Add interface_wireguard_peer

terraform-routeros · Dec 21, 2021 · 2d5efad · 2d5efad
1 parent d326551
commit 2d5efad
Show file tree

Hide file tree

Showing 6 changed files with 441 additions and 11 deletions.
diff --git a/.github/scripts/setup_routeros.py b/.github/scripts/setup_routeros.py
@@ -42,6 +42,9 @@ def main():
     pools = api.get_resource("/ip/pool")
     pools.add(name="dhcp", ranges="192.168.88.100-192.168.88.200")
 
+    wireguard = api.get_resource("/interface/wireguard")
+    wireguard.add(name="wg1")
+
     # Output the list of interfaces
 
     print(api.get_resource("/interface").get())

diff --git a/client/interface_wireguard_peer.go b/client/interface_wireguard_peer.go
@@ -0,0 +1,85 @@
+package client
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"net/http"
+)
+
+type InterfaceWireguardPeer struct {
+	ID                     string `json:".id,omitempty"`
+	AllowedAddress         string `json:"allowed-address,omitempty"`
+	CurrentEndpointAddress string `json:"current-endpoint-address,omitempty"`
+	CurrentEndpointPort    string `json:"current-endpoint-port,omitempty"`
+	Disabled               string `json:"disabled,omitempty"`
+	EndpointAddress        string `json:"endpoint-address,omitempty"`
+	EndpointPort           string `json:"endpoint-port,omitempty"`
+	Interface              string `json:"interface,omitempty"`
+	LastHandshake          string `json:"last-handshake,omitempty"`
+	PublicKey              string `json:"public-key,omitempty"`
+	Rx                     string `json:"rx,omitempty"`
+	Tx                     string `json:"tx,omitempty"`
+}
+
+func (c *Client) CreateInterfaceWireguardPeer(ip_pool *InterfaceWireguardPeer) (*InterfaceWireguardPeer, error) {
+	reqBody, err := json.Marshal(ip_pool)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("PUT", fmt.Sprintf("%s/rest/interface/wireguard/peers", c.HostURL), bytes.NewBuffer(reqBody))
+	if err != nil {
+		return nil, err
+	}
+
+	res := InterfaceWireguardPeer{}
+	if c.sendRequest(req, &res); err != nil {
+		return nil, err
+	}
+
+	return &res, nil
+}
+
+func (c *Client) ReadInterfaceWireguardPeer(id string) (*InterfaceWireguardPeer, error) {
+	req, err := http.NewRequest("GET", fmt.Sprintf("%s/rest/interface/wireguard/peers/%s", c.HostURL, id), nil)
+	if err != nil {
+		return nil, err
+	}
+	res := InterfaceWireguardPeer{}
+	if c.sendRequest(req, &res); err != nil {
+		return nil, err
+	}
+	return &res, nil
+}
+
+func (c *Client) UpdateInterfaceWireguardPeer(id string, ip_pool *InterfaceWireguardPeer) (*InterfaceWireguardPeer, error) {
+	reqBody, err := json.Marshal(ip_pool)
+	if err != nil {
+		return nil, err
+	}
+	req, err := http.NewRequest("PATCH", fmt.Sprintf("%s/rest/interface/wireguard/peers/%s", c.HostURL, id), bytes.NewBuffer(reqBody))
+	if err != nil {
+		return nil, err
+	}
+	res := InterfaceWireguardPeer{}
+	if c.sendRequest(req, &res); err != nil {
+		return nil, err
+	}
+	return &res, nil
+}
+
+func (c *Client) DeleteInterfaceWireguardPeer(ip_pool *InterfaceWireguardPeer) error {
+	id := ip_pool.ID
+	req, err := http.NewRequest("DELETE", fmt.Sprintf("%s/rest/interface/wireguard/peers/%s", c.HostURL, id), nil)
+	if err != nil {
+		return err
+	}
+
+	res := InterfaceWireguardPeer{}
+	if err := c.sendRequest(req, &res); err != nil {
+		return err
+	}
+
+	return nil
+}
diff --git a/client/interface_wireguard_peer_test.go b/client/interface_wireguard_peer_test.go
@@ -0,0 +1,61 @@
+package client
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func CreateInterfaceWireguardPeerTestObjects() (*InterfaceWireguardPeer, error) {
+	c := NewClient(GetCredentialsFromEnvVar())
+	interface_wireguard_peer := new(InterfaceWireguardPeer)
+	interface_wireguard_peer.Interface = "wg1"
+	interface_wireguard_peer.PublicKey = "QxC+CTcrDdU5+ny0+2ChUH3NegTrwoVCv53TllI5T0I="
+	res, err := c.CreateInterfaceWireguardPeer(interface_wireguard_peer)
+	if err != nil {
+		return nil, err
+	}
