saving to work on linux

config/config.go

@@ -66,6 +66,7 @@ type ServerConfig struct {
 	ClientID              string `yaml:"clientid"`
 	ClientSecret          string `yaml:"clientsecret"`
 	FrontendURL           string `yaml:"frontendurl"`
+	DisplayKeys           string `yaml:"displaykeys"`
 }
 
 // Generic SQL Config

controllers/networkHttpController.go

@@ -20,6 +20,8 @@ import (
 
 const ALL_NETWORK_ACCESS = "THIS_USER_HAS_ALL"
 const NO_NETWORKS_PRESENT = "THIS_USER_HAS_NONE"
+const PLACEHOLDER_KEY_TEXT = "ACCESS_KEY"
+const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
 
 func networkHandlers(r *mux.Router) {
 	r.HandleFunc("/api/networks", securityCheck(false, http.HandlerFunc(getNetworks))).Methods("GET")
@@ -572,6 +574,9 @@ func getAccessKeys(w http.ResponseWriter, r *http.Request) {
 		returnErrorResponse(w, r, formatError(err, "internal"))
 		return
 	}
+	if !servercfg.IsDisplayKeys() {
+		keys = RemoveKeySensitiveInfo(keys)
+	}
 	functions.PrintUserLog(r.Header.Get("user"), "fetched access keys on network "+network, 2)
 	w.WriteHeader(http.StatusOK)
 	json.NewEncoder(w).Encode(keys)
@@ -633,3 +638,13 @@ func DeleteKey(keyname, netname string) error {
 
 	return nil
 }
+
+func RemoveKeySensitiveInfo(keys []models.AccessKey) []models.AccessKey {
+	var returnKeys []models.AccessKey
+	for _, key := range keys {
+		key.Value = PLACEHOLDER_KEY_TEXT
+		key.AccessString = PLACEHOLDER_TOKEN_TEXT
+		returnKeys = append(returnKeys, key)
+	}
+	return returnKeys
+}

logic/wireguard.go

@@ -93,6 +93,16 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 			Log("error writing wg conf file to "+confPath+": "+err.Error(), 1)
 			return err
 		}
+		if ncutils.IsWindows() {
+			wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
+			Log("writing wg conf file to: "+confPath, 1)
+			err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
+			if err != nil {
+				Log("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
+				return err
+			}
+			confPath = wgConfPath
+		}
 		// spin up userspace + apply the conf file
 		var deviceiface = ifacename
 		d, _ := wgclient.Device(deviceiface)

models/node.go

@@ -31,6 +31,7 @@ type Node struct {
 	Address6            string   `json:"address6" bson:"address6" yaml:"address6" validate:"omitempty,ipv6"`
 	LocalAddress        string   `json:"localaddress" bson:"localaddress" yaml:"localaddress" validate:"omitempty,ip"`
 	Name                string   `json:"name" bson:"name" yaml:"name" validate:"omitempty,max=32,in_charset"`
+	NetworkSettings     Network  `json:"networksettings" bson:"networksettings" yaml:"networksettings"`
 	ListenPort          int32    `json:"listenport" bson:"listenport" yaml:"listenport" validate:"omitempty,numeric,min=1024,max=65535"`
 	PublicKey           string   `json:"publickey" bson:"publickey" yaml:"publickey" validate:"required,base64"`
 	Endpoint            string   `json:"endpoint" bson:"endpoint" yaml:"endpoint" validate:"required,ip"`
@@ -204,7 +205,7 @@ func (node *Node) SetDefaultName() {
 	}
 }
 
-func (newNode *Node) Fill(currentNode *Node) {
+func (newNode *Node) Fill(currentNode *Node, nodeNetwork *Network) {
 	if newNode.ID == "" {
 		newNode.ID = currentNode.ID
 	}
@@ -350,6 +351,7 @@ func (newNode *Node) Fill(currentNode *Node) {
 	if newNode.IsRelayed == "" {
 		newNode.IsRelayed = currentNode.IsRelayed
 	}
+	newNode.NetworkSettings = *nodeNetwork
 }
 
 func StringWithCharset(length int, charset string) string {

netclient/ncutils/netclientutils.go

@@ -1,7 +1,6 @@
 package ncutils
 
 import (
-	"context"
 	"crypto/tls"
 	"errors"
 	"fmt"
@@ -16,7 +15,6 @@ import (
 	"runtime"
 	"strconv"
 	"strings"
-	"syscall"
 	"time"
 
