From 31a7e7347328e15048e16145448372f3c43a417d Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Fri, 28 Oct 2022 17:02:22 +0530 Subject: [PATCH] add proxy to netmaker server --- logic/peers.go | 39 ++++++++++++++++++++++++++++++++++++ logic/server.go | 11 +++++++++++ logic/wireguard.go | 10 ++++++++++ main.go | 9 ++++++++- serverctl/serverctl.go | 45 ++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 113 insertions(+), 1 deletion(-) diff --git a/logic/peers.go b/logic/peers.go index 61eeb38b..42652271 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -19,6 +19,45 @@ import ( "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) +func GetPeersForProxy(node *models.Node) ([]wgtypes.PeerConfig, error) { + var peers []wgtypes.PeerConfig + var err error + currentPeers, err := GetNetworkNodes(node.Network) + if err != nil { + return peers, err + } + for _, peer := range currentPeers { + if peer.ID == node.ID { + //skip yourself + continue + } + pubkey, err := wgtypes.ParseKey(peer.PublicKey) + if err != nil { + logger.Log(1, "failed to parse node pub key: ", peer.ID) + continue + } + endpoint, err := net.ResolveUDPAddr("udp", fmt.Sprintf("%s:%d", node.Endpoint, node.ListenPort)) + if err != nil { + logger.Log(1, "failed to resolve udp addr for node: ", peer.ID, peer.Endpoint, err.Error()) + continue + } + allowedips := getNodeAllowedIPs(node, &peer) + var keepalive time.Duration + if node.PersistentKeepalive != 0 { + // set_keepalive + keepalive, _ = time.ParseDuration(strconv.FormatInt(int64(node.PersistentKeepalive), 10) + "s") + } + peers = append(peers, wgtypes.PeerConfig{ + PublicKey: pubkey, + Endpoint: endpoint, + AllowedIPs: allowedips, + PersistentKeepaliveInterval: &keepalive, + ReplaceAllowedIPs: true, + }) + } + return peers, nil +} + // GetPeerUpdate - gets a wireguard peer config for each peer of a node func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) { var peerUpdate models.PeerUpdate diff --git a/logic/server.go b/logic/server.go index 5ed2ddcd..51344760 100644 --- a/logic/server.go +++ b/logic/server.go @@ -14,10 +14,14 @@ import ( "github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/wireguard" + "github.com/gravitl/netmaker/nm-proxy/manager" "github.com/gravitl/netmaker/servercfg" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) +var ProxyStatus = "OFF" +var ProxyMgmChan = make(chan *manager.ManagerAction, 100) + // EnterpriseCheckFuncs - can be set to run functions for EE var EnterpriseCheckFuncs []func() @@ -173,6 +177,13 @@ func ServerJoin(networkSettings *models.Network) (models.Node, error) { return returnNode, err } + ProxyMgmChan <- &manager.ManagerAction{ + Action: manager.AddInterface, + Payload: manager.ManagerPayload{ + InterfaceName: node.Interface, + Peers: peers.Peers, + }, + } return *node, nil } diff --git a/logic/wireguard.go b/logic/wireguard.go index e85aee61..3120734b 100644 --- a/logic/wireguard.go +++ b/logic/wireguard.go @@ -9,6 +9,7 @@ import ( "github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/wireguard" + "github.com/gravitl/netmaker/nm-proxy/manager" "golang.zx2c4.com/wireguard/wgctrl" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) @@ -143,6 +144,15 @@ func setWGConfig(node *models.Node, peerupdate bool) error { err = wireguard.InitWireguard(node, privkey, peers.Peers) logger.Log(3, "finished setting wg config on server", node.Name) } + if ProxyStatus == "ON" { + ProxyMgmChan <- &manager.ManagerAction{ + Action: manager.AddInterface, + Payload: manager.ManagerPayload{ + InterfaceName: node.Interface, + Peers: peers.Peers, + }, + } + } return err } diff --git a/main.go b/main.go index d367ad2c..a5d79299 100644 --- a/main.go +++ b/main.go @@ -23,6 +23,7 @@ import ( "github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/mq" "github.com/gravitl/netmaker/netclient/ncutils" + nmproxy "github.com/gravitl/netmaker/nm-proxy" "github.com/gravitl/netmaker/servercfg" "github.com/gravitl/netmaker/serverctl" stunserver "github.com/gravitl/netmaker/stun-server" @@ -173,7 +174,13 @@ func startControllers() { } // starts the stun server go stunserver.Start() - + go nmproxy.Start(logic.ProxyMgmChan) + go func() { + err := serverctl.SyncServerNetworkWithProxy() + if err != nil { + logger.Log(0, "failed to sync proxy with server interfaces: ", err.Error()) + } + }() waitnetwork.Wait() } diff --git a/serverctl/serverctl.go b/serverctl/serverctl.go index 10613926..638ed30c 100644 --- a/serverctl/serverctl.go +++ b/serverctl/serverctl.go @@ -12,6 +12,7 @@ import ( "github.com/gravitl/netmaker/logic/acls/nodeacls" "github.com/gravitl/netmaker/logic/pro" "github.com/gravitl/netmaker/netclient/ncutils" + "github.com/gravitl/netmaker/nm-proxy/manager" "github.com/gravitl/netmaker/servercfg" ) @@ -55,6 +56,50 @@ func InitServerNetclient() error { return nil } +func SyncServerNetworkWithProxy() error { + networks, err := logic.GetNetworks() + if err != nil { + logger.Log(1, "error retrieving networks for keepalive", err.Error()) + } + for _, network := range networks { + serverNetworkSettings, err := logic.GetNetwork(network.NetID) + if err != nil { + continue + } + localnets, err := net.Interfaces() + if err != nil { + return err + } + ifaceExists := false + for _, localnet := range localnets { + if serverNetworkSettings.DefaultInterface == localnet.Name { + ifaceExists = true + } + } + if ifaceExists { + serverNode, err := logic.GetNetworkServerLocal(network.NetID) + if err != nil { + logger.Log(1, "failed to retrieve local server node: ", serverNode.ID) + continue + } + peers, err := logic.GetPeersForProxy(&serverNode) + if err != nil && !ncutils.IsEmptyRecord(err) { + logger.Log(1, "failed to retrieve peers for server node: ", serverNode.ID) + continue + } + logic.ProxyMgmChan <- &manager.ManagerAction{ + Action: manager.AddInterface, + Payload: manager.ManagerPayload{ + InterfaceName: serverNetworkSettings.DefaultInterface, + Peers: peers, + }, + } + } + + } + return nil +} + // SyncServerNetwork - ensures a wg interface and node exists for server func SyncServerNetwork(network string) error { serverNetworkSettings, err := logic.GetNetwork(network)