diff --git a/README.md b/README.md index fc354442..a0c56df0 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@

- +

a platform for blazing fast and dynamic virtual networks @@ -45,7 +45,7 @@ a platform for blazing fast and dynamic virtual networks `wget -qO - https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/nm-quick.sh | sudo bash` - + Upon completion, the logs will display the instructions to connect various devices. These can also be retrieved from the UI under "Access Keys." diff --git a/docs/Dockerfile b/docs/Dockerfile deleted file mode 100644 index b536106a..00000000 --- a/docs/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM nginx:1.19 -COPY _build/html /usr/share/nginx/html diff --git a/docs/Makefile b/docs/Makefile deleted file mode 100644 index d4bb2cbb..00000000 --- a/docs/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# Minimal makefile for Sphinx documentation -# - -# You can set these variables from the command line, and also -# from the environment for the first two. -SPHINXOPTS ?= -SPHINXBUILD ?= sphinx-build -SOURCEDIR = . -BUILDDIR = _build - -# Put it first so that "make" without argument is like "make help". -help: - @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) - -.PHONY: help Makefile - -# Catch-all target: route all unknown targets to Sphinx using the new -# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). -%: Makefile - @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/docs/_build/doctrees/about.doctree b/docs/_build/doctrees/about.doctree deleted file mode 100644 index a34fce5c..00000000 Binary files a/docs/_build/doctrees/about.doctree and /dev/null differ diff --git a/docs/_build/doctrees/api.doctree b/docs/_build/doctrees/api.doctree deleted file mode 100644 index 37aca2ac..00000000 Binary files a/docs/_build/doctrees/api.doctree and /dev/null differ diff --git a/docs/_build/doctrees/architecture.doctree b/docs/_build/doctrees/architecture.doctree deleted file mode 100644 index 0be7db92..00000000 Binary files a/docs/_build/doctrees/architecture.doctree and /dev/null differ diff --git a/docs/_build/doctrees/client-installation.doctree b/docs/_build/doctrees/client-installation.doctree deleted file mode 100644 index 4511b1a2..00000000 Binary files a/docs/_build/doctrees/client-installation.doctree and /dev/null differ diff --git a/docs/_build/doctrees/conduct.doctree b/docs/_build/doctrees/conduct.doctree deleted file mode 100644 index 74fd47d5..00000000 Binary files a/docs/_build/doctrees/conduct.doctree and /dev/null differ diff --git a/docs/_build/doctrees/egress-gateway.doctree b/docs/_build/doctrees/egress-gateway.doctree deleted file mode 100644 index acba8c15..00000000 Binary files a/docs/_build/doctrees/egress-gateway.doctree and /dev/null differ diff --git a/docs/_build/doctrees/environment.pickle b/docs/_build/doctrees/environment.pickle deleted file mode 100644 index 76181ada..00000000 Binary files a/docs/_build/doctrees/environment.pickle and /dev/null differ diff --git a/docs/_build/doctrees/external-clients.doctree b/docs/_build/doctrees/external-clients.doctree deleted file mode 100644 index a2fc3604..00000000 Binary files a/docs/_build/doctrees/external-clients.doctree and /dev/null differ diff --git a/docs/_build/doctrees/getting-started.doctree b/docs/_build/doctrees/getting-started.doctree deleted file mode 100644 index a486a4be..00000000 Binary files a/docs/_build/doctrees/getting-started.doctree and /dev/null differ diff --git a/docs/_build/doctrees/index.doctree b/docs/_build/doctrees/index.doctree deleted file mode 100644 index 18e7926e..00000000 Binary files a/docs/_build/doctrees/index.doctree and /dev/null differ diff --git a/docs/_build/doctrees/install.doctree b/docs/_build/doctrees/install.doctree deleted file mode 100644 index 04e8dc3c..00000000 Binary files a/docs/_build/doctrees/install.doctree and /dev/null differ diff --git a/docs/_build/doctrees/license.doctree b/docs/_build/doctrees/license.doctree deleted file mode 100644 index 58bb6167..00000000 Binary files a/docs/_build/doctrees/license.doctree and /dev/null differ diff --git a/docs/_build/doctrees/oauth.doctree b/docs/_build/doctrees/oauth.doctree deleted file mode 100644 index 8df3380b..00000000 Binary files a/docs/_build/doctrees/oauth.doctree and /dev/null differ diff --git a/docs/_build/doctrees/quick-start.doctree b/docs/_build/doctrees/quick-start.doctree deleted file mode 100644 index 6de1169a..00000000 Binary files a/docs/_build/doctrees/quick-start.doctree and /dev/null differ diff --git a/docs/_build/doctrees/relay-server.doctree b/docs/_build/doctrees/relay-server.doctree deleted file mode 100644 index 9b659a3c..00000000 Binary files a/docs/_build/doctrees/relay-server.doctree and /dev/null differ diff --git a/docs/_build/doctrees/server-installation.doctree b/docs/_build/doctrees/server-installation.doctree deleted file mode 100644 index 0e5e4a54..00000000 Binary files a/docs/_build/doctrees/server-installation.doctree and /dev/null differ diff --git a/docs/_build/doctrees/support.doctree b/docs/_build/doctrees/support.doctree deleted file mode 100644 index 3899a170..00000000 Binary files a/docs/_build/doctrees/support.doctree and /dev/null differ diff --git a/docs/_build/doctrees/troubleshoot.doctree b/docs/_build/doctrees/troubleshoot.doctree deleted file mode 100644 index 46fd71dd..00000000 Binary files a/docs/_build/doctrees/troubleshoot.doctree and /dev/null differ diff --git a/docs/_build/doctrees/ui-reference.doctree b/docs/_build/doctrees/ui-reference.doctree deleted file mode 100644 index e98308d6..00000000 Binary files a/docs/_build/doctrees/ui-reference.doctree and /dev/null differ diff --git a/docs/_build/doctrees/upgrades.doctree b/docs/_build/doctrees/upgrades.doctree deleted file mode 100644 index 09255d14..00000000 Binary files a/docs/_build/doctrees/upgrades.doctree and /dev/null differ diff --git a/docs/_build/doctrees/usage.doctree b/docs/_build/doctrees/usage.doctree deleted file mode 100644 index 2c515f98..00000000 Binary files a/docs/_build/doctrees/usage.doctree and /dev/null differ diff --git a/docs/_build/html/.buildinfo b/docs/_build/html/.buildinfo deleted file mode 100644 index 73658e66..00000000 --- a/docs/_build/html/.buildinfo +++ /dev/null @@ -1,4 +0,0 @@ -# Sphinx build info version 1 -# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done. -config: f5642f0efe1bade3b9e81e56c8b29995 -tags: 645f666f9bcd5a90fca523b33c5a78b7 diff --git a/docs/_build/html/_images/access-key.png b/docs/_build/html/_images/access-key.png deleted file mode 100644 index 8514ef42..00000000 Binary files a/docs/_build/html/_images/access-key.png and /dev/null differ diff --git a/docs/_build/html/_images/create-net.png b/docs/_build/html/_images/create-net.png deleted file mode 100644 index 11a577ff..00000000 Binary files a/docs/_build/html/_images/create-net.png and /dev/null differ diff --git a/docs/_build/html/_images/egress1.png b/docs/_build/html/_images/egress1.png deleted file mode 100644 index e639629d..00000000 Binary files a/docs/_build/html/_images/egress1.png and /dev/null differ diff --git a/docs/_build/html/_images/egress2.png b/docs/_build/html/_images/egress2.png deleted file mode 100644 index 74fb8ae0..00000000 Binary files a/docs/_build/html/_images/egress2.png and /dev/null differ diff --git a/docs/_build/html/_images/egress3.png b/docs/_build/html/_images/egress3.png deleted file mode 100644 index b5e67d59..00000000 Binary files a/docs/_build/html/_images/egress3.png and /dev/null differ diff --git a/docs/_build/html/_images/egress5.png b/docs/_build/html/_images/egress5.png deleted file mode 100644 index 3f8b4e60..00000000 Binary files a/docs/_build/html/_images/egress5.png and /dev/null differ diff --git a/docs/_build/html/_images/egress7.png b/docs/_build/html/_images/egress7.png deleted file mode 100644 index f0f97c76..00000000 Binary files a/docs/_build/html/_images/egress7.png and /dev/null differ diff --git a/docs/_build/html/_images/exclient1.png b/docs/_build/html/_images/exclient1.png deleted file mode 100644 index 76aa0859..00000000 Binary files a/docs/_build/html/_images/exclient1.png and /dev/null differ diff --git a/docs/_build/html/_images/exclient2.png b/docs/_build/html/_images/exclient2.png deleted file mode 100644 index b9972be5..00000000 Binary files a/docs/_build/html/_images/exclient2.png and /dev/null differ diff --git a/docs/_build/html/_images/exclient3.png b/docs/_build/html/_images/exclient3.png deleted file mode 100644 index b00766aa..00000000 Binary files a/docs/_build/html/_images/exclient3.png and /dev/null differ diff --git a/docs/_build/html/_images/exclient4.png b/docs/_build/html/_images/exclient4.png deleted file mode 100644 index 720215f8..00000000 Binary files a/docs/_build/html/_images/exclient4.png and /dev/null differ diff --git a/docs/_build/html/_images/extclient5.png b/docs/_build/html/_images/extclient5.png deleted file mode 100644 index 3bcbd70f..00000000 Binary files a/docs/_build/html/_images/extclient5.png and /dev/null differ diff --git a/docs/_build/html/_images/ingress1.png b/docs/_build/html/_images/ingress1.png deleted file mode 100644 index 25b8919a..00000000 Binary files a/docs/_build/html/_images/ingress1.png and /dev/null differ diff --git a/docs/_build/html/_images/mesh.png b/docs/_build/html/_images/mesh.png deleted file mode 100644 index 8adbf214..00000000 Binary files a/docs/_build/html/_images/mesh.png and /dev/null differ diff --git a/docs/_build/html/_images/nc-install-output.png b/docs/_build/html/_images/nc-install-output.png deleted file mode 100644 index 303c7e9e..00000000 Binary files a/docs/_build/html/_images/nc-install-output.png and /dev/null differ diff --git a/docs/_build/html/_images/netmaker-node.png b/docs/_build/html/_images/netmaker-node.png deleted file mode 100644 index 18d10213..00000000 Binary files a/docs/_build/html/_images/netmaker-node.png and /dev/null differ diff --git a/docs/_build/html/_images/netmaker-simple.png b/docs/_build/html/_images/netmaker-simple.png deleted file mode 100644 index 39377ba2..00000000 Binary files a/docs/_build/html/_images/netmaker-simple.png and /dev/null differ diff --git a/docs/_build/html/_images/netmaker.png b/docs/_build/html/_images/netmaker.png deleted file mode 100644 index 29890534..00000000 Binary files a/docs/_build/html/_images/netmaker.png and /dev/null differ diff --git a/docs/_build/html/_images/nm-diagram-2.jpg b/docs/_build/html/_images/nm-diagram-2.jpg deleted file mode 100644 index 64fad123..00000000 Binary files a/docs/_build/html/_images/nm-diagram-2.jpg and /dev/null differ diff --git a/docs/_build/html/_images/nm-diagram-3.png b/docs/_build/html/_images/nm-diagram-3.png deleted file mode 100644 index 398bb970..00000000 Binary files a/docs/_build/html/_images/nm-diagram-3.png and /dev/null differ diff --git a/docs/_build/html/_images/nm-node-success.png b/docs/_build/html/_images/nm-node-success.png deleted file mode 100644 index 18d10213..00000000 Binary files a/docs/_build/html/_images/nm-node-success.png and /dev/null differ diff --git a/docs/_build/html/_images/node-details.png b/docs/_build/html/_images/node-details.png deleted file mode 100644 index e7cbb776..00000000 Binary files a/docs/_build/html/_images/node-details.png and /dev/null differ diff --git a/docs/_build/html/_images/node-graph-1.png b/docs/_build/html/_images/node-graph-1.png deleted file mode 100644 index ce802ec7..00000000 Binary files a/docs/_build/html/_images/node-graph-1.png and /dev/null differ diff --git a/docs/_build/html/_images/node-graph-2.png b/docs/_build/html/_images/node-graph-2.png deleted file mode 100644 index b4e370bf..00000000 Binary files a/docs/_build/html/_images/node-graph-2.png and /dev/null differ diff --git a/docs/_build/html/_images/nodes.png b/docs/_build/html/_images/nodes.png deleted file mode 100644 index 79f0d0fa..00000000 Binary files a/docs/_build/html/_images/nodes.png and /dev/null differ diff --git a/docs/_build/html/_images/oauth1.png b/docs/_build/html/_images/oauth1.png deleted file mode 100644 index aa6fbfeb..00000000 Binary files a/docs/_build/html/_images/oauth1.png and /dev/null differ diff --git a/docs/_build/html/_images/oauth2.png b/docs/_build/html/_images/oauth2.png deleted file mode 100644 index 83baae2c..00000000 Binary files a/docs/_build/html/_images/oauth2.png and /dev/null differ diff --git a/docs/_build/html/_images/oauth3.png b/docs/_build/html/_images/oauth3.png deleted file mode 100644 index 35a12ce7..00000000 Binary files a/docs/_build/html/_images/oauth3.png and /dev/null differ diff --git a/docs/_build/html/_images/ping-node.png b/docs/_build/html/_images/ping-node.png deleted file mode 100644 index 0638740f..00000000 Binary files a/docs/_build/html/_images/ping-node.png and /dev/null differ diff --git a/docs/_build/html/_images/relay1.png b/docs/_build/html/_images/relay1.png deleted file mode 100644 index 3810cdba..00000000 Binary files a/docs/_build/html/_images/relay1.png and /dev/null differ diff --git a/docs/_build/html/_images/ui-1.jpg b/docs/_build/html/_images/ui-1.jpg deleted file mode 100644 index 1b599981..00000000 Binary files a/docs/_build/html/_images/ui-1.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-10.jpg b/docs/_build/html/_images/ui-10.jpg deleted file mode 100644 index 6222d0a9..00000000 Binary files a/docs/_build/html/_images/ui-10.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-11.jpg b/docs/_build/html/_images/ui-11.jpg deleted file mode 100644 index 994fc856..00000000 Binary files a/docs/_build/html/_images/ui-11.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-2.jpg b/docs/_build/html/_images/ui-2.jpg deleted file mode 100644 index 9f8c5bfa..00000000 Binary files a/docs/_build/html/_images/ui-2.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-3.jpg b/docs/_build/html/_images/ui-3.jpg deleted file mode 100644 index 6f52dd0d..00000000 Binary files a/docs/_build/html/_images/ui-3.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-4.jpg b/docs/_build/html/_images/ui-4.jpg deleted file mode 100644 index 47d532bb..00000000 Binary files a/docs/_build/html/_images/ui-4.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-5.jpg b/docs/_build/html/_images/ui-5.jpg deleted file mode 100644 index cfdc82e9..00000000 Binary files a/docs/_build/html/_images/ui-5.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-6.jpg b/docs/_build/html/_images/ui-6.jpg deleted file mode 100644 index 850e525e..00000000 Binary files a/docs/_build/html/_images/ui-6.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-7.jpg b/docs/_build/html/_images/ui-7.jpg deleted file mode 100644 index 8f4ef726..00000000 Binary files a/docs/_build/html/_images/ui-7.jpg and /dev/null differ diff --git a/docs/_build/html/_images/ui-8.jpg b/docs/_build/html/_images/ui-8.jpg deleted file mode 100644 index 52487c9d..00000000 Binary files a/docs/_build/html/_images/ui-8.jpg and /dev/null differ diff --git a/docs/_build/html/_sources/about.rst.txt b/docs/_build/html/_sources/about.rst.txt deleted file mode 100644 index d2337f9f..00000000 --- a/docs/_build/html/_sources/about.rst.txt +++ /dev/null @@ -1,52 +0,0 @@ -========== -About -========== - -.. image:: images/netmaker-simple.png - :width: 60% - :alt: Netmaker Architecture Diagram - :align: center - - -What is Netmaker? -================== - -Netmaker is a tool for creating and managing virtual overlay networks. If you have at least two machines with internet access which you need to connect with a secure tunnel, Netmaker is for you. If you have thousands of servers spread across multiple locations, data centers, or clouds, Netmaker is also for you. Netmaker connects machines securely, wherever they are. - -.. image:: images/mesh-diagram.png - :width: 50% - :alt: WireGuard Mesh - :align: center - -Netmaker takes those machines and creates a flat network so that they can all talk to each other easily and securely. -If you're familiar with AWS, it's like a VPC but made up of arbitrary computers. From the machine's perspective, all these other machines are in the same neighborhood, even if they're spread all over the world. - -Netmaker has many similarities to Tailscale, ZeroTier, and Nebula. What makes Netmaker different is its speed and flexibility. Netmaker is faster because it uses kernel WireGuard. It is more dynamic because the server and agents are fully configurable, which lets you handle all sorts of different use cases. - -How Does Netmaker Work? -======================= - -Netmaker relies on WireGuard to create tunnels between machines. At its core, Netmaker is managing WireGuard across machines to create sensible networks. Technically, Netmaker is two things: - -- the admin server, called Netmaker -- the agent, called Netclient - -As the network manager, you interact with the server to create and manage networks and devices. The server holds configurations for these networks and devices, which are retrieved by the netclients (agent). The server runs an MQTT (message queue) broker for client-server communication. - -The netclient is installed on any machine you would like to add to a given network, whether that machine is a VM, Server, or IoT device. The netclient subscribes to the server's MQ broker, and the server tells it how it should configure WireGuard. The client will let the server know when any local changes should be pushed out to the other clients. By doing this across many machines simultaneously, we create a dynamic, fully configurable virtual networks. - -The Netmaker server does not typically route traffic. Otherwise, this would be a hub-and-spoke model, which is very slow. Instead, Netmaker just tells the machines on the network how they can reach each other directly. This is called a *full mesh* network and is much faster. Even if the server goes down, as long as none of the existing machines change substantially, your network will still run just fine. - -Use Cases for Netmaker -============================= - -There are many use cases for Netmaker. In fact, you could probably be using it right now. This list is not all-encompassing, but provides a sample of how you might want to use Netmaker. Guided setup for many of these use cases can be found in the :doc:`Using Netmaker <./usage>` documentation. - - 0. Automate creation of a WireGuard mesh network - 1. Create a flat, secure network between cloud environments and data centers - 2. Provide secure access to IoT devices, remote servers, and client sites. - 3. Secure a home or office network - 4. Add a layer of encryption to an existing network - 5. Secure site-to-site connections - 6. Manage cryptocurrency proof-of-stake machines - 7. Create a dynamic and secure Kubernetes underlay network diff --git a/docs/_build/html/_sources/api.rst.txt b/docs/_build/html/_sources/api.rst.txt deleted file mode 100644 index c3e59488..00000000 --- a/docs/_build/html/_sources/api.rst.txt +++ /dev/null @@ -1,196 +0,0 @@ -============================================= -API Reference -============================================= - -API Usage -========================== - -Most actions that can be performed via API can be performed via UI. We recommend managing your networks using the official netmaker-ui project. However, Netmaker can also be run without the UI, and all functions can be achieved via API calls. If your use case requires using Netmaker without the UI or you need to do some troubleshooting/advanced configuration, using the API directly may help. - - -Authentication -============== -API calls must be authenticated via a header of the format `-H "Authorization: Bearer "` There are two methods to obtain YOUR_SECRET_KEY: -1. Using the masterkey. By default, this value is "secret key," but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details. -2. Using a JWT received for a node. This can be retrieved by calling the `/api/nodes//authenticate` endpoint, as documented below. - - -Format of Calls for Curl -======================== -Requests take the format of - -.. code-block:: - - curl -H "Authorization: Bearer " -H 'Content-Type: application/json' localhost:8081/api/path/to/endpoint - -API Documentation -================= - -Networks API ------------- - -**Get All Networks:** `/api/networks`, `GET` - -**Create Network:** `/api/network`, `POST` - -**Get Network:** `/api/networks/{network id}`, `GET` - -**Update Network:** `/api/networks/{network id}`, `PUT` - -**Delete Network:** `/api/networks/{network id}`, `DELETE` - -**Cycle PublicKeys on all Nodes:** `/api/networks/{network id}/keyupdate`, `POST` - - -Networks API Call Examples --------------------------- - -.. code-block:: - - Get All Networks: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks | jq - - Create Network: curl -d '{"addressrange":"10.70.0.0/16","netid":"skynet"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks - - Get Network: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet | jq - - Update Network: curl -X PUT -d '{"displayname":"my-house"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet - - Delete Network: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet - - Cycle PublicKeys on all Nodes: curl -X POST -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keyupdate - - -Access Keys API ---------------- - -**Get All Keys:** `/api/networks/{network id}/keys`, `GET` - -**Create Key:** `/api/networks/{network id}/keys`, `GET` - -**Delete Key:** `/api/networks/{network id}/keys/{keyname}`, `DELETE` - - -Access Keys API Call Examples ------------------------------ - -.. code-block:: - - Get All Keys: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys | jq - - Create Key: curl -d '{"uses":10,"name":"mykey"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet/keys - - Delete Key: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys/mykey - - -Nodes API ---------- - -**Get All Nodes:** `/api/nodes`, `GET` - -**Get Network Nodes:** `/api/nodes/{network id}`, `GET` - -**Create Node:** `/api/nodes/{network id}`, `POST` - -**Get Node:** `/api/nodes/{network id}/{macaddress}`, `GET` - -**Update Node:** `/api/nodes/{network id}/{macaddress}`, `PUT` - -**Delete Node:** `/api/nodes/{network id}/{macaddress}`, `DELETE` - -**Check In Node:** `/api/nodes/{network id}/{macaddress}/checkin`, `POST` - -**Create a Gateway:** `/api/nodes/{network id}/{macaddress}/creategateway`, `POST` - -**Delete a Gateway:** `/api/nodes/{network id}/{macaddress}/deletegateway`, `DELETE` - -**Uncordon (Approve) a Pending Node:** `/api/nodes/{network id}/{macaddress}/uncordon`, `POST` - -**Get Last Modified Date (Last Modified Node in Network):** `/api/nodes/adm/{network id}/lastmodified`, `GET` - -**Authenticate:** `/api/nodes/adm/{network id}/authenticate`, `POST` - - -Nodes API Call Examples ------------------------ - -.. code-block:: - - Get All Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes | jq - - Get Network Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet | jq - - Create Node: curl -d '{ "endpoint": 100.200.100.200, "publickey": aorijqalrik3ajflaqrdajhkr,"macaddress": "8c:90:b5:06:f1:d9","password": "reallysecret","localaddress": "172.16.16.1","accesskey": "aA3bVG0rnItIRXDx","listenport": 6400}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet - - Get Node: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet/{macaddress} | jq - - Update Node: curl -X PUT -d '{"name":"laptop1"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9 - - Delete Node: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/skynet/nodes/8c:90:b5:06:f1:d9 - - Create a Gateway: curl -d '{ "rangestring": "172.31.0.0/16", "interface": "eth0"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/creategateway - - Delete a Gateway: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/deletegateway - - Approve a Pending Node: curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/approve - - Get Last Modified Date (Last Modified Node in Network): curl -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/adm/skynet/lastmodified - - Authenticate: curl -d '{"macaddress": "8c:90:b5:06:f1:d9", "password": "YOUR_PASSWORD"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate - - -Users API ------------------------ - -**Note:** Only able to create Admin user at this time. The "user" is only used by the `user interface `_ to authenticate the single admin user. - -**Get User:** `/api/users/{username}`, `GET` - -**Update User:** `/api/users/{username}`, `PUT` - -**Delete User:** `/api/users/{username}`, `DELETE` - -**Check for Admin User:** `/api/users/adm/hasadmin`, `GET` - -**Create Admin User:** `/api/users/adm/createadmin`, `POST` - -**Authenticate:** `/api/users/adm/authenticate`, `POST` - - -Users API Calls Examples ------------------------- - -.. code-block:: - - Get User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/{username} | jq - - Update User: curl -X PUT -d '{"password":"noonewillguessthis"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username} - - Delete User: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username} - - Check for Admin User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/adm/hasadmin - - Create Admin User: curl -d '{ "username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/adm/createadmin - - Authenticate: curl -d '{"username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate - - -Server Management API ---------------------- - -The Server Mgmt. API allows you to add and remove the server from networks. - -**Add to Network:** `/api/server/addnetwork/{network id}`, `POST` - -**Remove from Network:** `/api/server/removenetwork/{network id}`, `DELETE` - -**Add to Network:** `curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/addnetwork/{network id}` - -**Remove from Network:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/removenetwork/{network id}` - - -File Server API ---------------- - -**Get File:** `/meshclient/files/{filename}`, `GET` - -**Example:** `curl localhost:8081/meshclient/files/meshclient` diff --git a/docs/_build/html/_sources/architecture.rst.txt b/docs/_build/html/_sources/architecture.rst.txt deleted file mode 100644 index ae176a6b..00000000 --- a/docs/_build/html/_sources/architecture.rst.txt +++ /dev/null @@ -1,205 +0,0 @@ -=============== -Architecture -=============== - -.. image:: images/nm-diagram-3.png - :width: 100% - :alt: Netmaker Architecture Diagram - :align: center - - -*Pictured Above: A detailed diagram of Netmaker's Architecture.