Update Dockerfile

Feature/new awg docker container

client/configurators/wireguard_configurator.cpp

@@ -13,26 +13,29 @@
 #include <openssl/x509.h>
 
 #include "containers/containers_defs.h"
+#include "core/controllers/serverController.h"
 #include "core/scripts_registry.h"
 #include "core/server_defs.h"
-#include "core/controllers/serverController.h"
 #include "settings.h"
 #include "utilities.h"
 
 WireguardConfigurator::WireguardConfigurator(std::shared_ptr<Settings> settings, bool isAwg, QObject *parent)
     : ConfiguratorBase(settings, parent), m_isAwg(isAwg)
 {
-    m_serverConfigPath = m_isAwg ? amnezia::protocols::awg::serverConfigPath
+    m_serverConfigPath =
-                                              : amnezia::protocols::wireguard::serverConfigPath;
+            m_isAwg ? amnezia::protocols::awg::serverConfigPath : amnezia::protocols::wireguard::serverConfigPath;
-    m_serverPublicKeyPath = m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath
+    m_serverPublicKeyPath =
-                                                 : amnezia::protocols::wireguard::serverPublicKeyPath;
+            m_isAwg ? amnezia::protocols::awg::serverPublicKeyPath : amnezia::protocols::wireguard::serverPublicKeyPath;
-    m_serverPskKeyPath = m_isAwg ? amnezia::protocols::awg::serverPskKeyPath
+    m_serverPskKeyPath =
-                                              : amnezia::protocols::wireguard::serverPskKeyPath;
+            m_isAwg ? amnezia::protocols::awg::serverPskKeyPath : amnezia::protocols::wireguard::serverPskKeyPath;
-    m_configTemplate = m_isAwg ? ProtocolScriptType::awg_template
+    m_configTemplate = m_isAwg ? ProtocolScriptType::awg_template : ProtocolScriptType::wireguard_template;
-                                            : ProtocolScriptType::wireguard_template;
 
     m_protocolName = m_isAwg ? config_key::awg : config_key::wireguard;
     m_defaultPort = m_isAwg ? protocols::wireguard::defaultPort : protocols::awg::defaultPort;
+
+    m_interfaceName = m_isAwg ? protocols::awg::interfaceName : protocols::wireguard::interfaceName;
+    m_wgBinaryName = m_isAwg ? protocols::awg::wgBinaryName : protocols::wireguard::wgBinaryName;
+    m_wgQuickBinaryName = m_isAwg ? protocols::awg::wgQuickBinaryName : protocols::wireguard::wgQuickBinaryName;
 }
 
 WireguardConfigurator::ConnectionData WireguardConfigurator::genClientKeys()
@@ -84,6 +87,20 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
     ErrorCode e = ErrorCode::NoError;
     ServerController serverController(m_settings);
 
+    if (container == DockerContainer::Awg) {
+        if (serverController.isNewAwgContainer(credentials)) {
+            m_serverConfigPath = amnezia::protocols::awg::serverConfigPath;
+            m_interfaceName = protocols::awg::interfaceName;
+            m_wgBinaryName = protocols::awg::wgBinaryName;
+            m_wgQuickBinaryName = protocols::awg::wgQuickBinaryName;
+        } else {
+            m_serverConfigPath = "/opt/amnezia/awg/wg0.conf";
+            m_interfaceName = protocols::wireguard::interfaceName;
+            m_wgBinaryName = protocols::wireguard::wgBinaryName;
+            m_wgQuickBinaryName = protocols::wireguard::wgQuickBinaryName;
+        }
+    }
+
     // Get list of already created clients (only IP addresses)
     QString nextIpNumber;
     {
@@ -167,8 +184,8 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
         return connData;
     }
 
-    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'")
+    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c '%4 syncconf %2 <(%3 strip %1)'")
-                             .arg(m_serverConfigPath);
+                             .arg(m_serverConfigPath, m_interfaceName, m_wgQuickBinaryName, m_wgBinaryName);
 
     e = serverController.runScript(
             credentials, serverController.replaceVars(script, serverController.genVarsForScript(credentials, container)));
@@ -177,7 +194,8 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
 }
 
 QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
-                                                  const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode)
+                                                  const QJsonObject &containerConfig, QString &clientId,
+                                                  ErrorCode *errorCode)
 {
     ServerController serverController(m_settings);
     QString scriptData = amnezia::scriptData(m_configTemplate, container);

client/configurators/wireguard_configurator.h

@@ -44,6 +44,9 @@ private:
     amnezia::ProtocolScriptType m_configTemplate;
     QString m_protocolName;
     QString m_defaultPort;
+    QString m_interfaceName;
+    QString m_wgBinaryName;
+    QString m_wgQuickBinaryName;
 };
 
 #endif // WIREGUARD_CONFIGURATOR_H

client/core/controllers/serverController.cpp

@@ -881,7 +881,16 @@ ErrorCode ServerController::getAlreadyInstalledContainers(const ServerCredential
                     containerConfig.insert(config_key::transport_proto, transportProto);
 
                     if (protocol == Proto::Awg) {
-                        QString serverConfig = getTextFileFromContainer(container, credentials, protocols::awg::serverConfigPath, &errorCode);
+                        QString serverConfigPath;
+                        if (container == DockerContainer::Awg) {
+                            if (isNewAwgContainer(credentials)) {
+                                serverConfigPath = amnezia::protocols::awg::serverConfigPath;
+                            } else {
+                                serverConfigPath = "/opt/amnezia/awg/wg0.conf";
+                            }
+                        }
+
+                        QString serverConfig = getTextFileFromContainer(container, credentials, serverConfigPath, &errorCode);
 
                         QMap<QString, QString> serverConfigMap;
                         auto serverConfigLines = serverConfig.split("\n");
@@ -986,3 +995,24 @@ ErrorCode ServerController::getDecryptedPrivateKey(const ServerCredentials &cred
     auto error = m_sshClient.getDecryptedPrivateKey(credentials, decryptedPrivateKey, callback);
     return error;
 }
+
+bool ServerController::isNewAwgContainer(const ServerCredentials &credentials)
+{
+    QString stdOut;
+    auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
+        stdOut += data + "\n";
+        return ErrorCode::NoError;
+    };
+
+    auto cbReadStdErr = [&](const QString &data, libssh::Client &) {
+        stdOut += data + "\n";
+        return ErrorCode::NoError;
+    };
+
+    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c 'type awg'");
+
+    runScript(credentials, replaceVars(script, genVarsForScript(credentials, DockerContainer::Awg)), cbReadStdOut, cbReadStdErr);
+
+    return stdOut.contains("/usr/bin/awg");
+
+}

client/core/controllers/serverController.h

@@ -62,6 +62,8 @@ public:
     ErrorCode getDecryptedPrivateKey(const ServerCredentials &credentials, QString &decryptedPrivateKey,
                                      const std::function<QString()> &callback);
 
+    bool isNewAwgContainer(const ServerCredentials &credentials);
+
 private:
     ErrorCode installDockerWorker(const ServerCredentials &credentials, DockerContainer container);
     ErrorCode prepareHostWorker(const ServerCredentials &credentials, DockerContainer container,

client/protocols/protocols_defs.h

@@ -157,6 +157,9 @@ namespace amnezia
             constexpr char serverPublicKeyPath[] = "/opt/amnezia/wireguard/wireguard_server_public_key.key";
             constexpr char serverPskKeyPath[] = "/opt/amnezia/wireguard/wireguard_psk.key";
 
+            constexpr char interfaceName[] = "wg0";
+            constexpr char wgBinaryName[] = "wg";
+            constexpr char wgQuickBinaryName[] = "wg-quick";
         }
 
         namespace sftp
@@ -170,7 +173,7 @@ namespace amnezia
             constexpr char defaultPort[] = "55424";
             constexpr char defaultMtu[] = "1420";
 
-            constexpr char serverConfigPath[] = "/opt/amnezia/awg/wg0.conf";
+            constexpr char serverConfigPath[] = "/opt/amnezia/awg/awg0.conf";
             constexpr char serverPublicKeyPath[] = "/opt/amnezia/awg/wireguard_server_public_key.key";
             constexpr char serverPskKeyPath[] = "/opt/amnezia/awg/wireguard_psk.key";
 
@@ -183,6 +186,10 @@ namespace amnezia
             constexpr char defaultResponsePacketMagicHeader[] = "3288052141";
             constexpr char defaultTransportPacketMagicHeader[] = "2528465083";
             constexpr char defaultUnderloadPacketMagicHeader[] = "1766607858";
+
+            constexpr char interfaceName[] = "awg0";
+            constexpr char wgBinaryName[] = "awg";
+            constexpr char wgQuickBinaryName[] = "awg-quick";
         }
 
     } // namespace protocols

client/server_scripts/awg/Dockerfile

@@ -1,4 +1,4 @@
-FROM amneziavpn/amnezia-wg:latest
+FROM amneziavpn/amneziawg-go:0.2.4
 
 LABEL maintainer="AmneziaVPN"
 

client/server_scripts/awg/configure_container.sh

@@ -1,15 +1,15 @@
 mkdir -p /opt/amnezia/awg
 cd /opt/amnezia/awg
-WIREGUARD_SERVER_PRIVATE_KEY=$(wg genkey)
+WIREGUARD_SERVER_PRIVATE_KEY=$(awg genkey)
 echo $WIREGUARD_SERVER_PRIVATE_KEY > /opt/amnezia/awg/wireguard_server_private_key.key
 
-WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | wg pubkey)
+WIREGUARD_SERVER_PUBLIC_KEY=$(echo $WIREGUARD_SERVER_PRIVATE_KEY | awg pubkey)
 echo $WIREGUARD_SERVER_PUBLIC_KEY > /opt/amnezia/awg/wireguard_server_public_key.key
 
-WIREGUARD_PSK=$(wg genpsk)
+WIREGUARD_PSK=$(awg genpsk)
 echo $WIREGUARD_PSK > /opt/amnezia/awg/wireguard_psk.key
 
-cat > /opt/amnezia/awg/wg0.conf <<EOF
+cat > /opt/amnezia/awg/awg0.conf <<EOF
 [Interface]
 PrivateKey = $WIREGUARD_SERVER_PRIVATE_KEY
 Address = $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR

client/server_scripts/awg/start.sh

@@ -6,19 +6,19 @@ echo "Container startup"
 #ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up
 
 # kill daemons in case of restart
-wg-quick down /opt/amnezia/awg/wg0.conf
+awg-quick down /opt/amnezia/awg/awg0.conf
 
 # start daemons if configured
-if [ -f /opt/amnezia/awg/wg0.conf ]; then (wg-quick up /opt/amnezia/awg/wg0.conf); fi
+if [ -f /opt/amnezia/awg/awg0.conf ]; then (awg-quick up /opt/amnezia/awg/awg0.conf); fi
 
 # Allow traffic on the TUN interface.
-iptables -A INPUT -i wg0 -j ACCEPT
+iptables -A INPUT -i awg0 -j ACCEPT
-iptables -A FORWARD -i wg0 -j ACCEPT
+iptables -A FORWARD -i awg0 -j ACCEPT
-iptables -A OUTPUT -o wg0 -j ACCEPT
+iptables -A OUTPUT -o awg0 -j ACCEPT
 
 # Allow forwarding traffic only from the VPN.
-iptables -A FORWARD -i wg0 -o eth0 -s $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR -j ACCEPT
+iptables -A FORWARD -i awg0 -o eth0 -s $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR -j ACCEPT
-iptables -A FORWARD -i wg0 -o eth1 -s $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR -j ACCEPT
+iptables -A FORWARD -i awg0 -o eth1 -s $WIREGUARD_SUBNET_IP/$WIREGUARD_SUBNET_CIDR -j ACCEPT
 
 iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
 

client/ui/models/clientManagementModel.cpp

@@ -10,7 +10,8 @@ namespace
 {
     Logger logger("ClientManagementModel");
 
-    namespace configKey {
+    namespace configKey
+    {
         constexpr char clientId[] = "clientId";
         constexpr char clientName[] = "clientName";
         constexpr char container[] = "container";
@@ -61,7 +62,6 @@ void ClientManagementModel::migration(const QByteArray &clientsTableString)
 
         m_clientsTable.push_back(client);
     }
-
 }
 
 ErrorCode ClientManagementModel::updateModel(DockerContainer container, ServerCredentials credentials)
@@ -121,7 +121,8 @@ ErrorCode ClientManagementModel::updateModel(DockerContainer container, ServerCr
     return error;
 }
 
-ErrorCode ClientManagementModel::getOpenVpnClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count)
+ErrorCode ClientManagementModel::getOpenVpnClients(ServerController &serverController, DockerContainer container,
+                                                   ServerCredentials credentials, int &count)
 {
     ErrorCode error = ErrorCode::NoError;
     QString stdOut;
@@ -163,12 +164,13 @@ ErrorCode ClientManagementModel::getOpenVpnClients(ServerController &serverContr
     return error;
 }
 
