util

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2026 License: MIT Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DefaultUsername                        = "admin"
	DefaultPassword                        = "admin"
	DefaultIsAdmin                         = true
	DefaultServerAddress                   = "10.252.1.0/24"
	DefaultServerPort                      = 51820
	DefaultDNS                             = "1.1.1.1"
	DefaultMTU                             = 1450
	DefaultPersistentKeepalive             = 15
	DefaultFirewallMark                    = "0xca6c" // i.e. 51820
	DefaultTable                           = "auto"
	DefaultConfigFilePath                  = "/etc/wireguard/wg0.conf"
	UsernameEnvVar                         = "WGUI_USERNAME"
	PasswordEnvVar                         = "WGUI_PASSWORD"
	PasswordFileEnvVar                     = "WGUI_PASSWORD_FILE"
	PasswordHashEnvVar                     = "WGUI_PASSWORD_HASH"
	PasswordHashFileEnvVar                 = "WGUI_PASSWORD_HASH_FILE"
	FaviconFilePathEnvVar                  = "WGUI_FAVICON_FILE_PATH"
	EndpointAddressEnvVar                  = "WGUI_ENDPOINT_ADDRESS"
	DNSEnvVar                              = "WGUI_DNS"
	MTUEnvVar                              = "WGUI_MTU"
	PersistentKeepaliveEnvVar              = "WGUI_PERSISTENT_KEEPALIVE"
	FirewallMarkEnvVar                     = "WGUI_FIREWALL_MARK"
	TableEnvVar                            = "WGUI_TABLE"
	ConfigFilePathEnvVar                   = "WGUI_CONFIG_FILE_PATH"
	TimezoneEnvVar                         = "WGUI_TIMEZONE"
	LanguageEnvVar                         = "WGUI_LANGUAGE"
	LogLevel                               = "WGUI_LOG_LEVEL"
	ServerAddressesEnvVar                  = "WGUI_SERVER_INTERFACE_ADDRESSES"
	ServerListenPortEnvVar                 = "WGUI_SERVER_LISTEN_PORT"
	ServerPostUpScriptEnvVar               = "WGUI_SERVER_POST_UP_SCRIPT"
	ServerPostDownScriptEnvVar             = "WGUI_SERVER_POST_DOWN_SCRIPT"
	DefaultClientAllowedIpsEnvVar          = "WGUI_DEFAULT_CLIENT_ALLOWED_IPS"
	DefaultClientExtraAllowedIpsEnvVar     = "WGUI_DEFAULT_CLIENT_EXTRA_ALLOWED_IPS"
	DefaultClientUseServerDNSEnvVar        = "WGUI_DEFAULT_CLIENT_USE_SERVER_DNS"
	DefaultClientEnableAfterCreationEnvVar = "WGUI_DEFAULT_CLIENT_ENABLE_AFTER_CREATION"
	SessionMaxAgeEnvVar                    = "SESSION_MAX_AGE"
)

Variables

View Source 
var (
	DisableLogin       bool
	BindAddress        string
	SmtpHostname       string
	SmtpPort           int
	SmtpUsername       string
	SmtpPassword       string
	SmtpNoTLSCheck     bool
	SmtpEncryption     string
	SmtpAuthType       string
	SmtpHelo           string
	SendgridApiKey     string
	EmailFrom          string
	EmailFromName      string
	SessionSecret      [64]byte
	SessionMaxDuration int64
	SessionMaxAge      int
	WgConfTemplate     string
	BasePath           string
	SubnetRanges       map[string]([]*net.IPNet)
	SubnetRangesOrder  []string
)

Runtime config

View Source 
var DBUsersToCRC32 = map[string]uint32{}
View Source 
var IPToSubnetRange = map[string]uint16{}
View Source 
var TgUseridToClientID = map[int64][]string{}
View Source 
var TgUseridToClientIDMutex sync.RWMutex

Functions

func AddPeerToInterface 

func AddPeerToInterface(client model.Client, server model.Server, settings model.GlobalSetting, interfaceName string) error

AddPeerToInterface adds or updates a peer on the WireGuard interface using wgctrl This is a hot-reload operation that doesn't restart the service

func AddTgToClientID 

func AddTgToClientID(userid int64, clientID string)

func ApplyPeerDiffs 

func ApplyPeerDiffs(interfaceName string, diffs []PeerDiff, settings model.GlobalSetting) error

