added support for dns configuration

halkeye · Jan 26, 2020 · c78b627 · c78b627
1 parent 55ea349
commit c78b627
Show file tree

Hide file tree

Showing 12 changed files with 2,650 additions and 2,057 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -36,4 +36,4 @@ COPY ./dex-web /dex-web
 COPY --from=boringtun /bin/boringtun /usr/local/bin/boringtun
 COPY --from=server /code/server /server
 COPY --from=website /code/build /website/build
-CMD /server
+ENTRYPOINT ["/server"]
diff --git a/README.md b/README.md
@@ -118,6 +118,10 @@ wireguard:
   externalAddress: ""
   // The WireGuard ListenPort
   port: 51820
+  // The DNS servers that VPN clients will be directed to use
+  dns:
+    - "1.1.1.1"
+    - "8.8.8.8"
 } `yaml:"wireguard"`
 vpn:
   // CIDR configures a network address space

diff --git a/demo.sh b/demo.sh
@@ -6,7 +6,14 @@
 # note that "WIREGUARD_PRIVATE_KEY" used in
 # this configuration is for the demo and clearly
 # not secure, please don't copy-paste it
-set -eou pipefail
+set -eo pipefail
+
+if [[ -z $1 ]]; then
+  echo "USAGE: $0 <path-to-config-file>"
+  exit 1
+fi
+
+CONFIG_FILE="$1"
 
 docker build -t place1/wireguard-access-server .
 
@@ -16,6 +23,7 @@ docker run \
   --name wg \
   --cap-add NET_ADMIN \
   --device /dev/net/tun:/dev/net/tun \
+  -v "$CONFIG_FILE:/config.yaml" \
   -p 8000:8000/tcp \
   -p 51820:51820/udp \
-  place1/wireguard-access-server
+  place1/wireguard-access-server --config /config.yaml
diff --git a/go.mod b/go.mod
@@ -12,8 +12,6 @@ require (
 	github.com/gorilla/handlers v1.4.2 // indirect
 	github.com/gorilla/mux v1.7.3
 	github.com/kylelemons/godebug v1.1.0 // indirect
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.1 // indirect
 	github.com/pkg/errors v0.8.1
 	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
 	github.com/prometheus/client_golang v1.2.1

diff --git a/internal/config/config.go b/internal/config/config.go
@@ -63,8 +63,7 @@ type AppConfig struct {
 		ExternalAddress string `yaml:"externalAddress`
 		// The WireGuard ListenPort
 		Port int `yaml:"port"`
-		// The DNS servers that VPN clients will be directed
-		// to use.
+		// The DNS servers that VPN clients will be directed to use
 		DNS []string `yaml:"dns"`
 	} `yaml:"wireguard"`
 	VPN struct {
@@ -176,6 +175,10 @@ func Read() *AppConfig {
 		logrus.Warn("storage directory not configured - using in-memory storage backend! wireguard devices will be lost when the process exits!")
 	}
 
+	if len(config.WireGuard.DNS) == 0 {
+		config.WireGuard.DNS = []string{"1.1.1.1", "8.8.8.8"}
+	}
+
 	return &config
 }
 

diff --git a/internal/services/devices.go b/internal/services/devices.go
@@ -2,8 +2,8 @@ package services
 
 import (
 	"fmt"
-	"os"
 	"net"
+	"os"
 	"sync"
 	"time"
 
@@ -69,7 +69,7 @@ func (d *DeviceManager) AddDevice(user string, name string, publicKey string) (*
 
 func (d *DeviceManager) ListDevices(user string) ([]*storage.Device, error) {
 	prefix := ""
-	if (user != "") {
+	if user != "" {
 		prefix = user + string(os.PathSeparator)
 	}
 	return d.storage.List(prefix)

diff --git a/internal/services/wireguard.go b/internal/services/wireguard.go
@@ -40,6 +40,7 @@ func NewWireGuard(iface string, privateKey string, port int, externalAddress str
 		iface:           iface,
 		port:            port,
 		externalAddress: externalAddress,
+		dns:             dns,
 		publicKey:       key.PublicKey(),
 	}
 	err = server.configure(func(config *wgtypes.Config) error {