mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-13 08:34:44 +08:00
updated helm charts
This commit is contained in:
afeiszli
parent
a39ef16394
commit
445df67030
10 changed files with 157 additions and 134 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
name: netmaker
|
name: netmaker
|
||||||
description: A Helm chart for Kubernetes
|
description: A Helm chart to run HA Netmaker on Kubernetes
|
||||||
|
|
||||||
# A chart can be either an 'application' or a 'library' chart.
|
# A chart can be either an 'application' or a 'library' chart.
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -1,28 +0,0 @@
|
||||||
{{- if .Values.autoscaling.enabled }}
|
|
||||||
apiVersion: autoscaling/v2beta1
|
|
||||||
kind: HorizontalPodAutoscaler
|
|
||||||
metadata:
|
|
||||||
name: {{ include "netmaker.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{- include "netmaker.labels" . | nindent 4 }}
|
|
||||||
spec:
|
|
||||||
scaleTargetRef:
|
|
||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
name: {{ include "netmaker.fullname" . }}
|
|
||||||
minReplicas: {{ .Values.autoscaling.minReplicas }}
|
|
||||||
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
|
|
||||||
metrics:
|
|
||||||
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
|
|
||||||
- type: Resource
|
|
||||||
resource:
|
|
||||||
name: cpu
|
|
||||||
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
|
|
||||||
- type: Resource
|
|
||||||
resource:
|
|
||||||
name: memory
|
|
||||||
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
@ -6,6 +6,7 @@
|
||||||
{{- $uiSvcPort := .Values.service.uiPort -}}
|
{{- $uiSvcPort := .Values.service.uiPort -}}
|
||||||
{{- $restSvcPort := .Values.service.restPort -}}
|
{{- $restSvcPort := .Values.service.restPort -}}
|
||||||
{{- $grpcSvcPort := .Values.service.grpcPort -}}
|
{{- $grpcSvcPort := .Values.service.grpcPort -}}
|
||||||
|
{{- $classname := required "A valid .Values.ingress.className entry required! Please set this to your ingress class (nginx, traefik)" .Values.ingress.className}}
|
||||||
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
||||||
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
||||||
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
||||||
|
|
@ -23,18 +24,29 @@ metadata:
|
||||||
name: {{ $fullUIName }}
|
name: {{ $fullUIName }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "netmaker.labels" . | nindent 4 }}
|
{{- include "netmaker.labels" . | nindent 4 }}
|
||||||
{{- with .Values.ingress.annotations }}
|
{{- with .Values.ingress }}
|
||||||
annotations:
|
annotations:
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml .annotations.base | nindent 4 }}
|
||||||
|
{{- if eq .className "nginx" }}
|
||||||
|
{{- toYaml .annotations.nginx | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if eq .className "traefik" }}
|
||||||
|
{{- toYaml .annotations.traefik | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .tls.enabled }}
|
||||||
|
{{- toYaml .annotations.tls | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||||
ingressClassName: {{ .Values.ingress.className }}
|
ingressClassName: {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.ingress.tls.enabled }}
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
|
- {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
|
||||||
secretName: {{ $fullUIName }}-tls-secret
|
secretName: {{ $fullUIName }}-tls-secret
|
||||||
|
{{- end}}
|
||||||
rules:
|
rules:
|
||||||
- host: {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
|
- host: {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
|
||||||
http:
|
http:
|
||||||
|
|
@ -66,18 +78,29 @@ metadata:
|
||||||
name: {{ $fullRESTName }}
|
name: {{ $fullRESTName }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "netmaker.labels" . | nindent 4 }}
|
{{- include "netmaker.labels" . | nindent 4 }}
|
||||||
{{- with .Values.ingress.annotations }}
|
{{- with .Values.ingress }}
|
||||||
annotations:
|
annotations:
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml .annotations.base | nindent 4 }}
|
||||||
|
{{- if eq .className "nginx" }}
|
||||||
|
{{- toYaml .annotations.nginx | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if eq .className "traefik" }}
|
||||||
|
{{- toYaml .annotations.traefik | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .tls.enabled }}
|
||||||
|
{{- toYaml .annotations.tls | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||||
ingressClassName: {{ .Values.ingress.className }}
|
ingressClassName: {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.ingress.tls.enabled }}
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
|
