Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - soupyfrood

Pages1
#1
Virtual private networks / Re: Bulk wireguard client config import?
August 04, 2021, 01:41:01 AM
Easier said than done, hah, that's well outside my experience.  If I hunt through the page source I can find stuff like this:
Code Select
    $("#grid-clients").UIBootgrid(
        {   'search':'/api/wireguard/client/searchClient',
            'get':'/api/wireguard/client/getClient/',
            'set':'/api/wireguard/client/setClient/',
            'add':'/api/wireguard/client/addClient/',
            'del':'/api/wireguard/client/delClient/',
            'toggle':'/api/wireguard/client/toggleClient/'
        }
    );
...which doesn't really tell me anything, since I know of those from the documentation.  https://docs.opnsense.org/development/api/plugins/wireguard.html

What I can say is that this works:
Code Select
curl -s -k -u $KEY:$SECRET https://$HOST/api/wireguard/client/get
And outputs something like this:
Code Select
{"client":{"clients":{"client":{"aaaaaaaa-aaaa-aaaa-aaaaaaaaaaaaaaaaa":"enabled":"1","name":"Test","pubkey":"asdasdasdasdasdasdasdasdasdasdsa","psk":"",
"tunneladdress":"192.168.2.2\/24":"value":"192.168.2.2\/24","selected":1}},"serveraddress":"","serverport":"","keepalive":""}}}}}

But this returns a 501 Not Implemented:
Code Select
curl -X port -d '' -k -u $KEY:$SECRET https://$HOST/api/wireguard/client/addClient

Even then, I don't know how to properly format the JSON input for the above.  If I try this:
Code Select
curl -X POST -d '{"client":{"enabled":"1","name":"Test","pubkey":"asdasdasdasdasdasdasdasdasdasdsa","psk":"","tunneladdress":"192.168.2.2\/24":"value":"192.168.2.2\/24","selected":1}},"serveraddress":"","serverport":"","keepalive":""}}}' \
-H "Content-Type: application/json" -k -u $KEY:$SECRET https://opnsense.fung.us/api/wireguard/client/addClient
... it returns:
Code Select
{"result":"failed"}


Anyways, I don't know enough about web application technology to look at this and know what to do, and I didn't really find enough OPNsense API examples in my searches to find some code to "borrow." :)
#2
Virtual private networks / Re: Bulk wireguard client config import?
August 03, 2021, 07:09:44 PM
That's what I figured.  It also looks like the API isn't complete for this functionality.  api/wireguard/client/get
works as expected, but api/wireguard/client/addClient returns 501 Not Implemented.

I'm tempted by the thought of exporting a configuration xml for the whole system, manually editing the configuration in, and then importing, but I don't really want to deal with the fallout if I make a mistake and blow up my OPNsense install.
#3
Virtual private networks / Bulk wireguard client config import?
August 03, 2021, 03:23:02 AM
I've recently set up OPNsense and wanted to migrate my old client configuration to it.  I was hoping to not do so manually.  I have a feeling that I can't simply run "wg addconf" from the shell, in order to get a client configured properly in OPNsense's configuration for wireguard. 

Any suggestions?  Thanks.
Pages1