299 lines
No EOL
8.3 KiB
Bash
299 lines
No EOL
8.3 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
function cmd::net::on_load() {
|
|
flag::register --name
|
|
flag::register --ip
|
|
flag::register --port
|
|
flag::register --desc
|
|
flag::register --tag
|
|
flag::register --detailed
|
|
flag::register --force
|
|
}
|
|
|
|
function cmd::net::help() {
|
|
cat <<EOF
|
|
Usage: wgctl net <subcommand> [options]
|
|
|
|
Manage named network services for use with block/allow rules.
|
|
Services map names to IPs and ports, making rules more readable.
|
|
|
|
Subcommands:
|
|
list List all services
|
|
show --name <name> Show service details
|
|
add --name <name> --ip <ip> Add a service
|
|
add --name <svc:port-name> --port <port:proto>
|
|
Add a port to a service
|
|
rm --name <name> Remove service or port
|
|
rm --name <svc:ports> Remove all ports from service
|
|
|
|
Options for add (service):
|
|
--name <name> Service name (e.g. proxmox)
|
|
--ip <ip> Service IP address
|
|
--desc <description> Optional description
|
|
--tag <tag> Optional tag (repeatable)
|
|
|
|
Options for add (port):
|
|
--name <svc:port-name> Service:port-name (e.g. proxmox:web-ui)
|
|
--port <port:proto> Port and protocol (e.g. 8006:tcp)
|
|
--desc <description> Optional description
|
|
|
|
Options for list:
|
|
--detailed Show ports for each service
|
|
--tag <tag> Filter by tag
|
|
|
|
Examples:
|
|
wgctl net list
|
|
wgctl net list --detailed
|
|
wgctl net list --tag admin
|
|
wgctl net show --name proxmox
|
|
wgctl net add --name proxmox --ip 10.0.0.100 --desc "Proxmox VE"
|
|
wgctl net add --name proxmox:web-ui --port 8006:tcp --desc "Web UI"
|
|
wgctl net add --name proxmox:ssh --port 22:tcp
|
|
wgctl net rm --name proxmox:web-ui
|
|
wgctl net rm --name proxmox:ports
|
|
wgctl net rm --name proxmox
|
|
EOF
|
|
}
|
|
|
|
function cmd::net::run() {
|
|
local subcmd="${1:-list}"
|
|
shift || true
|
|
case "$subcmd" in
|
|
list) cmd::net::list "$@" ;;
|
|
show) cmd::net::show "$@" ;;
|
|
add) cmd::net::add "$@" ;;
|
|
rm|remove|del) cmd::net::rm "$@" ;;
|
|
help) cmd::net::help ;;
|
|
*)
|
|
log::error "Unknown subcommand: '${subcmd}'"
|
|
cmd::net::help
|
|
return 1 ;;
|
|
esac
|
|
}
|
|
|
|
# ============================================
|
|
# List
|
|
# ============================================
|
|
|
|
function cmd::net::list() {
|
|
local detailed=false filter_tag=""
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--detailed) detailed=true; shift ;;
|
|
--tag) filter_tag="$2"; shift 2 ;;
|
|
--help) cmd::net::help; return ;;
|
|
*) log::error "Unknown flag: $1"; return 1 ;;
|
|
esac
|
|
done
|
|
|
|
local net_file
|
|
net_file="$(ctx::net)"
|
|
|
|
if [[ ! -f "$net_file" ]]; then
|
|
log::wg_warning "No services configured. Use 'wgctl net add' to add one."
|
|
return 0
|
|
fi
|
|
|
|
log::section "Network Services"
|
|
printf "\n %-20s %-16s %-6s %s\n" "NAME" "IP" "PORTS" "DESCRIPTION"
|
|
local divider
|
|
divider=$(printf '─%.0s' {1..72})
|
|
printf " %s\n" "$divider"
|
|
|
|
local found=false
|
|
while IFS="|" read -r name ip desc tags ports; do
|
|
[[ -z "$name" ]] && continue
|
|
|
|
# Tag filter
|
|
if [[ -n "$filter_tag" ]]; then
|
|
[[ "$tags" != *"$filter_tag"* ]] && continue
|
|
fi
|
|
|
|
found=true
|
|
local tag_display=""
|
|
[[ -n "$tags" ]] && tag_display=" \033[0;37m[${tags}]\033[0m"
|
|
|
|
printf " %-20s %-16s %-6s %s%b\n" \
|
|
"$name" "$ip" "${ports}p" "${desc:-—}" "$tag_display"
|
|
|
|
if $detailed; then
|
|
local has_ports=false
|
|
# Show ports inline
|
|
while IFS="|" read -r ptype pname pport pproto pdesc; do
|
|
[[ "$ptype" != "port" ]] && continue
|
|
has_ports=true
|
|
local ann
|
|
ann=$(net::annotation "$ip" "$pport" "$pproto")
|
|
printf " \033[0;37m%-18s %s:%s%s\033[0m\n" \
|
|
"${pname}" "$pport" "$pproto" \
|
|
"${pdesc:+ # $pdesc}"
|
|
done < <(json::net_show "$net_file" "$name")
|
|
$has_ports && printf "\n" # newline after each service with ports
|
|
fi
|
|
|
|
done < <(json::net_list "$net_file")
|
|
|
|
if ! $found; then
|
|
[[ -n "$filter_tag" ]] && \
|
|
log::wg_warning "No services with tag: ${filter_tag}" || \
|
|
log::wg_warning "No services configured"
|
|
fi
|
|
|
|
printf "\n"
|
|
return 0
|
|
}
|
|
|
|
# ============================================
|
|
