rework update

2025-08-10 15:44:49 +02:00 · 2025-08-10 15:44:49 +02:00 · e1fccca2f4
commit e1fccca2f4
parent 58d70409b5
1 changed files with 0 additions and 218 deletions
--- a/install.sh
+++ b/install.sh
@ -295,8 +295,6 @@ get_custom_wireguard_details() {
    echo ""
    read -p "Allow direct access to server IP (bypass killswitch)? (Y/n): " -n 1 -r
    echo ""
        WG_DNS="1.1.1.1,1.0.0.1"
    fi
    # AllowedIPs
    read -p "Route all traffic through VPN? (Y/n): " -n 1 -r
@ -762,222 +760,6 @@ EOFAPP
    log "Backend installed"
 }
 #!/usr/bin/env python3
 from flask import Flask, request, jsonify, send_from_directory
 from flask_cors import CORS
 import subprocess
 import json
 import os
 import re
 import requests
 import time
 import logging
 from pathlib import Path
 app = Flask(__name__)
 CORS(app)
 # Setup logging
 logging.basicConfig(
    level=logging.INFO,
    format='%(asctime)s - %(levelname)s - %(message)s',
    handlers=[
        logging.FileHandler('/var/log/vpn-gateway.log'),
        logging.StreamHandler()
    ]
 )
 MULLVAD_SERVERS = {}
 LAST_SERVER_UPDATE = 0
 VPN_STATUS = {
    'connected': False,
    'server': None,
    'ip': None,
    'location': None,
    'start_time': None
 }
 def update_mullvad_servers():
    global MULLVAD_SERVERS, LAST_SERVER_UPDATE
    try:
        response = requests.get('https://api.mullvad.net/www/relays/all/', timeout=10)
        servers = response.json()
        organized = {}
        for server in servers:
            if server.get('type') == 'wireguard' and server.get('active'):
                country = server.get('country_name', 'Unknown')
                city = server.get('city_name', 'Unknown')
                if country not in organized:
                    organized[country] = {}
                if city not in organized[country]:
                    organized[country][city] = []
                organized[country][city].append({
                    'hostname': server['hostname'],
                    'ipv4': server['ipv4_addr_in'],
                    'type': 'WireGuard'
                })
        global MULLVAD_SERVERS
        MULLVAD_SERVERS = organized
        LAST_SERVER_UPDATE = time.time()
        return True
    except Exception as e:
        logging.error(f"Failed to update servers: {e}")
        return False
 def generate_wireguard_config(server_hostname):
    try:
        server_info = None
        for country in MULLVAD_SERVERS.values():
            for city in country.values():
                for server in city:
                    if server['hostname'] == server_hostname:
                        server_info = server
                        break
        if not server_info:
            return False
        with open('/etc/wireguard/mullvad_private.key', 'r') as f:
            private_key = f.read().strip()
        # Mullvad public key
        mullvad_pubkey = "g+9JNZp3SvLPvBb+PzXHyOPHhqNiUdATrz1YdNEPvWo="
        config = f"""[Interface]
 PrivateKey = {private_key}
 Address = 10.64.0.2/32,fc00:bbbb:bbbb:bb01::2/128
 DNS = 100.64.0.1
 PreUp = iptables -F OUTPUT
 PreUp = iptables -F FORWARD
 PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
 PostUp = iptables -I FORWARD -i __LAN_INTERFACE__ -o %i -j ACCEPT
 PostUp = iptables -t nat -A POSTROUTING -o %i -j MASQUERADE
 PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
 PostDown = iptables -t nat -D POSTROUTING -o %i -j MASQUERADE
 [Peer]
 PublicKey = {mullvad_pubkey}
 AllowedIPs = 0.0.0.0/0,::/0
 Endpoint = {server_info['ipv4']}:51820
 PersistentKeepalive = 25
 """
        # Add firewall exception for this server
        subprocess.run([
            'iptables', '-I', 'OUTPUT', '1', '-p', 'udp',
            '--dport', '51820', '-d', server_info['ipv4'], '-j', 'ACCEPT'
        ])
        with open('/etc/wireguard/wg0.conf', 'w') as f:
            f.write(config)
        os.chmod('/etc/wireguard/wg0.conf', 0o600)
        return True
    except Exception as e:
        logging.error(f"Failed to generate config: {e}")
        return False
 def check_vpn_status():
    global VPN_STATUS
    try:
        result = subprocess.run(['wg', 'show', 'wg0'], capture_output=True, text=True)
        if result.returncode == 0:
            VPN_STATUS['connected'] = True
            # Get public IP
            try:
                response = requests.get('https://am.i.mullvad.net/json', timeout=5)
                data = response.json()
                VPN_STATUS['ip'] = data.get('ip')
                VPN_STATUS['location'] = f"{data.get('city')}, {data.get('country')}"
            except:
                pass
        else:
            VPN_STATUS['connected'] = False
            VPN_STATUS['server'] = None
            VPN_STATUS['ip'] = None
            VPN_STATUS['location'] = None
    except:
        VPN_STATUS['connected'] = False
@app.route('/')
 def index():
    return send_from_directory('__INSTALL_DIR__/static', 'index.html')
@app.route('/api/servers')
 def get_servers():
    global LAST_SERVER_UPDATE
    if time.time() - LAST_SERVER_UPDATE > 3600:
        update_mullvad_servers()
    return jsonify({'servers': MULLVAD_SERVERS})
@app.route('/api/status')
 def get_status():
    check_vpn_status()
    uptime = None
    if VPN_STATUS['connected'] and VPN_STATUS['start_time']:
        uptime_seconds = int(time.time() - VPN_STATUS['start_time'])
        hours = uptime_seconds // 3600
        minutes = (uptime_seconds % 3600) // 60
        uptime = f"{hours}h {minutes}m"
    return jsonify({
        'connected': VPN_STATUS['connected'],
        'server': VPN_STATUS['server'],
        'ip': VPN_STATUS['ip'],
        'location': VPN_STATUS['location'],
        'uptime': uptime
    })
@app.route('/api/connect', methods=['POST'])
 def connect_vpn():
    data = request.json
    server = data.get('server')
    try:
        subprocess.run(['wg-quick', 'down', 'wg0'], capture_output=True)
        if not generate_wireguard_config(server):
            return jsonify({'success': False, 'error': 'Failed to generate config'})
        result = subprocess.run(['wg-quick', 'up', 'wg0'], capture_output=True, text=True)
        if result.returncode == 0:
            VPN_STATUS['start_time'] = time.time()
            VPN_STATUS['server'] = server
            return jsonify({'success': True})
        else:
            return jsonify({'success': False, 'error': result.stderr})
    except Exception as e:
        return jsonify({'success': False, 'error': str(e)})
@app.route('/api/disconnect', methods=['POST'])
 def disconnect_vpn():
    try:
        result = subprocess.run(['wg-quick', 'down', 'wg0'], capture_output=True, text=True)
        VPN_STATUS['start_time'] = None
        return jsonify({'success': result.returncode == 0})
    except Exception as e:
        return jsonify({'success': False, 'error': str(e)})
 if __name__ == '__main__':
    update_mullvad_servers()
    app.run(host='0.0.0.0', port=5000)
 EOFAPP
    # Replace placeholders
    sed -i "s|__LAN_INTERFACE__|$LAN_INTERFACE|g" "$INSTALL_DIR/app.py"
    sed -i "s|__INSTALL_DIR__|$INSTALL_DIR|g" "$INSTALL_DIR/app.py"
    log "Backend installed"
 }
 # Setup nginx (placeholder function)
 setup_nginx() {