* - - -Core Concepts -============== - -Familiarity with several core concepts will help when you encounter them later on in the documentation. - -WireGuard ----------- - -WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the `WireGuard `_ website, "it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry." - -Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunneling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no significant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology. - -Mesh Network -------------- - -When we refer to a mesh network in these documents we are typically referring to a "full mesh." - -.. image:: images/mesh.png - :width: 33% - :alt: Full Mesh Network Diagram - :align: center - - -A full `mesh network `_ exists where each machine is able to directly talk to every other machine on the network. For example, on your home network, behind your router, all the computers are likely given private addresses and can reach each other directly. - -This is in contrast to a hub-and-spoke network, where each machine must first pass its traffic through a relay server before it can reach other machines. - -In certain situations you may either want or need a *partial mesh* network, where only some devices can reach each other directly, and other devices must route their traffic through a relay/gateway. Netmaker can use this model in some use cases where it makes sense. In the diagram at the top of this page, the setup is a partial mesh, because the servers (nodes A-D) are meshed, but then external clients come in via a gateway, and are not meshed. - -Mesh networks are generally faster than other topologies, but are also more complicated to set up. WireGuard on its own gives you the means to create encrypted tunnels between devices, but it does not provide a method for setting up a full network. This is where Netmaker comes in. - -Netmaker ---------- - -Netmaker is a platform built off of WireGuard which enables users to create mesh networks between their devices. Netmaker can create both full and partial mesh networks depending on the use case. - -When we refer to Netmaker in aggregate, we are typically referring to Netmaker and the netclient, as well as other supporting services such as CoreDNS, rqlite, and UI webserver. There is also almost always a proxy server / LB, which is typically Caddy. - -From an end user perspective, they typically interact with the Netmaker UI, or even just run the install script for the netclient on their devices. The other components run in the background invisibly. - -Netmaker does a lot of work to set configurations for you, so that you don't have to. This includes things like WireGuard ports, endpoints, public IPs, keys, and peers. Netmaker works to abstract away as much of the network management as possible, so that you can just click to create a network, and click to add a machine to a network. That said, every machine (node) is different, and may require special configuration. That is why, while Netmaker sets practical default settings, everything within Netmaker is fully configurable. - -Node ------- - -A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and receive traffic from all of the other nodes. - -SystemD -------- - -SystemD is a system service manager for a wide array of Linux operating systems. Not all Linux distributions have adopted systemd, but, for better or worse, it has become a fairly common standard in the Linux world. That said, any non-Linux operating system will not have systemd, and many Linux/Unix distributionshave alternative system service managers. - -Netmaker's netclient, the agent which controls networking on all nodes, can be run as a CLI or as a system daemon. On Linux, it runs as a daemon by default, and this requires systemd. As Netmaker evolves, systemd will become just one of the possible service management options, allowing the netclient to be run on a wider array of devices. However, for the time being, the netclient should be run "unmanaged" (netclient join -daemon=off) on systems that do not run systemd, and some other method can be used like a cron job or custom script. - -As of 0.8, Mac and Windows are supported. On these operating systems, netclient launches the daemon using LaunchD and Windows Service, respectively, as opposed to SystemD. - -Components -=========== - -Netmaker consists of several core components, which are explained in high-level technical detail below. - -Netmaker Server ------------------- - -The Netmaker server is, at its core, a golang binary. Source code can be found `on GitHub `_. The binary, by itself can be compiled for most systems. If you need to run the Netmaker server on a particular system, it likely can be made to work. In typical deployments, it is run as a Docker container. It can also be run as a systemd service as outlined in the non-docker install guide. - -The Netmaker server acts as an API to the front end, and as a GRPC server to the machines in the network. GRPC is much faster and more efficient than standard API calls, which increases the speed of transactions. For this reason, the Netmaker server exposes two ports: The default for the API is 8081, and the default for GRPC is 50051. Either the API or the GRPC server can be disabled on any given Netmaker instance, allowing you to deploy two different servers for managing the API (which is largely for the admin's use) and GRPC (which is largely for the nodes' use). - -Most server settings are configurable via a config file, or by environment variables (which take precedence). If the server finds neither of these, it sets sensible defaults, including things like the server's reachable IP, ports, and which "modes" to run in. - -These modes include client mode and dns mode. Either of these can be disabled but are enabled by default. Client mode allows you to treat the Netmaker host machine (operating system) as a network Node, installing the netclient and controlling the host network. DNS mode has the server write config settings for CoreDNS, a separate component and nameserver, which picks up the config settings to manage node DNS. - -The Netmaker server interacts with either sqlite (default), postgres, or rqlite, a distributed version of sqlite, as its database. This DB holds information about nodes, networks, users, and other important data. This data is configuration data. For the most part, Netmaker serves configuration data to Nodes, telling them how they should configure themselves. The Netclient is the agent that actually does that configuration. - -The components of the server are usually proxied via Caddy, or an alternative like Nginx and Traefik. The proxy handles SSL certificates to secure traffic, and routes to the UI, API, and gRPC server. - -Netclient ----------------- - -The netclient is, at its core, a golang binary. Source code can be found in the netclient folder of the Netmaker `GitHub Repository `_. The binary, by itself, can be compiled for most systems. However, this binary is designed to manage a certain number of Operating Systems. As of version 0.8, the netclient can be run as a system daemon on linux distributions with systemd, or as an "unmanaged" client on distributions without systemd. The netclient for Windows and Mac will run as a Windows Service or LaunchDaemon, respectively. - -The netclient is installed via a simple bash script, which pulls the latest binary and runs 'register' and 'join' commands. - -The 'register' command adds a WireGuard tunnel directly to the netmaker server, for all subsequent communication. - -The 'join' command attempts to add the machine to the Netmaker network using sensible defaults, which can be overridden with a config file or environment variables. Assuming the netclient has a valid key (or the network allows manual node signup), it will be registered into the Netmaker network, and will be returned necessary configuration details for how to set up its local network. - -The netclient then sets up the system daemon (if running in daemon mode), and configures WireGuard. At this point it should be part of the network. - -If running in daemon mode, the node subscribes to the MQTT server running with Netmaker, which will send it periodic updates when the network changes. The node will also detect local changes and send them to the server. Any change in configuration will lead to a network update to keep everything in sync. If the node is not running with the in daemon on, it is up to the operator to keep the netclient up-to-date by running regular "pulls" (netclient pull). - -This pub-sub system allows Netmaker to create dynamic mesh networks. As nodes are added to, removed from, and modified on the network, other nodes are notified, and make appropriate changes. - - -Database (sqlite, rqlite, postgres) -------------------------------------- - -As of v0.8, Netmaker uses sqlite by default as a database. It can also use PostgreSQL, or rqlite, a distributed (RAFT consensus) database. Netmaker interacts with this database to store and retrieve information about nodes, networks, and users. - -Additional database support (besides sqlite and rqlite) is very easy to implement for special use cases. Netmaker uses simple key value lookups to run the networks, and the database was designed to be extensible, so support for key-value stores and other SQL-based databases can be achieved by changing a single file. - -Netmaker UI ---------------- - -The Netmaker UI is a ReactJS-based static website which can be run on top of standard webservers such as Apache and Nginx. Source code can be found `here `_. In a typical configuration, the Netmaker UI is run on Nginx as a Docker container. - -Netmaker can be used in its entirety without the UI, but the UI makes things a lot easier for most users. It has a sensible flow and layout for managing Networks, Nodes, Access Keys, and DNS. - - -CoreDNS --------- - -Netmaker allows users to provide and manage Private DNS for their nodes. This requires a nameserver, and CoreDNS is the chosen nameserver. CoreDNS is lightweight and extensible. CoreDNS loads dns settings from a simple file, managed by Netmaker, and serves out DNS info for managed nodes. DNS can be tricky, and DNS management is currently only supported on a small set of devices, specifically those running systemd-resolved. However, the Netmaker CoreDNS instance can be added manually as a nameserver to other devices. DNS mode can also be turned off. - -Caddy -------- - -Caddy is the default proxy for Netmaker if you set it up via Quick Start. Caddy is an extremely simple and docker-friendly proxy, which can be compared to Nginx, Traefik, or HAProxy. We use Caddy by default because of the ease of management, and integration with gRPC. A typical setup for Nginx might take dozens of lines of code, and we need to request and manage SSL certificates separately. - -Caddy handles all these things automatically in very few lines of code. You can see our default "Caddyfile" here, which is fed to the container and has all the configuration necessary to configure the proxy for our app: - -https://github.com/gravitl/netmaker/blob/master/docker/Caddyfile - -Mosquitto Broker (MQTT) -------------------------- - -The Moquitto broker is the default MQTT broker that ships with Netmaker, though technically, any MQTT broker should work so long as the correct configuration is applied. The broker enables the establishment of a pub-sub messaging system, whereby clients subscribe to recieve updates. When the server recieves a change (via API/UI/gRPC), it will publish that change to the broker that pushes out the change to the appropriate nodes. In Netmaker, the messages are double encrypted. Once by Golang, and again by sending all messages over a WireGuard tunnel. - -External Client ----------------- - -The external client is simply a manually configured WireGuard connection to your network, which Netmaker helps to manage. - -Most machines can run WireGuard. It is fairly simple to set up a WireGuard connection to a single endpoint. It is setting up mesh networks and other topologies like site-to-site which becomes complicated. - -Mac, Windows, and Linux are handled natively by the Netclient. - -Netmaker can issue "external clients" to handle any devices which are not currently compatible with the netclient, including iPhone, Android, and some Unix distributions. Over time, this list will be eliminated and there may not even be a need for the external client. - -External clients hook into a Netmaker network via an "Ingress Gateway," which is configured for a given node and allows traffic to flow into the network. - -Technical Process -==================== - -Below is a high level, step-by-step overview of the flow of communications within Netmaker (assuming Netmaker has already been installed): - -1. Admin creates a new network with a subnet, for instance 10.10.10.0/24 -2. Admin creates an access key for signing up new nodes -3. Both of the above requests are routed to the server via an API call from the front end -4. Admin runs the netclient install script on any given node (machine). -5. Netclient decodes key, which contains the server location -6. Netclient gathers and sets appropriate information to configure itself as a node: it generates key pairs, gets public and local addresses, and sets a port. -7. Netclient sends this information to the server, authenticating with its access key -8. Netmaker server verifies information and creates the node, setting default values for any missing information, and returns a response. -9. Upon successful registration, Netclient pulls the latest peers list from the server and set up a WireGuard interface -10. Netclient configures itself as a daemon (if joining for the first time) and subscribes to MQ using the server's WireGuard address. -11. Netclient regularly retrieves local information, checking for changes in things like IP and keys. If there is a change, it pushes them to the server. -12. If a change occurs in any other peer, or peers are added/removed, an update will be sent to the Netclient via MQ, and it will re-configure WireGuard. - -Compatible Systems for Netclient -================================== - -To manage a node manually, the Netclient can be compiled and run for most linux distibutions, with a prerequisite of WireGuard with kernel headers. If the netclient from the release pages does not run natively on your system, you may need to compile the netclient binary directly on the machine from the source code. This may be true for some installations of SUSE, Fedora, and some Debian-based systems. However, if the dependencies are installed on the machine, the netclient should run correctly after being compiled. - -Simply clone the repo, cd to netmaker/netclient and run "go build" (Golang must be installed). - -The following systems should be operable natively with Netclient in daemon mode: - - Windows - - Mac - - FreeBSD - - OpenWRT - - Fedora - - Ubuntu - - Debian - - Mint - - SUSE - - RHEL - - Raspian. - - Arch - - CentOS - - Fedora CoreOS - -To manage DNS (optional), the node must have systemd-resolved. Systems that have this enabled include: - - Arch - - Debian - - Ubuntu - - SUSE - -Limitations -============= - -Install limitations mostly include platform-specific dependencies. A failed netclient install should display information about which command is failing, or which libraries are missing. This can often be solved via machine upgrade, installing missing dependencies, or setting kernel headers on the machine for WireGuard (e.x.: `Installing Kernel Headers on Debian `_) diff --git a/docs/_build/html/_sources/client-installation.rst.txt b/docs/_build/html/_sources/client-installation.rst.txt deleted file mode 100644 index 033ecdb4..00000000 --- a/docs/_build/html/_sources/client-installation.rst.txt +++ /dev/null @@ -1,209 +0,0 @@ -================================ -Advanced Client Installation -================================ - -This document tells you how to install the netclient on machines that will be a part of your Netmaker network, as well as non-compatible systems. - -These steps should be run after the Netmaker server has been created and a network has been designated within Netmaker. - -Introduction to Netclient -=============================== - -At its heart, the netclient is a simple CLI for managing access to various WireGuard-based networks. It manages WireGuard on the host system, so that you don't have to. Why is this necessary? - -If you are setting up a WireGuard-based virtual network, you must configure each machine with very specific settings, so that every machine can reach it, and it can reach every machine. Any changes to the settings of any one of these machines can break those connections. Any machine that is added, removed, or modified on the network requires reconfiguring every peer in the network. This can be very time consuming. - -The netmaker server holds configuration details about every machine in your network and how other machines should connect to it. - -The netclient agent connects to the server, pushing and pulling information when the network (or its local configuration) changes. - -The netclient agent then configures WireGuard (and other network properties) locally, so that the network stays intact. - -Notes on Windows -================================== - -If running the netclient on windows, you must download the netclient.exe binary and run it from Powershell as an Administrator. - -Windows will by default have firewall rules that prevent inbound connections. If you wish to allow inbound connections from particular peers, use the following command: - -``netsh advfirewall firewall add rule name="Allow from " dir=in action=allow protocol=ANY remoteip=`` - -If you want to allow all peers access, but do not want to configure firewall rules for all peers, you can configure access for one peer, and set it as a Relay Server. - -Running the install script ----------------------------- - -Some file locations have issues running the install script, such as running from the root C:/ folder. Users have noted the following locations work well for running the install powershell script: - -- `C:/Program Files/wireguard` -- `C:/Windows/System32` - -Running netclient commands ----------------------------- - -If running the netclient manually ("netclient join", "netclient checkin", "netclient pull") it should be run from outside of the installed directory, which will be either: - -- `C:/Program Files/netclient` -- `C:/ProgramData/netclient` - -It is better to call it from a different directory. - -High CPU Utilization --------------------------- - -With some versions of WireGuard on Windows, high CPU utilization has been found with the netclient. This is typically due to interaction with the WireGuard GUI component (app). If you're experiencing high CPU utilization, close the WireGuard app. WireGuard will still be running, but the CPU usage should go back down to normal. - -Notes on OpenWRT -=========================== - -Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try: - -1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt - -2. Manual installation: - -- download (wget) the netclient package for your hardware from the netclient releases: https://github.com/gravitl/netmaker/releases -- rename to "netclient" -- Run as root from a bash shell on OpenWRT - -3. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a "netclient join" command: - -- `wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh` -- ./token-convert -- Run the output on your OpenWRT machine - -Modes and System Compatibility -================================== - -**Note: If you would like to connect non-Linux/Unix machines to your network such as phones and Windows desktops, please see the documentation on External Clients** - -The netclient can be run in a few "modes". System compatibility depends on which modes you intend to use. These modes can be mixed and matched across a network, meaning all machines do not have to run with the same "mode." - -CLI ------------- - -In its simplest form, the netclient can be treated as just a simple, manual, CLI tool, which a user can call to configure the machine. The cli can be compiled from source code to run on most systems, and has already been compiled for x86 and ARM devices. - -As a CLI, the netclient should function on any Linux or Unix based system that has the wireguard utility (callable with **wg**) installed. - -Daemon ----------- - -The netclient is intended to be run as a system daemon. This allows it to automatically retrieve and send updates. To do this, the netclient can install itself as a systemd service, or launchd/windows service for Mac or Windows. - -If running the netclient on non-systemd linux, it is recommended to manually configure the netclient as a daemon using whatever method is acceptable on the chosen operating system. - -Private DNS Management ------------------------ - -To manage private DNS, the netclient relies on systemd-resolved (resolvectl). Absent this, it cannot set private DNS for the machine. - -A user may choose to manually set a private DNS nameserver of :53. However, beware, as netmaker sets split dns, and the system must be configured properly. Otherwise, this nameserver may break your local DNS. - -Prerequisites -============= - -To obtain the netclient, go to the GitHub releases: https://github.com/gravitl/netmaker/releases - -**For netclient cli:** Linux/Unix with WireGuard installed (wg command available) - -**For netclient daemon:** Systemd Linux + WireGuard - -**For Private DNS management:** Resolvectl (systemd-resolved) - -Configuration -=============== - -The CLI has information about all commands and variables. This section shows the "help" output for these commands as well as some additional reference. - -CLI Reference --------------------- -``sudo netclient --help`` - -.. literalinclude:: ./examplecode/netclient-help.txt - :language: YAML - - -``sudo netclient join --help`` - -.. literalinclude:: ./examplecode/netclient-join.txt - :language: YAML - - -Config File Reference ------------------------- - -There is a config file for each node under /etc/netconfig-. You can change these values and then set "postchanges" to "true", or go to the CLI and run ``netclient push -n `` - - -.. literalinclude:: ./examplecode/netconfig-example.yml - :language: YAML - - -Installation -====================== - - -To install netmaker, you need a server token for a particular network, unless you're joining a network that allows manual signup, in which case you can join without a token, but the server will quarantine the machine until the admin approves it. - -An admin creates a token in the ACCESS KEYS section of the UI. Upon creating a token, it generates 3 values: - -**Access Key:** The secret key to authenticate as a node in the network - -**Access Token:** The secret key plus information about how to access the server (addresses, ports), all decoded by the netclient to register with the server - -**Install Command:** A short script that will obtain the netclient binary, register with the server, and join the network, all in one - -For first time installations, you can run the Install Command. For additional networks, simply run ``netclient join -t ``. The raw access key will not be needed unless there are special circumstances, mostly troubleshooting incorrect information in the token (you can instead manually specify the server location). - - -Managing Netclient -===================== - -Viewing Logs ---------------- - -**to view current networks** - ``netclient list`` - -**to tail logs** - ``journalctl -u netclient`` - -**to get most recent log run** - ``systemctl status netclient`` - -Re-syncing netclient (basic troubleshooting) ------------------------------------------------ - -If the daemon is not running correctly run, try restarting the daemon, or pulling changes directly (don't do both at once) - - ``systemctl restart netclient`` - - ``sudo netclient pull`` - - -Making Updates ----------------- - -``vim /etc/netclient/config/netconfig-`` - -Change any of the variables in this file, and changes will be pushed to the server and processed locally on the next checkin. - -For instance, change the private address, endpoint, or name. See above example config file for details - - -Adding/Removing Networks ---------------------------- - -``netclient join -t `` - -Set any of the above flags (netclient join --help) to override settings for joining the network. -If a key is provided (-k), then a token is unnecessary, but grpc, server, ports, and network must all be provided via flags. - - -Uninstalling ---------------- - -``netclient uninstall`` - - diff --git a/docs/_build/html/_sources/conduct.rst.txt b/docs/_build/html/_sources/conduct.rst.txt deleted file mode 100644 index 2230df72..00000000 --- a/docs/_build/html/_sources/conduct.rst.txt +++ /dev/null @@ -1,77 +0,0 @@ -=============== -Code of Conduct -=============== - -Our Pledge -========== - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -Our Standards -============= - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a professional setting - -Our Responsibilities -==================== - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -Scope -===== - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -Enforcement -=========== - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at info@gravitl.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -Attribution -=========== - -This Code of Conduct is adapted from the `Contributor Covenant `_, version 1.4, -available `here `_. - diff --git a/docs/_build/html/_sources/egress-gateway.rst.txt b/docs/_build/html/_sources/egress-gateway.rst.txt deleted file mode 100644 index 3df2aa20..00000000 --- a/docs/_build/html/_sources/egress-gateway.rst.txt +++ /dev/null @@ -1,96 +0,0 @@ -===================================== -Egress Gateway -===================================== - -Introduction -=============== - -.. image:: images/egress1.png - :width: 80% - :alt: Gateway - :align: center - -Netmaker allows your clients to reach external networks via an Egress Gateway. The Egress Gateway is a netclient which has been deployed to a server or router with access to a given subnet. - -In the netmaker UI, that node is set as an "egress gateway." Range(s) are specified which this node has access to. Once created, all clients (and all new ext clients) in the network will be able to reach those ranges via the gateway. - -Configuring an Egress Gateway -================================== - -Configuring an Egress Gateway is very straight forward. As a prerequisite, you must know what you are trying to access remotely. For instance: - -- a VPC -- a Kubernetes network -- a home network -- an office network -- a data center - -After you have determined this, you must next deploy a netclient in a compatible location where the network is accessible. For instance, a Linux server or router in the office, or a Kubernetes worker node. This machine should be stable and relatively static (not expected to change its IP frequently or shut down unexpectedly). - -Next, you must determine which interface to use in order to reach the internal network. As an example, lets say there is a machine in the network at 10.10.10.2, and you have deployed the netclient on a different machine. You can run - -.. code-block:: - - ip route get 10.10.10.2 - -This should return the interface used to reach that address (e.x. "eth2") - -Finally, once you have determined the interface, the subnet, and deployed your netclient, you can go to your Netmaker UI and set the node as a gateway. - -.. image:: images/egress7.png - :width: 80% - :alt: Gateway - :align: center - -At this point simply insert the range(s) into the first field, and the interface name into the second field, and click "create". - -.. image:: images/ui-6.jpg - :width: 80% - :alt: Gateway - :align: center - -Netmaker will set iptables rules on the node, which will then implement these rules, allowing it to route traffic from the network to the specified range(s). - -Use Cases -============ - -1) Remote Access -------------------- - -A common scenario would be to combine this with an "Ingress Gateway" to create a simple method for accessing a home or office network. Such a setup would typically have only two nodes: the ingress and egress gateways. The Ingress Gateway should usually be globally accessible, which makes the Netmaker server itself a good candidate. This means you need only the netmaker server as the Ingress, and one additional machine (in the private network you wish to reach), as the Egress. - -.. image:: images/egress2.png - :width: 80% - :alt: Gateway - :align: center - -In some scenarios, a single node will act as both ingress and egress! For instance, you can enable acess to a VPC using your Netmaker server, deployed with a public IP. Traffic comes in over the public IP (encrypted of course) and then routes to the VPC subnet via the egress gateway. - -.. image:: images/egress3.png - :width: 50% - :alt: Gateway - :align: center - -2) VPN / NAT Gateway ------------------------ - -Most people think of a VPN as a remote server that keeps your internet traffic secure while you browse the web, or as a tool for accessing internet services in another country,using a VPN server based in that country. - -These are not typical use cases for Netmaker, but can be easily enabled. - -**The most important note is this: Do not use 0.0.0.0/0 as your egress gateway.