From e4d4c62833eb309ffb2fd9db05d1dbee6b6761f6 Mon Sep 17 00:00:00 2001 From: Owen Date: Mon, 2 Feb 2026 18:19:13 -0800 Subject: [PATCH] Dont create newt sites with exit node or subnet --- server/routers/site/createSite.ts | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/server/routers/site/createSite.ts b/server/routers/site/createSite.ts index c798ea30..4f1bba06 100644 --- a/server/routers/site/createSite.ts +++ b/server/routers/site/createSite.ts @@ -17,7 +17,6 @@ import { hashPassword } from "@server/auth/password"; import { isValidIP } from "@server/lib/validators"; import { isIpInCidr } from "@server/lib/ip"; import { verifyExitNodeOrgAccess } from "#dynamic/lib/exitNodes"; -import { build } from "@server/build"; const createSiteParamsSchema = z.strictObject({ orgId: z.string() @@ -259,7 +258,19 @@ export async function createSite( let newSite: Site; await db.transaction(async (trx) => { - if (type == "wireguard" || type == "newt") { + if (type == "newt") { + [newSite] = await trx + .insert(sites) + .values({ + orgId, + name, + niceId, + address: updatedAddress || null, + type, + dockerSocketEnabled: true + }) + .returning(); + } else if (type == "wireguard") { // we are creating a site with an exit node (tunneled) if (!subnet) { return next( @@ -311,11 +322,9 @@ export async function createSite( exitNodeId, name, niceId, - address: updatedAddress || null, subnet, type, - dockerSocketEnabled: type == "newt", - ...(pubKey && type == "wireguard" && { pubKey }) + pubKey: pubKey || null }) .returning(); } else if (type == "local") {