-ErrorCode ClientManagementModel::getWireGuardClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count)
+ErrorCode ClientManagementModel::getWireGuardClients(ServerController &serverController, DockerContainer container,
+                                                     ServerCredentials credentials, int &count)
 {
     ErrorCode error = ErrorCode::NoError;
 
-    const QString wireGuardConfigFile =
+    const QString wireGuardConfigFile = DockerContainer::WireGuard ? amnezia::protocols::wireguard::serverConfigPath
-            QString("opt/amnezia/%1/wg0.conf").arg(container == DockerContainer::WireGuard ? "wireguard" : "awg");
+                                                                   : amnezia::protocols::awg::serverConfigPath;
     const QString wireguardConfigString =
             serverController.getTextFileFromContainer(container, credentials, wireGuardConfigFile, &error);
     if (error != ErrorCode::NoError) {
@@ -314,13 +316,16 @@ ErrorCode ClientManagementModel::revokeClient(const int row, const DockerContain
         QJsonArray containers = server.value(config_key::containers).toArray();
         for (auto i = 0; i < containers.size(); i++) {
             auto containerConfig = containers.at(i).toObject();
-            auto containerType = ContainerProps::containerFromString(containerConfig.value(config_key::container).toString());
+            auto containerType =
+                    ContainerProps::containerFromString(containerConfig.value(config_key::container).toString());
             if (containerType == container) {
                 QJsonObject protocolConfig;
                 if (container == DockerContainer::ShadowSocks || container == DockerContainer::Cloak) {
-                    protocolConfig = containerConfig.value(ContainerProps::containerTypeToString(DockerContainer::OpenVpn)).toObject();
+                    protocolConfig =
+                            containerConfig.value(ContainerProps::containerTypeToString(DockerContainer::OpenVpn)).toObject();
                 } else {
-                    protocolConfig = containerConfig.value(ContainerProps::containerTypeToString(containerType)).toObject();
+                    protocolConfig =
+                            containerConfig.value(ContainerProps::containerTypeToString(containerType)).toObject();
                 }
 
                 if (protocolConfig.value(config_key::last_config).toString().contains(clientId)) {
@@ -379,8 +384,17 @@ ErrorCode ClientManagementModel::revokeWireGuard(const int row, const DockerCont
     ErrorCode error;
     ServerController serverController(m_settings);
 
-    const QString wireGuardConfigFile =
+    QString wireGuardConfigFile;
-            QString("/opt/amnezia/%1/wg0.conf").arg(container == DockerContainer::WireGuard ? "wireguard" : "awg");
+    if (container == DockerContainer::Awg) {
+        if (serverController.isNewAwgContainer(credentials)) {
+            wireGuardConfigFile = amnezia::protocols::awg::serverConfigPath;
+        } else {
+            wireGuardConfigFile = "/opt/amnezia/awg/wg0.conf";
+        }
+    } else {
+        wireGuardConfigFile = amnezia::protocols::wireguard::serverConfigPath;
+    }
+
     const QString wireguardConfigString =
             serverController.getTextFileFromContainer(container, credentials, wireGuardConfigFile, &error);
     if (error != ErrorCode::NoError) {
@@ -425,7 +439,13 @@ ErrorCode ClientManagementModel::revokeWireGuard(const int row, const DockerCont
         return error;
     }
 
-    const QString script = "sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'";
+    QString interfaceName =
+            DockerContainer::WireGuard ? protocols::wireguard::interfaceName : protocols::awg::interfaceName;
+    QString wgBinaryName = DockerContainer::WireGuard ? protocols::wireguard::wgBinaryName : protocols::awg::wgBinaryName;
+    QString wgQuickBinaryName =
+            DockerContainer::WireGuard ? protocols::wireguard::wgQuickBinaryName : protocols::awg::wgQuickBinaryName;
+    QString script = QString("sudo docker exec -i $CONTAINER_NAME bash -c '%4 syncconf %2 <(%3 strip %1)'")
+                             .arg(wireGuardConfigFile, interfaceName, wgQuickBinaryName, wgBinaryName);
     error = serverController.runScript(
             credentials,
             serverController.replaceVars(script.arg(wireGuardConfigFile),