mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 07:16:06 +08:00
remove references to grpc/comms net
This commit is contained in:
Matthew R. Kasun
parent
886ec31553
commit
7152f6ccd4
|
|
@ -20,14 +20,10 @@ services:
|
|||
SERVER_NAME: "broker.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||
GRPC_SSL: "on"
|
||||
DNS_MODE: "on"
|
||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
API_PORT: "8081"
|
||||
GRPC_PORT: "50051"
|
||||
CLIENT_MODE: "on"
|
||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||
CORS_ALLOWED_ORIGIN: "*"
|
||||
|
|
|
|||
|
|
@ -18,24 +18,18 @@ services:
|
|||
environment:
|
||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||
GRPC_SSL: "on"
|
||||
DNS_MODE: "on"
|
||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
API_PORT: "8081"
|
||||
GRPC_PORT: "50051"
|
||||
CLIENT_MODE: "on"
|
||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||
SERVER_GRPC_WIREGUARD: "off"
|
||||
CORS_ALLOWED_ORIGIN: "*"
|
||||
DISPLAY_KEYS: "on"
|
||||
DATABASE: "sqlite"
|
||||
HOST_NETWORK: "on"
|
||||
NODE_ID: "netmaker-server-1"
|
||||
MANAGE_IPTABLES: "on"
|
||||
PORT_FORWARD_SERVICES: ""
|
||||
VERBOSITY: "1"
|
||||
netmaker-ui:
|
||||
container_name: netmaker-ui
|
||||
|
|
|
|||
|
|
@ -18,14 +18,10 @@ services:
|
|||
environment:
|
||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||
GRPC_SSL: "on"
|
||||
DNS_MODE: "on"
|
||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
API_PORT: "8081"
|
||||
GRPC_PORT: "50051"
|
||||
CLIENT_MODE: "on"
|
||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||
CORS_ALLOWED_ORIGIN: "*"
|
||||
|
|
@ -35,7 +31,6 @@ services:
|
|||
MQ_HOST: "mq"
|
||||
HOST_NETWORK: "off"
|
||||
MANAGE_IPTABLES: "on"
|
||||
PORT_FORWARD_SERVICES: "mq"
|
||||
VERBOSITY: "1"
|
||||
ports:
|
||||
- "51821-51830:51821-51830/udp"
|
||||
|
|
|
|||
|
|
@ -18,14 +18,10 @@ services:
|
|||
environment:
|
||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||
GRPC_SSL: "on"
|
||||
DNS_MODE: "off"
|
||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
API_PORT: "8081"
|
||||
GRPC_PORT: "50051"
|
||||
CLIENT_MODE: "on"
|
||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||
CORS_ALLOWED_ORIGIN: "*"
|
||||
|
|
@ -35,7 +31,6 @@ services:
|
|||
MQ_HOST: "mq"
|
||||
HOST_NETWORK: "off"
|
||||
MANAGE_IPTABLES: "on"
|
||||
PORT_FORWARD_SERVICES: "mq"
|
||||
VERBOSITY: "1"
|
||||
ports:
|
||||
- "51821-51830:51821-51830/udp"
|
||||
|
|
|
|||
|
|
@ -16,23 +16,18 @@ services:
|
|||
restart: always
|
||||
network_mode: host # Must configure with very particular settngs for host networking to work. Do not just set on!
|
||||
environment:
|
||||
SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host.
|
||||
SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
|
||||
SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
|
||||
SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set the HTTP host.
|
||||
SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP available via different interfaces/networks.
|
||||
API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
|
||||
GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes.
|
||||
CLIENT_MODE: "on" # on if netmaker should run its own client, off if not.
|
||||
MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
|
||||
CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
|
||||
REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
|
||||
AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off.
|
||||
DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
|
||||
DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
|
||||
GRPC_SSL: "off" # Tells clients to use SSL to connect to GRPC. Switch to on to turn on.
|
||||
COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST
|
||||
DISPLAY_KEYS: "on" # Show keys permanently in UI (until deleted) as opposed to 1-time display.
|
||||
SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT
|
||||
SERVER_GRPC_CONN_STRING: "" # Changes the grpc connection string. IP:PORT format. By default is empty and uses SERVER_HOST:GRPC_PORT
|
||||
RCE: "off" # Enables setting PostUp and PostDown (arbitrary commands) on nodes from the server. Off by default.
|
||||
NODE_ID: "" # Sets the name/id of the nodes that the server creates. Necessary for HA configurations to identify between servers (for instance, netmaker-1, netmaker-2, etc). For non-HA deployments, is not necessary.
|
||||
TELEMETRY: "on" # Whether or not to send telemetry data to help improve Netmaker. Switch to "off" to opt out of sending telemetry.
|
||||
|
|
|
|||
|
|
@ -18,14 +18,10 @@ services:
|
|||
environment:
|
||||
SERVER_HOST: "SERVER_PUBLIC_IP"
|
||||
SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
COREDNS_ADDR: "SERVER_PUBLIC_IP"
|
||||
GRPC_SSL: "on"
|
||||
DNS_MODE: "on"
|
||||
SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
|
||||
SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
API_PORT: "8081"
|
||||
GRPC_PORT: "50051"
|
||||
CLIENT_MODE: "on"
|
||||
MASTER_KEY: "REPLACE_MASTER_KEY"
|
||||
CORS_ALLOWED_ORIGIN: "*"
|
||||
|
|
@ -35,7 +31,6 @@ services:
|
|||
MQ_HOST: "mq"
|
||||
HOST_NETWORK: "off"
|
||||
MANAGE_IPTABLES: "on"
|
||||
PORT_FORWARD_SERVICES: "mq"
|
||||
VERBOSITY: "1"
|
||||
ports:
|
||||
- "51821-51830:51821-51830/udp"
|
||||
|
|
|
|||
|
|
@ -36,10 +36,6 @@ type ServerConfig struct {
|
|||
APIConnString string `yaml:"apiconn"`
|
||||
APIHost string `yaml:"apihost"`
|
||||
APIPort string `yaml:"apiport"`
|
||||
GRPCConnString string `yaml:"grpcconn"`
|
||||
GRPCHost string `yaml:"grpchost"`
|
||||
GRPCPort string `yaml:"grpcport"`
|
||||
GRPCSecure string `yaml:"grpcsecure"`
|
||||
MQHOST string `yaml:"mqhost"`
|
||||
MasterKey string `yaml:"masterkey"`
|
||||
DNSKey string `yaml:"dnskey"`
|
||||
|
|
@ -51,7 +47,6 @@ type ServerConfig struct {
|
|||
ClientMode string `yaml:"clientmode"`
|
||||
DNSMode string `yaml:"dnsmode"`
|
||||
DisableRemoteIPCheck string `yaml:"disableremoteipcheck"`
|
||||
GRPCSSL string `yaml:"grpcssl"`
|
||||
Version string `yaml:"version"`
|
||||
SQLConn string `yaml:"sqlconn"`
|
||||
Platform string `yaml:"platform"`
|
||||
|
|
|
|||
|
|
@ -1,8 +1,6 @@
|
|||
server:
|
||||
apihost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_API_HOST if set
|
||||
apiport: "" # defaults to 8081 or HTTP_PORT (if set)
|
||||
grpchost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_GRPC_HOST if set.
