wireguard-ui/main.go

package main

import (
	"embed"
	"flag"
	"fmt"
	"io/fs"
	"net/http"
	"os"
	"time"

	"github.com/labstack/echo/v4"
	"github.com/labstack/gommon/log"
	"github.com/ngoduykhanh/wireguard-ui/store"

	"github.com/ngoduykhanh/wireguard-ui/emailer"
	"github.com/ngoduykhanh/wireguard-ui/handler"
	"github.com/ngoduykhanh/wireguard-ui/router"
	"github.com/ngoduykhanh/wireguard-ui/store/jsondb"
	"github.com/ngoduykhanh/wireguard-ui/util"
)

var (
	// command-line banner information
	appVersion = "development"
	gitCommit  = "N/A"
	gitRef     = "N/A"
	buildTime  = fmt.Sprintf(time.Now().UTC().Format("01-02-2006 15:04:05"))
	// configuration variables
	flagDisableLogin   bool   = false
	flagBindAddress    string = "0.0.0.0:5000"
	flagSmtpHostname   string = "127.0.0.1"
	flagSmtpPort       int    = 25
	flagSmtpUsername   string
	flagSmtpPassword   string
	flagSmtpAuthType   string = "NONE"
	flagSmtpNoTLSCheck bool   = false
	flagSmtpEncryption string = "STARTTLS"
	flagSendgridApiKey string
	flagEmailFrom      string
	flagEmailFromName  string = "WireGuard UI"
	flagSessionSecret  string = util.RandomString(32)
	flagWgConfTemplate string
	flagBasePath       string
)

const (
	defaultEmailSubject = "Your wireguard configuration"
	defaultEmailContent = `Hi,</br>
<p>In this email you can find your personal configuration for our wireguard server.</p>

<p>Best</p>
`
)

// embed the "templates" directory
//
//go:embed templates/*
var embeddedTemplates embed.FS

// embed the "assets" directory
//
//go:embed assets/*
var embeddedAssets embed.FS

func init() {

	// command-line flags and env variables
	flag.BoolVar(&flagDisableLogin, "disable-login", util.LookupEnvOrBool("DISABLE_LOGIN", flagDisableLogin), "Disable authentication on the app. This is potentially dangerous.")
	flag.StringVar(&flagBindAddress, "bind-address", util.LookupEnvOrString("BIND_ADDRESS", flagBindAddress), "Address:Port to which the app will be bound.")
	flag.StringVar(&flagSmtpHostname, "smtp-hostname", util.LookupEnvOrString("SMTP_HOSTNAME", flagSmtpHostname), "SMTP Hostname")
	flag.IntVar(&flagSmtpPort, "smtp-port", util.LookupEnvOrInt("SMTP_PORT", flagSmtpPort), "SMTP Port")
	flag.StringVar(&flagSmtpUsername, "smtp-username", util.LookupEnvOrString("SMTP_USERNAME", flagSmtpUsername), "SMTP Username")
	flag.BoolVar(&flagSmtpNoTLSCheck, "smtp-no-tls-check", util.LookupEnvOrBool("SMTP_NO_TLS_CHECK", flagSmtpNoTLSCheck), "Disable TLS verification for SMTP. This is potentially dangerous.")
	flag.StringVar(&flagSmtpEncryption, "smtp-encryption", util.LookupEnvOrString("SMTP_ENCRYPTION", flagSmtpEncryption), "SMTP Encryption : NONE, SSL, SSLTLS, TLS or STARTTLS (by default)")
	flag.StringVar(&flagSmtpAuthType, "smtp-auth-type", util.LookupEnvOrString("SMTP_AUTH_TYPE", flagSmtpAuthType), "SMTP Auth Type : PLAIN, LOGIN or NONE.")
	flag.StringVar(&flagEmailFrom, "email-from", util.LookupEnvOrString("EMAIL_FROM_ADDRESS", flagEmailFrom), "'From' email address.")
	flag.StringVar(&flagEmailFromName, "email-from-name", util.LookupEnvOrString("EMAIL_FROM_NAME", flagEmailFromName), "'From' email name.")
	flag.StringVar(&flagWgConfTemplate, "wg-conf-template", util.LookupEnvOrString("WG_CONF_TEMPLATE", flagWgConfTemplate), "Path to custom wg.conf template.")
	flag.StringVar(&flagBasePath, "base-path", util.LookupEnvOrString("BASE_PATH", flagBasePath), "The base path of the URL")

	var (
		smtpPasswordLookup  = util.LookupEnvOrString("SMTP_PASSWORD", flagSmtpPassword)
		sengridApiKeyLookup = util.LookupEnvOrString("SENDGRID_API_KEY", flagSendgridApiKey)
		sessionSecretLookup = util.LookupEnvOrString("SESSION_SECRET", flagSessionSecret)
	)