** This is how you typically set up a "standard" VPN with WireGuard, however, it will not work with Netmaker. The Netclient specifically ignores gateways that overlap with local ranges (for efficiency ranges). 0.0.0.0 overlaps with everything, so it is always ignored. - -Instead, use the following list of ranges: - -.. code-block:: - - 0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4 - -This list encompasses the standard "public" network ranges, and ignores the standard "private" network ranges. - -Simply paste this list into your "egress gateway ranges" and your clients should begin routing public-facing traffic over the gateway. - -.. image:: images/egress5.png - :width: 50% - :alt: Gateway - :align: center diff --git a/docs/_build/html/_sources/external-clients.rst.txt b/docs/_build/html/_sources/external-clients.rst.txt deleted file mode 100644 index aad6d456..00000000 --- a/docs/_build/html/_sources/external-clients.rst.txt +++ /dev/null @@ -1,77 +0,0 @@ -===================================== -Ingress + External Clients -===================================== - -Introduction -=============== - -.. image:: images/ingress1.png - :width: 50% - :alt: Gateway - :align: center - -Netmaker allows for "external clients" to reach into a network and access services via an Ingress Gateway. So what is an "external client"? An external client is any machine which cannot or should not be meshed. This can include: - - Phones - - Laptops - - Desktops - -An external client is not "managed," meaning it does not automatically pull the latest network configuration, or push changes to its configuration. Instead, it uses a generated WireGuard config file to access the designated **Ingress Gateway**, which **is** a managed server (running netclient). This server then forwards traffic to the appropriate endpoint, acting as a middle-man/relay. - -By using this method, you can hook any machine into a netmaker network that can run WireGuard. - -It is recommended to run the netclient where compatible, but for all other cases, a machine can be configured as an external client. - -Important to note, an external client is not **reachable** by the network, meaning the client can establish connections to other machines, but those machines cannot independently establish a connection back. The External Client method should only be used in use cases where one wishes to access resource running on the virtual network, and **not** for use cases where one wishes to make a resource accessible on the network. For that, use netclient. - -Configuring an Ingress Gateway -================================== - -External Clients must attach to an Ingress Gateway. By default, your network will not have an ingress gateway. To configure an ingress gateway, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be an ingress gateway and makes for a good default choice if you are unsure of which node to select. - -.. image:: images/exclient1.png - :width: 80% - :alt: Gateway - :align: center - -Adding Clients to a Gateway -============================= - -Once you have configured a node as a gateway, you can then add clients to that gateway. Clients will be able to access other nodes in the network just as the gateway node does. - -.. image:: images/exclient2.png - :width: 80% - :alt: Gateway - :align: center - -After creating a client, you can edit the name to something more logical. - -.. image:: images/exclient3.png - :width: 80% - :alt: Gateway - :align: center - -Then, you can either download the configuration file directly, or scan the QR code from your phone (assuming you have the WireGuard app installed). It will accept the configuration just as it would accept a typical WireGuard configuration file. - -.. image:: images/exclient4.png - :width: 80% - :alt: Gateway - :align: center - -Example config file: - -.. literalinclude:: ./examplecode/myclient.conf - -Your client should now be able to access the network! A client can be invalidated at any time by simply deleting it from the UI. - -Configuring DNS for Ext Clients (OPTIONAL) -============================================ - -If you wish to have a DNS field on your ext clients conf, simply edit the network field as shown below to 1.1.1.1 or 8.8.8.8 for example. -If you do not want DNS on your ext client conf files, simply leave it blank. - -.. image:: images/extclient5.png - :width: 80% - :alt: Gateway - :align: center - -Important to note, your client automatically adds egress gateway ranges (if any on the same network) to it's allowed IPs. diff --git a/docs/_build/html/_sources/getting-started.rst.txt b/docs/_build/html/_sources/getting-started.rst.txt deleted file mode 100644 index fea57bc7..00000000 --- a/docs/_build/html/_sources/getting-started.rst.txt +++ /dev/null @@ -1,142 +0,0 @@ -================= -Getting Started -================= - -Once you have Netmaker installed via the :doc:`Quick Install <./quick-start>` guide, you can use this Getting Started guide to help create and manage your first network. - -Setup -================= - -#. Create your admin user, with a username and password. -#. Login with your new user -#. Create your first network by clicking on Create Network - -Create a Network -================= - - -.. image:: images/create-net.png - :width: 80% - :alt: Create Network Screen - :align: center - -This network should have a sensible name (nodes will use it to set their interfaces). - -More importantly, it should have a non-overlapping, private address range. - -If you are running a small (less than 254 machines) network, and are unsure of which CIDR's to use, you could consider: - -- 10.11.12.0/24 -- 10.20.30.0/24 -- 100.99.98.0/24 - -Network Settings Description -------------------------------- - -The Network creation form has a few fields which may seem unfamiliar. Here is a brief description: - -**UDP Hole Punching:** UDP Hole Punching enables the server to perform STUN. This means, when nodes check in, the server will record return addresses and ports. It will then communicate this information to the other nodes when they check in, allowing them to reach their peers more easily. This has two benefits. For one, it%. It also means, you dont usually have to worry about opening up the local firewall for ports (for instance, 51821). **This setting is usually good to turn on, with some noteable exceptions.** This setting cannot be enabled if "client mode" is turned off. This setting can also break peer-to-peer functionality if, for whatever reason, nodes are unable to reach the server. - -**Is Local Network:** This is almost always best to leave this turned off and is left for very special circumstances. If you are running a data center or a private WAN, you may want to enable this setting. It defines the range that nodes will set for Endpoints. Usually, Endpoints are just the public IP. But in some cases, you don't want any nodes to be reachable via a public IP, and instead want to use a private range. - -**Is Dual Stack:** This setting adds ipv6 private addresses to nodes, in addition to ipv4 addresses. Usually, this is unnecessary, but in some cases, you may have a requirement for ipv6 and can enable this setting. - -Once your network is created, you should see that the netmaker server has added itself to the network. From here, you can move on to adding additional nodes to the network. - -.. image:: images/netmaker-node.png - :width: 80% - :alt: Node Screen - :align: center - - -Create a Key -=============== - -Adding nodes to the network typically requires a key. - -#. Click on the ACCESS KEYS tab and select the network you created. -#. Click ADD NEW ACCESS KEY -#. Give it a name (ex: "mykey") and a number of uses (ex: 25) -#. Click CREATE KEY (**Important:** Do not click out of the following screen until you have saved your key details. It will appear only once.) -#. Copy the bottom command under "Your agent install command with access token" and save it somewhere locally. E.x: ``curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -``. - -.. image:: images/access-key.png - :width: 80% - :alt: Access Key Screen - :align: center - -You will use this command to install the netclient on your nodes. There are three different values for three different scenarios: - -* The **Access Key** value is the secret string that will allow your node to authenticate with the Netmaker network. This can be used with existing netclient installations where additional configurations (such as setting the server IP manually) may be required. This is not typical. E.g. ``netclient join -k -s grpc.myserver.com -p 50051`` -* The **Access Token** value is a base64 encoded string that contains the server IP and grpc port, as well as the access key. This is decoded by the netclient and can be used with existing netclient installations like this: ``netclient join -t ``. You should use this method for adding a network to a node that is already on a network. For instance, Node A is in the **mynet** network and now you are adding it to **default**. -* The **install command** value is a curl command that can be run on Linux systems. It is a simple script that downloads the netclient binary and runs the install command all in one. - -Networks can also be enabled to allow nodes to sign up without keys at all. In this scenario, nodes enter a "pending state" and are not permitted to join the network until an admin approves them. - -Deploy Nodes -================= - -0. Prereqisite: Every machine on which you install should have wireguard and systemd already installed. - -1. SSH to each machine -2. ``sudo su -`` -3. **Prerequisite Check:** Every Linux machine on which you run the netclient must have WireGuard and systemd installed -4. For linux machines with SystemD and WireGuard installed, Run the install command, Ex: ``curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -`` -5. For Mac, Windows, and arch-specific linux distributions (e.g. ARM), `download the appropriate netclient for your system `_ . Then, run "netclient join -t ". - -You should get output similar to the below. The netclient retrieves local settings, submits them to the server for processing, and retrieves updated settings. Then it sets the local network configuration. For more information about this process, see the :doc:`client installation <./client-installation>` documentation. If this process failed and you do not see your node in the console (see below), then reference the :doc:`troubleshooting <./troubleshoot>` documentation. - -.. image:: images/nc-install-output.png - :width: 80% - :alt: Output from Netclient Install - :align: center - - -.. image:: images/nm-node-success.png - :width: 80% - :alt: Node Success - :align: center - - -Repeat the above steps for every machine you would like to add to your network. You can re-use the same install command so long as you do not run out of uses on your access key (after which it will be invalidated and deleted). - -Once installed on all nodes, you can test the connection by pinging the private address of any node from any other node. - - -.. image:: images/ping-node.png - :width: 80% - :alt: Node Success - :align: center - -Manage Nodes -=============== - -Your machines should now be visible in the control pane. - -.. image:: images/nodes.png - :width: 80% - :alt: Node Success - :align: center - -You can view/modify/delete any node by selecting it in the NODES tab. For instance, you can change the name to something more sensible like "workstation" or "api server". You can also modify network settings here, such as keys or the WireGuard port. These settings will be picked up by the node on its next check in. For more information, see Advanced Configuration in the :doc:`Using Netmaker <./usage>` docs. - -.. image:: images/node-details.png - :width: 80% - :alt: Node Success - :align: center - - - -Nodes can be added/removed/modified on the network at any time. Nodes can also be added to multiple Netmaker networks. Any changes will get picked up by any nodes on a given network, and will take aboue ~30 seconds to take effect. - -Uninstalling the netclient -============================= - -1. To remove your nodes from the default network, run the following on each node: ``sudo netclient leave -n default`` -2. To remove the netclient entirely from each node, run ``sudo rm -rf /etc/netclient`` (after running the first step) - -Uninstalling Netmaker -=========================== - -To uninstall Netmaker from the server, simply run ``docker-compose down`` or ``docker-compose down --volumes`` to remove the docker volumes for a future installation. - diff --git a/docs/_build/html/_sources/index.rst.txt b/docs/_build/html/_sources/index.rst.txt deleted file mode 100644 index b8edc1d7..00000000 --- a/docs/_build/html/_sources/index.rst.txt +++ /dev/null @@ -1,194 +0,0 @@ -.. Netmaker documentation master file, created by - sphinx-quickstart on Fri May 14 08:51:40 2021. - You can adapt this file completely to your liking, but it should at least - contain the root `toctree` directive. - - -.. image:: images/netmaker.png - :width: 100% - :alt: Netmaker WireGuard - :align: center - -======================================= -Welcome to the Netmaker Documentation -======================================= - - -Netmaker is a platform for creating and managing fast, secure, and dynamic virtual overlay networks using WireGuard. - -This documentation covers Netmaker's :doc:`installation <./server-installation>`, :doc:`usage <./usage>`, :doc:`troubleshooting <./support>`, and customization, as well as reference documents for the :doc:`API <./api>`, UI and Agent configuration. All of the `source code `_ for Netmaker is on GitHub. - -**For Kubernetes-specific guidance, please see the** `Netmaker Kubernetes Documentation. `_ - -About --------- - -High-level information about what Netmaker is and how it works. - -.. toctree:: - :maxdepth: 2 - - about - - architecture - -Getting Started ------------------------------------- - -How to install Netmaker and set up your first network. - -.. toctree:: - :maxdepth: 2 - - install - - quick-start - - getting-started - -Ingress, Egress, and Relays ------------------------------- - -How to give machines outside of the Netmaker network access to network resources via an Ingress Gateway: - -.. toctree:: - :maxdepth: 2 - - external-clients - -How to give machines inside the Netmaker network access to external network resources via an Egress Gateway: - - -.. toctree:: - :maxdepth: 2 - - egress-gateway - -How to make machines inside the network reachable if they are blocked by NAT/Firewall: - -.. toctree:: - :maxdepth: 2 - - relay-server - -Kubernetes Documentation ---------------------------- - -.. toctree:: - - Kubernetes - -`Netmaker Kubernetes Documentation `_ - - -Advanced Server Installation -------------------------------- - -A detailed guide to installing the Netmaker server (API, DB, UI, DNS), and configuration options. - -.. toctree:: - :maxdepth: 2 - - server-installation - -Advanced Client Installation --------------------------------- - -A detailed guide to installing the Netmaker agent (netclient) on devices and configuration options. - -.. toctree:: - :maxdepth: 2 - - client-installation - - -Oauth Configuration --------------------- - -A simple guide to configuring OAuth for Netmaker. - -.. toctree:: - :maxdepth: 2 - - oauth - - -External Guides ----------------- - -A handful of guides for use cases including site-to-site, Kubernetes, private DNS, and more. - -.. toctree:: - :maxdepth: 2 - - usage - -UI Reference ---------------- - -A reference document for the Netmaker Server UI, with annotated screenshot detailing each field. - -.. toctree:: - :maxdepth: 2 - - ui-reference - -API Reference ---------------- - -A reference document for the Netmaker Server API, and example API calls for various use cases. - -.. toctree:: - :maxdepth: 1 - - api - -Upgrades ----------------- - -Upgrading the Netmaker server and clients. - -.. toctree:: - :maxdepth: 1 - - upgrades - - -Troubleshooting ----------------- - -Help with common Netmaker/netclient issues. - -.. toctree:: - :maxdepth: 2 - - troubleshoot - - -Support ----------------- - -Where to go for help, and a FAQ. - -.. toctree:: - :maxdepth: 2 - - support - -Code of Conduct ------------------ - -A statement on our expectations and pledge to the community. - -.. toctree:: - - conduct.rst - -Licensing ---------------- - -A link to the Netmaker license. - -.. toctree:: - - license.rst diff --git a/docs/_build/html/_sources/install.rst.txt b/docs/_build/html/_sources/install.rst.txt deleted file mode 100644 index ea7d3d4f..00000000 --- a/docs/_build/html/_sources/install.rst.txt +++ /dev/null @@ -1,20 +0,0 @@ -========= -Install -========= - -Choose the install method that makes sense for you. - -**For most users, we recommend the** :doc:`Quick Install<./quick-start>` **guide.** - -`Trial, PoC, Testing, and Experimenting `_ - -:doc:`Quick Install: for general small-to-medium use cases <./quick-start>` - -:ref:`Kubernetes Installation ` - -:ref:`Non-Docker (from binary) Install ` - -:ref:`Highly Available Installation ` - -:doc:`Advanced Install Resources <./server-installation>` - diff --git a/docs/_build/html/_sources/license.rst.txt b/docs/_build/html/_sources/license.rst.txt deleted file mode 100644 index 3e81c466..00000000 --- a/docs/_build/html/_sources/license.rst.txt +++ /dev/null @@ -1,6 +0,0 @@ -======= -License -======= - -Netmaker's source code and all artifacts in this repository are freely available. All versions are published under the Server Side Public License (SSPL), version 1, which can be found `here `_. - diff --git a/docs/_build/html/_sources/oauth.rst.txt b/docs/_build/html/_sources/oauth.rst.txt deleted file mode 100644 index 2af20f55..00000000 --- a/docs/_build/html/_sources/oauth.rst.txt +++ /dev/null @@ -1,81 +0,0 @@ -==================== -Integrating OAuth -==================== - -Introduction -============== - -As of v0.8.5, Netmaker offers integration with the following OAuth providers: - -- GitHub -- Google -- Microsoft Azure AD - -By integrating with an OAuth provider, your Netmaker users can log in via the provider, rather than the default simple auth. - -Configuring your provider -=========================== - -In order to use OAuth, configure your OAuth provider (GitHub, Google, Azure AD). - -You must configure your provider (except for Azure AD) to use the Netmaker Dashboard URI dashboard. as the origin URL. - -For example: `https://dashboard.netmaker.mydomain.com` - -You must configure your provider to use the Netmaker API URI redirect route with the following format: https://api./api/oauth/callback. - -For example: `https://api.netmaker.mydomain.com/api/oauth/callback` - -General provider instructions can be found with the following links: - -Instructions for GitHub: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#github-auth-provider -Instructions for Google: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#google-auth-provider -Instructions for Microsoft Azure AD: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#microsoft-azure-ad-provider - -Configuring Netmaker -====================== - -After you have configured your OAuth provider, take note of the CLIENT_ID and CLIENT_SECRET. If you are using Azure for oauth, you may also want to note down the Azure tenant ID you wish to use. - -Next, Configure Netmaker with the following environment variables. If any are left blank, OAuth will fail. - -.. code-block:: - - AUTH_PROVIDER: "" - CLIENT_ID: "" - CLIENT_SECRET: "" - SERVER_HTTP_HOST: "api." - FRONTEND_URL: "https://dashboard." - AZURE_TENANT: "" - -After restarting your server, the Netmaker logs will indicate if the OAuth provider was successfully initialized: - -.. code-block:: - - sudo docker logs netmaker - -Once successful, users can click the key symbol on the login page to sign-in with your configured OAuth provider. - -.. image:: images/oauth1.png - :width: 80% - :alt: Login Oauth - :align: center - -Configuring User Permissions -=============================== - -All users logging in will have zero permissions on first sign-in. An admin must configure all user permissions. - -Admins must navigate to the "Users" screen to configure permissions. - -For each user, an admin must specify which networks that user has access to configure. Additionally, an Admin can elevate a user to Admin permissions. - -.. image:: images/oauth3.png - :width: 80% - :alt: Edit User 2 - :align: center - -.. image:: images/oauth2.png - :width: 80% - :alt: Edit User - :align: center diff --git a/docs/_build/html/_sources/quick-start.rst.txt b/docs/_build/html/_sources/quick-start.rst.txt deleted file mode 100644 index 7dec586f..00000000 --- a/docs/_build/html/_sources/quick-start.rst.txt +++ /dev/null @@ -1,155 +0,0 @@ -=============== -Quick Install -=============== - -This quick start guide is an **opinionated** guide for getting up and running with Netmaker as quickly as possible. - -If just trialing netmaker, you may also want to check out the 3-minute PoC install of Netmaker in the README on GitHub. The following is just a guided version of that script, plus a custom domain (instead of nip.io): https://github.com/gravitl/netmaker . - -Introduction -================== - -We assume for this installation that you want all of the Netmaker features enabled, you want your server to be secure, and you want your server to be accessible from anywhere. - -This instance will not be HA. However, it should comfortably handle around one hundred concurrent clients and support the most common use cases. - -If you are deploying for a business or enterprise use case and this setup will not fit your needs, please contact info@gravitl.com, or check out the business subscription plans at https://gravitl.com/plans/business. - -By the end of this guide, you will have Netmaker installed on a public VM linked to your custom domain, secured behind a Caddy reverse proxy. - -For information about deploying more advanced configurations, see the :doc:`Advanced Installation <./server-installation>` docs. - - -0. Prerequisites -================== -- **Virtual Machine** - - - Preferably from a cloud provider (e.x: DigitalOcean, Linode, AWS, GCP, etc.) - - - (We do not recommend Oracle Cloud, as VM's here have been known to cause network interference.) - - - Public, static IP - - - Min 1GB RAM, 1 CPU (4GB RAM, 2CPU preferred for production installs) - - - 2GB+ of storage - - - Ubuntu 20.04 Installed - -- **Domain** - - - A publicly owned domain (e.x. example.com, mysite.biz) - - Permission and access to modify DNS records via DNS service (e.x: Route53) - -1. Prepare DNS -================ - -Create a wildcard A record pointing to the public IP of your VM. As an example, \*.netmaker.example.com. - -Caddy will create 3 subdomains with this wildcard, EX: - -- dashboard.netmaker.example.com - -- api.netmaker.example.com - -- grpc.netmaker.example.com - - -2. Install Dependencies -======================== - -.. code-block:: - - ssh root@your-host - sudo apt-get update - sudo apt-get install -y docker.io docker-compose wireguard - -At this point you should have all the system dependencies you need. - -3. Open Firewall -=============================== - -Make sure firewall settings are set for Netmaker both on the VM and with your cloud security groups (AWS, GCP, etc). - -Make sure the following ports are open both on the VM and in the cloud security groups: - -- **443 (tcp):** for Dashboard, REST API, and gRPC -- **80 (tcp):** for LetsEncrypt -- **53 (udp and tcp):** for CoreDNS - This is no longer necessary as of 0.10.0, as by default DNS queries will run over WireGuard. -- **51821-518XX (udp):** for WireGuard - Netmaker needs one port per network, starting with 51821, so open up a range depending on the number of networks you plan on having. For instance, 51821-51830. - -.. code-block:: - - sudo ufw allow proto tcp from any to any port 443 && sudo ufw allow 53/udp && sudo ufw allow 53/tcp && sudo ufw allow 51821:51830/udp - -**Again, based on your cloud provider, you may additionally need to set inbound security rules for your server (for instance, on AWS). This will be dependent on your cloud provider. Be sure to check before moving on:** - - allow 443/tcp from all - - allow 80/tcp from all - - (optional) allow 53/udp and 53/tcp from all - - allow 51821-51830/udp from all - - -4. Install Netmaker -======================== - -Prepare Docker Compose ------------------------- - -**Note 1 on COREDNS_IP:** As of 0.10.0, the default installation does not require COREDNS_IP to be set. Queries will run over WireGuard. -**Note 2 on COREDNS_IP:** Depending on your cloud provider, the public IP may not be bound directly to the VM on which you are running. In such cases, CoreDNS cannot bind to this IP, and you should use the IP of the default interface on your machine in place of COREDNS_IP. This command will get you the correct IP for CoreDNS in many cases: - -.. code-block:: - - ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p' - -Now, insert the values for your base (wildcard) domain, public ip, and coredns ip. - -.. code-block:: - - wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/compose/docker-compose.contained.yml - sed -i 's/NETMAKER_BASE_DOMAIN//g' docker-compose.yml - sed -i 's/SERVER_PUBLIC_IP//g' docker-compose.yml - sed -i 's/COREDNS_IP//g' docker-compose.yml - -Generate a unique master key and insert it: - -.. code-block:: - - tr -dc A-Za-z0-9 /g' docker-compose.yml - -You may want to save this key for future use with the API. - -Prepare Caddy ------------------------- - -.. code-block:: - - wget -O /root/Caddyfile https://raw.githubusercontent.com/gravitl/netmaker/master/docker/Caddyfile - - sed -i 's/NETMAKER_BASE_DOMAIN//g' /root/Caddyfile - sed -i 's/YOUR_EMAIL//g' /root/Caddyfile - -Prepare MQ ------------------------- - - -You must retrieve the MQ configuration file for Mosquitto. - -.. code-block:: - - wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/master/docker/mosquitto.conf - - -Start Netmaker ----------------- - -``sudo docker-compose up -d`` - -navigate to dashboard. to begin using Netmaker. - -To troubleshoot issues, start with: - -``docker logs netmaker`` - -Or check out the :doc:`troubleshoooting docs <./troubleshoot>`. diff --git a/docs/_build/html/_sources/relay-server.rst.txt b/docs/_build/html/_sources/relay-server.rst.txt deleted file mode 100644 index 1364fa64..00000000 --- a/docs/_build/html/_sources/relay-server.rst.txt +++ /dev/null @@ -1,36 +0,0 @@ -===================================== -Relay Servers -===================================== - -Introduction -=============== - -.. image:: images/relay1.png - :width: 80% - :alt: Relay - :align: center - -Sometimes nodes are in hard-to-reach places. Typically this will be due to a CGNAT, Double NAT, or restrictive firewall. In such scenarios, a direct peer-to-peer connection with all other nodes might be impossible. - -For this reason, Netmaker has a Relay Server functionality. At any time you may designate a publicly reachable node (such as the Netmaker Server) as a Relay, and tell it which machines it should relay. Then, all traffic routing to and from that machine will go through the relay. This allows you to circumvent the above issues and ensure connectivity when direct measures do not work. - -Configuring a Relay -================================== - -To create a relay, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be a relay server and makes for a good default choice if you are unsure of which node to select. - -Simply click the relay button in the nodes list. Then, specify the nodes which it should relay. You can either enter the IP's directly, select from a list, or click "Select All." - -.. image:: images/ui-7.jpg - :width: 80% - :alt: Relay - :align: center - -If you choose "select all" this essentially turns your network into a hub-and-spoke network. All traffic now routes over the relay node. This can create a bottleneck and slow down your network, but in some scenarios may simplify network operations. - -After creation, you can change the list of relayed nodes by clicking "edit node" and editing the list (Field #12 below). - -.. image:: images/ui-5.jpg - :width: 40% - :alt: Relay - :align: center diff --git a/docs/_build/html/_sources/server-installation.rst.txt b/docs/_build/html/_sources/server-installation.rst.txt deleted file mode 100644 index 19629d9d..00000000 --- a/docs/_build/html/_sources/server-installation.rst.txt +++ /dev/null @@ -1,641 +0,0 @@ -================================= -Advanced Server Installation -================================= - -This section outlines installing the Netmaker server, including Netmaker, Netmaker UI, rqlite, and CoreDNS - -System Compatibility -==================== - -Netmaker will require elevated privileges to perform network operations. Netmaker has similar limitations to :doc:`netclient <./client-installation>` (client networking agent). - -Typically, Netmaker is run inside of containers (Docker). To run a non-docker installation, you must run the Netmaker binary, CoreDNS binary, database, and a web server directly on the host. Each of these components have their own individual requirements. - -The quick install guide is recommended for first-time installs. - -The following documents are meant for special cases like Kubernetes and LXC, or for more advanced setups. - - -Server Configuration Reference -========================================== - -Netmaker sets its configuration in the following order of precendence: - -1. Defaults -2. Config File -3. Environment Variables - -Variable Description ----------------------- -VERBOSITY: - **Default:** 0 - - **Description:** Specify level of logging you would like on the server. Goes up to 3 for debugging. - - -GRPC_SSL: - **Default:** "off" - - **Description:** Specifies if GRPC is going over secure GRPC or SSL. This is a setting for the clients and is passed through the access token. Can be set to "on" and "off". Set to on if SSL is configured for GRPC. - -SERVER_API_CONN_STRING - **Default:** "" - - **Description:** Allows specification of the string used to connect to the server api. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified. - -SERVER_GRPC_CONN_STRING - **Default:** "" - - **Description:** Allows specification of the string used to connect to grpc. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified. - -SERVER_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Server will perform an IP check and set automatically unless explicitly set, or DISABLE_REMOTE_IP_CHECK is set to true, in which case it defaults to 127.0.0.1 - - **Description:** Sets the SERVER_HTTP_HOST and SERVER_GRPC_HOST variables if they are unset. The address where traffic comes in. - -SERVER_HTTP_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Equals SERVER_HOST if set, "127.0.0.1" if SERVER_HOST is unset. - - **Description:** Set to make the HTTP and GRPC functions available via different interfaces/networks. - -SERVER_GRPC_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Equals SERVER_HOST if set, "127.0.0.1" if SERVER_HOST is unset. - - **Description:** Set to make the HTTP and GRPC functions available via different interfaces/networks. - -API_PORT: - **Default:** 8081 - - **Description:** The HTTP API port for Netmaker. Used for API calls / communication from front end. - -GRPC_PORT: - **Default:** 50051 - - **Description:** The GRPC port for Netmaker. Used for communications from nodes. - -MASTER_KEY: - **Default:** "secretkey" - - **Description:** The admin master key for accessing the API. Change this in any production installation. - -CORS_ALLOWED_ORIGIN: - **Default:** "*" - - **Description:** The "allowed origin" for API requests. Change to restrict where API requests can come from. - -REST_BACKEND: - **Default:** "on" - - **Description:** Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off. - -AGENT_BACKEND: - **Default:** "on" - - **Description:** Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off. - -DNS_MODE: - **Default:** "off" - - **Description:** Enables DNS Mode, meaning config files will be generated for CoreDNS. - -DATABASE: - **Default:** "sqlite" - - **Description:** Specify db type to connect with. Currently, options include "sqlite", "rqlite", and "postgres". - -SQL_CONN: - **Default:** "http://" - - **Description:** Specify the necessary string to connect with your local or remote sql database. - -SQL_HOST: - **Default:** "localhost" - - **Description:** Host where postgres is running. - -SQL_PORT: - **Default:** "5432" - - **Description:** port postgres is running. - -SQL_DB: - **Default:** "netmaker" - - **Description:** DB to use in postgres. - -SQL_USER: - **Default:** "postgres" - - **Description:** User for posgres. - -SQL_PASS: - **Default:** "nopass" - - **Description:** Password for postgres. - -CLIENT_MODE: - **Default:** "on" - - **Description:** Specifies if server should deploy itself as a node (client) in each network. May be turned to "off" for more restricted servers. - -RCE: - **Default:** "off" - - **Description:** The server enables you to set PostUp and PostDown commands for nodes, which is standard for WireGuard with wg-quick, but is also **Remote Code Execution**, which is a critical vulnerability if the server is exploited. Because of this, it's turned off by default, but if turned on, PostUp and PostDown become editable. - -SERVER_GRPC_WIREGUARD - **Depreciated:** no longer in use - -DISPLAY_KEYS - **Default:** "on" - - **Description:** If "on", will allow you to always show the key values of "access keys". This could be considered a vulnerability, so if turned "off", will only display key values once, and it is up to the users to store the key values locally. - -NODE_ID - **Default:** - - **Description:** This setting is used for HA configurations of the server, to identify between different servers. Nodes are given ID's like netmaker-1, netmaker-2, and netmaker-3. If the server is not HA, there is no reason to set this field. - -TELEMETRY - **Default:** "on" - - **Description:** If "on", the server will send anonymous telemetry data once daily, which is used to improve the product. Data sent includes counts (integer values) for the number of nodes, types of nodes, users, and networks. It also sends the version of the server. - -MQ_HOST - **Default:** (public IP of server) - - **Description:** The address of the mq server. If running from docker compose it will be "mq". If using "host networking", it will find and detect the IP of the mq container. Otherwise, need to input address. If not set, it will use the public IP of the server. the port 1883 will be appended automatically. This is the expected reachable port for MQ and cannot be changed at this time. - -HOST_NETWORK: - **Default:** "off" - - **Description:** Whether or not host networking is turned on. Only turn on if configured for host networking (see docker-compose.hostnetwork.yml). Will set host-level settings like iptables and forwarding for MQ. - -MANAGE_IPTABLES: - **Default:** "on" - - **Description:** # Sets iptables on the machine being managed in order to forward properly from wireguard interface to MQ and other services listed in "port forward services." It's better to leave this on unless you know what you're doing. - -PORT_FORWARD_SERVICES: - **Default:** "" - - **Description:** Comma-separated list of services for which to configure port forwarding on the machine. Options include "mq,dns,ssh". Typically best to leave mq and dns on. ssh can be removed.'ssh' forwards port 22 over wireguard, enabling ssh to server over wireguard. dns enables private dns over wireguard. mq enables mq. - -Config File Reference ------------------------ -A config file may be placed under config/environments/.yml. To read this file at runtime, provide the environment variable NETMAKER_ENV at runtime. For instance, dev.yml paired with ENV=dev. Netmaker will load the specified Config file. This allows you to store and manage configurations for different environments. Below is a reference Config File you may use. - -.. literalinclude:: ../config/environments/dev.yaml - :language: YAML - -Compose File - Annotated --------------------------------------- - -All environment variables and options are enabled in this file. It is the equivalent to running the "full install" from the above section. However, all environment variables are included, and are set to the default values provided by Netmaker (if the environment variable was left unset, it would not change the installation). Comments are added to each option to show how you might use it to modify your installation. - -.. literalinclude:: ../compose/docker-compose.reference.yml - :language: YAML - -Available docker-compose files ---------------------------------- - -The default options for docker-compose can be found here: https://github.com/gravitl/netmaker/tree/master/compose - -The following is a brief description of each: - -- `docker-compose.contained.yml `_ - This is the default docker-compose, used in the quick start and deployment script in the README on GitHub. It deploys Netmaker with all options included (Caddy and CoreDNS) and has "self-contained" netclients, meaning they do not affect host networking. -- `docker-compose.coredns.yml `_ - This is a simple compose used to spin up a standalone CoreDNS server. Can be useful if, for instance, you are unning Netmaker on baremetal but need CoreDNS. -- `docker-compose.hostnetwork.yml `_ - This is similar to the docker-compose.contained.yml but with a key difference: it has advanced permissions and mounts host volumes to control networking on the host level. -- `docker-compose.nocaddy.yml `_ -= This is the same as docker-compose.contained.yml but without Caddy, in case you need to use a different proxy like Nginx, Traefik, or HAProxy. -- `docker-compose.nodns.yml `_ - This is the same as docker-compose.contained.yml but without CoreDNS, in which case you will not have the Private DNS feature. -- `docker-compose.reference.yml `_ - This is the same as docker-compose.contained.yml but with all variable options on display and annotated (it's what we show right above this section). Use this to determine which variables you should add or change in your configuration. -- `docker-compose.yml `_ - This is a renamed docker-compose.contained.yml. It is meant only to act as a placeholder for what we consider the "primary" docker-compose that users should work with. - -DNS Mode Setup -==================================== - -If you plan on running the server in DNS Mode, know that a `CoreDNS Server `_ will be installed. CoreDNS is a light-weight, fast, and easy-to-configure DNS server. It is recommended to bind CoreDNS to port 53 of the host system, and it will do so by default. The clients will expect the nameserver to be on port 53, and many systems have issues resolving a different port. - -However, on your host system (for Netmaker), this may conflict with an existing process. On linux systems running systemd-resolved, there is likely a service consuming port 53. The below steps will disable systemd-resolved, and replace it with a generic (e.g. Google) nameserver. Be warned that this may have consequences for any existing private DNS configuration. - -With the latest docker-compose, it is not necessary to perform these steps. But if you are running the install and find that port 53 is blocked, you can perform the following steps, which were tested on Ubuntu 20.04 (these should be run prior to deploying the docker containers). - -.. code-block:: - - systemctl stop systemd-resolved - systemctl disable systemd-resolved - vim /etc/systemd/resolved.conf - * uncomment DNS and add 8.8.8.8 or whatever reachable nameserver is your preference * - * uncomment DNSStubListener and set to "no" * - ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf - -Port 53 should now be available for CoreDNS to use. - - -Docker Compose Install -======================= - -The most simple (and recommended) way of installing Netmaker is to use one of the provided `Docker Compose files `_. Below are instructions for several different options to install Netmaker via Docker Compose, followed by an annotated reference Docker Compose in case your use case requires additional customization. - -Test Install - No DNS, No Secure GRPC --------------------------------------------------------- - -This install will run Netmaker on a server without HTTPS using an IP address. This is not secure and not recommended, but can be helpful for testing. - -It also does not run the CoreDNS server, to simplify the deployment - -**Prerequisites:** - * server ports 80, 8081, and 50051 are not blocked by firewall - -**Notes:** - * You can change the port mappings in the Docker Compose if the listed ports are already in use. - -Assuming you have Docker and Docker Compose installed, you can just run the following, replacing **< Insert your-host IP Address Here >** with your host IP (or domain): - -.. code-block:: - - wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.test.yml - sed -i ‘s/HOST_IP/< Insert your-host IP Address Here >/g’ docker-compose.yml - docker-compose up -d` - -Traefik Proxy ------------------------- - -To install with Traefik, rather than Nginx or the default Caddy, check out this repo: https://github.com/bsherman/netmaker-traefik - - -No DNS - CoreDNS Disabled ----------------------------------------------- - -DNS Mode is currently limited to clients that can run resolvectl (systemd-resolved, see :doc:`Architecture docs <./architecture>` for more info). You may wish to disable DNS mode for various reasons. This installation option gives you the full feature set minus CoreDNS. - -To run without DNS, follow the :doc:`Quick Install <./quick-start>` guide, omitting the steps for DNS setup. In addition, when the guide has you pull (wget) the Netmaker docker-compose template, use the following link instead: - -#. ``wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.nodns.yml`` - -This template is equivalent but omits CoreDNS. - - -.. _NoDocker: - -Linux Install without Docker -============================= - -Most systems support Docker, but some do not. In such environments, there are many options for installing Netmaker. Netmaker is available as a binary file, and there is a zip file of the Netmaker UI static HTML on GitHub. Beyond the UI and Server, you may want to optionally install a database (sqlite is embedded, rqlite or postgres are supported) and CoreDNS (also optional). - -Once this is enabled and configured for a domain, you can continue with the below. The recommended server runs Ubuntu 20.04. - -Database Setup (optional) --------------------------- - -You can run the netmaker binary standalone and it will run an embedded sqlite server. Data goes in the data/ directory. Optionally, you can run PostgreSQL or rqlite. Instructions for rqlite are below. - -1. Install rqlite on your server: https://github.com/rqlite/rqlite - -2. Run rqlite: rqlited -node-id 1 ~/node.1 - -If using rqlite or postgres, you must change the DATABASE environment/config variable and enter connection details. - -Server Setup -------------- -1. **Run the install script:** - -``sudo curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netmaker-server.sh | sh -`` - -2. Check status: ``sudo journalctl -u netmaker`` -3. If any settings are incorrect such as host or mongo credentials, change them under /etc/netmaker/config/environments/< your env >.yaml and then run ``sudo systemctl restart netmaker`` - -UI Setup ------------ - -The following uses Nginx as an http server. You may alternatively use Apache or any other web server that serves static web files. - -1. Download and Unzip UI asset files -2. Copy Config to Nginx -3. Modify Default Config Path -4. Change Backend URL -5. Start Nginx - -.. code-block:: - - sudo wget -O /usr/share/nginx/html/netmaker-ui.zip https://github.com/gravitl/netmaker-ui/releases/download/latest/netmaker-ui.zip - sudo unzip /usr/share/nginx/html/netmaker-ui.zip -d /usr/share/nginx/html - sudo cp /usr/share/nginx/html/nginx.conf /etc/nginx/conf.d/default.conf - sudo sed -i 's/root \/var\/www\/html/root \/usr\/share\/nginx\/html/g' /etc/nginx/sites-available/default - sudo sh -c 'BACKEND_URL=http://:PORT /usr/share/nginx/html/generate_config_js.sh >/usr/share/nginx/html/config.js' - sudo systemctl start nginx - -CoreDNS Setup (optional) ----------------------------- - -CoreDNS is only required if you want private DNS features. Once installed, you must set the CoreDNS variables in the env settings of the server. - -See https://coredns.io/manual/toc/#installation - -Proxy / Load Balancer ------------------------- - -You will need to proxy connections to your UI and Server. By default the ports are 8081, 8082, and 50051 (grpc). This proxy should handle SSL certificates. We recommend Caddy or Nginx (you can follow the Nginx guide in these docs). The proxy must be able to handle gRPC connections. - - -.. _KubeInstall: - -Kubernetes Install -======================= - -Server Install --------------------------- - -This template assumes your cluster uses Nginx for ingress with valid wildcard certificates. If using an ingress controller other than Nginx (ex: Traefik), you will need to manually modify the Ingress entries in this template to match your environment. - -This template also requires RWX storage. Please change references to storageClassName in this template to your cluster's Storage Class. - -``wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netmaker-template.yaml`` - -Replace the NETMAKER_BASE_DOMAIN references to the base domain you would like for your Netmaker services (ui,api,grpc). Typically this will be something like **netmaker.yourwildcard.com**. - -``sed -i ‘s/NETMAKER_BASE_DOMAIN//g’ netmaker-template.yaml`` - -Now, assuming Ingress and Storage match correctly with your cluster configuration, you can install Netmaker. - -.. code-block:: - - kubectl create ns nm - kubectl config set-context --current --namespace=nm - kubectl apply -f netmaker-template.yaml -n nm - -In about 3 minutes, everything should be up and running: - -``kubectl get ingress nm-ui-ingress-nginx`` - -Netclient Daemonset --------------------------- - -The following instructions assume you have Netmaker running and a network you would like to add your cluster into. The Netmaker server does not need to be running inside of a cluster for this. - -.. code-block:: - - wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netclient-template.yaml - sed -i ‘s/ACCESS_TOKEN_VALUE/< your access token value>/g’ netclient-template.yaml - kubectl apply -f netclient-template.yaml - -For a more detailed guide on integrating Netmaker with MicroK8s, `check out this guide `_. - -Nginx Reverse Proxy Setup with https -====================================== - -The `Swag Proxy `_ makes it easy to generate a valid ssl certificate for the config bellow. Here is the `documentation `_ for the installation. - -The following file configures Netmaker as a subdomain. This config is an adaption from the swag proxy project. - -./netmaker.subdomain.conf: - -.. code-block:: nginx - - server { - listen 443 ssl; - listen [::]:443 ssl; - - server_name netmaker.*; # The external URL - client_max_body_size 0; - - # A valid https certificate is needed. - include /config/nginx/ssl.conf; - - location / { - # This config file can be found at: - # https://github.com/linuxserver/docker-swag/blob/master/root/defaults/proxy.conf - include /config/nginx/proxy.conf; - - # if you use a custom resolver to find your app, needed with swag proxy - # resolver 127.0.0.11 valid=30s; - set $upstream_app netmaker-ui; # The internal URL - set $upstream_port 80; # The internal Port - set $upstream_proto http; # the protocol that is being used - proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above - } - } - - server { - listen 443 ssl; - listen [::]:443 ssl; - - server_name backend-netmaker.*; # The external URL - client_max_body_size 0; - underscores_in_headers on; - - # A valid https certificate is needed. - include /config/nginx/ssl.conf; - - location / { - # if you use a custom resolver to find your app, needed with swag proxy - # resolver 127.0.0.11 valid=30s; - - set $upstream_app netmaker; # The internal URL - set $upstream_port 8081; # The internal Port - set $upstream_proto http; # the protocol that is being used - proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above - - # Forces the header to be the one that is visible from the outside - proxy_set_header Host backend.netmaker.example.org; # Please cange to your URL - - # Pass all headers through to the backend - proxy_pass_request_headers on; - } - } - -.. _HAInstall: - - - -Highly Available Installation (Kubernetes) -================================================== - -Netmaker comes with a Helm chart to deploy with High Availability on Kubernetes: - -.. code-block:: - - helm repo add netmaker https://gravitl.github.io/netmaker-helm/ - helm repo update - -Requirements ---------------- - -To run HA Netmaker on Kubernetes, your cluster must have the following: -- RWO and RWX Storage Classes (RWX is only required if running Netmaker with DNS Management enabled). -- An Ingress Controller and valid TLS certificates -- This chart can currently generate ingress for Nginx or Traefik Ingress with LetsEncrypt + Cert Manager -- If LetsEncrypt and CertManager are not deployed, you must manually configure certificates for your ingress - -Furthermore, the chart will by default install and use a postgresql cluster as its datastore. - -Recommended Settings: ----------------------- -A minimal HA install of Netmaker can be run with the following command: -`helm install netmaker --generate-name --set baseDomain=nm.example.com` -This install has some notable exceptions: -- Ingress **must** be manually configured post-install (need to create valid Ingress with TLS) -- Server will use "userspace" WireGuard, which is slower than kernel WG -- DNS will be disabled - -Example Installations: ------------------------- -An annotated install command: - -.. code-block:: - - helm install netmaker/netmaker --generate-name \ # generate a random id for the deploy - --set baseDomain=nm.example.com \ # the base wildcard domain to use for the netmaker api/dashboard/grpc ingress - --set replicas=3 \ # number of server replicas to deploy (3 by default) - --set ingress.enabled=true \ # deploy ingress automatically (requires nginx or traefik and cert-manager + letsencrypt) - --set ingress.className=nginx \ # ingress class to use - --set ingress.tls.issuerName=letsencrypt-prod \ # LetsEncrypt certificate issuer to use - --set dns.enabled=true \ # deploy and enable private DNS management with CoreDNS - --set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ # required fields for DNS - --set postgresql-ha.postgresql.replicaCount=2 \ # number of DB replicas to deploy (default 2) - - -The below command will install netmaker with two server replicas, a coredns server, and ingress with routes of api.nm.example.com, grpc.nm.example.com, and dashboard.nm.example.com. CoreDNS will be reachable at 10.245.75.75, and will use NFS to share a volume with Netmaker (to configure dns entries). - -.. code-block:: - - helm install netmaker/netmaker --generate-name --set baseDomain=nm.example.com \ - --set replicas=2 --set ingress.enabled=true --set dns.enabled=true \ - --set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ - --set ingress.className=nginx - -The below command will install netmaker with three server replicas (the default), **no coredns**, and ingress with routes of api.netmaker.example.com, grpc.netmaker.example.com, and dashboard.netmaker.example.com. There will be one UI replica instead of two, and one database instance instead of two. Traefik will look for a ClusterIssuer named "le-prod-2" to get valid certificates for the ingress. - -.. code-block:: - - helm3 install netmaker/netmaker --generate-name \ - --set baseDomain=netmaker.example.com --set postgresql-ha.postgresql.replicaCount=1 \ - --set ui.replicas=1 --set ingress.enabled=true \ - --set ingress.tls.issuerName=le-prod-2 --set ingress.className=traefik - -Below, we discuss the considerations for Ingress, Kernel WireGuard, and DNS. - -Ingress ----------- -To run HA Netmaker, you must have ingress installed and enabled on your cluster with valid TLS certificates (not self-signed). If you are running Nginx as your Ingress Controller and LetsEncrypt for TLS certificate management, you can run the helm install with the following settings: - -- `--set ingress.enabled=true` -- `--set ingress.annotations.cert-manager.io/cluster-issuer=` - -If you are not using Nginx or Traefik and LetsEncrypt, we recommend leaving ingress.enabled=false (default), and then manually creating the ingress objects post-install. You will need three ingress objects with TLS: - -- `dashboard.` -- `api.` -- `grpc.` - -If deploying manually, the gRPC ingress object requires special considerations. Look up the proper way to route grpc with your ingress controller. For instance, on Traefik, an IngressRouteTCP object is required. - -There are some example ingress objects in the kube/example folder. - -Kernel WireGuard ------------------- -If you have control of the Kubernetes worker node servers, we recommend **first** installing WireGuard on the hosts, and then installing HA Netmaker in Kernel mode. By default, Netmaker will install with userspace WireGuard (wireguard-go) for maximum compatibility, and to avoid needing permissions at the host level. If you have installed WireGuard on your hosts, you should install Netmaker's helm chart with the following option: - -- `--set wireguard.kernel=true` - -DNS ----------- -By Default, the helm chart will deploy without DNS enabled. To enable DNS, specify with: - -- `--set dns.enabled=true` - -This will require specifying a RWX storage class, e.g.: - -- `--set dns.RWX.storageClassName=nfs` - -This will also require specifying a service address for DNS. Choose a valid ipv4 address from the service IP CIDR for your cluster, e.g.: - -- `--set dns.clusterIP=10.245.69.69` - -**This address will only be reachable from hosts that have access to the cluster service CIDR.** It is only designed for use cases related to k8s. If you want a more general-use Netmaker server on Kubernetes for use cases outside of k8s, you will need to do one of the following: -- bind the CoreDNS service to port 53 on one of your worker nodes and set the COREDNS_ADDRESS equal to the public IP of the worker node -- Create a private Network with Netmaker and set the COREDNS_ADDRESS equal to the private address of the host running CoreDNS. For this, CoreDNS will need a node selector and will ideally run on the same host as one of the Netmaker server instances. - -Values ---------- - -To view all options for the chart, please visit the README in the code repo `here `_ . - -Highly Available Installation (VMs/Bare Metal) -================================================== - -For an enterprise Netmaker installation, you will need a server that is highly available, to ensure redundant WireGuard routing when any server goes down. To do this, you will need: - -1. A load balancer -2. 