Optional generation Preshared Key when creating a new client.

config.go

@@ -28,13 +28,20 @@ type UserConfig struct {
 
 // ClientConfig represents a single client for a user
 type ClientConfig struct {
-	Name       string
-	PrivateKey string
-	PublicKey  string
-	IP         net.IP
-	Notes      string
-	Created    string
-	Modified   string
+	Name         string
+	PrivateKey   string
+	PublicKey    string
+	PresharedKey string
+	IP           net.IP
+	Notes        string
+	Created      string
+	Modified     string
+}
+
+// NewClient provides fields that should not be saved however is neccesary on creation of a new client
+type NewClient struct {
+	ClientConfig
+	GeneratePSK bool
 }
 
 // NewServerConfig creates and returns a reference to a new ServerConfig
@@ -93,20 +100,30 @@ func (cfg *ServerConfig) GetUserConfig(user string) *UserConfig {
 }
 
 // NewClientConfig initiates a new client, returning a reference to the new config
-func NewClientConfig(ip net.IP, Name, Notes string) *ClientConfig {
+func NewClientConfig(ip net.IP, Name, Notes string, generatePSK bool) *ClientConfig {
 	key, err := wgtypes.GeneratePrivateKey()
 	if err != nil {
 		log.Fatal(err)
 	}
 
+	psk := ""
+	if generatePSK {
+		pskey, err := wgtypes.GenerateKey()
+		if err != nil {
+			log.Fatal(err)
+		}
+		psk = pskey.String()
+	}
+
 	cfg := ClientConfig{
-		Name:       Name,
-		PrivateKey: key.String(),
-		PublicKey:  key.PublicKey().String(),
-		IP:         ip,
-		Notes:      Notes,
-		Created:    time.Now().Format(time.RFC3339),
-		Modified:   time.Now().Format(time.RFC3339),
+		Name:         Name,
+		PrivateKey:   key.String(),
+		PublicKey:    key.PublicKey().String(),
+		IP:           ip,
+		PresharedKey: psk,
+		Notes:        Notes,
+		Created:      time.Now().Format(time.RFC3339),
+		Modified:     time.Now().Format(time.RFC3339),
 	}
 
 	return &cfg

server.go

@@ -294,7 +294,7 @@ func (s *Server) configureWireGuard() error {
 		return err
 	}
 	currentpeers := currentdev.Peers
-	diffpeers := make([]wgtypes.PeerConfig, 0);
+	diffpeers := make([]wgtypes.PeerConfig, 0)
 
 	peers := make([]wgtypes.PeerConfig, 0)
 	for user, cfg := range s.Config.Users {
@@ -304,12 +304,14 @@ func (s *Server) configureWireGuard() error {
 				return err
 			}
 
+			psk, _ := wgtypes.ParseKey(dev.PresharedKey)
 			allowedIPs := make([]net.IPNet, 1)
 			allowedIPs[0] = *netlink.NewIPNet(dev.IP)
 			peer := wgtypes.PeerConfig{
 				PublicKey:         pubKey,
 				ReplaceAllowedIPs: true,
 				AllowedIPs:        allowedIPs,
+				PresharedKey:      &psk,
 			}
 
 			log.WithFields(log.Fields{"user": user, "client": id, "key": dev.PublicKey, "allowedIPs": peer.AllowedIPs}).Debug("Adding wireguard peer")
@@ -319,40 +321,39 @@ func (s *Server) configureWireGuard() error {
 	}
 
 	// Determine peers updated and to be removed from WireGuard
-	for _, i := range currentpeers{
+	for _, i := range currentpeers {
 		found := false
-		for _, j := range peers{
-			if (i.PublicKey == j.PublicKey){
+		for _, j := range peers {
+			if i.PublicKey == j.PublicKey {
 				found = true
 				j.UpdateOnly = true
 				diffpeers = append(diffpeers, j)
 				break
 			}
 		}
-		if (!found){
-			peertoremove :=  wgtypes.PeerConfig{
-				PublicKey : i.PublicKey,
-				Remove : true,
+		if !found {
+			peertoremove := wgtypes.PeerConfig{
+				PublicKey: i.PublicKey,
+				Remove:    true,
 			}
 			diffpeers = append(diffpeers, peertoremove)
 		}
 	}
 
 	// Determine peers to be added to WireGuard
-	for _, i := range peers{
+	for _, i := range peers {
 		found := false
-		for _, j := range currentpeers{
-			if (i.PublicKey == j.PublicKey){
+		for _, j := range currentpeers {
+			if i.PublicKey == j.PublicKey {
 				found = true
 				break
 			}
 		}
-		if (!found){
+		if !found {
 			diffpeers = append(diffpeers, i)
 		}
 	}
 
