Merge 1c267b732b into a97a91b844

Fixed issue where Preshared Key is not added when unrestricted peers

src/Dockerfile

@@ -0,0 +1,29 @@
+FROM python:3.10.2-alpine3.15 as base
+
+
+RUN  apk  --update-cache upgrade && apk add --no-cache gcc g++ libffi-dev  jpeg-dev zlib-dev libjpeg  wireguard-tools   iptables ip6tables inotify-tools \
+    && rm -rf /var/cache/apk/*
+
+RUN mkdir -p /etc/wireguard/
+
+# configure wireguard
+RUN wg genkey |  tee /etc/wireguard/privatekey | wg pubkey |  tee /etc/wireguard/publick
+
+
+
+RUN  cd /etc/wireguard/ && echo "[Interface]" >> wg0.conf &&  echo -n "PrivateKey = " >> wg0.conf && cat privatekey >> wg0.conf  \
+    && echo  "ListenPort = 51820" >> wg0.conf && echo  "Address = 10.1.1.1/32" >> wg0.conf  && chmod 700 wg0.conf
+
+
+COPY requirements.txt  /opt/wgdashboard/
+RUN pip3 install -r /opt/wgdashboard/requirements.txt   --no-cache-dir
+
+
+FROM base 
+COPY . /opt/WGDashboard/src
+WORKDIR /opt/WGDashboard/src 
+
+
+EXPOSE 10086
+EXPOSE 51820/udp
+

src/dashboard.py

@@ -693,8 +693,6 @@ class WireguardConfiguration:
         return False, None
 
     def allowAccessPeers(self, listOfPublicKeys):
-        # numOfAllowedPeers = 0
-        # numOfFailedToAllowPeers = 0
         if not self.getStatus():
             self.toggleConfiguration()
         
@@ -705,7 +703,15 @@ class WireguardConfiguration:
                                % (self.Name, self.Name,), (p['id'],))
                 sqlUpdate("DELETE FROM '%s_restrict_access' WHERE id = ?"
                                % self.Name, (p['id'],))
-                subprocess.check_output(f"wg set {self.Name} peer {p['id']} allowed-ips {p['allowed_ip']}",
+                
+                presharedKeyExist = len(p['preshared_key']) > 0
+                rd = random.Random()
+                uid = uuid.UUID(int=rd.getrandbits(128), version=4)
+                if presharedKeyExist:
+                    with open(f"{uid}", "w+") as f:
+                        f.write(p['preshared_key'])
+                        
+                subprocess.check_output(f"wg set {self.Name} peer {p['id']} allowed-ips {p['allowed_ip']}{f' preshared-key {uid}' if presharedKeyExist else ''}",
                                         shell=True, stderr=subprocess.STDOUT)
             else:
                 return ResponseObject(False, "Failed to allow access of peer " + i)

src/docker-compose.yaml

@@ -0,0 +1,20 @@
+version: "3.7"
+services:
+
+  web:
+    build: 
+      context: .
+    container_name: WGDashboard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE  
+    command:   python dashboard.py
+    #command:  gunicorn --bind 0.0.0.0:10086  dashboard:app
+    restart: unless-stopped 
+    volumes:
+      - ./dashboard.py:/opt/WGDashboard/src/dashboard.py:rw
+    ports:
+      - 10086:10086
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1