|
||||
grpcport: "" # defaults to 50051 or GRPC_PORT (if set)
|
||||
masterkey: "" # defaults to 'secretkey' or MASTER_KEY (if set)
|
||||
allowedorigin: "" # defaults to '*' or CORS_ALLOWED_ORIGIN (if set)
|
||||
restbackend: "" # defaults to "on" or REST_BACKEND (if set)
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
10.0.0.2 testnode.skynet myhost.skynet
|
||||
10.0.0.1 testnode.skynet
|
||||
10.0.0.2 myhost.skynet
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
server:
|
||||
host: "localhost"
|
||||
apiport: "8081"
|
||||
grpcport: "50051"
|
||||
masterkey: ""
|
||||
allowedorigin: "*"
|
||||
restbackend: true
|
||||
|
|
|
|||
|
|
@ -423,16 +423,6 @@ func isCommsEdit(w http.ResponseWriter, r *http.Request, netname string) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
func filterCommsNetwork(networks []models.Network) []models.Network {
|
||||
var filterdNets []models.Network
|
||||
for i := range networks {
|
||||
if networks[i].IsComms != "yes" && networks[i].NetID != servercfg.GetCommsID() {
|
||||
filterdNets = append(filterdNets, networks[i])
|
||||
}
|
||||
}
|
||||
return filterdNets
|
||||
}
|
||||
|
||||
func getServerAddrs(node *models.Node) {
|
||||
serverNodes := logic.GetServerNodes(serverctl.COMMS_NETID)
|
||||
//pubIP, _ := servercfg.GetPublicIP()
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ import (
|
|||
"github.com/gravitl/netmaker/database"
|
||||
"github.com/gravitl/netmaker/logic"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"github.com/gravitl/netmaker/serverctl"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
|
|
@ -301,5 +300,4 @@ func createNet() {
|
|||
if err != nil {
|
||||
logic.CreateNetwork(network)
|
||||
}
|
||||
serverctl.InitializeCommsNetwork()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -382,10 +382,6 @@ func getNode(w http.ResponseWriter, r *http.Request) {
|
|||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
if logic.IsNodeInComms(&node) {
|
||||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
logger.Log(2, r.Header.Get("user"), "fetched node", params["nodeid"])
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(node)
|
||||
|
|
@ -737,16 +733,6 @@ func runServerUpdate(node *models.Node, ifaceDelta bool) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
func filterCommsNodes(nodes []models.Node) []models.Node {
|
||||
var filterdNodes []models.Node
|
||||
for i := range nodes {
|
||||
if !logic.IsNodeInComms(&nodes[i]) {
|
||||
filterdNodes = append(filterdNodes, nodes[i])
|
||||
}
|
||||
}
|
||||
return filterdNodes
|
||||
}
|
||||
|
||||
func runForceServerUpdate(node *models.Node) {
|
||||
go func() {
|
||||
if err := mq.PublishPeerUpdate(node); err != nil {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@ import (
|
|||
"github.com/gravitl/netmaker/logger"
|
||||
"github.com/gravitl/netmaker/logic"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"github.com/gravitl/netmaker/servercfg"
|
||||
)
|
||||
|
||||
func userHandlers(r *mux.Router) {
|
||||
|
|
@ -167,11 +166,6 @@ func createUser(w http.ResponseWriter, r *http.Request) {
|
|||
// get node from body of request
|
||||
_ = json.NewDecoder(r.Body).Decode(&user)
|
||||
|
||||
if !user.IsAdmin && isAddingComms(user.Networks) {
|
||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
||||
return
|
||||
}
|
||||
|
||||
user, err := logic.CreateUser(user)
|
||||
|
||||
if err != nil {
|
||||
|
|
@ -200,11 +194,6 @@ func updateUserNetworks(w http.ResponseWriter, r *http.Request) {
|
|||
returnErrorResponse(w, r, formatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
if !userchange.IsAdmin && isAddingComms(userchange.Networks) {
|
||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
||||
return
|
||||
}
|
||||
|
||||
err = logic.UpdateUserNetworks(userchange.Networks, userchange.IsAdmin, &user)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
||||
|
|
@ -229,10 +218,6 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
|
|||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not update user info for oauth user %s", username), "forbidden"))
|
||||
return
|
||||
}
|
||||
if !user.IsAdmin && isAddingComms(user.Networks) {
|
||||
returnErrorResponse(w, r, formatError(fmt.Errorf("can not add comms network to non admin"), "badrequest"))
|
||||
return
|
||||
}
|
||||
var userchange models.User
|
||||
// we decode our body request params
|
||||
err = json.NewDecoder(r.Body).Decode(&userchange)
|
||||
|
|
@ -302,13 +287,3 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
|
|||
logger.Log(1, username, "was deleted")
|
||||
json.NewEncoder(w).Encode(params["username"] + " deleted.")
