Calmcacil/wg-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

bd sync: 2026-01-12 17:29:26

Browse Source
This commit is contained in:
Calmcacil
2026-01-12 17:29:26 +01:00
parent 718432911b
commit 6c9ee6ef3e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.beads/issues.jsonl
View File

@@ -5,7 +5,7 @@
{"id":"wg-admin-2pl","title":"Improve nftables firewall configuration","description":"Enhance firewall rules based on best practices: add TCP MSS clamping for MTU issues, add connection tracking bypass (notrack) for WireGuard traffic, implement proper rate limiting, ensure ICMPv6 neighbor discovery is allowed, validate rules before applying with nft check.","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T16:27:53.15783619+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T16:37:11.050440729+01:00","closed_at":"2026-01-12T16:37:11.050440729+01:00","close_reason":"Improved nftables firewall configuration with TCP MSS clamping (1360), connection tracking bypass (notrack) for WireGuard UDP traffic, rate limiting for SSH (3/min) and WireGuard (10/s), ensured ICMPv6 neighbor discovery (including nd-router-* messages), and added nft check validation before applying rules."}
{"id":"wg-admin-37o","title":"Add security hardening","description":"Implement: client name sanitization with regex, pre-shared key (PSK) support option, proper temporary key cleanup with trap handlers, atomic config file operations (write to temp then mv), chmod 0600 for all key files, verify no hardcoded secrets in generated files.","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T16:27:53.148392501+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T16:44:11.582485544+01:00","closed_at":"2026-01-12T16:44:11.582485544+01:00","close_reason":"Implemented all security hardening features: client name sanitization with regex (validate_client_name function), pre-shared key (PSK) support with --psk option, proper temporary key cleanup with trap handlers (cleanup_handler), atomic config file operations (mktemp + mv), chmod 0600 for all key files, and verified no hardcoded secrets (keys generated dynamically or read from files)"}
{"id":"wg-admin-3d4","title":"Implement configuration loading system","description":"Implement configuration system to load /etc/wg-admin/config.conf using native Go or Viper library. Support environment variable overrides. Validate required config (SERVER_DOMAIN, WG_PORT, VPN_IPV4_RANGE, VPN_IPV6_RANGE, DNS_SERVERS). Provide clear error messages for missing config.","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T17:02:57.198865993+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T17:21:51.863786437+01:00","closed_at":"2026-01-12T17:21:51.863786437+01:00","close_reason":"Configuration system implemented in internal/config/config.go. Loads from /etc/wg-admin/config.conf, supports environment variable overrides with WGI_ prefix, validates required fields (SERVER_DOMAIN, WG_PORT, CIDR formats). Provides helper methods for network extraction.","dependencies":[{"issue_id":"wg-admin-3d4","depends_on_id":"wg-admin-4ji","type":"blocks","created_at":"2026-01-12T17:04:44.279588181+01:00","created_by":"Calmcacil"}]}
{"id":"wg-admin-4fb","title":"Set up basic TUI skeleton with Bubble Tea","description":"Create main TUI application entry point implementing Bubble Tea's Model-Update-View pattern. Set up root check and logging. Create empty screen types (list, add, detail, qr, help). Implement basic keyboard navigation (q=quit). Add status bar with version and help shortcut (?).","status":"open","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T17:02:57.195332445+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T17:04:03.844815527+01:00","dependencies":[{"issue_id":"wg-admin-4fb","depends_on_id":"wg-admin-4ji","type":"blocks","created_at":"2026-01-12T17:04:26.666043249+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-4fb","depends_on_id":"wg-admin-3d4","type":"blocks","created_at":"2026-01-12T17:04:26.672887205+01:00","created_by":"Calmcacil"}]}