	// check empty smtpPassword env var
	if smtpPasswordLookup != "" {
		flag.StringVar(&flagSmtpPassword, "smtp-password", smtpPasswordLookup, "SMTP Password")
	} else {
		flag.StringVar(&flagSmtpPassword, "smtp-password", util.LookupEnvOrFile("SMTP_PASSWORD_FILE", flagSmtpPassword), "SMTP Password File")
	}

	// check empty sengridApiKey env var
	if sengridApiKeyLookup != "" {
		flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", sengridApiKeyLookup, "Your sendgrid api key.")
	} else {
		flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", util.LookupEnvOrFile("SENDGRID_API_KEY_FILE", flagSendgridApiKey), "File containing your sendgrid api key.")
	}

	// check empty sessionSecret env var
	if sessionSecretLookup != "" {
		flag.StringVar(&flagSessionSecret, "session-secret", sessionSecretLookup, "The key used to encrypt session cookies.")
	} else {
		flag.StringVar(&flagSessionSecret, "session-secret", util.LookupEnvOrFile("SESSION_SECRET_FILE", flagSessionSecret), "File containing the key used to encrypt session cookies.")
	}

	flag.Parse()

	// update runtime config
	util.DisableLogin = flagDisableLogin
	util.BindAddress = flagBindAddress
	util.SmtpHostname = flagSmtpHostname
	util.SmtpPort = flagSmtpPort
	util.SmtpUsername = flagSmtpUsername
	util.SmtpPassword = flagSmtpPassword
	util.SmtpAuthType = flagSmtpAuthType
	util.SmtpNoTLSCheck = flagSmtpNoTLSCheck
	util.SmtpEncryption = flagSmtpEncryption
	util.SendgridApiKey = flagSendgridApiKey
	util.EmailFrom = flagEmailFrom
	util.EmailFromName = flagEmailFromName
	util.SessionSecret = []byte(flagSessionSecret)
	util.WgConfTemplate = flagWgConfTemplate
	util.BasePath = util.ParseBasePath(flagBasePath)

	// print only if log level is INFO or lower
	if lvl, _ := util.ParseLogLevel(util.LookupEnvOrString(util.LogLevel, "INFO")); lvl <= log.INFO {
		// print app information
		fmt.Println("Wireguard UI")
		fmt.Println("App Version\t:", appVersion)
		fmt.Println("Git Commit\t:", gitCommit)
		fmt.Println("Git Ref\t\t:", gitRef)
		fmt.Println("Build Time\t:", buildTime)
		fmt.Println("Git Repo\t:", "https://github.com/ngoduykhanh/wireguard-ui")
		fmt.Println("Authentication\t:", !util.DisableLogin)
		fmt.Println("Bind address\t:", util.BindAddress)
		//fmt.Println("Sendgrid key\t:", util.SendgridApiKey)
		fmt.Println("Email from\t:", util.EmailFrom)
		fmt.Println("Email from name\t:", util.EmailFromName)
		//fmt.Println("Session secret\t:", util.SessionSecret)
		fmt.Println("Custom wg.conf\t:", util.WgConfTemplate)
		fmt.Println("Base path\t:", util.BasePath+"/")
	}
}

func main() {
	db, err := jsondb.New("./db")
	if err != nil {
		panic(err)
	}
	if err := db.Init(); err != nil {
		panic(err)
	}
	// set app extra data
	extraData := make(map[string]interface{})
	extraData["appVersion"] = appVersion
	extraData["gitCommit"] = gitCommit
	extraData["basePath"] = util.BasePath
	extraData["loginDisabled"] = flagDisableLogin

	// strip the "templates/" prefix from the embedded directory so files can be read by their direct name (e.g.
	// "base.html" instead of "templates/base.html")
	tmplDir, _ := fs.Sub(fs.FS(embeddedTemplates), "templates")

	// create the wireguard config on start, if it doesn't exist
	initServerConfig(db, tmplDir)