|
||||
}
|
||||
|
||||
func isAddingComms(networks []string) bool {
|
||||
commsID := servercfg.GetCommsID()
|
||||
for i := range networks {
|
||||
if networks[i] == commsID {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,3 @@ https://api.NETMAKER_BASE_DOMAIN {
|
|||
reverse_proxy http://127.0.0.1:8081
|
||||
}
|
||||
|
||||
# gRPC
|
||||
https://grpc.NETMAKER_BASE_DOMAIN {
|
||||
reverse_proxy h2c://127.0.0.1:50051
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,20 +25,12 @@ spec:
|
|||
env:
|
||||
- name: SERVER_API_CONN_STRING
|
||||
value: "api.nm.k8s.gravitl.com:443"
|
||||
- name: SERVER_GRPC_CONN_STRING
|
||||
value: "grpc.nm.k8s.gravitl.com:443"
|
||||
- name: COREDNS_ADDR
|
||||
value: "netmaker-dns"
|
||||
- name: GRPC_SSL
|
||||
value: "on"
|
||||
- name: SERVER_HTTP_HOST
|
||||
value: "api.nm.k8s.gravitl.com"
|
||||
- name: SERVER_GRPC_HOST
|
||||
value: "grpc.nm.k8s.gravitl.com"
|
||||
- name: API_PORT
|
||||
value: "8081"
|
||||
- name: GRPC_PORT
|
||||
value: "50051"
|
||||
- name: AGENT_BACKEND
|
||||
value: "off"
|
||||
- name: CLIENT_MODE
|
||||
|
|
@ -47,8 +39,6 @@ spec:
|
|||
value: "on"
|
||||
- name: MASTER_KEY
|
||||
value: "Unkn0wn!"
|
||||
- name: SERVER_GRPC_WIREGUARD
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
value: "secretkey"
|
||||
- name: CORS_ALLOWED_ORIGIN
|
||||
|
|
|
|||
|
|
@ -25,26 +25,16 @@ spec:
|
|||
env:
|
||||
- name: SERVER_API_CONN_STRING
|
||||
value: "api.nm.k8s.gravitl.com:443"
|
||||
- name: SERVER_GRPC_CONN_STRING
|
||||
value: "grpc.nm.k8s.gravitl.com:443"
|
||||
- name: COREDNS_ADDR
|
||||
value: "10.152.183.53"
|
||||
- name: GRPC_SSL
|
||||
value: "on"
|
||||
- name: SERVER_HTTP_HOST
|
||||
value: "api.k8s.gravitl.com"
|
||||
- name: SERVER_GRPC_HOST
|
||||
value: "grpc.k8s.gravitl.com"
|
||||
- name: API_PORT
|
||||
value: "8081"
|
||||
- name: GRPC_PORT
|
||||
value: "443"
|
||||
- name: CLIENT_MODE
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
value: "Unkn0wn!"
|
||||
- name: SERVER_GRPC_WIREGUARD
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
value: "secretkey"
|
||||
- name: CORS_ALLOWED_ORIGIN
|
||||
|
|
@ -97,7 +87,6 @@ kind: Service
|
|||
metadata:
|
||||
labels:
|
||||
app: netmaker-backend
|
||||
name: netmaker-grpc
|
||||
spec:
|
||||
ports:
|
||||
- port: 443
|
||||
|
|
|
|||
|
|
@ -84,26 +84,16 @@ spec:
|
|||
env:
|
||||
- name: SERVER_API_CONN_STRING
|
||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: SERVER_GRPC_CONN_STRING
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: COREDNS_ADDR
|
||||
value: "10.152.183.53"
|
||||
- name: GRPC_SSL
|
||||
value: "on"
|
||||
- name: SERVER_HTTP_HOST
|
||||
value: "api.NETMAKER_BASE_DOMAIN"
|
||||
- name: SERVER_GRPC_HOST
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
- name: API_PORT
|
||||
value: "8081"
|
||||
- name: GRPC_PORT
|
||||
value: "443"
|
||||
- name: CLIENT_MODE
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
value: "Unkn0wn!"
|
||||
- name: SERVER_GRPC_WIREGUARD
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
value: "secretkey"
|
||||
- name: CORS_ALLOWED_ORIGIN
|
||||
|
|
|
|||
|
|
@ -56,24 +56,16 @@ spec:
|
|||
env:
|
||||
- name: SERVER_API_CONN_STRING
|
||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: SERVER_GRPC_CONN_STRING
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: COREDNS_ADDR
|
||||
value: "10.152.183.53"
|
||||
- name: POD_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.podIP
|
||||
- name: GRPC_SSL
|
||||
value: "on"
|
||||
- name: SERVER_HTTP_HOST
|
||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: SERVER_GRPC_HOST
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: API_PORT
|
||||
value: "8081"
|
||||
- name: GRPC_PORT
|
||||
value: "443"
|
||||
- name: CLIENT_MODE
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
|
|
|
|||
|
|
@ -39,24 +39,16 @@ spec:
|
|||
env:
|
||||
- name: SERVER_API_CONN_STRING
|
||||
value: "api.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: SERVER_GRPC_CONN_STRING
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN:443"
|
||||
- name: COREDNS_ADDR
|
||||
value: "10.152.183.53"
|
||||
- name: POD_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.podIP
|
||||
- name: GRPC_SSL
|
||||
value: "on"
|
||||
- name: SERVER_HTTP_HOST
|
||||
value: "api.NETMAKER_BASE_DOMAIN"
|
||||
- name: SERVER_GRPC_HOST
|
||||
value: "grpc.NETMAKER_BASE_DOMAIN"
|
||||
- name: API_PORT
|
||||
value: "8081"