-
 	cfg := wgtypes.Config{
 		PrivateKey:   &key,
 		ListenPort:   wgListenPort,
@@ -537,6 +538,11 @@ func (s *Server) GetClient(w http.ResponseWriter, r *http.Request, ps httprouter
 		keepAlive = fmt.Sprint("PersistentKeepalive = ", *wgKeepAlive)
 	}
 
+	presharedKey := ""
+	if client.PresharedKey != "" {
+		presharedKey = fmt.Sprintf(`PresharedKey = %s`, client.PresharedKey)
+	}
+
 	configData := fmt.Sprintf(`[Interface]
 Address = %s
 PrivateKey = %s
@@ -547,7 +553,8 @@ PublicKey = %s
 AllowedIPs = %s
 Endpoint = %s
 %s
-`, client.IP.String(), client.PrivateKey, dns, s.Config.PublicKey, allowedIPs, *wgEndpoint, keepAlive)
+%s
+`, client.IP.String(), client.PrivateKey, dns, s.Config.PublicKey, allowedIPs, *wgEndpoint, keepAlive, presharedKey)
 
 	format := r.URL.Query().Get("format")
 
@@ -623,6 +630,8 @@ func (s *Server) EditClient(w http.ResponseWriter, r *http.Request, ps httproute
 		client.Notes = cfg.Notes
 	}
 
+	client.PresharedKey = cfg.PresharedKey
+
 	client.Modified = time.Now().Format(time.RFC3339)
 
 	s.reconfigure()
@@ -691,17 +700,17 @@ func (s *Server) CreateClient(w http.ResponseWriter, r *http.Request, ps httprou
 	}
 
 	decoder := json.NewDecoder(r.Body)
-	client := &ClientConfig{}
-	err := decoder.Decode(&client)
+	newclient := &NewClient{}
+	err := decoder.Decode(&newclient)
 	if err != nil {
 		log.Warn("Error parsing request: ", err)
 		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
 
-	if client.Name == "" {
+	if newclient.Name == "" {
 		log.Debugf("No clientName:using default: \"Unnamed Client\"")
-		client.Name = "Unnamed Client"
+		newclient.Name = "Unnamed Client"
 	}
 
 	i := 0
@@ -719,7 +728,7 @@ func (s *Server) CreateClient(w http.ResponseWriter, r *http.Request, ps httprou
 	i = i + 1
 
 	ip := s.allocateIP()
-	client = NewClientConfig(ip, client.Name, client.Notes)
+	client := NewClientConfig(ip, newclient.Name, newclient.Notes, newclient.GeneratePSK)
 	c.Clients[strconv.Itoa(i)] = client
 
 	s.reconfigure()

ui/package.json

@@ -22,8 +22,10 @@
         "@smui/button": "^1.0.0",
         "@smui/dialog": "^1.0.0",
         "@smui/fab": "^1.0.0",
+        "@smui/form-field": "^1.0.0",
         "@smui/icon-button": "^1.0.0",
         "@smui/paper": "^1.0.0",
+        "@smui/switch": "^1.0.0",
         "@smui/textfield": "^1.0.0",
         "@smui/top-app-bar": "^1.0.0",
         "babel-jest": "^24.9.0",

ui/src/EditClient.svelte

@@ -108,6 +108,8 @@
     <dd>{client.PrivateKey}</dd>
     <dt>Public Key</dt>
     <dd>{client.PublicKey}</dd>
+    <dt>Preshared Key</dt>
+    <dd>{client.PresharedKey}</dd>
   </dl>
 </div>
 

ui/src/NewClient.svelte

@@ -5,7 +5,8 @@
   import HelperText from '@smui/textfield/helper-text/index';
   import Button, {Group, GroupItem} from '@smui/button';
   import Paper, {Title, Subtitle, Content} from '@smui/paper';
-
+  import Switch from '@smui/switch';
+  import FormField from '@smui/form-field'
   import Cookie from "cookie-universal";
   import { onMount } from 'svelte';
   import { link, navigate } from "svelte-routing";
@@ -17,11 +18,13 @@
   let client = {};
   let clientName = "";
   let clientNotes = "";
+  let generatePSK = false;
   let deleteDialog;
 
   async function handleSubmit(event) {
     client.Name = clientName;
     client.Notes = clientNotes;
+    client.generatePSK = generatePSK;
     const res = await fetch(clientsUrl, {
       method: "POST",
       headers: {
@@ -78,7 +81,13 @@
       <Textfield input$id="notes" fullwidth textarea bind:value={clientNotes} label="Label" input$aria-controls="client-notes" input$aria-describedby="client-notes-help" />
       <HelperText id="client-notes-help">Notes about the client.</HelperText>
     </div>
-
+        <div class="margins">
+            <FormField  style="margin-bottom: 2em;">
+                <Switch bind:checked={generatePSK} />
+                <span slot="label">Generate a Pre-shared Key</span>
+            </FormField>
+        </div>
+
     <Button variant="raised"><Label>Create</Label></Button>
   </form>
 </div>