2020-04-07 17:45:16 +00:00
|
|
|
import base64
|
|
|
|
|
2020-04-03 17:27:49 +00:00
|
|
|
from django.contrib.auth import get_user_model
|
2020-04-07 17:45:16 +00:00
|
|
|
from django.utils.translation import gettext_lazy as _
|
2020-04-03 17:27:49 +00:00
|
|
|
from rest_framework import serializers
|
|
|
|
|
|
|
|
from .models import *
|
2020-12-13 12:28:43 +00:00
|
|
|
from .services import *
|
|
|
|
|
|
|
|
class WireGuardVPNSerializer(serializers.ModelSerializer):
|
2020-12-13 16:59:35 +00:00
|
|
|
address = serializers.CharField(read_only=True)
|
2020-12-13 17:05:48 +00:00
|
|
|
vpn_server = serializers.CharField(read_only=True)
|
|
|
|
vpn_server_public_key = serializers.CharField(read_only=True)
|
2020-12-13 16:59:35 +00:00
|
|
|
network_mask = serializers.IntegerField()
|
|
|
|
|
2020-12-13 12:28:43 +00:00
|
|
|
class Meta:
|
|
|
|
model = WireGuardVPN
|
2020-12-13 17:05:48 +00:00
|
|
|
fields = [ 'wireguard_public_key', 'address', 'network_mask', 'vpn_server',
|
|
|
|
'vpn_server_public_key' ]
|
2020-12-13 12:28:43 +00:00
|
|
|
|
2020-12-13 16:59:35 +00:00
|
|
|
extra_kwargs = {
|
|
|
|
'network_mask': {'write_only': True }
|
|
|
|
}
|
2020-04-12 20:55:22 +00:00
|
|
|
|
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# class VPNNetworkSerializer(serializers.ModelSerializer):
|
|
|
|
# class Meta:
|
|
|
|
# model = VPNNetwork
|
|
|
|
# fields = '__all__'
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# # This is required for finding the VPN pool, but does not
|
|
|
|
# # exist in the model
|
|
|
|
# network_size = serializers.IntegerField(min_value=0,
|
|
|
|
# max_value=128,
|
|
|
|
# write_only=True)
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# def validate_wireguard_public_key(self, value):
|
|
|
|
# msg = _("Supplied key is not a valid wireguard public key")
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# """ FIXME: verify that this does not create broken wireguard config files,
|
|
|
|
# i.e. contains \n or similar!
|
|
|
|
# We might even need to be more strict to not break wireguard...
|
|
|
|
# """
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# try:
|
|
|
|
# base64.standard_b64decode(value)
|
|
|
|
# except Exception as e:
|
|
|
|
# raise serializers.ValidationError(msg)
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# if '\n' in value:
|
|
|
|
# raise serializers.ValidationError(msg)
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# return value
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# def validate(self, data):
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# # FIXME: filter for status = active or similar
|
|
|
|
# all_pools = VPNPool.objects.all()
|
|
|
|
# sizes = [ p.subnetwork_size for p in all_pools ]
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# pools = VPNPool.objects.filter(subnetwork_size=data['network_size'])
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# if len(pools) == 0:
|
|
|
|
# msg = _("No pool available for networks with size = {}. Available are: {}".format(data['network_size'], sizes))
|
|
|
|
# raise serializers.ValidationError(msg)
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# return data
|
2020-04-07 17:45:16 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# def create(self, validated_data):
|
|
|
|
# """
|
|
|
|
# Creating a new vpnnetwork - there are a couple of race conditions,
|
|
|
|
# especially when run in parallel.
|
[vpn] make a vpn creat-able!
[15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey | wg pubkey)
HTTP/1.1 201 Created
Allow: GET, POST, HEAD, OPTIONS
Content-Length: 206
Content-Type: application/json
Date: Sun, 12 Apr 2020 13:40:26 GMT
Server: WSGIServer/0.2 CPython/3.7.3
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
{
"extra_data": null,
"network": "2a0a:e5c1:203::",
"order": null,
"owner": 30,
"status": "PENDING",
"uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b",
"wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA="
}
2020-04-12 13:40:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# What we should be doing:
|
[vpn] make a vpn creat-able!
[15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey | wg pubkey)
HTTP/1.1 201 Created
Allow: GET, POST, HEAD, OPTIONS
Content-Length: 206
Content-Type: application/json
Date: Sun, 12 Apr 2020 13:40:26 GMT
Server: WSGIServer/0.2 CPython/3.7.3
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
{
"extra_data": null,
"network": "2a0a:e5c1:203::",
"order": null,
"owner": 30,
"status": "PENDING",
"uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b",
"wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA="
}
2020-04-12 13:40:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# - create a reservation race free
|
|
|
|
# - map the reservation to a network (?)
|
|
|
|
# """
|
2020-04-08 14:24:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# pools = VPNPool.objects.filter(subnetwork_size=validated_data['network_size'])
|
[vpn] make a vpn creat-able!
[15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey | wg pubkey)
HTTP/1.1 201 Created
Allow: GET, POST, HEAD, OPTIONS
Content-Length: 206
Content-Type: application/json
Date: Sun, 12 Apr 2020 13:40:26 GMT
Server: WSGIServer/0.2 CPython/3.7.3
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
{
"extra_data": null,
"network": "2a0a:e5c1:203::",
"order": null,
"owner": 30,
"status": "PENDING",
"uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b",
"wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA="
}
2020-04-12 13:40:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# vpn_network = None
|
[vpn] make a vpn creat-able!
[15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey | wg pubkey)
HTTP/1.1 201 Created
Allow: GET, POST, HEAD, OPTIONS
Content-Length: 206
Content-Type: application/json
Date: Sun, 12 Apr 2020 13:40:26 GMT
Server: WSGIServer/0.2 CPython/3.7.3
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
{
"extra_data": null,
"network": "2a0a:e5c1:203::",
"order": null,
"owner": 30,
"status": "PENDING",
"uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b",
"wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA="
}
2020-04-12 13:40:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# for pool in pools:
|
|
|
|
# if pool.num_free_networks > 0:
|
|
|
|
# next_address = pool.next_free_network
|
[vpn] make a vpn creat-able!
[15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey | wg pubkey)
HTTP/1.1 201 Created
Allow: GET, POST, HEAD, OPTIONS
Content-Length: 206
Content-Type: application/json
Date: Sun, 12 Apr 2020 13:40:26 GMT
Server: WSGIServer/0.2 CPython/3.7.3
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
{
"extra_data": null,
"network": "2a0a:e5c1:203::",
"order": null,
"owner": 30,
"status": "PENDING",
"uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b",
"wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA="
}
2020-04-12 13:40:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# reservation, created = VPNNetworkReservation.objects.update_or_create(
|
|
|
|
# vpnpool=pool, address=next_address,
|
|
|
|
# defaults = {
|
|
|
|
# 'status': 'used'
|
|
|
|
# })
|
2020-04-08 14:24:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# vpn_network = VPNNetwork.objects.create(
|
|
|
|
# owner=self.context['request'].user,
|
|
|
|
# network=reservation,
|
|
|
|
# wireguard_public_key=validated_data['wireguard_public_key']
|
|
|
|
# )
|
2020-04-08 14:24:39 +00:00
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# break
|
|
|
|
# if not vpn_network:
|
|
|
|
# # FIXME: use correct exception
|
|
|
|
# raise Exception("Did not find any free pool")
|
2020-04-08 14:24:39 +00:00
|
|
|
|
|
|
|
|
2020-12-13 10:38:41 +00:00
|
|
|
# return vpn_network
|