support for multiple prefixes and related fixes

.github/buildkitd.toml

@@ -1,2 +1,2 @@
 [worker.oci]
-  max-parallelism = 4
+max-parallelism = 4

.github/dependabot.yml

@@ -5,18 +5,18 @@ version: 2
 updates:
   - package-ecosystem: pip
     directory: /
-    schedule: {interval: monthly}
-    reviewers: [freifunkMUC/salt-stack]
-    assignees: [freifunkMUC/salt-stack]
+    schedule: { interval: monthly }
+    reviewers: [ freifunkMUC/salt-stack ]
+    assignees: [ freifunkMUC/salt-stack ]
 
   - package-ecosystem: github-actions
     directory: /
-    schedule: {interval: monthly}
-    reviewers: [freifunkMUC/salt-stack]
-    assignees: [freifunkMUC/salt-stack]
+    schedule: { interval: monthly }
+    reviewers: [ freifunkMUC/salt-stack ]
+    assignees: [ freifunkMUC/salt-stack ]
 
   - package-ecosystem: docker
     directory: /
-    schedule: {interval: monthly}
-    reviewers: [freifunkMUC/salt-stack]
-    assignees: [freifunkMUC/salt-stack]
+    schedule: { interval: monthly }
+    reviewers: [ freifunkMUC/salt-stack ]
+    assignees: [ freifunkMUC/salt-stack ]

.github/workflows/bazel.yml

@@ -1,6 +1,6 @@
 name: Bazel tests
 
-on: [push, pull_request]
+on: [ push, pull_request ]
 
 jobs:
   bazel-run:

.github/workflows/black.yml

@@ -1,6 +1,6 @@
 name: Lint
 
-on: [push, pull_request]
+on: [ push, pull_request ]
 
 jobs:
   lint:

.github/workflows/pylint.yml

@@ -1,12 +1,12 @@
-on: [push, pull_request]
+on: [ push, pull_request ]
 name: pylint
 jobs:
   gitHubActionForPylint:
     name: GitHub Action for pylint
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - name: GitHub Action for pylint
-      uses: cclauss/GitHub-Action-for-pylint@master
-      with:
-        args: pylint **/*.py
+      - uses: actions/checkout@v4
+      - name: GitHub Action for pylint
+        uses: cclauss/GitHub-Action-for-pylint@master
+        with:
+          args: pylint **/*.py

.gitignore

@@ -132,7 +132,6 @@ dmypy.json
 bazel-*
 
 # docker-compose
-.env
 docker-compose.override.yaml
 # docker-compose volumes
 /volumes
@@ -141,3 +140,6 @@ docker-compose.override.yaml
 
 # config file
 wgkex.yaml
+
+# pycharm project metadata
+.idea/

README.md

@@ -6,15 +6,14 @@
 - [WireGuard Key Exchange](#wireguard-key-exchange)
   * [Overview](#overview)
     + [Frontend broker](#frontend-broker)
-      - [POST /api/v1/wg/key/exchange](#post--api-v1-wg-key-exchange)
+      - [POST /api/v1/wg/key/exchange](#post-apiv1wgkeyexchange)
     + [Backend worker](#backend-worker)
   * [Installation](#installation)
   * [Configuration](#configuration)
-  * [Running the broker](#running-the-broker)
+  * [Running the broker](#running-the-broker-and-worker)
   * [Client usage](#client-usage)
   * [Contact](#contact)
 
-
 # WireGuard Key Exchange
 
 wgkex is a WireGuard key exchange and management tool designed and run by FFMUC.
@@ -75,7 +74,8 @@ Each worker must run on a machine with a unique hostname, as it is used for sepa
 This tool is intended to facilitate running BATMAN over VXLAN over WireGuard as a means to create encrypted
 high-performance mesh links.
 
-For further information, please see this [presentation on the architecture](https://www.slideshare.net/AnnikaWickert/ffmuc-goes-wild-infrastructure-recap-2020-rc3)
+For further information, please see
+this [presentation on the architecture](https://www.slideshare.net/AnnikaWickert/ffmuc-goes-wild-infrastructure-recap-2020-rc3)
 
 ## Installation
 
@@ -130,6 +130,7 @@ python3 -c 'from wgkex.worker.app import main; main()'
 ## Client usage
 
 The client can be used via CLI:
+
 ```
 $ wget -q  -O- --post-data='{"domain": "ffmuc_welt","public_key": "o52Ge+Rpj4CUSitVag9mS7pSXUesNM0ESnvj/wwehkg="}'   --header='Content-Type:application/json'   'http://127.0.0.1:5000/api/v1/wg/key/exchange'
 {
@@ -138,12 +139,13 @@ $ wget -q  -O- --post-data='{"domain": "ffmuc_welt","public_key": "o52Ge+Rpj4CUS
 ```
 
 Or via python:
+
 ```python
 import requests
 key_data = {"domain": "ffmuc_welt","public_key": "o52Ge+Rpj4CUSitVag9mS7pSXUesNM0ESnvj/wwehkg="}
 broker_url = "http://127.0.0.1:5000"
 push_key = requests.get(f'{broker_url}/api/v1/wg/key/exchange', json=key_data)
-print(f'Key push was: {push_key.json().get("Message")]}')
+print(f'Key push was: {push_key.json().get("Message")}')
 ```
 
