From c6a7238453ac8827546688c66b2bf1fe5342611d Mon Sep 17 00:00:00 2001 From: afeiszli Date: Fri, 18 Feb 2022 15:18:50 -0500 Subject: [PATCH 1/2] adding random comms network name logic --- config/config.go | 4 +-- logic/accesskeys.go | 11 +++++-- logic/dns.go | 4 ++- logic/serverconf.go | 29 +++++++++++++++++ models/accessToken.go | 6 ++-- netclient/command/commands.go | 18 ----------- netclient/config/config.go | 29 +++-------------- netclient/daemon/common.go | 9 ++---- netclient/daemon/macos.go | 17 ++++------ netclient/daemon/systemd.go | 2 +- servercfg/serverconf.go | 61 +++++++++-------------------------- serverctl/serverctl.go | 22 +++++++++++-- 12 files changed, 93 insertions(+), 119 deletions(-) diff --git a/config/config.go b/config/config.go index 6f0f4791..be847e35 100644 --- a/config/config.go +++ b/config/config.go @@ -53,15 +53,12 @@ type ServerConfig struct { MessageQueueBackend string `yaml:"messagequeuebackend"` ClientMode string `yaml:"clientmode"` DNSMode string `yaml:"dnsmode"` - SplitDNS string `yaml:"splitdns"` DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` - DisableDefaultNet string `yaml:"disabledefaultnet"` GRPCSSL string `yaml:"grpcssl"` Version string `yaml:"version"` SQLConn string `yaml:"sqlconn"` Platform string `yaml:"platform"` Database string `yaml:"database"` - CheckinInterval string `yaml:"checkininterval"` DefaultNodeLimit int32 `yaml:"defaultnodelimit"` Verbosity int32 `yaml:"verbosity"` ServerCheckinInterval int64 `yaml:"servercheckininterval"` @@ -78,6 +75,7 @@ type ServerConfig struct { PortForwardServices string `yaml:"portforwardservices"` HostNetwork string `yaml:"hostnetwork"` CommsCIDR string `yaml:"commscidr"` + MQPort string `yaml:"mqport"` } // SQLConfig - Generic SQL Config diff --git a/logic/accesskeys.go b/logic/accesskeys.go index f2a842bc..1ac77e35 100644 --- a/logic/accesskeys.go +++ b/logic/accesskeys.go @@ -49,12 +49,17 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models netID := network.NetID + commsNetID, err := FetchCommsNetID() + if err != nil { + return models.AccessKey{}, errors.New("could not retrieve comms netid") + } + var accessToken models.AccessToken s := servercfg.GetServerConfig() servervals := models.ServerConfig{ - GRPCConnString: s.GRPCConnString, - GRPCSSL: s.GRPCSSL, - CheckinInterval: s.CheckinInterval, + GRPCConnString: s.GRPCConnString, + GRPCSSL: s.GRPCSSL, + CommsNetwork: commsNetID, } accessToken.ServerConfig = servervals accessToken.ClientConfig.Network = netID diff --git a/logic/dns.go b/logic/dns.go index ac58f205..023f9ba8 100644 --- a/logic/dns.go +++ b/logic/dns.go @@ -8,7 +8,6 @@ import ( "github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/models" - "github.com/gravitl/netmaker/servercfg" "github.com/txn2/txeh" ) @@ -39,9 +38,12 @@ func SetDNS() error { if err != nil { return err } + /* if something goes wrong with server DNS, check here + // commented out bc we were not using IsSplitDNS if servercfg.IsSplitDNS() { err = SetCorefile(corefilestring) } + */ return err } diff --git a/logic/serverconf.go b/logic/serverconf.go index 0ba1e258..2da3e90a 100644 --- a/logic/serverconf.go +++ b/logic/serverconf.go @@ -72,3 +72,32 @@ func StoreJWTSecret(privateKey string) error { } return database.Insert("nm-jwt-secret", string(data), database.SERVERCONF_TABLE_NAME) } + +// FetchCommsNetID - fetches comms netid from db +func FetchCommsNetID() (string, error) { + var dbData string + var err error + var fetchedData = serverData{} + dbData, err = database.FetchRecord(database.SERVERCONF_TABLE_NAME, "nm-comms-id") + if err != nil { + return "", err + } + err = json.Unmarshal([]byte(dbData), &fetchedData) + if err != nil { + return "", err + } + return fetchedData.PrivateKey, nil +} + +// StoreCommsNetID - stores server comms network netid if needed +func StoreCommsNetID(netid string) error { + var newData = serverData{} + var err error + var data []byte + newData.PrivateKey = netid + data, err = json.Marshal(&newData) + if err != nil { + return err + } + return database.Insert("nm-comms-id", string(data), database.SERVERCONF_TABLE_NAME) +} diff --git a/models/accessToken.go b/models/accessToken.go