- {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
|
||||||
secretName: {{ $fullRESTName }}-tls-secret
|
secretName: {{ $fullRESTName }}-tls-secret
|
||||||
|
{{- end }}
|
||||||
rules:
|
rules:
|
||||||
- host: {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
|
- host: {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
|
||||||
http:
|
http:
|
||||||
|
|
@ -109,18 +132,31 @@ metadata:
|
||||||
name: {{ $fullGRPCName }}
|
name: {{ $fullGRPCName }}
|
||||||
labels:
|
labels:
|
||||||
{{- include "netmaker.labels" . | nindent 4 }}
|
{{- include "netmaker.labels" . | nindent 4 }}
|
||||||
{{- with .Values.ingress.grpcAnnotations }}
|
{{- with .Values.ingress }}
|
||||||
annotations:
|
annotations:
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml .annotations.base | nindent 4 }}
|
||||||
|
{{- if eq .className "nginx" }}
|
||||||
|
{{- toYaml .annotations.nginx | nindent 4 }}
|
||||||
|
{{- toYaml .annotations.grpc.nginx | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if eq .className "traefik" }}
|
||||||
|
{{- toYaml .annotations.traefik | nindent 4 }}
|
||||||
|
{{- toYaml .annotations.grpc.traefik | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .tls.enabled }}
|
||||||
|
{{- toYaml .annotations.tls | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||||
ingressClassName: {{ .Values.ingress.className }}
|
ingressClassName: {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- if .Values.ingress.tls.enabled }}
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
|
- {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
|
||||||
secretName: {{ $fullGRPCName }}-tls-secret
|
secretName: {{ $fullGRPCName }}-tls-secret
|
||||||
|
{{- end }}
|
||||||
rules:
|
rules:
|
||||||
- host: {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
|
- host: {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
|
||||||
http:
|
http:
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,6 @@ spec:
|
||||||
app: {{ include "netmaker.fullname" . }}
|
app: {{ include "netmaker.fullname" . }}
|
||||||
spec:
|
spec:
|
||||||
{{- if .Values.wireguard.enabled }}
|
{{- if .Values.wireguard.enabled }}
|
||||||
hostNetwork: true
|
|
||||||
dnsPolicy: ClusterFirstWithHostNet
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
|
|
@ -96,10 +95,17 @@ spec:
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
name: {{ include "netmaker.fullname" . }}
|
name: {{ include "netmaker.fullname" . }}
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8081
|
- containerPort: {{ .Values.service.restPort }}
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- containerPort: 443
|
- containerPort: {{ .Values.service.grpcPort }}
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
{{- if .Values.wireguard.enabled }}
|
||||||
|
{{ $count := (add .Values.wireguard.networkLimit 1 | int) }}
|
||||||
|
{{- range untilStep 1 $count 1 }}
|
||||||
|
- containerPort: {{ add 31820 . }}
|
||||||
|
protocol: UDP
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
resources: {}
|
resources: {}
|
||||||
{{- if .Values.wireguard.enabled }}
|
{{- if .Values.wireguard.enabled }}
|
||||||
securityContext:
|
securityContext:
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,7 @@ spec:
|
||||||
- name: rest
|
- name: rest
|
||||||
port: {{ .Values.service.restPort }}
|
port: {{ .Values.service.restPort }}
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
targetPort: {{ .Values.service.restPort }}
|
targetPort: {{ .Values.service.grpcPort }}
|
||||||
selector:
|
selector:
|
||||||
app: '{{ include "netmaker.fullname" . }}'
|
app: '{{ include "netmaker.fullname" . }}'
|
||||||
sessionAffinity: None
|
sessionAffinity: None
|
||||||
|
|
@ -46,4 +46,27 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: '{{ include "netmaker.fullname" . }}'
|
app: '{{ include "netmaker.fullname" . }}'
|
||||||
sessionAffinity: None
|
sessionAffinity: None
|
||||||
type: {{ .Values.service.type }}
|
type: {{ .Values.service.type }}
|
||||||
|
{{- if .Values.wireguard.enabled }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{- include "netmaker.labels" . | nindent 4 }}
|
||||||
|
name: '{{ include "netmaker.fullname" . }}-wireguard'
|
||||||
|
spec:
|
||||||
|
externalTrafficPolicy: Local
|
||||||
|
type: NodePort
|
||||||
|
ports:
|
||||||
|
{{ $count := (add .Values.wireguard.networkLimit 1 | int) }}
|
||||||
|
{{- range untilStep 1 $count 1 }}
|
||||||
|
- port: {{ add 31820 . }}
|
||||||
|
nodePort: {{ add 31820 . }}
|
||||||
|
protocol: UDP
|
||||||
|
targetPort: {{ add 31820 . }}
|
||||||
|
name: wg-iface-{{ add 31820 . }}
|
||||||
|
{{- end }}
|
||||||
|
selector:
|
||||||
|
app: '{{ include "netmaker.fullname" . }}'
