server: Implement disable-peer and enable-peer commands (#226)

* client: Update enable_or_disable_peer exit message to be more accurate

* server: Implement disable-peer and enable-peer commands

* server: Immediately apply enable- and disable-peer to device
pull/239/head
Jakob-Niklas See 2022-08-10 23:13:55 +02:00 committed by GitHub
parent 047660733b
commit 15594d4458
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 56 additions and 1 deletions

View File

@ -827,7 +827,7 @@ fn enable_or_disable_peer(
contents.is_disabled = !enable;
api.http_form("PUT", &format!("/admin/peers/{}", id), contents)?;
} else {
log::info!("exiting without disabling peer.");
log::info!("exiting without enabling or disabling peer.");
}
Ok(())

View File

@ -95,6 +95,12 @@ enum Command {
args: AddPeerOpts,
},
/// Disable an enabled peer
DisablePeer { interface: Interface },
/// Enable a disabled peer
EnablePeer { interface: Interface },
/// Rename an existing peer.
RenamePeer {
interface: Interface,
@ -264,6 +270,12 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
} => serve(*interface, &conf, routing).await?,
Command::AddPeer { interface, args } => add_peer(&interface, &conf, args, opts.network)?,
Command::RenamePeer { interface, args } => rename_peer(&interface, &conf, args)?,
Command::DisablePeer { interface } => {
enable_or_disable_peer(&interface, &conf, false, opts.network)?
},
Command::EnablePeer { interface } => {
enable_or_disable_peer(&interface, &conf, true, opts.network)?
},
Command::AddCidr { interface, args } => add_cidr(&interface, &conf, args)?,
Command::DeleteCidr { interface, args } => delete_cidr(&interface, &conf, args)?,
Command::Completions { shell } => {
@ -365,6 +377,49 @@ fn rename_peer(
Ok(())
}
fn enable_or_disable_peer(
interface: &InterfaceName,
conf: &ServerConfig,
enable: bool,
network: NetworkOpts,
) -> Result<(), Error> {
let conn = open_database_connection(interface, conf)?;
let peers = DatabasePeer::list(&conn)?
.into_iter()
.map(|dp| dp.inner)
.collect::<Vec<_>>();
if let Some(peer) = prompts::enable_or_disable_peer(&peers[..], enable)? {
let mut db_peer = DatabasePeer::get(&conn, peer.id)?;
db_peer.update(
&conn,
PeerContents {
is_disabled: !enable,
..peer.contents.clone()
},
)?;
if enable {
DeviceUpdate::new()
.add_peer(db_peer.deref().into())
.apply(interface, network.backend)
.map_err(|_| ServerError::WireGuard)?;
} else {
let public_key =
Key::from_base64(&peer.public_key).map_err(|_| ServerError::WireGuard)?;
DeviceUpdate::new()
.remove_peer_by_key(&public_key)
.apply(interface, network.backend)
.map_err(|_| ServerError::WireGuard)?;
}
} else {
log::info!("exiting without enabling or disabling peer.");
}
Ok(())
}
fn add_cidr(
interface: &InterfaceName,
conf: &ServerConfig,