From 227e51b9cfcd754b1dcd3bbfd1db2bb35d189be0 Mon Sep 17 00:00:00 2001 From: Alexander Sulfrian Date: Thu, 16 Feb 2023 17:06:45 +0100 Subject: [PATCH 01/18] SMTP: Support disabling encryption (#297) --- README.md | 2 +- emailer/smtp.go | 2 ++ main.go | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 598a994..a946f80 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ Note: | `SMTP_USERNAME` | The SMTP username | N/A | | `SMTP_PASSWORD` | The SMTP user password | N/A | | `SMTP_AUTH_TYPE` | The SMTP authentication type. Possible values: `PLAIN`, `LOGIN`, `NONE` | `NONE` | -| `SMTP_ENCRYPTION` | the encryption method. Possible values: `SSL`, `SSLTLS`, `TLS`, `STARTTLS` | `STARTTLS` | +| `SMTP_ENCRYPTION` | the encryption method. Possible values: `NONE`, `SSL`, `SSLTLS`, `TLS`, `STARTTLS` | `STARTTLS` | ### Defaults for server configuration diff --git a/emailer/smtp.go b/emailer/smtp.go index d1fdbae..f77db7c 100644 --- a/emailer/smtp.go +++ b/emailer/smtp.go @@ -33,6 +33,8 @@ func authType(authType string) mail.AuthType { func encryptionType(encryptionType string) mail.Encryption { switch strings.ToUpper(encryptionType) { + case "NONE": + return mail.EncryptionNone case "SSL": return mail.EncryptionSSL case "SSLTLS": diff --git a/main.go b/main.go index 3f0cd13..98a0e7c 100644 --- a/main.go +++ b/main.go @@ -61,7 +61,7 @@ func init() { flag.StringVar(&flagSmtpUsername, "smtp-username", util.LookupEnvOrString("SMTP_USERNAME", flagSmtpUsername), "SMTP Username") flag.StringVar(&flagSmtpPassword, "smtp-password", util.LookupEnvOrString("SMTP_PASSWORD", flagSmtpPassword), "SMTP Password") flag.BoolVar(&flagSmtpNoTLSCheck, "smtp-no-tls-check", util.LookupEnvOrBool("SMTP_NO_TLS_CHECK", flagSmtpNoTLSCheck), "Disable TLS verification for SMTP. This is potentially dangerous.") - flag.StringVar(&flagSmtpEncryption, "smtp-encryption", util.LookupEnvOrString("SMTP_ENCRYPTION", flagSmtpEncryption), "SMTP Encryption : SSL, SSLTLS, TLS or STARTTLS (by default)") + flag.StringVar(&flagSmtpEncryption, "smtp-encryption", util.LookupEnvOrString("SMTP_ENCRYPTION", flagSmtpEncryption), "SMTP Encryption : NONE, SSL, SSLTLS, TLS or STARTTLS (by default)") flag.StringVar(&flagSmtpAuthType, "smtp-auth-type", util.LookupEnvOrString("SMTP_AUTH_TYPE", flagSmtpAuthType), "SMTP Auth Type : PLAIN, LOGIN or NONE.") flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", util.LookupEnvOrString("SENDGRID_API_KEY", flagSendgridApiKey), "Your sendgrid api key.") flag.StringVar(&flagEmailFrom, "email-from", util.LookupEnvOrString("EMAIL_FROM_ADDRESS", flagEmailFrom), "'From' email address.") From ccffe4028aa84f2c2ce9d4e97f2711f2060fe638 Mon Sep 17 00:00:00 2001 From: Arminas Date: Thu, 16 Feb 2023 18:08:26 +0200 Subject: [PATCH 02/18] Qr code filename fix (#290) --- templates/clients.html | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/templates/clients.html b/templates/clients.html index 689c261..04fb790 100644 --- a/templates/clients.html +++ b/templates/clients.html @@ -70,7 +70,9 @@ Wireguard Clients @@ -490,9 +481,7 @@ Wireguard Clients cache: false, method: 'GET', url: '{{.basePath}}/api/client/' + client_id, - data: { - qrCodeIncludeFwMark: include_fwmark - }, + data: JSON.stringify(data), dataType: 'json', contentType: "application/json", success: function (resp) { diff --git a/templates/global_settings.html b/templates/global_settings.html index 8a41d1f..15d7b4b 100644 --- a/templates/global_settings.html +++ b/templates/global_settings.html @@ -56,10 +56,10 @@ Global Settings value="{{if .globalSettings.PersistentKeepalive }}{{ .globalSettings.PersistentKeepalive }}{{end}}">
- - + +
@@ -100,8 +100,8 @@ Global Settings until they reach out to other peers themselves. Adding PersistentKeepalive can ensure that the connection remains open.