ApplyPeerDiffs applies the given diffs using wgctrl

func BuildClientConfig 

func BuildClientConfig(client model.Client, server model.Server, setting model.GlobalSetting) string

BuildClientConfig to create wireguard client config string

func BuildPeerConfig 

func BuildPeerConfig(cl *model.Client, settings model.GlobalSetting) (wgtypes.PeerConfig, error)

BuildPeerConfig converts a client entry into a wgtypes.PeerConfig for runtime updates

func ClientDefaultsFromEnv 

func ClientDefaultsFromEnv() model.ClientDefaults

ClientDefaultsFromEnv to read the default values for creating a new client from the environment or use sane defaults

func ConcatMultipleSlices 

func ConcatMultipleSlices(slices ...[]byte) []byte

func ContainsCIDR 

func ContainsCIDR(ipnet1, ipnet2 *net.IPNet) bool

ContainsCIDR to check if ipnet1 contains ipnet2 https://stackoverflow.com/a/40406619/6111641 https://go.dev/play/p/Q4J-JEN3sF

func FillClientSubnetRange 

func FillClientSubnetRange(client model.ClientData) model.ClientData

func GetAllocatedIPs 

func GetAllocatedIPs(ignoreClientID string) ([]string, error)

GetAllocatedIPs to get all ip addresses allocated to clients and server

func GetAvailableIP 

func GetAvailableIP(cidr string, allocatedList, interfaceAddresses []string) (string, error)

GetAvailableIP get the ip address that can be allocated from an CIDR We need interfaceAddresses to find real broadcast and network addresses

func GetBroadcastAndNetworkAddrsLookup 

func GetBroadcastAndNetworkAddrsLookup(interfaceAddresses []string) map[string]bool

GetBroadcastAndNetworkAddrsLookup get the ip address that can't be used with current server interfaces

func GetBroadcastIP 

func GetBroadcastIP(n *net.IPNet) net.IP

GetBroadcastIP func to get the broadcast ip address of a network

func GetCookiePath 

func GetCookiePath() string

func GetCurrentHash 

func GetCurrentHash(db store.IStore) (string, string)

GetCurrentHash returns current hashes

func GetDBUserCRC32 

func GetDBUserCRC32(dbuser model.User) uint32

func GetDefaultInterfaceName 

func GetDefaultInterfaceName() string

GetDefaultInterfaceName detects the default network interface name Returns the interface name that has the default route, or "eth0" as fallback

func GetIPFromCIDR 

func GetIPFromCIDR(cidr string) (string, error)

GetIPFromCIDR get ip from CIDR

func GetInterfaceIPs 

func GetInterfaceIPs() ([]model.Interface, error)

GetInterfaceIPs to get local machine's interface ip addresses

func GetInterfaceNameFromConfig 

func GetInterfaceNameFromConfig(configFilePath string) string

GetInterfaceNameFromConfig extracts the interface name from the config file path Defaults to "wg0" if not found

func GetPublicIP 

func GetPublicIP() (model.Interface, error)

GetPublicIP to get machine's public ip address

func GetSubnetRangesString 

func GetSubnetRangesString() string

GetSubnetRangesString to get a formatted string, representing active subnet ranges

func GetWireGuardConfigTemplate 

func GetWireGuardConfigTemplate() ([]byte, error)

GetWireGuardConfigTemplate returns the embedded WireGuard config template file

func HashPassword 

func HashPassword(plaintext string) (string, error)

func HashesChanged 

func HashesChanged(db store.IStore) bool

func IsClientValid 

func IsClientValid(client model.Client) bool

FillClientSubnetRange to fill subnet ranges client belongs to, does nothing if SRs are not found IsClientValid checks if a client is valid (not expired and not over quota) Returns true if client can be enabled, false otherwise

func LookupEnvOrBool 

func LookupEnvOrBool(key string, defaultVal bool) bool

func LookupEnvOrFile 

func LookupEnvOrFile(key string, defaultVal string) string

func LookupEnvOrInt 

func LookupEnvOrInt(key string, defaultVal int) int

func LookupEnvOrString 

func LookupEnvOrString(key string, defaultVal string) string

func LookupEnvOrStrings 

func LookupEnvOrStrings(key string, defaultVal []string) []string

func ManagePerms 

func ManagePerms(path string) error

func ParseBasePath 

func ParseBasePath(basePath string) string

func ParseLogLevel 

func ParseLogLevel(lvl string) (log.Lvl, error)

