support AllowIPs for peers in server config (#24)

assets/tpl/admin_edit_client.html

@@ -82,6 +82,12 @@
                     <input type="text" name="allowedip" class="form-control" id="server_AllowedIP" value="{{.Peer.AllowedIPsStr}}">
                 </div>
             </div>
+            <div class="form-row">
+                <div class="form-group col-md-12">
+                    <label for="server_AllowedIPSrv">Extra Allowed IPs (Server sided)</label>
+                    <input type="text" name="allowedipSrv" class="form-control" id="server_AllowedIPSrv" value="{{.Peer.AllowedIPsSrvStr}}">
+                </div>
+            </div>
             <div class="form-row">
                 <div class="form-group col-md-12 global-config">
                     <label for="server_DNS">Client DNS Servers</label>

internal/common/db.go

@@ -29,6 +29,13 @@ func init() {
 			return nil
 		},
 	})
+	migrations = append(migrations, Migration{
+		version: "1.0.8",
+		migrateFn: func(db *gorm.DB) error {
+			logrus.Infof("upgraded database format to version 1.0.8")
+			return nil
+		},
+	})
 }
 
 type SupportedDatabase string

internal/server/handlers_peer.go

@@ -64,6 +64,7 @@ func (s *Server) PostAdminEditPeer(c *gin.Context) {
 	// Clean list input
 	formPeer.IPsStr = common.ListToString(common.ParseStringList(formPeer.IPsStr))
 	formPeer.AllowedIPsStr = common.ListToString(common.ParseStringList(formPeer.AllowedIPsStr))
+	formPeer.AllowedIPsSrvStr = common.ListToString(common.ParseStringList(formPeer.AllowedIPsSrvStr))
 
 	disabled := c.PostForm("isdisabled") != ""
 	now := time.Now()
@@ -121,6 +122,7 @@ func (s *Server) PostAdminCreatePeer(c *gin.Context) {
 	// Clean list input
 	formPeer.IPsStr = common.ListToString(common.ParseStringList(formPeer.IPsStr))
 	formPeer.AllowedIPsStr = common.ListToString(common.ParseStringList(formPeer.AllowedIPsStr))
+	formPeer.AllowedIPsSrvStr = common.ListToString(common.ParseStringList(formPeer.AllowedIPsSrvStr))
 
 	disabled := c.PostForm("isdisabled") != ""
 	now := time.Now()

internal/server/version.go

@@ -1,4 +1,4 @@
 package server
 
 var Version = "testbuild"
-var DatabaseVersion = "1.0.7"
+var DatabaseVersion = "1.0.8"

internal/wireguard/peermanager.go

@@ -82,6 +82,7 @@ type Peer struct {
 	PublicKey           string `gorm:"primaryKey" form:"pubkey" binding:"required,base64"` // the public key of the peer itself
 	PresharedKey        string `form:"presharedkey" binding:"omitempty,base64"`
 	AllowedIPsStr       string `form:"allowedip" binding:"cidrlist"`    // a comma separated list of IPs that are used in the client config file
+	AllowedIPsSrvStr    string `form:"allowedipSrv" binding:"cidrlist"` // a comma separated list of IPs that are used in the server config file
 	Endpoint            string `form:"endpoint" binding:"omitempty,hostname_port"`
 	PersistentKeepalive int    `form:"keepalive" binding:"gte=0"`
 
@@ -123,6 +124,10 @@ func (p Peer) GetAllowedIPs() []string {
 	return common.ParseStringList(p.AllowedIPsStr)
 }
 
+func (p Peer) GetAllowedIPsSrv() []string {
+	return common.ParseStringList(p.AllowedIPsSrvStr)
+}
+
 func (p Peer) GetConfig(dev *Device) wgtypes.PeerConfig {
 	publicKey, _ := wgtypes.ParseKey(p.PublicKey)
 
@@ -153,6 +158,7 @@ func (p Peer) GetConfig(dev *Device) wgtypes.PeerConfig {
 		peerAllowedIPs = p.GetAllowedIPs()
 	case DeviceTypeServer:
 		peerAllowedIPs = p.GetIPAddresses()
+		peerAllowedIPs = append(peerAllowedIPs, p.GetAllowedIPsSrv()...)
 	}
 	for _, ip := range peerAllowedIPs {
 		_, ipNet, err := net.ParseCIDR(ip)

internal/wireguard/tpl/interface.tpl

@@ -61,7 +61,7 @@ PublicKey = {{ .PublicKey }}
 PresharedKey = {{ .PresharedKey }}
 {{- end}}
 {{- if eq $.Interface.Type "server"}}
-AllowedIPs = {{ .IPsStr }}
+AllowedIPs = {{ .IPsStr }}{{if ne .AllowedIPsSrvStr ""}}, {{ .AllowedIPsSrvStr }}{{end}}
 {{- end}}
 {{- if eq $.Interface.Type "client"}}
 {{- if .AllowedIPsStr}}