gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-14 09:04:44 +08:00
Code Issues Projects Releases Packages Wiki Activity

adding sync

Browse source
This commit is contained in:
afeiszli 2021-11-12 11:24:29 -05:00
parent c2948a3671
commit 5b3b6119ae
4 changed files with 75 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
logic/wireguard.go
View file

@ -45,30 +45,7 @@ func RemoveConf(iface string, printlog bool) error {
return err return err
} }
// == Private Methods == // Private Functions
func setWGConfig(node models.Node, network string, peerupdate bool) error {
node.SetID()
peers, hasGateway, gateways, err := GetServerPeers(node.MacAddress, node.Network, node.IsDualStack == "yes", node.IsIngressGateway == "yes")
if err != nil {
return err
}
privkey, err := FetchPrivKey(node.ID)
if err != nil {
return err
}
if peerupdate {
var iface string
iface = node.Interface
err = setServerPeers(iface, node.PersistentKeepalive, peers)
Log("updated peers on server "+node.Name, 2)
} else {
err = initWireguard(&node, privkey, peers, hasGateway, gateways)
Log("finished setting wg config on server "+node.Name, 3)
}
return err
}
func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, fwmark int32) error { func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, fwmark int32) error {
@ -290,7 +267,29 @@ func setServerPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) e
return nil return nil
} }
func setWGConfig(node models.Node) error { func setWGConfig(node models.Node, network string, peerupdate bool) error {
node.SetID()
peers, hasGateway, gateways, err := GetServerPeers(node.MacAddress, node.Network, node.IsDualStack == "yes", node.IsIngressGateway == "yes")
if err != nil {
return err
}
privkey, err := FetchPrivKey(node.ID)
if err != nil {
return err
}
if peerupdate {
var iface string = node.Interface
err = setServerPeers(iface, node.PersistentKeepalive, peers)
Log("updated peers on server "+node.Name, 2)
} else {
err = initWireguard(&node, privkey, peers, hasGateway, gateways, 0)
Log("finished setting wg config on server "+node.Name, 3)
}
return err
}
func setWGKeyConfig(node models.Node) error {
node.SetID() node.SetID()
privatekey, err := wgtypes.GeneratePrivateKey() privatekey, err := wgtypes.GeneratePrivateKey()

2
netclient/functions/join.go
View file

@ -220,7 +220,7 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
} }
ncutils.Log("starting wireguard") ncutils.Log("starting wireguard")
err = wireguard.InitWireguard(&node, privateKey, peers, hasGateway, gateways) err = wireguard.InitWireguard(&node, privateKey, peers, hasGateway, gateways, false)
if err != nil { if err != nil {
return err return err
} }

63
netclient/wireguard/common.go
View file

@ -6,7 +6,6 @@ import (
"log" "log"
"os" "os"
"os/exec" "os/exec"
"reflect"
"runtime" "runtime"
"strconv" "strconv"
"strings" "strings"
@ -47,7 +46,6 @@ func SetPeers(iface string, keepalive int32, peers []wgtypes.PeerConfig) error {
ncutils.PrintLog("no peers pulled", 1) ncutils.PrintLog("no peers pulled", 1)
return err return err
} }
PEERS:
for _, peer := range peers { for _, peer := range peers {
for _, currentPeer := range devicePeers { for _, currentPeer := range devicePeers {
@ -57,13 +55,7 @@ PEERS:
if err != nil { if err != nil {
log.Println("error removing peer", peer.Endpoint.String()) log.Println("error removing peer", peer.Endpoint.String())
} }
} else if currentPeer.PublicKey.String() == peer.PublicKey.String() &&
currentPeer.Endpoint.String() == peer.Endpoint.String() &&
reflect.DeepEqual(currentPeer.AllowedIPs, peer.AllowedIPs) {
continue PEERS
} }
} }
udpendpoint := peer.Endpoint.String() udpendpoint := peer.Endpoint.String()
var allowedips string var allowedips string
@ -110,7 +102,7 @@ PEERS:
} }
// Initializes a WireGuard interface // Initializes a WireGuard interface
func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string) error { func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, syncconf bool) error {
key, err := wgtypes.ParseKey(privkey) key, err := wgtypes.ParseKey(privkey)
if err != nil { if err != nil {
@ -126,7 +118,8 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
if err != nil { if err != nil {
return err return err
} }
fwmark := modcfg.FWMark fwmarkint32 := modcfg.FWMark
fwmarkint := int(fwmarkint32)
nodecfg := modcfg.Node nodecfg := modcfg.Node
servercfg := modcfg.Server servercfg := modcfg.Server
@ -174,6 +167,7 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
conf = wgtypes.Config{ conf = wgtypes.Config{
PrivateKey: &key, PrivateKey: &key,
ListenPort: &nodeport, ListenPort: &nodeport,
FirewallMark: &fwmarkint,
ReplacePeers: true, ReplacePeers: true,
Peers: peers, Peers: peers,
} }
@ -181,9 +175,9 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
if !ncutils.IsKernel() { if !ncutils.IsKernel() {
var newConf string var newConf string
if node.UDPHolePunch != "yes" { if node.UDPHolePunch != "yes" {
newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, fwmark, node.PersistentKeepalive, peers) newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, fwmarkint32, node.PersistentKeepalive, peers)
} else { } else {
newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), "", node.MTU, fwmark, node.PersistentKeepalive, peers) newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), "", node.MTU, fwmarkint32, node.PersistentKeepalive, peers)
} }
confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf" confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
ncutils.PrintLog("writing wg conf file to: "+confPath, 1) ncutils.PrintLog("writing wg conf file to: "+confPath, 1)
@ -200,16 +194,20 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
deviceiface = ifacename deviceiface = ifacename
} }
} }
d, _ := wgclient.Device(deviceiface) if syncconf {
for d != nil && d.Name == deviceiface { err = wgclient.ConfigureDevice(deviceiface, conf)
_ = RemoveConf(ifacename, false) // remove interface first } else {
time.Sleep(time.Second >> 2) d, _ := wgclient.Device(deviceiface)
d, _ = wgclient.Device(deviceiface) for d != nil && d.Name == deviceiface {
} _ = RemoveConf(ifacename, false) // remove interface first
err = ApplyConf(confPath) time.Sleep(time.Second >> 2)
if err != nil { d, _ = wgclient.Device(deviceiface)
ncutils.PrintLog("failed to create wireguard interface", 1) }
return err err = ApplyConf(confPath)
if err != nil {
ncutils.PrintLog("failed to create wireguard interface", 1)
return err
}
} }
} else { } else {
ipExec, err := exec.LookPath("ip") ipExec, err := exec.LookPath("ip")
@ -293,7 +291,7 @@ func SetWGConfig(network string, peerupdate bool) error {
if err != nil { if err != nil {
return err return err
} }
if peerupdate { if peerupdate && !ncutils.IsFreeBSD() {
var iface string var iface string
iface = nodecfg.Interface iface = nodecfg.Interface
if ncutils.IsMac() { if ncutils.IsMac() {
@ -303,8 +301,10 @@ func SetWGConfig(network string, peerupdate bool) error {
} }
} }
err = SetPeers(iface, nodecfg.PersistentKeepalive, peers) err = SetPeers(iface, nodecfg.PersistentKeepalive, peers)
} else if peerupdate {
err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways, true)
} else { } else {
err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways) err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways, false)
} }
return err return err
} }
@ -335,3 +335,18 @@ func ApplyConf(confPath string) error {
} }
return err return err
} }
// ApplyConf - applys a conf on disk to WireGuard interface
func SyncConf(confPath string) error {
os := runtime.GOOS
var err error
switch os {
/*
case "windows":
_ = SyncWindowsConf(confPath)
*/
default:
err = SyncWGQuickConf(confPath)
}
return err
}

19
netclient/wireguard/unix.go
View file

@ -2,6 +2,7 @@ package wireguard
import ( import (
"io/ioutil" "io/ioutil"
"github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/netclient/config" "github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/ncutils"
@ -50,18 +51,20 @@ func SetWGKeyConfig(network string, serveraddr string) error {
// ApplyWGQuickConf - applies wg-quick commands if os supports // ApplyWGQuickConf - applies wg-quick commands if os supports
func ApplyWGQuickConf(confPath string) error { func ApplyWGQuickConf(confPath string) error {
_, _ = ncutils.RunCmd("wg-quick down "+confPath, false) _, _ = ncutils.RunCmd("wg-quick down "+confPath, false)
if _, err := ncutils.RunCmd("wg-quick up "+confPath, false); err != nil { _, err := ncutils.RunCmd("wg-quick up "+confPath, false)
return err return err
} }
return nil
// ApplyWGQuickConf - applies wg-quick commands if os supports
func SyncWGQuickConf(confPath string) error {
_, err := ncutils.RunCmd("wg-quick down "+confPath, false)
return err
} }
// RemoveWGQuickConf - calls wg-quick down // RemoveWGQuickConf - calls wg-quick down
func RemoveWGQuickConf(confPath string, printlog bool) error { func RemoveWGQuickConf(confPath string, printlog bool) error {
if _, err := ncutils.RunCmd("wg-quick down "+confPath, printlog); err != nil { _, err := ncutils.RunCmd("wg-quick down "+confPath, printlog)
return err return err
}
return nil
} }
// StorePrivKey - stores wg priv key on disk locally // StorePrivKey - stores wg priv key on disk locally