forked from uncloud/uncloud
101 lines
2.9 KiB
Python
101 lines
2.9 KiB
Python
import uuid
|
|
import ipaddress
|
|
|
|
from django.db import models
|
|
from django.contrib.auth import get_user_model
|
|
from django.core.validators import MinValueValidator, MaxValueValidator
|
|
from django.core.exceptions import FieldError, ValidationError
|
|
|
|
from uncloud_pay.models import Order
|
|
|
|
class WireGuardVPNPool(models.Model):
|
|
"""
|
|
Network address pools from which VPNs can be created
|
|
"""
|
|
|
|
network = models.GenericIPAddressField(unique=True)
|
|
network_mask = models.IntegerField(validators=[MinValueValidator(0),
|
|
MaxValueValidator(128)])
|
|
|
|
subnetwork_mask = models.IntegerField(validators=[
|
|
MinValueValidator(0),
|
|
MaxValueValidator(128)
|
|
])
|
|
|
|
vpn_server_hostname = models.CharField(max_length=256)
|
|
wireguard_private_key = models.CharField(max_length=48)
|
|
|
|
class WireGuardVPN(models.Model):
|
|
"""
|
|
Created VPNNetworks
|
|
"""
|
|
owner = models.ForeignKey(get_user_model(),
|
|
on_delete=models.CASCADE)
|
|
vpnpool = models.ForeignKey(WireGuardVPNPool,
|
|
on_delete=models.CASCADE)
|
|
|
|
address = models.GenericIPAddressField(primary_key=True)
|
|
|
|
wireguard_public_key = models.CharField(max_length=48)
|
|
|
|
|
|
################################################################################
|
|
|
|
class MACAdress(models.Model):
|
|
default_prefix = 0x420000000000
|
|
|
|
|
|
class ReverseDNSEntry(models.Model):
|
|
"""
|
|
A reverse DNS entry
|
|
"""
|
|
owner = models.ForeignKey(get_user_model(),
|
|
on_delete=models.CASCADE)
|
|
|
|
ip_address = models.GenericIPAddressField(null=False, unique=True)
|
|
|
|
name = models.CharField(max_length=253, null=False)
|
|
|
|
@property
|
|
def reverse_pointer(self):
|
|
return ipaddress.ip_address(self.ip_address).reverse_pointer
|
|
|
|
def implement(self):
|
|
"""
|
|
The implement function implements the change
|
|
"""
|
|
|
|
# Get all DNS entries (?) / update this DNS entry
|
|
# convert to DNS name
|
|
#
|
|
pass
|
|
|
|
|
|
def save(self, *args, **kwargs):
|
|
# Product.objects.filter(config__parameters__contains='reverse_dns_network')
|
|
# FIXME: check if order is still active / not replaced
|
|
|
|
allowed = False
|
|
product = None
|
|
|
|
for order in Order.objects.filter(config__parameters__reverse_dns_network__isnull=False,
|
|
owner=self.owner):
|
|
network = order.config['parameters']['reverse_dns_network']
|
|
|
|
net = ipaddress.ip_network(network)
|
|
addr = ipaddress.ip_address(self.ip_address)
|
|
|
|
if addr in net:
|
|
allowed = True
|
|
product = order.product
|
|
break
|
|
|
|
|
|
if not allowed:
|
|
raise ValidationError(f"User {self.owner} does not have the right to create reverse DNS entry for {self.ip_address}")
|
|
|
|
super().save(*args, **kwargs)
|
|
|
|
|
|
def __str__(self):
|
|
return f"{self.ip_address} - {self.name}"
|