	// register routes
	app := router.New(tmplDir, extraData, util.SessionSecret)

	app.GET(util.BasePath, handler.WireGuardClients(db), handler.ValidSession)

	if !util.DisableLogin {
		app.GET(util.BasePath+"/login", handler.LoginPage())
		app.POST(util.BasePath+"/login", handler.Login(db))
		app.GET(util.BasePath+"/logout", handler.Logout(), handler.ValidSession)
		app.GET(util.BasePath+"/profile", handler.LoadProfile(db), handler.ValidSession)
		app.GET(util.BasePath+"/users-settings", handler.UsersSettings(db), handler.ValidSession, handler.NeedsAdmin)
		app.POST(util.BasePath+"/update-user", handler.UpdateUser(db), handler.ValidSession)
		app.POST(util.BasePath+"/create-user", handler.CreateUser(db), handler.ValidSession, handler.NeedsAdmin)
		app.POST(util.BasePath+"/remove-user", handler.RemoveUser(db), handler.ValidSession, handler.NeedsAdmin)
		app.GET(util.BasePath+"/getusers", handler.GetUsers(db), handler.ValidSession, handler.NeedsAdmin)
		app.GET(util.BasePath+"/api/user/:username", handler.GetUser(db), handler.ValidSession)
	}

	var sendmail emailer.Emailer
	if util.SendgridApiKey != "" {
		sendmail = emailer.NewSendgridApiMail(util.SendgridApiKey, util.EmailFromName, util.EmailFrom)
	} else {
		sendmail = emailer.NewSmtpMail(util.SmtpHostname, util.SmtpPort, util.SmtpUsername, util.SmtpPassword, util.SmtpNoTLSCheck, util.SmtpAuthType, util.EmailFromName, util.EmailFrom, util.SmtpEncryption)
	}

	app.GET(util.BasePath+"/test-hash", handler.GetHashesChanges(db), handler.ValidSession)
	app.GET(util.BasePath+"/about", handler.AboutPage())
	app.GET(util.BasePath+"/_health", handler.Health())
	app.GET(util.BasePath+"/favicon", handler.Favicon())
	app.POST(util.BasePath+"/new-client", handler.NewClient(db), handler.ValidSession, handler.ContentTypeJson)
	app.POST(util.BasePath+"/update-client", handler.UpdateClient(db), handler.ValidSession, handler.ContentTypeJson)
	app.POST(util.BasePath+"/email-client", handler.EmailClient(db, sendmail, defaultEmailSubject, defaultEmailContent), handler.ValidSession, handler.ContentTypeJson)
	app.POST(util.BasePath+"/client/set-status", handler.SetClientStatus(db), handler.ValidSession, handler.ContentTypeJson)
	app.POST(util.BasePath+"/remove-client", handler.RemoveClient(db), handler.ValidSession, handler.ContentTypeJson)
	app.GET(util.BasePath+"/download", handler.DownloadClient(db), handler.ValidSession)
	app.GET(util.BasePath+"/wg-server", handler.WireGuardServer(db), handler.ValidSession, handler.NeedsAdmin)
	app.POST(util.BasePath+"/wg-server/interfaces", handler.WireGuardServerInterfaces(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)
	app.POST(util.BasePath+"/wg-server/keypair", handler.WireGuardServerKeyPair(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)
	app.GET(util.BasePath+"/global-settings", handler.GlobalSettings(db), handler.ValidSession, handler.NeedsAdmin)
	app.POST(util.BasePath+"/global-settings", handler.GlobalSettingSubmit(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)
	app.GET(util.BasePath+"/status", handler.Status(db), handler.ValidSession)
	app.GET(util.BasePath+"/api/clients", handler.GetClients(db), handler.ValidSession)
	app.GET(util.BasePath+"/api/client/:id", handler.GetClient(db), handler.ValidSession)
	app.GET(util.BasePath+"/api/machine-ips", handler.MachineIPAddresses(), handler.ValidSession)
	app.GET(util.BasePath+"/api/suggest-client-ips", handler.SuggestIPAllocation(db), handler.ValidSession)
	app.POST(util.BasePath+"/api/apply-wg-config", handler.ApplyServerConfig(db, tmplDir), handler.ValidSession, handler.ContentTypeJson)
	app.GET(util.BasePath+"/wake_on_lan_hosts", handler.GetWakeOnLanHosts(db), handler.ValidSession)
	app.POST(util.BasePath+"/wake_on_lan_host", handler.SaveWakeOnLanHost(db), handler.ValidSession, handler.ContentTypeJson)
	app.DELETE(util.BasePath+"/wake_on_lan_host/:mac_address", handler.DeleteWakeOnHost(db), handler.ValidSession, handler.ContentTypeJson)
	app.PUT(util.BasePath+"/wake_on_lan_host/:mac_address", handler.WakeOnHost(db), handler.ValidSession, handler.ContentTypeJson)

