[feature] Added autoclient classmethods to Wireguard, VXLAN and OpenWRT backend

Author: pandafy

netjsonconfig/__init__.py

@@ -5,6 +5,7 @@
 from .backends.openvpn.openvpn import OpenVpn  # noqa
 from .backends.openwisp.openwisp import OpenWisp  # noqa
 from .backends.openwrt.openwrt import OpenWrt  # noqa
+from .backends.vxlan.vxlan_wireguard import VxlanWireguard  # noqa
 from .backends.wireguard.wireguard import Wireguard  # noqa
 from .version import VERSION, __version__, get_version  # noqa
 

netjsonconfig/backends/openwrt/openwrt.py

@@ -1,4 +1,6 @@
 from ..base.backend import BaseBackend
+from ..vxlan.vxlan_wireguard import VxlanWireguard
+from ..wireguard.wireguard import Wireguard
 from . import converters
 from .parser import OpenWrtParser, config_path, packages_pattern
 from .renderer import OpenWrtRenderer
@@ -51,3 +53,70 @@ def _generate_contents(self, tar):
                 name='{0}{1}'.format(config_path, package_name),
                 contents=text_contents,
             )
+
+    @classmethod
+    def wireguard_auto_client(cls, **kwargs):
+        data = Wireguard.auto_client(**kwargs)
+        config = {
+            'interfaces': [
+                {
+                    'name': data['interface_name'],
+                    'type': 'wireguard',
+                    'private_key': data['client']['private_key'],
+                    'port': data['client']['port'],
+                    # Default values for Wireguard Interface
+                    'mtu': 1420,
+                    'nohostroute': False,
+                    'fwmark': '',
+                    'ip6prefix': [],
+                    'addresses': [],
+                    'network': '',
+                }
+            ],
+            'wireguard_peers': [
+                {
+                    'interface': data['interface_name'],
+                    'public_key': data['server']['public_key'],
+                    'allowed_ips': data['server']['allowed_ips'],
+                    'endpoint_host': data['server']['endpoint_host'],
+                    'endpoint_port': data['server']['endpoint_port'],
+                    # Default values for Wireguard Peers
+                    'preshared_key': '',
+                    'persistent_keepalive': 60,
+                    'route_allowed_ips': True,
+                }
+            ],
+        }
+        if data['client']['ip_address']:
+            config['interfaces'][0]['addresses'] = [
+                {
+                    'proto': 'static',
+                    'family': 'ipv4',
+                    'address': data['client']['ip_address'],
+                    'mask': 32,
+                },
+            ]
+        return config
+
+    @classmethod
+    def vxlan_wireguard_auto_client(cls, **kwargs):
+        config = cls.wireguard_auto_client(**kwargs)
+        vxlan_config = VxlanWireguard.auto_client(**kwargs)
+        vxlan_interface = {
+            'name': 'vxlan',
+            'type': 'vxlan',
+            'vtep': vxlan_config['server_ip_address'],
+            'port': 4789,
+            'vni': vxlan_config['vni'],
+            'tunlink': config['interfaces'][0]['name'],
+            # Default values for VXLAN interface
+            'rxcsum': True,
+            'txcsum': True,
+            'mtu': 1280,
+            'ttl': 64,
+            'mac': '',
+            'disabled': False,
+            'network': '',
+        }
+        config['interfaces'].append(vxlan_interface)
+        return config

netjsonconfig/backends/openwrt/schema.py

@@ -307,7 +307,6 @@
                                                     "type": "string",
                                                     "title": "ipv4 address",
                                                     "minLength": 7,
-                                                    "format": "ipv4",
                                                     "propertyOrder": 3,
                                                 },
                                                 "mask": {
@@ -371,7 +370,6 @@
                             },
                             "vtep": {
                                 "type": "string",
-                                "format": "hostname",
                                 "title": "VTEP",
                                 "description": "VXLAN Tunnel End Point",
                                 "propertyOrder": 1.1,

netjsonconfig/backends/vxlan/__init__.py

@@ -0,0 +1,19 @@
+from ..wireguard.wireguard import Wireguard
+
+
+class VxlanWireguard(Wireguard):
+    @classmethod
+    def auto_client(cls, vni=0, server_ip_address='', **kwargs):
+        """
+        Returns a configuration dictionary representing VXLAN configuration
+        that is compatible with the passed server configuration.
+
+        :param vni: Virtual Network Identifier
+        :param server_ip_address: server internal tunnel address
+        :returns: dictionary representing VXLAN properties
+        """
+        config = {
+            'server_ip_address': server_ip_address,
+            'vni': vni,
+        }
+        return config

netjsonconfig/backends/vxlan/vxlan_wireguard.py

@@ -16,6 +16,7 @@ def to_intermediate_loop(self, block, result, index=None):
     def __intermediate_vpn(self, config, remove=None):
         config['ListenPort'] = config.pop('port')
         config['PrivateKey'] = config.pop('private_key')
+        config['Address'] = config.pop('address')
         config['peers'] = self.__intermediate_peers(config.get('peers', []))
         return self.sorted_dict(config)
 

netjsonconfig/backends/wireguard/converters.py

@@ -12,3 +12,30 @@ class Wireguard(BaseVpnBackend):
     # BaseVpnBackend attributes
     vpn_pattern = vpn_pattern
     config_suffix = config_suffix
+
+    @classmethod
+    def auto_client(cls, host='', public_key='', server={}, port=51820, **kwargs):
+        """
+        Returns a configuration dictionary representing Wireguard configuration
+        that is compatible with the passed server configuration.
+
+        :param host: remote VPN server
+        :param port: listen port for Wireguard Client
+        :param server: dictionary representing a single Wireguard server configuration
+        :param public_key: public key of the Wireguard server
+        :returns: dictionary representing a Wireguard server and client properties
+        """
+        return {
+            'interface_name': server.get('name', ''),
+            'client': {
+                'port': port,
+                'private_key': kwargs.get('private_key', '{{private_key}}'),
+                'ip_address': kwargs.get('ip_address'),
+            },
+            'server': {
+                'public_key': public_key,
+                'endpoint_host': host,
+                'endpoint_port': server.get('port', 51820),
+                'allowed_ips': [kwargs.get('server_ip_network', '')],
+            },
+        }

netjsonconfig/backends/wireguard/wireguard.py

@@ -421,3 +421,124 @@ def test_override_file(self):
         # ensure the additional files are there present in the tar.gz archive
         tar = tarfile.open(fileobj=o.generate(), mode='r')
         self.assertEqual(len(tar.getmembers()), 1)
+
+    def _get_wireguard_empty_configuration(self):
+        return {
+            'interfaces': [
+                {
+                    'addresses': [],
+                    'fwmark': '',
+                    'ip6prefix': [],
+                    'mtu': 1420,
+                    'name': '',
+                    'network': '',
+                    'nohostroute': False,
+                    'port': 51820,
+                    'private_key': '{{private_key}}',
+                    'type': 'wireguard',
+                }
+            ],
+            'wireguard_peers': [
+                {
+                    'allowed_ips': [''],
+                    'endpoint_host': '',
+                    'endpoint_port': 51820,
+                    'interface': '',
+                    'persistent_keepalive': 60,
+                    'preshared_key': '',
+                    'public_key': '',
+                    'route_allowed_ips': True,
+                }
+            ],
+        }
+
+    def _get_vxlan_wireguard_empty_configuration(self):
+        wireguard_config = self._get_wireguard_empty_configuration()
+        vxlan_config = {
+            'disabled': False,
+            'mac': '',
+            'mtu': 1280,
+            'name': 'vxlan',
+            'network': '',
+            'port': 4789,
+            'rxcsum': True,
+            'ttl': 64,
+            'tunlink': '',
+            'txcsum': True,
+            'type': 'vxlan',
+            'vni': 0,
+            'vtep': '',
+        }
+        wireguard_config['interfaces'].append(vxlan_config)
+        return wireguard_config
+
+    def test_wireguard_auto_client(self):
+        with self.subTest('No arguments provided'):
+            expected = self._get_wireguard_empty_configuration()
+            self.assertDictEqual(OpenWrt.wireguard_auto_client(), expected)
+        with self.subTest('Required arguments provided'):
+            expected = self._get_wireguard_empty_configuration()
+            expected['interfaces'][0].update(
+                {
+                    'name': 'wg',
+                    'private_key': '{{private_key}}',
+                    'addresses': [
+                        {
+                            'address': '10.0.0.2',
+                            'family': 'ipv4',
+                            'mask': 32,
+                            'proto': 'static',
+                        },
+                    ],
+                }
+            )
+            expected['wireguard_peers'][0].update(
+                {
+                    'allowed_ips': ['10.0.0.1/24'],
+                    'endpoint_host': '0.0.0.0',
+                    'public_key': 'server_public_key',
+                    'interface': 'wg',
+                }
+            )
+            self.assertDictEqual(
+                OpenWrt.wireguard_auto_client(
+                    host='0.0.0.0',
+                    public_key='server_public_key',
+                    server={'name': 'wg', 'port': 51820},
+                    server_ip_network='10.0.0.1/24',
+                    ip_address='10.0.0.2',
+                ),
+                expected,
+            )
+
+    def test_vxlan_wireguard_auto_client(self):
+        with self.subTest('No arguments provided'):
+            expected = self._get_vxlan_wireguard_empty_configuration()
+            self.assertDictEqual(OpenWrt.vxlan_wireguard_auto_client(), expected)
+        with self.subTest('Required arguments provided'):
+            expected = self._get_vxlan_wireguard_empty_configuration()
+            expected['interfaces'][0].update(
+                {'name': 'wg', 'private_key': '{{private_key}}'}
+            )
+            expected['wireguard_peers'][0].update(
+                {
+                    'allowed_ips': ['10.0.0.1/24'],
+                    'endpoint_host': '0.0.0.0',
+                    'public_key': 'server_public_key',
+                    'interface': 'wg',
+                }
+            )
+            expected['interfaces'][1].update(
+                {'tunlink': 'wg', 'vni': 1, 'vtep': '10.0.0.1'}
+            )
+            self.assertDictEqual(
+                OpenWrt.vxlan_wireguard_auto_client(
+                    host='0.0.0.0',
+                    public_key='server_public_key',
+                    server={'name': 'wg', 'port': 51820},
+                    server_ip_network='10.0.0.1/24',
+                    vni=1,
+                    server_ip_address='10.0.0.1',
+                ),
+                expected,
+            )

tests/openwrt/test_backend.py

@@ -161,9 +161,9 @@ def test_render_wireguard_peer_with_variables(self):
                 "wireguard_peers": [
                     {
                         "interface": "wg0",
-                        "public_key": "{{pub_key_8097b09be57a4b278e2ef2ea9ea809f3}}",
+                        "public_key": "{{public_key_8097b09be57a4b278e2ef2ea9ea809f3}}",
                         "allowed_ips": [
-                            "{{server_ip_max_prefix_8097b09be57a4b278e2ef2ea9ea809f3}}"
+                            "{{server_ip_network_8097b09be57a4b278e2ef2ea9ea809f3}}"
                         ],
                         "endpoint_host": "{{vpn_host_8097b09be57a4b278e2ef2ea9ea809f3}}",
                         "endpoint_port": 40840,
@@ -174,9 +174,9 @@ def test_render_wireguard_peer_with_variables(self):
                 ]
             },
             context={
-                "server_ip_max_prefix_8097b09be57a4b278e2ef2ea9ea809f3": "10.0.0.1/32",
+                "server_ip_network_8097b09be57a4b278e2ef2ea9ea809f3": "10.0.0.1/32",
                 "vpn_host_8097b09be57a4b278e2ef2ea9ea809f3": "192.168.1.42",
-                "pub_key_8097b09be57a4b278e2ef2ea9ea809f3": "rn+isMBpyQ4HX6ZzE709bKnZw5IaLZoIS3hIjmfKCkk=",
+                "public_key_8097b09be57a4b278e2ef2ea9ea809f3": "rn+isMBpyQ4HX6ZzE709bKnZw5IaLZoIS3hIjmfKCkk=",
                 "pre_key_8097b09be57a4b278e2ef2ea9ea809f3": "oPZmGdHBseaV1TF0julyElNuJyeKs2Eo+o62R/09IB4=",
             },
         )