APIs to create users and devices

remy · May 31, 2022, 7:12pm

Are there any API(s) to create users and devices in-order to automate the process?

jamil · May 31, 2022, 8:50pm

@remy The REST API is still under development, but for the time being you can create Users and Devices by rpc’ing into the functions directly like so:

Create user

/opt/firezone/embedded/service/firezone/bin/firezone rpc 'FzHttp.Users.create_user(%{"email" => "foobar@example.com", "password" => "password_here", "password_confirmation" => "password_here"})'

Create device for user (must know user_id and generate psk and keypair beforehand)

/opt/firezone/embedded/service/firezone/bin/firezone rpc 'FzHttp.Devices.create_device(%{"user_id" => 36, "public_key" => "H4P2H2LvtVWa+MZw/GD6dUkjF1HstCdr2HXxqMzY=", "preshared_key" => "dHN1zuRd/PemzBDeYQqMsVTyHSNoTsmJQ=", "name" => "DEVICE_NAME"})'

remy · June 1, 2022, 8:40pm

@jamil, is it possible to provide the command to check if the user and the device exists before they are created?

I tried with /opt/firezone/embedded/service/firezone/bin/firezone rpc 'FzHttp.Users.get_by_email("user@localhost.local")' but it give no output, actual user dose exists.

jamil · June 1, 2022, 9:45pm

Yep, Try IO.inspect(FzHttp.Users.get_by_email(…)) in order to format the output

remy · June 1, 2022, 10:06pm

@jamil, thanks thats working

/opt/firezone/embedded/service/firezone/bin/firezone rpc 'IO.inspect(FzHttp.Users.get_by_email("user@localhost.local"))'

/opt/firezone/embedded/service/firezone/bin/firezone rpc 'IO.inspect(FzHttp.Devices.list_devices(<device_id>))'

remy · June 2, 2022, 12:36am

@jamil , is it possible to add validation when adding device from CLI command to check if the public key and pre-shared keys are valid? I added wrong key add Phoenix crashed, had to delete the user from database and then restart firezone

jamil · June 7, 2022, 9:54pm

@remy Thanks for the suggestion! Yeah, we’re changing the way keys are stored in the DB as part of 0.4.0 and this will be fixed then.

suyuanhu · November 20, 2024, 3:28am

api $ curl -i
-X POST “https://{firezone_host}/v0/devices”
-H ‘Content-Type: application/json’
-H ‘Authorization: Bearer {api_token}’
–data-binary @- << EOF
{
“device”: {
“allowed_ips”: [
“0.0.0.0/0”,
“::/0”,
“1.1.1.1”
],
“description”: “create-description”,
“dns”: [
“9.9.9.8”
],
“endpoint”: “9.9.9.9”,
“ipv4”: “100.64.0.2”,
“ipv6”: “fd00::2”,
“mtu”: 999,
“name”: “create-name”,
“persistent_keepalive”: 9,
“preshared_key”: “CHqFuS+iL3FTog5F4Ceumqlk0CU4Cl/dyUP/9F9NDnI=”,
“public_key”: “CHqFuS+iL3FTog5F4Ceumqlk0CU4Cl/dyUP/9F9NDnI=”,
“use_default_allowed_ips”: false,
“use_default_dns”: false,
“use_default_endpoint”: false,
“use_default_mtu”: false,
“use_default_persistent_keepalive”: false,
“user_id”: “95138a8e-c89f-41b4-b62c-a5b8c23a0b8c”
}
}create users and devices
But I couldn’t connect to Firezone using the device I created through client configuration Only manually generated configurations through Firezone’s UI page can connect successfully ？