|
|
@@ -3,6 +3,7 @@
|
|
|
import os
|
|
|
import sys
|
|
|
import smtplib
|
|
|
+import subprocess
|
|
|
from email.mime.multipart import MIMEMultipart
|
|
|
from email.mime.text import MIMEText
|
|
|
|
|
|
@@ -30,56 +31,33 @@ def check_env (member_id):
|
|
|
IPs du VPN maintenant :( Ranson du succès j'immagine.")
|
|
|
raise Exception("Wrong member_id")
|
|
|
|
|
|
-def gen_wg_keys (member_id, key_dir):
|
|
|
+def gen_wg_keys ():
|
|
|
"""
|
|
|
Generates both the private and the public wireguard key of the new member.
|
|
|
"""
|
|
|
- privkey_path = os.path.join(key_dir,"{0}.key".format(member_id))
|
|
|
- pubkey_path = os.path.join(key_dir,"{0}.public".format(member_id))
|
|
|
- gen_key_cmd = "wg genkey | tee {0} | wg pubkey > {1}".format(privkey_path, pubkey_path)
|
|
|
+ priv = subprocess.run(["wg","genkey"], stdout=subprocess.STDOUT).decode(encoding='UTF-8').rstrip()
|
|
|
+ psk = subprocess.run(["wg","genpsk"], stdout=subprocess.STDOUT).decode(encoding='UTF-8').rstrip()
|
|
|
+ pub = subprocess.run(["bash", "-c", "echo EMrXWE+Qw4i0+sAgoNHVECgR+e1nWmEF3qYU4ftWUG8= | wg pubkey"]\
|
|
|
+ , stdout=subprocess.PIPE).decode(encoding='UTF-8').rstrip()
|
|
|
+ # TODO: better error check.
|
|
|
if os.system(gen_key_cmd) != 0:
|
|
|
print("Erreur lors de la génération des clés wireguard.")
|
|
|
print("Contactez un administrateur technique en lui envoyant le message d'erreur ci-dessus.")
|
|
|
sys.exit(1)
|
|
|
- return (privkey_path, pubkey_path)
|
|
|
+ return (priv, psk, pub)
|
|
|
|
|
|
-def create_wg_config (member_id, config_dir, wg_server_privkey, pubkey_path):
|
|
|
+def update_wg_config (member_id, config_file, pubkey, pshkey):
|
|
|
"""
|
|
|
Generate the wireguard configuration for this new member.
|
|
|
"""
|
|
|
- wg_filename = os.path.join (config_dir, "wg{0}.conf".format(member_id))
|
|
|
- with open(pubkey_path, "r") as pub_file:
|
|
|
- wg_peer_pubkey = pub_file.read()
|
|
|
- wg_config = '''
|
|
|
- [Interface]
|
|
|
- PrivateKey = {0}
|
|
|
- ListenPort = 51820
|
|
|
-
|
|
|
- [Peer]
|
|
|
- PublicKey = {1}
|
|
|
- AllowedIPs = 0.0.0.0/24
|
|
|
- '''.format(wg_server_privkey, wg_peer_pubkey)
|
|
|
- with open(wgFileName, "w") as wg_file:
|
|
|
- wg_file.write(wg_config)
|
|
|
-
|
|
|
-def create_if_file (member_id, config_dir):
|
|
|
- """
|
|
|
- Create and configure the new network interface for this new member.
|
|
|
- """
|
|
|
- iface_name = "wg{0}".format(member_id)
|
|
|
- iface_addrv4 = "10.0.0.{0}".format(member_id)
|
|
|
- iface_filename = os.path.join (config_dir, "{}.conf".format(iface_name))
|
|
|
- iface_config = '''
|
|
|
- auto {0}
|
|
|
- iface {0} inet static
|
|
|
- address {1}
|
|
|
- netmask 255.255.255.0
|
|
|
- pre-up ip link add $IFACE type wireguard
|
|
|
- pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
|
|
|
- post-down ip link del $IFACE
|
|
|
- '''.format(iface_name, iface_addrv4)
|
|
|
- with open(iface_filename, "w") as iface_file:
|
|
|
- iface_file.write(iface_config)
|
|
|
+ wg_new_peer = '''
|
|
|
+ [Peer]
|
|
|
+ PublicKey = {0}
|
|
|
+ PresharedKey = {1}
|
|
|
+ AllowedIPs = 10.0.0.{2}/24, fd00::{2}/64
|
|
|
+ '''.format(pubkey, pshkey, member_id)
|
|
|
+ with open(config_file, "a") as wg_file:
|
|
|
+ wg_file.write(wg_config)
|
|
|
|
|
|
class Email:
|
|
|
"""
|
