cmd/sanguisuga: use wireguard to download files over DCC

Signed-off-by: Xe Iaso <me@xeiaso.net>
author: Xe Iaso <me@xeiaso.net> 2023-08-27 10:28:52 -0400
committer: Xe Iaso <me@xeiaso.net> 2023-08-27 10:28:52 -0400
commit: 3d0647e946014516df33de0b18d2a16eec835bed (patch)
tree: 78d0e661b76ed2da4f4c579462856c45477852d8
parent: 5ff0a9652cc7270d3a8aaa119ea00bfd6039eaf9 (diff)
download: x-3d0647e946014516df33de0b18d2a16eec835bed.tar.xz
x-3d0647e946014516df33de0b18d2a16eec835bed.zip
9 files changed, 129 insertions, 7 deletions
diff --git a/cmd/sanguisuga/config.default.ts b/cmd/sanguisuga/config.default.ts
index cd42ff4..1a1bad2 100644
--- a/cmd/sanguisuga/config.default.ts
+++ b/cmd/sanguisuga/config.default.ts
@@ -17,7 +17,7 @@ export type Transmission = {
   host: string;
   user: string;
   password: string;
-  https: bool;
+  https: boolean;
   rpcURI: string;
 };
 
@@ -32,6 +32,20 @@ export type Telegram = {
   mentionUser: number;
 };
 
+export type WireGuardPeer = {
+  publicKey: string;
+  endpoint: string;
+  allowedIPs: string[];
+};
+
+export type WireGuard = {
+  privateKey: string;
+  address: string[];
+  dns: string;
+  peers: WireGuardPeer[];
+};
+
+
 export type Config = {
   irc: IRC;
   xdcc: IRC;
@@ -41,6 +55,7 @@ export type Config = {
   tailscale: Tailscale;
   baseDiskPath: string;
   telegram: Telegram;
+  wireguard: WireGuard;
 };
 
 export default {
@@ -85,4 +100,16 @@ export default {
     token: "",
     mentionUser: 0,
   },
+  wireguard: { // for downloading files over DCC (XDCC)
+    privateKey: "",
+    address: [],
+    dns: "",
+    peers: [
+      {
+        publicKey: "",
+        allowedIPs: [],
+        endpoint: "",
+      },
+    ],
+  },
 } satisfies Config;
diff --git a/cmd/sanguisuga/config.go b/cmd/sanguisuga/config.go
index e2e4965..cf98356 100644
--- a/cmd/sanguisuga/config.go
+++ b/cmd/sanguisuga/config.go
@@ -1,6 +1,13 @@
 package main
 
-import "log/slog"
+import (
+	"fmt"
+	"io"
+	"log/slog"
+	"net/netip"
+
+	"within.website/x/cmd/sanguisuga/internal/key2hex"
+)
 
 type IRC struct {
 	Server   string `json:"server"`
@@ -43,6 +50,42 @@ type Telegram struct {
 	MentionUser int64  `json:"mentionUser"`
 }
 
+type WireGuard struct {
+	PrivateKey string          `json:"privateKey"`
+	Address    []netip.Addr    `json:"address"`
+	DNS        netip.Addr      `json:"dns"`
+	Peers      []WireGuardPeer `json:"peers"`
+}
+
+type WireGuardPeer struct {
+	PublicKey  string   `json:"publicKey"`
+	AllowedIPs []string `json:"allowedIPs"`
+	Endpoint   string   `json:"endpoint"`
+}
+
+func (w WireGuard) UAPI(out io.Writer) error {
+	pkey, err := key2hex.Convert(w.PrivateKey)
+	if err != nil {
+		return err
+	}
+	fmt.Fprintf(out, "private_key=%s\n", pkey)
+	fmt.Fprintln(out, "listen_port=0")
+	fmt.Fprintln(out, "replace_peers=true")
+	for _, peer := range w.Peers {
+		pkey, err := key2hex.Convert(peer.PublicKey)
+		if err != nil {
+			return err
+		}
+		fmt.Fprintf(out, "public_key=%s\n", pkey)
+		fmt.Fprintf(out, "endpoint=%s\n", peer.Endpoint)
+		for _, ip := range peer.AllowedIPs {
+			fmt.Fprintf(out, "allowed_ip=%s\n", ip)
+		}
+		fmt.Fprintln(out, "persistent_keepalive_interval=25")
+	}
+	return nil
+}
+
 type Config struct {
 	IRC          IRC          `json:"irc"`
 	XDCC         IRC          `json:"xdcc"`
@@ -52,4 +95,5 @@ type Config struct {
 	Tailscale    Tailscale    `json:"tailscale"`
 	BaseDiskPath string       `json:"baseDiskPath"`
 	Telegram     Telegram     `json:"telegram"`
+	WireGuard    WireGuard    `json:"wireguard"`
 }
diff --git a/cmd/sanguisuga/dcc.go b/cmd/sanguisuga/dcc.go
index c6ef755..aa141d6 100644
--- a/cmd/sanguisuga/dcc.go
+++ b/cmd/sanguisuga/dcc.go
@@ -334,7 +334,7 @@ waitLoop:
 	}
 	defer fout.Close()
 
