_line(text: &str) -> (WgPeer, Vec<cidr::IpInet>) {
|
||||||
|
let mut string_parts = text.split(|c| c == '\t' || c == ' ');
|
||||||
|
let peer = string_parts.next().unwrap();
|
||||||
|
let cidrs = string_parts
|
||||||
|
.map(|p| cidr::IpInet::from_str(p).unwrap())
|
||||||
|
.collect();
|
||||||
|
(peer.into(), cidrs)
|
||||||
|
}
|
||||||
|
fn split_allowed_ips_text(text: &str, peer: WgPeer) -> (WgPeer, Vec<cidr::IpInet>) {
|
||||||
|
text.split('\n')
|
||||||
|
.map(|p| split_allowed_ips_text_line(p))
|
||||||
|
.filter(|l| l.0 == peer)
|
||||||
|
.next()
|
||||||
|
.unwrap()
|
||||||
|
}
|
||||||
|
|
||||||
|
async fn wg_add_address(
|
||||||
|
link: WgLink,
|
||||||
|
peer: WgPeer,
|
||||||
|
cidr: cidr::IpInet,
|
||||||
|
) -> Result<impl warp::Reply, warp::Rejection> {
|
||||||
|
let output = match tokio::process::Command::new("wg")
|
||||||
|
.arg("show")
|
||||||
|
.arg(&link)
|
||||||
|
.arg("allowed-ips")
|
||||||
|
.output()
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(v) => v,
|
||||||
|
Err(_) => return Err(warp::reject::custom(RejectCommandFailedToExecute)),
|
||||||
|
};
|
||||||
|
if !output.status.success() {
|
||||||
|
return Err(warp::reject::custom(CommandError::from(output)));
|
||||||
|
}
|
||||||
|
let (peer, ips) =
|
||||||
|
split_allowed_ips_text(std::str::from_utf8(output.stdout.as_ref()).unwrap(), peer);
|
||||||
|
let ips_str =
|
||||||
|
ips.iter()
|
||||||
|
.chain([cidr].iter())
|
||||||
|
.map(|x| x.to_string())
|
||||||
|
.fold("".to_string(), |acc, x| {
|
||||||
|
let mut s = String::from(acc);
|
||||||
|
s.push_str(&x);
|
||||||
|
s.push_str(",");
|
||||||
|
s
|
||||||
|
});
|
||||||
|
let ips_str = &ips_str[0..ips_str.len() - 1];
|
||||||
|
let mut command = tokio::process::Command::new("wg");
|
||||||
|
command
|
||||||
|
.arg("set")
|
||||||
|
.arg(&link)
|
||||||
|
.arg("peer")
|
||||||
|
.arg(&peer)
|
||||||
|
.arg("allowed-ips")
|
||||||
|
.arg(ips_str);
|
||||||
|
println!("command = {:?}", command);
|
||||||
|
let output = match command.output().await {
|
||||||
|
Ok(v) => v,
|
||||||
|
Err(_) => return Err(warp::reject::custom(RejectCommandFailedToExecute)),
|
||||||
|
};
|
||||||
|
println!("{:?}", output);
|
||||||
|
|
||||||
|
if output.status.success() {
|
||||||
|
Ok("")
|
||||||
|
} else {
|
||||||
|
Err(warp::reject::custom(CommandError::from(output)))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
async fn wg_del_address(
|
||||||
|
link: WgLink,
|
||||||
|
peer: WgPeer,
|
||||||
|
cidr: cidr::IpInet,
|
||||||
|
) -> Result<impl warp::Reply, warp::Rejection> {
|
||||||
|
let output = match tokio::process::Command::new("wg")
|
||||||
|
.arg("show")
|
||||||
|
.arg(&link)
|
||||||
|
.arg("allowed-ips")
|
||||||
|
.output()
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(v) => v,
|
||||||
|
Err(_) => return Err(warp::reject::custom(RejectCommandFailedToExecute)),
|
||||||
|
};
|
||||||
|
if !output.status.success() {
|
||||||
|
return Err(warp::reject::custom(CommandError::from(output)));
|
||||||
|
}
|
||||||
|
let (peer, ips) =
|
||||||
|
split_allowed_ips_text(std::str::from_utf8(output.stdout.as_ref()).unwrap(), peer);
|
||||||
|
let ips_str = ips
|
||||||
|
.iter()
|
||||||
|
.filter(|x| **x != cidr)
|
||||||
|
.map(|x| x.to_string())
|
||||||
|
.fold("".to_string(), |acc, x| {
|
||||||
|
let mut s = String::from(acc);
|
||||||
|
s.push_str(&x);
|
||||||
|
s.push_str(",");
|
||||||
|
s
|
||||||
|
});
|
||||||
|
let ips_str = &ips_str[0..ips_str.len() - 1];
|
||||||
|
let mut command = tokio::process::Command::new("wg");
|
||||||
|
command
|
||||||
|
.arg("set")
|
||||||
|
.arg(&link)
|
||||||
|
.arg("peer")
|
||||||
|
.arg(&peer)
|
||||||
|
.arg("allowed-ips")
|
||||||
|
.arg(ips_str);
|
||||||
|
println!("command = {:?}", command);
|
||||||
|
let output = match command.output().await {
|
||||||
|
Ok(v) => v,
|
||||||
|
Err(_) => return Err(warp::reject::custom(RejectCommandFailedToExecute)),
|
||||||
|
};
|
||||||
|
println!("{:?}", output);
|
||||||
|
|
||||||
|
if output.status.success() {
|
||||||
|
Ok("")
|
||||||
|
} else {
|
||||||
|
Err(warp::reject::custom(CommandError::from(output)))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#[tokio::main]
|
||||||
|
async fn main() {
|
||||||
|
let args = CliArguments::parse();
|
||||||
|
|
||||||
|
let base = warp::path("wireguard")
|
||||||
|
.and(warp::path::param::<WgLink>())
|
||||||
|
.and(warp::path("peer"))
|
||||||
|
.and(warp::path::param::<WgPeer>())
|
||||||
|
.and(warp::path("address"));
|
||||||
|
let address_add = base
|
||||||
|
.and(warp::path::end())
|
||||||
|
.and(warp::post())
|
||||||
|
.and(warp::body::bytes().map(|b: bytes::Bytes| {
|
||||||
|
cidr::IpInet::from_str(std::str::from_utf8(b.as_ref()).unwrap().trim()).unwrap()
|
||||||
|
}))
|
||||||
|
.and_then(wg_add_address);
|
||||||
|
let address_del = base
|
||||||
|
.and(warp::path::param::<cidr::IpInet>())
|
||||||
|
.and(warp::path::end())
|
||||||
|
.and(warp::delete())
|
||||||
|
.and_then(wg_del_address);
|
||||||
|
let routes = address_add.or(address_del);
|
||||||
|
|
||||||
|
warp::serve(routes).run(args.addr).await;
|
||||||
|
}
|
Loading…
Reference in a new issue