index 8e516afd..d254411a 100644 --- a/models/accessToken.go +++ b/models/accessToken.go @@ -12,7 +12,7 @@ type ClientConfig struct { } type ServerConfig struct { - GRPCConnString string `json:"grpcconn"` - GRPCSSL string `json:"grpcssl"` - CheckinInterval string `json:"checkininterval"` + GRPCConnString string `json:"grpcconn"` + GRPCSSL string `json:"grpcssl"` + CommsNetwork string `json:"commsnetwork"` } diff --git a/netclient/command/commands.go b/netclient/command/commands.go index bb888c73..e39e0126 100644 --- a/netclient/command/commands.go +++ b/netclient/command/commands.go @@ -1,7 +1,6 @@ package command import ( - "strconv" "strings" "github.com/gravitl/netmaker/netclient/config" @@ -56,23 +55,6 @@ func Join(cfg config.ClientConfig, privateKey string) error { return err } -func getWindowsInterval() int { - interval := 15 - networks, err := ncutils.GetSystemNetworks() - if err != nil { - return interval - } - cfg, err := config.ReadConfig(networks[0]) - if err != nil { - return interval - } - netint, err := strconv.Atoi(cfg.Server.CheckinInterval) - if err == nil && netint != 0 { - interval = netint - } - return interval -} - // Leave - runs the leave command from cli func Leave(cfg config.ClientConfig) error { err := functions.LeaveNetwork(cfg.Network) diff --git a/netclient/config/config.go b/netclient/config/config.go index 66efcac2..e6de5579 100644 --- a/netclient/config/config.go +++ b/netclient/config/config.go @@ -15,12 +15,6 @@ import ( "gopkg.in/yaml.v3" ) -// GlobalConfig - struct for handling IntClients currently -type GlobalConfig struct { - GRPCWireGuard string `yaml:"grpcwg"` - Client models.IntClient -} - // ClientConfig - struct for dealing with client configuration type ClientConfig struct { Server ServerConfig `yaml:"server"` @@ -34,12 +28,10 @@ type ClientConfig struct { // ServerConfig - struct for dealing with the server information for a netclient type ServerConfig struct { - CoreDNSAddr string `yaml:"corednsaddr"` - GRPCAddress string `yaml:"grpcaddress"` - AccessKey string `yaml:"accesskey"` - GRPCSSL string `yaml:"grpcssl"` - GRPCWireGuard string `yaml:"grpcwg"` - CheckinInterval string `yaml:"checkininterval"` + CoreDNSAddr string `yaml:"corednsaddr"` + GRPCAddress string `yaml:"grpcaddress"` + AccessKey string `yaml:"accesskey"` + GRPCSSL string `yaml:"grpcssl"` } // Write - writes the config of a client to disk @@ -183,7 +175,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { cfg.Server.AccessKey = accesstoken.ClientConfig.Key cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL - cfg.Server.CheckinInterval = accesstoken.ServerConfig.CheckinInterval if c.String("grpcserver") != "" { cfg.Server.GRPCAddress = c.String("grpcserver") } @@ -203,12 +194,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { if c.String("corednsaddr") != "" { cfg.Server.CoreDNSAddr = c.String("corednsaddr") } - if c.String("grpcwg") != "" { - cfg.Server.GRPCWireGuard = c.String("grpcwg") - } - if c.String("checkininterval") != "" { - cfg.Server.CheckinInterval = c.String("checkininterval") - } } else { cfg.Server.GRPCAddress = c.String("grpcserver") @@ -216,10 +201,8 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { cfg.Network = c.String("network") cfg.Node.Network = c.String("network") cfg.Node.LocalRange = c.String("localrange") - cfg.Server.GRPCWireGuard = c.String("grpcwg") cfg.Server.GRPCSSL = c.String("grpcssl") cfg.Server.CoreDNSAddr = c.String("corednsaddr") - cfg.Server.CheckinInterval = c.String("checkininterval") } cfg.Node.Name = c.String("name") cfg.Node.Interface = c.String("interface") @@ -246,10 +229,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { cfg.Node.UDPHolePunch = c.String("udpholepunch") cfg.Node.MTU = int32(c.Int("mtu")) - if cfg.Server.CheckinInterval == "" { - cfg.Server.CheckinInterval = "15" - } - return cfg, privateKey, nil } diff --git a/netclient/daemon/common.go b/netclient/daemon/common.go index a1a2cef2..5d4e9efb 100644 --- a/netclient/daemon/common.go +++ b/netclient/daemon/common.go @@ -13,18 +13,13 @@ func InstallDaemon(cfg config.ClientConfig) error { os := runtime.GOOS var err error - interval := "15" - if