|
||||||
|
{{- end }}
|
||||||
|
|
@ -2,113 +2,115 @@
|
||||||
# This is a YAML-formatted file.
|
# This is a YAML-formatted file.
|
||||||
# Declare variables to be passed into your templates.
|
# Declare variables to be passed into your templates.
|
||||||
|
|
||||||
|
# -- number of netmaker server replicas to create
|
||||||
replicas: 3
|
replicas: 3
|
||||||
|
|
||||||
image:
|
image:
|
||||||
|
# -- The image repo to pull Netmaker image from
|
||||||
repository: gravitl/netmaker
|
repository: gravitl/netmaker
|
||||||
|
# -- Pull Policy for images
|
||||||
pullPolicy: Always
|
pullPolicy: Always
|
||||||
# Overrides the image tag whose default is the chart appVersion.
|
# -- Override the image tag to pull
|
||||||
tag: "v0.8.4"
|
tag: "v0.8.4"
|
||||||
|
|
||||||
imagePullSecrets: []
|
# -- override the name for netmaker objects
|
||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
|
|
||||||
|
# -- override the full name for netmaker objects
|
||||||
fullnameOverride: ""
|
fullnameOverride: ""
|
||||||
|
|
||||||
serviceAccount:
|
serviceAccount:
|
||||||
# Specifies whether a service account should be created
|
# -- Specifies whether a service account should be created
|
||||||
create: true
|
create: true
|
||||||
# Annotations to add to the service account
|
# -- Annotations to add to the service account
|
||||||
annotations: {}
|
annotations: {}
|
||||||
# The name of the service account to use.
|
# -- Name of SA to use. If not set and create is true, a name is generated using the fullname template
|
||||||
# If not set and create is true, a name is generated using the fullname template
|
|
||||||
name: ""
|
name: ""
|
||||||
|
|
||||||
|
# -- pod annotations to add
|
||||||
podAnnotations: {}
|
podAnnotations: {}
|
||||||
|
|
||||||
|
# -- pod security contect to add
|
||||||
podSecurityContext: {}
|
podSecurityContext: {}
|
||||||
# fsGroup: 2000
|
# fsGroup: 2000
|
||||||
|
|
||||||
isKernel: false
|
|
||||||
isClient: true
|
|
||||||
|
|
||||||
ui:
|
ui:
|
||||||
|
# -- how many UI replicas to create
|
||||||
replicas: 2
|
replicas: 2
|
||||||
|
|
||||||
securityContext: {}
|
|
||||||
# capabilities:
|
|
||||||
# drop:
|
|
||||||
# - ALL
|
|
||||||
# readOnlyRootFilesystem: true
|
|
||||||
# runAsNonRoot: true
|
|
||||||
# runAsUser: 1000
|
|
||||||
|
|
||||||
service:
|
service:
|
||||||
|
# -- type for netmaker server services
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
|
# -- port for API service
|
||||||
restPort: 8081
|
restPort: 8081
|
||||||
|
# -- port for GRPC service
|
||||||
grpcPort: 443
|
grpcPort: 443
|
||||||
|
# -- port for UI service
|
||||||
uiPort: 80
|
uiPort: 80
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
|
# -- attempts to configure ingress if true
|
||||||
enabled: false
|
enabled: false
|
||||||
className: ""
|
tls:
|
||||||
|
enabled: true
|
||||||
annotations:
|
annotations:
|
||||||
kubernetes.io/ingress.class: nginx
|
base:
|
||||||
kubernetes.io/tls-acme: "true"
|
# -- annotation to generate ACME certs if available
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
tls:
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
|
kubernetes.io/tls-acme: "true"
|
||||||
grpcAnnotations:
|
# -- LE issuer name
|
||||||
kubernetes.io/ingress.class: nginx
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||||
kubernetes.io/tls-acme: "true"
|
# -- Block HTTP requests
|
||||||
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
|
nginx:
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
# -- Redirect http to https
|
||||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
|
# -- destination addr for route
|
||||||
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
traefik:
|
||||||
|
# -- Redirect to https
|
||||||
|
traefik.ingress.kubernetes.io/redirect-entry-point: https
|
||||||
|
# -- Redirect to https permanently
|
||||||
|
traefik.ingress.kubernetes.io/redirect-permanent: "true"
|
||||||
|
# -- rule type
|
||||||
|
traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip"
|
||||||
|
grpc:
|
||||||
|
nginx:
|
||||||
|
# -- annotation to use grpc protocol on grpc domain
|
||||||
|
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
|
||||||
|
traefik:
|
||||||
|
# -- annotation to use grpc protocol on grpc domain
|
||||||
|
ingress.kubernetes.io/protocol: "h2c"
|
||||||
hostPrefix:
|
hostPrefix:
|
||||||
|
# -- ui route subdomain
|
||||||
ui: 'dashboard.'
