draft up

Author: NegaScout

config/linode/config.ini

@@ -7,4 +7,4 @@ linode_auth_users = wagneja4
 linode_image = linode/debian11
 linode_dns_ttl = 120
 linode_passwd_file = /opt/linode_ansible/become
-linode_wg_private_key_path = config/linode/linode_wg.key
+linode_wireguard_private_key = config/linode/linode_wg.key

config/linode/linode_wg.key

@@ -1 +1 @@
-kACIzgLlHzl71QeK/TVmWN8puCbTaze57caQVBa+j0E=
+SJX/oiUrpFB7pbxDxq5p2eB6dujo0hfviQD4GtwmkF8=

config/linode/linode_wg.key.pub

@@ -1 +1 @@
-g2q7pP6PiIMQGfPRL3EPHSKM5Y5ZwI0EhZfNFBqitys=
+bEQiHdBsvQqbMZ/Mb/8vt9/tnCpZJzj5rnhoGEjezDk=

config/wireguard/config.ini

@@ -1,6 +1,5 @@
 [Wireguard]
-wireguard_template_dir = data
-wireguard_target_wg_conf = /home/user/hermes.conf #"/etc/wireguard/hermes.conf"
+wireguard_template = data/Wireguard.conf
 wireguard_subnet = 10.0.0.0/27
 wireguard_port = 55555
 PersistentKeepalive = 60

data/Wireguard.conf

@@ -16,19 +16,16 @@ PrivateKey = {{ HOST.PrivateKey }}
 {%- if peer.USER_NAME | default(false) %}
 #Name = {{ peer.USER_NAME }}
 #ID={{ peer.USER_ID }}{% endif %}
-Endpoint = {{ MISC.Endpoint }}{% if MISC.ListenPort | default(false) %}:{{ MISC.ListenPort }} {%- endif %}
 PublicKey = {{ peer.PUB_KEY }}
 AllowedIPs = {{ peer.USER_WG_IP }}
-{% if MISC.PersistentKeepalive | default(false) -%} PersistentKeepalive = {{ MISC.PersistentKeepalive }} {%- endif %}
+PersistentKeepalive = 120
 {%- endmacro -%}
 
 [Peer]
 #Name = Hermes
-Endpoint = {{ MISC.Endpoint }}{% if MISC.ListenPort | default(false) %}:{{ MISC.ListenPort }} {%- endif %}
 PublicKey = {{ HERMES.PUB_KEY }}
 AllowedIPs = {{ HERMES.USER_WG_IP }}
-{% if HERMES.PersistentKeepalive | default(false) -%} PersistentKeepalive = {{ HERMES.PersistentKeepalive }} {%- endif %}
-
+PersistentKeepalive = 120
 
 {%- for peer in PEERS -%}
 {{ peer_entry(peer) }}

src/Hermes/ansible.py

@@ -72,7 +72,6 @@ def run_ansible(self):
                                        roles_path = self.ansible_roles,
                                        quiet = True,
                                        status_handler= status_handler)
-        print("ansible run")
         # Runner.event_handler -> na progress
         # Runner.finished_callback -> na end
     except Exception as e:

src/Hermes/linode.py

@@ -35,13 +35,13 @@ def linode_init(self):
     self.linode_create_promise = None
 
     try:
-        with open(config_predir["linode_wg_private_key_path"], "r") as wg_key_fh:
-            self.linode_wg_private_key = wg_key_fh.read()
+        with open(config_predir["linode_wireguard_private_key"], "r") as wg_key_fh:
+            self.linode_wireguard_private_key = wg_key_fh.read()
     except OSError as e:
         print(e)
     try:
-        with open(config_predir["linode_wg_private_key_path"] + ".pub", "r") as wg_key_fh:
-            self.linode_wg_public_key = wg_key_fh.read()
+        with open(config_predir["linode_wireguard_private_key"] + ".pub", "r") as wg_key_fh:
+            self.linode_wireguard_public_key = wg_key_fh.read()
     except OSError as e:
         print(e)
 

src/Hermes/on_.py

@@ -35,7 +35,6 @@ async def on_ready(self):
         self.stdout = self.get_channel(810599224718262304)
         self.guild = self.get_guild(716803899440234506)
         self.guild_snowflake = Object(716803899440234506)
-        self.setup_paramiko()
         self.db_ready_future = self.ready_database()
         await self.db_ready_future
 

src/Hermes/paramiko.py

@@ -19,6 +19,8 @@ def paramiko_init(self):
     self.SFTP_CHANNEL = None
     self.ssh_key = None
     self.ssh_pub_key = None
+    self.setup_paramiko()
+
 
 
 def setup_paramiko(self):
@@ -59,7 +61,7 @@ def paramiko_try_user(self, user):
                 str(self.linode_ip),
                 port=self.ssh_port,
                 username=user,
-                pkey=self.ssh_key,
+                key_filename=self.ssh_key,
                 auth_timeout=self.ssh_auth_timeout,
             )
         except Exception as e:
@@ -69,12 +71,13 @@ def paramiko_try_user(self, user):
     return status
 
