swissmakers_gmbh/wireguard-manager
11
0
Fork 0
mirror of https://github.com/swissmakers/wireguard-manager.git synced 2025-07-20 14:20:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

remove additional_notes() because it was a security-problem and usless for our usecase

Browse Source
This commit is contained in:
Michael Reber 2025-03-04 15:19:46 +01:00
parent 2974013b53
commit ee285c741e
7 changed files with 6 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
custom/js/helper.js
View File

@ -24,11 +24,6 @@ function renderClientList(data) {
? obj.Client.subnet_ranges.join(',')
: '';
// Render additional notes (hidden by default).
const additionalNotesHtml = (obj.Client.additional_notes && obj.Client.additional_notes.length > 0)
? `<div style="display: none"><i class="fas fa-additional_notes"></i>${escapeHtml(obj.Client.additional_notes.toUpperCase())}</div>`
: '';
// Build the client card HTML.
const html = `
<div class="col-sm-6 col-md-6 col-lg-4" id="client_${obj.Client.id}">
@ -69,12 +64,10 @@ function renderClientList(data) {
<div class="info-box-text"><i class="fas fa-user"></i> ${escapeHtml(obj.Client.name)}</div>
<div style="display: none"><i class="fas fa-key"></i> ${escapeHtml(obj.Client.public_key)}</div>
<div style="display: none"><i class="fas fa-subnetrange"></i> ${escapeHtml(subnetRangesString)}</div>
${additionalNotesHtml}
<div class="info-box-text"><i class="fas fa-envelope"></i> ${escapeHtml(obj.Client.email)}</div>
<div class="info-box-text"><i class="fas fa-clock"></i> ${prettyDateTime(obj.Client.created_at)}</div>
<div class="info-box-text"><i class="fas fa-history"></i> ${prettyDateTime(obj.Client.updated_at)}</div>
<div class="info-box-text"><i class="fas fa-server" style="${obj.Client.use_server_dns ? 'opacity: 1.0' : 'opacity: 0.5'}"></i> ${obj.Client.use_server_dns ? 'DNS enabled' : 'DNS disabled'}</div>
<div class="info-box-text"><i class="fas fa-file"></i> ${escapeHtml(obj.Client.additional_notes)}</div>
<div class="info-box-text"><strong>IP Allocation</strong></div>
${allocatedIpsHtml}
<div class="info-box-text"><strong>Allowed IPs</strong></div>

1
handler/routes.go
View File

@ -680,7 +680,6 @@ func UpdateClient(db store.IStore) echo.HandlerFunc {
client.PublicKey = clientUpdate.PublicKey
client.PresharedKey = clientUpdate.PresharedKey
client.UpdatedAt = time.Now().UTC()
client.AdditionalNotes = strings.ReplaceAll(strings.Trim(clientUpdate.AdditionalNotes, "\r\n"), "\r\n", "\n")
// Save the updated client.
if err := db.SaveClient(client); err != nil {

3
model/client.go
View File

@ -41,9 +41,6 @@ type Client struct {
// Endpoint specifies the client's endpoint configuration.
Endpoint string `json:"endpoint"`
// AdditionalNotes are optional notes or comments about the client.
AdditionalNotes string `json:"additional_notes"`
// UseServerDNS indicates whether the client should use the server's DNS settings.
UseServerDNS bool `json:"use_server_dns"`

10
templates/base.html
View File

@ -322,13 +322,6 @@
<input type="text" class="form-control" id="client_preshared_key" name="client_preshared_key" placeholder="Autogenerated - enter &quot;-&quot; to skip generation">
</div>
</details>
<details style="margin-top: 0.5rem;">
<summary><strong>Additional configuration</strong></summary>
<div class="form-group">
<label for="additional_notes" class="control-label">Notes</label>
<textarea class="form-control" style="min-height: 6rem;" id="additional_notes" name="additional_notes" placeholder="Additional notes about this client"></textarea>
</div>
</details>
</div>
<div class="modal-footer justify-content-between">
<button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
@ -517,7 +510,6 @@
const enabled = $("#enabled").is(':checked');
const public_key = $("#client_public_key").val();
const preshared_key = $("#client_preshared_key").val();
const additional_notes = $("#additional_notes").val();
const data = {
"name": name,
@ -530,7 +522,6 @@
"enabled": enabled,
"public_key": public_key,
"preshared_key": preshared_key,
"additional_notes": additional_notes
};
$.ajax({
@ -701,7 +692,6 @@
$("#client_allocated_ips").importTags('');
$("#client_extra_allowed_ips").importTags('');
$("#client_endpoint").val('');
$("#additional_notes").val('');
updateSubnetRangesList("#subnet_ranges");
updateIPAllocationSuggestion(true);
});