3+ Netmaker server instances -3. rqlite or PostgreSQL as the backing database - -These documents outline general HA installation guidelines. Netmaker is highly customizable to meet a wide range of enterprise environments. If you would like support with an enterprise-grade Netmaker installation, you can `schedule a consultation here `_ . - -The main consideration for this document is how to configure rqlite. Most other settings and procedures match the standardized way of making applications HA: Load balancing to multiple instances, and sharing a DB. In our case, the DB (rqlite) is distributed, making HA data more easily achievable. - -If using PostgreSQL, follow their documentation for `installing in HA mode `_ and skip step #2. - -1. Load Balancer Setup ------------------------- - -Your load balancer of choice will send requests to the Netmaker servers. Setup is similar to the various guides we have created for Nginx, Caddy, and Traefik. SSL certificates must also be configured and handled by the LB. - -2. RQLite Setup ------------------- - -RQLite is the included distributed datastore for an HA Netmaker installation. If you have a different corporate database you wish to integrate, Netmaker is easily extended to other DB's. If this is a requirement, please contact us. - -Assuming you use Rqlite, you must run it on each Netmaker server VM, or alongside that VM as a container. Setup a config.json for database credentials (password supports BCRYPT HASHING) and mount in working directory of rqlite and specify with `-auth config.json` : - -.. code-block:: - - [{ - "username": "netmaker", - "password": "", - "perms": ["all"] - }] - - -Once your servers are set up with rqlite, the first instance must be started normally, and then additional nodes must be added with the "join" command. For instance, here is the first server node: - -.. code-block:: - - sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 1 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 1.2.3.4:4001 -raft-adv-addr 1.2.3.4:4002 -auth config.json - -And here is a joining node: - -.. code-block:: - - sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 2 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 2.3.4.5:4001 -raft-adv-addr 2.3.4.5:4002 -join https://netmaker:@1.2.3.4:4001 - -- reference for rqlite setup: https://github.com/rqlite/rqlite/blob/master/DOC/CLUSTER_MGMT.md#creating-a-cluster -- reference for rqlite security: https://github.com/rqlite/rqlite/blob/master/DOC/SECURITY.md - -Once rqlite instances have been configured, the Netmaker servers can be deployed. - -3. Netmaker Setup ------------------- - -Netmaker will be started on each node with default settings, except with DATABASE=rqlite (or DATABASE=postgress) and SQL_CONN set appropriately to reach the local rqlite instance. Rqlite will maintain consistency with each Netmaker backend. - -If deploying HA with PostgreSQL, you will connect with the following settings: - -.. code-block:: - - SQL_HOST = - SQL_PORT = - SQL_DB = - SQL_USER = - SQL_PASS = - DATABASE = postgres - - -4. Other Considerations ------------------------- - -This is enough to get a functioning HA installation of Netmaker. However, you may also want to make the Netmaker UI or the CoreDNS server HA as well. The Netmaker UI can simply be added to the same servers and load balanced appropriately. For some load balancers, you may be able to do this with CoreDNS as well. - - - - diff --git a/docs/_build/html/_sources/support.rst.txt b/docs/_build/html/_sources/support.rst.txt deleted file mode 100644 index 206f46fc..00000000 --- a/docs/_build/html/_sources/support.rst.txt +++ /dev/null @@ -1,75 +0,0 @@ -========= -Support -========= - -FAQ -====== - -Is Netmaker a VPN like NordNPN? --------------------------------- - -No. Netmaker makes Virtual Networks, which are technically VPNs, but different. It's more like a corporate VPN, or a VPC (if you're familiar with AWS). Netmaker is often compared to OpenVPN, Tailscale, or Nebula. - -If you're looking to achieve self-hosted web browsing, with functionality similar to NordVPN, ExpressVPN, Surfshark, Tunnelbear, or Private Internet Access, this is probably not the project for you. Technically, you can accomplish this with Netmaker, but it would be a little like using a all-terrain vehicle for stock car racing. - -There are many good projects out there that support general internet privacy using WireGuard. Here are just a few of them: - -https://github.com/trailofbits/algo -https://github.com/pivpn/pivpn -https://github.com/subspacecloud/subspace -https://github.com/mullvad/mullvadvpn-app - -Do you have an 'Exit Nodes' feature? ---------------------------------------- - -Please see the :doc:`Egress Gateway <./egress-gateway>` documentation. - -Do you offer any business or enterprise support? ---------------------------------------------------- - -Yes, please contact info@gravitl.com or visit https://gravitl.com/plans. - - -Why the SSPL License? ----------------------- - -As of now, we think the SSPL is the best way to ensure the long-term viability of the project, but we are regularly evaluating this to see if an OSI-approved license makes more sense. - -We believe the SSPL lets most people run the project the way they want, for both for private use and business use, while giving us a path to maintain viability. We are working to make sure the guidelines clear, and do not want the license to impact the community's ability to use and modify the project. - -If you believe the SSPL will negatively impact your ability to use the project, please do not hesitate to reach out. - -Telemetry -============== - -As of v0.10.0, Netmaker collects "opt-out" telemetry data. To opt out, simply set "TELEMETRY=off" in your docker-compose file. - -Please consider participating in telemetry, as it helps us focus on the features and bug fixes which are most useful to users. Netmaker is a broad platform, and without this data, it is difficult to know where the team should spend its limited resources. - -The following is the full list of telemetry data we collect. Besides "Server Version" all data is simply an integer count: - -- Randomized server ID -- Count of nodes -- Count of "non-server" nodes -- Count of external clients -- Count of networks -- Count of users -- Count of linux nodes -- Count of freebsd nodes -- Count of macos nodes -- Count of windows nodes -- Count of docker nodes -- Count of k8s nodes -- Server version - -We use `PostHog `_, an open source and trusted framework for telemetry data. - -To look at exactly we collect telemetry, you can view the source code under serverctl/telemetry.go: https://github.com/gravitl/netmaker/blob/master/serverctl/telemetry.go - -Contact -=========== -If you need help, try the discord or open a GitHub ticket. - -Email: info@gravitl.com - -Discord: https://discord.gg/zRb9Vfhk8A diff --git a/docs/_build/html/_sources/troubleshoot.rst.txt b/docs/_build/html/_sources/troubleshoot.rst.txt deleted file mode 100644 index 6acc9fb7..00000000 --- a/docs/_build/html/_sources/troubleshoot.rst.txt +++ /dev/null @@ -1,139 +0,0 @@ -================= -Troubleshooting -================= - -Common Issues --------------- -**How can I connect my Android or IOS device to my Netmaker VPN?** - Currently meshing one of these devices is not supported, however it will be soon. - For now you can connect to your VPN by making one of the nodes an Ingress Gateway, then - create an Ext Client for each device. Finally, use the official WG app or another - WG configuration app to connect via QR or downloading the device's WireGuard configuration. - -**I've made changes to my nodes but the nodes themselves haven't updated yet, why?** - Please allow your nodes to complete a check in or two, in order to reconfigure themselves. - In some cases, it could take up to a minute or so. - -**Do I have to use access keys to join a network?** - Although keys are the preferred way to join a network, Netmaker does allow for manual node sign-ups. - Simply turn on "allow manual signups" on your network and nodes will not connect until you manually aprove each one. - -**Is there a community or forum to ask questions about Netmaker?** - Yes, we have an active `discord `_ community and issues on our `github `_ are answered frequently! - You can also sign-up for updates at our `gravitl site `_! - -**How can I get additional support for my business?** - Check out our business support subscriptions at https://gravitl.com/plans. Subscription holders can also purchase consulting credits via the site. - - -Server -------- - -**How do I use a private address from the Netmaker Server? How do I contact nodes using their private addresses from the server?** - Default nodes appear in each network with the "netmaker" name. These nodes are created by, and attached to, the server. The server is contained in docker, meaning these clients are also contained in docker. Their networking stack is also contained in docker. The "netmaker" nodes are meant to function as network utilities. They assist with UDP Hole Punching and can run Relays, Egress, and Ingress. However, they are meant to stay contained in the server. They do not touch the host networking stack. - - If you want to give the physical server / VM a private IP in the netmaker network, you must deploy an **additional** node using the standard netclient. The only note here is that the server consumes ports 51821-51831, so you will need to give it a port outside this range, e.x. `./netclient join --port 51835`. - - One a netclient is deployed to the underlying server/VM, you will be able to use the private address to reach other nodes from the host, or to reach the server over the private network. - -**I upgraded from 0.7 to 0.8 and now I dont have any data in my server!** - In 0.8, sqlite becomes the default database. If you were running with rqlite, you must set the DATABASE environment variable to rqlite in order to continue using rqlite. - -**Can I secure/encrypt all the traffic to my server and UI?** - This can fairly simple to achieve assuming you have access to a domain and are familiar with Nginx. - Please refer to the quick-start guide to see! - -**Can I connect multiple nodes (mesh clients) behind a single firewall/router?** - Yes! As of version 0.7 Netmaker supports UDP Hole Punching to allow this, without the use of a third party STUN server! - Is UDP hole punching a risk for you? Well you can turn it off and make static nodes/ports for the server to refer to as well. - -**What are the minimum specs to run the server?** - We recommend at least 1 CPU and 2 GB Memory. - -**Does this support IPv6 addressing?** - Yes, Netmaker supports IPv6 addressing. When you create a network, just make sure to turn on Dual Stack. - Nodes will be given IPv6 addresses along with their IPv4 address. It does not currently support IPv6 only. - -**Does Netmaker support Raft Consensus?** - Netmaker does not directly support it, but it uses `rqlite `_ (which supports Raft) as the database. - -**How do I uninstall Netmaker?** - There is no official uninstall script for the Netmaker server at this time. If you followed the quick-start guide, simply run ``sudo docker-compose -f docker-compose.quickstart.yml down --volumes`` - to completely wipe your server. Otherwise kill the running binary and it's up to you to remove database records/volumes. - -UI ----- -**I want to make a seperate network and give my friend access to only that network.** - Simply navigate to the UI (as an admin account). Select users in the top left and create them an account. - Select the network(s) to give them and they should be good to go! They are an admin of that network(s) only now. - -**I'm done with an access key, can I delete it?** - Simply navigate to the UI (as an admin account). Select your network of interest, then the select the ``Access Keys`` tab. - Then delete the rogue access key. - -**I can't delete my network, why?** - You **MUST** remove all nodes in a network before you can delete it. - -**Can I have multiple nodes with the same name?** - Yes, nodes can share names without issue. It may just be harder on you to know which is which. - -Netclient ------------ -**How do I connect a node to my Netmaker network with Netclient?** - First get your access token (not just access key), then run ``sudo netclient join -t ``. - **NOTE:** netclient may be under /etc/netclient/, i.e run ``sudo /etc/netclient/netclient join -t `` - -**How do I disconnect a node on a Netmaker network?** - In order to leave a Netmaker network, run ``sudo netclient leave -n `` - -**How do I check the logs of my agent on a node?** - You will need sudo/root permissions, but you can run ``sudo systemctl status netclient@`` - or you may also run ``sudo journalctl -u netclient@``. - Note for journalctl: you should hit the ``end`` key to get to view the most recent logs quickly or use ``journalctl -u netclient@ -f`` instead. - -**Can I check the configuration of my node on the node?** - **A:** Yes, on the node simply run ``sudo cat /etc/netclient/netconfig-`` and you should see what your current configuration is! - You can also see the current WireGuard configuration with ``sudo wg show`` - -**I am done with the agent on my machine, can I uninstall it?** - Yes, on the node simply run ``sudo /etc/netclient/netclient uninstall``. - -**I am running SELinux and when I reboot my node I get a permission denied in my netclient logs and it doesn't connect anymore, why?** - If you're running SELinux, it will interfere with systemd's ability to restart the client properly. Therefore, please run the following: - .. code-block:: - - sudo semanage fcontext -a -t bin_t '/etc/netclient/netclient' - sudo chcon -Rv -u system_u -t bin_t '/etc/netclient/netclient' - sudo restorecon -R -v /etc/netclient/netclient - -**I have a handshake with a peer but can't ping it, what gives?** - This is commonly due to incorrect MTU settings. Typically, it will be because MTU is too high. Try setting MTU lower on the node. This can be done via netconfig, or by editing the node in the UI. - -**I have a hard to reach machine behind a firewall or a corporate NAT, what can I do?** - In this situation you can use the Relay Server functionality introduced in Netmaker v0.8 to designate a node as a relay to your "stuck" machine. Simply click the button to make a node into a relay and tell it to relay traffic to this hard-to-reach peer. - -**I am unable to run the netclient on my OpenWRT machine, what's wrong?** - Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try: - - 1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt - - 2. Manual installation: - - - download (wget) the netclient package for your hardware from the netclient releases: https://github.com/gravitl/netmaker/releases - - rename to "netclient" - - Run as root from a bash shell on OpenWRT - - 3. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a "netclient join" command: - - - `wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh` - - ./token-convert - - Run the output on your OpenWRT machine - - -CoreDNS --------- -**Is CoreDNS required to use Netmaker?** - CoreDNS is not required. Simply start your server with ``DNS_MODE="off"``. - -**What is the minimum DNS entry value I can use?** - Netmaker supports down to two characters for DNS names for your networks domains** diff --git a/docs/_build/html/_sources/ui-reference.rst.txt b/docs/_build/html/_sources/ui-reference.rst.txt deleted file mode 100644 index 84045beb..00000000 --- a/docs/_build/html/_sources/ui-reference.rst.txt +++ /dev/null @@ -1,203 +0,0 @@ -================= -UI Reference -================= - -This page contains annotated screenshots of most UI components, detailing the configuration options of each field across Nodes, Networks, DNS, Ext Clients, Users, and more. - -Dashboard -================= - -.. image:: images/ui-1.jpg - :width: 80% - :alt: dashboard - :align: center - -Networks -================= - -Create --------- - -.. image:: images/ui-2.jpg - :width: 80% - :alt: create network - :align: center - -.. code-block:: - -(1) **Autofill:** Provides sensible defaults for network details and makes up a name. -(2) **Network Name:** The name of the network. Character limited, as this translates to the interface name on hosts (nm-) -(3) **Address Range:** The CIDR of the network. Must be a valid IPv4 Subnet and should be a private address range. -(4) **Udp Hole Punching:** Enables or disables "UDP Hole Punching" on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will "roam" frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default. -(5) **Is Local Network:** Turn on if all clients in the network will be in the same "local" network. This is a very rare situation and depends on the use case. Almost always leave this off. Turn on if you are in a large data center with a large private address space over which clients should communicate. Can also enable if using a VPC and are treating a single client as "egress" for the VPC. If enabled, fill out the address range of the local network which should determine endpoints. -(6) **Is Dual Stack:** Turn on to add private ipv6 addresses to all clients in addition to their ipv4 addresses. Not typically necessary. If on, enter a private ipv6 address range to pull from. - -Edit --------- - -.. image:: images/ui-3.jpg - :width: 80% - :alt: edit network - :align: center - -**NOTE:** With the exception of Address Ranges (1-2) any setting that affects nodes will not take effect on existing nodes. It will only set the settings on any **new** node, after the setting has been changed. - -(1) **Address Range (ipv4):** The ipv4 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.** -(2) **Address Range (ipv6):** The ipv6 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.** -(3) **Local Range:** Only relevant if "Is Local" was switched on during creation. Specifies the local range that nodes will base their Endpoint off of (note: if a node cannot find an enpoint within the range it will fallback to public ip). -(4) **Display Name:** The display name of the network. Network Name cannot be changed (acts as a unique ID) but display name can be changed. Only effects appearance in UI. -(5) **Default Interface:** The default network interface name configured on each node. This defaults to "nm-". -(6) **Default Port:** The default WireGuard port each node will attempt to use. Nodes will iterate up from this port until they find a free port. -(7) **Default PostUp:** A default post-up command to run on each node (after interface has been configured). Disabled by default to prevent RCE vulnerabilities. -(8) **Default PostDown:** A default post-down command to run on each node (after interface has been removed). Disabled by default to prevent RCE vulnerabilities. -(9) **Default Keepalive:** How often nodes should send packets to keep connection alive with all peers (in seconds). -(10) **Default Ext Client DNS:** If set, adds a "DNS=" line to each ext client config. Set this to add DNS to clients. Typically will set this to the server's public IP. -(11) **Default MTU:** Default MTU for interfaces of all clients in network. Can be useful to set lower in certain difficult environments such as Kubernetes. -(12) **Allow Node Signup Without Keys:** Allows nodes to join the network without a valid Access Key. Nodes will be put in "pending" status until approved via UI by an admin. Useful if an arbitrary number of people need to join the network and there is no easy way to distribute keys to users. -(13) **Is Dual Stack:** Enable the Dual Stack feature of networks and add ipv6 addresses to nodes. -(14) **Default Saveconfig:** Typically ignore this. Sets the SaveConfig field on wireguard config. -(15) **UDP Hole Punching:** Whether or not UDP Hole Punching is turned on (see Network Create notes). Only effects new nodes. Enables or disables "UDP Hole Punching" on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will "roam" frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default. - -Nodes -======== - -Node List -------------- - -.. image:: images/ui-4.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Search Nodes:** Look up a node by name. -(2) **Select Network:** Filter nodes by network. -(3) **Node Name:** Name of node. By default set to hostname of machine. -(4) **IP Address:** Private IP of node within network. -(5) **Network:** Network the node is in. -(6) **Egress:** Indicates if node is an egress gateway. Click to convert into egress gateway. Egress gateways route traffic from the network into a specific subnet or subnets. Egress gateways should be servers in a static location with a reliable IP. -(7) **Ingress:** Indicates if the node is an ingress. Click to convert into ingress gateway. Ingress gateways route traffic into the network over the WireGuard interface using "ext clients," which are static WireGuard config files. Ingress gateways should be servers in a static location with a reliable IP. -(8) **Relay:** Indicates if the node is a relay. Click to convert into relay. Relays route traffic to specified nodes for the network (typically hard to reach / CGNAT'ted nodes. Relays should be servers in a static location with a reliable IP. -(9) **Status:** Indicates how recently the node checked into the server. Displays "Warning" after 5 minutes and "Error" after 30 minutes without a check in. Does **not** indicate the health of the node's virtual network connections. -(10) **Delete:** Delete the node. - -Create Egress ---------------- - -.. image:: images/ui-6.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Egress Gateway Ranges:** A comma-separated list of the subnets for which the gateway will route traffic. For instance, with Kubernetes this could be both the Service Network and Pod Network. For a standard VPN, Netmaker can use a list of the public CIDR's (see the docs). Typically, this will be something like a data center network, VPC, or home network. -(2) **Interface:** The interface on the machine used to access the provided egress gateway ranges. For instance, on a typical linux machine, the interface for public traffic would be "eth0". Usually you will need to check on the machine first to find the right interface. For instance, on Linux, you can find the interface by running this: ip route get

. - - -Create Relay -------------- - -.. image:: images/ui-7.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Relay Addresses:** Specify which private addresses (of nodes) that this node should relay for. -(2) **Select Nodes:** Rather than specify by IP, you can just select from a list of node names instead. -(3) **Select All:** Rather than select a list, you can "select all", which converts the network from "pure mesh" into "hub-and-spoke", meaning there are no p2p connections, everything goes through this relay first. - -Edit Node / Node Details --------------------------- - -.. image:: images/ui-5.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **IP Address:** The primary private IP address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR. -(2) **IPv6 Address:** (Only if running dual stack) the primary private IPv6 address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR. -(3) **Local Address:** The "locally reachable" address of the node. Other nodes will take note of this to see if this node is on the same network. If so, they will use this address instead of the public "Endpoint." If running a few nodes inside of a VPC, home network, or similar, make sure the local address is populated correctly for faster and more secure inter-node communication. -(4) **Node Name:** The name of the node within the network. Hostname by default but can be anything (within the character limits). -(5) **Port:** The port used by the node locally. **This value is ignored if UDP Hole Punching is on,** because port is set dynamically every time interface is created. If UDP Hole Punching is off, the port can be set to any reasonable (and available) value you'd like for the local machine. Typi -(6) **Public Key:** (Uneditable) The public key of the node, distributed to other peers in the network. -(7) **Endpoint:** The (typically public) IP of the machine, which peers will use to reach it, in combination with the port. If changing this value, make sure Roaming is turned off, since otherwise, the node will check to see if there is a change in the public IP regularly and update it. -(8) **PostUp:** Uneditable by default to disable RCE. Commands to run after the interface is created. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands. -(9) **PostDown:** Uneditable by default to disable RCE. Commands to run after the interface is brought down. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands. -(10) **Allowed IPs:** Additional private addresses given to the node (in addition to the IPAddress and IPv6Address). Useful in some scenarios where there is a known address a server should have. Any IPs added here will be tacked onto the AllowedIPs of other peers, so this node will be shown to have multiple reachable private addresses. -(11) **Persistent Keepalive:** How often packets are sent to keep connections open with other peers. -(12) **Relay Addresses:** If "Relay" is enabled on this node, this field can be edited to add and remove nodes from the relay. So if you are currently relaying just one node but wish to relay an additional node, just add it's private IP here. -(13) **Node Expiration Datetime:** If a node should become invalid after a length of time, you can set it in this field, after which time, it will lose access to the network and will not populate to other nodes. Useful for scenarios where temporary access is granted to 3rd parties. -(14) **Last Checkin:** Unix timestamp of the last time the node checked in with the server. Used to determine generic health of node. -(15) **Mac Address:** The hardware mac address of the machine. Used to be used as the unique ID, but is being depreciated. -(16) **Network:** The network this 1node belongs to. -(17) **Egress Gateway Ranges:** If Egress is enabled, the gateway ranges that this machine routes to. -(18) **Local Range:** If IsLocal has been enabled on the network, this is the local range in which the node will look for a private address from it's local interfaces, to use as an endpoint. -(19) **Node Operating System:** The OS of the machine. -(20) **MTU:** The MTU that the node will use on the interface. If "wg show" displays a valid handshake but pings are not working, many times the issue is MTU. Making this value lower can solve this issue. Some typical values are 1024, 1280, and 1420. -(21) **Saveconfig:** Usually best to ignore this. Sets the "SaveConfig" value on wireguard config files. -(22) **Is Static:** Ports and Endpoints can be changed automatically by the netclient. Switching on "Is Static" means the port and endpoint will stay the same until you change it. This can be good to set if the machine is a server sitting in a location that is not expected to change. It is also good to have Is Static switched on for Ingress, Egress, and Relay Servers, since they should be in a reliable location. -(23) **UDP Hole Punching:** If on, the node's port will be randomized. The port and endpoint distributed to other nodes are no longer determined by the settings in this file. Instead, the node will "check in" with the server regularly. The server will track the IP and port used to open a connection, and store these values. These values then get distributed to nodes. This is helpful for getting around NAT's which may obscure the node's location. -(24) **Is DNS On:** DNS is solely handled by resolvectl at the moment, which is on many Linux distributions. For anything else, this value should remain off. If you wish to configure DNS for non-compatible systems, you must do so manually. -(25) **Dualstack:** Whether or not this machine should have both a private ipv4 address and ipv6 address. -(26) **Is Local:** If on, will only communicate over the local address (Assumes IsLocal tuned to 'yes' on the network level.) -(27) **Roaming:** If on, will check regularly for changes in the Endpoint and modify the Endpoint value appropriately. This allows a client to "roam" between wifi networks and maintain a connection. Good to keep on for machines where the public address may change. -(28) **IPforwarding:** If on, ipforwarding is enabled on the machine. Should almost always be kept on. - -Ext Clients -================ - -.. image:: images/ui-8.