 def paramiko_connect(self):
+    self.update_linode_data()
     try:
         self.SSH_CLIENT.connect(
             str(self.linode_ip),
             port=self.ssh_port,
             username=self.ssh_username,
-            pkey=self.ssh_key,
+            key_filename=self.ssh_key_path,
             auth_timeout=self.ssh_auth_timeout,
         )
     except Exception as e:
@@ -83,19 +86,20 @@ def paramiko_connect(self):
                 str(self.linode_ip),
                 port=self.ssh_port,
                 username='root',
-                pkey=self.ssh_key,
+                key_filename=self.ssh_key_path,
                 auth_timeout=self.ssh_auth_timeout,
             )
         except Exception as e:
             self.logger.warn(f"Could not connect to {str(self.linode_ip)}")
             return False
-    return True
+    return self.SSH_CLIENT
 
 def paramiko_open_sftp(self):
+    self.update_linode_data()
     try:
         self.SFTP_CHANNEL = self.SSH_CLIENT.open_sftp()
     except Exception as e:
         self.logger.warn(f"Could not connect to {str(self.linode_ip)}")
         return False
     else:
-        return True
+        return self.SFTP_CHANNEL

src/Hermes/wireguard.py

@@ -1,3 +1,4 @@
+from os.path import basename, dirname
 from time import time
 from ipaddress import ip_network
 import jinja2
@@ -19,8 +20,7 @@ def wireguard_init(self):
     sync_tree docstring
     """
     config_predir = self.config["Wireguard"]
-    self.wireguard_template_dir = config_predir["wireguard_template_dir"]
-    self.wireguard_target_wg_conf = config_predir["wireguard_target_wg_conf"]
+    self.wireguard_template = config_predir["wireguard_template"]
     self.wireguard_subnet = ip_network(config_predir["wireguard_subnet"])
     self.wireguard_port = config_predir.getint("wireguard_port")
     self.PersistentKeepalive = config_predir.getint("PersistentKeepalive")
@@ -64,7 +64,12 @@ async def update(self, interaction):
         """
         sync_tree docstring
         """
-        self.update_wireguard_conf()
+        if self.update_wireguard_conf():
+            await interaction.followup.send(
+                view=ActionOkV(label="Wireguard config updated"), ephemeral=True, silent=True)
+        else:
+            await interaction.followup.send(
+                view=ActionOkV(label="Could not update wireguard config", succes=False), ephemeral=True, silent=True)
 
     @app_commands.command()
     async def help(self, interaction):
@@ -183,31 +188,35 @@ async def generate_linode_wg_conf(self):
     """
     sync_tree docstring
     """
-    fs_loader = jinja2.FileSystemLoader(self.wireguard_template_dir)
+    fs_loader = jinja2.FileSystemLoader(dirname(self.wireguard_template))
     env = jinja2.Environment(loader=fs_loader)
-    template = env.get_template("Wireguard.conf")
+    template = env.get_template(basename(self.wireguard_template))
     wg_users = await self.read_wireguard_users()
 
-    host_config = {"Address": self.linode_ip, "PrivateKey": self.wireguard_private_key}
+    host_config = {"Address": self.linode_ip, "PrivateKey": self.linode_wireguard_private_key}
 
     misc = {"Endpoint": self.linode_ip, "ListenPort": self.wireguard_port}
 
     hermes = {
-        "PUB_KEY": self.wireguard_public_key,
+        "PUB_KEY": self.linode_wireguard_private_key,
         "USER_WG_IP": list(self.wireguard_subnet.hosts())[0],
         "PersistentKeepalive": self.PersistentKeepalive,
     }
 
     return template.render(HOST=host_config, HERMES=hermes, PEERS=wg_users, MISC=misc)
-
+# todo: LINODE HAS FIRST ADRESS, NOT HERMES
 async def update_wireguard_conf(self):  # raise errors
     """
     sync_tree docstring
     """
+    self.SSH_CLIENT = self.paramiko_connect()
+    self.SFTP_CHANNEL = self.paramiko_open_sftp()
+    if not self.SSH_CLIENT or not self.SFTP_CHANNEL:
+        return False 
     with self.SSH_CLIENT, self.SFTP_CHANNEL:
-        if not self.paramiko_connect() or not self.paramiko_open_sftp():
-            return False
-        with self.SFTP_CHANNEL.file(self.wireguard_target_wg_conf, mode="w") as fh:
+        with self.SFTP_CHANNEL.file('/etc/wireguard/linode.conf', mode="w") as fh:
             wg_conf_string = await self.generate_linode_wg_conf()
             fh.write(wg_conf_string)
         return True
+    return False
+#OnUCURuETqGGfeGNkYewSq5dsJd32WMIHz1nJPa0ZEw=