--- rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11721-init.patch 2021/10/28 01:24:08 1.2
+++ rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11721-init.patch 2021/10/28 03:35:36 1.6
@@ -32,3 +32,188 @@ diff -Nur --no-dereference smeserver-wir
$public=`/usr/bin/echo $private | /usr/bin/wg pubkey`;
chomp $public;
if ( ! defined ${'wg-quick@wg0'}{'public'} || ${'wg-quick@wg0'}{'public'} ne $public) {
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard 1969-12-31 19:00:00.000000000 -0500
++++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard 2021-06-28 03:17:15.000000000 -0400
+@@ -0,0 +1,12 @@
++# wireguard specific configuration
++{
++$wg = $wireguard{status} || 'disabled';
++$wg0 = ${'wg-quick@wg0'}{status} || 'disabled';
++if ($wg0 eq 'enabled') {
++ $OUT .= "enable wg-quick\@wg0.service\n";
++} else {
++ $OUT .= "disable wg-quick\@wg0.service\n";
++}
++
++}
++
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard 2021-06-28 03:17:15.000000000 -0400
++++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard 1969-12-31 19:00:00.000000000 -0500
+@@ -1,12 +0,0 @@
+-# wireguard specific configuration
+-{
+-$wg = $wireguard{status} || 'disabled';
+-$wg0 = ${'wg-quick@wg0'}{status} || 'disabled';
+-if ($wg0 eq 'enabled') {
+- $OUT .= "enable wg-quick\@wg0.service\n";
+-} else {
+- $OUT .= "disable wg-quick\@wg0.service\n";
+-}
+-
+-}
+-
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/createlink smeserver-wireguard-1.0/createlink
+--- smeserver-wireguard-1.0.old/createlink 2021-10-27 21:37:41.284000000 -0400
++++ smeserver-wireguard-1.0/createlink 2021-10-27 21:38:21.164000000 -0400
+@@ -33,7 +33,7 @@
+ ));
+ event_services($event, qw(
+ masq restart
+- 'wg-quick@wg0' restart
++ wg-quick@wg0 restart
+ ));
+ event_link("wireguard-network", $event, "30");
+
+@@ -44,7 +44,7 @@
+ /etc/wireguard/server_public.key
+ ));
+ event_services($event, qw(
+- 'wg-quick@wg0' restart
++ wg-quick@wg0 restart
+ ));
+
+ #wireguard-user-create
+@@ -65,7 +65,7 @@
+ /etc/wireguard/server_public.key
+ ));
+ event_services($event, qw(
+- 'wg-quick@wg0' restart
++ wg-quick@wg0 restart
+ ));
+
+
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard smeserver-wireguard-1.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard 2021-10-26 23:15:11.000000000 -0400
++++ smeserver-wireguard-1.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard 2021-10-27 21:41:45.296000000 -0400
+@@ -239,6 +239,10 @@
+ You can not alter the server ip, mask, private and public key as there are already some clients configured.
+
+
++
++ NO_CONF
++ No configured client
++
+
+
+
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface 2021-06-28 04:41:57.000000000 -0400
++++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface 2021-10-27 17:41:12.223000000 -0400
+@@ -4,7 +4,6 @@
+ PrivateKey = {${'wg-quick@wg0'}{private}}
+
+ # this should be added to masq with correct interfaces
+-#eth0 should be rempalced by external interface if available or internal
+-#PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+-#PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
++PostUp = iptables -I FORWARD -i %i -j ACCEPT; iptables -I FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ? $InternalInterface{Name} : $ExternalInterface{Name}; return $InternalInterface{Name} } -j MASQUERADE
++PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ? $InternalInterface{Name} : $ExternalInterface{Name}; return $InternalInterface{Name} } -j MASQUERADE
+
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers 2021-06-28 04:46:01.000000000 -0400
++++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers 2021-10-27 17:41:12.429000000 -0400
+@@ -1,33 +1,36 @@
+ {
+-$OUT = "";
++use esmith::AccountsDB;
+
+-return;
+-my $wg = esmith::ConfigDB->open_ro('/etc/e-smith/db/wireguard') or return "#no peers";
+-# for each user
++my $wg = esmith::ConfigDB->open_ro('/home/e-smith/db/wireguard');
+ my $accounts = esmith::AccountsDB->open_ro;
+-for my $user ( $accounts->get_all_by_prop(type => 'wg0') ) {
++
++# for each user
++my @users = ( $accounts->users );
++push(@users, $accounts->get('admin'));
++for my $user ( @users ) {
+ my $username = $user->key;
++ my $count = 0;
+ for my $cnx ( $wg->get_all_by_prop(user => $username) ) {
++ $count++;
+ my $public = $cnx->prop('public');
+- my $ip = $cnx->prop('ip');
++ my $ip = $cnx->key;
+ my $info = $cnx->prop('info');
++ my $status = $cnx->prop('status') || "enabled";
++ if ( $status eq "disabled" ) {
++ $OUT .= "\n# $username : $info DISABLED (PublicKey = $public ; AllowedIPs = $ip)\n";
++ next;
++ }
+
+-# wireguard
+-#private;public;ips;info#private;public;ips;info
+-#private and public is base64 : +/= could be in it
+-#ips can be v4 or v6 with subnet ./:,
+-#info could have letters, digit and space
+-# to separate multiple #
+-
+- $OUT .= "
++ $OUT .= "
+ [Peer]
+ # $username : $info
+ PublicKey = $public
+ AllowedIPs = $ip\n";
+- }
+
++
++ }
++ $OUT .= "# no entry for user $username\n" if $count <1;
+ }
+
+
+ }
+-
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers
+--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers 2021-06-08 03:56:43.000000000 -0400
++++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers 1969-12-31 19:00:00.000000000 -0500
+@@ -1,3 +0,0 @@
+-
+-#TODO
+-
+diff -Nur --no-dereference smeserver-wireguard-1.0.old/createlink smeserver-wireguard-1.0/createlink
+--- smeserver-wireguard-1.0.old/createlink 2021-10-27 23:25:06.319000000 -0400
++++ smeserver-wireguard-1.0/createlink 2021-10-27 23:33:11.426000000 -0400
+@@ -16,7 +16,7 @@
+
+ event_services($event, qw(
+ masq restart
+- 'wg-quick@wg0' restart
++ wg-quick@wg0 restart
+ ));
+ event_link("wireguard-network", $event, "30");
+ templates2events("/etc/systemd/system-preset/49-koozali.preset", $event);
+@@ -54,7 +54,7 @@
+ /etc/wireguard/server_public.key
+ ));
+ event_services($event, qw(
+- 'wg-quick@wg0' restart
++ wg-quick@wg0 restart
+ ));
+ event_link("wireguard-user-create", $event, "03");
+
+@@ -67,6 +67,11 @@
+ event_services($event, qw(
+ wg-quick@wg0 restart
+ ));
++
++$event="remoteaccess-update";
++event_services($event, qw(
++ wg-quick@wg0 restart
++));
+
+
+ panel_link("wireguard", "manager");