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Gateway Name / IP Address:** Information about which Node is the Ingress Gateway. -(2) **Add External Client:** Button to generate a new ext client. -(3) **Client ID:** The randomly-generated name of the client. Click on the ID to change the name to something sensible. -(4) **IP Address:** The private ip address of the ext client. -(5) **QR Code:** If joining form iOS or Android, open the WireGuard app and scan the QR code to join the network. -(6) **Download Client Configuration:** If joining from a laptop/desktop, download the config file and run "wg-quick up /path/to/config" -(7) **Delete:** Delete the ext client and remove its network access. - -DNS -=========== - -.. image:: images/ui-10.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **DNS Name:** The private DNS entry. Must end in "." (added automatically). This avoids conflicts between networks. -(2) **IP Address:** The IP address of the entry. Can be anything (public addresses too!) but typically a node IP. -(3) **Select Node Address:** Select a node name to populate its IP address automatically. - -Create / Edit Users -===================== - -.. image:: images/ui-11.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Username:** Specify Username. -(2) **Password:** Specify password. -(3) **Confirm Password:** Confirm password. -(4) **Make Admin:** Make into a server admin or "super admin", which has access to all networks and server-level settings. -(5) **Networks:** If not made into an "admin", select the networks which this user has access to. The user will be a "network admin" of these networks, but other networks will be invisible/unaccessible. - - -Node Graph -===================== - -.. image:: images/node-graph-1.png - :width: 80% - :alt: dashboard - :align: center - -View all nodes in your network, zoom in, zoom out, and search for node names. A legend is on the side to identify each node status / configuration. - -.. image:: images/node-graph-2.png - :width: 80% - :alt: dashboard - :align: center - -(1) **hover:** Hover over a node to see its direct connections. -(2) **Configuration Pane:** Manage the node in this pane just like you would in the Nodes pane. See the "Node List" and "Edit Node" sections for more details. diff --git a/docs/_build/html/_sources/upgrades.rst.txt b/docs/_build/html/_sources/upgrades.rst.txt deleted file mode 100644 index 1eed7977..00000000 --- a/docs/_build/html/_sources/upgrades.rst.txt +++ /dev/null @@ -1,45 +0,0 @@ -===================================== -Upgrades -===================================== - -Introduction -=============== - -As of 0.10.0, upgrading Netmaker is a manual process. This is expected to be automated in the future, but for now is still a relatively straightforward process. - -Critical Notes for 0.10.0 -============================================= - -At the time of this writing, an upgrade process has not been defined for 0.10.0. DO NOT follow this documentation to upgrade from a prior version to 0.10.0. An upgrade process will be defined shortly. For now, if you seek to upgrade to 0.10.0, you must clear your server entirely (docker-compose down --volumes), uninstall your netclients, and re-install netmaker + netclients. - -Upgrade the Server (prior to 0.10.0) -====================================== - -To upgrade the server, you only need to change the docker image versions: - -1. `ssh root@my-server-ip` -2. `docker-compose down` -3. `vi docker-compose.yml` -4. Change gravitl/netmaker: and gravitl/netmaker-ui: to the new version. -5. Save and close the file -6. `docker-compose up -d` - -Upgrade the Clients (prior to 0.10.0) -====================================== - -To upgrade the client, you must get the new client binary and place it in /etc/netclient. Depending on the new vs. old version, there may be minor incompatibilities (discussed below). - -1. Vists https://github.com/gravitl/netmaker/releases/ -2. Find the appropriate binary for your machine. -3. Download. E.x.: `wget https://github.com/gravitl/netmaker/releases/download/vX.X.X/netclient-myversion` -4. Rename binary to `netclient` and move to folder. E.x.: `mv netclient-myversion /etc/netclient/netclient` -5. `netclient --version` (confirm it's the correct version) -6. `netclient pull` - -This last step helps ensure any newly added fields are now present. You may run into a "panic" based on missing fields and your version mismatch. In such cases, you can either: - -1. Add the missing field to /etc/netclient/config/netconfig-yournetwork and then run "netclient checkin" - -or - -2. Leave and rejoin the network \ No newline at end of file diff --git a/docs/_build/html/_sources/usage.rst.txt b/docs/_build/html/_sources/usage.rst.txt deleted file mode 100644 index a81e4e0c..00000000 --- a/docs/_build/html/_sources/usage.rst.txt +++ /dev/null @@ -1,21 +0,0 @@ -================= -External Guides -================= - -Netmaker has many use cases, from a basic virtual network to an office gateway VPN to a Kubernetes underlay. It can be a bit overwhelming to figure out where to start. If you don't find your use case here, but think Netmaker is a good fit, let us know! - -Video Tutorials -================== - -* `Intro/Overview `_: Tutorial on first-time usage, setting up a mesh network. -* `Site-to-Site Gateway `_: Tutorial on setting up site-to-site connections, allowing peers to access external networks via gateways. -* `IPv6 and Private DNS `_: Tutorial on dual-stack IPv6 in Netmaker and Private DNS management (separate topics). -* `Kubernetes Networking `_: Tutorial on setting up cross-cloud Kubernetes clusters using Netmaker. - - -Written Tutorials -================== - -* `K3s Cross-cloud cluster `_: Tutorial on setting up cross-cloud K3s clusters using Netmaker. -* `MicroK8s Cross-cloud cluster `_: Tutorial on setting up cross-cloud MicroK8s clusters using Netmaker. -* `Secure access to private services `_: Tutorial on setting up secure Nextcloud with Netmaker. \ No newline at end of file diff --git a/docs/_build/html/_static/basic.css b/docs/_build/html/_static/basic.css deleted file mode 100644 index 603f6a87..00000000 --- a/docs/_build/html/_static/basic.css +++ /dev/null @@ -1,905 +0,0 @@ -/* - * basic.css - * ~~~~~~~~~ - * - * Sphinx stylesheet -- basic theme. - * - * :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS. - * :license: BSD, see LICENSE for details. - * - */ - -/* -- main layout ----------------------------------------------------------- */ - -div.clearer { - clear: both; -} - -div.section::after { - display: block; - content: ''; - clear: left; -} - -/* -- relbar ---------------------------------------------------------------- */ - -div.related { - width: 100%; - font-size: 90%; -} - -div.related h3 { - display: none; -} - -div.related ul { - margin: 0; - padding: 0 0 0 10px; - list-style: none; -} - -div.related li { - display: inline; -} - -div.related li.right { - float: right; - margin-right: 5px; -} - -/* -- sidebar --------------------------------------------------------------- */ - -div.sphinxsidebarwrapper { - padding: 10px 5px 0 10px; -} - -div.sphinxsidebar { - float: left; - width: 230px; - margin-left: -100%; - font-size: 90%; - word-wrap: break-word; - overflow-wrap : break-word; -} - -div.sphinxsidebar ul { - list-style: none; -} - -div.sphinxsidebar ul ul, -div.sphinxsidebar ul.want-points { - margin-left: 20px; - list-style: square; -} - -div.sphinxsidebar ul ul { - margin-top: 0; - margin-bottom: 0; -} - -div.sphinxsidebar form { - margin-top: 10px; -} - -div.sphinxsidebar input { - border: 1px solid #98dbcc; - font-family: sans-serif; - font-size: 1em; -} - -div.sphinxsidebar #searchbox form.search { - overflow: hidden; -} - -div.sphinxsidebar #searchbox input[type="text"] { - float: left; - width: 80%; - padding: 0.25em; - box-sizing: border-box; -} - -div.sphinxsidebar #searchbox input[type="submit"] { - float: left; - width: 20%; - border-left: none; - padding: 0.25em; - box-sizing: border-box; -} - - -img { - border: 0; - max-width: 100%; -} - -/* -- search page ----------------------------------------------------------- */ - -ul.search { - margin: 10px 0 0 20px; - padding: 0; -} - -ul.search li { - padding: 5px 0 5px 20px; - background-image: url(file.png); - background-repeat: no-repeat; - background-position: 0 7px; -} - -ul.search li a { - font-weight: bold; -} - -ul.search li p.context { - color: #888; - margin: 2px 0 0 30px; - text-align: left; -} - -ul.keywordmatches li.goodmatch a { - font-weight: bold; -} - -/* -- index page ------------------------------------------------------------ */ - -table.contentstable { - width: 90%; - margin-left: auto; - margin-right: auto; -} - -table.contentstable p.biglink { - line-height: 150%; -} - -a.biglink { - font-size: 1.3em; -} - -span.linkdescr { - font-style: italic; - padding-top: 5px; - font-size: 90%; -} - -/* -- general index --------------------------------------------------------- */ - -table.indextable { - width: 100%; -} - -table.indextable td { - text-align: left; - vertical-align: top; -} - -table.indextable ul { - margin-top: 0; - margin-bottom: 0; - list-style-type: none; -} - -table.indextable > tbody > tr > td > ul { - padding-left: 0em; -} - -table.indextable tr.pcap { - height: 10px; -} - -table.indextable tr.cap { - margin-top: 10px; - background-color: #f2f2f2; -} - -img.toggler { - margin-right: 3px; - margin-top: 3px; - cursor: pointer; -} - -div.modindex-jumpbox { - border-top: 1px solid #ddd; - border-bottom: 1px solid #ddd; - margin: 1em 0 1em 0; - padding: 0.4em; -} - -div.genindex-jumpbox { - border-top: 1px solid #ddd; - border-bottom: 1px solid #ddd; - margin: 1em 0 1em 0; - padding: 0.4em; -} - -/* -- domain module index --------------------------------------------------- */ - -table.modindextable td { - padding: 2px; - border-collapse: collapse; -} - -/* -- general body styles --------------------------------------------------- */ - -div.body { - min-width: 450px; - max-width: 800px; -} - -div.body p, div.body dd, div.body li, div.body blockquote { - -moz-hyphens: auto; - -ms-hyphens: auto; - -webkit-hyphens: auto; - hyphens: auto; -} - -a.headerlink { - visibility: hidden; -} - -a.brackets:before, -span.brackets > a:before{ - content: "["; -} - -a.brackets:after, -span.brackets > a:after { - content: "]"; -} - -h1:hover > a.headerlink, -h2:hover > a.headerlink, -h3:hover > a.headerlink, -h4:hover > a.headerlink, -h5:hover > a.headerlink, -h6:hover > a.headerlink, -dt:hover > a.headerlink, -caption:hover > a.headerlink, -p.caption:hover > a.headerlink, -div.code-block-caption:hover > a.headerlink { - visibility: visible; -} - -div.body p.caption { - text-align: inherit; -} - -div.body td { - text-align: left; -} - -.first { - margin-top: 0 !important; -} - -p.rubric { - margin-top: 30px; - font-weight: bold; -} - -img.align-left, figure.align-left, .figure.align-left, object.align-left { - clear: left; - float: left; - margin-right: 1em; -} - -img.align-right, figure.align-right, .figure.align-right, object.align-right { - clear: right; - float: right; - margin-left: 1em; -} - -img.align-center, figure.align-center, .figure.align-center, object.align-center { - display: block; - margin-left: auto; - margin-right: auto; -} - -img.align-default, figure.align-default, .figure.align-default { - display: block; - margin-left: auto; - margin-right: auto; -} - -.align-left { - text-align: left; -} - -.align-center { - text-align: center; -} - -.align-default { - text-align: center; -} - -.align-right { - text-align: right; -} - -/* -- sidebars -------------------------------------------------------------- */ - -div.sidebar, -aside.sidebar { - margin: 0 0 0.5em 1em; - border: 1px solid #ddb; - padding: 7px; - background-color: #ffe; - width: 40%; - float: right; - clear: right; - overflow-x: auto; -} - -p.sidebar-title { - font-weight: bold; -} - -div.admonition, div.topic, blockquote { - clear: left; -} - -/* -- topics ---------------------------------------------------------------- */ - -div.topic { - border: 1px solid #ccc; - padding: 7px; - margin: 10px 0 10px 0; -} - -p.topic-title { - font-size: 1.1em; - font-weight: bold; - margin-top: 10px; -} - -/* -- admonitions ----------------------------------------------------------- */ - -div.admonition { - margin-top: 10px; - margin-bottom: 10px; - padding: 7px; -} - -div.admonition dt { - font-weight: bold; -} - -p.admonition-title { - margin: 0px 10px 5px 0px; - font-weight: bold; -} - -div.body p.centered { - text-align: center; - margin-top: 25px; -} - -/* -- content of sidebars/topics/admonitions -------------------------------- */ - -div.sidebar > :last-child, -aside.sidebar > :last-child, -div.topic > :last-child, -div.admonition > :last-child { - margin-bottom: 0; -} - -div.sidebar::after, -aside.sidebar::after, -div.topic::after, -div.admonition::after, -blockquote::after { - display: block; - content: ''; - clear: both; -} - -/* -- tables ---------------------------------------------------------------- */ - -table.docutils { - margin-top: 10px; - margin-bottom: 10px; - border: 0; - border-collapse: collapse; -} - -table.align-center { - margin-left: auto; - margin-right: auto; -} - -table.align-default { - margin-left: auto; - margin-right: auto; -} - -table caption span.caption-number { - font-style: italic; -} - -table caption span.caption-text { -} - -table.docutils td, table.docutils th { - padding: 1px 8px 1px 5px; - border-top: 0; - border-left: 0; - border-right: 0; - border-bottom: 1px solid #aaa; -} - -table.footnote td, table.footnote th { - border: 0 !important; -} - -th { - text-align: left; - padding-right: 5px; -} - -table.citation { - border-left: solid 1px gray; - margin-left: 1px; -} - -table.citation td { - border-bottom: none; -} - -th > :first-child, -td > :first-child { - margin-top: 0px; -} - -th > :last-child, -td > :last-child { - margin-bottom: 0px; -} - -/* -- figures --------------------------------------------------------------- */ - -div.figure, figure { - margin: 0.5em; - padding: 0.5em; -} - -div.figure p.caption, figcaption { - padding: 0.3em; -} - -div.figure p.caption span.caption-number, -figcaption span.caption-number { - font-style: italic; -} - -div.figure p.caption span.caption-text, -figcaption span.caption-text { -} - -/* -- field list styles ----------------------------------------------------- */ - -table.field-list td, table.field-list th { - border: 0 !important; -} - -.field-list ul { - margin: 0; - padding-left: 1em; -} - -.field-list p { - margin: 0; -} - -.field-name { - -moz-hyphens: manual; - -ms-hyphens: manual; - -webkit-hyphens: manual; - hyphens: manual; -} - -/* -- hlist styles ---------------------------------------------------------- */ - -table.hlist { - margin: 1em 0; -} - -table.hlist td { - vertical-align: top; -} - -/* -- object description styles --------------------------------------------- */ - -.sig { - font-family: 'Consolas', 'Menlo', 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', monospace; -} - -.sig-name, code.descname { - background-color: transparent; - font-weight: bold; -} - -.sig-name { - font-size: 1.1em; -} - -code.descname { - font-size: 1.2em; -} - -.sig-prename, code.descclassname { - background-color: transparent; -} - -.optional { - font-size: 1.3em; -} - -.sig-paren { - font-size: larger; -} - -.sig-param.n { - font-style: italic; -} - -/* C++ specific styling */ - -.sig-inline.c-texpr, -.sig-inline.cpp-texpr { - font-family: unset; -} - -.sig.c .k, .sig.c .kt, -.sig.cpp .k, .sig.cpp .kt { - color: #0033B3; -} - -.sig.c .m, -.sig.cpp .m { - color: #1750EB; -} - -.sig.c .s, .sig.c .sc, -.sig.cpp .s, .sig.cpp .sc { - color: #067D17; -} - - -/* -- other body styles ----------------------------------------------------- */ - -ol.arabic { - list-style: decimal; -} - -ol.loweralpha { - list-style: lower-alpha; -} - -ol.upperalpha { - list-style: upper-alpha; -} - -ol.lowerroman { - list-style: lower-roman; -} - -ol.upperroman { - list-style: upper-roman; -} - -:not(li) > ol > li:first-child > :first-child, -:not(li) > ul > li:first-child > :first-child { - margin-top: 0px; -} - -:not(li) > ol > li:last-child > :last-child, -:not(li) > ul > li:last-child > :last-child { - margin-bottom: 0px; -} - -ol.simple ol p, -ol.simple ul p, -ul.simple ol p, -ul.simple ul p { - margin-top: 0; -} - -ol.simple > li:not(:first-child) > p, -ul.simple > li:not(:first-child) > p { - margin-top: 0; -} - -ol.simple p, -ul.simple p { - margin-bottom: 0; -} - -dl.footnote > dt, -dl.citation > dt { - float: left; - margin-right: 0.5em; -} - -dl.footnote > dd, -dl.citation > dd { - margin-bottom: 0em; -} - -dl.footnote > dd:after, -dl.citation > dd:after { - content: ""; - clear: both; -} - -dl.field-list { - display: grid; - grid-template-columns: fit-content(30%) auto; -} - -dl.field-list > dt { - font-weight: bold; - word-break: break-word; - padding-left: 0.5em; - padding-right: 5px; -} - -dl.field-list > dt:after { - content: ":"; -} - -dl.field-list > dd { - padding-left: 0.5em; - margin-top: 0em; - margin-left: 0em; - margin-bottom: 0em; -} - -dl { - margin-bottom: 15px; -} - -dd > :first-child { - margin-top: 0px; -} - -dd ul, dd table { - margin-bottom: 10px; -} - -dd { - margin-top: 3px; - margin-bottom: 10px; - margin-left: 30px; -} - -dl > dd:last-child, -dl > dd:last-child > :last-child { - margin-bottom: 0; -} - -dt:target, span.highlighted { - background-color: #fbe54e; -} - -rect.highlighted { - fill: #fbe54e; -} - -dl.glossary dt { - font-weight: bold; - font-size: 1.1em; -} - -.versionmodified { - font-style: italic; -} - -.system-message { - background-color: #fda; - padding: 5px; - border: 3px solid red; -} - -.footnote:target { - background-color: #ffa; -} - -.line-block { - display: block; - margin-top: 1em; - margin-bottom: 1em; -} - -.line-block .line-block { - margin-top: 0; - margin-bottom: 0; - margin-left: 1.5em; -} - -.guilabel, .menuselection { - font-family: sans-serif; -} - -.accelerator { - text-decoration: underline; -} - -.classifier { - font-style: oblique; -} - -.classifier:before { - font-style: normal; - margin: 0 0.5em; - content: ":"; - display: inline-block; -} - -abbr, acronym { - border-bottom: dotted 1px; - cursor: help; -} - -/* -- code displays --------------------------------------------------------- */ - -pre { - overflow: auto; - overflow-y: hidden; /* fixes display issues on Chrome browsers */ -} - -pre, div[class*="highlight-"] { - clear: both; -} - -span.pre { - -moz-hyphens: none; - -ms-hyphens: none; - -webkit-hyphens: none; - hyphens: none; -} - -div[class*="highlight-"] { - margin: 1em 0; -} - -td.linenos pre { - border: 0; - background-color: transparent; - color: #aaa; -} - -table.highlighttable { - display: block; -} - -table.highlighttable tbody { - display: block; -} - -table.highlighttable tr { - display: flex; -} - -table.highlighttable td { - margin: 0; - padding: 0; -} - -table.highlighttable td.linenos { - padding-right: 0.5em; -} - -table.highlighttable td.code { - flex: 1; - overflow: hidden; -} - -.highlight .hll { - display: block; -} - -div.highlight pre, -table.highlighttable pre { - margin: 0; -} - -div.code-block-caption + div { - margin-top: 0; -} - -div.code-block-caption { - margin-top: 1em; - padding: 2px 5px; - font-size: small; -} - -div.code-block-caption code { - background-color: transparent; -} - -table.highlighttable td.linenos, -span.linenos, -div.highlight span.gp { /* gp: Generic.Prompt */ - user-select: none; - -webkit-user-select: text; /* Safari fallback only */ - -webkit-user-select: none; /* Chrome/Safari */ - -moz-user-select: none; /* Firefox */ - -ms-user-select: none; /* IE10+ */ -} - -div.code-block-caption span.caption-number { - padding: 0.1em 0.3em; - font-style: italic; -} - -div.code-block-caption span.caption-text { -} - -div.literal-block-wrapper { - margin: 1em 0; -} - -code.xref, a code { - background-color: transparent; - font-weight: bold; -} - -h1 code, h2 code, h3 code, h4 code, h5 code, h6 code { - background-color: transparent; -} - -.viewcode-link { - float: right; -} - -.viewcode-back { - float: right; - font-family: sans-serif; -} - -div.viewcode-block:target { - margin: -1px -10px; - padding: 0 10px; -} - -/* -- math display ---------------------------------------------------------- */ - -img.math { - vertical-align: middle; -} - -div.body div.math p { - text-align: center; -} - -span.eqno { - float: right; -} - -span.eqno a.headerlink { - position: absolute; - z-index: 1; -} - -div.math:hover a.headerlink { - visibility: visible; -} - -/* -- printout stylesheet --------------------------------------------------- */ - -@media print { - div.document, - div.documentwrapper, - div.bodywrapper { - margin: 0 !important; - width: 100%; - } - - div.sphinxsidebar, - div.related, - div.footer, - #top-link { - display: none; - } -} \ No newline at end of file diff --git a/docs/_build/html/_static/doctools.js b/docs/_build/html/_static/doctools.js deleted file mode 100644 index 8cbf1b16..00000000 --- a/docs/_build/html/_static/doctools.js +++ /dev/null @@ -1,323 +0,0 @@ -/* - * doctools.js - * ~~~~~~~~~~~ - * - * Sphinx JavaScript utilities for all documentation. - * - * :copyright: Copyright 2007-2021 by the Sphinx team, see AUTHORS. - * :license: BSD, see LICENSE for details. - * - */ - -/** - * select a different prefix for underscore - */ -$u = _.noConflict(); - -/** - * make the code below compatible with browsers without - * an installed firebug like debugger -if (!window.console || !console.firebug) { - var names = ["log", "debug", "info", "warn", "error", "assert", "dir", - "dirxml", "group", "groupEnd", "time", "timeEnd", "count", "trace", - "profile", "profileEnd"]; - window.console = {}; - for (var i = 0; i < names.length; ++i) - window.console[names[i]] = function() {}; -} - */ - -/** - * small helper function to urldecode strings - * - * See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/decodeURIComponent#Decoding_query_parameters_from_a_URL - */ -jQuery.urldecode = function(x) { - if (!x) { - return x - } - return decodeURIComponent(x.replace(/\+/g, ' ')); -}; - -/** - * small helper function to urlencode strings - */ -jQuery.urlencode = encodeURIComponent; - -/** - * This function returns the parsed url parameters of the - * current request. Multiple values per key are supported, - * it will always return arrays of strings for the value parts. - */ -jQuery.getQueryParameters = function(s) { - if (typeof s === 'undefined') - s = document.location.search; - var parts = s.substr(s.indexOf('?') + 1).split('&'); - var result = {}; - for (var i = 0; i < parts.length; i++) { - var tmp = parts[i].split('=', 2); - var key = jQuery.urldecode(tmp[0]); - var value = jQuery.urldecode(tmp[1]); - if (key in result) - result[key].push(value); - else - result[key] = [value]; - } - return result; -}; - -/** - * highlight a given string on a jquery object by wrapping it in - * span elements with the given class name. - */ -jQuery.fn.highlightText = function(text, className) { - function highlight(node, addItems) { - if (node.nodeType === 3) { - var val = node.nodeValue; - var pos = val.toLowerCase().indexOf(text); - if (pos >= 0 && - !jQuery(node.parentNode).hasClass(className) && - !jQuery(node.parentNode).hasClass("nohighlight")) { - var span; - var isInSVG = jQuery(node).closest("body, svg, foreignObject").is("svg"); - if (isInSVG) { - span = document.createElementNS("http://www.w3.org/2000/svg", "tspan"); - } else { - span = document.createElement("span"); - span.className = className; - } - span.appendChild(document.createTextNode(val.substr(pos, text.length))); - node.parentNode.insertBefore(span, node.parentNode.insertBefore( - document.createTextNode(val.substr(pos + text.length)), - node.nextSibling)); - node.nodeValue = val.substr(0, pos); - if (isInSVG) { - var rect = document.createElementNS("http://www.w3.org/2000/svg", "rect"); - var bbox = node.parentElement.getBBox(); - rect.x.baseVal.value = bbox.x; - rect.y.baseVal.value = bbox.y; - rect.width.baseVal.value = bbox.width; - rect.height.baseVal.value = bbox.height; - rect.setAttribute('class', className); - addItems.push({ - "parent": node.parentNode, - "target": rect}); - } - } - } - else if (!jQuery(node).is("button, select, textarea")) { - jQuery.each(node.childNodes, function() { - highlight(this, addItems); - }); - } - } - var addItems = []; - var result = this.each(function() { - highlight(this, addItems); - }); - for (var i = 0; i < addItems.length; ++i) { - jQuery(addItems[i].parent).before(addItems[i].target); - } - return result; -}; - -/* - * backward compatibility for jQuery.browser - * This will be supported until firefox bug is fixed. - */ -if (!jQuery.browser) { - jQuery.uaMatch = function(ua) { - ua = ua.toLowerCase(); - - var match = /(chrome)[ \/]([\w.]+)/.exec(ua) || - /(webkit)[ \/]([\w.]+)/.exec(ua) || - /(opera)(?:.*version|)[ \/]([\w.]+)/.exec(ua) || - /(msie) ([\w.]+)/.exec(ua) || - ua.indexOf("compatible") < 0 && /(mozilla)(?:.*? rv:([\w.]+)|)/.exec(ua) || - []; - - return { - browser: match[ 1 ] || "", - version: match[ 2 ] || "0" - }; - }; - jQuery.browser = {}; - jQuery.browser[jQuery.uaMatch(navigator.userAgent).browser] = true; -} - -/** - * Small JavaScript module for the documentation. - */ -var Documentation = { - - init : function() { - this.fixFirefoxAnchorBug(); - this.highlightSearchWords(); - this.initIndexTable(); - if (DOCUMENTATION_OPTIONS.NAVIGATION_WITH_KEYS) { - this.initOnKeyListeners(); - } - }, - - /** - * i18n support - */ - TRANSLATIONS : {}, - PLURAL_EXPR : function(n) { return n === 1 ? 0 : 1; }, - LOCALE : 'unknown', - - // gettext and ngettext don't access this so that the functions - // can safely bound to a different name (_ = Documentation.gettext) - gettext : function(string) { - var translated = Documentation.TRANSLATIONS[string]; - if (typeof translated === 'undefined') - return string; - return (typeof translated === 'string') ? translated : translated[0]; - }, - - ngettext : function(singular, plural, n) { - var translated = Documentation.TRANSLATIONS[singular]; - if (typeof translated === 'undefined') - return (n == 1) ? singular : plural; - return translated[Documentation.PLURALEXPR(n)]; - }, - - addTranslations : function(catalog) { - for (var key in catalog.messages) - this.TRANSLATIONS[key] = catalog.messages[key]; - this.PLURAL_EXPR = new Function('n', 'return +(' + catalog.plural_expr + ')'); - this.LOCALE = catalog.locale; - }, - - /** - * add context elements like header anchor links - */ - addContextElements : function() { - $('div[id] > :header:first').each(function() { - $('\u00B6'). - attr('href', '#' + this.id). - attr('title', _('Permalink to this headline')). - appendTo(this); - }); - $('dt[id]').each(function() { - $('\u00B6'). - attr('href', '#' + this.id). - attr('title', _('Permalink to this definition')). - appendTo(this); - }); - }, - - /** - * workaround a firefox stupidity - * see: https://bugzilla.mozilla.org/show_bug.cgi?id=645075 - */ - fixFirefoxAnchorBug : function() { - if (document.location.hash && $.browser.mozilla) - window.setTimeout(function() { - document.location.href += ''; - }, 10); - }, - - /** - * highlight the search words provided in the url in the text - */ - highlightSearchWords : function() { - var params = $.getQueryParameters(); - var terms = (params.highlight) ? params.highlight[0].split(/\s+/) : []; - if (terms.length) { - var body = $('div.body'); - if (!body.length) { - body = $('body'); - } - window.setTimeout(function() { - $.each(terms, function() { - body.highlightText(this.toLowerCase(), 'highlighted'); - }); - }, 10); - $('

