diff --git a/README.md b/README.md index 19efb90..14b6c51 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ The following configuration options are available: | LDAP_ENABLED | ldapEnabled | core | false | Enable or disable the LDAP backend. | | SESSION_SECRET | sessionSecret | core | secret | Use a custom secret to encrypt session data. | | BACKGROUND_TASK_INTERVAL | backgroundTaskInterval | core | 900 | The interval (in seconds) for the background tasks (like peer expiry check). | +| EXPIRY_REENABLE | expiryReEnable | core | false | Reactivate expired peers if the expiration date is in the future. | | DATABASE_TYPE | typ | database | sqlite | Either mysql or sqlite. | | DATABASE_HOST | host | database | | The mysql server address. | | DATABASE_PORT | port | database | | The mysql server port. | diff --git a/internal/server/configuration.go b/internal/server/configuration.go index ec5a1cb..4368283 100644 --- a/internal/server/configuration.go +++ b/internal/server/configuration.go @@ -72,6 +72,7 @@ type Config struct { SessionSecret string `yaml:"sessionSecret" envconfig:"SESSION_SECRET"` LogoUrl string `yaml:"logoUrl" envconfig:"LOGO_URL"` BackgroundTaskInterval int `yaml:"backgroundTaskInterval" envconfig:"BACKGROUND_TASK_INTERVAL"` // in seconds + ExpiryReEnable bool `yaml:"expiryReEnable" envconfig:"EXPIRY_REENABLE"` } `yaml:"core"` Database common.DatabaseConfig `yaml:"database"` Email common.MailConfig `yaml:"email"` diff --git a/internal/server/handlers_peer.go b/internal/server/handlers_peer.go index 0037429..aed56db 100644 --- a/internal/server/handlers_peer.go +++ b/internal/server/handlers_peer.go @@ -81,9 +81,6 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) { formPeer.ExpiresAt = nil } } - if formPeer.ExpiresAt != nil && formPeer.ExpiresAt.IsZero() { // convert 01-01-0001 to nil - formPeer.ExpiresAt = nil - } // Update in database if err := s.UpdatePeer(formPeer, now); err != nil { diff --git a/internal/server/server_helper.go b/internal/server/server_helper.go index f285847..79d76fb 100644 --- a/internal/server/server_helper.go +++ b/internal/server/server_helper.go @@ -141,6 +141,13 @@ func (s *Server) UpdatePeer(peer wireguard.Peer, updateTime time.Time) error { currentPeer := s.peers.GetPeerByKey(peer.PublicKey) dev := s.peers.GetDevice(peer.DeviceName) + // Check if expiry date is in the future, an reactivate the peer in case. + if s.config.Core.ExpiryReEnable && currentPeer.DeactivatedReason == wireguard.DeactivatedReasonExpired && + peer.ExpiresAt != nil && peer.ExpiresAt.After(time.Now()) { + peer.DeactivatedAt = nil + peer.DeactivatedReason = "" + } + // Update WireGuard device var err error switch { @@ -156,6 +163,9 @@ func (s *Server) UpdatePeer(peer wireguard.Peer, updateTime time.Time) error { } peer.UID = fmt.Sprintf("u%x", md5.Sum([]byte(peer.PublicKey))) + if peer.ExpiresAt != nil && peer.ExpiresAt.IsZero() { // convert 01-01-0001 to nil + peer.ExpiresAt = nil + } // Update in database if err := s.peers.UpdatePeer(peer); err != nil {