raijin-server 0.3.0__py3-none-any.whl → 0.3.2__py3-none-any.whl

raijin_server/__init__.py

@@ -1,5 +1,5 @@
 """Pacote principal do CLI Raijin Server."""
 
-__version__ = "0.3.0"
+__version__ = "0.3.2"
 
 __all__ = ["__version__"]

raijin_server/modules/vpn_client.py

@@ -103,22 +103,58 @@ def _list_existing_clients() -> List[dict]:
     content = WG0_CONF.read_text()
     clients = []
     
-    # Parse peers
-    current_peer = {}
-    for line in content.split("\n"):
-        line = line.strip()
+    # Parse peers - suporta múltiplos formatos de comentário
+    lines = content.split("\n")
+    i = 0
+    
+    while i < len(lines):
+        line = lines[i].strip()
+        
+        # Detecta início de um bloco [Peer]
+        if line == "[Peer]":
+            peer_name = None
+            public_key = None
+            allowed_ips = None
+            
+            # Verifica linha anterior para comentário com nome
+            if i > 0:
+                prev_line = lines[i - 1].strip()
+                # Formato: "# cliente_nome" ou "# Cliente: nome"
+                if prev_line.startswith("#"):
+                    comment = prev_line[1:].strip()
+                    if comment.lower().startswith("cliente:"):
+                        peer_name = comment.split(":", 1)[1].strip()
+                    else:
+                        # Nome direto após # (formato do módulo vpn)
+                        peer_name = comment
+            
+            # Lê configurações do peer
+            i += 1
+            while i < len(lines):
+                peer_line = lines[i].strip()
+                if peer_line.startswith("[") or (peer_line.startswith("#") and i + 1 < len(lines) and lines[i + 1].strip() == "[Peer]"):
+                    break
+                
+                if peer_line.startswith("PublicKey"):
+                    public_key = peer_line.split("=", 1)[1].strip()
+                elif peer_line.startswith("AllowedIPs"):
+                    allowed_ips = peer_line.split("=", 1)[1].strip()
+                # Comentário inline com nome do cliente
+                elif peer_line.startswith("#") and not peer_name:
+                    peer_name = peer_line[1:].strip()
+                
+                i += 1
+            
+            # Adiciona peer se tiver pelo menos chave pública
+            if public_key:
+                clients.append({
+                    "name": peer_name or f"cliente_{len(clients) + 1}",
+                    "public_key": public_key,
+                    "ip": allowed_ips or "N/A",
+                })
+            continue
         
-        if line.startswith("# Cliente:"):
-            if current_peer:
-                clients.append(current_peer)
-            current_peer = {"name": line.split(":", 1)[1].strip()}
-        elif line.startswith("PublicKey =") and current_peer:
-            current_peer["public_key"] = line.split("=")[1].strip()
-        elif line.startswith("AllowedIPs =") and current_peer:
-            current_peer["ip"] = line.split("=")[1].strip()
-    
-    if current_peer:
-        clients.append(current_peer)
+        i += 1
     
     return clients
 
@@ -148,62 +184,87 @@ def _add_peer_to_server(name: str, public_key: str, client_ip: str, ctx: Executi
     """Adiciona peer ao arquivo de configuração do servidor."""
     content = WG0_CONF.read_text()
     
+    # Remove linhas em branco extras no final
+    content = content.rstrip() + "\n"
+    
+    # Formato compatível com o módulo vpn original
     peer_block = f"""
-# Cliente: {name}
+# {name}
 [Peer]
 PublicKey = {public_key}
 AllowedIPs = {client_ip}
 """
     
     # Adiciona peer ao final
-    content += "\n" + peer_block
+    content += peer_block
     
     write_file(WG0_CONF, content, ctx)
     
-    # Recarrega configuração
+    # Recarrega configuração via wg syncconf (mais rápido) ou restart
     typer.echo("Recarregando WireGuard...")
-    run_cmd(["systemctl", "restart", "wg-quick@wg0"], ctx, check=False)
+    # Tenta wg syncconf primeiro (não derruba conexões existentes)
+    result = run_cmd(
+        ["bash", "-c", f"wg syncconf wg0 <(wg-quick strip wg0)"],
+        ctx,
+        check=False
+    )
+    if result.returncode != 0:
+        # Fallback para restart
+        run_cmd(["systemctl", "restart", "wg-quick@wg0"], ctx, check=False)
 
 
 def _remove_peer_from_server(public_key: str, ctx: ExecutionContext) -> None:
     """Remove peer do arquivo de configuração do servidor."""
     content = WG0_CONF.read_text()
     
-    # Remove bloco do peer
+    # Remove bloco do peer - suporta múltiplos formatos
     lines = content.split("\n")
     new_lines = []
     skip_until_next_section = False
     