' + _('Hide Search Matches') + '

') - .appendTo($('#searchbox')); - } - }, - - /** - * init the domain index toggle buttons - */ - initIndexTable : function() { - var togglers = $('img.toggler').click(function() { - var src = $(this).attr('src'); - var idnum = $(this).attr('id').substr(7); - $('tr.cg-' + idnum).toggle(); - if (src.substr(-9) === 'minus.png') - $(this).attr('src', src.substr(0, src.length-9) + 'plus.png'); - else - $(this).attr('src', src.substr(0, src.length-8) + 'minus.png'); - }).css('display', ''); - if (DOCUMENTATION_OPTIONS.COLLAPSE_INDEX) { - togglers.click(); - } - }, - - /** - * helper function to hide the search marks again - */ - hideSearchWords : function() { - $('#searchbox .highlight-link').fadeOut(300); - $('span.highlighted').removeClass('highlighted'); - }, - - /** - * make the url absolute - */ - makeURL : function(relativeURL) { - return DOCUMENTATION_OPTIONS.URL_ROOT + '/' + relativeURL; - }, - - /** - * get the current relative url - */ - getCurrentURL : function() { - var path = document.location.pathname; - var parts = path.split(/\//); - $.each(DOCUMENTATION_OPTIONS.URL_ROOT.split(/\//), function() { - if (this === '..') - parts.pop(); - }); - var url = parts.join('/'); - return path.substring(url.lastIndexOf('/') + 1, path.length - 1); - }, - - initOnKeyListeners: function() { - $(document).keydown(function(event) { - var activeElementType = document.activeElement.tagName; - // don't navigate when in search box, textarea, dropdown or button - if (activeElementType !== 'TEXTAREA' && activeElementType !== 'INPUT' && activeElementType !== 'SELECT' - && activeElementType !== 'BUTTON' && !event.altKey && !event.ctrlKey && !event.metaKey - && !event.shiftKey) { - switch (event.keyCode) { - case 37: // left - var prevHref = $('link[rel="prev"]').prop('href'); - if (prevHref) { - window.location.href = prevHref; - return false; - } - break; - case 39: // right - var nextHref = $('link[rel="next"]').prop('href'); - if (nextHref) { - window.location.href = nextHref; - return false; - } - break; - } - } - }); - } -}; - -// quick alias for translations -_ = Documentation.gettext; - -$(document).ready(function() { - Documentation.init(); -}); diff --git a/docs/_build/html/_static/documentation_options.js b/docs/_build/html/_static/documentation_options.js deleted file mode 100644 index c07851f2..00000000 --- a/docs/_build/html/_static/documentation_options.js +++ /dev/null @@ -1,12 +0,0 @@ -var DOCUMENTATION_OPTIONS = { - URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'), - VERSION: '0.10.0', - LANGUAGE: 'None', - COLLAPSE_INDEX: false, - BUILDER: 'html', - FILE_SUFFIX: '.html', - LINK_SUFFIX: '.html', - HAS_SOURCE: true, - SOURCELINK_SUFFIX: '.txt', - NAVIGATION_WITH_KEYS: false -}; \ No newline at end of file diff --git a/docs/_build/html/_static/file.png b/docs/_build/html/_static/file.png deleted file mode 100644 index a858a410..00000000 Binary files a/docs/_build/html/_static/file.png and /dev/null differ diff --git a/docs/_build/html/_static/fonts/font-awesome.css b/docs/_build/html/_static/fonts/font-awesome.css deleted file mode 100644 index b476b53e..00000000 --- a/docs/_build/html/_static/fonts/font-awesome.css +++ /dev/null @@ -1,4 +0,0 @@ -/*! - * Font Awesome 4.7.0 by @davegandy - http://fontawesome.io - @fontawesome - * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) - */@font-face{font-family:FontAwesome;font-style:normal;font-weight:400;src:url("specimen/FontAwesome.woff2") format("woff2"),url("specimen/FontAwesome.woff") format("woff"),url("specimen/FontAwesome.ttf") format("truetype")}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.28571429em;text-align:center}.fa-ul{padding-left:0;margin-left:2.14285714em;list-style-type:none}.fa-ul>li{position:relative}.fa-li{position:absolute;left:-2.14285714em;width:2.14285714em;top:.14285714em;text-align:center}.fa-li.fa-lg{left:-1.85714286em}.fa-border{padding:.2em .25em .15em;border:solid .08em #eee;border-radius:.1em}.fa-pull-left{float:left}.fa-pull-right{float:right}.fa.fa-pull-left{margin-right:.3em}.fa.fa-pull-right{margin-left:.3em}.pull-right{float:right}.pull-left{float:left}.fa.pull-left{margin-right:.3em}.fa.pull-right{margin-left:.3em}.fa-spin{-webkit-animation:fa-spin 2s infinite linear;animation:fa-spin 2s infinite linear}.fa-pulse{-webkit-animation:fa-spin 1s infinite steps(8);animation:fa-spin 1s infinite steps(8)}@-webkit-keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes fa-spin{0%{-webkit-transform:rotate(0deg);transform:rotate(0deg)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}.fa-rotate-90{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=1)";-webkit-transform:rotate(90deg);-ms-transform:rotate(90deg);transform:rotate(90deg)}.fa-rotate-180{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2)";-webkit-transform:rotate(180deg);-ms-transform:rotate(180deg);transform:rotate(180deg)}.fa-rotate-270{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=3)";-webkit-transform:rotate(270deg);-ms-transform:rotate(270deg);transform:rotate(270deg)}.fa-flip-horizontal{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=0, mirror=1)";-webkit-transform:scale(-1,1);-ms-transform:scale(-1,1);transform:scale(-1,1)}.fa-flip-vertical{-ms-filter:"progid:DXImageTransform.Microsoft.BasicImage(rotation=2, mirror=1)";-webkit-transform:scale(1,-1);-ms-transform:scale(1,-1);transform:scale(1,-1)}:root .fa-rotate-90,:root .fa-rotate-180,:root .fa-rotate-270,:root .fa-flip-horizontal,:root .fa-flip-vertical{filter:none}.fa-stack{position:relative;display:inline-block;width:2em;height:2em;line-height:2em;vertical-align:middle}.fa-stack-1x,.fa-stack-2x{position:absolute;left:0;width:100%;text-align:center}.fa-stack-1x{line-height:inherit}.fa-stack-2x{font-size:2em}.fa-inverse{color:#fff}.fa-glass:before{content:"\f000"}.fa-music:before{content:"\f001"}.fa-search:before{content:"\f002"}.fa-envelope-o:before{content:"\f003"}.fa-heart:before{content:"\f004"}.fa-star:before{content:"\f005"}.fa-star-o:before{content:"\f006"}.fa-user:before{content:"\f007"}.fa-film:before{content:"\f008"}.fa-th-large:before{content:"\f009"}.fa-th:before{content:"\f00a"}.fa-th-list:before{content:"\f00b"}.fa-check:before{content:"\f00c"}.fa-remove:before,.fa-close:before,.fa-times:before{content:"\f00d"}.fa-search-plus:before{content:"\f00e"}.fa-search-minus:before{content:"\f010"}.fa-power-off:before{content:"\f011"}.fa-signal:before{content:"\f012"}.fa-gear:before,.fa-cog:before{content:"\f013"}.fa-trash-o:before{content:"\f014"}.fa-home:before{content:"\f015"}.fa-file-o:before{content:"\f016"}.fa-clock-o:before{content:"\f017"}.fa-road:before{content:"\f018"}.fa-download:before{content:"\f019"}.fa-arrow-circle-o-down:before{content:"\f01a"}.fa-arrow-circle-o-up:before{content:"\f01b"}.fa-inbox:before{content:"\f01c"}.fa-play-circle-o:before{content:"\f01d"}.fa-rotate-right:before,.fa-repeat:before{content:"\f01e"}.fa-refresh:before{content:"\f021"}.fa-list-alt:before{content:"\f022"}.fa-lock:before{content:"\f023"}.fa-flag:before{content:"\f024"}.fa-headphones:before{content:"\f025"}.fa-volume-off:before{content:"\f026"}.fa-volume-down:before{content:"\f027"}.fa-volume-up:before{content:"\f028"}.fa-qrcode:before{content:"\f029"}.fa-barcode:before{content:"\f02a"}.fa-tag:before{content:"\f02b"}.fa-tags:before{content:"\f02c"}.fa-book:before{content:"\f02d"}.fa-bookmark:before{content:"\f02e"}.fa-print:before{content:"\f02f"}.fa-camera:before{content:"\f030"}.fa-font:before{content:"\f031"}.fa-bold:before{content:"\f032"}.fa-italic:before{content:"\f033"}.fa-text-height:before{content:"\f034"}.fa-text-width:before{content:"\f035"}.fa-align-left:before{content:"\f036"}.fa-align-center:before{content:"\f037"}.fa-align-right:before{content:"\f038"}.fa-align-justify:before{content:"\f039"}.fa-list:before{content:"\f03a"}.fa-dedent:before,.fa-outdent:before{content:"\f03b"}.fa-indent:before{content:"\f03c"}.fa-video-camera:before{content:"\f03d"}.fa-photo:before,.fa-image:before,.fa-picture-o:before{content:"\f03e"}.fa-pencil:before{content:"\f040"}.fa-map-marker:before{content:"\f041"}.fa-adjust:before{content:"\f042"}.fa-tint:before{content:"\f043"}.fa-edit:before,.fa-pencil-square-o:before{content:"\f044"}.fa-share-square-o:before{content:"\f045"}.fa-check-square-o:before{content:"\f046"}.fa-arrows:before{content:"\f047"}.fa-step-backward:before{content:"\f048"}.fa-fast-backward:before{content:"\f049"}.fa-backward:before{content:"\f04a"}.fa-play:before{content:"\f04b"}.fa-pause:before{content:"\f04c"}.fa-stop:before{content:"\f04d"}.fa-forward:before{content:"\f04e"}.fa-fast-forward:before{content:"\f050"}.fa-step-forward:before{content:"\f051"}.fa-eject:before{content:"\f052"}.fa-chevron-left:before{content:"\f053"}.fa-chevron-right:before{content:"\f054"}.fa-plus-circle:before{content:"\f055"}.fa-minus-circle:before{content:"\f056"}.fa-times-circle:before{content:"\f057"}.fa-check-circle:before{content:"\f058"}.fa-question-circle:before{content:"\f059"}.fa-info-circle:before{content:"\f05a"}.fa-crosshairs:before{content:"\f05b"}.fa-times-circle-o:before{content:"\f05c"}.fa-check-circle-o:before{content:"\f05d"}.fa-ban:before{content:"\f05e"}.fa-arrow-left:before{content:"\f060"}.fa-arrow-right:before{content:"\f061"}.fa-arrow-up:before{content:"\f062"}.fa-arrow-down:before{content:"\f063"}.fa-mail-forward:before,.fa-share:before{content:"\f064"}.fa-expand:before{content:"\f065"}.fa-compress:before{content:"\f066"}.fa-plus:before{content:"\f067"}.fa-minus:before{content:"\f068"}.fa-asterisk:before{content:"\f069"}.fa-exclamation-circle:before{content:"\f06a"}.fa-gift:before{content:"\f06b"}.fa-leaf:before{content:"\f06c"}.fa-fire:before{content:"\f06d"}.fa-eye:before{content:"\f06e"}.fa-eye-slash:before{content:"\f070"}.fa-warning:before,.fa-exclamation-triangle:before{content:"\f071"}.fa-plane:before{content:"\f072"}.fa-calendar:before{content:"\f073"}.fa-random:before{content:"\f074"}.fa-comment:before{content:"\f075"}.fa-magnet:before{content:"\f076"}.fa-chevron-up:before{content:"\f077"}.fa-chevron-down:before{content:"\f078"}.fa-retweet:before{content:"\f079"}.fa-shopping-cart:before{content:"\f07a"}.fa-folder:before{content:"\f07b"}.fa-folder-open:before{content:"\f07c"}.fa-arrows-v:before{content:"\f07d"}.fa-arrows-h:before{content:"\f07e"}.fa-bar-chart-o:before,.fa-bar-chart:before{content:"\f080"}.fa-twitter-square:before{content:"\f081"}.fa-facebook-square:before{content:"\f082"}.fa-camera-retro:before{content:"\f083"}.fa-key:before{content:"\f084"}.fa-gears:before,.fa-cogs:before{content:"\f085"}.fa-comments:before{content:"\f086"}.fa-thumbs-o-up:before{content:"\f087"}.fa-thumbs-o-down:before{content:"\f088"}.fa-star-half:before{content:"\f089"}.fa-heart-o:before{content:"\f08a"}.fa-sign-out:before{content:"\f08b"}.fa-linkedin-square:before{content:"\f08c"}.fa-thumb-tack:before{content:"\f08d"}.fa-external-link:before{content:"\f08e"}.fa-sign-in:before{content:"\f090"}.fa-trophy:before{content:"\f091"}.fa-github-square:before{content:"\f092"}.fa-upload:before{content:"\f093"}.fa-lemon-o:before{content:"\f094"}.fa-phone:before{content:"\f095"}.fa-square-o:before{content:"\f096"}.fa-bookmark-o:before{content:"\f097"}.fa-phone-square:before{content:"\f098"}.fa-twitter:before{content:"\f099"}.fa-facebook-f:before,.fa-facebook:before{content:"\f09a"}.fa-github:before{content:"\f09b"}.fa-unlock:before{content:"\f09c"}.fa-credit-card:before{content:"\f09d"}.fa-feed:before,.fa-rss:before{content:"\f09e"}.fa-hdd-o:before{content:"\f0a0"}.fa-bullhorn:before{content:"\f0a1"}.fa-bell:before{content:"\f0f3"}.fa-certificate:before{content:"\f0a3"}.fa-hand-o-right:before{content:"\f0a4"}.fa-hand-o-left:before{content:"\f0a5"}.fa-hand-o-up:before{content:"\f0a6"}.fa-hand-o-down:before{content:"\f0a7"}.fa-arrow-circle-left:before{content:"\f0a8"}.fa-arrow-circle-right:before{content:"\f0a9"}.fa-arrow-circle-up:before{content:"\f0aa"}.fa-arrow-circle-down:before{content:"\f0ab"}.fa-globe:before{content:"\f0ac"}.fa-wrench:before{content:"\f0ad"}.fa-tasks:before{content:"\f0ae"}.fa-filter:before{content:"\f0b0"}.fa-briefcase:before{content:"\f0b1"}.fa-arrows-alt:before{content:"\f0b2"}.fa-group:before,.fa-users:before{content:"\f0c0"}.fa-chain:before,.fa-link:before{content:"\f0c1"}.fa-cloud:before{content:"\f0c2"}.fa-flask:before{content:"\f0c3"}.fa-cut:before,.fa-scissors:before{content:"\f0c4"}.fa-copy:before,.fa-files-o:before{content:"\f0c5"}.fa-paperclip:before{content:"\f0c6"}.fa-save:before,.fa-floppy-o:before{content:"\f0c7"}.fa-square:before{content:"\f0c8"}.fa-navicon:before,.fa-reorder:before,.fa-bars:before{content:"\f0c9"}.fa-list-ul:before{content:"\f0ca"}.fa-list-ol:before{content:"\f0cb"}.fa-strikethrough:before{content:"\f0cc"}.fa-underline:before{content:"\f0cd"}.fa-table:before{content:"\f0ce"}.fa-magic:before{content:"\f0d0"}.fa-truck:before{content:"\f0d1"}.fa-pinterest:before{content:"\f0d2"}.fa-pinterest-square:before{content:"\f0d3"}.fa-google-plus-square:before{content:"\f0d4"}.fa-google-plus:before{content:"\f0d5"}.fa-money:before{content:"\f0d6"}.fa-caret-down:before{content:"\f0d7"}.fa-caret-up:before{content:"\f0d8"}.fa-caret-left:before{content:"\f0d9"}.fa-caret-right:before{content:"\f0da"}.fa-columns:before{content:"\f0db"}.fa-unsorted:before,.fa-sort:before{content:"\f0dc"}.fa-sort-down:before,.fa-sort-desc:before{content:"\f0dd"}.fa-sort-up:before,.fa-sort-asc:before{content:"\f0de"}.fa-envelope:before{content:"\f0e0"}.fa-linkedin:before{content:"\f0e1"}.fa-rotate-left:before,.fa-undo:before{content:"\f0e2"}.fa-legal:before,.fa-gavel:before{content:"\f0e3"}.fa-dashboard:before,.fa-tachometer:before{content:"\f0e4"}.fa-comment-o:before{content:"\f0e5"}.fa-comments-o:before{content:"\f0e6"}.fa-flash:before,.fa-bolt:before{content:"\f0e7"}.fa-sitemap:before{content:"\f0e8"}.fa-umbrella:before{content:"\f0e9"}.fa-paste:before,.fa-clipboard:before{content:"\f0ea"}.fa-lightbulb-o:before{content:"\f0eb"}.fa-exchange:before{content:"\f0ec"}.fa-cloud-download:before{content:"\f0ed"}.fa-cloud-upload:before{content:"\f0ee"}.fa-user-md:before{content:"\f0f0"}.fa-stethoscope:before{content:"\f0f1"}.fa-suitcase:before{content:"\f0f2"}.fa-bell-o:before{content:"\f0a2"}.fa-coffee:before{content:"\f0f4"}.fa-cutlery:before{content:"\f0f5"}.fa-file-text-o:before{content:"\f0f6"}.fa-building-o:before{content:"\f0f7"}.fa-hospital-o:before{content:"\f0f8"}.fa-ambulance:before{content:"\f0f9"}.fa-medkit:before{content:"\f0fa"}.fa-fighter-jet:before{content:"\f0fb"}.fa-beer:before{content:"\f0fc"}.fa-h-square:before{content:"\f0fd"}.fa-plus-square:before{content:"\f0fe"}.fa-angle-double-left:before{content:"\f100"}.fa-angle-double-right:before{content:"\f101"}.fa-angle-double-up:before{content:"\f102"}.fa-angle-double-down:before{content:"\f103"}.fa-angle-left:before{content:"\f104"}.fa-angle-right:before{content:"\f105"}.fa-angle-up:before{content:"\f106"}.fa-angle-down:before{content:"\f107"}.fa-desktop:before{content:"\f108"}.fa-laptop:before{content:"\f109"}.fa-tablet:before{content:"\f10a"}.fa-mobile-phone:before,.fa-mobile:before{content:"\f10b"}.fa-circle-o:before{content:"\f10c"}.fa-quote-left:before{content:"\f10d"}.fa-quote-right:before{content:"\f10e"}.fa-spinner:before{content:"\f110"}.fa-circle:before{content:"\f111"}.fa-mail-reply:before,.fa-reply:before{content:"\f112"}.fa-github-alt:before{content:"\f113"}.fa-folder-o:before{content:"\f114"}.fa-folder-open-o:before{content:"\f115"}.fa-smile-o:before{content:"\f118"}.fa-frown-o:before{content:"\f119"}.fa-meh-o:before{content:"\f11a"}.fa-gamepad:before{content:"\f11b"}.fa-keyboard-o:before{content:"\f11c"}.fa-flag-o:before{content:"\f11d"}.fa-flag-checkered:before{content:"\f11e"}.fa-terminal:before{content:"\f120"}.fa-code:before{content:"\f121"}.fa-mail-reply-all:before,.fa-reply-all:before{content:"\f122"}.fa-star-half-empty:before,.fa-star-half-full:before,.fa-star-half-o:before{content:"\f123"}.fa-location-arrow:before{content:"\f124"}.fa-crop:before{content:"\f125"}.fa-code-fork:before{content:"\f126"}.fa-unlink:before,.fa-chain-broken:before{content:"\f127"}.fa-question:before{content:"\f128"}.fa-info:before{content:"\f129"}.fa-exclamation:before{content:"\f12a"}.fa-superscript:before{content:"\f12b"}.fa-subscript:before{content:"\f12c"}.fa-eraser:before{content:"\f12d"}.fa-puzzle-piece:before{content:"\f12e"}.fa-microphone:before{content:"\f130"}.fa-microphone-slash:before{content:"\f131"}.fa-shield:before{content:"\f132"}.fa-calendar-o:before{content:"\f133"}.fa-fire-extinguisher:before{content:"\f134"}.fa-rocket:before{content:"\f135"}.fa-maxcdn:before{content:"\f136"}.fa-chevron-circle-left:before{content:"\f137"}.fa-chevron-circle-right:before{content:"\f138"}.fa-chevron-circle-up:before{content:"\f139"}.fa-chevron-circle-down:before{content:"\f13a"}.fa-html5:before{content:"\f13b"}.fa-css3:before{content:"\f13c"}.fa-anchor:before{content:"\f13d"}.fa-unlock-alt:before{content:"\f13e"}.fa-bullseye:before{content:"\f140"}.fa-ellipsis-h:before{content:"\f141"}.fa-ellipsis-v:before{content:"\f142"}.fa-rss-square:before{content:"\f143"}.fa-play-circle:before{content:"\f144"}.fa-ticket:before{content:"\f145"}.fa-minus-square:before{content:"\f146"}.fa-minus-square-o:before{content:"\f147"}.fa-level-up:before{content:"\f148"}.fa-level-down:before{content:"\f149"}.fa-check-square:before{content:"\f14a"}.fa-pencil-square:before{content:"\f14b"}.fa-external-link-square:before{content:"\f14c"}.fa-share-square:before{content:"\f14d"}.fa-compass:before{content:"\f14e"}.fa-toggle-down:before,.fa-caret-square-o-down:before{content:"\f150"}.fa-toggle-up:before,.fa-caret-square-o-up:before{content:"\f151"}.fa-toggle-right:before,.fa-caret-square-o-right:before{content:"\f152"}.fa-euro:before,.fa-eur:before{content:"\f153"}.fa-gbp:before{content:"\f154"}.fa-dollar:before,.fa-usd:before{content:"\f155"}.fa-rupee:before,.fa-inr:before{content:"\f156"}.fa-cny:before,.fa-rmb:before,.fa-yen:before,.fa-jpy:before{content:"\f157"}.fa-ruble:before,.fa-rouble:before,.fa-rub:before{content:"\f158"}.fa-won:before,.fa-krw:before{content:"\f159"}.fa-bitcoin:before,.fa-btc:before{content:"\f15a"}.fa-file:before{content:"\f15b"}.fa-file-text:before{content:"\f15c"}.fa-sort-alpha-asc:before{content:"\f15d"}.fa-sort-alpha-desc:before{content:"\f15e"}.fa-sort-amount-asc:before{content:"\f160"}.fa-sort-amount-desc:before{content:"\f161"}.fa-sort-numeric-asc:before{content:"\f162"}.fa-sort-numeric-desc:before{content:"\f163"}.fa-thumbs-up:before{content:"\f164"}.fa-thumbs-down:before{content:"\f165"}.fa-youtube-square:before{content:"\f166"}.fa-youtube:before{content:"\f167"}.fa-xing:before{content:"\f168"}.fa-xing-square:before{content:"\f169"}.fa-youtube-play:before{content:"\f16a"}.fa-dropbox:before{content:"\f16b"}.fa-stack-overflow:before{content:"\f16c"}.fa-instagram:before{content:"\f16d"}.fa-flickr:before{content:"\f16e"}.fa-adn:before{content:"\f170"}.fa-bitbucket:before{content:"\f171"}.fa-bitbucket-square:before{content:"\f172"}.fa-tumblr:before{content:"\f173"}.fa-tumblr-square:before{content:"\f174"}.fa-long-arrow-down:before{content:"\f175"}.fa-long-arrow-up:before{content:"\f176"}.fa-long-arrow-left:before{content:"\f177"}.fa-long-arrow-right:before{content:"\f178"}.fa-apple:before{content:"\f179"}.fa-windows:before{content:"\f17a"}.fa-android:before{content:"\f17b"}.fa-linux:before{content:"\f17c"}.fa-dribbble:before{content:"\f17d"}.fa-skype:before{content:"\f17e"}.fa-foursquare:before{content:"\f180"}.fa-trello:before{content:"\f181"}.fa-female:before{content:"\f182"}.fa-male:before{content:"\f183"}.fa-gittip:before,.fa-gratipay:before{content:"\f184"}.fa-sun-o:before{content:"\f185"}.fa-moon-o:before{content:"\f186"}.fa-archive:before{content:"\f187"}.fa-bug:before{content:"\f188"}.fa-vk:before{content:"\f189"}.fa-weibo:before{content:"\f18a"}.fa-renren:before{content:"\f18b"}.fa-pagelines:before{content:"\f18c"}.fa-stack-exchange:before{content:"\f18d"}.fa-arrow-circle-o-right:before{content:"\f18e"}.fa-arrow-circle-o-left:before{content:"\f190"}.fa-toggle-left:before,.fa-caret-square-o-left:before{content:"\f191"}.fa-dot-circle-o:before{content:"\f192"}.fa-wheelchair:before{content:"\f193"}.fa-vimeo-square:before{content:"\f194"}.fa-turkish-lira:before,.fa-try:before{content:"\f195"}.fa-plus-square-o:before{content:"\f196"}.fa-space-shuttle:before{content:"\f197"}.fa-slack:before{content:"\f198"}.fa-envelope-square:before{content:"\f199"}.fa-wordpress:before{content:"\f19a"}.fa-openid:before{content:"\f19b"}.fa-institution:before,.fa-bank:before,.fa-university:before{content:"\f19c"}.fa-mortar-board:before,.fa-graduation-cap:before{content:"\f19d"}.fa-yahoo:before{content:"\f19e"}.fa-google:before{content:"\f1a0"}.fa-reddit:before{content:"\f1a1"}.fa-reddit-square:before{content:"\f1a2"}.fa-stumbleupon-circle:before{content:"\f1a3"}.fa-stumbleupon:before{content:"\f1a4"}.fa-delicious:before{content:"\f1a5"}.fa-digg:before{content:"\f1a6"}.fa-pied-piper-pp:before{content:"\f1a7"}.fa-pied-piper-alt:before{content:"\f1a8"}.fa-drupal:before{content:"\f1a9"}.fa-joomla:before{content:"\f1aa"}.fa-language:before{content:"\f1ab"}.fa-fax:before{content:"\f1ac"}.fa-building:before{content:"\f1ad"}.fa-child:before{content:"\f1ae"}.fa-paw:before{content:"\f1b0"}.fa-spoon:before{content:"\f1b1"}.fa-cube:before{content:"\f1b2"}.fa-cubes:before{content:"\f1b3"}.fa-behance:before{content:"\f1b4"}.fa-behance-square:before{content:"\f1b5"}.fa-steam:before{content:"\f1b6"}.fa-steam-square:before{content:"\f1b7"}.fa-recycle:before{content:"\f1b8"}.fa-automobile:before,.fa-car:before{content:"\f1b9"}.fa-cab:before,.fa-taxi:before{content:"\f1ba"}.fa-tree:before{content:"\f1bb"}.fa-spotify:before{content:"\f1bc"}.fa-deviantart:before{content:"\f1bd"}.fa-soundcloud:before{content:"\f1be"}.fa-database:before{content:"\f1c0"}.fa-file-pdf-o:before{content:"\f1c1"}.fa-file-word-o:before{content:"\f1c2"}.fa-file-excel-o:before{content:"\f1c3"}.fa-file-powerpoint-o:before{content:"\f1c4"}.fa-file-photo-o:before,.fa-file-picture-o:before,.fa-file-image-o:before{content:"\f1c5"}.fa-file-zip-o:before,.fa-file-archive-o:before{content:"\f1c6"}.fa-file-sound-o:before,.fa-file-audio-o:before{content:"\f1c7"}.fa-file-movie-o:before,.fa-file-video-o:before{content:"\f1c8"}.fa-file-code-o:before{content:"\f1c9"}.fa-vine:before{content:"\f1ca"}.fa-codepen:before{content:"\f1cb"}.fa-jsfiddle:before{content:"\f1cc"}.fa-life-bouy:before,.fa-life-buoy:before,.fa-life-saver:before,.fa-support:before,.fa-life-ring:before{content:"\f1cd"}.fa-circle-o-notch:before{content:"\f1ce"}.fa-ra:before,.fa-resistance:before,.fa-rebel:before{content:"\f1d0"}.fa-ge:before,.fa-empire:before{content:"\f1d1"}.fa-git-square:before{content:"\f1d2"}.fa-git:before{content:"\f1d3"}.fa-y-combinator-square:before,.fa-yc-square:before,.fa-hacker-news:before{content:"\f1d4"}.fa-tencent-weibo:before{content:"\f1d5"}.fa-qq:before{content:"\f1d6"}.fa-wechat:before,.fa-weixin:before{content:"\f1d7"}.fa-send:before,.fa-paper-plane:before{content:"\f1d8"}.fa-send-o:before,.fa-paper-plane-o:before{content:"\f1d9"}.fa-history:before{content:"\f1da"}.fa-circle-thin:before{content:"\f1db"}.fa-header:before{content:"\f1dc"}.fa-paragraph:before{content:"\f1dd"}.fa-sliders:before{content:"\f1de"}.fa-share-alt:before{content:"\f1e0"}.fa-share-alt-square:before{content:"\f1e1"}.fa-bomb:before{content:"\f1e2"}.fa-soccer-ball-o:before,.fa-futbol-o:before{content:"\f1e3"}.fa-tty:before{content:"\f1e4"}.fa-binoculars:before{content:"\f1e5"}.fa-plug:before{content:"\f1e6"}.fa-slideshare:before{content:"\f1e7"}.fa-twitch:before{content:"\f1e8"}.fa-yelp:before{content:"\f1e9"}.fa-newspaper-o:before{content:"\f1ea"}.fa-wifi:before{content:"\f1eb"}.fa-calculator:before{content:"\f1ec"}.fa-paypal:before{content:"\f1ed"}.fa-google-wallet:before{content:"\f1ee"}.fa-cc-visa:before{content:"\f1f0"}.fa-cc-mastercard:before{content:"\f1f1"}.fa-cc-discover:before{content:"\f1f2"}.fa-cc-amex:before{content:"\f1f3"}.fa-cc-paypal:before{content:"\f1f4"}.fa-cc-stripe:before{content:"\f1f5"}.fa-bell-slash:before{content:"\f1f6"}.fa-bell-slash-o:before{content:"\f1f7"}.fa-trash:before{content:"\f1f8"}.fa-copyright:before{content:"\f1f9"}.fa-at:before{content:"\f1fa"}.fa-eyedropper:before{content:"\f1fb"}.fa-paint-brush:before{content:"\f1fc"}.fa-birthday-cake:before{content:"\f1fd"}.fa-area-chart:before{content:"\f1fe"}.fa-pie-chart:before{content:"\f200"}.fa-line-chart:before{content:"\f201"}.fa-lastfm:before{content:"\f202"}.fa-lastfm-square:before{content:"\f203"}.fa-toggle-off:before{content:"\f204"}.fa-toggle-on:before{content:"\f205"}.fa-bicycle:before{content:"\f206"}.fa-bus:before{content:"\f207"}.fa-ioxhost:before{content:"\f208"}.fa-angellist:before{content:"\f209"}.fa-cc:before{content:"\f20a"}.fa-shekel:before,.fa-sheqel:before,.fa-ils:before{content:"\f20b"}.fa-meanpath:before{content:"\f20c"}.fa-buysellads:before{content:"\f20d"}.fa-connectdevelop:before{content:"\f20e"}.fa-dashcube:before{content:"\f210"}.fa-forumbee:before{content:"\f211"}.fa-leanpub:before{content:"\f212"}.fa-sellsy:before{content:"\f213"}.fa-shirtsinbulk:before{content:"\f214"}.fa-simplybuilt:before{content:"\f215"}.fa-skyatlas:before{content:"\f216"}.fa-cart-plus:before{content:"\f217"}.fa-cart-arrow-down:before{content:"\f218"}.fa-diamond:before{content:"\f219"}.fa-ship:before{content:"\f21a"}.fa-user-secret:before{content:"\f21b"}.fa-motorcycle:before{content:"\f21c"}.fa-street-view:before{content:"\f21d"}.fa-heartbeat:before{content:"\f21e"}.fa-venus:before{content:"\f221"}.fa-mars:before{content:"\f222"}.fa-mercury:before{content:"\f223"}.fa-intersex:before,.fa-transgender:before{content:"\f224"}.fa-transgender-alt:before{content:"\f225"}.fa-venus-double:before{content:"\f226"}.fa-mars-double:before{content:"\f227"}.fa-venus-mars:before{content:"\f228"}.fa-mars-stroke:before{content:"\f229"}.fa-mars-stroke-v:before{content:"\f22a"}.fa-mars-stroke-h:before{content:"\f22b"}.fa-neuter:before{content:"\f22c"}.fa-genderless:before{content:"\f22d"}.fa-facebook-official:before{content:"\f230"}.fa-pinterest-p:before{content:"\f231"}.fa-whatsapp:before{content:"\f232"}.fa-server:before{content:"\f233"}.fa-user-plus:before{content:"\f234"}.fa-user-times:before{content:"\f235"}.fa-hotel:before,.fa-bed:before{content:"\f236"}.fa-viacoin:before{content:"\f237"}.fa-train:before{content:"\f238"}.fa-subway:before{content:"\f239"}.fa-medium:before{content:"\f23a"}.fa-yc:before,.fa-y-combinator:before{content:"\f23b"}.fa-optin-monster:before{content:"\f23c"}.fa-opencart:before{content:"\f23d"}.fa-expeditedssl:before