summaryrefslogtreecommitdiffhomepage
path: root/protocols
diff options
context:
space:
mode:
Diffstat (limited to 'protocols')
-rw-r--r--protocols/luci-proto-openfortivpn/Makefile14
-rw-r--r--protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js83
-rw-r--r--protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js20
-rwxr-xr-xprotocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard26
-rw-r--r--protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json10
5 files changed, 153 insertions, 0 deletions
diff --git a/protocols/luci-proto-openfortivpn/Makefile b/protocols/luci-proto-openfortivpn/Makefile
new file mode 100644
index 0000000000..17a63f78eb
--- /dev/null
+++ b/protocols/luci-proto-openfortivpn/Makefile
@@ -0,0 +1,14 @@
+#
+# Copyright (C) 2008-2020 The LuCI Team <luci@lists.subsignal.org>
+#
+# This is free software, licensed under the Apache License, Version 2.0 .
+#
+
+include $(TOPDIR)/rules.mk
+
+LUCI_TITLE:=Support for OpenFortivpn
+LUCI_DEPENDS:=+openfortivpn
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot signature
diff --git a/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js
new file mode 100644
index 0000000000..d0e6bdb011
--- /dev/null
+++ b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js
@@ -0,0 +1,83 @@
+'use strict';
+'require rpc';
+'require form';
+'require network';
+'require tools.widgets as widgets';
+
+network.registerPatternVirtual(/^vpn-.+$/);
+
+
+return network.registerProtocol('openfortivpn', {
+ getI18n: function() {
+ return _('OpenFortivpn');
+ },
+
+ getIfname: function() {
+ return this._ubus('l3_device') || 'vpn-%s'.format(this.sid);
+ },
+
+ getOpkgPackage: function() {
+ return 'openfortivpn';
+ },
+
+ isFloating: function() {
+ return true;
+ },
+
+ isVirtual: function() {
+ return true;
+ },
+
+ getDevices: function() {
+ return null;
+ },
+
+ containsDevice: function(ifname) {
+ return (network.getIfnameOf(ifname) == this.getIfname());
+ },
+
+ renderFormOptions: function(s) {
+ var o;
+
+ o = s.taboption('general', form.Value, 'peeraddr', _('VPN Server'));
+ o.datatype = 'host(0)';
+
+ o = s.taboption('general', form.Value, 'port', _('VPN Server port'));
+ o.placeholder = '443';
+ o.datatype = 'port';
+ o.optional = true;
+
+ s.taboption("general", form.Value, "username", _("Username"));
+
+ o = s.taboption('general', form.Value, 'password', _('Password'));
+ o.password = true;
+
+ o = s.taboption('advanced', widgets.NetworkSelect, 'tunlink', _('Bind interface'), _('Bind the tunnel to this interface (optional).'));
+ o.exclude = s.section;
+ o.nocreate = true;
+ o.optional = true;
+
+ o = s.taboption('advanced', form.Value, 'trusted_cert', _("VPN Server's certificate SHA1 hash"));
+ o.datatype = 'and(hexstring,length(64))'
+ o.optional = true;
+
+ o = s.taboption('advanced', form.Flag, 'defaultroute', _('Use default gateway'), _('If unchecked, no default route is configured'));
+ o.default = o.enabled;
+ o.optional = true;
+
+ o = s.taboption('advanced', form.Flag, 'peerdns', _('Use DNS servers advertised by peer'), _('If unchecked, the advertised DNS server addresses are ignored'));
+ o.default = o.enabled;
+ o.optional = true;
+
+ o = s.taboption('advanced', form.Value, 'metric', _('Use gateway metric'));
+ o.placeholder = '0';
+ o.datatype = 'uinteger';
+ o.optional = true;
+
+ o = s.taboption("advanced", form.Value, 'local_ip', _("Local IP address"));
+ o.placeholder = '192.168.0.5'
+ o.dataype = 'ipaddr'
+ o.optional = true;
+
+ }
+});
diff --git a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js
index e88c07c339..4690ecfc7f 100644
--- a/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js
+++ b/protocols/luci-proto-wireguard/htdocs/luci-static/resources/protocol/wireguard.js
@@ -1,8 +1,16 @@
'use strict';
+'require ui';
'require uci';
+'require rpc';
'require form';
'require network';
+var generateKey = rpc.declare({
+ object: 'luci.wireguard',
+ method: 'generateKeyPair',
+ expect: { keys: {} }
+});
+
function validateBase64(section_id, value) {
if (value.length == 0)
return true;
@@ -55,6 +63,18 @@ return network.registerProtocol('wireguard', {
o.validate = validateBase64;
o.rmempty = false;
+ o = s.taboption('general', form.Button, 'generate_key', _('Generate Key'));
+ o.inputstyle = 'apply';
+ o.onclick = ui.createHandlerFn(this, function(section_id, ev) {
+ return generateKey().then(function(keypair) {
+ var keyInput = document.getElementById('widget.cbid.network.%s.private_key'.format(section_id)),
+ changeEvent = new Event('change');
+
+ keyInput.value = keypair.priv || '';
+ keyInput.dispatchEvent(changeEvent);
+ });
+ }, s.section);
+
o = s.taboption('general', form.Value, 'listen_port', _('Listen Port'), _('Optional. UDP port used for outgoing and incoming packets.'));
o.datatype = 'port';
o.placeholder = _('random');
diff --git a/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard
new file mode 100755
index 0000000000..a6c951f3de
--- /dev/null
+++ b/protocols/luci-proto-wireguard/root/usr/libexec/rpcd/luci.wireguard
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+. /usr/share/libubox/jshn.sh
+
+case "$1" in
+ list)
+ json_init
+ json_add_object "generateKeyPair"
+ json_close_object
+ json_dump
+ ;;
+ call)
+ case "$2" in
+ generateKeyPair)
+ prv=$(wg genkey)
+ pub=$(echo $prv | wg pubkey)
+ json_init
+ json_add_object "keys"
+ json_add_string "priv" "$prv"
+ json_add_string "pub" "$pub"
+ json_close_object
+ json_dump
+ ;;
+ esac
+ ;;
+esac
diff --git a/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json
new file mode 100644
index 0000000000..4bbcb81578
--- /dev/null
+++ b/protocols/luci-proto-wireguard/root/usr/share/rpcd/acl.d/luci-wireguard.json
@@ -0,0 +1,10 @@
+{
+ "luci-proto-wireguard": {
+ "description": "Grant access to LuCI Wireguard procedures",
+ "write": {
+ "ubus": {
+ "luci.wireguard": [ "generateKeyPair" ]
+ }
+ }
+ }
+}