-	d := dcc.NewDCC(addr, size, fout)
+	d := dcc.NewDCC(addr, size, fout, s.tnet.DialContext)
 
 	ctx, cancel := context.WithTimeout(ev.Ctx, 120*time.Minute)
 	defer cancel()
diff --git a/cmd/sanguisuga/internal/dcc/dcc.go b/cmd/sanguisuga/internal/dcc/dcc.go
index 4975961..82d2ff3 100644
--- a/cmd/sanguisuga/internal/dcc/dcc.go
+++ b/cmd/sanguisuga/internal/dcc/dcc.go
@@ -48,6 +48,9 @@ type DCC struct {
 
 	// destination writer
 	writer io.Writer
+
+	// dial function
+	dialFunc func(ctx context.Context, network, address string) (net.Conn, error)
 }
 
 // NewDCC creates a new DCC instance.
@@ -59,6 +62,7 @@ func NewDCC(
 	address string,
 	size int,
 	writer io.Writer,
+	dialFunc func(ctx context.Context, network, address string) (net.Conn, error),
 ) *DCC {
 	return &DCC{
 		address:   address,
@@ -66,6 +70,7 @@ func NewDCC(
 		progressc: make(chan Progress, 1),
 		done:      make(chan error, 1),
 		writer:    writer,
+		dialFunc:  dialFunc,
 	}
 }
 
@@ -169,10 +174,7 @@ func (d *DCC) Run(ctx context.Context) (
 	// assign the passed context
 	d.ctx = ctx
 
-	dialer := &net.Dialer{Resolver: net.DefaultResolver}
-	conn, err := dialer.DialContext(
-		d.ctx, "tcp", d.address,
-	)
+	conn, err := d.dialFunc(d.ctx, "tcp", d.address)
 
 	if err != nil {
 		d.done <- err
diff --git a/cmd/sanguisuga/internal/key2hex/key2hex.go b/cmd/sanguisuga/internal/key2hex/key2hex.go
new file mode 100644
index 0000000..b7427a3
--- /dev/null
+++ b/cmd/sanguisuga/internal/key2hex/key2hex.go
@@ -0,0 +1,16 @@
+package key2hex
+
+import (
+	"encoding/base64"
+	"encoding/hex"
+)
+
+func Convert(data string) (string, error) {
+	buf := make([]byte, base64.StdEncoding.DecodedLen(len(data))-1)
+	_, err := base64.StdEncoding.Decode(buf, []byte(data))
+	if err != nil {
+		return "", err
+	}
+
+	return hex.EncodeToString(buf), nil
+}
diff --git a/cmd/sanguisuga/main.go b/cmd/sanguisuga/main.go
index 3dfd2c4..1e48639 100644
--- a/cmd/sanguisuga/main.go
+++ b/cmd/sanguisuga/main.go
@@ -12,6 +12,7 @@ import (
 	"log"
 	"log/slog"
 	"net/http"
+	"net/netip"
 	"os"
 	"path/filepath"
 	"regexp"
@@ -23,6 +24,9 @@ import (
 	tu "github.com/mymmrac/telego/telegoutil"
 	irc "github.com/thoj/go-ircevent"
 	"go.jetpack.io/tyson"
+	"golang.zx2c4.com/wireguard/conn"
+	"golang.zx2c4.com/wireguard/device"
+	"golang.zx2c4.com/wireguard/tun/netstack"
 	"honnef.co/go/transmission"
 	"tailscale.com/hostinfo"
 	"tailscale.com/jsondb"
@@ -174,12 +178,33 @@ func main() {
 
 	defer bot.StopLongPolling()
 