	// strip the "assets/" prefix from the embedded directory so files can be called directly without the "assets/"
	// prefix
	assetsDir, _ := fs.Sub(fs.FS(embeddedAssets), "assets")
	assetHandler := http.FileServer(http.FS(assetsDir))
	// serves other static files
	app.GET(util.BasePath+"/static/*", echo.WrapHandler(http.StripPrefix(util.BasePath+"/static/", assetHandler)))

	app.Logger.Fatal(app.Start(util.BindAddress))
}

func initServerConfig(db store.IStore, tmplDir fs.FS) {
	settings, err := db.GetGlobalSettings()
	if err != nil {
		log.Fatalf("Cannot get global settings: ", err)
	}

	if _, err := os.Stat(settings.ConfigFilePath); err == nil {
		// file exists, don't overwrite it implicitly
		return
	}

	server, err := db.GetServer()
	if err != nil {
		log.Fatalf("Cannot get server config: ", err)
	}

	clients, err := db.GetClients(false)
	if err != nil {
		log.Fatalf("Cannot get client config: ", err)
	}

	users, err := db.GetUsers()
	if err != nil {
		log.Fatalf("Cannot get user config: ", err)
	}

	// write config file
	err = util.WriteWireGuardServerConfig(tmplDir, server, clients, users, settings)
	if err != nil {
		log.Fatalf("Cannot create server config: ", err)
	}
}
Initial commit 2020-04-18 11:17:49 +02:00			`package main`

			`import (`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`"embed"`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`"flag"`
DB query refactoring 2020-04-23 13:01:40 +02:00			`"fmt"`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`"io/fs"`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`"net/http"`
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00			`"os"`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`"time"`

env variable file support (#391) 2023-12-25 19:58:31 +01:00			`"github.com/labstack/echo/v4"`
			`"github.com/labstack/gommon/log"`
			`"github.com/ngoduykhanh/wireguard-ui/store"`

Fixes security issue & Adds support to sent configuration via email (#83) 2021-08-08 19:55:59 +02:00			`"github.com/ngoduykhanh/wireguard-ui/emailer"`
Initial commit 2020-04-18 11:17:49 +02:00			`"github.com/ngoduykhanh/wireguard-ui/handler"`
			`"github.com/ngoduykhanh/wireguard-ui/router"`
Abstracts database storage & Status page UI (#88) 2021-08-28 15:10:30 +02:00			`"github.com/ngoduykhanh/wireguard-ui/store/jsondb"`
DB query refactoring 2020-04-23 13:01:40 +02:00			`"github.com/ngoduykhanh/wireguard-ui/util"`
Initial commit 2020-04-18 11:17:49 +02:00			`)`

Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`var (`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`// command-line banner information`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`appVersion = "development"`
			`gitCommit = "N/A"`
			`gitRef = "N/A"`
			`buildTime = fmt.Sprintf(time.Now().UTC().Format("01-02-2006 15:04:05"))`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`// configuration variables`
			`flagDisableLogin bool = false`
			`flagBindAddress string = "0.0.0.0:5000"`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`flagSmtpHostname string = "127.0.0.1"`
			`flagSmtpPort int = 25`
			`flagSmtpUsername string`
			`flagSmtpPassword string`
Update readme and code comments (#272) 2022-12-13 22:44:11 +01:00			`flagSmtpAuthType string = "NONE"`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`flagSmtpNoTLSCheck bool = false`
Add support to SSL/TLS/SSLTLS encryption for SMTP (#221) 2022-09-30 10:26:17 +02:00			`flagSmtpEncryption string = "STARTTLS"`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`flagSendgridApiKey string`
			`flagEmailFrom string`
			`flagEmailFromName string = "WireGuard UI"`
fix: set random session secret if not set (#417) 2023-08-11 11:48:51 +02:00			`flagSessionSecret string = util.RandomString(32)`
Custom wg conf template (#179) 2022-04-24 09:42:08 +02:00			`flagWgConfTemplate string`
*: allows for BASE_PATH configuration (#183) 2022-04-25 09:17:13 +02:00			`flagBasePath string`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`)`