 	"golang.zx2c4.com/wireguard/wgctrl"
@@ -37,6 +35,9 @@ const LINUX_APP_DATA_PATH = "/etc/netclient"
 // WINDOWS_APP_DATA_PATH - windows path
 const WINDOWS_APP_DATA_PATH = "C:\\ProgramData\\Netclient"
 
+// WINDOWS_APP_DATA_PATH - windows path
+const WINDOWS_WG_DATA_PATH = "C:\\Program Files\\WireGuard\\Data\\Configurations"
+
 // WINDOWS_SVC_NAME - service name
 const WINDOWS_SVC_NAME = "netclient"
 
@@ -337,6 +338,15 @@ func GetNetclientPathSpecific() string {
 	}
 }
 
+// GetNetclientPathSpecific - gets specific netclient config path
+func GetWGPathSpecific() string {
+	if IsWindows() {
+		return WINDOWS_WG_DATA_PATH + "\\"
+	} else {
+		return "/etc/wireguard/"
+	}
+}
+
 // GRPCRequestOpts - gets grps request opts
 func GRPCRequestOpts(isSecure string) grpc.DialOption {
 	var requestOpts grpc.DialOption
@@ -379,6 +389,19 @@ func Copy(src, dst string) error {
 }
 
 // RunCmd - runs a local command
+func RunCmd(command string, printerr bool) (string, error) {
+	args := strings.Fields(command)
+	cmd := exec.Command(args[0], args[1:]...)
+	cmd.Wait()
+	out, err := cmd.CombinedOutput()
+	if err != nil && printerr {
+		log.Println("error running command:", command)
+		log.Println(strings.TrimSuffix(string(out), "\n"))
+	}
+	return string(out), err
+}
+
+/* new version - cant build on windows
 func RunCmd(command string, printerr bool) (string, error) {
 	args := strings.Fields(command)
 	ctx, cancel := context.WithTimeout(context.Background(), time.Second)
@@ -396,6 +419,7 @@ func RunCmd(command string, printerr bool) (string, error) {
 	}
 	return string(out), err
 }
+*/
 
 // RunsCmds - runs cmds
 func RunCmds(commands []string, printerr bool) error {

netclient/wireguard/common.go

@@ -186,6 +186,16 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 			ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
 			return err
 		}
+		if ncutils.IsWindows() {
+			wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
+			ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
+			err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
+			if err != nil {
+				ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
+				return err
+			}
+			confPath = wgConfPath
+		}
 		// spin up userspace / windows interface + apply the conf file
 		var deviceiface string
 		if ncutils.IsMac() {
@@ -270,6 +280,13 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 		}
 	}
 
+	//extra network route setting required for freebsd and windows
+	if ncutils.IsWindows() {
+		_, _ = ncutils.RunCmd("route add -net "+subnet+" -interface "+ifacename, true)
+	} else if ncutils.IsFreeBSD() {
+		_, _ = ncutils.RunCmd(ipExec+" -4 route add "+gateway+" dev "+ifacename, true)
+	}
+
 	return err
 }
 

servercfg/serverconf.go

@@ -54,6 +54,10 @@ func GetServerConfig() config.ServerConfig {
 	if IsDNSMode() {
 		cfg.DNSMode = "on"
 	}
+	cfg.DisplayKeys = "off"
+	if IsDisplayKeys() {
+		cfg.DisplayKeys = "on"
+	}
 	cfg.GRPCSSL = "off"
 	if IsGRPCSSL() {
 		cfg.GRPCSSL = "on"
@@ -323,6 +327,21 @@ func IsDNSMode() bool {
 	return isdns
 }
 
+// IsDisplayKeys - should server be able to display keys?
+func IsDisplayKeys() bool {
+	isdisplay := true
+	if os.Getenv("DISPLAY_KEYS") != "" {
+		if os.Getenv("DISPLAY_KEYS") == "off" {
+			isdisplay = false
+		}
+	} else if config.Config.Server.DisplayKeys != "" {
+		if config.Config.Server.DisplayKeys == "off" {
+			isdisplay = false
+		}
+	}
+	return isdisplay
+}
+
 // IsGRPCSSL - ssl grpc on or off
 func IsGRPCSSL() bool {
 	isssl := false