1 common = require("cjdns/common")
7 --- Return the configuration defaults as a table suitable for JSON output
9 -- Mostly taken from cjdroute --genconf
10 -- @return table with configuration defaults
11 function UCI.defaults()
14 { setuser = "nobody", keepNetAdmin = 1 },
15 { chroot = "/var/run/" },
23 ipTunnel = { outgoingConnections = {}, allowedConnections = {} },
24 interface = { type = "TUNInterface" }
26 interfaces = { UDPInterface = {}, ETHInterface = {} },
27 authorizedPasswords = {},
28 logging = { logTo = "stdout" }
32 --- Return the cjdns configuration as a table suitable for JSON output
34 -- Iterates over cjdns, eth_interface, udp_interface, eth_peer, udp_peer,
35 -- and password sections. Doesn't include IPTunnel related options yet.
36 -- @return table with cjdns configuration
38 local obj = UCI.defaults()
40 local cursor = uci.cursor()
42 local config = cursor:get_all("cjdns", "cjdns")
43 if not config then return obj end
45 obj.ipv6 = config.ipv6
46 obj.publicKey = config.public_key
47 obj.privateKey = config.private_key
49 bind = config.admin_address .. ":" .. config.admin_port,
50 password = config.admin_password }
52 if config.tun_device and string.len(config.tun_device) > 0 then
53 obj.router.interface.tunDevice = config.tun_device
56 cursor:foreach("cjdns", "supernodes", function(supernodes)
57 table.insert(obj.router.supernodes, supernodes.public_key)
60 for i,section in pairs(obj.security) do
61 if type(section.seccomp) == "number" then
62 obj.security[i].seccomp = tonumber(config.seccomp)
66 cursor:foreach("cjdns", "iptunnel_outgoing", function(outgoing)
67 table.insert(obj.router.ipTunnel.outgoingConnections, outgoing.public_key)
70 cursor:foreach("cjdns", "iptunnel_allowed", function(allowed)
71 entry = { publicKey = allowed.public_key }
73 entry["ip4Address"] = allowed.ipv4
76 entry["ip6Address"] = allowed.ipv6
78 table.insert(obj.router.ipTunnel.allowedConnections, entry)
81 cursor:foreach("cjdns", "eth_interface", function(eth_interface)
82 table.insert(obj.interfaces.ETHInterface, {
83 bind = eth_interface.bind,
84 beacon = tonumber(eth_interface.beacon),
89 cursor:foreach("cjdns", "udp_interface", function(udp_interface)
90 table.insert(obj.interfaces.UDPInterface, {
91 bind = udp_interface.address .. ":" .. udp_interface.port,
96 cursor:foreach("cjdns", "eth_peer", function(eth_peer)
97 if not eth_peer.address == "" then
98 local i = tonumber(eth_peer.interface)
99 obj.interfaces.ETHInterface[i].connectTo[eth_peer.address] = {
100 publicKey = eth_peer.public_key,
101 password = eth_peer.password
106 cursor:foreach("cjdns", "udp_peer", function(udp_peer)
107 local bind = udp_peer.address .. ":" .. udp_peer.port
108 local i = tonumber(udp_peer.interface)
109 obj.interfaces.UDPInterface[i].connectTo[bind] = {
110 user = udp_peer.user,
111 publicKey = udp_peer.public_key,
112 password = udp_peer.password
116 cursor:foreach("cjdns", "password", function(password)
117 table.insert(obj.authorizedPasswords, {
118 password = password.password,
119 user = password.user,
120 contact = password.contact
127 --- Parse and save updated configuration from JSON input
129 -- Transforms general settings, ETHInterface, UDPInterface, connectTo, and
130 -- authorizedPasswords fields into UCI sections, and replaces the UCI config's
131 -- contents with them.
