A feature to disable / enable single wireguard client configs

[shelleycat485]

Addresses #1111
Code like the delete, but comment out lines for the user in configs, wg0.conf instead of delete.
-dis or disable
-ena or enable
-ena -v will give a list of clients disabled
-dis -v will give a list of clients disabled

Tested OK on AWS Ubuntu 20.04 and AWS Ubuntu 18.04 AMD64. Have to do an apt-get update and apt-get upgrade before the install works. Tested creating client, connecting, disabling, enabling, multiple client create, client delete, -l and -c functions. For some reason installation has to be root on the AWS machines.
Also tested Rpi3+ Buster: getting Warning: The unit file, source configuration file or drop-ins of [email protected] changed on disk. Run 'systemctl daemon-reload' to reload units.

[orazioedoardo]

I've not tested this yet, however I would change the command line behavior:

• pivpn on to enable
• pivpn off to disable
• pivpn list shows disabled clients as well, instead of a separate command

-ena and -dis sound awkward.

[shelleycat485]

Will do

[shelleycat485]

Tested OK on pi4.

[orazioedoardo]

Old completion options.

[shelleycat485]

done

[orazioedoardo]

change instead of remove

[shelleycat485]

will do

[orazioedoardo]

When a cient is disabled, pivpn -c won't work as it reads /etc/wireguard/configs/clients.txt which gives no clue that it is indeed disabled. Perhaps the file should include the status of the client as the last number of the line "1" or 0" for example, which could be queried by pivpn on, pivpn off, pivpn list.

Example pivpn list:

::: Clients Summary :::
Client      Public key                                        Creation date                Status
user        PAcspHIYKQtWzZtHX4cLJvZhDEW9yuCFKBWA2XYvpBg=      05 Dec 2020, 13:50, GMT      Disabled

$ pivpn -c
::: Connected Clients List :::
/opt/pivpn/wireguard/clientSTAT.sh: line 49: [: : integer expression expected
numfmt: invalid number: ‘’
numfmt: invalid number: ‘’
Name        Remote IP      Virtual IP      Bytes Received      Bytes Sent      Last Seen
user                                                                           (not yet)

I would add parenthesis and a space to make the wg0.conf easier to read:

#[disabled] ### begin user ###
#[disabled] [Peer]
#[disabled] PublicKey = PAcspHIYKQtWzZtHX4cLJvZhDEW9yuCFKBWA2XYvpBg=
#[disabled] PresharedKey = tJvmkZlbErA4LztNj8/NJb0fwbwVmwG4UkQ2q/tTAL0=
#[disabled] AllowedIPs = 10.6.0.2/32
#[disabled] ### end user ###

[shelleycat485]

Will address this

[shelleycat485]

I've got a problem with the logic now -the pivpn -c command uses the wireguard config to get the information about the clients, but the disabled ones are not in that config file - they are not known to the wg0 service. So I don't see how to get the disabled clients listed on the connected clients command. I could do the same as the pivpn -l command when I add the disabled ones to the bottom of the list.

[shelleycat485]

all comments above addressed, tested on AWS Ubuntu 18.04 and 20.04.

[orazioedoardo]

Still getting an error on pivpn -c if all clients are disabled:

pi@raspberrypi:~ $ pivpn -c
::: Connected Clients List :::
/opt/pivpn/wireguard/clientSTAT.sh: line 49: [: : integer expression expected
numfmt: invalid number: ‘’
numfmt: invalid number: ‘’
Name       Remote IP      Virtual IP      Bytes Received      Bytes Sent      Last Seen
test1
test2                                                                         (not yet)
::: Disabled clients :::
[disabled]   test1 
[disabled]   test2

I've got a problem with the logic now -the pivpn -c command uses the wireguard config to get the information about the clients, but the disabled ones are not in that config file

I would have added the disabled status in the client.txt file #1186 (comment)

[shelleycat485]

Changed to all clients disabled working, tested on rpi3. I don't think that clients.txt needs changing as well the file already tracking the disabled. I dislike changing data in more than one place unless actually needed, and it will make the code more complicated.