+	tun, tnet, err := netstack.CreateNetTUN(
+		c.WireGuard.Address,
+		[]netip.Addr{c.WireGuard.DNS},
+		1280,
+	)
+	if err != nil {
+		log.Fatalf("can't create tun: %v", err)
+	}
+
+	var confSB bytes.Buffer
+	if err := c.WireGuard.UAPI(&confSB); err != nil {
+		log.Fatalf("can't write wireguard config: %v", err)
+	}
+
+	dev := device.NewDevice(tun, conn.NewStdNetBind(), device.NewLogger(device.LogLevelError, "wireguard: "))
+	if err := dev.IpcSetOperation(&confSB); err != nil {
+		log.Fatalf("can't set wireguard config: %v", err)
+	}
+
 	s := &Sanguisuga{
 		Config: c,
 		cl:     cl,
 		db:     db,
 		bot:    bot,
 		tmpl:   template.Must(template.ParseFS(templates, "tmpl/*.html")),
+		tnet:   tnet,
+		srv:    srv,
 
 		animeInFlight: map[string]*SubspleaseAnnouncement{},
 	}
@@ -226,6 +251,8 @@ type Sanguisuga struct {
 	dbLock sync.Mutex
 	bot    *telego.Bot
 	tmpl   *template.Template
+	tnet   *netstack.Net
+	srv    *tsnet.Server
 
 	animeInFlight map[string]*SubspleaseAnnouncement
 	aifLock       sync.Mutex
diff --git a/go.mod b/go.mod
index ea84a85..f030cc8 100644
--- a/go.mod
+++ b/go.mod
@@ -68,6 +68,7 @@ require (
 	github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasthttp v1.48.0 // indirect
+	golang.zx2c4.com/wireguard v0.0.0-20230704135630-469159ecf7d1 // indirect
 	lukechampine.com/uint128 v1.2.0 // indirect
 	modernc.org/cc/v3 v3.40.0 // indirect
 	modernc.org/ccgo/v3 v3.16.13 // indirect
diff --git a/go.sum b/go.sum
index 7b5e24a..62e4e05 100644
--- a/go.sum
+++ b/go.sum
@@ -933,6 +933,8 @@ golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNq
 golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI=
+golang.zx2c4.com/wireguard v0.0.0-20230704135630-469159ecf7d1 h1:EY138uSo1JYlDq+97u1FtcOUwPpIU6WL1Lkt7WpYjPA=
+golang.zx2c4.com/wireguard v0.0.0-20230704135630-469159ecf7d1/go.mod h1:tqur9LnfstdR9ep2LaJT4lFUl0EjlHtge+gAjmsHUG4=
 golang.zx2c4.com/wireguard/windows v0.5.3 h1:On6j2Rpn3OEMXqBq00QEDC7bWSZrPIHKIus8eIuExIE=
 golang.zx2c4.com/wireguard/windows v0.5.3/go.mod h1:9TEe8TJmtwyQebdFwAkEWOPr3prrtqm+REGFifP60hI=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
diff --git a/gomod2nix.toml b/gomod2nix.toml
index a2bd220..32231dd 100644
--- a/gomod2nix.toml
+++ b/gomod2nix.toml
@@ -442,6 +442,9 @@ schema = 3
   [mod."golang.zx2c4.com/wintun"]
     version = "v0.0.0-20230126152724-0fa3db229ce2"
     hash = "sha256-cjMLNjKnnupVROWmeASORVieAL9ieYdzX3cFzG8bCpo="
+  [mod."golang.zx2c4.com/wireguard"]
+    version = "v0.0.0-20230704135630-469159ecf7d1"
+    hash = "sha256-KqA2+do9FeDMInwixwChVDJWa368ixT4NB4tpCAS6tc="
   [mod."golang.zx2c4.com/wireguard/windows"]
     version = "v0.5.3"
     hash = "sha256-wcJWS/4Fqbc+1RHSntex0zBdlHiZfzrea4QabYkNKvU="
author	Xe Iaso <me@xeiaso.net>	2023-08-27 10:28:52 -0400
committer	Xe Iaso <me@xeiaso.net>	2023-08-27 10:28:52 -0400
commit	3d0647e946014516df33de0b18d2a16eec835bed (patch)
tree	78d0e661b76ed2da4f4c579462856c45477852d8
parent	5ff0a9652cc7270d3a8aaa119ea00bfd6039eaf9 (diff)
download	x-3d0647e946014516df33de0b18d2a16eec835bed.tar.xz x-3d0647e946014516df33de0b18d2a16eec835bed.zip