132 -- @param table JSON input
133 -- @return Boolean whether saving succeeded
134 function UCI.set(obj)
135 local cursor = uci.cursor()
137 for i, section in pairs(cursor:get_all("cjdns")) do
138 cursor:delete("cjdns", section[".name"])
141 local admin_address, admin_port = string.match(obj.admin.bind, "^(.*):(.*)$")
142 UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
144 public_key = obj.publicKey,
145 private_key = obj.privateKey,
146 admin_password = obj.admin.password,
147 admin_address = admin_address,
148 admin_port = admin_port
151 if obj.router.interface.tunDevice then
152 UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
153 tun_device = tostring(obj.router.interface.tunDevice)
158 for i,section in pairs(obj.security) do
159 for key,value in pairs(section) do
160 if key == "seccomp" then
161 UCI.cursor_section(cursor, "cjdns", "cjdns", "cjdns", {
162 seccomp = tonumber(value)
169 if obj.router.ipTunnel.outgoingConnections then
170 for i,public_key in pairs(obj.router.ipTunnel.outgoingConnections) do
171 UCI.cursor_section(cursor, "cjdns", "iptunnel_outgoing", nil, {
172 public_key = public_key
177 if obj.router.ipTunnel.allowedConnections then
178 for i,allowed in pairs(obj.router.ipTunnel.allowedConnections) do
179 entry = { public_key = allowed.publicKey }
180 if allowed.ip4Address then
181 entry["ipv4"] = allowed.ip4Address
183 if allowed.ip6Address then
184 entry["ipv6"] = allowed.ip6Address
187 UCI.cursor_section(cursor, "cjdns", "iptunnel_allowed", nil, entry)
191 if obj.interfaces.ETHInterface then
192 for i,interface in pairs(obj.interfaces.ETHInterface) do
193 UCI.cursor_section(cursor, "cjdns", "eth_interface", nil, {
194 bind = interface.bind,
195 beacon = tostring(interface.beacon)
198 if interface.connectTo then
199 for peer_address,peer in pairs(interface.connectTo) do
200 UCI.cursor_section(cursor, "cjdns", "eth_peer", nil, {
202 address = peer_address,
203 public_key = peer.publicKey,
204 password = peer.password
211 if obj.interfaces.UDPInterface then
212 for i,interface in pairs(obj.interfaces.UDPInterface) do
213 local address, port = string.match(interface.bind, "^(.*):(.*)$")
214 UCI.cursor_section(cursor, "cjdns", "udp_interface", nil, {
219 if interface.connectTo then
220 for peer_bind,peer in pairs(interface.connectTo) do
221 local peer_address, peer_port = string.match(peer_bind, "^(.*):(.*)$")
222 UCI.cursor_section(cursor, "cjdns", "udp_peer", nil, {
224 address = peer_address,
227 public_key = peer.publicKey,
228 password = peer.password
235 if obj.authorizedPasswords then
236 for i,password in pairs(obj.authorizedPasswords) do
237 local user = password.user
238 if not user or string.len(user) == 0 then
239 user = "user-" .. UCI.random_string(6)
242 UCI.cursor_section(cursor, "cjdns", "password", nil, {
243 password = password.password,
245 contact = password.contact
250 return cursor:save("cjdns")
253 --- Simple backport of Cursor:section from luci.model.uci
255 -- Backport reason: we don't wanna depend on LuCI.
256 -- @param Cursor the UCI cursor to operate on
257 -- @param string name of the config
258 -- @param string type of the section
259 -- @param string name of the section (optional)
260 -- @param table config values
261 function UCI.cursor_section(cursor, config, type, section, values)
263 cursor:set(config, section, type)
265 section = cursor:add("cjdns", type)
268 for k,v in pairs(values) do
269 cursor:set(config, section, k, v)
273 function UCI.makeInterface()
274 local cursor = uci.cursor()
276 local config = cursor:get_all("cjdns", "cjdns")
277 if not config then return nil end
279 return common.AdminInterface.new({
280 host = config.admin_address,
281 port = config.admin_port,
282 password = config.admin_password,
288 function UCI.random_string(length)
289 -- tr -cd 'A-Za-z0-9' < /dev/urandom
290 local urandom = io.popen("tr -cd 'A-Za-z0-9' 2> /dev/null < /dev/urandom", "r")
291 local string = urandom:read(length)