 ### Worker
@@ -169,7 +171,6 @@ sudo ip link set wg-welt up
 sudo ip link set vx-welt up
 ```
 
-
 ## Contact
 
 [Freifunk Munich Mattermost](https://chat.ffmuc.net)

docker-compose.yml

@@ -9,19 +9,19 @@ services:
       - ./volumes/mosquitto/data:/mosquitto/data
       - ./volumes/mosquitto/log:/mosquitto/log
     ports:
-     - "9001:9001"
+      - "9001:9001"
 
   broker:
     image: ghcr.io/freifunkmuc/wgkex:latest
     command: broker
     restart: unless-stopped
     ports:
       - "5000:5000"
-    #volumes:
+      #volumes:
       #- ./config/broker/wgkex.yaml:/etc/wgkex.yaml
     environment:
-      WGKEX_DOMAINS: ${WGKEX_DOMAINS-ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt}
-      WGKEX_DOMAIN_PREFIX: ${WGKEX_DOMAIN_PREFIX-ffmuc_}
+      WGKEX_DOMAINS: ${WGKEX_DOMAINS-ffmuc_augsburg, ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt, ffwert_city, ffwert_events}
+      WGKEX_DOMAIN_PREFIXES: ${WGKEX_DOMAIN_PREFIXES-ffmuc_}
       WGKEX_DEBUG: ${WGKEX_DEBUG-DEBUG}
       MQTT_BROKER_URL: ${MQTT_BROKER_URL-mqtt}
       MQTT_BROKER_PORT: ${MQTT_BROKER_PORT-1883}
@@ -35,10 +35,10 @@ services:
     command: worker
     restart: unless-stopped
     #volumes:
-      #- ./config/worker/wgkex.yaml:/etc/wgkex.yaml
+    #- ./config/worker/wgkex.yaml:/etc/wgkex.yaml
     environment:
-      WGKEX_DOMAINS: ${WGKEX_DOMAINS-ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt}
-      WGKEX_DOMAIN_PREFIX: ${WGKEX_DOMAIN_PREFIX-ffmuc_}
+      WGKEX_DOMAINS: ${WGKEX_DOMAINS-ffmuc_augsburg, ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt, ffwert_city, ffwert_events}
+      WGKEX_DOMAIN_PREFIXES: ${WGKEX_DOMAIN_PREFIXES-ffmuc_}
       WGKEX_DEBUG: ${WGKEX_DEBUG-DEBUG}
       MQTT_BROKER_URL: ${MQTT_BROKER_URL-mqtt}
       MQTT_BROKER_PORT: ${MQTT_BROKER_PORT-1883}

entrypoint

@@ -1,15 +1,15 @@
 #!/bin/bash
 set -e
 
-: ${WGKEX_DOMAINS:="ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt"}
-: ${WGKEX_DOMAIN_PREFIX:="ffmuc_"}
-: ${WGKEX_DEBUG:="DEBUG"}
-: ${MQTT_BROKER_URL:="mqtt"}
-: ${MQTT_BROKER_PORT:="1883"}
-: ${MQTT_USERNAME:=""}
-: ${MQTT_PASSWORD:=""}
-: ${MQTT_KEEPALIVE:="5"}
-: ${MQTT_TLS:="False"}
+: "${WGKEX_DOMAINS:=ffmuc_augsburg, ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt, ffwert_city, ffwert_events}"
+: "${WGKEX_DOMAIN_PREFIXES:=ffmuc_, ffdon_, ffwert_}"
+: "${WGKEX_DEBUG:=DEBUG}"
+: "${MQTT_BROKER_URL:=mqtt}"
+: "${MQTT_BROKER_PORT:=1883}"
+: "${MQTT_USERNAME:=}"
+: "${MQTT_PASSWORD:=}"
+: "${MQTT_KEEPALIVE:=5}"
+: "${MQTT_TLS:=False}"
 
 mk_config() {
 if [ ! -e /etc/wgkex.yaml ] ; then
@@ -19,9 +19,12 @@ IFS=", "
 for i in $WGKEX_DOMAINS; do
   echo "  - $i"
 done
+echo "domain_prefixes:"
+for i in $WGKEX_DOMAIN_PREFIXES; do
+  echo "  - $i"
+done
 cat <<EOF
 log_level: $WGKEX_DEBUG
-domain_prefix: $WGKEX_DOMAIN_PREFIX
 mqtt:
   broker_url: $MQTT_BROKER_URL
   broker_port: $MQTT_BROKER_PORT

env.example

@@ -1,7 +1,7 @@
 # Copy or rename this file to .env and modify if for your needs
 
-#WGKEX_DOMAINS="ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt"
-#WGKEX_DOMAIN_PREFIX="ffmuc_"
+#WGKEX_DOMAINS="ffmuc_augsburg, ffmuc_freising, ffmuc_gauting, ffmuc_muc_cty, ffmuc_muc_nord, ffmuc_muc_ost, ffmuc_muc_sued, ffmuc_muc_west, ffmuc_uml_nord, ffmuc_uml_ost, ffmuc_uml_sued, ffmuc_uml_west, ffmuc_welt, ffwert_city, ffwert_events"
+#WGKEX_DOMAIN_PREFIXES="ffmuc_, ffdon_, ffwert_"
 #WGKEX_DEBUG="DEBUG"
 
 #MQTT_BROKER_URL="mqtt"
