wireguard-client-config.test.ts 3.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. import { describe, expect, it } from 'vitest';
  2. import { buildWireguardClientConfig } from '@/pages/clients/wireguardConfig';
  3. import type { ClientRecord, InboundOption } from '@/hooks/useClients';
  4. const client: ClientRecord = {
  5. email: 'alice',
  6. privateKey: 'QGVlb2dXc1ZTWGw0ZXBzZndsWmtMaUM5MUlNYjBHWFdYbz0=',
  7. allowedIPs: '10.0.0.2/32',
  8. preSharedKey: 'cHNrLXZhbHVlLWZvci13aXJlZ3VhcmQtdGVzdC1jYXNlIQ==',
  9. keepAlive: 25,
  10. inboundIds: [90],
  11. };
  12. const inbound: InboundOption = {
  13. id: 90,
  14. tag: 'in-51820-udp',
  15. remark: 'wg-mc',
  16. protocol: 'wireguard',
  17. port: 51820,
  18. wgPublicKey: 'DGSYIcEKAUkA7HhzGSjxLZuV67BR3LeyU0BMLJzNVHQ=',
  19. wgMtu: 1420,
  20. };
  21. describe('buildWireguardClientConfig', () => {
  22. it('emits the canonical PresharedKey key, not PreSharedKey', () => {
  23. const cfg = buildWireguardClientConfig(client, inbound, 'example.com', '');
  24. expect(cfg).toContain(`PresharedKey = ${client.preSharedKey}`);
  25. expect(cfg).not.toContain('PreSharedKey =');
  26. });
  27. it('defaults DNS to 1.1.1.1, 1.0.0.1 when the inbound sets none', () => {
  28. const cfg = buildWireguardClientConfig(client, inbound, 'example.com', '');
  29. expect(cfg).toContain('DNS = 1.1.1.1, 1.0.0.1');
  30. });
  31. it('uses the inbound DNS override when present', () => {
  32. const cfg = buildWireguardClientConfig(client, { ...inbound, wgDns: '9.9.9.9' }, 'example.com', '');
  33. expect(cfg).toContain('DNS = 9.9.9.9');
  34. expect(cfg).not.toContain('DNS = 1.1.1.1, 1.0.0.1');
  35. });
  36. it('builds the endpoint from host, port, MTU and server public key', () => {
  37. const cfg = buildWireguardClientConfig(client, inbound, 'example.com', '');
  38. expect(cfg).toContain('Endpoint = example.com:51820');
  39. expect(cfg).toContain('MTU = 1420');
  40. expect(cfg).toContain(`PublicKey = ${inbound.wgPublicKey}`);
  41. expect(cfg).toContain('PersistentKeepalive = 25');
  42. });
  43. it('omits the PresharedKey line when the client has no preshared key', () => {
  44. const cfg = buildWireguardClientConfig({ ...client, preSharedKey: undefined }, inbound, 'example.com', '');
  45. expect(cfg).not.toContain('PresharedKey');
  46. });
  47. it('uses the hosting node address as the endpoint host for node-managed inbounds', () => {
  48. const cfg = buildWireguardClientConfig(client, { ...inbound, nodeAddress: 'node.example.net' }, 'master.example.com', '');
  49. expect(cfg).toContain('Endpoint = node.example.net:51820');
  50. expect(cfg).not.toContain('master.example.com');
  51. });
  52. it('falls back to the panel host when the node address is blank', () => {
  53. const cfg = buildWireguardClientConfig(client, { ...inbound, nodeAddress: ' ' }, 'master.example.com', '');
  54. expect(cfg).toContain('Endpoint = master.example.com:51820');
  55. });
  56. it('honors the custom share-address strategy over the node address', () => {
  57. const cfg = buildWireguardClientConfig(
  58. client,
  59. { ...inbound, nodeAddress: 'node.example.net', shareAddrStrategy: 'custom', shareAddr: 'vpn.example.com' },
  60. 'master.example.com',
  61. '',
  62. );
  63. expect(cfg).toContain('Endpoint = vpn.example.com:51820');
  64. });
  65. it('honors the listen share-address strategy over the node address', () => {
  66. const cfg = buildWireguardClientConfig(
  67. client,
  68. { ...inbound, nodeAddress: 'node.example.net', shareAddrStrategy: 'listen', listen: '198.51.100.7' },
  69. 'master.example.com',
  70. '',
  71. );
  72. expect(cfg).toContain('Endpoint = 198.51.100.7:51820');
  73. });
  74. it('keeps a panel hostname that fails share-host normalization instead of emitting an empty endpoint', () => {
  75. const cfg = buildWireguardClientConfig(client, { ...inbound, listen: '0.0.0.0' }, 'wg_gw.corp.lan', '');
  76. expect(cfg).toContain('Endpoint = wg_gw.corp.lan:51820');
  77. expect(cfg).not.toContain('Endpoint = :51820');
  78. });
  79. });