2021-05-26 00:48:04 +08:00
|
|
|
package serverctl
|
|
|
|
|
|
|
|
|
|
import (
|
2021-07-21 05:18:45 +08:00
|
|
|
//"github.com/davecgh/go-spew/spew"
|
|
|
|
|
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
2021-05-26 00:48:04 +08:00
|
|
|
"log"
|
|
|
|
|
"net"
|
2021-07-21 05:18:45 +08:00
|
|
|
"os"
|
2021-05-26 00:48:04 +08:00
|
|
|
"strconv"
|
2021-07-21 05:18:45 +08:00
|
|
|
|
|
|
|
|
"github.com/gravitl/netmaker/database"
|
|
|
|
|
"github.com/gravitl/netmaker/functions"
|
|
|
|
|
"github.com/gravitl/netmaker/models"
|
|
|
|
|
"github.com/gravitl/netmaker/servercfg"
|
2021-05-26 00:48:04 +08:00
|
|
|
"github.com/vishvananda/netlink"
|
|
|
|
|
"golang.zx2c4.com/wireguard/wgctrl"
|
|
|
|
|
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func InitServerWireGuard() error {
|
|
|
|
|
|
|
|
|
|
created, err := CreateCommsNetwork()
|
|
|
|
|
if !created {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
wgconfig := servercfg.GetWGConfig()
|
|
|
|
|
if !(wgconfig.GRPCWireGuard == "on") {
|
|
|
|
|
return errors.New("WireGuard not enabled on this server.")
|
|
|
|
|
}
|
|
|
|
|
ifaceSettings := netlink.NewLinkAttrs()
|
|
|
|
|
|
|
|
|
|
if wgconfig.GRPCWGInterface == "" {
|
|
|
|
|
return errors.New("No WireGuard Interface Name set.")
|
|
|
|
|
}
|
|
|
|
|
ifaceSettings.Name = wgconfig.GRPCWGInterface
|
|
|
|
|
wglink := &models.WireGuardLink{LinkAttrs: &ifaceSettings}
|
|
|
|
|
|
|
|
|
|
err = netlink.LinkAdd(wglink)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if os.IsExist(err) {
|
2021-05-30 23:26:10 +08:00
|
|
|
log.Println("WireGuard interface " + ifaceSettings.Name + " already exists. Skipping...")
|
2021-05-26 00:48:04 +08:00
|
|
|
} else {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-05-28 02:57:59 +08:00
|
|
|
address, err := netlink.ParseAddr(wgconfig.GRPCWGAddress + "/24")
|
2021-05-26 00:48:04 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = netlink.AddrAdd(wglink, address)
|
2021-07-21 05:18:45 +08:00
|
|
|
if err != nil && !os.IsExist(err) {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
err = netlink.LinkSetUp(wglink)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Println("could not bring up wireguard interface")
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-28 02:57:59 +08:00
|
|
|
var client models.IntClient
|
|
|
|
|
client.PrivateKey = wgconfig.GRPCWGPrivKey
|
|
|
|
|
client.PublicKey = wgconfig.GRPCWGPubKey
|
2021-06-02 06:40:04 +08:00
|
|
|
client.ServerPublicEndpoint = servercfg.GetAPIHost()
|
|
|
|
|
client.ServerAPIPort = servercfg.GetAPIPort()
|
2021-06-02 10:32:20 +08:00
|
|
|
client.ServerPrivateAddress = servercfg.GetGRPCWGAddress()
|
|
|
|
|
client.ServerWGPort = servercfg.GetGRPCWGPort()
|
2021-06-02 06:40:04 +08:00
|
|
|
client.ServerGRPCPort = servercfg.GetGRPCPort()
|
2021-06-02 10:32:20 +08:00
|
|
|
client.Address = servercfg.GetGRPCWGAddress()
|
2021-05-26 00:48:04 +08:00
|
|
|
client.IsServer = "yes"
|
|
|
|
|
client.Network = "comms"
|
2021-07-21 05:18:45 +08:00
|
|
|
exists, _ := functions.GetServerIntClient()
|
|
|
|
|
if exists != nil {
|
|
|
|
|
err = RegisterServer(client)
|
2021-05-30 01:24:13 +08:00
|
|
|
}
|
2021-07-21 05:18:45 +08:00
|
|
|
return err
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-30 01:24:13 +08:00
|
|
|
func DeleteServerClient() error {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-28 02:57:59 +08:00
|
|
|
func RegisterServer(client models.IntClient) error {
|
2021-07-21 05:18:45 +08:00
|
|
|
if client.PrivateKey == "" {
|
|
|
|
|
privateKey, err := wgtypes.GeneratePrivateKey()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
client.PrivateKey = privateKey.String()
|
|
|
|
|
client.PublicKey = privateKey.PublicKey().String()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if client.Address == "" {
|
|
|
|
|
newAddress, err := functions.UniqueAddress(client.Network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-28 02:57:59 +08:00