|
||||
- name: GRPC_PORT
|
||||
value: "80"
|
||||
- name: CLIENT_MODE
|
||||
value: "off"
|
||||
- name: MASTER_KEY
|
||||
|
|
|
|||
|
|
@ -54,8 +54,6 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
|
|||
var accessToken models.AccessToken
|
||||
s := servercfg.GetServerConfig()
|
||||
servervals := models.ServerConfig{
|
||||
GRPCConnString: s.GRPCConnString,
|
||||
GRPCSSL: s.GRPCSSL,
|
||||
Server: s.Server,
|
||||
APIConnString: s.APIConnString,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ func VerifyUserToken(tokenString string) (username string, networks []string, is
|
|||
return "", nil, false, err
|
||||
}
|
||||
|
||||
// VerifyToken - gRPC [nodes] Only
|
||||
// VerifyToken - [nodes] Only
|
||||
func VerifyToken(tokenString string) (nodeID string, mac string, network string, err error) {
|
||||
claims := &models.Claims{}
|
||||
|
||||
|
|
|
|||
|
|
@ -630,11 +630,6 @@ func IsLocalServer(node *models.Node) bool {
|
|||
return node.ID != "" && local.ID == node.ID
|
||||
}
|
||||
|
||||
// IsNodeInComms returns if node is in comms network or not
|
||||
func IsNodeInComms(node *models.Node) bool {
|
||||
return node.Network == servercfg.GetCommsID() && node.IsServer != "yes"
|
||||
}
|
||||
|
||||
// validateServer - make sure servers dont change port or address
|
||||
func validateServer(currentNode, newNode *models.Node) bool {
|
||||
return (newNode.Address == currentNode.Address &&
|
||||
|
|
|
|||
66
main.go
66
main.go
|
|
@ -40,10 +40,10 @@ func main() {
|
|||
setupConfig(*absoluteConfigPath)
|
||||
servercfg.SetVersion(version)
|
||||
fmt.Println(models.RetrieveLogo()) // print the logo
|
||||
initialize() // initial db and grpc server
|
||||
initialize() // initial db and acls; gen cert if required
|
||||
setGarbageCollection()
|
||||
defer database.CloseDB()
|
||||
startControllers() // start the grpc or rest endpoints
|
||||
startControllers() // start the api endpoint and mq
|
||||
}
|
||||
|
||||
func setupConfig(absoluteConfigPath string) {
|
||||
|
|
@ -124,18 +124,6 @@ func initialize() { // Client Mode Prereq Check
|
|||
|
||||
func startControllers() {
|
||||
var waitnetwork sync.WaitGroup
|
||||
//Run Agent Server
|
||||
// if servercfg.IsAgentBackend() {
|
||||
// if !(servercfg.DisableRemoteIPCheck()) && servercfg.GetGRPCHost() == "127.0.0.1" {
|
||||
// err := servercfg.SetHost()
|
||||
// if err != nil {
|
||||
// logger.FatalLog("Unable to Set host. Exiting...", err.Error())
|
||||
// }
|
||||
// }
|
||||
// waitnetwork.Add(1)
|
||||
// go runGRPC(&waitnetwork)
|
||||
// }
|
||||
|
||||
if servercfg.IsDNSMode() {
|
||||
err := logic.SetDNS()
|
||||
if err != nil {
|
||||
|
|
@ -167,52 +155,6 @@ func startControllers() {
|
|||
waitnetwork.Wait()
|
||||
}
|
||||
|
||||
// func runGRPC(wg *sync.WaitGroup) {
|
||||
|
||||
// defer wg.Done()
|
||||
|
||||
// grpcport := servercfg.GetGRPCPort()
|
||||
|
||||
// listener, err := net.Listen("tcp", ":"+grpcport)
|
||||
// // Handle errors if any
|
||||
// if err != nil {
|
||||
// logger.FatalLog("[netmaker] Unable to listen on port", grpcport, ": error:", err.Error())
|
||||
// }
|
||||
|
||||
// s := grpc.NewServer(
|
||||
// authServerUnaryInterceptor(),
|
||||
// )
|
||||
// // Create NodeService type
|
||||
// srv := &controller.NodeServiceServer{}
|
||||
|
||||
// // Register the service with the server
|
||||
// nodepb.RegisterNodeServiceServer(s, srv)
|
||||
|
||||
// // Start the server in a child routine
|
||||
// go func() {
|
||||
// if err := s.Serve(listener); err != nil {
|
||||
// logger.FatalLog("Failed to serve:", err.Error())
|
||||
// }
|
||||
// }()
|
||||
// logger.Log(0, "Agent Server successfully started on port ", grpcport, "(gRPC)")
|
||||
|
||||
// // Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
|
||||
// // Ignore other incoming signals
|
||||
// ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
|
||||
// defer stop()
|
||||
|
||||
// // Block main routine until a signal is received
|
||||
// // As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
|
||||
// <-ctx.Done()
|
||||
|
||||
// // After receiving CTRL+C Properly stop the server
|
||||
// logger.Log(0, "Stopping the Agent server...")
|
||||
// s.GracefulStop()
|
||||
// listener.Close()
|
||||
// logger.Log(0, "Agent server closed..")
|
||||
// logger.Log(0, "Closed DB connection.")
|
||||
// }
|
||||
|
||||
// Should we be using a context vice a waitgroup????????????
