| Age | Commit message (Collapse) | Author |
|---|
|
Closes #7354
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
|
follow-up to 7acea818735a9c5e8577d6b57f359996956f15e4
Closes #7347
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
|
Fixed bug with incorrect peer name detection on `Status -> WireGuard`
page when more than one peer with the same public key exist:
1. Peers are now tested not only by public key, but also by
enabled/disabled status, peer host (both IP and FQDN are supported)
and port.
2. Added required `resolveip` dependency.
Closes #7342
Signed-off-by: @this-username-has-been-taken
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
|
It's clumsy to enable/disable peers from the modal, save some clicks
Signed-off-by: Bryan Roessler <bryanroessler@gmail.com>
|
|
If for some reason luci-lib-uqr is absent, the GUI shows that the proto
handler needs installing (since it now has a dep which is missing).
Suitable action is to install the lib or remove/install wireguard again.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
|
Daniel F. Dickinson changed email address to <dfdpublic@wildtechgarden.ca>
luci-all-lxl has a maintainer Petar Koretic <petar.koretic@sartura.hr> but there is no corresponding GitHub account.
So Dirk Brenken was added as a second maintainer: he answered on an issue of the app.
When maintainer wasn't set the initial author was used, or most contributor or Jo-Philipp Wich as a default.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
|
|
Remove the unnecessary PROVIDES statements from two protocols.
Wireguard was recently changed erroneously: the old compatibility
reference to luci-app-wireguard was replaced by self-reference.
But as the app and proto were combined already in 2022, the old
compatibility define should be unnecessary by now, so just remove it.
Yggdrasil has had a similar unnecessary setting (package
PROVIDES itself), so remove that at the same time.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
|
|
once-upon-a-time it was called luci-app-wireguard. Now it's proto.
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
The config generation code was referencing a not existing `dns_servers`
input field.
Fixes: #6921
Fixes: 5b26887c52 ("Adding a DNS option to the wireguard peer config ...")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Some clients like iOS require this explicitly, and so this change
adds the appropriate config with some sensible defaults.
Closes #6351
Signed-off-by: Nicholaos Mouzourakis <nevumx@gmail.com>
Signed-off-by: Paul Donald <newtwen@gmail.com>
Tested-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 990696d73f982de015df7c7d552daef1a03f50c5)
|
|
Quality of life improvements. Reduce click amounts.
LuCI batches all changes for user-review anyway.
Tested on 23.05.0
Signed-off-by: Paul Donald <newtwen@gmail.com>
|
|
Some clients like iOS require this explicitly, and so this change
adds the appropriate config with some sensible defaults.
Addresses issue #6050
Signed-off-by: Nicholaos Mouzourakis <nevumx@gmail.com>
|
|
config
Signed-off-by: Jonathan Duncan <JonathanDuncan@gmail.com>
|
|
To setup (n) -> To set(v) up
Signed-off-by: Paul Dee <itsascambutmailmeanyway@gmail.com>
|
|
The `domain` option of a DDNS service entry may contain non-hostname values,
use the `lookup_hostname` option instead.
Fixes: #6289
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Avoid referencing not existing `peerdns` option during the configuration
file import process.
Fixes: #6136
Fixes: 2be01cbfcb ("luci-mod-network: restrict peerdns option to protocols that implemenent it")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Explicitly load `network` uci in wireguard rpcd backend as `ctx.foreach()`
does not implicitly load it.
Also remove leftover test setup information from the status page source.
Fixes: #6095
Fixes: 008fa18878 ("luci-proto-wireguard: rewrite rpcd handler in ucode")
Fixes: 6e6fce3eb4 ("luci-proto-wireguard: merge status page functionality")
Ref: https://github.com/jow-/ucode/pull/126
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Merge status page functionality from the separate `luci-app-wireguard`
package into the `luci-proto-wirguard` protocol backend.