Fixes security issue & Adds support to sent configuration via email (#83) 2021-08-08 19:55:59 +02:00			`const (`
			`defaultEmailSubject = "Your wireguard configuration"`
			defaultEmailContent = `Hi,</br>
Fixed typo (#113) 2021-11-09 11:01:42 +01:00			`<p>In this email you can find your personal configuration for our wireguard server.</p>`
Fixes security issue & Adds support to sent configuration via email (#83) 2021-08-08 19:55:59 +02:00
			`<p>Best</p>`
			`
			`)`

Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`// embed the "templates" directory`
			`//`
			`//go:embed templates/*`
			`var embeddedTemplates embed.FS`

			`// embed the "assets" directory`
			`//`
			`//go:embed assets/*`
			`var embeddedAssets embed.FS`

Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`func init() {`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00
			`// command-line flags and env variables`
Fix flag to disable login (#119) 2021-11-12 21:17:18 +01:00			`flag.BoolVar(&flagDisableLogin, "disable-login", util.LookupEnvOrBool("DISABLE_LOGIN", flagDisableLogin), "Disable authentication on the app. This is potentially dangerous.")`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`flag.StringVar(&flagBindAddress, "bind-address", util.LookupEnvOrString("BIND_ADDRESS", flagBindAddress), "Address:Port to which the app will be bound.")`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`flag.StringVar(&flagSmtpHostname, "smtp-hostname", util.LookupEnvOrString("SMTP_HOSTNAME", flagSmtpHostname), "SMTP Hostname")`
			`flag.IntVar(&flagSmtpPort, "smtp-port", util.LookupEnvOrInt("SMTP_PORT", flagSmtpPort), "SMTP Port")`
Minor Changes (#210) 2022-09-30 10:21:20 +02:00			`flag.StringVar(&flagSmtpUsername, "smtp-username", util.LookupEnvOrString("SMTP_USERNAME", flagSmtpUsername), "SMTP Username")`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`flag.BoolVar(&flagSmtpNoTLSCheck, "smtp-no-tls-check", util.LookupEnvOrBool("SMTP_NO_TLS_CHECK", flagSmtpNoTLSCheck), "Disable TLS verification for SMTP. This is potentially dangerous.")`
SMTP: Support disabling encryption (#297) 2023-02-16 17:06:45 +01:00			`flag.StringVar(&flagSmtpEncryption, "smtp-encryption", util.LookupEnvOrString("SMTP_ENCRYPTION", flagSmtpEncryption), "SMTP Encryption : NONE, SSL, SSLTLS, TLS or STARTTLS (by default)")`
Update readme and code comments (#272) 2022-12-13 22:44:11 +01:00			`flag.StringVar(&flagSmtpAuthType, "smtp-auth-type", util.LookupEnvOrString("SMTP_AUTH_TYPE", flagSmtpAuthType), "SMTP Auth Type : PLAIN, LOGIN or NONE.")`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`flag.StringVar(&flagEmailFrom, "email-from", util.LookupEnvOrString("EMAIL_FROM_ADDRESS", flagEmailFrom), "'From' email address.")`
			`flag.StringVar(&flagEmailFromName, "email-from-name", util.LookupEnvOrString("EMAIL_FROM_NAME", flagEmailFromName), "'From' email name.")`
Custom wg conf template (#179) 2022-04-24 09:42:08 +02:00			`flag.StringVar(&flagWgConfTemplate, "wg-conf-template", util.LookupEnvOrString("WG_CONF_TEMPLATE", flagWgConfTemplate), "Path to custom wg.conf template.")`
*: allows for BASE_PATH configuration (#183) 2022-04-25 09:17:13 +02:00			`flag.StringVar(&flagBasePath, "base-path", util.LookupEnvOrString("BASE_PATH", flagBasePath), "The base path of the URL")`
env variable file support (#391) 2023-12-25 19:58:31 +01:00
			`var (`
			`smtpPasswordLookup = util.LookupEnvOrString("SMTP_PASSWORD", flagSmtpPassword)`
			`sengridApiKeyLookup = util.LookupEnvOrString("SENDGRID_API_KEY", flagSendgridApiKey)`
			`sessionSecretLookup = util.LookupEnvOrString("SESSION_SECRET", flagSessionSecret)`
			`)`