|
||||
func runMessageQueue(wg *sync.WaitGroup) {
|
||||
defer wg.Done()
|
||||
|
|
@ -228,10 +170,6 @@ func runMessageQueue(wg *sync.WaitGroup) {
|
|||
client.Disconnect(250)
|
||||
}
|
||||
|
||||
//func authServerUnaryInterceptor() grpc.ServerOption {
|
||||
// return grpc.UnaryInterceptor(controller.AuthServerUnaryInterceptor)
|
||||
//}
|
||||
|
||||
func setGarbageCollection() {
|
||||
_, gcset := os.LookupEnv("GOGC")
|
||||
if !gcset {
|
||||
|
|
|
|||
|
|
@ -12,8 +12,6 @@ type ClientConfig struct {
|
|||
}
|
||||
|
||||
type ServerConfig struct {
|
||||
GRPCConnString string `json:"grpcconn"`
|
||||
GRPCSSL string `json:"grpcssl"`
|
||||
Server string `json:"server"`
|
||||
APIConnString string `json:"apiconnstring"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@ type IntClient struct {
|
|||
ServerAPIPort string `json:"serverapiport" bson:"serverapiport"`
|
||||
ServerPrivateAddress string `json:"serverprivateaddress" bson:"serverprivateaddress"`
|
||||
ServerWGPort string `json:"serverwgport" bson:"serverwgport"`
|
||||
ServerGRPCPort string `json:"servergrpcport" bson:"servergrpcport"`
|
||||
ServerKey string `json:"serverkey" bson:"serverkey"`
|
||||
IsServer string `json:"isserver" bson:"isserver"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -102,8 +102,6 @@ type DisplayKey struct {
|
|||
// GlobalConfig - global config
|
||||
type GlobalConfig struct {
|
||||
Name string `json:"name" bson:"name"`
|
||||
PortGRPC string `json:"portgrpc" bson:"portgrpc"`
|
||||
ServerGRPC string `json:"servergrpc" bson:"servergrpc"`
|
||||
}
|
||||
|
||||
// CheckInResponse - checkin response
|
||||
|
|
|
|||
|
|
@ -39,11 +39,9 @@ func PublishPeerUpdate(newNode *models.Node) error {
|
|||
if err = publish(&node, fmt.Sprintf("peers/%s/%s", node.Network, node.ID), data); err != nil {
|
||||
logger.Log(1, "failed to publish peer update for node", node.ID)
|
||||
} else {
|
||||
if node.Network != servercfg.GetCommsID() {
|
||||
logger.Log(1, "sent peer update for node", node.Name, "on network:", node.Network)
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -26,10 +26,6 @@ func GetCommands(cliFlags []cli.Flag) []*cli.Command {
|
|||
err = errors.New("no network provided")
|
||||
return err
|
||||
}
|
||||
if cfg.Server.GRPCAddress == "" {
|
||||
err = errors.New("no server address provided")
|
||||
return err
|
||||
}
|
||||
err = command.Register(&cfg, pvtKey)
|
||||
return err
|
||||
},
|
||||
|
|
|
|||
|
|
@ -112,18 +112,6 @@ func GetFlags(hostname string) []cli.Flag {
|
|||
Value: "",
|
||||
Usage: "Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server.",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "grpcserver",
|
||||
EnvVars: []string{"NETCLIENT_GRPC_SERVER"},
|
||||
Value: "",
|
||||
Usage: "Address + GRPC Port (e.g. 1.2.3.4:50051) of Netmaker server.",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "grpcssl",
|
||||
EnvVars: []string{"NETCLIENT_GRPCSSL"},
|
||||
Value: "",
|
||||
Usage: "Tells clients to use SSL to connect to GRPC if 'on'. Disable if 'off'. Off by default.",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "key",
|
||||
Aliases: []string{"k"},
|
||||
|
|
|
|||
|
|
@ -14,11 +14,7 @@ import (
|
|||
// tries to ping if already found locally, if fail ping pull for best effort for communication
|
||||
func JoinComms(cfg *config.ClientConfig) error {
|
||||
commsCfg := &config.ClientConfig{}
|
||||
commsCfg.Network = cfg.Server.CommsNetwork
|
||||
commsCfg.Node.Network = cfg.Server.CommsNetwork
|
||||
commsCfg.Server.AccessKey = cfg.Server.AccessKey
|
||||
commsCfg.Server.GRPCAddress = cfg.Server.GRPCAddress
|
||||
commsCfg.Server.GRPCSSL = cfg.Server.GRPCSSL
|
||||
commsCfg.Server.CoreDNSAddr = cfg.Server.CoreDNSAddr
|
||||
if commsCfg.ConfigFileExists() {
|
||||
return nil
|
||||
|
|
|
|||
|
|
@ -34,10 +34,7 @@ type ClientConfig struct {
|
|||
// ServerConfig - struct for dealing with the server information for a netclient
|
||||
type ServerConfig struct {
|
||||
CoreDNSAddr string `yaml:"corednsaddr"`
|
||||
GRPCAddress string `yaml:"grpcaddress"`
|
||||
AccessKey string `yaml:"accesskey"`
|
||||
GRPCSSL string `yaml:"grpcssl"`
|
||||
CommsNetwork string `yaml:"commsnetwork"`
|
||||
Server string `yaml:"server"`
|
||||
API string `yaml:"api"`
|
||||
}
|
||||
|
|
@ -198,21 +195,12 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
|||
log.Println("error converting token json to object", tokenbytes)
|
||||
return cfg, "", err
|
||||
}
|
||||
|
||||
if accesstoken.ServerConfig.GRPCConnString != "" {
|
||||
cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString
|
||||
}
|
||||
|
||||
cfg.Network = accesstoken.ClientConfig.Network
|
||||
cfg.Node.Network = accesstoken.ClientConfig.Network
|
||||
cfg.Server.AccessKey = accesstoken.ClientConfig.Key
|
||||
cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
|
||||
cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL
|
||||
cfg.Server.Server = accesstoken.ServerConfig.Server
|
||||
cfg.Server.API = accesstoken.ServerConfig.APIConnString
|
||||
if c.String("grpcserver") != "" {
|
||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
||||
}
|
||||
if c.String("key") != "" {
|
||||
cfg.Server.AccessKey = c.String("key")
|
||||
}
|
||||
|
|
