From 7152f6ccd4f048eefa106ce9927bc609b37e4429 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Thu, 21 Apr 2022 15:53:44 -0400 Subject: [PATCH] remove references to grpc/comms net --- compose/docker-compose.contained.yml | 4 - compose/docker-compose.hostnetwork.yml | 6 -- compose/docker-compose.nocaddy.yml | 5 -- compose/docker-compose.nodns.yml | 5 -- compose/docker-compose.reference.yml | 9 +- compose/docker-compose.yml | 5 -- config/config.go | 5 -- config/environments/dev.yaml | 2 - controllers/config/dnsconfig/netmaker.hosts | 3 +- controllers/config/environments/dev.yaml | 1 - controllers/network.go | 10 --- controllers/network_test.go | 2 - controllers/node.go | 14 --- controllers/user.go | 25 ------ docker/Caddyfile | 4 - kube/components/netmaker-api.yaml | 10 --- kube/components/netmaker-backend.yaml | 11 --- kube/components/netmaker-template.yaml.backup | 10 --- kube/netmaker-template-udp.yaml | 8 -- kube/netmaker-template.yaml | 8 -- logic/accesskeys.go | 6 +- logic/jwts.go | 2 +- logic/nodes.go | 5 -- main.go | 66 +------------- models/accessToken.go | 6 +- models/intclient.go | 1 - models/structs.go | 4 +- mq/publishers.go | 4 +- netclient/cli_options/cmds.go | 4 - netclient/cli_options/flags.go | 12 --- netclient/command/commands.go | 4 - netclient/config/config.go | 25 +----- netclient/functions/daemon.go | 4 +- netclient/functions/join.go | 2 +- netclient/functions/list.go | 53 ----------- netclient/ncutils/netclientutils.go | 14 --- netclient/wireguard/common.go | 10 +-- nginx/netmaker-nginx-template.conf | 17 ---- scripts/install-netmaker.sh | 1 - scripts/netmaker-server.sh | 1 - scripts/token-convert.sh | 3 +- servercfg/serverconf.go | 88 +------------------ serverctl/serverctl.go | 43 --------- test/config/environments/dev.yaml | 1 - 44 files changed, 25 insertions(+), 498 deletions(-) diff --git a/compose/docker-compose.contained.yml b/compose/docker-compose.contained.yml index 88c6d434..67d21f26 100644 --- a/compose/docker-compose.contained.yml +++ b/compose/docker-compose.contained.yml @@ -20,14 +20,10 @@ services: SERVER_NAME: "broker.NETMAKER_BASE_DOMAIN" SERVER_HOST: "SERVER_PUBLIC_IP" SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443" - SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443" COREDNS_ADDR: "SERVER_PUBLIC_IP" - GRPC_SSL: "on" DNS_MODE: "on" SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN" - SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN" API_PORT: "8081" - GRPC_PORT: "50051" CLIENT_MODE: "on" MASTER_KEY: "REPLACE_MASTER_KEY" CORS_ALLOWED_ORIGIN: "*" diff --git a/compose/docker-compose.hostnetwork.yml b/compose/docker-compose.hostnetwork.yml index 6c315a67..0c93fdce 100644 --- a/compose/docker-compose.hostnetwork.yml +++ b/compose/docker-compose.hostnetwork.yml @@ -18,24 +18,18 @@ services: environment: SERVER_HOST: "SERVER_PUBLIC_IP" SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443" - SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443" COREDNS_ADDR: "SERVER_PUBLIC_IP" - GRPC_SSL: "on" DNS_MODE: "on" SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN" - SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN" API_PORT: "8081" - GRPC_PORT: "50051" CLIENT_MODE: "on" MASTER_KEY: "REPLACE_MASTER_KEY" - SERVER_GRPC_WIREGUARD: "off" CORS_ALLOWED_ORIGIN: "*" DISPLAY_KEYS: "on" DATABASE: "sqlite" HOST_NETWORK: "on" NODE_ID: "netmaker-server-1" MANAGE_IPTABLES: "on" - PORT_FORWARD_SERVICES: "" VERBOSITY: "1" netmaker-ui: container_name: netmaker-ui diff --git a/compose/docker-compose.nocaddy.yml b/compose/docker-compose.nocaddy.yml index 66cbf2ac..db014f34 100644 --- a/compose/docker-compose.nocaddy.yml +++ b/compose/docker-compose.nocaddy.yml @@ -18,14 +18,10 @@ services: environment: SERVER_HOST: "SERVER_PUBLIC_IP" SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443" - SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443" COREDNS_ADDR: "SERVER_PUBLIC_IP" - GRPC_SSL: "on" DNS_MODE: "on" SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN" - SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN" API_PORT: "8081" - GRPC_PORT: "50051" CLIENT_MODE: "on" MASTER_KEY: "REPLACE_MASTER_KEY" CORS_ALLOWED_ORIGIN: "*" @@ -35,7 +31,6 @@ services: MQ_HOST: "mq" HOST_NETWORK: "off" MANAGE_IPTABLES: "on" - PORT_FORWARD_SERVICES: "mq" VERBOSITY: "1" ports: - "51821-51830:51821-51830/udp" diff --git a/compose/docker-compose.nodns.yml b/compose/docker-compose.nodns.yml index c42ff4fe..6415b576 100644 --- a/compose/docker-compose.nodns.yml +++ b/compose/docker-compose.nodns.yml @@ -18,14 +18,10 @@ services: environment: SERVER_HOST: "SERVER_PUBLIC_IP" SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443" - SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443" COREDNS_ADDR: "SERVER_PUBLIC_IP" - GRPC_SSL: "on" DNS_MODE: "off" SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN" - SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN" API_PORT: "8081" - GRPC_PORT: "50051" CLIENT_MODE: "on" MASTER_KEY: "REPLACE_MASTER_KEY" CORS_ALLOWED_ORIGIN: "*" @@ -35,7 +31,6 @@ services: MQ_HOST: "mq" HOST_NETWORK: "off" MANAGE_IPTABLES: "on" - PORT_FORWARD_SERVICES: "mq" VERBOSITY: "1" ports: - "51821-51830:51821-51830/udp" diff --git a/compose/docker-compose.reference.yml b/compose/docker-compose.reference.yml index a2ac290f..e57efac1 100644 --- a/compose/docker-compose.reference.yml +++ b/compose/docker-compose.reference.yml @@ -16,23 +16,18 @@ services: restart: always network_mode: host # Must configure with very particular settngs for host networking to work. Do not just set on! environment: - SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host. - SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks. - SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks. + SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set the HTTP host. + SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP available via different interfaces/networks. API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui. - GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes. CLIENT_MODE: "on" # on if netmaker should run its own client, off if not. MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation. CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from. REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off. - AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off. DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file. DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default. - GRPC_SSL: "off" # Tells clients to use SSL to connect to GRPC. Switch to on to turn on. COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST DISPLAY_KEYS: "on" # Show keys permanently in UI (until deleted) as opposed to 1-time display. SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT - SERVER_GRPC_CONN_STRING: "" # Changes the grpc connection string. IP:PORT format. By default is empty and uses SERVER_HOST:GRPC_PORT RCE: "off" # Enables setting PostUp and PostDown (arbitrary commands) on nodes from the server. Off by default. NODE_ID: "" # Sets the name/id of the nodes that the server creates. Necessary for HA configurations to identify between servers (for instance, netmaker-1, netmaker-2, etc). For non-HA deployments, is not necessary. TELEMETRY: "on" # Whether or not to send telemetry data to help improve Netmaker. Switch to "off" to opt out of sending telemetry. diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index c0c8be75..c30ec788 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -18,14 +18,10 @@ services: environment: SERVER_HOST: "SERVER_PUBLIC_IP" SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443" - SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443" COREDNS_ADDR: "SERVER_PUBLIC_IP" - GRPC_SSL: "on" DNS_MODE: "on" SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN" - SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN" API_PORT: "8081" - GRPC_PORT: "50051" CLIENT_MODE: "on" MASTER_KEY: "REPLACE_MASTER_KEY" CORS_ALLOWED_ORIGIN: "*" @@ -35,7 +31,6 @@ services: MQ_HOST: "mq" HOST_NETWORK: "off" MANAGE_IPTABLES: "on" - PORT_FORWARD_SERVICES: "mq" VERBOSITY: "1" ports: - "51821-51830:51821-51830/udp" diff --git a/config/config.go b/config/config.go index 4d635df7..3872ef82 100644 --- a/config/config.go +++ b/config/config.go @@ -36,10 +36,6 @@ type ServerConfig struct { APIConnString string `yaml:"apiconn"` APIHost string `yaml:"apihost"` APIPort string `yaml:"apiport"` - GRPCConnString string `yaml:"grpcconn"` - GRPCHost string `yaml:"grpchost"` - GRPCPort string `yaml:"grpcport"` - GRPCSecure string `yaml:"grpcsecure"` MQHOST string `yaml:"mqhost"` MasterKey string `yaml:"masterkey"` DNSKey string `yaml:"dnskey"` @@ -51,7 +47,6 @@ type ServerConfig struct { ClientMode string `yaml:"clientmode"` DNSMode string `yaml:"dnsmode"` DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` - GRPCSSL string `yaml:"grpcssl"` Version string `yaml:"version"` SQLConn string `yaml:"sqlconn"` Platform string `yaml:"platform"` diff --git a/config/environments/dev.yaml b/config/environments/dev.yaml index 9899b5bd..10d7d54f 100644 --- a/config/environments/dev.yaml +++ b/config/environments/dev.yaml @@ -1,8 +1,6 @@ server: apihost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_API_HOST if set apiport: "" # defaults to 8081 or HTTP_PORT (if set) - grpchost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_GRPC_HOST if set. - grpcport: "" # defaults to 50051 or GRPC_PORT (if set) masterkey: "" # defaults to 'secretkey' or MASTER_KEY (if set) allowedorigin: "" # defaults to '*' or CORS_ALLOWED_ORIGIN (if set) restbackend: "" # defaults to "on" or REST_BACKEND (if set) diff --git a/controllers/config/dnsconfig/netmaker.hosts b/controllers/config/dnsconfig/netmaker.hosts index 45eab425..655eaef6 100644 --- a/controllers/config/dnsconfig/netmaker.hosts +++ b/controllers/config/dnsconfig/netmaker.hosts @@ -1 +1,2 @@ -10.0.0.2 testnode.skynet myhost.skynet +10.0.0.1 testnode.skynet +10.0.0.2 myhost.skynet diff --git a/controllers/config/environments/dev.yaml b/controllers/config/environments/dev.yaml index 88170a91..de1101ab 100644 --- a/controllers/config/environments/dev.yaml +++ b/controllers/config/environments/dev.yaml @@ -1,7 +1,6 @@ server: host: "localhost" apiport: "8081" - grpcport: "50051" masterkey: "" allowedorigin: "*" restbackend: true diff --git a/controllers/network.go b/controllers/network.go index 8209e8bd..d72104f3 100644 --- a/controllers/network.go +++ b/controllers/network.go @@ -423,16 +423,6 @@ func isCommsEdit(w http.ResponseWriter, r *http.Request, netname string) bool { return false } -func filterCommsNetwork(networks []models.Network) []models.Network { - var filterdNets []models.Network - for i := range networks { - if networks[i].IsComms != "yes" && networks[i].NetID != servercfg.GetCommsID() { - filterdNets = append(filterdNets, networks[i]) - } - } - return filterdNets -} - func getServerAddrs(node *models.Node) { serverNodes := logic.GetServerNodes(serverctl.COMMS_NETID) //pubIP, _ := servercfg.GetPublicIP() diff --git a/controllers/network_test.go b/controllers/network_test.go index 1a85d78f..98aab5c9 100644 --- a/controllers/network_test.go +++ b/controllers/network_test.go @@ -7,7 +7,6 @@ import ( "github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" - "github.com/gravitl/netmaker/serverctl" "github.com/stretchr/testify/assert" ) @@ -301,5 +300,4 @@ func createNet() { if err != nil { logic.CreateNetwork(network) } - serverctl.InitializeCommsNetwork() } diff --git a/controllers/node.go b/controllers/node.go index ea667e19..9b2fce47 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -382,10 +382,6 @@ func getNode(w http.ResponseWriter, r *http.Request) { returnErrorResponse(w, r, formatError(err, "internal")) return } - if logic.IsNodeInComms(&node) { - returnErrorResponse(w, r, formatError(err, "internal")) - return - } logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"]) w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(node) @@ -737,16 +733,6 @@ func runServerUpdate(node *models.Node, ifaceDelta bool) error { return nil } -func filterCommsNodes(nodes []models.Node) []models.Node { - var filterdNodes []models.Node - for i := range nodes { - if !logic.IsNodeInComms(&nodes[i]) { - filterdNodes = append(filterdNodes, nodes[i]) - } - } - return filterdNodes -} - func runForceServerUpdate(node *models.Node) { go func() { if err := mq.PublishPeerUpdate(node); err != nil { diff --git a/controllers/user.go b/controllers/user.go index 78fb6ae8..ada871c4 100644 --- a/controllers/user.go +++ b/controllers/user.go @@ -12,7 +12,6 @@ import ( "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" - "github.com/gravitl/netmaker/servercfg" ) func userHandlers(r *mux.Router) { @@ -167,11 +166,6 @@ func createUser(w http.ResponseWriter, r *http.Request) { // get node from body of request _ = json.NewDecoder(r.Body).Decode(&user) - if !user.IsAdmin && isAddingComms(user.Networks) { - returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest")) - return - } - user, err := logic.CreateUser(user) if err != nil { @@ -200,11 +194,6 @@ func updateUserNetworks(w http.ResponseWriter, r *http.Request) { returnErrorResponse(w, r, formatError(err, "internal")) return } - if !userchange.IsAdmin && isAddingComms(userchange.Networks) { - returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest")) - return - } - err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user) if err != nil { returnErrorResponse(w, r, formatError(err, "badrequest")) @@ -229,10 +218,6 @@ func updateUser(w http.ResponseWriter, r *http.Request) { returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user %s", username), "forbidden")) return } - if !user.IsAdmin && isAddingComms(user.Networks) { - returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest")) - return - } var userchange models.User // we decode our body request params err = json.NewDecoder(r.Body).Decode(&userchange) @@ -302,13 +287,3 @@ func deleteUser(w http.ResponseWriter, r *http.Request) { logger.Log(1, username, "was deleted") json.NewEncoder(w).Encode(params["username"] + " deleted.") } - -func isAddingComms(networks []string) bool { - commsID := servercfg.GetCommsID() - for i := range networks { - if networks[i] == commsID { - return true - } - } - return false -} diff --git a/docker/Caddyfile b/docker/Caddyfile index 0ae76fa3..46ebca71 100644 --- a/docker/Caddyfile +++ b/docker/Caddyfile @@ -29,7 +29,3 @@ https://api.NETMAKER_BASE_DOMAIN { reverse_proxy http://127.0.0.1:8081 } -# gRPC -https://grpc.NETMAKER_BASE_DOMAIN { - reverse_proxy h2c://127.0.0.1:50051 -} diff --git a/kube/components/netmaker-api.yaml b/kube/components/netmaker-api.yaml index 4c4abc03..061103f6 100644 --- a/kube/components/netmaker-api.yaml +++ b/kube/components/netmaker-api.yaml @@ -25,20 +25,12 @@ spec: env: - name: SERVER_API_CONN_STRING value: "api.nm.k8s.gravitl.com:443" - - name: SERVER_GRPC_CONN_STRING - value: "grpc.nm.k8s.gravitl.com:443" - name: COREDNS_ADDR value: "netmaker-dns" - - name: GRPC_SSL - value: "on" - name: SERVER_HTTP_HOST value: "api.nm.k8s.gravitl.com" - - name: SERVER_GRPC_HOST - value: "grpc.nm.k8s.gravitl.com" - name: API_PORT value: "8081" - - name: GRPC_PORT - value: "50051" - name: AGENT_BACKEND value: "off" - name: CLIENT_MODE @@ -47,8 +39,6 @@ spec: value: "on" - name: MASTER_KEY value: "Unkn0wn!" - - name: SERVER_GRPC_WIREGUARD - value: "off" - name: MASTER_KEY value: "secretkey" - name: CORS_ALLOWED_ORIGIN diff --git a/kube/components/netmaker-backend.yaml b/kube/components/netmaker-backend.yaml index d626a2b8..a2475b3b 100644 --- a/kube/components/netmaker-backend.yaml +++ b/kube/components/netmaker-backend.yaml @@ -25,26 +25,16 @@ spec: env: - name: SERVER_API_CONN_STRING value: "api.nm.k8s.gravitl.com:443" - - name: SERVER_GRPC_CONN_STRING - value: "grpc.nm.k8s.gravitl.com:443" - name: COREDNS_ADDR value: "10.152.183.53" - - name: GRPC_SSL - value: "on" - name: SERVER_HTTP_HOST value: "api.k8s.gravitl.com" - - name: SERVER_GRPC_HOST - value: "grpc.k8s.gravitl.com" - name: API_PORT value: "8081" - - name: GRPC_PORT - value: "443" - name: CLIENT_MODE value: "off" - name: MASTER_KEY value: "Unkn0wn!" - - name: SERVER_GRPC_WIREGUARD - value: "off" - name: MASTER_KEY value: "secretkey" - name: CORS_ALLOWED_ORIGIN @@ -97,7 +87,6 @@ kind: Service metadata: labels: app: netmaker-backend - name: netmaker-grpc spec: ports: - port: 443 diff --git a/kube/components/netmaker-template.yaml.backup b/kube/components/netmaker-template.yaml.backup index a1f77c45..fc2150ba 100644 --- a/kube/components/netmaker-template.yaml.backup +++ b/kube/components/netmaker-template.yaml.backup @@ -84,26 +84,16 @@ spec: env: - name: SERVER_API_CONN_STRING value: "api.NETMAKER_BASE_DOMAIN:443" - - name: SERVER_GRPC_CONN_STRING - value: "grpc.NETMAKER_BASE_DOMAIN:443" - name: COREDNS_ADDR value: "10.152.183.53" - - name: GRPC_SSL - value: "on" - name: SERVER_HTTP_HOST value: "api.NETMAKER_BASE_DOMAIN" - - name: SERVER_GRPC_HOST - value: "grpc.NETMAKER_BASE_DOMAIN" - name: API_PORT value: "8081" - - name: GRPC_PORT - value: "443" - name: CLIENT_MODE value: "off" - name: MASTER_KEY value: "Unkn0wn!" - - name: SERVER_GRPC_WIREGUARD - value: "off" - name: MASTER_KEY value: "secretkey" - name: CORS_ALLOWED_ORIGIN diff --git a/kube/netmaker-template-udp.yaml b/kube/netmaker-template-udp.yaml index e63e2e64..cb45dfd5 100644 --- a/kube/netmaker-template-udp.yaml +++ b/kube/netmaker-template-udp.yaml @@ -56,24 +56,16 @@ spec: env: - name: SERVER_API_CONN_STRING value: "api.NETMAKER_BASE_DOMAIN:443" - - name: SERVER_GRPC_CONN_STRING - value: "grpc.NETMAKER_BASE_DOMAIN:443" - name: COREDNS_ADDR value: "10.152.183.53" - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - - name: GRPC_SSL - value: "on" - name: SERVER_HTTP_HOST value: "api.NETMAKER_BASE_DOMAIN:443" - - name: SERVER_GRPC_HOST - value: "grpc.NETMAKER_BASE_DOMAIN:443" - name: API_PORT value: "8081" - - name: GRPC_PORT - value: "443" - name: CLIENT_MODE value: "off" - name: MASTER_KEY diff --git a/kube/netmaker-template.yaml b/kube/netmaker-template.yaml index d245e473..47853972 100644 --- a/kube/netmaker-template.yaml +++ b/kube/netmaker-template.yaml @@ -39,24 +39,16 @@ spec: env: - name: SERVER_API_CONN_STRING value: "api.NETMAKER_BASE_DOMAIN:443" - - name: SERVER_GRPC_CONN_STRING - value: "grpc.NETMAKER_BASE_DOMAIN:443" - name: COREDNS_ADDR value: "10.152.183.53" - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - - name: GRPC_SSL - value: "on" - name: SERVER_HTTP_HOST value: "api.NETMAKER_BASE_DOMAIN" - - name: SERVER_GRPC_HOST - value: "grpc.NETMAKER_BASE_DOMAIN" - name: API_PORT value: "8081" - - name: GRPC_PORT - value: "80" - name: CLIENT_MODE value: "off" - name: MASTER_KEY diff --git a/logic/accesskeys.go b/logic/accesskeys.go index 116123b5..40f58483 100644 --- a/logic/accesskeys.go +++ b/logic/accesskeys.go @@ -54,10 +54,8 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models var accessToken models.AccessToken s := servercfg.GetServerConfig() servervals := models.ServerConfig{ - GRPCConnString: s.GRPCConnString, - GRPCSSL: s.GRPCSSL, - Server: s.Server, - APIConnString: s.APIConnString, + Server: s.Server, + APIConnString: s.APIConnString, } accessToken.ServerConfig = servervals accessToken.ClientConfig.Network = netID diff --git a/logic/jwts.go b/logic/jwts.go index 571b2f02..4532d2df 100644 --- a/logic/jwts.go +++ b/logic/jwts.go @@ -98,7 +98,7 @@ func VerifyUserToken(tokenString string) (username string, networks []string, is return "", nil, false, err } -// VerifyToken - gRPC [nodes] Only +// VerifyToken - [nodes] Only func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) { claims := &models.Claims{} diff --git a/logic/nodes.go b/logic/nodes.go index 2c177e83..ce46cde1 100644 --- a/logic/nodes.go +++ b/logic/nodes.go @@ -630,11 +630,6 @@ func IsLocalServer(node *models.Node) bool { return node.ID != "" && local.ID == node.ID } -// IsNodeInComms returns if node is in comms network or not -func IsNodeInComms(node *models.Node) bool { - return node.Network == servercfg.GetCommsID() && node.IsServer != "yes" -} - // validateServer - make sure servers dont change port or address func validateServer(currentNode, newNode *models.Node) bool { return (newNode.Address == currentNode.Address && diff --git a/main.go b/main.go index b04a6171..c78848b4 100644 --- a/main.go +++ b/main.go @@ -40,10 +40,10 @@ func main() { setupConfig(*absoluteConfigPath) servercfg.SetVersion(version) fmt.Println(models.RetrieveLogo()) // print the logo - initialize() // initial db and grpc server + initialize() // initial db and acls; gen cert if required setGarbageCollection() defer database.CloseDB() - startControllers() // start the grpc or rest endpoints + startControllers() // start the api endpoint and mq } func setupConfig(absoluteConfigPath string) { @@ -124,18 +124,6 @@ func initialize() { // Client Mode Prereq Check func startControllers() { var waitnetwork sync.WaitGroup - //Run Agent Server - // if servercfg.IsAgentBackend() { - // if !(servercfg.DisableRemoteIPCheck()) && servercfg.GetGRPCHost() == "127.0.0.1" { - // err := servercfg.SetHost() - // if err != nil { - // logger.FatalLog("Unable to Set host. Exiting...", err.Error()) - // } - // } - // waitnetwork.Add(1) - // go runGRPC(&waitnetwork) - // } - if servercfg.IsDNSMode() { err := logic.SetDNS() if err != nil { @@ -167,52 +155,6 @@ func startControllers() { waitnetwork.Wait() } -// func runGRPC(wg *sync.WaitGroup) { - -// defer wg.Done() - -// grpcport := servercfg.GetGRPCPort() - -// listener, err := net.Listen("tcp", ":"+grpcport) -// // Handle errors if any -// if err != nil { -// logger.FatalLog("[netmaker] Unable to listen on port", grpcport, ": error:", err.Error()) -// } - -// s := grpc.NewServer( -// authServerUnaryInterceptor(), -// ) -// // Create NodeService type -// srv := &controller.NodeServiceServer{} - -// // Register the service with the server -// nodepb.RegisterNodeServiceServer(s, srv) - -// // Start the server in a child routine -// go func() { -// if err := s.Serve(listener); err != nil { -// logger.FatalLog("Failed to serve:", err.Error()) -// } -// }() -// logger.Log(0, "Agent Server successfully started on port ", grpcport, "(gRPC)") - -// // Relay os.Interrupt to our channel (os.Interrupt = CTRL+C) -// // Ignore other incoming signals -// ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt) -// defer stop() - -// // Block main routine until a signal is received -// // As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running -// <-ctx.Done() - -// // After receiving CTRL+C Properly stop the server -// logger.Log(0, "Stopping the Agent server...") -// s.GracefulStop() -// listener.Close() -// logger.Log(0, "Agent server closed..") -// logger.Log(0, "Closed DB connection.") -// } - // Should we be using a context vice a waitgroup???????????? func runMessageQueue(wg *sync.WaitGroup) { defer wg.Done() @@ -228,10 +170,6 @@ func runMessageQueue(wg *sync.WaitGroup) { client.Disconnect(250) } -//func authServerUnaryInterceptor() grpc.ServerOption { -// return grpc.UnaryInterceptor(controller.AuthServerUnaryInterceptor) -//} - func setGarbageCollection() { _, gcset := os.LookupEnv("GOGC") if !gcset { diff --git a/models/accessToken.go b/models/accessToken.go index 57523d91..0e4e5280 100644 --- a/models/accessToken.go +++ b/models/accessToken.go @@ -12,8 +12,6 @@ type ClientConfig struct { } type ServerConfig struct { - GRPCConnString string `json:"grpcconn"` - GRPCSSL string `json:"grpcssl"` - Server string `json:"server"` - APIConnString string `json:"apiconnstring"` + Server string `json:"server"` + APIConnString string `json:"apiconnstring"` } diff --git a/models/intclient.go b/models/intclient.go index a323ce52..d9b44bfa 100644 --- a/models/intclient.go +++ b/models/intclient.go @@ -12,7 +12,6 @@ type IntClient struct { ServerAPIPort string `json:"serverapiport" bson:"serverapiport"` ServerPrivateAddress string `json:"serverprivateaddress" bson:"serverprivateaddress"` ServerWGPort string `json:"serverwgport" bson:"serverwgport"` - ServerGRPCPort string `json:"servergrpcport" bson:"servergrpcport"` ServerKey string `json:"serverkey" bson:"serverkey"` IsServer string `json:"isserver" bson:"isserver"` } diff --git a/models/structs.go b/models/structs.go index 273408ab..88e56d29 100644 --- a/models/structs.go +++ b/models/structs.go @@ -101,9 +101,7 @@ type DisplayKey struct { // GlobalConfig - global config type GlobalConfig struct { - Name string `json:"name" bson:"name"` - PortGRPC string `json:"portgrpc" bson:"portgrpc"` - ServerGRPC string `json:"servergrpc" bson:"servergrpc"` + Name string `json:"name" bson:"name"` } // CheckInResponse - checkin response diff --git a/mq/publishers.go b/mq/publishers.go index 06ab3d4c..677e1e47 100644 --- a/mq/publishers.go +++ b/mq/publishers.go @@ -39,9 +39,7 @@ func PublishPeerUpdate(newNode *models.Node) error { if err = publish(&node, fmt.Sprintf("peers/%s/%s", node.Network, node.ID), data); err != nil { logger.Log(1, "failed to publish peer update for node", node.ID) } else { - if node.Network != servercfg.GetCommsID() { - logger.Log(1, "sent peer update for node", node.Name, "on network:", node.Network) - } + logger.Log(1, "sent peer update for node", node.Name, "on network:", node.Network) } } return nil diff --git a/netclient/cli_options/cmds.go b/netclient/cli_options/cmds.go index 4bc1e356..d909cb16 100644 --- a/netclient/cli_options/cmds.go +++ b/netclient/cli_options/cmds.go @@ -26,10 +26,6 @@ func GetCommands(cliFlags []cli.Flag) []*cli.Command { err = errors.New("no network provided") return err } - if cfg.Server.GRPCAddress == "" { - err = errors.New("no server address provided") - return err - } err = command.Register(&cfg, pvtKey) return err }, diff --git a/netclient/cli_options/flags.go b/netclient/cli_options/flags.go index 317e014b..96c1a169 100644 --- a/netclient/cli_options/flags.go +++ b/netclient/cli_options/flags.go @@ -112,18 +112,6 @@ func GetFlags(hostname string) []cli.Flag { Value: "", Usage: "Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server.", }, - &cli.StringFlag{ - Name: "grpcserver", - EnvVars: []string{"NETCLIENT_GRPC_SERVER"}, - Value: "", - Usage: "Address + GRPC Port (e.g. 1.2.3.4:50051) of Netmaker server.", - }, - &cli.StringFlag{ - Name: "grpcssl", - EnvVars: []string{"NETCLIENT_GRPCSSL"}, - Value: "", - Usage: "Tells clients to use SSL to connect to GRPC if 'on'. Disable if 'off'. Off by default.", - }, &cli.StringFlag{ Name: "key", Aliases: []string{"k"}, diff --git a/netclient/command/commands.go b/netclient/command/commands.go index 6ab3ed44..f500c3df 100644 --- a/netclient/command/commands.go +++ b/netclient/command/commands.go @@ -14,11 +14,7 @@ import ( // tries to ping if already found locally, if fail ping pull for best effort for communication func JoinComms(cfg *config.ClientConfig) error { commsCfg := &config.ClientConfig{} - commsCfg.Network = cfg.Server.CommsNetwork - commsCfg.Node.Network = cfg.Server.CommsNetwork commsCfg.Server.AccessKey = cfg.Server.AccessKey - commsCfg.Server.GRPCAddress = cfg.Server.GRPCAddress - commsCfg.Server.GRPCSSL = cfg.Server.GRPCSSL commsCfg.Server.CoreDNSAddr = cfg.Server.CoreDNSAddr if commsCfg.ConfigFileExists() { return nil diff --git a/netclient/config/config.go b/netclient/config/config.go index e880e622..c8b4ef60 100644 --- a/netclient/config/config.go +++ b/netclient/config/config.go @@ -33,13 +33,10 @@ type ClientConfig struct { // ServerConfig - struct for dealing with the server information for a netclient type ServerConfig struct { - CoreDNSAddr string `yaml:"corednsaddr"` - GRPCAddress string `yaml:"grpcaddress"` - AccessKey string `yaml:"accesskey"` - GRPCSSL string `yaml:"grpcssl"` - CommsNetwork string `yaml:"commsnetwork"` - Server string `yaml:"server"` - API string `yaml:"api"` + CoreDNSAddr string `yaml:"corednsaddr"` + AccessKey string `yaml:"accesskey"` + Server string `yaml:"server"` + API string `yaml:"api"` } // RegisterRequest - struct for registation with netmaker server @@ -198,21 +195,12 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { log.Println("error converting token json to object", tokenbytes) return cfg, "", err } - - if accesstoken.ServerConfig.GRPCConnString != "" { - cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString - } - cfg.Network = accesstoken.ClientConfig.Network cfg.Node.Network = accesstoken.ClientConfig.Network cfg.Server.AccessKey = accesstoken.ClientConfig.Key cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange - cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL cfg.Server.Server = accesstoken.ServerConfig.Server cfg.Server.API = accesstoken.ServerConfig.APIConnString - if c.String("grpcserver") != "" { - cfg.Server.GRPCAddress = c.String("grpcserver") - } if c.String("key") != "" { cfg.Server.AccessKey = c.String("key") } @@ -223,9 +211,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { if c.String("localrange") != "" { cfg.Node.LocalRange = c.String("localrange") } - if c.String("grpcssl") != "" { - cfg.Server.GRPCSSL = c.String("grpcssl") - } if c.String("corednsaddr") != "" { cfg.Server.CoreDNSAddr = c.String("corednsaddr") } @@ -234,12 +219,10 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) { } } else { - cfg.Server.GRPCAddress = c.String("grpcserver") cfg.Server.AccessKey = c.String("key") cfg.Network = c.String("network") cfg.Node.Network = c.String("network") cfg.Node.LocalRange = c.String("localrange") - cfg.Server.GRPCSSL = c.String("grpcssl") cfg.Server.CoreDNSAddr = c.String("corednsaddr") cfg.Server.API = c.String("apiserver") } diff --git a/netclient/functions/daemon.go b/netclient/functions/daemon.go index 0f0c5610..63a706df 100644 --- a/netclient/functions/daemon.go +++ b/netclient/functions/daemon.go @@ -231,7 +231,7 @@ func setupMQTTSub(server string) mqtt.Client { client := mqtt.NewClient(opts) tperiod := time.Now().Add(12 * time.Second) for { - //if after 12 seconds, try a gRPC pull on the last try + //if after 12 seconds, try a pull on the last try if time.Now().After(tperiod) { networks, err := ncutils.GetSystemNetworks() if err != nil { @@ -362,7 +362,7 @@ func setupMQTT(cfg *config.ClientConfig, publish bool) mqtt.Client { client := mqtt.NewClient(opts) tperiod := time.Now().Add(12 * time.Second) for { - //if after 12 seconds, try a gRPC pull on the last try + //if after 12 seconds, try a pull on the last try if time.Now().After(tperiod) { logger.Log(0, "running pull for ", cfg.Node.Network) _, err := Pull(cfg.Node.Network, true) diff --git a/netclient/functions/join.go b/netclient/functions/join.go index 52980a62..d41e69c4 100644 --- a/netclient/functions/join.go +++ b/netclient/functions/join.go @@ -182,7 +182,7 @@ func JoinNetwork(cfg *config.ClientConfig, privateKey string, iscomms bool) erro logger.Log(0, "failed to make backup, node will not auto restore if config is corrupted") } logger.Log(0, "starting wireguard") - err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false, []string{}, false) + err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false) if err != nil { return err } diff --git a/netclient/functions/list.go b/netclient/functions/list.go index 6a0d77cf..63b0bfc7 100644 --- a/netclient/functions/list.go +++ b/netclient/functions/list.go @@ -80,56 +80,3 @@ func getNetwork(network string) (Network, error) { }, }, nil } - -// func getPeers(network string) ([]Peer, error) { -// cfg, err := config.ReadConfig(network) -// if err != nil { -// return []Peer{}, err -// } -// nodecfg := cfg.Node -// var nodes []models.Node -// -// var wcclient nodepb.NodeServiceClient -// conn, err := grpc.Dial(cfg.Server.GRPCAddress, -// ncutils.GRPCRequestOpts(cfg.Server.GRPCSSL)) -// -// if err != nil { -// return []Peer{}, fmt.Errorf("connecting to %v: %w", cfg.Server.GRPCAddress, err) -// } -// defer conn.Close() -// Instantiate the BlogServiceClient with our client connection to the server -// wcclient = nodepb.NewNodeServiceClient(conn) -// -// nodeData, err := json.Marshal(&nodecfg) -// if err != nil { -// return []Peer{}, fmt.Errorf("could not parse config node on network %s : %w", network, err) -// } -// -// req := &nodepb.Object{ -// Data: string(nodeData), -// Type: nodepb.NODE_TYPE, -// } -// -// ctx, err := auth.SetJWT(wcclient, network) -// if err != nil { -// return []Peer{}, fmt.Errorf("authenticating: %w", err) -// } -// var header metadata.MD -// -// response, err := wcclient.GetPeers(ctx, req, grpc.Header(&header)) -// if err != nil { -// return []Peer{}, fmt.Errorf("retrieving peers: %w", err) -// } -// if err := json.Unmarshal([]byte(response.GetData()), &nodes); err != nil { -// return []Peer{}, fmt.Errorf("unmarshaling data for peers: %w", err) -// } -// -// peers := []Peer{} -// for _, node := range nodes { -// if node.Name != cfg.Node.Name { -// peers = append(peers, Peer{Name: fmt.Sprintf("%v.%v", node.Name, network), PrivateIPv4: node.Address, PrivateIPv6: node.Address6}) -// } -// } -// -// return peers, nil -// } diff --git a/netclient/ncutils/netclientutils.go b/netclient/ncutils/netclientutils.go index 3c65e459..72a6725f 100644 --- a/netclient/ncutils/netclientutils.go +++ b/netclient/ncutils/netclientutils.go @@ -3,7 +3,6 @@ package ncutils import ( "bytes" "crypto/rand" - "crypto/tls" "encoding/gob" "errors" "fmt" @@ -23,8 +22,6 @@ import ( "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/models" "golang.zx2c4.com/wireguard/wgctrl/wgtypes" - "google.golang.org/grpc" - "google.golang.org/grpc/credentials" ) // Version - version of the netclient @@ -381,17 +378,6 @@ func GetWGPathSpecific() string { } } -// GRPCRequestOpts - gets grps request opts -func GRPCRequestOpts(isSecure string) grpc.DialOption { - var requestOpts grpc.DialOption - requestOpts = grpc.WithInsecure() - if isSecure == "on" { - h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}}) - requestOpts = grpc.WithTransportCredentials(h2creds) - } - return requestOpts -} - // Copy - copies a src file to dest func Copy(src, dst string) error { sourceFileStat, err := os.Stat(src) diff --git a/netclient/wireguard/common.go b/netclient/wireguard/common.go index ed99d814..b1475dea 100644 --- a/netclient/wireguard/common.go +++ b/netclient/wireguard/common.go @@ -121,7 +121,7 @@ func SetPeers(iface string, node *models.Node, peers []wgtypes.PeerConfig) error } // Initializes a WireGuard interface -func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, syncconf bool) error { +func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, syncconf bool) error { key, err := wgtypes.ParseKey(privkey) if err != nil { @@ -229,10 +229,6 @@ func SetWGConfig(network string, peerupdate bool) error { servercfg := cfg.Server nodecfg := cfg.Node - //peers, hasGateway, gateways, err := server.GetPeers(nodecfg.MacAddress, nodecfg.Network, servercfg.GRPCAddress, nodecfg.IsDualStack == "yes", nodecfg.IsIngressGateway == "yes", nodecfg.IsServer == "yes") - //if err != nil { - // return err - //} privkey, err := RetrievePrivKey(network) if err != nil { return err @@ -248,9 +244,9 @@ func SetWGConfig(network string, peerupdate bool) error { } err = SetPeers(iface, &nodecfg, []wgtypes.PeerConfig{}) } else if peerupdate { - err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, true) + err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, true) } else { - err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, false) + err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false) } if nodecfg.DNSOn == "yes" { _ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr) diff --git a/nginx/netmaker-nginx-template.conf b/nginx/netmaker-nginx-template.conf index b73a944d..1ddd95d7 100644 --- a/nginx/netmaker-nginx-template.conf +++ b/nginx/netmaker-nginx-template.conf @@ -31,21 +31,4 @@ server { proxy_pass_request_headers on; } } -server { - listen 443 ssl http2; - server_name grpc.NETMAKER_BASE_DOMAIN; - ssl_certificate /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/privkey.pem; - #include /etc/letsencrypt/options-ssl-nginx.conf; - #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - # Forces the header to be the one that is visible from the outside - proxy_set_header Host api.NETMAKER_BASE_DOMAIN; # Please change to your URL - - # Pass all headers through to the backend - proxy_pass_request_headers on; - - location / { - grpc_pass grpc://127.0.0.1:50051; - } -} diff --git a/scripts/install-netmaker.sh b/scripts/install-netmaker.sh index 52232d9a..64ea9494 100644 --- a/scripts/install-netmaker.sh +++ b/scripts/install-netmaker.sh @@ -34,7 +34,6 @@ echo "To Override, add a Wildcard (*.netmaker.example.com) DNS record pointing t echo "Or, add three DNS records pointing to $SERVER_PUBLIC_IP for the following (Replacing 'netmaker.example.com' with the domain of your choice):" echo " dashboard.netmaker.example.com" echo " api.netmaker.example.com" -echo " grpc.netmaker.example.com" echo "-----------------------------------------------------" read -p "Domain (Hit 'enter' to use $NETMAKER_BASE_DOMAIN): " domain read -p "Contact Email: " email diff --git a/scripts/netmaker-server.sh b/scripts/netmaker-server.sh index dbaefce4..edd8cf10 100644 --- a/scripts/netmaker-server.sh +++ b/scripts/netmaker-server.sh @@ -9,7 +9,6 @@ cat >/etc/netmaker/config/environments/dev.yaml<