+	return res, nil
+}
+
+func TestCreateInterfaceWireguardPeer(t *testing.T) {
+	c := NewClient(GetCredentialsFromEnvVar())
+	interface_wireguard_peer := new(InterfaceWireguardPeer)
+	interface_wireguard_peer.Interface = "wg1"
+	interface_wireguard_peer.PublicKey = "QxC+CTcrDdU5+ny0+2ChUH3NegTrwoVCv53TllI5T0I="
+	res, err := c.CreateInterfaceWireguardPeer(interface_wireguard_peer)
+	assert.Nil(t, err, "expecting a nil error")
+	assert.NotNil(t, res, "expecting a non-nil result")
+	assert.NotNil(t, res.ID, "expecting the to have an id")
+	assert.Equal(t, interface_wireguard_peer.Interface, res.Interface)
+	assert.Equal(t, interface_wireguard_peer.PublicKey, res.PublicKey)
+	err = c.DeleteInterfaceWireguardPeer(res)
+	assert.Nil(t, err, "expecting a nil error on delete")
+}
+
+func TestReadInterfaceWireguardPeer(t *testing.T) {
+	c := NewClient(GetCredentialsFromEnvVar())
+	interface_wireguard_peer, err := CreateInterfaceWireguardPeerTestObjects()
+	assert.Nil(t, err, "expecting a nil error")
+	res, err := c.ReadInterfaceWireguardPeer(interface_wireguard_peer.ID)
+	assert.Nil(t, err, "expecting a nil error")
+	assert.Equal(t, res.ID, interface_wireguard_peer.ID)
+	assert.Equal(t, interface_wireguard_peer.Interface, res.Interface)
+	assert.Equal(t, interface_wireguard_peer.PublicKey, res.PublicKey)
+	err = c.DeleteInterfaceWireguardPeer(res)
+	assert.Nil(t, err, "expecting a nil error on delete")
+}
+
+func TestUpdateInterfaceWireguardPeer(t *testing.T) {
+	c := NewClient(GetCredentialsFromEnvVar())
+	interface_wireguard_peer, err := CreateInterfaceWireguardPeerTestObjects()
+	assert.Nil(t, err, "expecting a nil error")
+	interface_wireguard_peer_id := interface_wireguard_peer.ID
+	new_interface_wireguard_peer := InterfaceWireguardPeer{}
+	new_interface_wireguard_peer.PublicKey = "s2iOmDMxsjeZZ3UreOmMmL830QMyYOJEjZnpbJCG5yo="
+	res, err := c.UpdateInterfaceWireguardPeer(interface_wireguard_peer_id, &new_interface_wireguard_peer)
+	assert.Nil(t, err, "expecting a nil error")
+	assert.Equal(t, res.PublicKey, new_interface_wireguard_peer.PublicKey)
+	err = c.DeleteInterfaceWireguardPeer(res)
+	assert.Nil(t, err, "expecting a nil error on delete")
+}
diff --git a/routeros/provider.go b/routeros/provider.go
@@ -40,17 +40,18 @@ func Provider() *schema.Provider {
 			},
 		},
 		ResourcesMap: map[string]*schema.Resource{
-			"routeros_ip_address":            resourceIPAddress(),
-			"routeros_ip_dhcp_client":        resourceDhcpClient(),
-			"routeros_ip_dhcp_server":        resourceDhcpServer(),
-			"routeros_ip_pool":               resourceIPPool(),
-			"routeros_ip_route":              resourceIPRoute(),
-			"routeros_ip_firewall_filter":    resourceIPFirewallFilter(),
-			"routeros_interface_vlan":        resourceInterfaceVlan(),
-			"routeros_interface_bridge_vlan": resourceInterfaceBridgeVlan(),
-			"routeros_interface_bridge_port": resourceInterfaceBridgePort(),
-			"routeros_interface_bridge":      resourceInterfaceBridge(),
-			"routeros_interface_wireguard":   resourceInterfaceWireguard(),
+			"routeros_ip_address":               resourceIPAddress(),
+			"routeros_ip_dhcp_client":           resourceDhcpClient(),
+			"routeros_ip_dhcp_server":           resourceDhcpServer(),
+			"routeros_ip_pool":                  resourceIPPool(),
+			"routeros_ip_route":                 resourceIPRoute(),
+			"routeros_ip_firewall_filter":       resourceIPFirewallFilter(),
+			"routeros_interface_vlan":           resourceInterfaceVlan(),
+			"routeros_interface_bridge_vlan":    resourceInterfaceBridgeVlan(),
+			"routeros_interface_bridge_port":    resourceInterfaceBridgePort(),
+			"routeros_interface_bridge":         resourceInterfaceBridge(),
+			"routeros_interface_wireguard":      resourceInterfaceWireguard(),
+			"routeros_interface_wireguard_peer": resourceInterfaceWireguardPeer(),
 		},
 		DataSourcesMap: map[string]*schema.Resource{
 			"routeros_ip_addresses": datasourceIPAddresses(),

