Comments (11)
Oh yeah ! The swagger doc is really nice !
Let me a couple of days and I'll return a first version of a shell script (to be OS-agnostic) to create/install a peer.
from wg-portal.
Hi, I have implemented a simple REST API now. (Swagger Documentation: http://<your wg-portal ip/domain>/swagger/index.html)
The interessting endpoints for your usecase are:
- GET /provisioning/peer/{pkey}: retrieve the configuration file for the given public key
- POST /provisioning/peers: create a new peer and return the configuration file
- GET /provisioning/peers/{email}: list all active public keys for the given email
So a sample workflow for some auto-provision script could be:
- Ask for user credentials
- GET /provisioning/peers/{email} to list all available public keys
- Let the user choose one public key, or if no key is available or the user wants to create a new one -> POST /provisioning/peers
- In case that the user chose an existing key, GET /provisioning/peer/{pkey}
- Write the response of the POST (3.) or the GET (4.) request to wgX.conf
- Restart WireGuard
I hope this helps you.
If you write some nice deployment scripts, feel free to contribute them to this project :)
from wg-portal.
Just got a nice limitation : in WG pubkeys, you can have some forward slashes "/" and AFAIK it can't be used as valid URL as this symbol is used for directory separation.
I tried to get the config file for "l5im6GB5N8hh56fJO6DmbgYKeU/aroNnePAhnuzlQXI=" and I'm always getting a 404 error.
Perhaps could I find a way to ask curl to encode the string into something else but in my point of view, this situation is not desirable.
As a workaround, I think we could encore base64 the pubkey in the URL. It's the simpler method I think of.
Another one would be to pass the pubkey as an arg to the URL ( GET /provisioning/peer/?key=pubkey) but it's not the way you constructed the API.
Any thoughts ?
from wg-portal.
Base64 encoding won't work (the key is already base64 encoded) as base64 has a / in its allowed charset.
I think using a query parameter like ?key is the simplest solution.
from wg-portal.
After reading a bit about base64encore and urlencode, we'll still be in trouble with '+' and '=' char in a URL parameter.
Perhaps could it be bypassed by encoding correctly the string in the request (automagically with curl ?) but I still need to read a bit to find the best compromise.
from wg-portal.
I quickly changed the public key parameter to a query parameter. So there should be no problem any longer. All other parameters still have the same format. I am unsure if I should change all parameters to query parameters in order to get a consistent api...
from wg-portal.
So far, so good !
I had to use --data-urlencode "pkey=$wgpubkey" in my curl call to get the peer config. I also tested with a pubkey containing '+', it worked too.
About rewriting other endpoint, I think having a consistent api is a good thing. Nobody else should be using this API right now so we can't really call this an incompatible change ;-)
Right now, there's only 'device' and 'email' as used parameters, right ?
I have no clue of the work it suppose, so feel free to do as you prefer, of course.
Right now, the only endpoint I'll be using is /provisioning/peer as POST and GET.
Am I reading wrong or did you add some endpoints in the meantime ? I didn't remember about /bakend/users as POST.
from wg-portal.
No new backend endpoints here ;)
I changed all url paths now, so one can use query parameters everywhere.
from wg-portal.
OK, thank you.
Here is a first version of my config-retrieval shell script : https://gitlab.altinea.fr/altinea/install-scripts/src/branch/master/wireguard/wgportal_peer_install.sh
Probably buggy and a few verifications missing.
I took most of the argument parsing code from acme.sh. This should ensure the script is POSIX-compliant and can be used with bash/zsh/ksh/dash.
The only dependance is having curl.
Asking the password on the command line is something tricky, I'm not really at ease with such thing but I don't see any better option.
More than happy to get any feedback !
from wg-portal.
@Azylog looks promising =)
I think adding --overwrite parameter instead of the environment variable OVERWRITE will improve usability.
from wg-portal.
Closing this now, the API seems to work.
from wg-portal.
Related Issues (20)
- WARN[2024-02-05 13:36:52] unable to load config.yml file: failed to open config file "/app/config/config.yml": open "/app/config/config.yml": no such file or directory, using default configuration... HOT 3
- v2 testing with ldap - default peers HOT 3
- EntraID/ Azure Auth issues HOT 9
- [V2] Hooks not executed on container reboot/restart HOT 1
- Showing no profile information or peers in WireGuard Portal HOT 2
- Unable to find peer/record not found HOT 3
- Expose the app in port 443 (HTTPs) HOT 1
- Reboot host or restart services leads to network unavailability HOT 7
- ERROR REGARDING MY PROFILE PAGE
- Wireguard Configuration files HOT 2
- "api/v0/peer/config" BUG HOT 1
- overwriting the etc/wireguard/wg0.conf file on peer creation HOT 1
- Client Peers DNS servers not apply into the configuration HOT 2
- /bin/sh does not exist HOT 1
- LDAP: Users in admin-groups hasn't admin privileges
- failed to update ldap user (Duplicate entry in BD) HOT 2
- Can't delete oauth users or set them to admin HOT 8
- [v2] Keypairs/PublicKey can not be changed HOT 3
- Deploy and run HOT 1
- Squashed PostUp / PostDown HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wg-portal.