Init create and delete workflow

2019-07-10 20:59:43 +00:00 · 2019-07-10 20:59:43 +00:00 · 751e312862
commit 751e312862
10 changed files with 2787 additions and 0 deletions
--- a/api/v1/doc.go
+++ b/api/v1/doc.go
@ -0,0 +1,28 @@
+/*
+	Copyright (c) 2019 @crosbymichael
+
+	Permission is hereby granted, free of charge, to any person
+	obtaining a copy of this software and associated documentation
+	files (the "Software"), to deal in the Software without
+	restriction, including without limitation the rights to use, copy,
+	modify, merge, publish, distribute, sublicense, and/or sell copies
+	of the Software, and to permit persons to whom the Software is
+	furnished to do so, subject to the following conditions:
+
+	The above copyright notice and this permission notice shall be
+	included in all copies or substantial portions of the Software.
+
+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+	EXPRESS OR IMPLIED,
+	INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+	IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+	HOLDERS BE LIABLE FOR ANY CLAIM,
+	DAMAGES OR OTHER LIABILITY,
+	WHETHER IN AN ACTION OF CONTRACT,
+	TORT OR OTHERWISE,
+	ARISING FROM, OUT OF OR IN CONNECTION WITH
+	THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+package v1
--- a/api/v1/guard.pb.go
+++ b/api/v1/guard.pb.go
--- a/api/v1/guard.proto
+++ b/api/v1/guard.proto
@ -0,0 +1,54 @@
+syntax = "proto3";
+
+package com.crosbymichael.guard.v1;
+
+import weak "gogoproto/gogo.proto";
+import "google/protobuf/empty.proto";
+
+option go_package = "github.com/crosbymichael/guard/api/v1;v1";
+
+service Wireguard {
+	rpc Create(CreateRequest) returns (CreateResponse);
+	rpc Delete(DeleteRequest) returns (google.protobuf.Empty);
+	rpc List(google.protobuf.Empty) returns (ListResponse);
+}
+
+message CreateRequest {
+	string id = 1 [(gogoproto.customname) = "ID"];
+	uint32 listen_port = 2;
+	string address = 3;
+}
+
+message CreateResponse {
+	Tunnel tunnel = 1;
+}
+
+message DeleteRequest {
+	string id = 1 [(gogoproto.customname) = "ID"];
+}
+
+message ListResponse {
+	repeated Tunnel tunnels = 1;
+}
+
+message Tunnel {
+	string id = 1 [(gogoproto.customname) = "ID"];
+	string private_key = 2;
+	uint32 listen_port = 3;
+	string address = 4;
+	string dns = 5 [(gogoproto.customname) = "DNS"];
+	repeated Peer peers = 6;
+	Masquerade masquerade = 7;
+}
+
+message Peer {
+	string public_key = 1;
+	repeated string allowed_ips = 2 [(gogoproto.customname) = "AllowedIPs"];
+	string endpoint = 3;
+	uint32 persistent_keepalive = 4;
+	string comment = 5;
+}
+
+message Masquerade {
+	string interface = 1;
+}
--- a/api/v1/tunnel.go
+++ b/api/v1/tunnel.go
@ -0,0 +1,74 @@
+/*
+	Copyright (c) 2019 @crosbymichael
+
+	Permission is hereby granted, free of charge, to any person
+	obtaining a copy of this software and associated documentation
+	files (the "Software"), to deal in the Software without
+	restriction, including without limitation the rights to use, copy,
+	modify, merge, publish, distribute, sublicense, and/or sell copies
+	of the Software, and to permit persons to whom the Software is
+	furnished to do so, subject to the following conditions:
+
+	The above copyright notice and this permission notice shall be
+	included in all copies or substantial portions of the Software.
+
+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+	EXPRESS OR IMPLIED,
+	INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+	IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+	HOLDERS BE LIABLE FOR ANY CLAIM,
+	DAMAGES OR OTHER LIABILITY,
+	WHETHER IN AN ACTION OF CONTRACT,
+	TORT OR OTHERWISE,
+	ARISING FROM, OUT OF OR IN CONNECTION WITH
+	THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+
+package v1
+
+import (
+	"io"
+	"strings"
+	"text/template"
+
+	"github.com/pkg/errors"
+)
+
+const confFmt = `[Interface]
+PrivateKey = {{.PrivateKey}}
+{{if gt .ListenPort 0}}ListenPort = {{.ListenPort}}{{end}}
+Address = {{.Address}}
+{{if .DNS }}DNS = {{.DNS}}{{end}}
+
+{{if .Masquerade}}
+PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {{.Masquerade.Interface}} -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {{.Masquerade.Interface}} -j MASQUERADE
+{{end}}
+
+{{range $peer := .Peers -}}
+# {{$peer.Comment}}
+[Peer]
+PublicKey = {{$peer.PublicKey}}
+AllowedIPs = {{joinIPs $peer.AllowedIPs}}
+{{if .Endpoint}}Endpoint = {{.Endpoint}}{{end}}
+{{if .PersistentKeepalive}}PersistentKeepalive = {{.PersistentKeepalive}}{{end}}
+{{end}}
+`
+
+func (t *Tunnel) Render(w io.Writer) error {
+	tmp, err := template.New("wireguard").Funcs(template.FuncMap{
+		"joinIPs": joinIPs,
+	}).Parse(confFmt)
+	if err != nil {
+		return errors.Wrap(err, "parse template")
+	}
+	if err := tmp.Execute(w, t); err != nil {
+		return errors.Wrap(err, "execute template")
+	}
+	return nil
+}
+
+func joinIPs(ips []string) string {
+	return strings.Join(ips, ", ")
+}