added capability to add or remove clients

parthibd · Mar 18, 2020 · b6804e5 · b6804e5
1 parent 2087774
commit b6804e5
Show file tree

Hide file tree

Showing 10 changed files with 90 additions and 8 deletions.
diff --git a/.phpstorm.meta.php b/.phpstorm.meta.php
@@ -5,7 +5,7 @@
 
    /**
     * PhpStorm Meta file, to provide autocomplete information for PhpStorm
-    * Generated on 2020-03-17 08:47:45.
+    * Generated on 2020-03-18 18:43:38.
     *
     * @author Barry vd. Heuvel <[email protected]>
     * @see https://github.com/barryvdh/laravel-ide-helper

diff --git a/_ide_helper.php b/_ide_helper.php
@@ -3,7 +3,7 @@
 
 /**
  * A helper file for Laravel 5, to provide autocomplete information to your IDE
- * Generated for Laravel 5.8.37 on 2020-03-17 08:47:41.
+ * Generated for Laravel 5.8.37 on 2020-03-18 18:43:34.
  *
  * This file should not be included in your code, only analyzed by your IDE!
  *

diff --git a/app/AvailableIp.php b/app/AvailableIp.php
@@ -4,7 +4,19 @@
 
 use Illuminate\Database\Eloquent\Model;
 
+/**
+ * App\AvailableIp
+ *
+ * @property int $id
+ * @property string $ip
+ * @method static \Illuminate\Database\Eloquent\Builder|\App\AvailableIp newModelQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|\App\AvailableIp newQuery()
+ * @method static \Illuminate\Database\Eloquent\Builder|\App\AvailableIp query()
+ * @method static \Illuminate\Database\Eloquent\Builder|\App\AvailableIp whereId($value)
+ * @method static \Illuminate\Database\Eloquent\Builder|\App\AvailableIp whereIp($value)
+ * @mixin \Eloquent
+ */
 class AvailableIp extends Model
 {
-    //
+    public $timestamps = false;
 }
diff --git a/app/Http/Controllers/ClientController.php b/app/Http/Controllers/ClientController.php
@@ -2,11 +2,62 @@
 
 namespace App\Http\Controllers;
 
+use App\AvailableIp;
+use App\Util\WireGuardWrapper;
+use Composer\Config;
 use Illuminate\Http\Request;
 
 class ClientController extends Controller
 {
-    public function addClient(){
+    public function addClient()
+    {
+        $wireGuardServerPublicIp = config('wireguard.WIREGUARD_PUBLIC_IP');
+        $wireGuardServerPublicKey = config('wireguard.WIREGUARD_PUBLIC_KEY');
+        $listenPort = config('wireguard.WIREGUARD_LISTEN_PORT');
+        $keyPair = WireGuardWrapper::getInstance()->generateKeyPair();
+        $ip = AvailableIp::where('is_assigned', false)->first();
 
+        if (!$ip) {
+            return response()->json(["success" => false, "status" => "error", "message" => "IP range exhausted."]);
+        }
+        $ipToAssign = "$ip->ip/32";
+
+        WireGuardWrapper::getInstance()->addClientToServer($keyPair[0], $ipToAssign);
+
+        $config = <<<EOD
+[Interface]
+PrivateKey = $keyPair[1]
+Address = $ipToAssign
+DNS = 8.8.8.8
+
+[Peer]
+PublicKey = $wireGuardServerPublicKey
+Endpoint = $wireGuardServerPublicIp:$listenPort
+AllowedIPs = 0.0.0.0/0
+PersistentKeepalive = 25
+EOD;
+        $ip->public_key = $keyPair[0];
+        $ip->endpoint = $ipToAssign;
+        $ip->is_assigned = true;
+        $ip->save();
+        return response()->json(["config" => $config, "key_pair" => $keyPair]);
+    }
+
+    public function removeClient(Request $request)
+    {
+        $publicKey = $request->query("public_key");
+        $ip = AvailableIp::where('public_key', $publicKey)->first();
+        if ($ip) {
+
+            WireGuardWrapper::getInstance()->removeClientFromServer($publicKey);
+
+            $ip->public_key = null;
+            $ip->endpoint = null;
+            $ip->is_assigned = false;
+            $ip->save();
+            return response()->json(["success" => true, "status" => "ok", "message" => "Client removed from server"]);
+        } else {
+            return response()->json(["success" => false, "status" => "error", "message" => "No such peer exists."]);
+        }
     }
 }
diff --git a/app/User.php b/app/User.php
@@ -29,6 +29,7 @@
  * @method static \Illuminate\Database\Eloquent\Builder|\App\User whereUsername($value)
  * @method static \Illuminate\Database\Eloquent\Builder|\App\User whereWgInterfaceIp($value)
  * @mixin \Eloquent
+ * @property-read \App\UserRole $role
  */
 class User extends Authenticatable
 {