diff --git a/routeros/resource_interface_wireguard_peer.go b/routeros/resource_interface_wireguard_peer.go
@@ -0,0 +1,193 @@
+package routeros
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	roscl "github.com/gnewbury1/terraform-provider-routeros/client"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceInterfaceWireguardPeer() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceInterfaceWireguardPeerCreate,
+		Read:   resourceInterfaceWireguardPeerRead,
+		Update: resourceInterfaceWireguardPeerUpdate,
+		Delete: resourceInterfaceWireguardPeerDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"allowed_addresses": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"current_endpoint_address": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"current_endpoint_port": {
+				Type:     schema.TypeInt,
+				Computed: true,
+			},
+			"disabled": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  false,
+			},
+			"endpoint_address": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"endpoint_port": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+			"interface": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"last_handshake": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"public_key": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"rx": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"tx": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceInterfaceWireguardPeerCreate(d *schema.ResourceData, m interface{}) error {
+	c := m.(*roscl.Client)
+
+	allowed_addresses_input := strings.Join(ConvSInterfaceToSString(d.Get("allowed_addresses").([]interface{})), ",")
+
+	interface_wireguard_peer := new(roscl.InterfaceWireguardPeer)
+	interface_wireguard_peer.AllowedAddress = allowed_addresses_input
+	interface_wireguard_peer.Disabled = strconv.FormatBool(d.Get("disabled").(bool))
+	interface_wireguard_peer.EndpointAddress = d.Get("endpoint_address").(string)
+	interface_wireguard_peer.EndpointPort = d.Get("endpoint_port").(string)
+	interface_wireguard_peer.Interface = d.Get("interface").(string)
+	interface_wireguard_peer.PublicKey = d.Get("public_key").(string)
+
+	res, err := c.CreateInterfaceWireguardPeer(interface_wireguard_peer)
+	if err != nil {
+		return fmt.Errorf("error creating ip pool: %s", err.Error())
+	}
+
+	allowed_addresses_output := ConvSStringToSInterface(strings.Split(res.AllowedAddress, ","))
+	current_endpoint_port, _ := strconv.Atoi(res.CurrentEndpointPort)
+	disabled, _ := strconv.ParseBool(res.Disabled)
+
+	d.SetId(res.ID)
+	d.Set("allowed_addresses", allowed_addresses_output)
+	d.Set("current_endpoint_address", res.CurrentEndpointAddress)
+	d.Set("current_endpoint_port", current_endpoint_port)
+	d.Set("disabled", disabled)
+	d.Set("endpoint_address", res.EndpointAddress)
+	d.Set("endpoint_port", res.EndpointPort)
+	d.Set("interface", res.Interface)
+	d.Set("last_handshake", res.LastHandshake)
+	d.Set("public_key", res.PublicKey)
+	d.Set("rx", res.Rx)
+	d.Set("tx", res.Tx)