-    for line in lines:
+    for i, line in enumerate(lines):
         if f"PublicKey = {public_key}" in line:
             skip_until_next_section = True
-            # Remove também o comentário anterior
-            if new_lines and new_lines[-1].startswith("# Cliente:"):
-                new_lines.pop()
-            if new_lines and new_lines[-1].strip() == "":
-                new_lines.pop()
-            if new_lines and new_lines[-1].strip() == "[Peer]":
+            # Remove também o comentário anterior e [Peer]
+            while new_lines and (
+                new_lines[-1].startswith("#") or 
+                new_lines[-1].strip() == "" or
+                new_lines[-1].strip() == "[Peer]"
+            ):
                 new_lines.pop()
             continue
         
         if skip_until_next_section:
-            if line.startswith("[") or line.startswith("# Cliente:"):
+            # Próximo peer ou seção
+            stripped = line.strip()
+            if stripped.startswith("[") or (stripped.startswith("#") and i + 1 < len(lines) and lines[i + 1].strip() == "[Peer]"):
                 skip_until_next_section = False
             else:
                 continue
         
         new_lines.append(line)
     
-    write_file(WG0_CONF, "\n".join(new_lines), ctx)
+    # Remove linhas em branco extras no final
+    while new_lines and new_lines[-1].strip() == "":
+        new_lines.pop()
+    
+    write_file(WG0_CONF, "\n".join(new_lines) + "\n", ctx)
     
     # Recarrega configuração
     typer.echo("Recarregando WireGuard...")
-    run_cmd(["systemctl", "restart", "wg-quick@wg0"], ctx, check=False)
+    result = run_cmd(
+        ["bash", "-c", f"wg syncconf wg0 <(wg-quick strip wg0)"],
+        ctx,
+        check=False
+    )
+    if result.returncode != 0:
+        run_cmd(["systemctl", "restart", "wg-quick@wg0"], ctx, check=False)
 
 
 def _create_client_config(
     name: str,
     private_key: str,
+    public_key: str,
     client_ip: str,
     server_config: dict,
 ) -> str:
@@ -218,8 +279,10 @@ def _create_client_config(
     if not endpoint:
         endpoint = typer.prompt("Endpoint público do servidor (IP ou domínio)")
     
-    config = f"""[Interface]
-# Cliente: {name}
+    # Inclui chave pública do cliente como comentário para referência rápida
+    config = f"""# Cliente: {name}
+# PublicKey: {public_key}
+[Interface]
 PrivateKey = {private_key}
 Address = {client_ip}
 DNS = {dns}
@@ -272,7 +335,7 @@ def add_client(ctx: ExecutionContext) -> None:
     CLIENTS_DIR.mkdir(parents=True, exist_ok=True)
     
     # Cria configuração do cliente
-    client_config = _create_client_config(name, private_key, client_ip, server_config)
+    client_config = _create_client_config(name, private_key, public_key, client_ip, server_config)
     
     client_file = CLIENTS_DIR / f"{name}.conf"
     write_file(client_file, client_config, ctx)
@@ -387,6 +450,8 @@ def show_client_config(ctx: ExecutionContext) -> None:
     
     if not client_file.exists():
         typer.secho(f"Arquivo de configuração não encontrado: {client_file}", fg=typer.colors.RED)
+        typer.echo("\nDica: O cliente pode ter sido criado pelo módulo 'vpn' (inicial).")
+        typer.echo(f"Verifique se existe: {CLIENTS_DIR}")
         raise typer.Exit(1)
     
     typer.echo(f"\n{'='*60}")
@@ -396,11 +461,37 @@ def show_client_config(ctx: ExecutionContext) -> None:
     
     typer.echo(client_file.read_text())
     
+    # Detecta hostname/IP do servidor
+    import socket
+    hostname = socket.gethostname()
+    
+    typer.echo(f"\n{'='*60}")
+    typer.secho("COMO COPIAR PARA WINDOWS/MAC/LINUX:", fg=typer.colors.CYAN, bold=True)
+    typer.echo(f"{'='*60}")
+    
+    typer.echo("\n📋 Opção 1 - SCP (requer SSH configurado):")
+    typer.echo(f"   scp usuario@{hostname}:{client_file} .")
+    typer.echo(f"   # ou com IP: scp usuario@SEU_IP:{client_file} .")
+    
+    typer.echo("\n📋 Opção 2 - Copiar conteúdo manualmente:")
+    typer.echo("   1. Copie o texto acima (entre as linhas de '=')")
+    typer.echo(f"   2. No Windows, crie arquivo: {name}.conf")
+    typer.echo("   3. Cole o conteúdo e salve")
+    
+    typer.echo("\n📋 Opção 3 - SFTP (FileZilla, WinSCP):")
+    typer.echo(f"   Conecte no servidor e baixe: {client_file}")
+    
+    typer.echo("\n📱 Para celular (QR Code):")
+    typer.echo(f"   qrencode -t ansiutf8 < {client_file}")
+    
     typer.echo(f"\n{'='*60}")
-    typer.echo("\nPara copiar:")
-    typer.echo(f"  scp root@servidor:{client_file} .")
-    typer.echo("\nPara QR code (mobile):")
-    typer.echo(f"  qrencode -t ansiutf8 {client_file}")
+    typer.secho("NO WINDOWS 11:", fg=typer.colors.GREEN, bold=True)
+    typer.echo(f"{'='*60}")
+    typer.echo("   1. Baixe WireGuard: https://www.wireguard.com/install/")
+    typer.echo("   2. Abra WireGuard → 'Import tunnel(s) from file...'")
+    typer.echo(f"   3. Selecione o arquivo {name}.conf")
+    typer.echo("   4. Clique 'Activate' para conectar")
+    typer.echo("")
 
 
 def run(ctx: ExecutionContext) -> None:

{raijin_server-0.3.0.dist-info → raijin_server-0.3.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: raijin-server
-Version: 0.3.0
+Version: 0.3.2
 Summary: CLI para automacao de setup e hardening de servidores Ubuntu Server.
 Home-page: https://example.com/raijin-server
 Author: Equipe Raijin
@@ -269,6 +269,7 @@ kubectl port-forward svc/grafana -n observability 3000:80
 | [ARCHITECTURE.md](ARCHITECTURE.md) | Arquitetura técnica do ambiente |
 | [SECURITY.md](SECURITY.md) | Políticas de segurança |
 | [AUDIT.md](AUDIT.md) | Relatório de auditoria |
+| [docs/VERSIONING.md](docs/VERSIONING.md) | Versionamento e tags |
 | [docs/INFRASTRUCTURE_GUIDE.md](docs/INFRASTRUCTURE_GUIDE.md) | Guia completo de infraestrutura |
 | [docs/VPN_REMOTE_ACCESS.md](docs/VPN_REMOTE_ACCESS.md) | Configuração de VPN |
 | [docs/INTERNAL_DNS.md](docs/INTERNAL_DNS.md) | DNS interno para domínios privados |

{raijin_server-0.3.0.dist-info → raijin_server-0.3.2.dist-info}/RECORD

@@ -1,4 +1,4 @@
-raijin_server/__init__.py,sha256=MvrRbjHr0fpwAuK-h3JmhGK1xckNu_HpfUU0CsifboQ,94
+raijin_server/__init__.py,sha256=A06gLxft508OGSQ5sPqJhuqoAoEB0hkD0koIF-UP0SQ,94
 raijin_server/cli.py,sha256=rqkAQCU5imi52YJCIeEuZqWo8bWYkVErOQh3JpKIDok,38149
 raijin_server/config.py,sha256=QNiEVvrbW56XgvNn5-h3bkJm46Xc8mjNqPbvixXD8N0,4829
 raijin_server/healthchecks.py,sha256=lzXdFw6S0hOYbUKbqksh4phb04lXgXdTspP1Dsz4dx8,15401
@@ -34,15 +34,15 @@ raijin_server/modules/ssh_hardening.py,sha256=Zd0dlylUBr01SkrI1CS05-0DB9xIto5rWH
 raijin_server/modules/traefik.py,sha256=omziywss4o-8t64Kj-upLqbXdFYm2JwqOoOukDUmqxY,5008
 raijin_server/modules/velero.py,sha256=yDtqd6yUu0L5wzLCjYXqvvxB_RyaAoZtntb6HoHVAOo,5642
 raijin_server/modules/vpn.py,sha256=hF-0vA17VKTxhQLDBSEeqI5aPQpiaaj4IpUf9l6lr64,8297
-raijin_server/modules/vpn_client.py,sha256=sea5PtJB3Q612cVvW4Pz8_fEN7Zu0eNf34D2uEfHnkw,13463
+raijin_server/modules/vpn_client.py,sha256=6P5mYLTgQr5fqjTftY6jW3p_iRXy5YVNxfkLfP0mujs,17228
 raijin_server/scripts/__init__.py,sha256=deduGfHf8BMVWred4ux5LfBDT2NJ5XYeJAt2sDEU4qs,53
 raijin_server/scripts/checklist.sh,sha256=j6E0Kmk1EfjLvKK1VpCqzXJAXI_7Bm67LK4ndyCxWh0,1842
 raijin_server/scripts/install.sh,sha256=Y1ickbQ4siQ0NIPs6UgrqUr8WWy7U0LHmaTQbEgavoI,3949
 raijin_server/scripts/log_size_metric.sh,sha256=Iv4SsX8AuCYRou-klYn32mX41xB6j0xJGLBO6riw4rU,1208
 raijin_server/scripts/pre-deploy-check.sh,sha256=XqMo7IMIpwUHF17YEmU0-cVmTDMoCGMBFnmS39FidI4,4912
-raijin_server-0.3.0.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
-raijin_server-0.3.0.dist-info/METADATA,sha256=nyqyXiUg4iGNViT9GKvXT1zelFsKUya3HO3QBBAjeVM,8761
-raijin_server-0.3.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-raijin_server-0.3.0.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
-raijin_server-0.3.0.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
-raijin_server-0.3.0.dist-info/RECORD,,
+raijin_server-0.3.2.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
+raijin_server-0.3.2.dist-info/METADATA,sha256=0YsPOlPDXXMTDqNNWcYfcfiwn-C8mw0spAcAGo-XuTU,8829
+raijin_server-0.3.2.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+raijin_server-0.3.2.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
+raijin_server-0.3.2.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
+raijin_server-0.3.2.dist-info/RECORD,,