@ -223,9 +211,6 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
|||
if c.String("localrange") != "" {
|
||||
cfg.Node.LocalRange = c.String("localrange")
|
||||
}
|
||||
if c.String("grpcssl") != "" {
|
||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
||||
}
|
||||
if c.String("corednsaddr") != "" {
|
||||
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
||||
}
|
||||
|
|
@ -234,12 +219,10 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
|
|||
}
|
||||
|
||||
} else {
|
||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
||||
cfg.Server.AccessKey = c.String("key")
|
||||
cfg.Network = c.String("network")
|
||||
cfg.Node.Network = c.String("network")
|
||||
cfg.Node.LocalRange = c.String("localrange")
|
||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
||||
cfg.Server.CoreDNSAddr = c.String("corednsaddr")
|
||||
cfg.Server.API = c.String("apiserver")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -231,7 +231,7 @@ func setupMQTTSub(server string) mqtt.Client {
|
|||
client := mqtt.NewClient(opts)
|
||||
tperiod := time.Now().Add(12 * time.Second)
|
||||
for {
|
||||
//if after 12 seconds, try a gRPC pull on the last try
|
||||
//if after 12 seconds, try a pull on the last try
|
||||
if time.Now().After(tperiod) {
|
||||
networks, err := ncutils.GetSystemNetworks()
|
||||
if err != nil {
|
||||
|
|
@ -362,7 +362,7 @@ func setupMQTT(cfg *config.ClientConfig, publish bool) mqtt.Client {
|
|||
client := mqtt.NewClient(opts)
|
||||
tperiod := time.Now().Add(12 * time.Second)
|
||||
for {
|
||||
//if after 12 seconds, try a gRPC pull on the last try
|
||||
//if after 12 seconds, try a pull on the last try
|
||||
if time.Now().After(tperiod) {
|
||||
logger.Log(0, "running pull for ", cfg.Node.Network)
|
||||
_, err := Pull(cfg.Node.Network, true)
|
||||
|
|
|
|||
|
|
@ -182,7 +182,7 @@ func JoinNetwork(cfg *config.ClientConfig, privateKey string, iscomms bool) erro
|
|||
logger.Log(0, "failed to make backup, node will not auto restore if config is corrupted")
|
||||
}
|
||||
logger.Log(0, "starting wireguard")
|
||||
err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false, []string{}, false)
|
||||
err = wireguard.InitWireguard(&node, privateKey, []wgtypes.PeerConfig{}, false)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -80,56 +80,3 @@ func getNetwork(network string) (Network, error) {
|
|||
},
|
||||
}, nil
|
||||
}
|
||||
|
||||
// func getPeers(network string) ([]Peer, error) {
|
||||
// cfg, err := config.ReadConfig(network)
|
||||
// if err != nil {
|
||||
// return []Peer{}, err
|
||||
// }
|
||||
// nodecfg := cfg.Node
|
||||
// var nodes []models.Node
|
||||
//
|
||||
// var wcclient nodepb.NodeServiceClient
|
||||
// conn, err := grpc.Dial(cfg.Server.GRPCAddress,
|
||||
// ncutils.GRPCRequestOpts(cfg.Server.GRPCSSL))
|
||||
//
|
||||
// if err != nil {
|
||||
// return []Peer{}, fmt.Errorf("connecting to %v: %w", cfg.Server.GRPCAddress, err)
|
||||
// }
|
||||
// defer conn.Close()
|
||||
// Instantiate the BlogServiceClient with our client connection to the server
|
||||
// wcclient = nodepb.NewNodeServiceClient(conn)
|
||||
//
|
||||
// nodeData, err := json.Marshal(&nodecfg)
|
||||
// if err != nil {
|
||||
// return []Peer{}, fmt.Errorf("could not parse config node on network %s : %w", network, err)
|
||||
// }
|
||||
//
|
||||
// req := &nodepb.Object{
|
||||
// Data: string(nodeData),
|
||||
// Type: nodepb.NODE_TYPE,
|
||||
// }
|
||||
//
|
||||
// ctx, err := auth.SetJWT(wcclient, network)
|
||||
// if err != nil {
|
||||
// return []Peer{}, fmt.Errorf("authenticating: %w", err)
|
||||
// }
|
||||
// var header metadata.MD
|
||||
//
|
||||
// response, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
|
||||
// if err != nil {
|
||||
// return []Peer{}, fmt.Errorf("retrieving peers: %w", err)
|
||||
// }
|
||||
// if err := json.Unmarshal([]byte(response.GetData()), &nodes); err != nil {
|
||||
// return []Peer{}, fmt.Errorf("unmarshaling data for peers: %w", err)
|
||||
// }
|
||||
//
|
||||
// peers := []Peer{}
|
||||
// for _, node := range nodes {
|
||||
// if node.Name != cfg.Node.Name {
|
||||
// peers = append(peers, Peer{Name: fmt.Sprintf("%v.%v", node.Name, network), PrivateIPv4: node.Address, PrivateIPv6: node.Address6})
|
||||
// }
|
||||
// }
|
||||
//
|
||||
// return peers, nil
|
||||
// }
|
||||
|
|
|
|||
|
|
@ -3,7 +3,6 @@ package ncutils
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"crypto/tls"
|
||||
"encoding/gob"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
|
@ -23,8 +22,6 @@ import (
|
|||
"github.com/gravitl/netmaker/logger"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/credentials"
|
||||
)
|
||||
|
||||
// Version - version of the netclient
|
||||
|
|
@ -381,17 +378,6 @@ func GetWGPathSpecific() string {
|
|||
}
|
||||
}
|
||||
|
||||
// GRPCRequestOpts - gets grps request opts
|
||||
func GRPCRequestOpts(isSecure string) grpc.DialOption {
|
||||
var requestOpts grpc.DialOption
|
||||
requestOpts = grpc.WithInsecure()
|
||||
if isSecure == "on" {
|
||||
h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
|
||||
requestOpts = grpc.WithTransportCredentials(h2creds)
|
||||
}
|
||||
return requestOpts
|
||||
}
|
||||
|
||||
// Copy - copies a src file to dest