Leave blank to omit this setting in the Client config.
-
5. Forward Mark
-
Set an fwmark on all packets going out of WireGuard's UDP socket. Default value: 0xca6c
+
5. Firewall Mark
+
Add a matching fwmark on all packets going out of a WireGuard non-default-route tunnel. Default value: 0xca6c
6. Wireguard Config File Path
The path of your Wireguard server config file. Please make sure the parent directory exists and is writable.
@@ -149,9 +149,9 @@ Global Settings const dns_servers = $("#dns_servers").val().split(","); const mtu = $("#mtu").val(); const persistent_keepalive = $("#persistent_keepalive").val(); - const forward_mark = $("#forward_mark").val(); + const firewall_mark = $("#firewall_mark").val(); const config_file_path = $("#config_file_path").val(); - const data = {"endpoint_address": endpoint_address, "dns_servers": dns_servers, "mtu": mtu, "persistent_keepalive": persistent_keepalive, "forward_mark": forward_mark, "config_file_path": config_file_path}; + const data = {"endpoint_address": endpoint_address, "dns_servers": dns_servers, "mtu": mtu, "persistent_keepalive": persistent_keepalive, "firewall_mark": firewall_mark, "config_file_path": config_file_path}; $.ajax({ cache: false, @@ -222,7 +222,7 @@ Global Settings config_file_path: { required: true }, - forward_mark: { + firewall_mark: { required: false } }, diff --git a/util/config.go b/util/config.go index 018690f..7a95f97 100644 --- a/util/config.go +++ b/util/config.go @@ -30,7 +30,7 @@ const ( DefaultDNS = "1.1.1.1" DefaultMTU = 1450 DefaultPersistentKeepalive = 15 - DefaultForwardMark = "0xca6c" + DefaultFirewallMark = "0xca6c" // i.e. 51820 DefaultConfigFilePath = "/etc/wireguard/wg0.conf" UsernameEnvVar = "WGUI_USERNAME" PasswordEnvVar = "WGUI_PASSWORD" @@ -40,7 +40,7 @@ const ( DNSEnvVar = "WGUI_DNS" MTUEnvVar = "WGUI_MTU" PersistentKeepaliveEnvVar = "WGUI_PERSISTENT_KEEPALIVE" - ForwardMarkEnvVar = "WGUI_FORWARD_MARK" + FirewallMarkEnvVar = "WGUI_FIREWALL_MARK" ConfigFilePathEnvVar = "WGUI_CONFIG_FILE_PATH" LogLevel = "WGUI_LOG_LEVEL" ServerAddressesEnvVar = "WGUI_SERVER_INTERFACE_ADDRESSES" diff --git a/util/util.go b/util/util.go index 44f357b..04950f9 100644 --- a/util/util.go +++ b/util/util.go @@ -65,18 +65,12 @@ func BuildClientConfig(client model.Client, server model.Server, setting model.G peerPersistentKeepalive = fmt.Sprintf("PersistentKeepalive = %d\n", setting.PersistentKeepalive) } - forwardMark := "" - if setting.ForwardMark != "" { - forwardMark = fmt.Sprintf("FwMark = %s\n", setting.ForwardMark) - } - // build the config as string strConfig := "[Interface]\n" + clientAddress + clientPrivateKey + clientDNS + clientMTU + - forwardMark + "\n[Peer]\n" + peerPublicKey + peerPresharedKey + From 814093cdd32863dc3b5becfc0ae8de6cd0eec982 Mon Sep 17 00:00:00 2001 From: Paul Dee Date: Wed, 15 Mar 2023 21:39:20 +0100 Subject: [PATCH 15/18] Stamp git commit into docker builds. (#325) --- Dockerfile | 3 ++- README.md | 8 +++++++- main.go | 1 + templates/about.html | 6 ++++++ 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a30cefe..e4d5525 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,6 +4,7 @@ LABEL maintainer="Khanh Ngo Current version
+{{ if .gitCommit }} +
+ + +
+{{ end }}
