diff options
Diffstat (limited to 'protocols')
5 files changed, 153 insertions, 0 deletions
diff --git a/protocols/luci-proto-openfortivpn/Makefile b/protocols/luci-proto-openfortivpn/Makefile new file mode 100644 index 0000000000..17a63f78eb --- /dev/null +++ b/protocols/luci-proto-openfortivpn/Makefile @@ -0,0 +1,14 @@ +# +# Copyright (C) 2008-2020 The LuCI Team <luci@lists.subsignal.org> +# +# This is free software, licensed under the Apache License, Version 2.0 . +# + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=Support for OpenFortivpn +LUCI_DEPENDS:=+openfortivpn + +include ../../luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js new file mode 100644 index 0000000000..d0e6bdb011 --- /dev/null +++ b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js @@ -0,0 +1,83 @@ +'use strict'; +'require rpc'; +'require form'; +'require network'; +'require tools.widgets as widgets'; + +network.registerPatternVirtual(/^vpn-.+$/); + + +return network.registerProtocol('openfortivpn', { + getI18n: function() { + return _('OpenFortivpn'); + }, + + getIfname: function() { + return this._ubus('l3_device') || 'vpn-%s'.format(this.sid); + }, + + getOpkgPackage: function() { + return 'openfortivpn'; + }, + + isFloating: function() { + return true; + }, + + isVirtual: function() { + return true; + }, + + getDevices: function() { + return null; + }, + + containsDevice: function(ifname) { + return (network.getIfnameOf(ifname) == this.getIfname()); + }, + + renderFormOptions: function(s) { + var o; + + o = s.taboption('general', form.Value, 'peeraddr', _('VPN Server')); + o.datatype = 'host(0)'; + + o = s.taboption('general', form.Value, 'port', _('VPN Server port')); + o.placeholder = '443'; + o.datatype = 'port'; + o.optional = true; + + s.taboption("general", form.Value, "username", _("Username")); + + o = s.taboption('general', form.Value, 'password', _('Password')); + o.password = true; + + o = s.taboption('advanced', widgets.NetworkSelect, 'tunlink', _('Bind interface'), _('Bind the tunnel to this interface (optional).')); + o.exclude = s.section; + o.nocreate = true; + o.optional = true; + + o = s.taboption('advanced', form.Value, 'trusted_cert', _("VPN Server's certificate SHA1 hash")); + o.datatype = 'and(hexstring,length(64))' + o.optional = true; + + o = s.taboption('advanced', form.Flag, 'defaultroute', _('Use default gateway'), _('If unchecked, no default route is configured')); + o.default = o.enabled; + o.optional = true; + + o = s.taboption('advanced', form.Flag, 'peerdns', _('Use DNS servers advertised by peer'), _('If unchecked, the advertised DNS server addresses are ignored')); + o.default = o.enabled; + o.optional = true; + + o = s.taboption('advanced', form.Value, 'metric', _('Use gateway metric')); + o.placeholder = '0'; + o.datatype = 'uinteger'; + o.optional = true; + + o = s.taboption("advanced", form.Value, 'local_ip', _("Local IP address")); + o.placeholder = '192.168.0.5' + o.dataype = 'ipaddr' + o.optional = true; + + } +}); diff --git a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js index e88c07c339..4690ecfc7f 100644 --- a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js +++ b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js @@ -1,8 +1,16 @@ 'use strict'; +'require ui'; 'require uci'; +'require rpc'; 'require form'; 'require network'; +var generateKey = rpc.declare({ + object: 'luci.wireguard', + method: 'generateKeyPair', + expect: { keys: {} } +}); + function validateBase64(section_id, value) { if (value.length == 0) return true; @@ -55,6 +63,18 @@ return network.registerProtocol('wireguard', { o.validate = validateBase64; o.rmempty = false; + o = s.taboption('general', form.Button, 'generate_key', _('Generate Key')); + o.inputstyle = 'apply'; + o.onclick = ui.createHandlerFn(this, function(section_id, ev) { + return generateKey().then(function(keypair) { + var keyInput = document.getElementById('widget.cbid.network.%s.private_key'.format(section_id)), + changeEvent = new Event('change'); + + keyInput.value = keypair.priv || ''; + keyInput.dispatchEvent(changeEvent); + }); + }, s.section); + o = s.taboption('general', form.Value, 'listen_port', _('Listen Port'), _('Optional. UDP port used for outgoing and incoming packets.')); o.datatype = 'port'; o.placeholder = _('random'); diff --git a/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard new file mode 100755 index 0000000000..a6c951f3de --- /dev/null +++ b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard @@ -0,0 +1,26 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh + +case "$1" in + list) + json_init + json_add_object "generateKeyPair" + json_close_object + json_dump + ;; + call) + case "$2" in + generateKeyPair) + prv=$(wg genkey) + pub=$(echo $prv | wg pubkey) + json_init + json_add_object "keys" + json_add_string "priv" "$prv" + json_add_string "pub" "$pub" + json_close_object + json_dump + ;; + esac + ;; +esac diff --git a/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json new file mode 100644 index 0000000000..4bbcb81578 --- /dev/null +++ b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json @@ -0,0 +1,10 @@ +{ + "luci-proto-wireguard": { + "description": "Grant access to LuCI Wireguard procedures", + "write": { + "ubus": { + "luci.wireguard": [ "generateKeyPair" ] + } + } + } +} |