|
ui: 'dashboard.'
|
||||||
|
# -- api (REST) route subdomain
|
||||||
rest: 'api.'
|
rest: 'api.'
|
||||||
|
# -- grpc route subdomain
|
||||||
grpc: 'grpc.'
|
grpc: 'grpc.'
|
||||||
|
|
||||||
resources: {}
|
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
||||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
||||||
# limits:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
# requests:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
|
|
||||||
wireguard:
|
wireguard:
|
||||||
|
# -- whether or not to use WireGuard on server
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# -- whether or not to use Kernel WG (should be false unless WireGuard is installed on hosts).
|
||||||
kernel: false
|
kernel: false
|
||||||
|
# -- max number of networks that Netmaker will support if running with WireGuard enabled
|
||||||
|
networkLimit: 10
|
||||||
|
|
||||||
dns:
|
dns:
|
||||||
|
# -- whether or not to run with DNS (CoreDNS)
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# -- volume size for DNS (only needs to hold one file)
|
||||||
storageSize: 128Mi
|
storageSize: 128Mi
|
||||||
|
|
||||||
postgresql-ha:
|
postgresql-ha:
|
||||||
postgresql:
|
postgresql:
|
||||||
|
# -- postgres user to generate
|
||||||
username: netmaker
|
username: netmaker
|
||||||
|
# -- postgres pass to generate
|
||||||
password: netmaker
|
password: netmaker
|
||||||
|
# -- postgress db to generate
|
||||||
database: netmaker
|
database: netmaker
|
||||||
persistence:
|
persistence:
|
||||||
|
# -- size of postgres DB
|
||||||
size: 3Gi
|
size: 3Gi
|
||||||
|
|
||||||
autoscaling:
|
|
||||||
enabled: false
|
|
||||||
minReplicas: 1
|
|
||||||
maxReplicas: 100
|
|
||||||
targetCPUUtilizationPercentage: 80
|
|
||||||
# targetMemoryUtilizationPercentage: 80
|
|
||||||
|
|
||||||
netmakerUI:
|
|
||||||
|
|
||||||
|
|
||||||
nodeSelector: {}
|
|
||||||
|
|
||||||
tolerations: []
|
|
||||||
|
|
||||||
affinity: {}
|
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ import (
|
||||||
|
|
||||||
// KUBERNETES_LISTEN_PORT - starting port for Kubernetes in order to use NodePort range
|
// KUBERNETES_LISTEN_PORT - starting port for Kubernetes in order to use NodePort range
|
||||||
const KUBERNETES_LISTEN_PORT = 31821
|
const KUBERNETES_LISTEN_PORT = 31821
|
||||||
|
const KUBERNETES_SERVER_MTU = 1024
|
||||||
|
|
||||||
// ServerJoin - responsible for joining a server to a network
|
// ServerJoin - responsible for joining a server to a network
|
||||||
func ServerJoin(network string, serverID string, privateKey string) error {
|
func ServerJoin(network string, serverID string, privateKey string) error {
|
||||||
|
|
@ -36,10 +37,12 @@ func ServerJoin(network string, serverID string, privateKey string) error {
|
||||||
MacAddress: serverID,
|
MacAddress: serverID,
|
||||||
UDPHolePunch: "no",
|
UDPHolePunch: "no",
|
||||||
}
|
}
|
||||||
|
node.SetDefaults()
|
||||||
|
|
||||||
if servercfg.GetPlatform() == "Kubernetes" {
|
if servercfg.GetPlatform() == "Kubernetes" {
|
||||||
node.ListenPort = KUBERNETES_LISTEN_PORT
|
node.ListenPort = KUBERNETES_LISTEN_PORT
|
||||||
|
node.MTU = KUBERNETES_SERVER_MTU
|
||||||
}
|
}
|
||||||
node.SetDefaults()
|
|
||||||
|
|
||||||
if node.LocalRange != "" && node.LocalAddress == "" {
|
if node.LocalRange != "" && node.LocalAddress == "" {
|
||||||
Log("local vpn, getting local address from range: "+node.LocalRange, 1)
|
Log("local vpn, getting local address from range: "+node.LocalRange, 1)