|
||||
func Copy(src, dst string) error {
|
||||
sourceFileStat, err := os.Stat(src)
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ func SetPeers(iface string, node *models.Node, peers []wgtypes.PeerConfig) error
|
|||
}
|
||||
|
||||
// Initializes a WireGuard interface
|
||||
func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, hasGateway bool, gateways []string, syncconf bool) error {
|
||||
func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig, syncconf bool) error {
|
||||
|
||||
key, err := wgtypes.ParseKey(privkey)
|
||||
if err != nil {
|
||||
|
|
@ -229,10 +229,6 @@ func SetWGConfig(network string, peerupdate bool) error {
|
|||
servercfg := cfg.Server
|
||||
nodecfg := cfg.Node
|
||||
|
||||
//peers, hasGateway, gateways, err := server.GetPeers(nodecfg.MacAddress, nodecfg.Network, servercfg.GRPCAddress, nodecfg.IsDualStack == "yes", nodecfg.IsIngressGateway == "yes", nodecfg.IsServer == "yes")
|
||||
//if err != nil {
|
||||
// return err
|
||||
//}
|
||||
privkey, err := RetrievePrivKey(network)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -248,9 +244,9 @@ func SetWGConfig(network string, peerupdate bool) error {
|
|||
}
|
||||
err = SetPeers(iface, &nodecfg, []wgtypes.PeerConfig{})
|
||||
} else if peerupdate {
|
||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, true)
|
||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, true)
|
||||
} else {
|
||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false, []string{}, false)
|
||||
err = InitWireguard(&nodecfg, privkey, []wgtypes.PeerConfig{}, false)
|
||||
}
|
||||
if nodecfg.DNSOn == "yes" {
|
||||
_ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr)
|
||||
|
|
|
|||
|
|
@ -31,21 +31,4 @@ server {
|
|||
proxy_pass_request_headers on;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name grpc.NETMAKER_BASE_DOMAIN;
|
||||
ssl_certificate /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/NETMAKER_BASE_DOMAIN/privkey.pem;
|
||||
#include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# Forces the header to be the one that is visible from the outside
|
||||
proxy_set_header Host api.NETMAKER_BASE_DOMAIN; # Please change to your URL
|
||||
|
||||
# Pass all headers through to the backend
|
||||
proxy_pass_request_headers on;
|
||||
|
||||
location / {
|
||||
grpc_pass grpc://127.0.0.1:50051;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ echo "To Override, add a Wildcard (*.netmaker.example.com) DNS record pointing t
|
|||
echo "Or, add three DNS records pointing to $SERVER_PUBLIC_IP for the following (Replacing 'netmaker.example.com' with the domain of your choice):"
|
||||
echo " dashboard.netmaker.example.com"
|
||||
echo " api.netmaker.example.com"
|
||||
echo " grpc.netmaker.example.com"
|
||||
echo "-----------------------------------------------------"
|
||||
read -p "Domain (Hit 'enter' to use $NETMAKER_BASE_DOMAIN): " domain
|
||||
read -p "Contact Email: " email
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ cat >/etc/netmaker/config/environments/dev.yaml<<EOL
|
|||
server:
|
||||
host:
|
||||
apiport: "8081"
|
||||
grpcport: "50051"
|
||||
masterkey: "secretkey"
|
||||
allowedorigin: "*"
|
||||
restbackend: true
|
||||
|
|
|
|||
|
|
@ -7,8 +7,7 @@ token=$1
|
|||
token_json=$(echo $token | base64 -d)
|
||||
|
||||
api_addr=$(echo $token_json | jq -r '.apiconn')
|
||||
grpc_addr=$(echo $token_json | jq -r '.grpcconn')
|
||||
network=$(echo $token_json | jq -r '.network')
|
||||
key=$(echo $token_json | jq -r '.key')
|
||||
|
||||
echo ./netclient join -k $key -n $network --apiserver $api_addr --grpcserver $grpc_addr
|
||||
echo ./netclient join -k $key -n $network --apiserver $api_addr
|
||||
|
|
|
|||
|
|
@ -40,9 +40,6 @@ func GetServerConfig() config.ServerConfig {
|
|||
cfg.APIPort = GetAPIPort()
|
||||
cfg.APIPort = GetAPIPort()
|
||||
cfg.MQPort = GetMQPort()
|
||||
cfg.GRPCHost = GetGRPCHost()
|
||||
cfg.GRPCPort = GetGRPCPort()
|
||||
cfg.GRPCConnString = GetGRPCConnString()
|
||||
cfg.MasterKey = "(hidden)"
|
||||
cfg.DNSKey = "(hidden)"
|
||||
cfg.AllowedOrigin = GetAllowedOrigin()
|
||||
|
|
@ -68,10 +65,6 @@ func GetServerConfig() config.ServerConfig {
|
|||
if IsDisplayKeys() {
|
||||
cfg.DisplayKeys = "on"
|
||||
}
|
||||
cfg.GRPCSSL = "off"
|
||||
if IsGRPCSSL() {
|
||||
cfg.GRPCSSL = "on"
|
||||
}
|
||||
cfg.DisableRemoteIPCheck = "off"
|
||||
if DisableRemoteIPCheck() {
|
||||
cfg.DisableRemoteIPCheck = "on"
|
||||
|
|
@ -195,59 +188,17 @@ func GetDefaultNodeLimit() int32 {
|
|||
return limit
|
||||
}
|
||||
|
||||
// GetGRPCConnString - get grpc conn string
|
||||
func GetGRPCConnString() string {
|
||||
conn := ""
|
||||
if os.Getenv("SERVER_GRPC_CONN_STRING") != "" {
|
||||
conn = os.Getenv("SERVER_GRPC_CONN_STRING")
|
||||
} else if config.Config.Server.GRPCConnString != "" {
|
||||
conn = config.Config.Server.GRPCConnString
|
||||
} else {
|
||||
conn = GetGRPCHost() + ":" + GetGRPCPort()
|
||||
}
|
||||
return conn
|
||||
}
|
||||
|
||||
// GetCoreDNSAddr - gets the core dns address
|
||||
func GetCoreDNSAddr() string {
|
||||
addr, _ := GetPublicIP()
|
||||
if os.Getenv("COREDNS_ADDR") != "" {
|
||||
addr = os.Getenv("COREDNS_ADDR")
|
||||
} else if config.Config.Server.CoreDNSAddr != "" {
|
||||
