mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 23:36:18 +08:00
saving to work on linux
This commit is contained in:
parent
56ee112d1b
commit
437955ab90
|
@ -66,6 +66,7 @@ type ServerConfig struct {
|
|||
ClientID string `yaml:"clientid"`
|
||||
ClientSecret string `yaml:"clientsecret"`
|
||||
FrontendURL string `yaml:"frontendurl"`
|
||||
DisplayKeys string `yaml:"displaykeys"`
|
||||
}
|
||||
|
||||
// Generic SQL Config
|
||||
|
|
|
@ -20,6 +20,8 @@ import (
|
|||
|
||||
const ALL_NETWORK_ACCESS = "THIS_USER_HAS_ALL"
|
||||
const NO_NETWORKS_PRESENT = "THIS_USER_HAS_NONE"
|
||||
const PLACEHOLDER_KEY_TEXT = "ACCESS_KEY"
|
||||
const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN"
|
||||
|
||||
func networkHandlers(r *mux.Router) {
|
||||
r.HandleFunc("/api/networks", securityCheck(false, http.HandlerFunc(getNetworks))).Methods("GET")
|
||||
|
@ -572,6 +574,9 @@ func getAccessKeys(w http.ResponseWriter, r *http.Request) {
|
|||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
if !servercfg.IsDisplayKeys() {
|
||||
keys = RemoveKeySensitiveInfo(keys)
|
||||
}
|
||||
functions.PrintUserLog(r.Header.Get("user"), "fetched access keys on network "+network, 2)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(keys)
|
||||
|
@ -633,3 +638,13 @@ func DeleteKey(keyname, netname string) error {
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
func RemoveKeySensitiveInfo(keys []models.AccessKey) []models.AccessKey {
|
||||
var returnKeys []models.AccessKey
|
||||
for _, key := range keys {
|
||||
key.Value = PLACEHOLDER_KEY_TEXT
|
||||
key.AccessString = PLACEHOLDER_TOKEN_TEXT
|
||||
returnKeys = append(returnKeys, key)
|
||||
}
|
||||
return returnKeys
|
||||
}
|
||||
|
|
|
@ -93,6 +93,16 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
|
|||
Log("error writing wg conf file to "+confPath+": "+err.Error(), 1)
|
||||
return err
|
||||
}
|
||||
if ncutils.IsWindows() {
|
||||
wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
|
||||
Log("writing wg conf file to: "+confPath, 1)
|
||||
err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
|
||||
if err != nil {
|
||||
Log("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
|
||||
return err
|
||||
}
|
||||
confPath = wgConfPath
|
||||
}
|
||||
// spin up userspace + apply the conf file
|
||||
var deviceiface = ifacename
|
||||
d, _ := wgclient.Device(deviceiface)
|
||||
|
|
|
@ -31,6 +31,7 @@ type Node struct {
|
|||
Address6 string `json:"address6" bson:"address6" yaml:"address6" validate:"omitempty,ipv6"`
|
||||
LocalAddress string `json:"localaddress" bson:"localaddress" yaml:"localaddress" validate:"omitempty,ip"`
|
||||
Name string `json:"name" bson:"name" yaml:"name" validate:"omitempty,max=32,in_charset"`
|
||||
NetworkSettings Network `json:"networksettings" bson:"networksettings" yaml:"networksettings"`
|
||||
ListenPort int32 `json:"listenport" bson:"listenport" yaml:"listenport" validate:"omitempty,numeric,min=1024,max=65535"`
|
||||
PublicKey string `json:"publickey" bson:"publickey" yaml:"publickey" validate:"required,base64"`
|
||||
Endpoint string `json:"endpoint" bson:"endpoint" yaml:"endpoint" validate:"required,ip"`
|
||||
|
@ -204,7 +205,7 @@ func (node *Node) SetDefaultName() {
|
|||
}
|
||||
}
|
||||
|
||||
func (newNode *Node) Fill(currentNode *Node) {
|
||||
func (newNode *Node) Fill(currentNode *Node, nodeNetwork *Network) {
|
||||
if newNode.ID == "" {
|
||||
newNode.ID = currentNode.ID
|
||||
}
|
||||
|
@ -350,6 +351,7 @@ func (newNode *Node) Fill(currentNode *Node) {
|
|||
if newNode.IsRelayed == "" {
|
||||
newNode.IsRelayed = currentNode.IsRelayed
|
||||
}
|
||||
newNode.NetworkSettings = *nodeNetwork
|
||||
}
|
||||
|
||||
func StringWithCharset(length int, charset string) string {
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
package ncutils
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
@ -16,7 +15,6 @@ import (
|
|||
"runtime"
|
||||
"strconv"
|
||||
"strings"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"golang.zx2c4.com/wireguard/wgctrl"