{"id":"wg-admin-4fb","title":"Set up basic TUI skeleton with Bubble Tea","description":"Create main TUI application entry point implementing Bubble Tea's Model-Update-View pattern. Set up root check and logging. Create empty screen types (list, add, detail, qr, help). Implement basic keyboard navigation (q=quit). Add status bar with version and help shortcut (?).","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T17:02:57.195332445+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T17:29:25.376578103+01:00","closed_at":"2026-01-12T17:29:25.376578103+01:00","close_reason":"TUI skeleton implemented with Model-Update-View pattern. Main entry point in cmd/wg-tui/main.go with root check, configuration loading integration, basic keyboard navigation (q quit), status bar with version and help. Creates clean separation between TUI model (internal/tui) and main program. Successfully builds.","dependencies":[{"issue_id":"wg-admin-4fb","depends_on_id":"wg-admin-4ji","type":"blocks","created_at":"2026-01-12T17:04:26.666043249+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-4fb","depends_on_id":"wg-admin-3d4","type":"blocks","created_at":"2026-01-12T17:04:26.672887205+01:00","created_by":"Calmcacil"}]}
{"id":"wg-admin-4ji","title":"Initialize Go module and project structure","description":"Initialize Go project with go mod init. Create directory structure following plan: cmd/, internal/config, internal/wireguard, internal/tui (screens, components, theme), internal/validation, internal/backup. Add README with project setup instructions.","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T17:02:57.197740013+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T17:20:34.471816058+01:00","closed_at":"2026-01-12T17:20:34.471816058+01:00","close_reason":"Go module initialized, directory structure created (cmd/, internal/ subdirectories), dependencies added (bubbletea, lipgloss, bubbles, huh, qrterminal), basic TUI skeleton with Model-Update-View pattern implemented. Root check added. Builds successfully.","dependencies":[{"issue_id":"wg-admin-4ji","depends_on_id":"wg-admin-gp4","type":"blocks","created_at":"2026-01-12T17:04:26.670875524+01:00","created_by":"Calmcacil"}]}
{"id":"wg-admin-69b","title":"Implement WireGuard client parsing","description":"Parse WireGuard client configuration files from /etc/wireguard/conf.d/client-*.conf. Extract client name, IPv4, IPv6, public key, and PSK status. Create Client struct. Handle file read errors and malformed configs. Validate config syntax.","status":"open","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T17:02:57.199808074+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T17:04:03.837012941+01:00","dependencies":[{"issue_id":"wg-admin-69b","depends_on_id":"wg-admin-4fb","type":"blocks","created_at":"2026-01-12T17:04:44.265421971+01:00","created_by":"Calmcacil"}]}
{"id":"wg-admin-abw","title":"Create wg-client-manager script","description":"Create new wg-client-manager script for client operations: add, remove, list, show, qr. Implement proper command parsing, use interactive 'read' with 'WGI_' environment variable overrides, call validation functions, use atomic config updates.","status":"closed","priority":2,"issue_type":"task","owner":"Calmcacil@Raion","created_at":"2026-01-12T16:27:53.150007325+01:00","created_by":"Calmcacil","updated_at":"2026-01-12T16:48:38.86400169+01:00","closed_at":"2026-01-12T16:48:38.86400169+01:00","close_reason":"Created wg-client-manager script with all required commands (add, remove, list, show, qr). Implements interactive prompts with WGI_ environment variable overrides, uses validation functions, and performs atomic config updates.","dependencies":[{"issue_id":"wg-admin-abw","depends_on_id":"wg-admin-cwb","type":"blocks","created_at":"2026-01-12T16:28:20.280054863+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-abw","depends_on_id":"wg-admin-37o","type":"blocks","created_at":"2026-01-12T16:28:20.299310073+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-abw","depends_on_id":"wg-admin-lzl","type":"blocks","created_at":"2026-01-12T16:28:20.300924186+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-abw","depends_on_id":"wg-admin-wsk","type":"blocks","created_at":"2026-01-12T16:28:20.354270061+01:00","created_by":"Calmcacil"},{"issue_id":"wg-admin-abw","depends_on_id":"wg-admin-0va","type":"blocks","created_at":"2026-01-12T16:28:21.926811217+01:00","created_by":"Calmcacil"}]}