@@ -10,5 +10,3 @@
 #MQTT_PASSWORD=""
 #MQTT_KEEPALIVE="5"
 #MQTT_TLS="False"
-
-

requirements.txt

@@ -1,11 +1,12 @@
-NetLink
+NetLink~=0.1
 flask-mqtt
-pyroute2
-PyYAML
-Flask
-waitress
+pyroute2~=0.7.9
+PyYAML~=6.0.1
+Flask~=3.0.0
+waitress~=2.1.2
 
 # Common
-ipaddress
-mock
-coverage
+ipaddress~=1.0.23
+mock~=5.1.0
+coverage
+paho-mqtt~=1.6.1

wgkex.yaml.example

@@ -1,4 +1,5 @@
 domains:
+  - ffmuc_augsburg
   - ffmuc_freising
   - ffmuc_gauting
   - ffmuc_muc_cty
@@ -11,6 +12,8 @@ domains:
   - ffmuc_uml_sued
   - ffmuc_uml_west
   - ffmuc_welt
+  - ffwert_city
+  - ffwert_events
 mqtt:
   broker_url: broker.hivemq.com
   broker_port: 1883
@@ -21,17 +24,20 @@ mqtt:
 broker_listen:
   host: 0.0.0.0
   port: 5000
-domain_prefix: myprefix-
+domain_prefixes:
+  - ffmuc_
+  - ffdon_
+  - ffwert_
 logging_config:
-    formatters:
-      standard:
-        format: '%(asctime)s,%(msecs)d %(levelname)-8s [%(filename)s:%(lineno)d] %(message)s'
+  formatters:
+    standard:
+      format: '%(asctime)s,%(msecs)d %(levelname)-8s [%(filename)s:%(lineno)d] %(message)s'
+  handlers:
+    console:
+      class: logging.StreamHandler
+      formatter: standard
+  root:
     handlers:
-      console:
-        class: logging.StreamHandler
-        formatter: standard
-    root:
-      handlers:
       - console
-      level: DEBUG
-    version: 1
+    level: DEBUG
+  version: 1

wgkex/broker/app.py

@@ -1,4 +1,5 @@
 #!/usr/bin/env python3
+"""wgkex broker"""
 import re
 import dataclasses
 import logging
@@ -17,7 +18,6 @@
 from wgkex.config import config
 from wgkex.common import logger
 
-
 WG_PUBKEY_PATTERN = re.compile(r"^[A-Za-z0-9+/]{42}[AEIMQUYcgkosw480]=$")
 
 

wgkex/broker/templates/index.html

@@ -1,6 +1,6 @@
 <html>
 <head>
-<title>wgkex</title>
+    <title>wgkex</title>
 </head>
 <body>
 <h1>WGKEX</h1>

wgkex/config/config.py

@@ -1,4 +1,5 @@
 """Configuration handling class."""
+import logging
 import os
 import sys
 import yaml
@@ -41,6 +42,14 @@ class MQTT:
 
     @classmethod
     def from_dict(cls, mqtt_cfg: Dict[str, str]) -> "MQTT":
+        """seems to generate a mqtt config object from dictionary
+
+        Args:
+            mqtt_cfg ():
+
+        Returns:
+            mqtt config object
+        """
         return cls(
             broker_url=mqtt_cfg["broker_url"],
             username=mqtt_cfg["username"],
@@ -60,12 +69,11 @@ class Config:
     Attributes:
         domains: The list of domains to listen for.
         mqtt: The MQTT configuration.
-        domain_prefix: The prefix to pre-pend to a given domain.
-    """
+        domain_prefixes: The list of prefixes to pre-pend to a given domain."""
 
     domains: List[str]
     mqtt: MQTT
-    domain_prefix: str
+    domain_prefixes: List[str]
 
     @classmethod
     def from_dict(cls, cfg: Dict[str, str]) -> "Config":
@@ -79,7 +87,7 @@ def from_dict(cls, cfg: Dict[str, str]) -> "Config":
         return cls(
             domains=cfg["domains"],
             mqtt=mqtt_cfg,
-            domain_prefix=cfg["domain_prefix"],
+            domain_prefixes=cfg["domain_prefixes"],
         )
 
 
@@ -124,6 +132,7 @@ def fetch_config_from_disk() -> str:
         The file contents as string.
     """
     config_file = os.environ.get(WG_CONFIG_OS_ENV, WG_CONFIG_DEFAULT_LOCATION)
+    logging.debug("getting config_file: %s", repr(config_file))
     try:
         with open(config_file, "r") as stream:
             return stream.read()