77 lines
1.9 KiB
Markdown
77 lines
1.9 KiB
Markdown
# Wireguard Peer Manager
|
|
|
|
This is simple CURD for managing wireguard peer notations on a wireguard server config.
|
|
|
|
## Requirements
|
|
|
|
- Python 3.x
|
|
- `requests` library (for the client)
|
|
- WireGuard (`wg-quick` and `wg` commands must be available on the server)
|
|
|
|
## Server: wpm.py
|
|
|
|
### How to Run the Server
|
|
|
|
`python wpm.py`
|
|
|
|
### Endpoints
|
|
|
|
GET /peers: List all peers.
|
|
POST /peers: Add a new peer.
|
|
PUT /peers/<PublicKey>: Update an existing peer.
|
|
DELETE /peers/<PublicKey>: Delete an existing peer.
|
|
POST /restore: Restore the WireGuard configuration from a backup.
|
|
|
|
|
|
## Client: wpm_client.py
|
|
|
|
The client script allows interaction with the WireGuard Peer Management API.
|
|
|
|
### Usage
|
|
|
|
|
|
python wpm_client.py <action> [options]
|
|
|
|
### Available Actions
|
|
|
|
create: Create a new peer.
|
|
Required options: --public-key, --allowed-ips
|
|
update: Update an existing peer.
|
|
Required options: --public-key, --allowed-ips
|
|
delete: Delete a peer by its public key.
|
|
Required options: --public-key
|
|
list: List all peers.
|
|
restore: Restore the WireGuard configuration from the most recent backup.
|
|
|
|
### Example Usage
|
|
|
|
List Peers:
|
|
|
|
python wpm_client.py list
|
|
|
|
Create a New Peer:
|
|
|
|
python wpm_client.py create --public-key "<peer-public-key>" --allowed-ips "10.0.0.2/32"
|
|
|
|
Update an Existing Peer:
|
|
|
|
python wpm_client.py update --public-key "<peer-public-key>" --allowed-ips "10.0.0.3/32"
|
|
|
|
Delete a Peer:
|
|
|
|
python wpm_client.py delete --public-key "<peer-public-key>"
|
|
|
|
Restore Configuration:
|
|
|
|
python wpm_client.py restore
|
|
|
|
|
|
### Backup and Restore
|
|
|
|
The server automatically creates a backup before making any changes to the WireGuard configuration. The backups are stored in the same directory as the configuration file, inside a backups/ folder.
|
|
|
|
You can restore the latest backup by sending a POST /restore request, which can be done using the client or via curl:
|
|
|
|
curl -X POST http://localhost:8000/restore
|
|
|