diff --git a/app/Util/WireGuardWrapper.php b/app/Util/WireGuardWrapper.php
@@ -16,8 +16,8 @@ class WireGuardWrapper
 
     private function __construct()
     {
-        $this->ssh = new SSH2('192.168.2.5');
-        $this->ssh->login("parthib", "parthib");
+        $this->ssh = new SSH2(config('wireguard.WIREGUARD_PUBLIC_IP'));
+        $this->ssh->login(config('wireguard.WIREGUARD_USERNAME'), config('wireguard.WIREGUARD_PASSWORD'));
     }
 
     public static function getInstance()
@@ -40,6 +40,16 @@ public function generateKeyPair()
         return [trim($publicKey), trim($privateKey)];
     }
 
+    public function addClientToServer($publicKey, $ip)
+    {
+        $this->executeCommand("sudo wg set wg0 peer $publicKey allowed-ips $ip");
+    }
+
+    public function removeClientFromServer($publicKey)
+    {
+        $this->executeCommand("sudo wg set wg0 peer $publicKey remove");
+    }
+
     public function showWireGuardStatus()
     {
         return $this->executeCommand("sudo wg");

diff --git a/config/wireguard.php b/config/wireguard.php
@@ -7,5 +7,7 @@
     'WIREGUARD_PUBLIC_KEY' => env('WIREGUARD_PUBLIC_KEY'),
     'WIREGUARD_PUBLIC_IP' => env('WIREGUARD_PUBLIC_IP'),
     'WIREGUARD_LISTEN_PORT' => env('WIREGUARD_LISTEN_PORT'),
-    'WIREGUARD_INTERFACE_IP' => env('WIREGUARD_INTERFACE_IP')
+    'WIREGUARD_INTERFACE_IP' => env('WIREGUARD_INTERFACE_IP'),
+    'WIREGUARD_USERNAME' => env('WIREGUARD_USERNAME'),
+    'WIREGUARD_PASSWORD' => env('WIREGUARD_PASSWORD')
 ];
diff --git a/database/migrations/2020_03_18_181258_create_available_ips_table.php b/database/migrations/2020_03_18_181258_create_available_ips_table.php
@@ -17,6 +17,9 @@ public function up()
         Schema::create('available_ips', function (Blueprint $table) {
             $table->bigIncrements('id');
             $table->string("ip");
+            $table->string("endpoint")->nullable();
+            $table->string("public_key")->nullable();
+            $table->boolean("is_assigned")->nullable();
         });
     }
 

diff --git a/database/seeds/AvailableIpsTableSeeder.php b/database/seeds/AvailableIpsTableSeeder.php
@@ -23,7 +23,9 @@ private function getIpsInRange($cidrRange)
         $arr = [];
         $maxPossibleHostCount = ip2long("255.255.255.255") - ip2long($networkMask);
         for ($i = 1; $i < $maxPossibleHostCount; $i++) {
-            $arr[] = ["ip" => long2ip((ip2long($cidr[0]) & ip2long($networkMask)) | ip2long(long2ip($i)))];
+            $arr[] = [
+                "ip" => long2ip((ip2long($cidr[0]) & ip2long($networkMask)) | ip2long(long2ip($i))),
+                "is_assigned" => false];
         }
         $serverIp = explode("/", config('wireguard.WIREGUARD_INTERFACE_IP'))[0];
         $index = array_search($serverIp, $arr);

diff --git a/routes/api.php b/routes/api.php
@@ -24,3 +24,4 @@
 
 Route::post("/login", "LoginController@login");
 Route::put("/client", "ClientController@addClient");
+Route::delete("/client", "ClientController@removeClient");