+
+	return nil
+}
+
+func resourceInterfaceWireguardPeerRead(d *schema.ResourceData, m interface{}) error {
+	c := m.(*roscl.Client)
+	res, err := c.ReadInterfaceWireguardPeer(d.Id())
+
+	if err != nil {
+		return fmt.Errorf("error fetching ip pool: %s", err.Error())
+	}
+
+	allowed_addresses_output := ConvSStringToSInterface(strings.Split(res.AllowedAddress, ","))
+	current_endpoint_port, _ := strconv.Atoi(res.CurrentEndpointPort)
+	disabled, _ := strconv.ParseBool(res.Disabled)
+
+	d.SetId(res.ID)
+	d.Set("allowed_addresses", allowed_addresses_output)
+	d.Set("current_endpoint_address", res.CurrentEndpointAddress)
+	d.Set("current_endpoint_port", current_endpoint_port)
+	d.Set("disabled", disabled)
+	d.Set("endpoint_address", res.EndpointAddress)
+	d.Set("endpoint_port", res.EndpointPort)
+	d.Set("interface", res.Interface)
+	d.Set("last_handshake", res.LastHandshake)
+	d.Set("public_key", res.PublicKey)
+	d.Set("rx", res.Rx)
+	d.Set("tx", res.Tx)
+
+	return nil
+
+}
+
+func resourceInterfaceWireguardPeerUpdate(d *schema.ResourceData, m interface{}) error {
+	c := m.(*roscl.Client)
+	allowed_addresses_input := strings.Join(ConvSInterfaceToSString(d.Get("allowed_addresses").([]interface{})), ",")
+
+	interface_wireguard_peer := new(roscl.InterfaceWireguardPeer)
+	interface_wireguard_peer.AllowedAddress = allowed_addresses_input
+	interface_wireguard_peer.Disabled = strconv.FormatBool(d.Get("disabled").(bool))
+	interface_wireguard_peer.EndpointAddress = d.Get("endpoint_address").(string)
+	interface_wireguard_peer.EndpointPort = d.Get("endpoint_port").(string)
+	interface_wireguard_peer.Interface = d.Get("interface").(string)
+	interface_wireguard_peer.PublicKey = d.Get("public_key").(string)
+
+	res, err := c.UpdateInterfaceWireguardPeer(d.Id(), interface_wireguard_peer)
+
+	if err != nil {
+		return fmt.Errorf("error updating ip address: %s", err.Error())
+	}
+
+	allowed_addresses_output := ConvSStringToSInterface(strings.Split(res.AllowedAddress, ","))
+	current_endpoint_port, _ := strconv.Atoi(res.CurrentEndpointPort)
+	disabled, _ := strconv.ParseBool(res.Disabled)
+
+	d.SetId(res.ID)
+	d.Set("allowed_addresses", allowed_addresses_output)
+	d.Set("current_endpoint_address", res.CurrentEndpointAddress)
+	d.Set("current_endpoint_port", current_endpoint_port)
+	d.Set("disabled", disabled)
+	d.Set("endpoint_address", res.EndpointAddress)
+	d.Set("endpoint_port", res.EndpointPort)
+	d.Set("interface", res.Interface)
+	d.Set("last_handshake", res.LastHandshake)
+	d.Set("public_key", res.PublicKey)
+	d.Set("rx", res.Rx)
+	d.Set("tx", res.Tx)
+
+	return nil
+}
+
+func resourceInterfaceWireguardPeerDelete(d *schema.ResourceData, m interface{}) error {
+	c := m.(*roscl.Client)
+	interface_wireguard_peer, _ := c.ReadInterfaceWireguardPeer(d.Id())
+	err := c.DeleteInterfaceWireguardPeer(interface_wireguard_peer)
+	if err != nil {
+		return fmt.Errorf("error deleting ip address: %s", err.Error())
+	}
+	d.SetId("")
+	return nil
+}