func ParseSubnetRanges 

func ParseSubnetRanges(subnetRangesStr string) map[string]([]*net.IPNet)

func RandomString 

func RandomString(length int) string

func RemovePeerFromInterface 

func RemovePeerFromInterface(publicKey string, interfaceName string) error

RemovePeerFromInterface removes a peer from the WireGuard interface using wgctrl This instantly disconnects the user without restarting the service Returns nil if peer was removed successfully or if peer doesn't exist (idempotent)

func RemoveTgToClientID 

func RemoveTgToClientID(clientID string)

func SendRequestedConfigsToTelegram 

func SendRequestedConfigsToTelegram(db store.IStore, userid int64) []string

SendRequestedConfigsToTelegram to send client all their configs. Returns failed configs list.

func StringFromEmbedFile 

func StringFromEmbedFile(embed fs.FS, filename string) (string, error)

func UpdateHashes 

func UpdateHashes(db store.IStore) error

func UpdatePeerOnInterface 

func UpdatePeerOnInterface(client model.Client, server model.Server, settings model.GlobalSetting, interfaceName string) error

UpdatePeerOnInterface updates a peer on the WireGuard interface If client is disabled, expired, or over quota, it removes the peer Otherwise, it adds/updates the peer

func UpdateTgToClientID 

func UpdateTgToClientID(userid int64, clientID string)

func ValidateAllowedIPs 

func ValidateAllowedIPs(cidrs []string) bool

ValidateAllowedIPs to validate allowed ip addresses in CIDR format

func ValidateAndFixSubnetRanges 

func ValidateAndFixSubnetRanges(db store.IStore) error

ValidateAndFixSubnetRanges to check if subnet ranges are valid for the server configuration Removes all non-valid CIDRs

func ValidateCIDR 

func ValidateCIDR(cidr string) bool

ValidateCIDR to validate a network CIDR

func ValidateCIDRList 

func ValidateCIDRList(cidrs []string, allowEmpty bool) bool

ValidateCIDRList to validate a list of network CIDR

func ValidateExtraAllowedIPs 

func ValidateExtraAllowedIPs(cidrs []string) bool

ValidateExtraAllowedIPs to validate extra Allowed ip addresses, allowing empty strings

func ValidateIPAddress 

func ValidateIPAddress(ip string) bool

ValidateIPAddress to validate the IPv4 and IPv6 address

func ValidateIPAddressList 

func ValidateIPAddressList(ips []string) bool

ValidateIPAddressList to validate a list of IPv4 and IPv6 addresses

func ValidateIPAllocation 

func ValidateIPAllocation(serverAddresses []string, ipAllocatedList []string, ipAllocationList []string) (bool, error)

ValidateIPAllocation to validate the list of client's ip allocation They must have a correct format and available in serverAddresses space

func ValidateServerAddresses 

func ValidateServerAddresses(cidrs []string) bool

ValidateServerAddresses to validate allowed ip addresses in CIDR format

func VerifyHash 

func VerifyHash(base64Hash string, plaintext string) (bool, error)

func WriteWireGuardServerConfig 

func WriteWireGuardServerConfig(tmplDir fs.FS, serverConfig model.Server, clientDataList []model.ClientData, usersList []model.User, globalSettings model.GlobalSetting) error

WriteWireGuardServerConfig to write Wireguard server config. e.g. wg0.conf

Types

type PeerDiff 

type PeerDiff struct {
	Action string // add, remove, update
	Client *model.Client
	Key    string
}

PeerDiff represents an action required to sync peer state

func ComputePeerDiffs 

func ComputePeerDiffs(interfaceName string, clients []model.ClientData, settings model.GlobalSetting) ([]PeerDiff, error)

ComputePeerDiffs compares current interface state with target client list

type PeerState 

type PeerState struct {
	PublicKey           string
	AllowedIPs          []string
	PresharedKey        string
	Endpoint            string
	PersistentKeepalive int
}

PeerState represents relevant runtime state of a WireGuard peer

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.