LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17721 Commits
1 Branch
46 MiB
Tree: a29905c42b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a29905c42b'
${ noResults }
openwrt-packages-dist/net/yggdrasil/files/ygguci

237 lines
8.5 KiB
Raw Normal View History

yggdrasil: Change package configuration to UCI Signed-off-by: George Iv <57254463+zhoreeq@users.noreply.github.com>
5 years ago
 
  1. #!/usr/bin/env lua
  2. 

  3. dkjson = require("dkjson")
  4. uci	= require("uci")
  5. 

  6. UCI = {}
  7. 

  8. --- Return the configuration defaults as a table suitable for JSON output
  9. --
  10. -- Mostly taken from yggdrasil -genconf -json
  11. -- @return table with configuration defaults
  12. function UCI.defaults()
  13. 	return { 
  14. 		AdminListen = "unix:///var/run/yggdrasil.sock", IfName = "ygg0", 
  15. 		NodeInfoPrivacy = false, IfTAPMode = false,
  16. 		LinkLocalTCPPort = 0, IfMTU = 65535,
  17. 

  18. 		Peers = { }, Listen = { }, MulticastInterfaces = { }, AllowedEncryptionPublicKeys = { },
  19. 		InterfacePeers = setmetatable({ }, {__jsontype = "object"}),
  20. 		NodeInfo = setmetatable({ }, {__jsontype = "object"}),
  21. 

  22. 		SessionFirewall = {
  23. 			Enable = false,
  24. 			AllowFromDirect = true,
  25. 			AllowFromRemote = true,
  26. 			AlwaysAllowOutbound = true,
  27. 			WhitelistEncryptionPublicKeys = { },
  28. 			BlacklistEncryptionPublicKeys = { }
  29. 		},
  30. 		TunnelRouting = {
  31. 			Enable = false,
  32. 			IPv6RemoteSubnets = setmetatable({ }, {__jsontype = "object"}),
  33. 			IPv6LocalSubnets = { },
  34. 			IPv4RemoteSubnets = setmetatable({ }, {__jsontype = "object"}),
  35. 			IPv4LocalSubnets = { }
  36. 		},
  37. 		SwitchOptions = { MaxTotalQueueSize = 4194304 }
  38. 	}
  39. end
  40. 

  41. --- Return the yggdrasil configuration as a table suitable for JSON output
  42. --
  43. -- @return table with yggdrasil configuration
  44. function UCI.get()
  45. 	local obj = UCI.defaults()
  46. 

  47. 	local cursor = uci.cursor()
  48. 	local config = cursor:get_all("yggdrasil", "yggdrasil")
  49. 	if not config then return obj end
  50. 

  51. 	obj.EncryptionPublicKey = config.EncryptionPublicKey
  52. 	obj.EncryptionPrivateKey = config.EncryptionPrivateKey
  53. 	obj.SigningPublicKey = config.SigningPublicKey
  54. 	obj.SigningPrivateKey = config.SigningPrivateKey
  55. 	obj.AdminListen = config.AdminListen or obj.AdminListen
  56. 	obj.IfName = config.IfName or obj.IfName
  57. 	obj.NodeInfo = dkjson.decode(config.NodeInfo) or obj.NodeInfo
  58. 	for _, v in pairs({ "NodeInfoPrivacy", "IfTAPMode" }) do
  59. 		if config[v] ~= nil then obj[v] = to_bool(config[v]) end
  60. 	end
  61. 	for _, v in pairs({ "LinkLocalTCPPort", "IfMTU" }) do
  62. 		if config[v] ~= nil then obj[v] = tonumber(config[v]) end
  63. 	end
  64. 

  65. 	cursor:foreach("yggdrasil", "peer", function (s) 
  66. 		table.insert(obj.Peers, s.uri)
  67. 	end)
  68. 	cursor:foreach("yggdrasil", "listen_address", function (s) 
  69. 		table.insert(obj.Listen, s.uri)
  70. 	end)
  71. 	cursor:foreach("yggdrasil", "multicast_interface", function (s) 
  72. 		table.insert(obj.MulticastInterfaces, s.name)
  73. 	end)
  74. 	cursor:foreach("yggdrasil", "allowed_encryption_public_key", function (s) 
  75. 		table.insert(obj.AllowedEncryptionPublicKeys, s.key)
  76. 	end)
  77. 

  78. 	cursor:foreach("yggdrasil", "interface_peer", function (s) 
  79. 		if obj.InterfacePeers[s.interface] == nil then
  80. 			obj.InterfacePeers[s.interface] = {}
  81. 		end
  82. 		table.insert(obj.InterfacePeers[s["interface"]], s.uri)
  83. 	end)
  84. 