|
||||
|
@ -37,6 +35,9 @@ const LINUX_APP_DATA_PATH = "/etc/netclient"
|
|||
// WINDOWS_APP_DATA_PATH - windows path
|
||||
const WINDOWS_APP_DATA_PATH = "C:\\ProgramData\\Netclient"
|
||||
|
||||
// WINDOWS_APP_DATA_PATH - windows path
|
||||
const WINDOWS_WG_DATA_PATH = "C:\\Program Files\\WireGuard\\Data\\Configurations"
|
||||
|
||||
// WINDOWS_SVC_NAME - service name
|
||||
const WINDOWS_SVC_NAME = "netclient"
|
||||
|
||||
|
@ -337,6 +338,15 @@ func GetNetclientPathSpecific() string {
|
|||
}
|
||||
}
|
||||
|
||||
// GetNetclientPathSpecific - gets specific netclient config path
|
||||
func GetWGPathSpecific() string {
|
||||
if IsWindows() {
|
||||
return WINDOWS_WG_DATA_PATH + "\\"
|
||||
} else {
|
||||
return "/etc/wireguard/"
|
||||
}
|
||||
}
|
||||
|
||||
// GRPCRequestOpts - gets grps request opts
|
||||
func GRPCRequestOpts(isSecure string) grpc.DialOption {
|
||||
var requestOpts grpc.DialOption
|
||||
|
@ -379,6 +389,19 @@ func Copy(src, dst string) error {
|
|||
}
|
||||
|
||||
// RunCmd - runs a local command
|
||||
func RunCmd(command string, printerr bool) (string, error) {
|
||||
args := strings.Fields(command)
|
||||
cmd := exec.Command(args[0], args[1:]...)
|
||||
cmd.Wait()
|
||||
out, err := cmd.CombinedOutput()
|
||||
if err != nil && printerr {
|
||||
log.Println("error running command:", command)
|
||||
log.Println(strings.TrimSuffix(string(out), "\n"))
|
||||
}
|
||||
return string(out), err
|
||||
}
|
||||
|
||||
/* new version - cant build on windows
|
||||
func RunCmd(command string, printerr bool) (string, error) {
|
||||
args := strings.Fields(command)
|
||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second)
|
||||
|
@ -396,6 +419,7 @@ func RunCmd(command string, printerr bool) (string, error) {
|
|||
}
|
||||
return string(out), err
|
||||
}
|
||||
*/
|
||||
|
||||
// RunsCmds - runs cmds
|
||||
func RunCmds(commands []string, printerr bool) error {
|
||||
|
|
|
@ -186,6 +186,16 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
|
|||
ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
|
||||
return err
|
||||
}
|
||||
if ncutils.IsWindows() {
|
||||
wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
|
||||
ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
|
||||
err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
|
||||
if err != nil {
|
||||
ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
|
||||
return err
|
||||
}
|
||||
confPath = wgConfPath
|
||||
}
|
||||
// spin up userspace / windows interface + apply the conf file
|
||||
var deviceiface string
|
||||
if ncutils.IsMac() {
|
||||
|
@ -270,6 +280,13 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
|
|||
}
|
||||
}
|
||||
|
||||
//extra network route setting required for freebsd and windows
|
||||
if ncutils.IsWindows() {
|
||||
_, _ = ncutils.RunCmd("route add -net "+subnet+" -interface "+ifacename, true)
|
||||
} else if ncutils.IsFreeBSD() {
|
||||
_, _ = ncutils.RunCmd(ipExec+" -4 route add "+gateway+" dev "+ifacename, true)
|
||||
}
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
|
|
|
@ -54,6 +54,10 @@ func GetServerConfig() config.ServerConfig {
|
|||
if IsDNSMode() {
|
||||
cfg.DNSMode = "on"
|
||||
}
|
||||
cfg.DisplayKeys = "off"
|
||||
if IsDisplayKeys() {
|
||||
cfg.DisplayKeys = "on"
|
||||
}
|
||||
cfg.GRPCSSL = "off"
|
||||
if IsGRPCSSL() {
|
||||
cfg.GRPCSSL = "on"
|
||||
|
@ -323,6 +327,21 @@ func IsDNSMode() bool {
|
|||
return isdns
|
||||
}
|
||||
|
||||
// IsDisplayKeys - should server be able to display keys?
|
||||
func IsDisplayKeys() bool {
|
||||
isdisplay := true
|
||||
if os.Getenv("DISPLAY_KEYS") != "" {
|
||||
if os.Getenv("DISPLAY_KEYS") == "off" {
|
||||
isdisplay = false
|
||||
}
|
||||
} else if config.Config.Server.DisplayKeys != "" {
|
||||
if config.Config.Server.DisplayKeys == "off" {
|
||||
isdisplay = false
|
||||
}
|
||||
}
|
||||
return isdisplay
|
||||
}
|
||||
|
||||
// IsGRPCSSL - ssl grpc on or off
|
||||
func IsGRPCSSL() bool {
|
||||
isssl := false
|
||||
|
|
Loading…
Reference in a new issue