			`// check empty smtpPassword env var`
			`if smtpPasswordLookup != "" {`
			`flag.StringVar(&flagSmtpPassword, "smtp-password", smtpPasswordLookup, "SMTP Password")`
			`} else {`
			`flag.StringVar(&flagSmtpPassword, "smtp-password", util.LookupEnvOrFile("SMTP_PASSWORD_FILE", flagSmtpPassword), "SMTP Password File")`
			`}`

			`// check empty sengridApiKey env var`
			`if sengridApiKeyLookup != "" {`
			`flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", sengridApiKeyLookup, "Your sendgrid api key.")`
			`} else {`
			`flag.StringVar(&flagSendgridApiKey, "sendgrid-api-key", util.LookupEnvOrFile("SENDGRID_API_KEY_FILE", flagSendgridApiKey), "File containing your sendgrid api key.")`
			`}`

			`// check empty sessionSecret env var`
			`if sessionSecretLookup != "" {`
			`flag.StringVar(&flagSessionSecret, "session-secret", sessionSecretLookup, "The key used to encrypt session cookies.")`
			`} else {`
			`flag.StringVar(&flagSessionSecret, "session-secret", util.LookupEnvOrFile("SESSION_SECRET_FILE", flagSessionSecret), "File containing the key used to encrypt session cookies.")`
			`}`

Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`flag.Parse()`

			`// update runtime config`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`util.DisableLogin = flagDisableLogin`
			`util.BindAddress = flagBindAddress`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`util.SmtpHostname = flagSmtpHostname`
			`util.SmtpPort = flagSmtpPort`
			`util.SmtpUsername = flagSmtpUsername`
			`util.SmtpPassword = flagSmtpPassword`
			`util.SmtpAuthType = flagSmtpAuthType`
			`util.SmtpNoTLSCheck = flagSmtpNoTLSCheck`
Add support to SSL/TLS/SSLTLS encryption for SMTP (#221) 2022-09-30 10:26:17 +02:00			`util.SmtpEncryption = flagSmtpEncryption`
Expand env vars and flags (#84) 2021-08-29 20:26:12 +02:00			`util.SendgridApiKey = flagSendgridApiKey`
			`util.EmailFrom = flagEmailFrom`
			`util.EmailFromName = flagEmailFromName`
			`util.SessionSecret = []byte(flagSessionSecret)`
Custom wg conf template (#179) 2022-04-24 09:42:08 +02:00			`util.WgConfTemplate = flagWgConfTemplate`
*: allows for BASE_PATH configuration (#183) 2022-04-25 09:17:13 +02:00			`util.BasePath = util.ParseBasePath(flagBasePath)`
Add build information to the bianry 2020-06-01 08:03:10 +02:00
Add log levels (#332) 2023-03-15 21:29:08 +01:00			`// print only if log level is INFO or lower`
			`if lvl, _ := util.ParseLogLevel(util.LookupEnvOrString(util.LogLevel, "INFO")); lvl <= log.INFO {`
			`// print app information`
			`fmt.Println("Wireguard UI")`
			`fmt.Println("App Version\t:", appVersion)`
			`fmt.Println("Git Commit\t:", gitCommit)`
			`fmt.Println("Git Ref\t\t:", gitRef)`
			`fmt.Println("Build Time\t:", buildTime)`
			`fmt.Println("Git Repo\t:", "https://github.com/ngoduykhanh/wireguard-ui")`
			`fmt.Println("Authentication\t:", !util.DisableLogin)`
			`fmt.Println("Bind address\t:", util.BindAddress)`
			`//fmt.Println("Sendgrid key\t:", util.SendgridApiKey)`
			`fmt.Println("Email from\t:", util.EmailFrom)`
			`fmt.Println("Email from name\t:", util.EmailFromName)`
			`//fmt.Println("Session secret\t:", util.SessionSecret)`
			`fmt.Println("Custom wg.conf\t:", util.WgConfTemplate)`
			`fmt.Println("Base path\t:", util.BasePath+"/")`
			`}`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`}`