  85. 	-- session firewall config
  86. 	local session_firewall_config = { "Enable", "AllowFromDirect", "AllowFromRemote", "AlwaysAllowOutbound" }
  87. 	for _, v in pairs(session_firewall_config) do
  88. 		if config["SessionFirewall_"..v] ~= nil then
  89. 			obj.SessionFirewall[v] = to_bool(config["SessionFirewall_"..v])
  90. 		end
  91. 	end
  92. 	cursor:foreach("yggdrasil", "whitelisted_encryption_public_key", function (s) 
  93. 		table.insert(obj.SessionFirewall.WhitelistEncryptionPublicKeys, s.key)
  94. 	end)
  95. 	cursor:foreach("yggdrasil", "blacklisted_encryption_public_key", function (s) 
  96. 		table.insert(obj.SessionFirewall.BlacklistEncryptionPublicKeys, s.key)
  97. 	end)
  98. 	-- /session firewall config
  99. 

  100. 	-- tunnel routing config
  101. 	if config.TunnelRouting_Enable ~= nil then
  102. 		obj.TunnelRouting.Enable = to_bool(config.TunnelRouting_Enable)
  103. 	end
  104. 	cursor:foreach("yggdrasil", "ipv6_remote_subnet", function (s) 
  105. 		obj.TunnelRouting.IPv6RemoteSubnets[s.subnet] = s.key
  106. 	end)
  107. 	cursor:foreach("yggdrasil", "ipv6_local_subnet", function (s) 
  108. 		table.insert(obj.TunnelRouting.IPv6LocalSubnets, s.subnet)
  109. 	end)
  110. 	cursor:foreach("yggdrasil", "ipv4_remote_subnet", function (s) 
  111. 		obj.TunnelRouting.IPv4RemoteSubnets[s.subnet] = s.key
  112. 	end)
  113. 	cursor:foreach("yggdrasil", "ipv4_local_subnet", function (s) 
  114. 		table.insert(obj.TunnelRouting.IPv4LocalSubnets, s.subnet)
  115. 	end)
  116. 	-- /tunnel routing config
  117. 

  118. 	if config.SwitchOptions_MaxTotalQueueSize ~= nil then
  119. 		obj.SwitchOptions.MaxTotalQueueSize = tonumber(config.SwitchOptions_MaxTotalQueueSize)
  120. 	end
  121. 

  122. 	return obj
  123. end
  124. 

  125. --- Parse and save updated configuration from JSON input
  126. --
  127. -- Transforms general settings into UCI sections, and replaces the UCI config's
  128. -- contents with them.
  129. -- @param table JSON input
  130. -- @return Boolean whether saving succeeded
  131. function UCI.set(obj)
  132. 	local cursor = uci.cursor()
  133. 

  134. 	for i, section in pairs(cursor:get_all("yggdrasil")) do
  135. 		cursor:delete("yggdrasil", section[".name"])
  136. 	end
  137. 

  138. 

  139. 	cursor:set("yggdrasil", "yggdrasil", "yggdrasil")
  140. 	cursor:set("yggdrasil", "yggdrasil", "EncryptionPublicKey", obj.EncryptionPublicKey) 
  141. 	cursor:set("yggdrasil", "yggdrasil", "EncryptionPrivateKey", obj.EncryptionPrivateKey) 
  142. 	cursor:set("yggdrasil", "yggdrasil", "SigningPublicKey", obj.SigningPublicKey) 
  143. 	cursor:set("yggdrasil", "yggdrasil", "SigningPrivateKey", obj.SigningPrivateKey)
  144. 	cursor:set("yggdrasil", "yggdrasil", "AdminListen", obj.AdminListen) 
  145. 	cursor:set("yggdrasil", "yggdrasil", "IfName", obj.IfName) 
  146. 	cursor:set("yggdrasil", "yggdrasil", "NodeInfoPrivacy", to_int(obj.NodeInfoPrivacy)) 
  147. 	cursor:set("yggdrasil", "yggdrasil", "NodeInfo", dkjson.encode(obj.NodeInfo)) 
  148. 	cursor:set("yggdrasil", "yggdrasil", "IfTAPMode", to_int(obj.IfTAPMode)) 
  149. 	cursor:set("yggdrasil", "yggdrasil", "LinkLocalTCPPort", obj.LinkLocalTCPPort)
  150. 	cursor:set("yggdrasil", "yggdrasil", "IfMTU", obj.IfMTU)
  151. 