19
templates/clients.html
View File

@ -159,14 +159,6 @@ VPN WireGuard Clients
<input type="text" class="form-control" id="_client_preshared_key" name="_client_preshared_key">
</div>
</details>
<details style="margin-top: 0.5rem;">
<summary><strong>Additional configuration</strong>
</summary>
<div class="form-group">
<label for="_additional_notes" class="control-label">Notes</label>
<textarea class="form-control" style="min-height: 6rem;" id="_additional_notes" name="_additional_notes" placeholder="Additional notes about this client"></textarea>
</div>
</details>
</div>
<div class="modal-footer justify-content-between">
<button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
@ -376,11 +368,6 @@ VPN WireGuard Clients
}
})
let upperQuery = query.toUpperCase()
$(".fa-additional_notes").each(function () {
if ($(this).parent().text().trim().indexOf(upperQuery) != -1) {
$(this).closest('.col-lg-4').show();
}
})
})
$("#status-selector").on('change', function () {
@ -603,8 +590,6 @@ VPN WireGuard Clients
modal.find("#_client_public_key").val(client.public_key);
modal.find("#_client_preshared_key").val(client.preshared_key);
modal.find("#_additional_notes").val(client.additional_notes);
// handle subnet range select
$('#_subnet_ranges').on('select2:select', function (e) {
@ -702,11 +687,9 @@ VPN WireGuard Clients
enabled = true;
}
const additional_notes = $("#_additional_notes").val();
const data = {"id": client_id, "name": name, "email": email, "allocated_ips": allocated_ips,
"allowed_ips": allowed_ips, "extra_allowed_ips": extra_allowed_ips, "endpoint": endpoint,
"use_server_dns": use_server_dns, "enabled": enabled, "public_key": public_key, "preshared_key": preshared_key, "additional_notes": additional_notes};
"use_server_dns": use_server_dns, "enabled": enabled, "public_key": public_key, "preshared_key": preshared_key};
$.ajax({
cache: false,

10
templates/wg.conf
View File

@ -14,20 +14,18 @@ PostDown = {{ .serverConfig.Interface.PostDown }}
Table = {{ .globalSettings.Table }}
{{range .clientDataList}}{{if eq .Client.Enabled true}}
#---------------------------------------
# ID: {{ .Client.ID }}
# Name: {{ .Client.Name }}
# Email: {{ .Client.Email }}
# Created at: {{ .Client.CreatedAt }}
# Update at: {{ .Client.UpdatedAt }}
{{- if .Client.AdditionalNotes}}
# Notes:
# {{ .Client.AdditionalNotes }}{{end}}
[Peer]
PublicKey = {{ .Client.PublicKey }}
{{if .Client.PresharedKey}}PresharedKey = {{ .Client.PresharedKey }}{{end}}
AllowedIPs = {{$first :=true}}{{range .Client.AllocatedIPs }}{{if $first}}{{$first = false}}{{else}},{{end}}{{.}}{{end}}
{{if $.globalSettings.PersistentKeepalive}}PersistentKeepalive = {{ $.globalSettings.PersistentKeepalive }}{{end}}
{{if .Client.Endpoint}}Endpoint = {{ .Client.Endpoint }}{{end}}
{{end}}{{end}}
{{if .Client.Endpoint}}Endpoint = {{ .Client.Endpoint }}{{end}}{{end}}
#---------------------------------------
{{end}}

10
util/util.go
View File

@ -522,14 +522,6 @@ func WriteWireGuardServerConfig(tmplDir fs.FS, serverConfig model.Server, client
}
tmplWireGuardConf = fileContent
}
// Escape multiline notes.
var escapedClientDataList []model.ClientData
for _, cd := range clientDataList {
if cd.Client.AdditionalNotes != "" {
cd.Client.AdditionalNotes = strings.ReplaceAll(cd.Client.AdditionalNotes, "\n", "\n# ")
}
escapedClientDataList = append(escapedClientDataList, cd)
}
tmplParsed, err := template.New("wg_config").Parse(tmplWireGuardConf)
if err != nil {
return err
@ -541,7 +533,7 @@ func WriteWireGuardServerConfig(tmplDir fs.FS, serverConfig model.Server, client
defer f.Close()
config := map[string]interface{}{
"serverConfig": serverConfig,
"clientDataList": escapedClientDataList,
"clientDataList": clientDataList,
"globalSettings": globalSettings,
"usersList": usersList,
}