			`func main() {`
Abstracts database storage & Status page UI (#88) 2021-08-28 15:10:30 +02:00			`db, err := jsondb.New("./db")`
			`if err != nil {`
			`panic(err)`
			`}`
			`if err := db.Init(); err != nil {`
			`panic(err)`
			`}`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`// set app extra data`
Hide user settings if login is disabled (#356) (#361) 2023-05-24 12:04:02 +02:00			`extraData := make(map[string]interface{})`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`extraData["appVersion"] = appVersion`
Stamp git commit into docker builds. (#325) 2023-03-15 21:39:20 +01:00			`extraData["gitCommit"] = gitCommit`
*: allows for BASE_PATH configuration (#183) 2022-04-25 09:17:13 +02:00			`extraData["basePath"] = util.BasePath`
Hide user settings if login is disabled (#356) (#361) 2023-05-24 12:04:02 +02:00			`extraData["loginDisabled"] = flagDisableLogin`
DB query refactoring 2020-04-23 13:01:40 +02:00
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`// strip the "templates/" prefix from the embedded directory so files can be read by their direct name (e.g.`
			`// "base.html" instead of "templates/base.html")`
			`tmplDir, _ := fs.Sub(fs.FS(embeddedTemplates), "templates")`
Single binary build (#10) Single binary build Use go rice for embedding the static files and templates to the binary file 2020-05-21 10:51:24 +02:00
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00			`// create the wireguard config on start, if it doesn't exist`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`initServerConfig(db, tmplDir)`
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00
DB query refactoring 2020-04-23 13:01:40 +02:00			`// register routes`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`app := router.New(tmplDir, extraData, util.SessionSecret)`
Initial commit 2020-04-18 11:17:49 +02:00
*: allows for BASE_PATH configuration (#183) 2022-04-25 09:17:13 +02:00			`app.GET(util.BasePath, handler.WireGuardClients(db), handler.ValidSession)`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00
			`if !util.DisableLogin {`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.GET(util.BasePath+"/login", handler.LoginPage())`
			`app.POST(util.BasePath+"/login", handler.Login(db))`
feat: update user profile (#280) 2022-12-21 21:52:00 +01:00			`app.GET(util.BasePath+"/logout", handler.Logout(), handler.ValidSession)`
			`app.GET(util.BasePath+"/profile", handler.LoadProfile(db), handler.ValidSession)`
User management panel (#289) 2023-03-15 21:13:53 +01:00			`app.GET(util.BasePath+"/users-settings", handler.UsersSettings(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.POST(util.BasePath+"/update-user", handler.UpdateUser(db), handler.ValidSession)`
			`app.POST(util.BasePath+"/create-user", handler.CreateUser(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.POST(util.BasePath+"/remove-user", handler.RemoveUser(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.GET(util.BasePath+"/getusers", handler.GetUsers(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.GET(util.BasePath+"/api/user/:username", handler.GetUser(db), handler.ValidSession)`
Login disable (#35) Add ability to disable authentication 2020-10-09 23:33:29 +02:00			`}`