From abef29bf172482305f940dba7e1519037e05172f Mon Sep 17 00:00:00 2001 From: Matze <37954743+Matze1224@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:41:46 +0100 Subject: [PATCH 16/18] better error-handling if no public IP could be detected (#323) --- README.md | 5 +++-- util/util.go | 6 ++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index eaa18c3..7eca337 100644 --- a/README.md +++ b/README.md @@ -43,14 +43,15 @@ docker-compose up | `WGUI_USERNAME` | The username for the login page. Used for db initialization only | `admin` | | `WGUI_PASSWORD` | The password for the user on the login page. Will be hashed automatically. Used for db initialization only | `admin` | | `WGUI_PASSWORD_HASH` | The password hash for the user on the login page. (alternative to `WGUI_PASSWORD`). Used for db initialization only | N/A | +| `WGUI_ENDPOINT_ADDRESS` | The default endpoint address used in global settings where clients should connect to | Resolved to your public ip address | | `WGUI_FAVICON_FILE_PATH` | The file path used as website favicon | Embedded WireGuard logo | | `WGUI_ENDPOINT_ADDRESS` | The default endpoint address used in global settings | Resolved to your public ip address | | `WGUI_DNS` | The default DNS servers (comma-separated-list) used in the global settings | `1.1.1.1` | | `WGUI_MTU` | The default MTU used in global settings | `1450` | | `WGUI_PERSISTENT_KEEPALIVE` | The default persistent keepalive for WireGuard in global settings | `15` | -| `WGUI_FIREWALL_MARK` | The default WireGuard firewall mark | `0xca6c` (51820) | +| `WGUI_FIREWALL_MARK` | The default WireGuard firewall mark | `0xca6c` (51820) | | `WGUI_CONFIG_FILE_PATH` | The default WireGuard config file path used in global settings | `/etc/wireguard/wg0.conf` | -| `WGUI_LOG_LEVEL` | The default log level. Possible values: `DEBUG`, `INFO`, `WARN`, `ERROR`, `OFF` | `INFO` | | +| `WGUI_LOG_LEVEL` | The default log level. Possible values: `DEBUG`, `INFO`, `WARN`, `ERROR`, `OFF` | `INFO` | | `WG_CONF_TEMPLATE` | The custom `wg.conf` config file template. Please refer to our [default template](https://github.com/ngoduykhanh/wireguard-ui/blob/master/templates/wg.conf) | N/A | | `EMAIL_FROM_ADDRESS` | The sender email address | N/A | | `EMAIL_FROM_NAME` | The sender name | `WireGuard UI` | diff --git a/util/util.go b/util/util.go index 04950f9..35568da 100644 --- a/util/util.go +++ b/util/util.go @@ -220,10 +220,12 @@ func GetPublicIP() (model.Interface, error) { ip, err := consensus.ExternalIP() if err != nil { publicInterface.IPAddress = "N/A" + } else { + publicInterface.IPAddress = ip.String() } - publicInterface.IPAddress = ip.String() - return publicInterface, err + // error handling happend above, no need to pass it through + return publicInterface, nil } // GetIPFromCIDR get ip from CIDR From c8240fe15791d375f5f3441c47cc67cf1d9c856b Mon Sep 17 00:00:00 2001 From: Arminas Date: Wed, 15 Mar 2023 22:45:46 +0200 Subject: [PATCH 17/18] fixed about page not showing menu items (#343) --- handler/routes.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/handler/routes.go b/handler/routes.go index 4f76d22..96be22d 100644 --- a/handler/routes.go +++ b/handler/routes.go @@ -1012,7 +1012,7 @@ func GetHashesChanges(db store.IStore) echo.HandlerFunc { func AboutPage() echo.HandlerFunc { return func(c echo.Context) error { return c.Render(http.StatusOK, "about.html", map[string]interface{}{ - "baseData": model.BaseData{Active: "about", CurrentUser: currentUser(c)}, + "baseData": model.BaseData{Active: "about", CurrentUser: currentUser(c), Admin: isAdmin(c)}, }) } } From e3e363944344ac667f384d8e8bd50df2942eea9b Mon Sep 17 00:00:00 2001 From: Khanh Ngo Date: Wed, 15 Mar 2023 21:50:46 +0100 Subject: [PATCH 18/18] Bracket fixes --- util/util.go | 1 + 1 file changed, 1 insertion(+) diff --git a/util/util.go b/util/util.go index 35568da..b62752d 100644 --- a/util/util.go +++ b/util/util.go @@ -480,6 +480,7 @@ func ParseLogLevel(lvl string) (log.Lvl, error) { default: return log.DEBUG, fmt.Errorf("not a valid log level: %s", lvl) } +} // GetCurrentHash returns current hashes func GetCurrentHash(db store.IStore) (string, string) {