  152. 	set_values(cursor, "peer", "uri", obj.Peers)
  153. 	set_values(cursor, "listen_address", "uri", obj.Listen)
  154. 	set_values(cursor, "multicast_interface", "name", obj.MulticastInterfaces)
  155. 	set_values(cursor, "allowed_encryption_public_key", "key", obj.AllowedEncryptionPublicKeys)
  156. 

  157. 	for interface, peers in pairs(obj.InterfacePeers) do
  158. 		for _, v in pairs(peers) do
  159. 			local name = cursor:add("yggdrasil", "interface_peer")
  160. 			cursor:set("yggdrasil", name, "interface", interface)
  161. 			cursor:set("yggdrasil", name, "uri", v)
  162. 		end
  163. 	end
  164. 

  165. 	-- session firewall config
  166. 	cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_Enable", to_int(obj.SessionFirewall.Enable)) 
  167. 	cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AllowFromDirect", to_int(obj.SessionFirewall.AllowFromDirect)) 
  168. 	cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AllowFromRemote", to_int(obj.SessionFirewall.AllowFromRemote)) 
  169. 	cursor:set("yggdrasil", "yggdrasil", "SessionFirewall_AlwaysAllowOutbound", to_int(obj.SessionFirewall.AlwaysAllowOutbound)) 
  170. 	set_values(cursor, "whitelisted_encryption_public_key", "key", obj.SessionFirewall.WhitelistEncryptionPublicKeys)
  171. 	set_values(cursor, "blacklisted_encryption_public_key", "key", obj.SessionFirewall.BlacklistEncryptionPublicKeys)
  172. 	-- /session firewall config
  173. 

  174. 	-- tunnel routing config
  175. 	cursor:set("yggdrasil", "yggdrasil", "TunnelRouting_Enable", to_int(obj.TunnelRouting.Enable)) 
  176. 	if obj.TunnelRouting.IPv6RemoteSubnets ~= nil then
  177. 		for subnet, key in pairs(obj.TunnelRouting.IPv6RemoteSubnets) do
  178. 			local name = cursor:add("yggdrasil", "ipv6_remote_subnet")
  179. 			cursor:set("yggdrasil", name, "subnet", subnet)
  180. 			cursor:set("yggdrasil", name, "key", key)
  181. 		end
  182. 	end
  183. 	set_values(cursor, "ipv6_local_subnet", "subnet", obj.TunnelRouting.IPv6LocalSubnets)
  184. 	if obj.TunnelRouting.IPv4RemoteSubnets ~= nil then
  185. 		for subnet, key in pairs(obj.TunnelRouting.IPv4RemoteSubnets) do
  186. 			local name = cursor:add("yggdrasil", "ipv4_remote_subnet")
  187. 			cursor:set("yggdrasil", name, "subnet", subnet)
  188. 			cursor:set("yggdrasil", name, "key", key)
  189. 		end
  190. 	end
  191. 	set_values(cursor, "ipv4_local_subnet", "subnet", obj.TunnelRouting.IPv4LocalSubnets)
  192. 	-- /tunnel routing config
  193. 

  194. 	cursor:set("yggdrasil", "yggdrasil", "SwitchOptions_MaxTotalQueueSize", obj.SwitchOptions.MaxTotalQueueSize) 
  195. 

  196. 	return cursor:commit("yggdrasil")
  197. end
  198. 

  199. function set_values(cursor, section_name, parameter, values) 
  200. 	if values == nil then return false end
  201. 

  202. 	for k, v in pairs(values) do
  203. 		local name = cursor:add("yggdrasil", section_name)
  204. 		cursor:set("yggdrasil", name, parameter, v)
  205. 	end
  206. end
  207. 

  208. function to_int(bool) return bool and '1' or '0' end
  209. 

  210. function to_bool(int) return int ~= '0' end
  211. 

  212. function help()
  213. 	print("JSON interface to /etc/config/yggdrasil\n\nExamples: \
  214. 	ygguci get > /tmp/etc/yggdrasil.conf \
  215. 	cat /tmp/etc/yggdrasil.conf | ygguci set \
  216. 	uci changes \
  217. 	ygguci get | yggdrasil -useconf")
  218. end
  219. 

  220. -- main 
  221. 

  222. if arg[1] == "get" then
  223. 	local json = dkjson.encode(UCI.get(), { indent = true })
  224. 	print(json)
  225. elseif arg[1] == "set" then
  226. 	local json = io.stdin:read("*a")
  227. 	local obj, pos, err = dkjson.decode(json, 1, nil)
  228. 

  229. 	if obj then
  230. 		UCI.set(obj)
  231. 	else
  232. 		print("dkjson: " .. err)
  233. 		os.exit(1)
  234. 	end
  235. else
  236. 	help()
  237. end