addr = config.Config.Server.GRPCConnString
|
||||
addr = config.Config.Server.CoreDNSAddr
|
||||
}
|
||||
return addr
|
||||
}
|
||||
|
||||
// GetGRPCHost - get the grpc host url
|
||||
func GetGRPCHost() string {
|
||||
serverhost := "127.0.0.1"
|
||||
remoteip, _ := GetPublicIP()
|
||||
if os.Getenv("SERVER_GRPC_HOST") != "" {
|
||||
serverhost = os.Getenv("SERVER_GRPC_HOST")
|
||||
} else if config.Config.Server.GRPCHost != "" {
|
||||
serverhost = config.Config.Server.GRPCHost
|
||||
} else if os.Getenv("SERVER_HOST") != "" {
|
||||
serverhost = os.Getenv("SERVER_HOST")
|
||||
} else {
|
||||
if remoteip != "" {
|
||||
serverhost = remoteip
|
||||
}
|
||||
}
|
||||
return serverhost
|
||||
}
|
||||
|
||||
// GetGRPCPort - gets the grpc port
|
||||
func GetGRPCPort() string {
|
||||
grpcport := "50051"
|
||||
if os.Getenv("GRPC_PORT") != "" {
|
||||
grpcport = os.Getenv("GRPC_PORT")
|
||||
} else if config.Config.Server.GRPCPort != "" {
|
||||
grpcport = config.Config.Server.GRPCPort
|
||||
}
|
||||
return grpcport
|
||||
}
|
||||
|
||||
// GetMQPort - gets the mq port
|
||||
func GetMQPort() string {
|
||||
mqport := "1883"
|
||||
|
|
@ -259,28 +210,6 @@ func GetMQPort() string {
|
|||
return mqport
|
||||
}
|
||||
|
||||
// GetGRPCPort - gets the grpc port
|
||||
func GetCommsCIDR() string {
|
||||
netrange := "172.16.0.0/16"
|
||||
if os.Getenv("COMMS_CIDR") != "" {
|
||||
netrange = os.Getenv("COMMS_CIDR")
|
||||
} else if config.Config.Server.CommsCIDR != "" {
|
||||
netrange = config.Config.Server.CommsCIDR
|
||||
} else { // make a random one, which should only affect initialize first time, unless db is removed
|
||||
netrange = genNewCommsCIDR()
|
||||
}
|
||||
_, _, err := net.ParseCIDR(netrange)
|
||||
if err == nil {
|
||||
return netrange
|
||||
}
|
||||
return "172.16.0.0/16"
|
||||
}
|
||||
|
||||
// GetCommsID - gets the grpc port
|
||||
func GetCommsID() string {
|
||||
return commsID
|
||||
}
|
||||
|
||||
// SetCommsID - sets the commsID
|
||||
func SetCommsID(newCommsID string) {
|
||||
commsID = newCommsID
|
||||
|
|
@ -453,21 +382,6 @@ func IsDisplayKeys() bool {
|
|||
return isdisplay
|
||||
}
|
||||
|
||||
// IsGRPCSSL - ssl grpc on or off
|
||||
func IsGRPCSSL() bool {
|
||||
isssl := false
|
||||
if os.Getenv("GRPC_SSL") != "" {
|
||||
if os.Getenv("GRPC_SSL") == "on" {
|
||||
isssl = true
|
||||
}
|
||||
} else if config.Config.Server.GRPCSSL != "" {
|
||||
if config.Config.Server.GRPCSSL == "on" {
|
||||
isssl = true
|
||||
}
|
||||
}
|
||||
return isssl
|
||||
}
|
||||
|
||||
// DisableRemoteIPCheck - disable the remote ip check
|
||||
func DisableRemoteIPCheck() bool {
|
||||
disabled := false
|
||||
|
|
|
|||
|
|
@ -5,14 +5,12 @@ import (
|
|||
"net"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/gravitl/netmaker/database"
|
||||
"github.com/gravitl/netmaker/logger"
|
||||
"github.com/gravitl/netmaker/logic"
|
||||
"github.com/gravitl/netmaker/logic/acls"
|
||||
"github.com/gravitl/netmaker/logic/acls/nodeacls"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
"github.com/gravitl/netmaker/netclient/ncutils"
|
||||
"github.com/gravitl/netmaker/servercfg"
|
||||
)
|
||||
|
|
@ -25,47 +23,6 @@ const (
|
|||
NETMAKER_BINARY_NAME = "netmaker"
|
||||
)
|
||||
|
||||
// InitializeCommsNetwork - Check if comms network exists (for MQ, DNS, SSH traffic), if not, create
|
||||
func InitializeCommsNetwork() error {
|
||||
|
||||
setCommsID()
|
||||
|
||||
commsNetwork, err := logic.GetNetwork(COMMS_NETID)
|
||||
if err != nil {
|
||||
var network models.Network
|
||||
network.NetID = COMMS_NETID
|
||||
network.AddressRange = servercfg.GetCommsCIDR()
|
||||
network.IsPointToSite = "yes"
|
||||
network.DefaultUDPHolePunch = "yes"
|
||||
network.IsComms = "yes"
|
||||
logger.Log(1, "comms net does not exist, creating with ID,", network.NetID, "and CIDR,", network.AddressRange)
|
||||
_, err = logic.CreateNetwork(network)
|
||||
return err
|
||||
} else if commsNetwork.DefaultACL == "" {
|
||||
commsNetwork.DefaultACL = "yes"
|
||||
if err = logic.SaveNetwork(&commsNetwork); err != nil {
|
||||
logger.Log(1, "comms net default acl is set incorrectly, please manually adjust to \"yes\",", COMMS_NETID)
|
||||
}
|
||||
}
|
||||
// gracefully check for comms interface
|
||||
gracefulCommsWait()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func gracefulCommsWait() {
|
||||
output, _ := ncutils.RunCmd("wg", false)
|
||||
starttime := time.Now()
|
||||
ifaceReady := strings.Contains(output, COMMS_NETID)
|
||||
for !ifaceReady && !(time.Now().After(starttime.Add(time.Second << 4))) {
|
||||
output, _ = ncutils.RunCmd("wg", false)
|
||||
SyncServerNetwork(COMMS_NETID)
|
||||
time.Sleep(time.Second)
|
||||
ifaceReady = strings.Contains(output, COMMS_NETID)
|
||||
}
|
||||
logger.Log(1, "comms network", COMMS_NETID, "ready")
|
||||
}
|
||||
|
||||
// SetJWTSecret - sets the jwt secret on server startup
|
||||
func setCommsID() {
|
||||
currentid, idErr := logic.FetchCommsNetID()
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
server:
|
||||
host: "localhost"
|
||||
apiport: "8081"
|
||||
grpcport: "50051"
|
||||
masterkey: "secretkey"
|
||||
allowedorigin: "*"
|
||||
restbackend: true
|
||||
|
|
|
|||
Loading…
Reference in a new issue