|
|
|
if newAddress == "" {
|
|
|
|
|
return errors.New("Could not retrieve address")
|
|
|
|
|
}
|
2021-07-21 05:18:45 +08:00
|
|
|
client.Address = newAddress
|
|
|
|
|
}
|
|
|
|
|
if client.Network == "" {
|
|
|
|
|
client.Network = "comms"
|
|
|
|
|
}
|
|
|
|
|
client.ServerKey = client.PublicKey
|
|
|
|
|
value, err := json.Marshal(client)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
database.Insert(client.PublicKey, string(value), database.INT_CLIENTS_TABLE_NAME)
|
2021-05-26 00:48:04 +08:00
|
|
|
|
2021-07-21 05:18:45 +08:00
|
|
|
ReconfigureServerWireGuard()
|
2021-05-26 00:48:04 +08:00
|
|
|
|
2021-07-21 05:18:45 +08:00
|
|
|
return err
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ReconfigureServerWireGuard() error {
|
2021-07-21 05:18:45 +08:00
|
|
|
server, err := functions.GetServerIntClient()
|
2021-05-26 00:48:04 +08:00
|
|
|
if err != nil {
|
2021-07-21 05:18:45 +08:00
|
|
|
return err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
serverkey, err := wgtypes.ParseKey(server.PrivateKey)
|
2021-07-21 05:18:45 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
serverport, err := strconv.Atoi(servercfg.GetGRPCWGPort())
|
2021-07-21 05:18:45 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
|
2021-05-28 02:57:59 +08:00
|
|
|
peers, err := functions.GetIntPeersList()
|
2021-07-21 05:18:45 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
wgserver, err := wgctrl.New()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-07-21 05:18:45 +08:00
|
|
|
var serverpeers []wgtypes.PeerConfig
|
2021-05-26 00:48:04 +08:00
|
|
|
for _, peer := range peers {
|
|
|
|
|
|
2021-07-21 05:18:45 +08:00
|
|
|
pubkey, err := wgtypes.ParseKey(peer.PublicKey)
|
2021-05-26 00:48:04 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-07-21 05:18:45 +08:00
|
|
|
var peercfg wgtypes.PeerConfig
|
|
|
|
|
var allowedips []net.IPNet
|
|
|
|
|
if peer.Address != "" {
|
2021-05-26 00:48:04 +08:00
|
|
|
var peeraddr = net.IPNet{
|
2021-07-21 05:18:45 +08:00
|
|
|
IP: net.ParseIP(peer.Address),
|
|
|
|
|
Mask: net.CIDRMask(32, 32),
|
|
|
|
|
}
|
|
|
|
|
allowedips = append(allowedips, peeraddr)
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
if peer.Address6 != "" {
|
2021-07-21 05:18:45 +08:00
|
|
|
var addr6 = net.IPNet{
|
|
|
|
|
IP: net.ParseIP(peer.Address6),
|
|
|
|
|
Mask: net.CIDRMask(128, 128),
|
|
|
|
|
}
|
|
|
|
|
allowedips = append(allowedips, addr6)
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
peercfg = wgtypes.PeerConfig{
|
2021-07-21 05:18:45 +08:00
|
|
|
PublicKey: pubkey,
|
|
|
|
|
ReplaceAllowedIPs: true,
|
|
|
|
|
AllowedIPs: allowedips,
|
|
|
|
|
}
|
|
|
|
|
serverpeers = append(serverpeers, peercfg)
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
wgconf := wgtypes.Config{
|
|
|
|
|
PrivateKey: &serverkey,
|
|
|
|
|
ListenPort: &serverport,
|
|
|
|
|
ReplacePeers: true,
|
|
|
|
|
Peers: serverpeers,
|
|
|
|
|
}
|
2021-05-30 23:26:10 +08:00
|
|
|
wgiface := servercfg.GetGRPCWGInterface()
|
|
|
|
|
err = wgserver.ConfigureDevice(wgiface, wgconf)
|
2021-05-26 00:48:04 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2021-07-26 02:22:20 +08:00
|
|
|
|
|
|
|
|
func GetPeers(networkName string) (map[string]string, error) {
|
|
|
|
|
peers := make(map[string]string)
|
|
|
|
|
network, err := functions.GetParentNetwork(networkName)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return peers, err
|
|
|
|
|
}
|
|
|
|
|
iface := network.DefaultInterface
|
|
|
|
|
|
|
|
|
|
client, err := wgctrl.New()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return peers, err
|
|
|
|
|
}
|
|
|
|
|
device, err := client.Device(iface)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
for _, peer := range device.Peers {
|
|
|
|
|
peers[peer.PublicKey.String()] = peer.Endpoint.String()
|
|
|
|
|
}
|
|
|
|
|
return peers, nil
|
|
|
|
|
}
|
