wenil/amneziavpnphp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: ssh auth, protocol management, and cleanup

Browse Source
This commit is contained in:
infosave2007
2026-01-23 17:55:40 +03:00
parent 4995147bad
commit ea82b78a7d
70 changed files with 16225 additions and 986 deletions
Download Patch File Download Diff File Expand all files Collapse all files
scripts/api_protocol_smoketest.sh
+92
View File
@@ -0,0 +1,92 @@
#!/usr/bin/env bash
set -euo pipefail
PANEL_URL="${PANEL_URL:-http://localhost:8082}"
EMAIL="${EMAIL:-}"
PASSWORD="${PASSWORD:-}"
TOKEN="${TOKEN:-}"
SERVER_ID="${SERVER_ID:-1}"
PROTOCOL_ID="${PROTOCOL_ID:-}"
UNINSTALL_SLUG="${UNINSTALL_SLUG:-}"
CLIENT_NAME="${CLIENT_NAME:-smoke-client}"
CLIENT_LOGIN="${CLIENT_LOGIN:-smoke-client}"
SELFTEST="${SELFTEST:-1}"
DIAGNOSE="${DIAGNOSE:-1}"
if [[ -z "$TOKEN" ]]; then
if [[ -z "$EMAIL" || -z "$PASSWORD" ]]; then
echo "ERROR: set TOKEN or (EMAIL and PASSWORD)" >&2
exit 1
fi
echo "[1/6] Getting JWT token..." >&2
TOKEN="$(curl -fsS -X POST "$PANEL_URL/api/auth/token" -d "email=$EMAIL&password=$PASSWORD" | php -r '$j=json_decode(stream_get_contents(STDIN),true); echo $j["token"] ?? "";')"
fi
if [[ -z "$TOKEN" ]]; then
echo "ERROR: failed to obtain token" >&2
exit 1
fi
auth=(-H "Authorization: Bearer $TOKEN")
echo "[2/6] Listing active protocols..." >&2
curl -fsS "$PANEL_URL/api/protocols/active" "${auth[@]}" | cat
if [[ -n "$UNINSTALL_SLUG" ]]; then
echo "[3/6] Uninstalling protocol slug=$UNINSTALL_SLUG on server=$SERVER_ID ..." >&2
curl -fsS -X POST "$PANEL_URL/api/servers/$SERVER_ID/protocols/$UNINSTALL_SLUG/uninstall" "${auth[@]}" | cat
else
echo "[3/6] Skipping uninstall (set UNINSTALL_SLUG to run)." >&2
fi
if [[ -n "$PROTOCOL_ID" ]]; then
echo "[4/6] Installing protocol_id=$PROTOCOL_ID on server=$SERVER_ID ..." >&2
curl -fsS -X POST "$PANEL_URL/api/servers/$SERVER_ID/protocols/install" \
"${auth[@]}" \
-H "Content-Type: application/json" \
-d "{\"protocol_id\": $PROTOCOL_ID}" | cat
else
echo "[4/6] Skipping install (set PROTOCOL_ID to run)." >&2
fi
echo "[5/6] Creating client on server=$SERVER_ID (protocol_id=${PROTOCOL_ID:-auto})..." >&2
CREATE_PAYLOAD=$(php -r '$d=["server_id"=>(int)getenv("SERVER_ID"),"name"=>getenv("CLIENT_NAME"),"login"=>getenv("CLIENT_LOGIN")]; $pid=getenv("PROTOCOL_ID"); if($pid!==false && $pid!==""){$d["protocol_id"]= (int)$pid;} echo json_encode($d, JSON_UNESCAPED_SLASHES);')
RESP="$(curl -fsS -X POST "$PANEL_URL/api/clients/create" "${auth[@]}" -H "Content-Type: application/json" -d "$CREATE_PAYLOAD")"
echo "$RESP" | cat
CLIENT_ID=$(echo "$RESP" | php -r '$j=json_decode(stream_get_contents(STDIN),true); echo $j["client"]["id"] ?? "";')
if [[ -n "$CLIENT_ID" ]]; then
echo "[6/6] Fetching client details (includes stats sync)..." >&2
curl -fsS "$PANEL_URL/api/clients/$CLIENT_ID/details" "${auth[@]}" | cat
if [[ "$SELFTEST" == "1" ]]; then
echo >&2
echo "[selftest] Verifying generated config vs server wg0..." >&2
SELFTEST_PAYLOAD=$(php -r '$d=["protocol_id"=>getenv("PROTOCOL_ID")!==false && getenv("PROTOCOL_ID")!=="" ? (int)getenv("PROTOCOL_ID") : 0, "install"=>false, "create_client"=>false, "client_id"=>(int)getenv("CLIENT_ID")]; echo json_encode($d, JSON_UNESCAPED_SLASHES);')
SELFTEST_RESP=$(curl -fsS -X POST "$PANEL_URL/api/servers/$SERVER_ID/protocols/selftest" \
"${auth[@]}" \
-H "Content-Type: application/json" \
-d "$SELFTEST_PAYLOAD")
echo "$SELFTEST_RESP" | cat
if [[ "$DIAGNOSE" == "1" ]]; then
# If peer endpoint is none OR latest_handshake=0, run server-side diagnostics
NEED_DIAG=$(echo "$SELFTEST_RESP" | php -r '$j=json_decode(stream_get_contents(STDIN),true); $hs=$j["wg"]["peer"]["latest_handshake"] ?? null; $ep=$j["wg"]["peer"]["endpoint"] ?? null; echo ((string)$ep==="(none)" || (int)$hs===0) ? "1" : "0";')
if [[ "$NEED_DIAG" == "1" ]]; then
echo >&2
echo "[diagnose] Collecting server-side evidence (wg/ports/firewall/tcpdump)..." >&2
DIAG_PAYLOAD=$(php -r '$d=["client_id"=>(int)getenv("CLIENT_ID"),"duration_seconds"=>5]; echo json_encode($d, JSON_UNESCAPED_SLASHES);')
curl -fsS -X POST "$PANEL_URL/api/servers/$SERVER_ID/protocols/diagnose-handshake" \
"${auth[@]}" \
-H "Content-Type: application/json" \
-d "$DIAG_PAYLOAD" | cat
fi
fi
fi
else
echo "[6/6] No client id returned; skipping details." >&2
fi
echo >&2
echo "Done." >&2