SMTP support (#146) 2022-01-29 09:01:37 +01:00			`var sendmail emailer.Emailer`
			`if util.SendgridApiKey != "" {`
			`sendmail = emailer.NewSendgridApiMail(util.SendgridApiKey, util.EmailFromName, util.EmailFrom)`
			`} else {`
Add support to SSL/TLS/SSLTLS encryption for SMTP (#221) 2022-09-30 10:26:17 +02:00			`sendmail = emailer.NewSmtpMail(util.SmtpHostname, util.SmtpPort, util.SmtpUsername, util.SmtpPassword, util.SmtpNoTLSCheck, util.SmtpAuthType, util.EmailFromName, util.EmailFrom, util.SmtpEncryption)`
SMTP support (#146) 2022-01-29 09:01:37 +01:00			`}`
Fixes security issue & Adds support to sent configuration via email (#83) 2021-08-08 19:55:59 +02:00
Show apply config button only when needed (#292) 2023-03-15 21:15:41 +01:00			`app.GET(util.BasePath+"/test-hash", handler.GetHashesChanges(db), handler.ValidSession)`
About page (#296) 2023-02-16 17:31:24 +01:00			`app.GET(util.BasePath+"/about", handler.AboutPage())`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.GET(util.BasePath+"/_health", handler.Health())`
Add favicon (#288) 2023-02-16 17:09:24 +01:00			`app.GET(util.BasePath+"/favicon", handler.Favicon())`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.POST(util.BasePath+"/new-client", handler.NewClient(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.POST(util.BasePath+"/update-client", handler.UpdateClient(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.POST(util.BasePath+"/email-client", handler.EmailClient(db, sendmail, defaultEmailSubject, defaultEmailContent), handler.ValidSession, handler.ContentTypeJson)`
			`app.POST(util.BasePath+"/client/set-status", handler.SetClientStatus(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.POST(util.BasePath+"/remove-client", handler.RemoveClient(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.GET(util.BasePath+"/download", handler.DownloadClient(db), handler.ValidSession)`
User management panel (#289) 2023-03-15 21:13:53 +01:00			`app.GET(util.BasePath+"/wg-server", handler.WireGuardServer(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.POST(util.BasePath+"/wg-server/interfaces", handler.WireGuardServerInterfaces(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)`
			`app.POST(util.BasePath+"/wg-server/keypair", handler.WireGuardServerKeyPair(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)`
			`app.GET(util.BasePath+"/global-settings", handler.GlobalSettings(db), handler.ValidSession, handler.NeedsAdmin)`
			`app.POST(util.BasePath+"/global-settings", handler.GlobalSettingSubmit(db), handler.ValidSession, handler.ContentTypeJson, handler.NeedsAdmin)`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.GET(util.BasePath+"/status", handler.Status(db), handler.ValidSession)`
			`app.GET(util.BasePath+"/api/clients", handler.GetClients(db), handler.ValidSession)`
			`app.GET(util.BasePath+"/api/client/:id", handler.GetClient(db), handler.ValidSession)`
			`app.GET(util.BasePath+"/api/machine-ips", handler.MachineIPAddresses(), handler.ValidSession)`
			`app.GET(util.BasePath+"/api/suggest-client-ips", handler.SuggestIPAllocation(db), handler.ValidSession)`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`app.POST(util.BasePath+"/api/apply-wg-config", handler.ApplyServerConfig(db, tmplDir), handler.ValidSession, handler.ContentTypeJson)`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.GET(util.BasePath+"/wake_on_lan_hosts", handler.GetWakeOnLanHosts(db), handler.ValidSession)`
			`app.POST(util.BasePath+"/wake_on_lan_host", handler.SaveWakeOnLanHost(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.DELETE(util.BasePath+"/wake_on_lan_host/:mac_address", handler.DeleteWakeOnHost(db), handler.ValidSession, handler.ContentTypeJson)`
			`app.PUT(util.BasePath+"/wake_on_lan_host/:mac_address", handler.WakeOnHost(db), handler.ValidSession, handler.ContentTypeJson)`
Single binary build (#10) Single binary build Use go rice for embedding the static files and templates to the binary file 2020-05-21 10:51:24 +02:00
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`// strip the "assets/" prefix from the embedded directory so files can be called directly without the "assets/"`
			`// prefix`
			`assetsDir, _ := fs.Sub(fs.FS(embeddedAssets), "assets")`
			`assetHandler := http.FileServer(http.FS(assetsDir))`
			`// serves other static files`
Mitigate CSRF attacks (#206) 2022-07-14 08:36:47 +02:00			`app.GET(util.BasePath+"/static/*", echo.WrapHandler(http.StripPrefix(util.BasePath+"/static/", assetHandler)))`
Single binary build (#10) Single binary build Use go rice for embedding the static files and templates to the binary file 2020-05-21 10:51:24 +02:00
Add configurable bind address (#36) 2020-10-10 16:01:35 +02:00			`app.Logger.Fatal(app.Start(util.BindAddress))`
Initial commit 2020-04-18 11:17:49 +02:00			`}`
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`func initServerConfig(db store.IStore, tmplDir fs.FS) {`
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00			`settings, err := db.GetGlobalSettings()`
			`if err != nil {`
			`log.Fatalf("Cannot get global settings: ", err)`
			`}`

			`if _, err := os.Stat(settings.ConfigFilePath); err == nil {`
			`// file exists, don't overwrite it implicitly`
			`return`
			`}`

			`server, err := db.GetServer()`
			`if err != nil {`
			`log.Fatalf("Cannot get server config: ", err)`
			`}`

			`clients, err := db.GetClients(false)`
			`if err != nil {`
			`log.Fatalf("Cannot get client config: ", err)`
			`}`

User management panel (#289) 2023-03-15 21:13:53 +01:00			`users, err := db.GetUsers()`
			`if err != nil {`
			`log.Fatalf("Cannot get user config: ", err)`
			`}`

Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00			`// write config file`
Replace go.rice with native go embedding (#331) 2023-03-16 08:40:04 +01:00			`err = util.WriteWireGuardServerConfig(tmplDir, server, clients, users, settings)`
Write the initial wireguard config on start, if none exists (#207) 2022-07-14 08:40:16 +02:00			`if err != nil {`
			`log.Fatalf("Cannot create server config: ", err)`
			`}`
			`}`