Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
OpnSense Wireguard API using
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpnSense Wireguard API using (Read 2028 times)
bobbylv75
Newbie
Posts: 1
Karma: 0
OpnSense Wireguard API using
«
on:
March 23, 2023, 09:02:58 am »
Hi
I wanna automate peer creation in Wireguard plugin. For this I use api.
1. I can create new peer with API call "/api/wireguard/client/addClient" with JSON
{"client":
{"enabled": "1",
"name": "WR_Master",
"pubkey": "user_pubkey",
"tunneladdress": "10.0.11.50/32",
"persistentkeepalive": "25"
}
}
It is ok. Peer is created with uuid "xxxx-xxxx-xxxx"
2. Now I need to enable new peer in VPN -> Wireguard -> Local -> Peers (Endpoints)
I try to call API "/api/wireguard/server/set" with JSON
{
"server": {
"enabled": "1",
"peers": {
"xxxx-xxxx-xxxx": {
"selected": "1"
}
},
"uuid": "yyyy-yyyy-yyyy"
}
}
where "yyyy-yyyy-yyyy" is Wireguard server's uuid.
The call ends successfully with message
"Ok. Saved"
Then I make a API call "/api/wireguard/service/reconfigure"
Result - "Ok"
But unfortunally new peer is uncheked in GUI VPN -> Wireguard -> Local -> Peers (Endpoints)
What i doing wrong?
Logged
p_kn
Newbie
Posts: 12
Karma: 0
Re: OpnSense Wireguard API using
«
Reply #1 on:
April 27, 2023, 07:05:51 am »
To set an single peer active send
Code:
[Select]
{'server': {'peers': SinglePeerUUID}}
to wireguard/server/setServer/
ServerUUID
, then
SinglePeerUUID
gets enabled. To set multiple active:
Code:
[Select]
{'server': {'peers': 'SinglePeerUUID1,SinglePeerUUID2' }}
Take care, not to send a json array [...], but a string with comma separated values.
Too sad, that such things have to be figured out by trial and error, instead of reading a doc. IMO this belongs on this page:
https://docs.opnsense.org/development/api/plugins/wireguard.html
Logged
p_kn
Newbie
Posts: 12
Karma: 0
Re: OpnSense Wireguard API using
«
Reply #2 on:
April 28, 2023, 04:23:19 pm »
I made a little project which allows to make a new wireguard peer and push it to the opensense:
https://github.com/pkoevesdi/wg-keygen-notrust/tree/opnsensebridge
extending the pure conf generator
https://github.com/jcarrano/wg-keygen-notrust
. Can also be used as a demo for the wireguard API.
«
Last Edit: April 29, 2023, 12:11:57 pm by p_kn
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
OpnSense Wireguard API using