# Show
|
|
# ============================================
|
|
|
|
function cmd::net::show() {
|
|
local name=""
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--name) util::require_flag "--name" "${2:-}" || return 1
|
|
name="$2"; shift 2 ;;
|
|
--help) cmd::net::help; return ;;
|
|
*) log::error "Unknown flag: $1"; return 1 ;;
|
|
esac
|
|
done
|
|
|
|
[[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
|
|
net::require_exists "$name" || return 1
|
|
|
|
log::section "Service: ${name}"
|
|
printf "\n"
|
|
|
|
while IFS="|" read -r key val1 val2 val3 val4; do
|
|
case "$key" in
|
|
name) ui::row "Name" "$val1" ;;
|
|
ip) ui::row "IP" "$val1" ;;
|
|
desc) ui::row "Description" "${val1:-—}" ;;
|
|
tags) ui::row "Tags" "${val1:-—}" ;;
|
|
port)
|
|
# val1=port_name val2=port val3=proto val4=desc
|
|
local ann
|
|
ann=$(net::annotation "$(json::net_resolve "$(ctx::net)" "$name")" \
|
|
"$val2" "$val3" 2>/dev/null || true)
|
|
printf " %-20s \033[0;36m%s\033[0m %s:%s%s\n" \
|
|
"${val1}:" "" "$val2" "$val3" \
|
|
"${val4:+ # $val4}"
|
|
;;
|
|
esac
|
|
done < <(json::net_show "$(ctx::net)" "$name")
|
|
|
|
printf "\n"
|
|
return 0
|
|
}
|
|
|
|
# ============================================
|
|
# Add
|
|
# ============================================
|
|
|
|
function cmd::net::add() {
|
|
local name="" ip="" port="" desc="" tags=()
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--name) util::require_flag "--name" "${2:-}" || return 1
|
|
name="$2"; shift 2 ;;
|
|
--ip) ip="$2"; shift 2 ;;
|
|
--port) port="$2"; shift 2 ;;
|
|
--desc) desc="$2"; shift 2 ;;
|
|
--tag) tags+=("$2"); shift 2 ;;
|
|
--help) cmd::net::help; return ;;
|
|
*) log::error "Unknown flag: $1"; return 1 ;;
|
|
esac
|
|
done
|
|
|
|
[[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
|
|
|
|
if [[ "$name" == *:* ]]; then
|
|
# Port mode: proxmox:web-ui
|
|
local svc_name="${name%%:*}"
|
|
local port_name="${name##*:}"
|
|
|
|
[[ -z "$port" ]] && log::error "Missing required flag: --port" && return 1
|
|
net::require_exists "$svc_name" || return 1
|
|
|
|
local port_num proto
|
|
if [[ "$port" == *:* ]]; then
|
|
port_num="${port%%:*}"
|
|
proto="${port##*:}"
|
|
else
|
|
port_num="$port"
|
|
proto="tcp"
|
|
fi
|
|
|
|
json::net_add_port "$(ctx::net)" "$svc_name" "$port_name" \
|
|
"$port_num" "$proto" "$desc"
|
|
|
|
log::wg_success "Added port: ${svc_name}:${port_name} → ${port_num}/${proto}"
|
|
else
|
|
# Service mode: proxmox
|
|
[[ -z "$ip" ]] && log::error "Missing required flag: --ip" && return 1
|
|
|
|
local tags_str
|
|
tags_str=$(IFS=','; echo "${tags[*]}")
|
|
|
|
json::net_add_service "$(ctx::net)" "$name" "$ip" "$desc" "$tags_str"
|
|
|
|
log::wg_success "Service added: ${name} → ${ip}"
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# ============================================
|
|
# Remove
|
|
# ============================================
|
|
|
|
function cmd::net::rm() {
|
|
local name="" force=false
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--name) util::require_flag "--name" "${2:-}" || return 1
|
|
name="$2"; shift 2 ;;
|
|
--force) force=true; shift ;;
|
|
--help) cmd::net::help; return ;;
|
|
*) log::error "Unknown flag: $1"; return 1 ;;
|
|
esac
|
|
done
|
|
|
|
[[ -z "$name" ]] && log::error "Missing required flag: --name" && return 1
|
|
|
|
# Validate existence
|
|
if [[ "$name" == *:* ]]; then
|
|
local svc_name="${name%%:*}"
|
|
local port_name="${name##*:}"
|
|
if [[ "$port_name" != "ports" ]]; then
|
|
# Check specific port exists
|
|
local exists
|
|
exists=$(json::net_exists "$(ctx::net)" "$name")
|
|
if [[ "$exists" != "true" ]]; then
|
|
log::error "Port not found: ${name}"
|
|
return 1
|
|
fi
|
|
else
|
|
net::require_exists "$svc_name" || return 1
|
|
fi
|
|
else
|
|
net::require_exists "$name" || return 1
|
|
fi
|
|
|
|
if ! $force; then
|
|
local what="service '${name}'"
|
|
[[ "$name" == *:ports ]] && what="all ports from '${name%%:*}'"
|
|
[[ "$name" == *:* && "$name" != *:ports ]] && what="port '${name}'"
|
|
read -r -p "Remove ${what}? [y/N] " confirm
|
|
case "$confirm" in
|
|
[yY]*) ;;
|
|
*) log::info "Aborted"; return 0 ;;
|
|
esac
|
|
fi
|
|
|
|
json::net_remove "$(ctx::net)" "$name"
|
|
log::wg_success "Removed: ${name}"
|
|
return 0
|
|
} |