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ func Join(cfg config.ClientConfig, privateKey string) error {
|
||||||
}
|
}
|
||||||
if cfg.Daemon != "off" {
|
if cfg.Daemon != "off" {
|
||||||
if ncutils.IsLinux() {
|
if ncutils.IsLinux() {
|
||||||
err = daemon.RemoveSystemDServices(cfg.Network)
|
err = daemon.RemoveSystemDServices()
|
||||||
}
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ncutils.PrintLog("error removing services: "+err.Error(), 1)
|
ncutils.PrintLog("error removing services: "+err.Error(), 1)
|
||||||
|
|
|
||||||
|
|
@ -98,30 +98,17 @@ WantedBy=timers.target
|
||||||
}
|
}
|
||||||
|
|
||||||
// RemoveSystemDServices - removes the systemd services on a machine
|
// RemoveSystemDServices - removes the systemd services on a machine
|
||||||
func RemoveSystemDServices(network string) error {
|
func RemoveSystemDServices() error {
|
||||||
//sysExec, err := exec.LookPath("systemctl")
|
//sysExec, err := exec.LookPath("systemctl")
|
||||||
if !ncutils.IsWindows() {
|
var err error
|
||||||
fullremove, err := isOnlyService(network)
|
if !ncutils.IsWindows() && isOnlyService() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
}
|
}
|
||||||
|
_, err = ncutils.RunCmd("systemctl disable netclient.service", true)
|
||||||
if fullremove {
|
_, err = ncutils.RunCmd("systemctl disable netclient.timer", true)
|
||||||
_, err = ncutils.RunCmd("systemctl disable netclient.service", true)
|
err = os.Remove("/etc/systemd/system/netclient.service")
|
||||||
}
|
err = os.Remove("/etc/systemd/system/netclient.timer")
|
||||||
_, _ = ncutils.RunCmd("systemctl daemon-reload", true)
|
|
||||||
|
|
||||||
if ncutils.FileExists("/etc/systemd/system/netclient.timer") {
|
|
||||||
_, _ = ncutils.RunCmd("systemctl disable netclient.timer", true)
|
|
||||||
}
|
|
||||||
if fullremove {
|
|
||||||
if ncutils.FileExists("/etc/systemd/system/netclient.service") {
|
|
||||||
err = os.Remove("/etc/systemd/system/netclient.service")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ncutils.FileExists("/etc/systemd/system/netclient.timer") {
|
|
||||||
err = os.Remove("/etc/systemd/system/netclient.timer")
|
|
||||||
}
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println("Error removing file. Please investigate.")
|
log.Println("Error removing file. Please investigate.")
|
||||||
log.Println(err)
|
log.Println(err)
|
||||||
|
|
@ -132,16 +119,10 @@ func RemoveSystemDServices(network string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func isOnlyService(network string) (bool, error) {
|
func isOnlyService() bool {
|
||||||
isonly := false
|
|
||||||
files, err := filepath.Glob("/etc/netclient/config/netconfig-*")
|
files, err := filepath.Glob("/etc/netclient/config/netconfig-*")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return isonly, err
|
return false
|
||||||
}
|
}
|
||||||
count := len(files)
|
return len(files) == 0
|
||||||
if count == 0 {
|
|
||||||
isonly = true
|
|
||||||
}
|
|
||||||
return isonly, err
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -229,7 +229,7 @@ func RemoveLocalInstance(cfg *config.ClientConfig, networkName string) error {
|
||||||
} else if ncutils.IsMac() {
|
} else if ncutils.IsMac() {
|
||||||
//TODO: Delete mac daemon
|
//TODO: Delete mac daemon
|
||||||
} else {
|
} else {
|
||||||
err = daemon.RemoveSystemDServices(networkName)
|
err = daemon.RemoveSystemDServices()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue