mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 07:16:06 +08:00
remove references to grpc/comms net
This commit is contained in:
parent
886ec31553
commit
7152f6ccd4
|
@ -20,14 +20,10 @@ services:
|
||||||
SERVER_NAME: "broker.NETMAKER_BASE_DOMAIN"
|
SERVER_NAME: "broker.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||||
GRPC_SSL: "on"
|
|
||||||
DNS_MODE: "on"
|
DNS_MODE: "on"
|
||||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
API_PORT: "8081"
|
API_PORT: "8081"
|
||||||
GRPC_PORT: "50051"
|
|
||||||
CLIENT_MODE: "on"
|
CLIENT_MODE: "on"
|
||||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||||
CORS_ALLOWED_ORIGIN: "*"
|
CORS_ALLOWED_ORIGIN: "*"
|
||||||
|
|
|
@ -18,24 +18,18 @@ services:
|
||||||
environment:
|
environment:
|
||||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||||
GRPC_SSL: "on"
|
|
||||||
DNS_MODE: "on"
|
DNS_MODE: "on"
|
||||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
API_PORT: "8081"
|
API_PORT: "8081"
|
||||||
GRPC_PORT: "50051"
|
|
||||||
CLIENT_MODE: "on"
|
CLIENT_MODE: "on"
|
||||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||||
SERVER_GRPC_WIREGUARD: "off"
|
|
||||||
CORS_ALLOWED_ORIGIN: "*"
|
CORS_ALLOWED_ORIGIN: "*"
|
||||||
DISPLAY_KEYS: "on"
|
DISPLAY_KEYS: "on"
|
||||||
DATABASE: "sqlite"
|
DATABASE: "sqlite"
|
||||||
HOST_NETWORK: "on"
|
HOST_NETWORK: "on"
|
||||||
NODE_ID: "netmaker-server-1"
|
NODE_ID: "netmaker-server-1"
|
||||||
MANAGE_IPTABLES: "on"
|
MANAGE_IPTABLES: "on"
|
||||||
PORT_FORWARD_SERVICES: ""
|
|
||||||
VERBOSITY: "1"
|
VERBOSITY: "1"
|
||||||
netmaker-ui:
|
netmaker-ui:
|
||||||
container_name: netmaker-ui
|
container_name: netmaker-ui
|
||||||
|
|
|
@ -18,14 +18,10 @@ services:
|
||||||
environment:
|
environment:
|
||||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||||
GRPC_SSL: "on"
|
|
||||||
DNS_MODE: "on"
|
DNS_MODE: "on"
|
||||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
API_PORT: "8081"
|
API_PORT: "8081"
|
||||||
GRPC_PORT: "50051"
|
|
||||||
CLIENT_MODE: "on"
|
CLIENT_MODE: "on"
|
||||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||||
CORS_ALLOWED_ORIGIN: "*"
|
CORS_ALLOWED_ORIGIN: "*"
|
||||||
|
@ -35,7 +31,6 @@ services:
|
||||||
MQ_HOST: "mq"
|
MQ_HOST: "mq"
|
||||||
HOST_NETWORK: "off"
|
HOST_NETWORK: "off"
|
||||||
MANAGE_IPTABLES: "on"
|
MANAGE_IPTABLES: "on"
|
||||||
PORT_FORWARD_SERVICES: "mq"
|
|
||||||
VERBOSITY: "1"
|
VERBOSITY: "1"
|
||||||
ports:
|
ports:
|
||||||
- "51821-51830:51821-51830/udp"
|
- "51821-51830:51821-51830/udp"
|
||||||
|
|
|
@ -18,14 +18,10 @@ services:
|
||||||
environment:
|
environment:
|
||||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||||
GRPC_SSL: "on"
|
|
||||||
DNS_MODE: "off"
|
DNS_MODE: "off"
|
||||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
API_PORT: "8081"
|
API_PORT: "8081"
|
||||||
GRPC_PORT: "50051"
|
|
||||||
CLIENT_MODE: "on"
|
CLIENT_MODE: "on"
|
||||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||||
CORS_ALLOWED_ORIGIN: "*"
|
CORS_ALLOWED_ORIGIN: "*"
|
||||||
|
@ -35,7 +31,6 @@ services:
|
||||||
MQ_HOST: "mq"
|
MQ_HOST: "mq"
|
||||||
HOST_NETWORK: "off"
|
HOST_NETWORK: "off"
|
||||||
MANAGE_IPTABLES: "on"
|
MANAGE_IPTABLES: "on"
|
||||||
PORT_FORWARD_SERVICES: "mq"
|
|
||||||
VERBOSITY: "1"
|
VERBOSITY: "1"
|
||||||
ports:
|
ports:
|
||||||
- "51821-51830:51821-51830/udp"
|
- "51821-51830:51821-51830/udp"
|
||||||
|
|
|
@ -16,23 +16,18 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
network_mode: host # Must configure with very particular settngs for host networking to work. Do not just set on!
|
network_mode: host # Must configure with very particular settngs for host networking to work. Do not just set on!
|
||||||
environment:
|
environment:
|
||||||
SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host.
|
SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set the HTTP host.
|
||||||
SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
|
SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP available via different interfaces/networks.
|
||||||
SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
|
|
||||||
API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
|
API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
|
||||||
GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes.
|
|
||||||
CLIENT_MODE: "on" # on if netmaker should run its own client, off if not.
|
CLIENT_MODE: "on" # on if netmaker should run its own client, off if not.
|
||||||
MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
|
MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
|
||||||
CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
|
CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
|
||||||
REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
|
REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
|
||||||
AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off.
|
|
||||||
DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
|
DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
|
||||||
DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
|
DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
|
||||||
GRPC_SSL: "off" # Tells clients to use SSL to connect to GRPC. Switch to on to turn on.
|
|
||||||
COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST
|
COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST
|
||||||
DISPLAY_KEYS: "on" # Show keys permanently in UI (until deleted) as opposed to 1-time display.
|
DISPLAY_KEYS: "on" # Show keys permanently in UI (until deleted) as opposed to 1-time display.
|
||||||
SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT
|
SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT
|
||||||
SERVER_GRPC_CONN_STRING: "" # Changes the grpc connection string. IP:PORT format. By default is empty and uses SERVER_HOST:GRPC_PORT
|
|
||||||
RCE: "off" # Enables setting PostUp and PostDown (arbitrary commands) on nodes from the server. Off by default.
|
RCE: "off" # Enables setting PostUp and PostDown (arbitrary commands) on nodes from the server. Off by default.
|
||||||
NODE_ID: "" # Sets the name/id of the nodes that the server creates. Necessary for HA configurations to identify between servers (for instance, netmaker-1, netmaker-2, etc). For non-HA deployments, is not necessary.
|
NODE_ID: "" # Sets the name/id of the nodes that the server creates. Necessary for HA configurations to identify between servers (for instance, netmaker-1, netmaker-2, etc). For non-HA deployments, is not necessary.
|
||||||
TELEMETRY: "on" # Whether or not to send telemetry data to help improve Netmaker. Switch to "off" to opt out of sending telemetry.
|
TELEMETRY: "on" # Whether or not to send telemetry data to help improve Netmaker. Switch to "off" to opt out of sending telemetry.
|
||||||
|
|
|
@ -18,14 +18,10 @@ services:
|
||||||
environment:
|
environment:
|
||||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||||
GRPC_SSL: "on"
|
|
||||||
DNS_MODE: "on"
|
DNS_MODE: "on"
|
||||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
API_PORT: "8081"
|
API_PORT: "8081"
|
||||||
GRPC_PORT: "50051"
|
|
||||||
CLIENT_MODE: "on"
|
CLIENT_MODE: "on"
|
||||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||||
CORS_ALLOWED_ORIGIN: "*"
|
CORS_ALLOWED_ORIGIN: "*"
|
||||||
|
@ -35,7 +31,6 @@ services:
|
||||||
MQ_HOST: "mq"
|
MQ_HOST: "mq"
|
||||||
HOST_NETWORK: "off"
|
HOST_NETWORK: "off"
|
||||||
MANAGE_IPTABLES: "on"
|
MANAGE_IPTABLES: "on"
|
||||||
PORT_FORWARD_SERVICES: "mq"
|
|
||||||
VERBOSITY: "1"
|
VERBOSITY: "1"
|
||||||
ports:
|
ports:
|
||||||
- "51821-51830:51821-51830/udp"
|
- "51821-51830:51821-51830/udp"
|
||||||
|
|
|
@ -36,10 +36,6 @@ type ServerConfig struct {
|
||||||
APIConnString string `yaml:"apiconn"`
|
APIConnString string `yaml:"apiconn"`
|
||||||
APIHost string `yaml:"apihost"`
|
APIHost string `yaml:"apihost"`
|
||||||
APIPort string `yaml:"apiport"`
|
APIPort string `yaml:"apiport"`
|
||||||
GRPCConnString string `yaml:"grpcconn"`
|
|
||||||
GRPCHost string `yaml:"grpchost"`
|
|
||||||
GRPCPort string `yaml:"grpcport"`
|
|
||||||
GRPCSecure string `yaml:"grpcsecure"`
|
|
||||||
MQHOST string `yaml:"mqhost"`
|
MQHOST string `yaml:"mqhost"`
|
||||||
MasterKey string `yaml:"masterkey"`
|
MasterKey string `yaml:"masterkey"`
|
||||||
DNSKey string `yaml:"dnskey"`
|
DNSKey string `yaml:"dnskey"`
|
||||||
|
@ -51,7 +47,6 @@ type ServerConfig struct {
|
||||||
ClientMode string `yaml:"clientmode"`
|
ClientMode string `yaml:"clientmode"`
|
||||||
DNSMode string `yaml:"dnsmode"`
|
DNSMode string `yaml:"dnsmode"`
|
||||||
DisableRemoteIPCheck string `yaml:"disableremoteipcheck"`
|
DisableRemoteIPCheck string `yaml:"disableremoteipcheck"`
|
||||||
GRPCSSL string `yaml:"grpcssl"`
|
|
||||||
Version string `yaml:"version"`
|
Version string `yaml:"version"`
|
||||||
SQLConn string `yaml:"sqlconn"`
|
SQLConn string `yaml:"sqlconn"`
|
||||||
Platform string `yaml:"platform"`
|
Platform string `yaml:"platform"`
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
server:
|
server:
|
||||||
apihost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_API_HOST if set
|
apihost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_API_HOST if set
|
||||||
apiport: "" # defaults to 8081 or HTTP_PORT (if set)
|
apiport: "" # defaults to 8081 or HTTP_PORT (if set)
|
||||||
grpchost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_GRPC_HOST if set.
|
|
||||||
grpcport: "" # defaults to 50051 or GRPC_PORT (if set)
|
|
||||||
masterkey: "" # defaults to 'secretkey' or MASTER_KEY (if set)
|
masterkey: "" # defaults to 'secretkey' or MASTER_KEY (if set)
|
||||||
allowedorigin: "" # defaults to '*' or CORS_ALLOWED_ORIGIN (if set)
|
allowedorigin: "" # defaults to '*' or CORS_ALLOWED_ORIGIN (if set)
|
||||||
restbackend: "" # defaults to "on" or REST_BACKEND (if set)
|
restbackend: "" # defaults to "on" or REST_BACKEND (if set)
|
||||||
|
|
|
@ -1 +1,2 @@
|
||||||
10.0.0.2 testnode.skynet myhost.skynet
|
10.0.0.1 testnode.skynet
|
||||||
|
10.0.0.2 myhost.skynet
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
server:
|
server:
|
||||||
host: "localhost"
|
host: "localhost"
|
||||||
apiport: "8081"
|
apiport: "8081"
|
||||||
grpcport: "50051"
|
|
||||||
masterkey: ""
|
masterkey: ""
|
||||||
allowedorigin: "*"
|
allowedorigin: "*"
|
||||||
restbackend: true
|
restbackend: true
|
||||||
|
|
|
@ -423,16 +423,6 @@ func isCommsEdit(w http.ResponseWriter, r *http.Request, netname string) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
func filterCommsNetwork(networks []models.Network) []models.Network {
|
|
||||||
var filterdNets []models.Network
|
|
||||||
for i := range networks {
|
|
||||||
if networks[i].IsComms != "yes" && networks[i].NetID != servercfg.GetCommsID() {
|
|
||||||
filterdNets = append(filterdNets, networks[i])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return filterdNets
|
|
||||||
}
|
|
||||||
|
|
||||||
func getServerAddrs(node *models.Node) {
|
func getServerAddrs(node *models.Node) {
|
||||||
serverNodes := logic.GetServerNodes(serverctl.COMMS_NETID)
|
serverNodes := logic.GetServerNodes(serverctl.COMMS_NETID)
|
||||||
//pubIP, _ := servercfg.GetPublicIP()
|
//pubIP, _ := servercfg.GetPublicIP()
|
||||||
|
|
|
@ -7,7 +7,6 @@ import (
|
||||||
"github.com/gravitl/netmaker/database"
|
"github.com/gravitl/netmaker/database"
|
||||||
"github.com/gravitl/netmaker/logic"
|
"github.com/gravitl/netmaker/logic"
|
||||||
"github.com/gravitl/netmaker/models"
|
"github.com/gravitl/netmaker/models"
|
||||||
"github.com/gravitl/netmaker/serverctl"
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -301,5 +300,4 @@ func createNet() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logic.CreateNetwork(network)
|
logic.CreateNetwork(network)
|
||||||
}
|
}
|
||||||
serverctl.InitializeCommsNetwork()
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -382,10 +382,6 @@ func getNode(w http.ResponseWriter, r *http.Request) {
|
||||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if logic.IsNodeInComms(&node) {
|
|
||||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"])
|
logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"])
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusOK)
|
||||||
json.NewEncoder(w).Encode(node)
|
json.NewEncoder(w).Encode(node)
|
||||||
|
@ -737,16 +733,6 @@ func runServerUpdate(node *models.Node, ifaceDelta bool) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func filterCommsNodes(nodes []models.Node) []models.Node {
|
|
||||||
var filterdNodes []models.Node
|
|
||||||
for i := range nodes {
|
|
||||||
if !logic.IsNodeInComms(&nodes[i]) {
|
|
||||||
filterdNodes = append(filterdNodes, nodes[i])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return filterdNodes
|
|
||||||
}
|
|
||||||
|
|
||||||
func runForceServerUpdate(node *models.Node) {
|
func runForceServerUpdate(node *models.Node) {
|
||||||
go func() {
|
go func() {
|
||||||
if err := mq.PublishPeerUpdate(node); err != nil {
|
if err := mq.PublishPeerUpdate(node); err != nil {
|
||||||
|
|
|
@ -12,7 +12,6 @@ import (
|
||||||
"github.com/gravitl/netmaker/logger"
|
"github.com/gravitl/netmaker/logger"
|
||||||
"github.com/gravitl/netmaker/logic"
|
"github.com/gravitl/netmaker/logic"
|
||||||
"github.com/gravitl/netmaker/models"
|
"github.com/gravitl/netmaker/models"
|
||||||
"github.com/gravitl/netmaker/servercfg"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func userHandlers(r *mux.Router) {
|
func userHandlers(r *mux.Router) {
|
||||||
|
@ -167,11 +166,6 @@ func createUser(w http.ResponseWriter, r *http.Request) {
|
||||||
// get node from body of request
|
// get node from body of request
|
||||||
_ = json.NewDecoder(r.Body).Decode(&user)
|
_ = json.NewDecoder(r.Body).Decode(&user)
|
||||||
|
|
||||||
if !user.IsAdmin && isAddingComms(user.Networks) {
|
|
||||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
user, err := logic.CreateUser(user)
|
user, err := logic.CreateUser(user)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -200,11 +194,6 @@ func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
|
||||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !userchange.IsAdmin && isAddingComms(userchange.Networks) {
|
|
||||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user)
|
err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
||||||
|
@ -229,10 +218,6 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
|
||||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user %s", username), "forbidden"))
|
returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user %s", username), "forbidden"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !user.IsAdmin && isAddingComms(user.Networks) {
|
|
||||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
var userchange models.User
|
var userchange models.User
|
||||||
// we decode our body request params
|
// we decode our body request params
|
||||||
err = json.NewDecoder(r.Body).Decode(&userchange)
|
err = json.NewDecoder(r.Body).Decode(&userchange)
|
||||||
|
@ -302,13 +287,3 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
|
||||||
logger.Log(1, username, "was deleted")
|
logger.Log(1, username, "was deleted")
|
||||||
json.NewEncoder(w).Encode(params["username"] + " deleted.")
|
json.NewEncoder(w).Encode(params["username"] + " deleted.")
|
||||||
}
|
}
|
||||||
|
|
||||||
func isAddingComms(networks []string) bool {
|
|
||||||
commsID := servercfg.GetCommsID()
|
|
||||||
for i := range networks {
|
|
||||||
if networks[i] == commsID {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
|
@ -29,7 +29,3 @@ https://api.NETMAKER_BASE_DOMAIN {
|
||||||
reverse_proxy http://127.0.0.1:8081
|
reverse_proxy http://127.0.0.1:8081
|
||||||
}
|
}
|
||||||
|
|
||||||
# gRPC
|
|
||||||
https://grpc.NETMAKER_BASE_DOMAIN {
|
|
||||||
reverse_proxy h2c://127.0.0.1:50051
|
|
||||||
}
|
|
||||||
|
|
|
@ -25,20 +25,12 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: SERVER_API_CONN_STRING
|
- name: SERVER_API_CONN_STRING
|
||||||
value: "api.nm.k8s.gravitl.com:443"
|
value: "api.nm.k8s.gravitl.com:443"
|
||||||
- name: SERVER_GRPC_CONN_STRING
|
|
||||||
value: "grpc.nm.k8s.gravitl.com:443"
|
|
||||||
- name: COREDNS_ADDR
|
- name: COREDNS_ADDR
|
||||||
value: "netmaker-dns"
|
value: "netmaker-dns"
|
||||||
- name: GRPC_SSL
|
|
||||||
value: "on"
|
|
||||||
- name: SERVER_HTTP_HOST
|
- name: SERVER_HTTP_HOST
|
||||||
value: "api.nm.k8s.gravitl.com"
|
value: "api.nm.k8s.gravitl.com"
|
||||||
- name: SERVER_GRPC_HOST
|
|
||||||
value: "grpc.nm.k8s.gravitl.com"
|
|
||||||
- name: API_PORT
|
- name: API_PORT
|
||||||
value: "8081"
|
value: "8081"
|
||||||
- name: GRPC_PORT
|
|
||||||
value: "50051"
|
|
||||||
- name: AGENT_BACKEND
|
- name: AGENT_BACKEND
|
||||||
value: "off"
|
value: "off"
|
||||||
- name: CLIENT_MODE
|
- name: CLIENT_MODE
|
||||||
|
@ -47,8 +39,6 @@ spec:
|
||||||
value: "on"
|
value: "on"
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "Unkn0wn!"
|
value: "Unkn0wn!"
|
||||||
- name: SERVER_GRPC_WIREGUARD
|
|
||||||
value: "off"
|
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "secretkey"
|
value: "secretkey"
|
||||||
- name: CORS_ALLOWED_ORIGIN
|
- name: CORS_ALLOWED_ORIGIN
|
||||||
|
|
|
@ -25,26 +25,16 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: SERVER_API_CONN_STRING
|
- name: SERVER_API_CONN_STRING
|
||||||
value: "api.nm.k8s.gravitl.com:443"
|
value: "api.nm.k8s.gravitl.com:443"
|
||||||
- name: SERVER_GRPC_CONN_STRING
|
|
||||||
value: "grpc.nm.k8s.gravitl.com:443"
|
|
||||||
- name: COREDNS_ADDR
|
- name: COREDNS_ADDR
|
||||||
value: "10.152.183.53"
|
value: "10.152.183.53"
|
||||||
- name: GRPC_SSL
|
|
||||||
value: "on"
|
|
||||||
- name: SERVER_HTTP_HOST
|
- name: SERVER_HTTP_HOST
|
||||||
value: "api.k8s.gravitl.com"
|
value: "api.k8s.gravitl.com"
|
||||||
- name: SERVER_GRPC_HOST
|
|
||||||
value: "grpc.k8s.gravitl.com"
|
|
||||||
- name: API_PORT
|
- name: API_PORT
|
||||||
value: "8081"
|
value: "8081"
|
||||||
- name: GRPC_PORT
|
|
||||||
value: "443"
|
|
||||||
- name: CLIENT_MODE
|
- name: CLIENT_MODE
|
||||||
value: "off"
|
value: "off"
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "Unkn0wn!"
|
value: "Unkn0wn!"
|
||||||
- name: SERVER_GRPC_WIREGUARD
|
|
||||||
value: "off"
|
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "secretkey"
|
value: "secretkey"
|
||||||
- name: CORS_ALLOWED_ORIGIN
|
- name: CORS_ALLOWED_ORIGIN
|
||||||
|
@ -97,7 +87,6 @@ kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
app: netmaker-backend
|
app: netmaker-backend
|
||||||
name: netmaker-grpc
|
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- port: 443
|
- port: 443
|
||||||
|
|
|
@ -84,26 +84,16 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: SERVER_API_CONN_STRING
|
- name: SERVER_API_CONN_STRING
|
||||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
- name: SERVER_GRPC_CONN_STRING
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
- name: COREDNS_ADDR
|
- name: COREDNS_ADDR
|
||||||
value: "10.152.183.53"
|
value: "10.152.183.53"
|
||||||
- name: GRPC_SSL
|
|
||||||
value: "on"
|
|
||||||
- name: SERVER_HTTP_HOST
|
- name: SERVER_HTTP_HOST
|
||||||
value: "api.NETMAKER_BASE_DOMAIN"
|
value: "api.NETMAKER_BASE_DOMAIN"
|
||||||
- name: SERVER_GRPC_HOST
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
- name: API_PORT
|
- name: API_PORT
|
||||||
value: "8081"
|
value: "8081"
|
||||||
- name: GRPC_PORT
|
|
||||||
value: "443"
|
|
||||||
- name: CLIENT_MODE
|
- name: CLIENT_MODE
|
||||||
value: "off"
|
value: "off"
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "Unkn0wn!"
|
value: "Unkn0wn!"
|
||||||
- name: SERVER_GRPC_WIREGUARD
|
|
||||||
value: "off"
|
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
value: "secretkey"
|
value: "secretkey"
|
||||||
- name: CORS_ALLOWED_ORIGIN
|
- name: CORS_ALLOWED_ORIGIN
|
||||||
|
|
|
@ -56,24 +56,16 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: SERVER_API_CONN_STRING
|
- name: SERVER_API_CONN_STRING
|
||||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
- name: SERVER_GRPC_CONN_STRING
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
- name: COREDNS_ADDR
|
- name: COREDNS_ADDR
|
||||||
value: "10.152.183.53"
|
value: "10.152.183.53"
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: status.podIP
|
fieldPath: status.podIP
|
||||||
- name: GRPC_SSL
|
|
||||||
value: "on"
|
|
||||||
- name: SERVER_HTTP_HOST
|
- name: SERVER_HTTP_HOST
|
||||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
- name: SERVER_GRPC_HOST
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
- name: API_PORT
|
- name: API_PORT
|
||||||
value: "8081"
|
value: "8081"
|
||||||
- name: GRPC_PORT
|
|
||||||
value: "443"
|
|
||||||
- name: CLIENT_MODE
|
- name: CLIENT_MODE
|
||||||
value: "off"
|
value: "off"
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
|
|
|
@ -39,24 +39,16 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: SERVER_API_CONN_STRING
|
- name: SERVER_API_CONN_STRING
|
||||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||||
- name: SERVER_GRPC_CONN_STRING
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
|
||||||
- name: COREDNS_ADDR
|
- name: COREDNS_ADDR
|
||||||
value: "10.152.183.53"
|
value: "10.152.183.53"
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: status.podIP
|
fieldPath: status.podIP
|
||||||
- name: GRPC_SSL
|
|
||||||
value: "on"
|
|
||||||
- name: SERVER_HTTP_HOST
|
- name: SERVER_HTTP_HOST
|
||||||
value: "api.NETMAKER_BASE_DOMAIN"
|
value: "api.NETMAKER_BASE_DOMAIN"
|
||||||
- name: SERVER_GRPC_HOST
|
|
||||||
value: "grpc.NETMAKER_BASE_DOMAIN"
|
|
||||||
- name: API_PORT
|
- name: API_PORT
|
||||||
value: "8081"
|
value: "8081"
|
||||||
- name: GRPC_PORT
|
|
||||||
value: "80"
|
|
||||||
- name: CLIENT_MODE
|
- name: CLIENT_MODE
|
||||||
value: "off"
|
value: "off"
|
||||||
- name: MASTER_KEY
|
- name: MASTER_KEY
|
||||||
|
|
|
@ -54,10 +54,8 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
|
||||||
var accessToken models.AccessToken
|
var accessToken models.AccessToken
|
||||||
s := servercfg.GetServerConfig()
|
s := servercfg.GetServerConfig()
|
||||||
servervals := models.ServerConfig{
|
servervals := models.ServerConfig{
|
||||||
GRPCConnString: s.GRPCConnString,
|
Server: s.Server,
|
||||||
GRPCSSL: s.GRPCSSL,
|
APIConnString: s.APIConnString,
|
||||||
Server: s.Server,
|
|
||||||
APIConnString: s.APIConnString,
|
|
||||||
}
|
}
|
||||||
accessToken.ServerConfig = servervals
|
accessToken.ServerConfig = servervals
|
||||||
accessToken.ClientConfig.Network = netID
|
accessToken.ClientConfig.Network = netID
|
||||||
|
|
|
@ -98,7 +98,7 @@ func VerifyUserToken(tokenString string) (username string, networks []string, is
|
||||||
return "", nil, false, err
|
return "", nil, false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// VerifyToken - gRPC [nodes] Only
|
// VerifyToken - [nodes] Only
|
||||||
func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) {
|
func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) {
|
||||||
claims := &models.Claims{}
|
claims := &models.Claims{}
|
||||||
|
|
||||||
|
|
|
@ -630,11 +630,6 @@ func IsLocalServer(node *models.Node) bool {
|
||||||
return node.ID != "" && local.ID == node.ID
|
return node.ID != "" && local.ID == node.ID
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsNodeInComms returns if node is in comms network or not
|
|
||||||
func IsNodeInComms(node *models.Node) bool {
|
|
||||||
return node.Network == servercfg.GetCommsID() && node.IsServer != "yes"
|
|
||||||
}
|
|
||||||
|
|
||||||
// validateServer - make sure servers dont change port or address
|
// validateServer - make sure servers dont change port or address
|
||||||
func validateServer(currentNode, newNode *models.Node) bool {
|
func validateServer(currentNode, newNode *models.Node) bool {
|
||||||
return (newNode.Address == currentNode.Address &&
|
return (newNode.Address == currentNode.Address &&
|
||||||
|
|
66
main.go
66
main.go
|
@ -40,10 +40,10 @@ func main() {
|
||||||
setupConfig(*absoluteConfigPath)
|
setupConfig(*absoluteConfigPath)
|
||||||
servercfg.SetVersion(version)
|
servercfg.SetVersion(version)
|
||||||
fmt.Println(models.RetrieveLogo()) // print the logo
|
fmt.Println(models.RetrieveLogo()) // print the logo
|
||||||
initialize() // initial db and grpc server
|
initialize() // initial db and acls; gen cert if required
|
||||||
setGarbageCollection()
|
setGarbageCollection()
|
||||||
defer database.CloseDB()
|
defer database.CloseDB()
|
||||||
startControllers() // start the grpc or rest endpoints
|
startControllers() // start the api endpoint and mq
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupConfig(absoluteConfigPath string) {
|
func setupConfig(absoluteConfigPath string) {
|
||||||
|
@ -124,18 +124,6 @@ func initialize() { // Client Mode Prereq Check
|
||||||
|
|
||||||
func startControllers() {
|
func startControllers() {
|
||||||
var waitnetwork sync.WaitGroup
|
var waitnetwork sync.WaitGroup
|
||||||
//Run Agent Server
|
|
||||||
// if servercfg.IsAgentBackend() {
|
|
||||||
// if !(servercfg.DisableRemoteIPCheck()) && servercfg.GetGRPCHost() == "127.0.0.1" {
|
|
||||||
// err := servercfg.SetHost()
|
|
||||||
// if err != nil {
|
|
||||||
// logger.FatalLog("Unable to Set host. Exiting...", err.Error())
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
// waitnetwork.Add(1)
|
|
||||||
// go runGRPC(&waitnetwork)
|
|
||||||
// }
|
|
||||||
|
|
||||||
if servercfg.IsDNSMode() {
|
if servercfg.IsDNSMode() {
|
||||||
err := logic.SetDNS()
|
err := logic.SetDNS()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -167,52 +155,6 @@ func startControllers() {
|
||||||
waitnetwork.Wait()
|
waitnetwork.Wait()
|
||||||
}
|
}
|
||||||
|
|
||||||
// func runGRPC(wg *sync.WaitGroup) {
|
|
||||||
|
|
||||||
// defer wg.Done()
|
|
||||||
|
|
||||||
// grpcport := servercfg.GetGRPCPort()
|
|
||||||
|
|
||||||
// listener, err := net.Listen("tcp", ":"+grpcport)
|
|
||||||
// // Handle errors if any
|
|
||||||
// if err != nil {
|
|
||||||
// logger.FatalLog("[netmaker] Unable to listen on port", grpcport, ": error:", err.Error())
|
|
||||||
// }
|
|
||||||
|
|
||||||
// s := grpc.NewServer(
|
|
||||||
// authServerUnaryInterceptor(),
|
|
||||||
// )
|
|
||||||
// // Create NodeService type
|
|
||||||
// srv := &controller.NodeServiceServer{}
|
|
||||||
|
|
||||||
// // Register the service with the server
|
|
||||||
// nodepb.RegisterNodeServiceServer(s, srv)
|
|
||||||
|
|
||||||
// // Start the server in a child routine
|
|
||||||
// go func() {
|
|
||||||
// if err := s.Serve(listener); err != nil {
|
|
||||||
// logger.FatalLog("Failed to serve:", err.Error())
|
|
||||||
// }
|
|
||||||
// }()
|
|
||||||
// logger.Log(0, "Agent Server successfully started on port ", grpcport, "(gRPC)")
|
|
||||||
|
|
||||||
// // Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
|
|
||||||
// // Ignore other incoming signals
|
|
||||||
// ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
|
|
||||||
// defer stop()
|
|
||||||
|
|
||||||
// // Block main routine until a signal is received
|
|
||||||
// // As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
|
|
||||||
// <-ctx.Done()
|
|
||||||
|
|
||||||
// // After receiving CTRL+C Properly stop the server
|
|
||||||
// logger.Log(0, "Stopping the Agent server...")
|
|
||||||
// s.GracefulStop()
|
|
||||||
// listener.Close()
|
|
||||||
// logger.Log(0, "Agent server closed..")
|
|
||||||
// logger.Log(0, "Closed DB connection.")
|
|
||||||
// }
|
|
||||||
|
|
||||||
// Should we be using a context vice a waitgroup????????????
|
// Should we be using a context vice a waitgroup????????????
|
||||||
func runMessageQueue(wg *sync.WaitGroup) {
|
func runMessageQueue(wg *sync.WaitGroup) {
|
||||||
defer wg.Done()
|
defer wg.Done()
|
||||||
|
@ -228,10 +170,6 @@ func runMessageQueue(wg *sync.WaitGroup) {
|
||||||
client.Disconnect(250)
|
client.Disconnect(250)
|
||||||
}
|
}
|
||||||
|
|
||||||
//func authServerUnaryInterceptor() grpc.ServerOption {
|
|
||||||
// return grpc.UnaryInterceptor(controller.AuthServerUnaryInterceptor)
|
|
||||||
//}
|
|
||||||
|
|
||||||
func setGarbageCollection() {
|
func setGarbageCollection() {
|
||||||
_, gcset := os.LookupEnv("GOGC")
|
_, gcset := os.LookupEnv("GOGC")
|
||||||
if !gcset {
|
if !gcset {
|
||||||
|
|
|
@ -12,8 +12,6 @@ type ClientConfig struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type ServerConfig struct {
|
type ServerConfig struct {
|
||||||
GRPCConnString string `json:"grpcconn"`
|
Server string `json:"server"`
|
||||||
GRPCSSL string `json:"grpcssl"`
|
APIConnString string `json:"apiconnstring"`
|
||||||
Server string `json:"server"`
|
|
||||||
APIConnString string `json:"apiconnstring"`
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,6 @@ type IntClient struct {
|
||||||
ServerAPIPort string `json:"serverapiport" bson:"serverapiport"`
|
ServerAPIPort string `json:"serverapiport" bson:"serverapiport"`
|
||||||
ServerPrivateAddress string `json:"serverprivateaddress" bson:"serverprivateaddress"`
|
ServerPrivateAddress string `json:"serverprivateaddress" bson:"serverprivateaddress"`
|
||||||
ServerWGPort string `json:"serverwgport" bson:"serverwgport"`
|
ServerWGPort string `json:"serverwgport" bson:"serverwgport"`
|
||||||
ServerGRPCPort string `json:"servergrpcport" bson:"servergrpcport"`
|
|
||||||
ServerKey string `json:"serverkey" bson:"serverkey"`
|
ServerKey string `json:"serverkey" bson:"serverkey"`
|
||||||
IsServer string `json:"isserver" bson:"isserver"`
|
IsServer string `json:"isserver" bson:"isserver"`
|
||||||
}
|
}
|
||||||
|
|
|
@ -101,9 +101,7 @@ type DisplayKey struct {
|
||||||
|
|
||||||
// GlobalConfig - global config
|
// GlobalConfig - global config
|
||||||
type GlobalConfig struct {
|
type GlobalConfig struct {
|
||||||
Name string `json:"name" bson:"name"`
|
Name string `json:"name" bson:"name"`
|
||||||
PortGRPC string `json:"portgrpc" bson:"portgrpc"`
|
|
||||||
ServerGRPC string `json:"servergrpc" bson:"servergrpc"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// CheckInResponse - checkin response
|
// CheckInResponse - checkin response
|
||||||
|
|
|
@ -39,9 +39,7 @@ func PublishPeerUpdate(newNode *models.Node) error {
|
||||||
if err = publish(&node, fmt.Sprintf("peers/%s/%s", node.Network, node.ID), data); err != nil {
|
if err = publish(&node, fmt.Sprintf("peers/%s/%s", node.Network, node.ID), data); err != nil {
|
||||||
logger.Log(1, "failed to publish peer update for node", node.ID)
|
logger.Log(1, "failed to publish peer update for node", node.ID)
|
||||||
} else {
|
} else {
|
||||||
if node.Network != servercfg.GetCommsID() {
|
logger.Log(1, "sent peer update for node", node.Name, "on network:", node.Network)
|
||||||
logger.Log(1, "sent peer update for node", node.Name, "on network:", node.Network)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -26,10 +26,6 @@ func GetCommands(cliFlags []cli.Flag) []*cli.Command {
|
||||||
err = errors.New("no network provided")
|
err = errors.New("no network provided")
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if cfg.Server.GRPCAddress == "" {
|
|
||||||
err = errors.New("no server address provided")
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
err = command.Register(&cfg, pvtKey)
|
err = command.Register(&cfg, pvtKey)
|
||||||
return err
|
return err
|
||||||
},
|
},
|
||||||
|
|
|
@ -112,18 +112,6 @@ func GetFlags(hostname string) []cli.Flag {
|
||||||
Value: "",
|
Value: "",
|
||||||
Usage: "Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server.",
|
Usage: "Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server.",
|
||||||
},
|
},
|
||||||
&cli.StringFlag{
|
|
||||||
Name: "grpcserver",
|
|
||||||
EnvVars: []string{"NETCLIENT_GRPC_SERVER"},
|
|
||||||
Value: "",
|
|
||||||
Usage: "Address + GRPC Port (e.g. 1.2.3.4:50051) of Netmaker server.",
|
|
||||||
},
|
|
||||||
&cli.StringFlag{
|
|
||||||
Name: "grpcssl",
|
|
||||||
EnvVars: []string{"NETCLIENT_GRPCSSL"},
|
|
||||||
Value: "",
|
|
||||||
Usage: "Tells clients to use SSL to connect to GRPC if 'on'. Disable if 'off'. Off by default.",
|
|
||||||
},
|
|
||||||
&cli.StringFlag{
|
&cli.StringFlag{
|
||||||
Name: "key",
|
Name: "key",
|
||||||
Aliases: []string{"k"},
|
Aliases: []string{"k"},
|
||||||
|
|
|
@ -14,11 +14,7 @@ import (
|
||||||
// tries to ping if already found locally, if fail ping pull for best effort for communication
|
// tries to ping if already found locally, if fail ping pull for best effort for communication
|
||||||
func JoinComms(cfg *config.ClientConfig) error {
|
func JoinComms(cfg *config.ClientConfig) error {
|
||||||
commsCfg := &config.ClientConfig{}
|
commsCfg := &config.ClientConfig{}
|
||||||
commsCfg.Network = cfg.Server.CommsNetwork
|
|
||||||
commsCfg.Node.Network = cfg.Server.CommsNetwork
|
|
||||||
commsCfg.Server.AccessKey = cfg.Server.AccessKey
|
commsCfg.Server.AccessKey = cfg.Server.AccessKey
|
||||||
commsCfg.Server.GRPCAddress = cfg.Server.GRPCAddress
|
|
||||||
commsCfg.Server.GRPCSSL = cfg.Server.GRPCSSL
|
|
||||||
commsCfg.Server.CoreDNSAddr = cfg.Server.CoreDNSAddr
|
commsCfg.Server.CoreDNSAddr = cfg.Server.CoreDNSAddr
|
||||||
if commsCfg.ConfigFileExists() {
|
if commsCfg.ConfigFileExists() {
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -33,13 +33,10 @@ type ClientConfig struct {
|
||||||
|
|
||||||
// ServerConfig - struct for dealing with the server information for a netclient
|
// ServerConfig - struct for dealing with the server information for a netclient
|
||||||
type ServerConfig struct {
|
type ServerConfig struct {
|
||||||
CoreDNSAddr string `yaml:"corednsaddr"`
|
CoreDNSAddr string `yaml:"corednsaddr"`
|
||||||
GRPCAddress string `yaml:"grpcaddress"`
|
AccessKey string `yaml:"accesskey"`
|
||||||
AccessKey string `yaml:"accesskey"`
|
Server string `yaml:"server"`
|
||||||
GRPCSSL string `yaml:"grpcssl"`
|
API string `yaml:"api"`
|
||||||
CommsNetwork string `yaml:"commsnetwork"`
|
|
||||||
Server string `yaml:"server"`
|
|
||||||
API string `yaml:"api"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// RegisterRequest - struct for registation with netmaker server
|
// RegisterRequest - struct for registation with netmaker server
|
||||||
|
@ -198,21 +195,12 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
||||||
log.Println("error converting token json to object", tokenbytes)
|
log.Println("error converting token json to object", tokenbytes)
|
||||||
return cfg, "", err
|
return cfg, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
if accesstoken.ServerConfig.GRPCConnString != "" {
|
|
||||||
cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString
|
|
||||||
}
|
|
||||||
|
|
||||||
cfg.Network = accesstoken.ClientConfig.Network
|
cfg.Network = accesstoken.ClientConfig.Network
|
||||||
cfg.Node.Network = accesstoken.ClientConfig.Network
|
cfg.Node.Network = accesstoken.ClientConfig.Network
|
||||||
cfg.Server.AccessKey = accesstoken.ClientConfig.Key
|
cfg.Server.AccessKey = accesstoken.ClientConfig.Key
|
||||||
cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
|
cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
|
||||||
cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL
|
|
||||||
cfg.Server.Server = accesstoken.ServerConfig.Server
|
cfg.Server.Server = accesstoken.ServerConfig.Server
|
||||||
cfg.Server.API = accesstoken.ServerConfig.APIConnString
|
cfg.Server.API = accesstoken.ServerConfig.APIConnString
|
||||||
if c.String("grpcserver") != "" {
|
|
||||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
|
||||||
}
|
|
||||||
if c.String("key") != "" {
|
if c.String("key") != "" {
|
||||||
cfg.Server.AccessKey = c.String("key")
|
cfg.Server.AccessKey = c.String("key")
|
||||||
}
|
}
|
||||||
|
@ -223,9 +211,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
||||||
if c.String("localrange") != "" {
|
if c.String("localrange") != "" {
|
||||||
cfg.Node.LocalRange = c.String("localrange")
|
cfg.Node.LocalRange = c.String("localrange")
|
||||||
}
|
}
|
||||||
if c.String("grpcssl") != "" {
|
|
||||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
|
||||||
}
|
|
||||||
if c.String("corednsaddr") != "" {
|
if c.String("corednsaddr") != "" {
|
||||||
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
||||||
}
|
}
|
||||||
|
@ -234,12 +219,10 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
|
||||||
cfg.Server.AccessKey = c.String("key")
|
cfg.Server.AccessKey = c.String("key")
|
||||||
cfg.Network = c.String("network")
|
cfg.Network = c.String("network")
|
||||||
cfg.Node.Network = c.String("network")
|
cfg.Node.Network = c.String("network")
|
||||||
cfg.Node.LocalRange = c.String("localrange")
|
cfg.Node.LocalRange = c.String("localrange")
|
||||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
|
||||||
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
||||||
cfg.Server.API = c.String("apiserver")
|
cfg.Server.API = c.String("apiserver")
|
||||||
}
|
}
|
||||||
|
|
|
@ -231,7 +231,7 @@ func setupMQTTSub(server string) mqtt.Client {
|
||||||
client := mqtt.NewClient(opts)
|
client := mqtt.NewClient(opts)
|
||||||
tperiod := time.Now().Add(12 * time.Second)
|
tperiod := time.Now().Add(12 * time.Second)
|
||||||
for {
|
for {
|
||||||
//if after 12 seconds, try a gRPC pull on the last try
|
//if after 12 seconds, try a pull on the last try
|
||||||
if time.Now().After(tperiod) {
|
if time.Now().After(tperiod) {
|
||||||
networks, err := ncutils.GetSystemNetworks()
|
networks, err := ncutils.GetSystemNetworks()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -362,7 +362,7 @@ func setupMQTT(cfg *config.ClientConfig, publish bool) mqtt.Client {
|
||||||
client := mqtt.NewClient(opts)
|
client := mqtt.NewClient(opts)
|
||||||
tperiod := time.Now().Add(12 * time.Second)
|
tperiod := time.Now().Add(12 * time.Second)
|
||||||
for {
|
for {
|
||||||
//if after 12 seconds, try a gRPC pull on the last try
|
//if after 12 seconds, try a pull on the last try
|
||||||
if time.Now().After(tperiod) {
|
if time.Now().After(tperiod) {
|
||||||
logger.Log(0, "running pull for ", cfg.Node.Network)
|
logger.Log(0, "running pull for ", cfg.Node.Network)
|
||||||
_, err := Pull(cfg.Node.Network, true)
|
_, err := Pull(cfg.Node.Network, true)
|
||||||
|
|
|
@ -182,7 +182,7 @@ func JoinNetwork(cfg *config.ClientConfig, privateKey string, iscomms bool) erro
|
||||||
logger.Log(0, "failed to make backup, node will not auto restore if config is corrupted")
|
logger.Log(0, "failed to make backup, node will not auto restore if config is corrupted")
|
||||||
}
|
}
|
||||||
logger.Log(0, "starting wireguard")
|
logger.Log(0, "starting wireguard")
|
||||||
err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false, []string{}, false)
|
err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -80,56 +80,3 @@ func getNetwork(network string) (Network, error) {
|
||||||
},
|
},
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// func getPeers(network string) ([]Peer, error) {
|
|
||||||
// cfg, err := config.ReadConfig(network)
|
|
||||||
// if err != nil {
|
|
||||||
// return []Peer{}, err
|
|
||||||
// }
|
|
||||||
// nodecfg := cfg.Node
|
|
||||||
// var nodes []models.Node
|
|
||||||
//
|
|
||||||
// var wcclient nodepb.NodeServiceClient
|
|
||||||
// conn, err := grpc.Dial(cfg.Server.GRPCAddress,
|
|
||||||
// ncutils.GRPCRequestOpts(cfg.Server.GRPCSSL))
|
|
||||||
//
|
|
||||||
// if err != nil {
|
|
||||||
// return []Peer{}, fmt.Errorf("connecting to %v: %w", cfg.Server.GRPCAddress, err)
|
|
||||||
// }
|
|
||||||
// defer conn.Close()
|
|
||||||
// Instantiate the BlogServiceClient with our client connection to the server
|
|
||||||
// wcclient = nodepb.NewNodeServiceClient(conn)
|
|
||||||
//
|
|
||||||
// nodeData, err := json.Marshal(&nodecfg)
|
|
||||||
// if err != nil {
|
|
||||||
// return []Peer{}, fmt.Errorf("could not parse config node on network %s : %w", network, err)
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
// req := &nodepb.Object{
|
|
||||||
// Data: string(nodeData),
|
|
||||||
// Type: nodepb.NODE_TYPE,
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
// ctx, err := auth.SetJWT(wcclient, network)
|
|
||||||
// if err != nil {
|
|
||||||
// return []Peer{}, fmt.Errorf("authenticating: %w", err)
|
|
||||||
// }
|
|
||||||
// var header metadata.MD
|
|
||||||
//
|
|
||||||
// response, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
|
|
||||||
// if err != nil {
|
|
||||||
// return []Peer{}, fmt.Errorf("retrieving peers: %w", err)
|
|
||||||
// }
|
|
||||||
// if err := json.Unmarshal([]byte(response.GetData()), &nodes); err != nil {
|
|
||||||
// return []Peer{}, fmt.Errorf("unmarshaling data for peers: %w", err)
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
// peers := []Peer{}
|
|
||||||
// for _, node := range nodes {
|
|
||||||
// if node.Name != cfg.Node.Name {
|
|
||||||
// peers = append(peers, Peer{Name: fmt.Sprintf("%v.%v", node.Name, network), PrivateIPv4: node.Address, PrivateIPv6: node.Address6})
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
// return peers, nil
|
|
||||||
// }
|
|
||||||
|
|
|
@ -3,7 +3,6 @@ package ncutils
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/tls"
|
|
||||||
"encoding/gob"
|
"encoding/gob"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
@ -23,8 +22,6 @@ import (
|
||||||
"github.com/gravitl/netmaker/logger"
|
"github.com/gravitl/netmaker/logger"
|
||||||
"github.com/gravitl/netmaker/models"
|
"github.com/gravitl/netmaker/models"
|
||||||
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
||||||
"google.golang.org/grpc"
|
|
||||||
"google.golang.org/grpc/credentials"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Version - version of the netclient
|
// Version - version of the netclient
|
||||||
|
@ -381,17 +378,6 @@ func GetWGPathSpecific() string {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// GRPCRequestOpts - gets grps request opts
|
|
||||||
func GRPCRequestOpts(isSecure string) grpc.DialOption {
|
|
||||||
var requestOpts grpc.DialOption
|
|
||||||
requestOpts = grpc.WithInsecure()
|
|
||||||
if isSecure == "on" {
|
|
||||||
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
|
|
||||||
requestOpts = grpc.WithTransportCredentials(h2creds)
|
|
||||||
}
|
|
||||||
return requestOpts
|
|
||||||
}
|
|
||||||
|
|
||||||
// Copy - copies a src file to dest
|
// Copy - copies a src file to dest
|
||||||
func Copy(src, dst string) error {
|
func Copy(src, dst string) error {
|
||||||
sourceFileStat, err := os.Stat(src)
|
sourceFileStat, err := os.Stat(src)
|
||||||
|
|
|
@ -121,7 +121,7 @@ func SetPeers(iface string, node *models.Node, peers []wgtypes.PeerConfig) error
|
||||||
}
|
}
|
||||||
|
|
||||||
// Initializes a WireGuard interface
|
// Initializes a WireGuard interface
|
||||||
func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, syncconf bool) error {
|
func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, syncconf bool) error {
|
||||||
|
|
||||||
key, err := wgtypes.ParseKey(privkey)
|
key, err := wgtypes.ParseKey(privkey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -229,10 +229,6 @@ func SetWGConfig(network string, peerupdate bool) error {
|
||||||
servercfg := cfg.Server
|
servercfg := cfg.Server
|
||||||
nodecfg := cfg.Node
|
nodecfg := cfg.Node
|
||||||
|
|
||||||
//peers, hasGateway, gateways, err := server.GetPeers(nodecfg.MacAddress, nodecfg.Network, servercfg.GRPCAddress, nodecfg.IsDualStack == "yes", nodecfg.IsIngressGateway == "yes", nodecfg.IsServer == "yes")
|
|
||||||
//if err != nil {
|
|
||||||
// return err
|
|
||||||
//}
|
|
||||||
privkey, err := RetrievePrivKey(network)
|
privkey, err := RetrievePrivKey(network)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -248,9 +244,9 @@ func SetWGConfig(network string, peerupdate bool) error {
|
||||||
}
|
}
|
||||||
err = SetPeers(iface, &nodecfg, []wgtypes.PeerConfig{})
|
err = SetPeers(iface, &nodecfg, []wgtypes.PeerConfig{})
|
||||||
} else if peerupdate {
|
} else if peerupdate {
|
||||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, true)
|
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, true)
|
||||||
} else {
|
} else {
|
||||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, false)
|
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false)
|
||||||
}
|
}
|
||||||
if nodecfg.DNSOn == "yes" {
|
if nodecfg.DNSOn == "yes" {
|
||||||
_ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr)
|
_ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr)
|
||||||
|
|
|
@ -31,21 +31,4 @@ server {
|
||||||
proxy_pass_request_headers on;
|
proxy_pass_request_headers on;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name grpc.NETMAKER_BASE_DOMAIN;
|
|
||||||
ssl_certificate /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/fullchain.pem;
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/privkey.pem;
|
|
||||||
#include /etc/letsencrypt/options-ssl-nginx.conf;
|
|
||||||
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
|
||||||
|
|
||||||
# Forces the header to be the one that is visible from the outside
|
|
||||||
proxy_set_header Host api.NETMAKER_BASE_DOMAIN; # Please change to your URL
|
|
||||||
|
|
||||||
# Pass all headers through to the backend
|
|
||||||
proxy_pass_request_headers on;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
grpc_pass grpc://127.0.0.1:50051;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
@ -34,7 +34,6 @@ echo "To Override, add a Wildcard (*.netmaker.example.com) DNS record pointing t
|
||||||
echo "Or, add three DNS records pointing to $SERVER_PUBLIC_IP for the following (Replacing 'netmaker.example.com' with the domain of your choice):"
|
echo "Or, add three DNS records pointing to $SERVER_PUBLIC_IP for the following (Replacing 'netmaker.example.com' with the domain of your choice):"
|
||||||
echo " dashboard.netmaker.example.com"
|
echo " dashboard.netmaker.example.com"
|
||||||
echo " api.netmaker.example.com"
|
echo " api.netmaker.example.com"
|
||||||
echo " grpc.netmaker.example.com"
|
|
||||||
echo "-----------------------------------------------------"
|
echo "-----------------------------------------------------"
|
||||||
read -p "Domain (Hit 'enter' to use $NETMAKER_BASE_DOMAIN): " domain
|
read -p "Domain (Hit 'enter' to use $NETMAKER_BASE_DOMAIN): " domain
|
||||||
read -p "Contact Email: " email
|
read -p "Contact Email: " email
|
||||||
|
|
|
@ -9,7 +9,6 @@ cat >/etc/netmaker/config/environments/dev.yaml<<EOL
|
||||||
server:
|
server:
|
||||||
host:
|
host:
|
||||||
apiport: "8081"
|
apiport: "8081"
|
||||||
grpcport: "50051"
|
|
||||||
masterkey: "secretkey"
|
masterkey: "secretkey"
|
||||||
allowedorigin: "*"
|
allowedorigin: "*"
|
||||||
restbackend: true
|
restbackend: true
|
||||||
|
|
|
@ -7,8 +7,7 @@ token=$1
|
||||||
token_json=$(echo $token | base64 -d)
|
token_json=$(echo $token | base64 -d)
|
||||||
|
|
||||||
api_addr=$(echo $token_json | jq -r '.apiconn')
|
api_addr=$(echo $token_json | jq -r '.apiconn')
|
||||||
grpc_addr=$(echo $token_json | jq -r '.grpcconn')
|
|
||||||
network=$(echo $token_json | jq -r '.network')
|
network=$(echo $token_json | jq -r '.network')
|
||||||
key=$(echo $token_json | jq -r '.key')
|
key=$(echo $token_json | jq -r '.key')
|
||||||
|
|
||||||
echo ./netclient join -k $key -n $network --apiserver $api_addr --grpcserver $grpc_addr
|
echo ./netclient join -k $key -n $network --apiserver $api_addr
|
||||||
|
|
|
@ -40,9 +40,6 @@ func GetServerConfig() config.ServerConfig {
|
||||||
cfg.APIPort = GetAPIPort()
|
cfg.APIPort = GetAPIPort()
|
||||||
cfg.APIPort = GetAPIPort()
|
cfg.APIPort = GetAPIPort()
|
||||||
cfg.MQPort = GetMQPort()
|
cfg.MQPort = GetMQPort()
|
||||||
cfg.GRPCHost = GetGRPCHost()
|
|
||||||
cfg.GRPCPort = GetGRPCPort()
|
|
||||||
cfg.GRPCConnString = GetGRPCConnString()
|
|
||||||
cfg.MasterKey = "(hidden)"
|
cfg.MasterKey = "(hidden)"
|
||||||
cfg.DNSKey = "(hidden)"
|
cfg.DNSKey = "(hidden)"
|
||||||
cfg.AllowedOrigin = GetAllowedOrigin()
|
cfg.AllowedOrigin = GetAllowedOrigin()
|
||||||
|
@ -68,10 +65,6 @@ func GetServerConfig() config.ServerConfig {
|
||||||
if IsDisplayKeys() {
|
if IsDisplayKeys() {
|
||||||
cfg.DisplayKeys = "on"
|
cfg.DisplayKeys = "on"
|
||||||
}
|
}
|
||||||
cfg.GRPCSSL = "off"
|
|
||||||
if IsGRPCSSL() {
|
|
||||||
cfg.GRPCSSL = "on"
|
|
||||||
}
|
|
||||||
cfg.DisableRemoteIPCheck = "off"
|
cfg.DisableRemoteIPCheck = "off"
|
||||||
if DisableRemoteIPCheck() {
|
if DisableRemoteIPCheck() {
|
||||||
cfg.DisableRemoteIPCheck = "on"
|
cfg.DisableRemoteIPCheck = "on"
|
||||||
|
@ -195,59 +188,17 @@ func GetDefaultNodeLimit() int32 {
|
||||||
return limit
|
return limit
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetGRPCConnString - get grpc conn string
|
|
||||||
func GetGRPCConnString() string {
|
|
||||||
conn := ""
|
|
||||||
if os.Getenv("SERVER_GRPC_CONN_STRING") != "" {
|
|
||||||
conn = os.Getenv("SERVER_GRPC_CONN_STRING")
|
|
||||||
} else if config.Config.Server.GRPCConnString != "" {
|
|
||||||
conn = config.Config.Server.GRPCConnString
|
|
||||||
} else {
|
|
||||||
conn = GetGRPCHost() + ":" + GetGRPCPort()
|
|
||||||
}
|
|
||||||
return conn
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetCoreDNSAddr - gets the core dns address
|
// GetCoreDNSAddr - gets the core dns address
|
||||||
func GetCoreDNSAddr() string {
|
func GetCoreDNSAddr() string {
|
||||||
addr, _ := GetPublicIP()
|
addr, _ := GetPublicIP()
|
||||||
if os.Getenv("COREDNS_ADDR") != "" {
|
if os.Getenv("COREDNS_ADDR") != "" {
|
||||||
addr = os.Getenv("COREDNS_ADDR")
|
addr = os.Getenv("COREDNS_ADDR")
|
||||||
} else if config.Config.Server.CoreDNSAddr != "" {
|
} else if config.Config.Server.CoreDNSAddr != "" {
|
||||||
addr = config.Config.Server.GRPCConnString
|
addr = config.Config.Server.CoreDNSAddr
|
||||||
}
|
}
|
||||||
return addr
|
return addr
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetGRPCHost - get the grpc host url
|
|
||||||
func GetGRPCHost() string {
|
|
||||||
serverhost := "127.0.0.1"
|
|
||||||
remoteip, _ := GetPublicIP()
|
|
||||||
if os.Getenv("SERVER_GRPC_HOST") != "" {
|
|
||||||
serverhost = os.Getenv("SERVER_GRPC_HOST")
|
|
||||||
} else if config.Config.Server.GRPCHost != "" {
|
|
||||||
serverhost = config.Config.Server.GRPCHost
|
|
||||||
} else if os.Getenv("SERVER_HOST") != "" {
|
|
||||||
serverhost = os.Getenv("SERVER_HOST")
|
|
||||||
} else {
|
|
||||||
if remoteip != "" {
|
|
||||||
serverhost = remoteip
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return serverhost
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetGRPCPort - gets the grpc port
|
|
||||||
func GetGRPCPort() string {
|
|
||||||
grpcport := "50051"
|
|
||||||
if os.Getenv("GRPC_PORT") != "" {
|
|
||||||
grpcport = os.Getenv("GRPC_PORT")
|
|
||||||
} else if config.Config.Server.GRPCPort != "" {
|
|
||||||
grpcport = config.Config.Server.GRPCPort
|
|
||||||
}
|
|
||||||
return grpcport
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetMQPort - gets the mq port
|
// GetMQPort - gets the mq port
|
||||||
func GetMQPort() string {
|
func GetMQPort() string {
|
||||||
mqport := "1883"
|
mqport := "1883"
|
||||||
|
@ -259,28 +210,6 @@ func GetMQPort() string {
|
||||||
return mqport
|
return mqport
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetGRPCPort - gets the grpc port
|
|
||||||
func GetCommsCIDR() string {
|
|
||||||
netrange := "172.16.0.0/16"
|
|
||||||
if os.Getenv("COMMS_CIDR") != "" {
|
|
||||||
netrange = os.Getenv("COMMS_CIDR")
|
|
||||||
} else if config.Config.Server.CommsCIDR != "" {
|
|
||||||
netrange = config.Config.Server.CommsCIDR
|
|
||||||
} else { // make a random one, which should only affect initialize first time, unless db is removed
|
|
||||||
netrange = genNewCommsCIDR()
|
|
||||||
}
|
|
||||||
_, _, err := net.ParseCIDR(netrange)
|
|
||||||
if err == nil {
|
|
||||||
return netrange
|
|
||||||
}
|
|
||||||
return "172.16.0.0/16"
|
|
||||||
}
|
|
||||||
|
|
||||||
// GetCommsID - gets the grpc port
|
|
||||||
func GetCommsID() string {
|
|
||||||
return commsID
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetCommsID - sets the commsID
|
// SetCommsID - sets the commsID
|
||||||
func SetCommsID(newCommsID string) {
|
func SetCommsID(newCommsID string) {
|
||||||
commsID = newCommsID
|
commsID = newCommsID
|
||||||
|
@ -453,21 +382,6 @@ func IsDisplayKeys() bool {
|
||||||
return isdisplay
|
return isdisplay
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsGRPCSSL - ssl grpc on or off
|
|
||||||
func IsGRPCSSL() bool {
|
|
||||||
isssl := false
|
|
||||||
if os.Getenv("GRPC_SSL") != "" {
|
|
||||||
if os.Getenv("GRPC_SSL") == "on" {
|
|
||||||
isssl = true
|
|
||||||
}
|
|
||||||
} else if config.Config.Server.GRPCSSL != "" {
|
|
||||||
if config.Config.Server.GRPCSSL == "on" {
|
|
||||||
isssl = true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return isssl
|
|
||||||
}
|
|
||||||
|
|
||||||
// DisableRemoteIPCheck - disable the remote ip check
|
// DisableRemoteIPCheck - disable the remote ip check
|
||||||
func DisableRemoteIPCheck() bool {
|
func DisableRemoteIPCheck() bool {
|
||||||
disabled := false
|
disabled := false
|
||||||
|
|
|
@ -5,14 +5,12 @@ import (
|
||||||
"net"
|
"net"
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/gravitl/netmaker/database"
|
"github.com/gravitl/netmaker/database"
|
||||||
"github.com/gravitl/netmaker/logger"
|
"github.com/gravitl/netmaker/logger"
|
||||||
"github.com/gravitl/netmaker/logic"
|
"github.com/gravitl/netmaker/logic"
|
||||||
"github.com/gravitl/netmaker/logic/acls"
|
"github.com/gravitl/netmaker/logic/acls"
|
||||||
"github.com/gravitl/netmaker/logic/acls/nodeacls"
|
"github.com/gravitl/netmaker/logic/acls/nodeacls"
|
||||||
"github.com/gravitl/netmaker/models"
|
|
||||||
"github.com/gravitl/netmaker/netclient/ncutils"
|
"github.com/gravitl/netmaker/netclient/ncutils"
|
||||||
"github.com/gravitl/netmaker/servercfg"
|
"github.com/gravitl/netmaker/servercfg"
|
||||||
)
|
)
|
||||||
|
@ -25,47 +23,6 @@ const (
|
||||||
NETMAKER_BINARY_NAME = "netmaker"
|
NETMAKER_BINARY_NAME = "netmaker"
|
||||||
)
|
)
|
||||||
|
|
||||||
// InitializeCommsNetwork - Check if comms network exists (for MQ, DNS, SSH traffic), if not, create
|
|
||||||
func InitializeCommsNetwork() error {
|
|
||||||
|
|
||||||
setCommsID()
|
|
||||||
|
|
||||||
commsNetwork, err := logic.GetNetwork(COMMS_NETID)
|
|
||||||
if err != nil {
|
|
||||||
var network models.Network
|
|
||||||
network.NetID = COMMS_NETID
|
|
||||||
network.AddressRange = servercfg.GetCommsCIDR()
|
|
||||||
network.IsPointToSite = "yes"
|
|
||||||
network.DefaultUDPHolePunch = "yes"
|
|
||||||
network.IsComms = "yes"
|
|
||||||
logger.Log(1, "comms net does not exist, creating with ID,", network.NetID, "and CIDR,", network.AddressRange)
|
|
||||||
_, err = logic.CreateNetwork(network)
|
|
||||||
return err
|
|
||||||
} else if commsNetwork.DefaultACL == "" {
|
|
||||||
commsNetwork.DefaultACL = "yes"
|
|
||||||
if err = logic.SaveNetwork(&commsNetwork); err != nil {
|
|
||||||
logger.Log(1, "comms net default acl is set incorrectly, please manually adjust to \"yes\",", COMMS_NETID)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// gracefully check for comms interface
|
|
||||||
gracefulCommsWait()
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func gracefulCommsWait() {
|
|
||||||
output, _ := ncutils.RunCmd("wg", false)
|
|
||||||
starttime := time.Now()
|
|
||||||
ifaceReady := strings.Contains(output, COMMS_NETID)
|
|
||||||
for !ifaceReady && !(time.Now().After(starttime.Add(time.Second << 4))) {
|
|
||||||
output, _ = ncutils.RunCmd("wg", false)
|
|
||||||
SyncServerNetwork(COMMS_NETID)
|
|
||||||
time.Sleep(time.Second)
|
|
||||||
ifaceReady = strings.Contains(output, COMMS_NETID)
|
|
||||||
}
|
|
||||||
logger.Log(1, "comms network", COMMS_NETID, "ready")
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetJWTSecret - sets the jwt secret on server startup
|
// SetJWTSecret - sets the jwt secret on server startup
|
||||||
func setCommsID() {
|
func setCommsID() {
|
||||||
currentid, idErr := logic.FetchCommsNetID()
|
currentid, idErr := logic.FetchCommsNetID()
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
server:
|
server:
|
||||||
host: "localhost"
|
host: "localhost"
|
||||||
apiport: "8081"
|
apiport: "8081"
|
||||||
grpcport: "50051"
|
|
||||||
masterkey: "secretkey"
|
masterkey: "secretkey"
|
||||||
allowedorigin: "*"
|
allowedorigin: "*"
|
||||||
restbackend: true
|
restbackend: true
|
||||||
|
|
Loading…
Reference in a new issue