OPNsense Forum

English Forums => Development and Code Review => Topic started by: jkwan on September 19, 2022, 03:06:03 pm

Title: How to user wireguard API (search, add, set)
Post by: jkwan on September 19, 2022, 03:06:03 pm

Hi,

I am struggling with the wireguard API.
https://docs.opnsense.org/development/api/plugins/wireguard.html

Is there an example of how to use the search, set and get endpoints for the client service please ?
I do not understand how to pass the parameter of the search query and the data for add and search endpoint.
An example with curl command will really help me.

edit: I found the way to use all APIs except for search methods

Thanks !

Title: Re: How to user wireguard API (search, add, set)
Post by: MoeK on October 26, 2022, 12:35:23 pm

Hi,

so the basic command for getting information would be something like that:

Code: [Select]

curl -k -u {{ opnsense_key }}:{{ opnsense_secret }} https://{{ fwhost }}/api/wireguard/client/searchClient
Sadly I'm also struggling with the creation of users through the API:
https://forum.opnsense.org/index.php?topic=30810.0

From what I have found, something like that should work:

Code: [Select]

curl -X POST -d '{"enabled”:"1",”name”:”test.user”,“pubkey“:“$key“,“tunneladdress“:“xxx.xxx.xxx.xxx/xx“}' -H "Content-Type: application/json" -k -u $key:$secret https://$IP/api/wireguard/client/addClientWhere you could run it in a Python script and pass the different values for the variables.

Sadly this isn't working for me right now, but I hope it helped at least a bit.

Title: Re: How to user wireguard API (search, add, set)
Post by: jkwan on October 26, 2022, 01:02:28 pm

Hi,
Thank you for your reply.
I managed to use the APIs except the method for searches

Here is a working CURL example for the addClient method :

Code: [Select]

curl \
--location --request POST 'https://{{fwhost}}/api/wireguard/client/addClient' \
--header 'Authorization: Basic {{token}} \
--header 'Content-Type: application/json' \
--data-raw '{"client":{"tunneladdress":"$address","name":"$user","enabled":1,"pubkey":"$key"}}'
Note that you have to put the client data structure inside a client property.
it's simply a JSON representation of the XML structure described in the documentation :
https://github.com/opnsense/plugins/blob/master/net/wireguard/src/opnsense/mvc/app/models/OPNsense/Wireguard/Client.xml

Same thing for the setClient method, you have just to change the endpoint URL for something like this :

Code: [Select]

https://{{fwhost}}/api/wireguard/client/setClient/{{uuid}}
For the delete method, it seems that empty data have to be posted like this ;

Code: [Select]

curl \
--location --request POST 'https://{{fwhost}}/api/wireguard/client/delClient/{{uuid}}' \
--header 'Authorization: Basic {{token}}' \
--data-raw ''

In my curl examples, {{token}} is base64 encoded of $key:$secret, but you can use -u $key:$secret

Regards,