Also rewrite the status page markup to be more compact while we're at it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This corrects the option `AllowedIPs` in generated peer configurations,
and allows to customize it via a dropdown list.
Fixes: #5956
Signed-off-by: Julien Cassette <julien.cassette@gmail.com>
[correct fixes tag, slightly adjust option description]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Rewrite the wireguard rpcd plugin in ucode to prevent an implicit dependency
on the LuCI Lua runtime.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
When importing a fully configuration, import all peer entries from it
instead of non-deterministically merging all peer keys into one.
When importing a remote configuration as peer, only use the setting from
the peer section matching our local interface pubkey.
Also relabel the `Import peer configuration` button to
`Import configuration as peer` in order to be more explicit.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
- Reword texts in import dialogs for better clarity, use different
descriptions for full import and peer import
- Allow importing configurations without [Peer] section
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The /etc/config/ddns in particular might not be present on the system,
don't fail if it is absent.
Fixes: #5838
Fixes: 9ba20645b0 ("luci-proto-wireguard: rewrite protocol handler")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The configuration export requires access to /e/c/system and /e/c/ddns for
external hostname hints.
Fixes: #5838
Fixes: 9ba20645b0 ("luci-proto-wireguard: rewrite protocol handler")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
This commit rewrites large chunks of the WireGuard protocol handler in order
to simplify the process of importing and exporting configuration. The major
changes are:
1) The wireguard interface configuration tab (General Settings) gained an
import assistant which allows dragging or pasting a native WireGuard
configuration file in order to import required settrings into uci
2) The peer configuration tab gained a similar import assistant which allows
importing the settings for a WireGuard peer from an existing native
WireGuard configuration file
3) The QR code export feature has been rewritten to make the resulting codes
actually useful for importing into a WireGuard client application.
Additionally the plaintext native WireGuard configuration is displayed
to allow copy-pasting it for use on a Linux or OS X system
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
fixes #5737
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: Lukas Voegl <lvoegl@tdt.de>
|
|
Implement nested grid section support and use it for wireguard peer config
|
|
luci-proto-wireguard: display interface public key
|
|
Turn the list of configured peers into a grid section in order to improve
the overview of the configuration form.
Fixes: #5489
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The custom code generation markup lacked a required CSS class.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Submitted-by: Robert Walli <12079858+rwalli@users.noreply.github.com>
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: Paul Dee <itsascambutmailmeanyway@gmail.com>
|
|
The `luci.wireguard.generateQrCode` UBUS method allows injecting
arbitrary shell code by not sanitizing the `privkey` and `allowed_ips`
arguments before concatenating them into shell command expressions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Fixes: #5407
Fixes: 03d615f62c ("luci-proto-wireguard: add more options to qr code")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
luci-app-wireguard: fix allowed_ip parsing
|
|
Signed-off-by: lvoegl <lvoegl@tdt.de>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
|
Signed-off-by: lvoegl <lvoegl@tdt.de>
|
|
Signed-off-by: lvoegl <lvoegl@tdt.de>
|
|
Signed-off-by: lvoegl <lvoegl@tdt.de>
|
|
Signed-off-by: Keith Irwin <git@ki9.us>
|
|
The iptables mark field is 32 bits wide, which is 4 bytes and so 8 hex
characters. Fix the fwmark validation to allow 8 characters in the hex
string.
Fixes: #5098
Suggested-by: Robert <32970961+differentblue@users.noreply.github.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
The introduction of network device configuration support also implemented
all common, protocol-independent interface options directly in the
interface config view, so drop the redundant option definitions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Prepares for 5.10 migration. wireguard-tools will bring in the correct
wireguard kernel module dependency - either kmod-wireguard or
kmod-wireguard-oot.
Depends on https://github.com/openwrt/openwrt/pull/3885
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
|
|
Signed-off-by: Wojciech Jowsa <wojciech.jowsa@gmail.com>
[minor indentation fix, use bound section_id value, remove empty translation]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