cfg.Server.CheckinInterval != "" { - interval = cfg.Server.CheckinInterval - } - switch os { case "windows": err = SetupWindowsDaemon() case "darwin": - err = SetupMacDaemon(interval) + err = SetupMacDaemon() case "linux": - err = SetupSystemDDaemon(interval) + err = SetupSystemDDaemon() case "freebsd": err = SetupFreebsdDaemon() default: diff --git a/netclient/daemon/macos.go b/netclient/daemon/macos.go index e4a6dfa3..4badac4d 100644 --- a/netclient/daemon/macos.go +++ b/netclient/daemon/macos.go @@ -1,7 +1,6 @@ package daemon import ( - "fmt" "log" "os" "path/filepath" @@ -14,7 +13,7 @@ const MAC_SERVICE_NAME = "com.gravitl.netclient" const MAC_EXEC_DIR = "/usr/local/bin/" // SetupMacDaemon - Creates a daemon service from the netclient under LaunchAgents for MacOS -func SetupMacDaemon(interval string) error { +func SetupMacDaemon() error { dir, err := filepath.Abs(filepath.Dir(os.Args[0])) if err != nil { @@ -34,7 +33,7 @@ func SetupMacDaemon(interval string) error { if os.IsNotExist(errN) { os.Mkdir("~/Library/LaunchAgents", 0755) } - err = CreateMacService(MAC_SERVICE_NAME, interval) + err = CreateMacService(MAC_SERVICE_NAME) if err != nil { return err } @@ -69,7 +68,7 @@ func StopLaunchD() { } // CreateMacService - Creates the mac service file for LaunchDaemons -func CreateMacService(servicename string, interval string) error { +func CreateMacService(servicename string) error { _, err := os.Stat("/Library/LaunchDaemons") if os.IsNotExist(err) { os.Mkdir("/Library/LaunchDaemons", 0755) @@ -77,7 +76,7 @@ func CreateMacService(servicename string, interval string) error { log.Println("couldnt find or create /Library/LaunchDaemons") return err } - daemonstring := MacDaemonString(interval) + daemonstring := MacDaemonString() daemonbytes := []byte(daemonstring) if !ncutils.FileExists("/Library/LaunchDaemons/com.gravitl.netclient.plist") { @@ -87,8 +86,8 @@ func CreateMacService(servicename string, interval string) error { } // MacDaemonString - the file contents for the mac netclient daemon service (launchdaemon) -func MacDaemonString(interval string) string { - return fmt.Sprintf(` +func MacDaemonString() string { + return ` @@ -101,8 +100,6 @@ func MacDaemonString(interval string) string { StandardOutPath/etc/netclient/com.gravitl.netclient.log StandardErrorPath/etc/netclient/com.gravitl.netclient.log AbandonProcessGroup - StartInterval - %s EnvironmentVariables PATH @@ -110,7 +107,7 @@ func MacDaemonString(interval string) string { -`, interval) +` } // MacTemplateData - struct to represent the mac service diff --git a/netclient/daemon/systemd.go b/netclient/daemon/systemd.go index 28da6f9c..80f7de3e 100644 --- a/netclient/daemon/systemd.go +++ b/netclient/daemon/systemd.go @@ -14,7 +14,7 @@ import ( const EXEC_DIR = "/sbin/" // SetupSystemDDaemon - sets system daemon for supported machines -func SetupSystemDDaemon(interval string) error { +func SetupSystemDDaemon() error { if ncutils.IsWindows() { return nil diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index 51a32460..ff68e8a3 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -31,7 +31,8 @@ func GetServerConfig() config.ServerConfig { cfg.CoreDNSAddr = GetCoreDNSAddr() cfg.APIHost = GetAPIHost() cfg.APIPort = GetAPIPort() - cfg.GRPCConnString = GetGRPCConnString() + cfg.APIPort = GetAPIPort() + cfg.MQPort = GetMQPort() cfg.GRPCHost = GetGRPCHost() cfg.GRPCPort = GetGRPCPort() cfg.MasterKey = "(hidden)" @@ -39,8 +40,7 @@ func GetServerConfig() config.ServerConfig { cfg.AllowedOrigin = GetAllowedOrigin() cfg.RestBackend = "off" cfg.NodeID = GetNodeID() - cfg.CheckinInterval = GetCheckinInterval() - cfg.ServerCheckinInterval = GetServerCheckinInterval() + cfg.MQPort = GetMQPort() if IsRestBackend() { cfg.RestBackend = "on" } @@ -68,10 +68,6 @@ func GetServerConfig() config.ServerConfig { if DisableRemoteIPCheck() { cfg.DisableRemoteIPCheck = "on" } - cfg.DisableDefaultNet = "off" - if DisableDefaultNet() { - cfg.DisableRemoteIPCheck = "on" - } cfg.Database = GetDB() cfg.Platform = GetPlatform() cfg.Version = GetVersion() @@ -90,6 +86,7 @@ func GetServerConfig() config.ServerConfig { cfg.Debug = GetDebug() cfg.Telemetry = Telemetry() cfg.ManageIPTables = ManageIPTables() + cfg.CommsCIDR = GetCommsCIDR() services := strings.Join(GetPortForwardServiceList(), ",") cfg.PortForwardServices = services @@ -177,17 +174,6 @@ func GetAPIPort() string { return apiport } -// GetCheckinInterval - get check in interval for nodes -func GetCheckinInterval() string { - seconds := "15" - if os.Getenv("CHECKIN_INTERVAL") != "" { - seconds = os.Getenv("CHECKIN_INTERVAL") - } else if config.Config.Server.CheckinInterval != "" { - seconds = config.Config.Server.CheckinInterval - } - return seconds -} - // GetDefaultNodeLimit - get node limit if one is set func GetDefaultNodeLimit() int32 { var limit int32 @@ -254,6 +240,17 @@ func GetGRPCPort() string { return grpcport } +// GetMQPort - gets the mq port +func GetMQPort() string { + mqport := "1883" + if os.Getenv("MQ_PORT") != "" { + mqport = os.Getenv("MQ_PORT") + } else if config.Config.Server.MQPort != "" { + mqport = config.Config.Server.MQPort + } + return mqport +} + // GetGRPCPort - gets the grpc port func GetCommsCIDR() string { netrange := "172.242.0.0/16" @@ -455,21 +452,6 @@ func DisableRemoteIPCheck() bool { return disabled } -// DisableDefaultNet - disable default net -func DisableDefaultNet() bool { - disabled := false - if os.Getenv("DISABLE_DEFAULT_NET") != "" { - if os.Getenv("DISABLE_DEFAULT_NET") == "on" { - disabled = true - } - } else if config.Config.Server.DisableDefaultNet != "" { - if config.Config.Server.DisableDefaultNet == "on" { - disabled = true - } - } - return disabled -} - // GetPublicIP - gets public ip func GetPublicIP() (string, error) { @@ -533,18 +515,7 @@ func GetSQLConn() string { return sqlconn } -// IsSplitDNS - checks if split dns is on -func IsSplitDNS() bool { - issplit := false - if os.Getenv("IS_SPLIT_DNS") == "yes" { - issplit = true - } else if config.Config.Server.SplitDNS == "yes" { - issplit = true - } - return issplit -} - -// IsSplitDNS - checks if split dns is on +// IsHostNetwork - checks if running on host network func IsHostNetwork() bool { ishost := false if os.Getenv("HOST_NETWORK") == "on" { diff --git a/serverctl/serverctl.go b/serverctl/serverctl.go index 1b485573..12ae339b 100644 --- a/serverctl/serverctl.go +++ b/serverctl/serverctl.go @@ -14,17 +14,19 @@ import ( "github.com/gravitl/netmaker/servercfg" ) +// COMMS_NETID - name of the comms network +var COMMS_NETID string + const ( // NETMAKER_BINARY_NAME - name of netmaker binary NETMAKER_BINARY_NAME = "netmaker" - - // COMMS_NETID - name of comms net - COMMS_NETID = "n37m8k3r" ) // InitializeCommsNetwork - Check if comms network exists (for MQ, DNS, SSH traffic), if not, create func InitializeCommsNetwork() error { + setCommsID() + _, err := logic.GetNetwork(COMMS_NETID) if err != nil { logger.Log(1, "comms net does not exist, creating") @@ -42,6 +44,20 @@ func InitializeCommsNetwork() error { return nil } +// SetJWTSecret - sets the jwt secret on server startup +func setCommsID() { + currentid, idErr := logic.FetchCommsNetID() + if idErr != nil { + commsid := logic.RandomString(8) + if err := logic.StoreCommsNetID(commsid); err != nil { + logger.FatalLog("something went wrong when configuring comms id") + } + COMMS_NETID = commsid + return + } + COMMS_NETID = currentid +} + // InitServerNetclient - intializes the server netclient // 1. Check if config directory exists, if not attempt to make // 2. Check current networks and run pull to get interface up to date in case of restart From 696fe7e3731278810d89bc74dfca5a95c1c9ff39 Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Fri, 18 Feb 2022 15:30:33 -0500 Subject: [PATCH 2/2] fix test --- controllers/network_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/controllers/network_test.go b/controllers/network_test.go index 63177a67..a8a37943 100644 --- a/controllers/network_test.go +++ b/controllers/network_test.go @@ -7,6 +7,7 @@ import ( "github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" + "github.com/gravitl/netmaker/serverctl" "github.com/stretchr/testify/assert" ) @@ -300,4 +301,5 @@ func createNet() { if err != nil { logic.CreateNetwork(network) } + serverctl.InitializeCommsNetwork() }