{content:"\f23e"}.fa-battery-4:before,.fa-battery:before,.fa-battery-full:before{content:"\f240"}.fa-battery-3:before,.fa-battery-three-quarters:before{content:"\f241"}.fa-battery-2:before,.fa-battery-half:before{content:"\f242"}.fa-battery-1:before,.fa-battery-quarter:before{content:"\f243"}.fa-battery-0:before,.fa-battery-empty:before{content:"\f244"}.fa-mouse-pointer:before{content:"\f245"}.fa-i-cursor:before{content:"\f246"}.fa-object-group:before{content:"\f247"}.fa-object-ungroup:before{content:"\f248"}.fa-sticky-note:before{content:"\f249"}.fa-sticky-note-o:before{content:"\f24a"}.fa-cc-jcb:before{content:"\f24b"}.fa-cc-diners-club:before{content:"\f24c"}.fa-clone:before{content:"\f24d"}.fa-balance-scale:before{content:"\f24e"}.fa-hourglass-o:before{content:"\f250"}.fa-hourglass-1:before,.fa-hourglass-start:before{content:"\f251"}.fa-hourglass-2:before,.fa-hourglass-half:before{content:"\f252"}.fa-hourglass-3:before,.fa-hourglass-end:before{content:"\f253"}.fa-hourglass:before{content:"\f254"}.fa-hand-grab-o:before,.fa-hand-rock-o:before{content:"\f255"}.fa-hand-stop-o:before,.fa-hand-paper-o:before{content:"\f256"}.fa-hand-scissors-o:before{content:"\f257"}.fa-hand-lizard-o:before{content:"\f258"}.fa-hand-spock-o:before{content:"\f259"}.fa-hand-pointer-o:before{content:"\f25a"}.fa-hand-peace-o:before{content:"\f25b"}.fa-trademark:before{content:"\f25c"}.fa-registered:before{content:"\f25d"}.fa-creative-commons:before{content:"\f25e"}.fa-gg:before{content:"\f260"}.fa-gg-circle:before{content:"\f261"}.fa-tripadvisor:before{content:"\f262"}.fa-odnoklassniki:before{content:"\f263"}.fa-odnoklassniki-square:before{content:"\f264"}.fa-get-pocket:before{content:"\f265"}.fa-wikipedia-w:before{content:"\f266"}.fa-safari:before{content:"\f267"}.fa-chrome:before{content:"\f268"}.fa-firefox:before{content:"\f269"}.fa-opera:before{content:"\f26a"}.fa-internet-explorer:before{content:"\f26b"}.fa-tv:before,.fa-television:before{content:"\f26c"}.fa-contao:before{content:"\f26d"}.fa-500px:before{content:"\f26e"}.fa-amazon:before{content:"\f270"}.fa-calendar-plus-o:before{content:"\f271"}.fa-calendar-minus-o:before{content:"\f272"}.fa-calendar-times-o:before{content:"\f273"}.fa-calendar-check-o:before{content:"\f274"}.fa-industry:before{content:"\f275"}.fa-map-pin:before{content:"\f276"}.fa-map-signs:before{content:"\f277"}.fa-map-o:before{content:"\f278"}.fa-map:before{content:"\f279"}.fa-commenting:before{content:"\f27a"}.fa-commenting-o:before{content:"\f27b"}.fa-houzz:before{content:"\f27c"}.fa-vimeo:before{content:"\f27d"}.fa-black-tie:before{content:"\f27e"}.fa-fonticons:before{content:"\f280"}.fa-reddit-alien:before{content:"\f281"}.fa-edge:before{content:"\f282"}.fa-credit-card-alt:before{content:"\f283"}.fa-codiepie:before{content:"\f284"}.fa-modx:before{content:"\f285"}.fa-fort-awesome:before{content:"\f286"}.fa-usb:before{content:"\f287"}.fa-product-hunt:before{content:"\f288"}.fa-mixcloud:before{content:"\f289"}.fa-scribd:before{content:"\f28a"}.fa-pause-circle:before{content:"\f28b"}.fa-pause-circle-o:before{content:"\f28c"}.fa-stop-circle:before{content:"\f28d"}.fa-stop-circle-o:before{content:"\f28e"}.fa-shopping-bag:before{content:"\f290"}.fa-shopping-basket:before{content:"\f291"}.fa-hashtag:before{content:"\f292"}.fa-bluetooth:before{content:"\f293"}.fa-bluetooth-b:before{content:"\f294"}.fa-percent:before{content:"\f295"}.fa-gitlab:before{content:"\f296"}.fa-wpbeginner:before{content:"\f297"}.fa-wpforms:before{content:"\f298"}.fa-envira:before{content:"\f299"}.fa-universal-access:before{content:"\f29a"}.fa-wheelchair-alt:before{content:"\f29b"}.fa-question-circle-o:before{content:"\f29c"}.fa-blind:before{content:"\f29d"}.fa-audio-description:before{content:"\f29e"}.fa-volume-control-phone:before{content:"\f2a0"}.fa-braille:before{content:"\f2a1"}.fa-assistive-listening-systems:before{content:"\f2a2"}.fa-asl-interpreting:before,.fa-american-sign-language-interpreting:before{content:"\f2a3"}.fa-deafness:before,.fa-hard-of-hearing:before,.fa-deaf:before{content:"\f2a4"}.fa-glide:before{content:"\f2a5"}.fa-glide-g:before{content:"\f2a6"}.fa-signing:before,.fa-sign-language:before{content:"\f2a7"}.fa-low-vision:before{content:"\f2a8"}.fa-viadeo:before{content:"\f2a9"}.fa-viadeo-square:before{content:"\f2aa"}.fa-snapchat:before{content:"\f2ab"}.fa-snapchat-ghost:before{content:"\f2ac"}.fa-snapchat-square:before{content:"\f2ad"}.fa-pied-piper:before{content:"\f2ae"}.fa-first-order:before{content:"\f2b0"}.fa-yoast:before{content:"\f2b1"}.fa-themeisle:before{content:"\f2b2"}.fa-google-plus-circle:before,.fa-google-plus-official:before{content:"\f2b3"}.fa-fa:before,.fa-font-awesome:before{content:"\f2b4"}.fa-handshake-o:before{content:"\f2b5"}.fa-envelope-open:before{content:"\f2b6"}.fa-envelope-open-o:before{content:"\f2b7"}.fa-linode:before{content:"\f2b8"}.fa-address-book:before{content:"\f2b9"}.fa-address-book-o:before{content:"\f2ba"}.fa-vcard:before,.fa-address-card:before{content:"\f2bb"}.fa-vcard-o:before,.fa-address-card-o:before{content:"\f2bc"}.fa-user-circle:before{content:"\f2bd"}.fa-user-circle-o:before{content:"\f2be"}.fa-user-o:before{content:"\f2c0"}.fa-id-badge:before{content:"\f2c1"}.fa-drivers-license:before,.fa-id-card:before{content:"\f2c2"}.fa-drivers-license-o:before,.fa-id-card-o:before{content:"\f2c3"}.fa-quora:before{content:"\f2c4"}.fa-free-code-camp:before{content:"\f2c5"}.fa-telegram:before{content:"\f2c6"}.fa-thermometer-4:before,.fa-thermometer:before,.fa-thermometer-full:before{content:"\f2c7"}.fa-thermometer-3:before,.fa-thermometer-three-quarters:before{content:"\f2c8"}.fa-thermometer-2:before,.fa-thermometer-half:before{content:"\f2c9"}.fa-thermometer-1:before,.fa-thermometer-quarter:before{content:"\f2ca"}.fa-thermometer-0:before,.fa-thermometer-empty:before{content:"\f2cb"}.fa-shower:before{content:"\f2cc"}.fa-bathtub:before,.fa-s15:before,.fa-bath:before{content:"\f2cd"}.fa-podcast:before{content:"\f2ce"}.fa-window-maximize:before{content:"\f2d0"}.fa-window-minimize:before{content:"\f2d1"}.fa-window-restore:before{content:"\f2d2"}.fa-times-rectangle:before,.fa-window-close:before{content:"\f2d3"}.fa-times-rectangle-o:before,.fa-window-close-o:before{content:"\f2d4"}.fa-bandcamp:before{content:"\f2d5"}.fa-grav:before{content:"\f2d6"}.fa-etsy:before{content:"\f2d7"}.fa-imdb:before{content:"\f2d8"}.fa-ravelry:before{content:"\f2d9"}.fa-eercast:before{content:"\f2da"}.fa-microchip:before{content:"\f2db"}.fa-snowflake-o:before{content:"\f2dc"}.fa-superpowers:before{content:"\f2dd"}.fa-wpexplorer:before{content:"\f2de"}.fa-meetup:before{content:"\f2e0"}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0,0,0,0);border:0}.sr-only-focusable:active,.sr-only-focusable:focus{position:static;width:auto;height:auto;margin:0;overflow:visible;clip:auto} \ No newline at end of file diff --git a/docs/_build/html/_static/fonts/material-icons.css b/docs/_build/html/_static/fonts/material-icons.css deleted file mode 100644 index 63130b01..00000000 --- a/docs/_build/html/_static/fonts/material-icons.css +++ /dev/null @@ -1,13 +0,0 @@ -/*! - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy - * of the License at: - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING, SOFTWARE - * DISTRIBUTED UNDER THE LICENSE IS DISTRIBUTED ON AN "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - * SEE THE LICENSE FOR THE SPECIFIC LANGUAGE GOVERNING PERMISSIONS AND - * LIMITATIONS UNDER THE LICENSE. - */@font-face{font-display:swap;font-family:"Material Icons";font-style:normal;font-weight:400;src:local("Material Icons"),local("MaterialIcons-Regular"),url("specimen/MaterialIcons-Regular.woff2") format("woff2"),url("specimen/MaterialIcons-Regular.woff") format("woff"),url("specimen/MaterialIcons-Regular.ttf") format("truetype")} \ No newline at end of file diff --git a/docs/_build/html/_static/fonts/specimen/FontAwesome.ttf b/docs/_build/html/_static/fonts/specimen/FontAwesome.ttf deleted file mode 100644 index 35acda2f..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/FontAwesome.ttf and /dev/null differ diff --git a/docs/_build/html/_static/fonts/specimen/FontAwesome.woff b/docs/_build/html/_static/fonts/specimen/FontAwesome.woff deleted file mode 100644 index 400014a4..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/FontAwesome.woff and /dev/null differ diff --git a/docs/_build/html/_static/fonts/specimen/FontAwesome.woff2 b/docs/_build/html/_static/fonts/specimen/FontAwesome.woff2 deleted file mode 100644 index 4d13fc60..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/FontAwesome.woff2 and /dev/null differ diff --git a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.ttf b/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.ttf deleted file mode 100644 index 7015564a..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.ttf and /dev/null differ diff --git a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff b/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff deleted file mode 100644 index b648a3ee..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff and /dev/null differ diff --git a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff2 b/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff2 deleted file mode 100644 index 9fa21125..00000000 Binary files a/docs/_build/html/_static/fonts/specimen/MaterialIcons-Regular.woff2 and /dev/null differ diff --git a/docs/_build/html/_static/images/favicon.png b/docs/_build/html/_static/images/favicon.png deleted file mode 100644 index 76d17f57..00000000 Binary files a/docs/_build/html/_static/images/favicon.png and /dev/null differ diff --git a/docs/_build/html/_static/images/icons/bitbucket.1b09e088.svg b/docs/_build/html/_static/images/icons/bitbucket.1b09e088.svg deleted file mode 100644 index cf58c14f..00000000 --- a/docs/_build/html/_static/images/icons/bitbucket.1b09e088.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/images/icons/bitbucket.svg b/docs/_build/html/_static/images/icons/bitbucket.svg deleted file mode 100644 index cf58c14f..00000000 --- a/docs/_build/html/_static/images/icons/bitbucket.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/images/icons/github.f0b8504a.svg b/docs/_build/html/_static/images/icons/github.f0b8504a.svg deleted file mode 100644 index 3d13b197..00000000 --- a/docs/_build/html/_static/images/icons/github.f0b8504a.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/images/icons/github.svg b/docs/_build/html/_static/images/icons/github.svg deleted file mode 100644 index 3d13b197..00000000 --- a/docs/_build/html/_static/images/icons/github.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/images/icons/gitlab.6dd19c00.svg b/docs/_build/html/_static/images/icons/gitlab.6dd19c00.svg deleted file mode 100644 index 1d9fffa7..00000000 --- a/docs/_build/html/_static/images/icons/gitlab.6dd19c00.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/images/icons/gitlab.svg b/docs/_build/html/_static/images/icons/gitlab.svg deleted file mode 100644 index 1d9fffa7..00000000 --- a/docs/_build/html/_static/images/icons/gitlab.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/application.js b/docs/_build/html/_static/javascripts/application.js deleted file mode 100644 index 7c724d2e..00000000 --- a/docs/_build/html/_static/javascripts/application.js +++ /dev/null @@ -1,2540 +0,0 @@ -! function(e, t) { - for (var n in t) e[n] = t[n] -}(window, function(n) { - var r = {}; - - function i(e) { - if (r[e]) return r[e].exports; - var t = r[e] = { - i: e, - l: !1, - exports: {} - }; - return n[e].call(t.exports, t, t.exports, i), t.l = !0, t.exports - } - return i.m = n, i.c = r, i.d = function(e, t, n) { - i.o(e, t) || Object.defineProperty(e, t, { - enumerable: !0, - get: n - }) - }, i.r = function(e) { - "undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, { - value: "Module" - }), Object.defineProperty(e, "__esModule", { - value: !0 - }) - }, i.t = function(t, e) { - if (1 & e && (t = i(t)), 8 & e) return t; - if (4 & e && "object" == typeof t && t && t.__esModule) return t; - var n = Object.create(null); - if (i.r(n), Object.defineProperty(n, "default", { - enumerable: !0, - value: t - }), 2 & e && "string" != typeof t) - for (var r in t) i.d(n, r, function(e) { - return t[e] - }.bind(null, r)); - return n - }, i.n = function(e) { - var t = e && e.__esModule ? function() { - return e.default - } : function() { - return e - }; - return i.d(t, "a", t), t - }, i.o = function(e, t) { - return Object.prototype.hasOwnProperty.call(e, t) - }, i.p = "", i(i.s = 13) -}([function(e, t, n) { - "use strict"; - var r = { - Listener: function() { - function e(e, t, n) { - var r = this; - this.els_ = Array.prototype.slice.call("string" == typeof e ? document.querySelectorAll(e) : [].concat(e)), this.handler_ = "function" == typeof n ? { - update: n - } : n, this.events_ = [].concat(t), this.update_ = function(e) { - return r.handler_.update(e) - } - } - var t = e.prototype; - return t.listen = function() { - var n = this; - this.els_.forEach(function(t) { - n.events_.forEach(function(e) { - t.addEventListener(e, n.update_, !1) - }) - }), "function" == typeof this.handler_.setup && this.handler_.setup() - }, t.unlisten = function() { - var n = this; - this.els_.forEach(function(t) { - n.events_.forEach(function(e) { - t.removeEventListener(e, n.update_) - }) - }), "function" == typeof this.handler_.reset && this.handler_.reset() - }, e - }(), - MatchMedia: function(e, t) { - this.handler_ = function(e) { - e.matches ? t.listen() : t.unlisten() - }; - var n = window.matchMedia(e); - n.addListener(this.handler_), this.handler_(n) - } - }, - i = { - Shadow: function() { - function e(e, t) { - var n = "string" == typeof e ? document.querySelector(e) : e; - if (!(n instanceof HTMLElement && n.parentNode instanceof HTMLElement)) throw new ReferenceError; - if (this.el_ = n.parentNode, !((n = "string" == typeof t ? document.querySelector(t) : t) instanceof HTMLElement)) throw new ReferenceError; - this.header_ = n, this.height_ = 0, this.active_ = !1 - } - var t = e.prototype; - return t.setup = function() { - for (var e = this.el_; e = e.previousElementSibling;) { - if (!(e instanceof HTMLElement)) throw new ReferenceError; - this.height_ += e.offsetHeight - } - this.update() - }, t.update = function(e) { - if (!e || "resize" !== e.type && "orientationchange" !== e.type) { - var t = window.pageYOffset >= this.height_; - t !== this.active_ && (this.header_.dataset.mdState = (this.active_ = t) ? "shadow" : "") - } else this.height_ = 0, this.setup() - }, t.reset = function() { - this.header_.dataset.mdState = "", this.height_ = 0, this.active_ = !1 - }, e - }(), - Title: function() { - function e(e, t) { - var n = "string" == typeof e ? document.querySelector(e) : e; - if (!(n instanceof HTMLElement)) throw new ReferenceError; - if (this.el_ = n, !((n = "string" == typeof t ? document.querySelector(t) : t) instanceof HTMLHeadingElement)) throw new ReferenceError; - this.header_ = n, this.active_ = !1 - } - var t = e.prototype; - return t.setup = function() { - var t = this; - Array.prototype.forEach.call(this.el_.children, function(e) { - e.style.width = t.el_.offsetWidth - 20 + "px" - }) - }, t.update = function(e) { - var t = this, - n = window.pageYOffset >= this.header_.offsetTop; - n !== this.active_ && (this.el_.dataset.mdState = (this.active_ = n) ? "active" : ""), "resize" !== e.type && "orientationchange" !== e.type || Array.prototype.forEach.call(this.el_.children, function(e) { - e.style.width = t.el_.offsetWidth - 20 + "px" - }) - }, t.reset = function() { - this.el_.dataset.mdState = "", this.el_.style.width = "", this.active_ = !1 - }, e - }() - }, - o = { - Blur: function() { - function e(e) { - this.els_ = "string" == typeof e ? document.querySelectorAll(e) : e, this.index_ = 0, this.offset_ = window.pageYOffset, this.dir_ = !1, this.anchors_ = [].reduce.call(this.els_, function(e, t) { - var n = decodeURIComponent(t.hash); - return e.concat(document.getElementById(n.substring(1)) || []) - }, []) - } - var t = e.prototype; - return t.setup = function() { - this.update() - }, t.update = function() { - var e = window.pageYOffset, - t = this.offset_ - e < 0; - if (this.dir_ !== t && (this.index_ = this.index_ = t ? 0 : this.els_.length - 1), 0 !== this.anchors_.length) { - if (this.offset_ <= e) - for (var n = this.index_ + 1; n < this.els_.length && this.anchors_[n].offsetTop - 80 <= e; n++) 0 < n && (this.els_[n - 1].dataset.mdState = "blur"), this.index_ = n; - else - for (var r = this.index_; 0 <= r; r--) { - if (!(this.anchors_[r].offsetTop - 80 > e)) { - this.index_ = r; - break - } - 0 < r && (this.els_[r - 1].dataset.mdState = "") - } - this.offset_ = e, this.dir_ = t - } - }, t.reset = function() { - Array.prototype.forEach.call(this.els_, function(e) { - e.dataset.mdState = "" - }), this.index_ = 0, this.offset_ = window.pageYOffset - }, e - }(), - Collapse: function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - this.el_ = t - } - var t = e.prototype; - return t.setup = function() { - var e = this.el_.getBoundingClientRect().height; - this.el_.style.display = e ? "block" : "none", this.el_.style.overflow = e ? "visible" : "hidden" - }, t.update = function() { - var e = this, - t = this.el_.getBoundingClientRect().height; - this.el_.style.display = "block", this.el_.style.overflow = ""; - var r = this.el_.previousElementSibling.previousElementSibling.checked; - if (r) this.el_.style.maxHeight = t + "px", requestAnimationFrame(function() { - e.el_.setAttribute("data-md-state", "animate"), e.el_.style.maxHeight = "0px" - }); - else { - this.el_.setAttribute("data-md-state", "expand"), this.el_.style.maxHeight = ""; - var n = this.el_.getBoundingClientRect().height; - this.el_.removeAttribute("data-md-state"), this.el_.style.maxHeight = "0px", requestAnimationFrame(function() { - e.el_.setAttribute("data-md-state", "animate"), e.el_.style.maxHeight = n + "px" - }) - } - this.el_.addEventListener("transitionend", function e(t) { - var n = t.target; - if (!(n instanceof HTMLElement)) throw new ReferenceError; - n.removeAttribute("data-md-state"), n.style.maxHeight = "", n.style.display = r ? "none" : "block", n.style.overflow = r ? "hidden" : "visible", n.removeEventListener("transitionend", e) - }, !1) - }, t.reset = function() { - this.el_.dataset.mdState = "", this.el_.style.maxHeight = "", this.el_.style.display = "", this.el_.style.overflow = "" - }, e - }(), - Scrolling: function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - this.el_ = t - } - var t = e.prototype; - return t.setup = function() { - this.el_.children[this.el_.children.length - 1].style.webkitOverflowScrolling = "touch"; - var e = this.el_.querySelectorAll("[data-md-toggle]"); - Array.prototype.forEach.call(e, function(e) { - if (!(e instanceof HTMLInputElement)) throw new ReferenceError; - if (e.checked) { - var t = e.nextElementSibling; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - for (; - "NAV" !== t.tagName && t.nextElementSibling;) t = t.nextElementSibling; - if (!(e.parentNode instanceof HTMLElement && e.parentNode.parentNode instanceof HTMLElement)) throw new ReferenceError; - var n = e.parentNode.parentNode, - r = t.children[t.children.length - 1]; - n.style.webkitOverflowScrolling = "", r.style.webkitOverflowScrolling = "touch" - } - }) - }, t.update = function(e) { - var t = e.target; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - var n = t.nextElementSibling; - if (!(n instanceof HTMLElement)) throw new ReferenceError; - for (; - "NAV" !== n.tagName && n.nextElementSibling;) n = n.nextElementSibling; - if (!(t.parentNode instanceof HTMLElement && t.parentNode.parentNode instanceof HTMLElement)) throw new ReferenceError; - var r = t.parentNode.parentNode, - i = n.children[n.children.length - 1]; - if (r.style.webkitOverflowScrolling = "", i.style.webkitOverflowScrolling = "", !t.checked) { - n.addEventListener("transitionend", function e() { - n instanceof HTMLElement && (r.style.webkitOverflowScrolling = "touch", n.removeEventListener("transitionend", e)) - }, !1) - } - if (t.checked) { - n.addEventListener("transitionend", function e() { - n instanceof HTMLElement && (i.style.webkitOverflowScrolling = "touch", n.removeEventListener("transitionend", e)) - }, !1) - } - }, t.reset = function() { - this.el_.children[1].style.webkitOverflowScrolling = ""; - var e = this.el_.querySelectorAll("[data-md-toggle]"); - Array.prototype.forEach.call(e, function(e) { - if (!(e instanceof HTMLInputElement)) throw new ReferenceError; - if (e.checked) { - var t = e.nextElementSibling; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - for (; - "NAV" !== t.tagName && t.nextElementSibling;) t = t.nextElementSibling; - if (!(e.parentNode instanceof HTMLElement && e.parentNode.parentNode instanceof HTMLElement)) throw new ReferenceError; - var n = e.parentNode.parentNode, - r = t.children[t.children.length - 1]; - n.style.webkitOverflowScrolling = "", r.style.webkitOverflowScrolling = "" - } - }) - }, e - }() - }, - a = { - Lock: function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof HTMLInputElement)) throw new ReferenceError; - if (this.el_ = t, !document.body) throw new ReferenceError; - this.lock_ = document.body - } - var t = e.prototype; - return t.setup = function() { - this.update() - }, t.update = function() { - var e = this; - this.el_.checked ? (this.offset_ = window.pageYOffset, setTimeout(function() { - window.scrollTo(0, 0), e.el_.checked && (e.lock_.dataset.mdState = "lock") - }, 400)) : (this.lock_.dataset.mdState = "", setTimeout(function() { - void 0 !== e.offset_ && window.scrollTo(0, e.offset_) - }, 100)) - }, t.reset = function() { - "lock" === this.lock_.dataset.mdState && window.scrollTo(0, this.offset_), this.lock_.dataset.mdState = "" - }, e - }(), - Result: n(9).a - }, - s = { - Position: function() { - function e(e, t) { - var n = "string" == typeof e ? document.querySelector(e) : e; - if (!(n instanceof HTMLElement && n.parentNode instanceof HTMLElement)) throw new ReferenceError; - if (this.el_ = n, this.parent_ = n.parentNode, !((n = "string" == typeof t ? document.querySelector(t) : t) instanceof HTMLElement)) throw new ReferenceError; - this.header_ = n, this.height_ = 0, this.pad_ = "fixed" === window.getComputedStyle(this.header_).position - } - var t = e.prototype; - return t.setup = function() { - var e = Array.prototype.reduce.call(this.parent_.children, function(e, t) { - return Math.max(e, t.offsetTop) - }, 0); - this.offset_ = e - (this.pad_ ? this.header_.offsetHeight : 0), this.update() - }, t.update = function(e) { - var t = window.pageYOffset, - n = window.innerHeight; - e && "resize" === e.type && this.setup(); - var r = this.pad_ ? this.header_.offsetHeight : 0, - i = this.parent_.offsetTop + this.parent_.offsetHeight, - o = n - r - Math.max(0, this.offset_ - t) - Math.max(0, t + n - i); - o !== this.height_ && (this.el_.style.height = (this.height_ = o) + "px"), t >= this.offset_ ? "lock" !== this.el_.dataset.mdState && (this.el_.dataset.mdState = "lock") : "lock" === this.el_.dataset.mdState && (this.el_.dataset.mdState = "") - }, t.reset = function() { - this.el_.dataset.mdState = "", this.el_.style.height = "", this.height_ = 0 - }, e - }() - }, - c = n(6), - l = n.n(c); - var u = { - Adapter: { - GitHub: function(o) { - var e, t; - - function n(e) { - var t; - t = o.call(this, e) || this; - var n = /^.+github\.com\/([^/]+)\/?([^/]+)?.*$/.exec(t.base_); - if (n && 3 === n.length) { - var r = n[1], - i = n[2]; - t.base_ = "https://api.github.com/users/" + r + "/repos", t.name_ = i - } - return t - } - return t = o, (e = n).prototype = Object.create(t.prototype), (e.prototype.constructor = e).__proto__ = t, n.prototype.fetch_ = function() { - var i = this; - return function n(r) { - return void 0 === r && (r = 0), fetch(i.base_ + "?per_page=30&page=" + r).then(function(e) { - return e.json() - }).then(function(e) { - if (!(e instanceof Array)) throw new TypeError; - if (i.name_) { - var t = e.find(function(e) { - return e.name === i.name_ - }); - return t || 30 !== e.length ? t ? [i.format_(t.stargazers_count) + " Stars", i.format_(t.forks_count) + " Forks"] : [] : n(r + 1) - } - return [e.length + " Repositories"] - }) - }() - }, n - }(function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof HTMLAnchorElement)) throw new ReferenceError; - this.el_ = t, this.base_ = this.el_.href, this.salt_ = this.hash_(this.base_) - } - var t = e.prototype; - return t.fetch = function() { - var n = this; - return new Promise(function(t) { - var e = l.a.getJSON(n.salt_ + ".cache-source"); - void 0 !== e ? t(e) : n.fetch_().then(function(e) { - l.a.set(n.salt_ + ".cache-source", e, { - expires: 1 / 96 - }), t(e) - }) - }) - }, t.fetch_ = function() { - throw new Error("fetch_(): Not implemented") - }, t.format_ = function(e) { - return 1e4 < e ? (e / 1e3).toFixed(0) + "k" : 1e3 < e ? (e / 1e3).toFixed(1) + "k" : "" + e - }, t.hash_ = function(e) { - var t = 0; - if (0 === e.length) return t; - for (var n = 0, r = e.length; n < r; n++) t = (t << 5) - t + e.charCodeAt(n), t |= 0; - return t - }, e - }()) - }, - Repository: n(10).a - }, - f = { - Toggle: function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof Node)) throw new ReferenceError; - this.el_ = t; - var n = document.querySelector("[data-md-component=header]"); - this.height_ = n.offsetHeight, this.active_ = !1 - } - var t = e.prototype; - return t.update = function() { - var e = window.pageYOffset >= this.el_.children[0].offsetTop + (5 - this.height_); - e !== this.active_ && (this.el_.dataset.mdState = (this.active_ = e) ? "hidden" : "") - }, t.reset = function() { - this.el_.dataset.mdState = "", this.active_ = !1 - }, e - }() - }; - t.a = { - Event: r, - Header: i, - Nav: o, - Search: a, - Sidebar: s, - Source: u, - Tabs: f - } -}, function(t, e, n) { - (function(e) { - t.exports = e.lunr = n(24) - }).call(this, n(4)) -}, function(e, f, d) { - "use strict"; - (function(t) { - var e = d(8), - n = setTimeout; - - function r() {} - - function o(e) { - if (!(this instanceof o)) throw new TypeError("Promises must be constructed via new"); - if ("function" != typeof e) throw new TypeError("not a function"); - this._state = 0, this._handled = !1, this._value = void 0, this._deferreds = [], u(e, this) - } - - function i(n, r) { - for (; 3 === n._state;) n = n._value; - 0 !== n._state ? (n._handled = !0, o._immediateFn(function() { - var e = 1 === n._state ? r.onFulfilled : r.onRejected; - if (null !== e) { - var t; - try { - t = e(n._value) - } catch (e) { - return void s(r.promise, e) - } - a(r.promise, t) - } else(1 === n._state ? a : s)(r.promise, n._value) - })) : n._deferreds.push(r) - } - - function a(t, e) { - try { - if (e === t) throw new TypeError("A promise cannot be resolved with itself."); - if (e && ("object" == typeof e || "function" == typeof e)) { - var n = e.then; - if (e instanceof o) return t._state = 3, t._value = e, void c(t); - if ("function" == typeof n) return void u((r = n, i = e, function() { - r.apply(i, arguments) - }), t) - } - t._state = 1, t._value = e, c(t) - } catch (e) { - s(t, e) - } - var r, i - } - - function s(e, t) { - e._state = 2, e._value = t, c(e) - } - - function c(e) { - 2 === e._state && 0 === e._deferreds.length && o._immediateFn(function() { - e._handled || o._unhandledRejectionFn(e._value) - }); - for (var t = 0, n = e._deferreds.length; t < n; t++) i(e, e._deferreds[t]); - e._deferreds = null - } - - function l(e, t, n) { - this.onFulfilled = "function" == typeof e ? e : null, this.onRejected = "function" == typeof t ? t : null, this.promise = n - } - - function u(e, t) { - var n = !1; - try { - e(function(e) { - n || (n = !0, a(t, e)) - }, function(e) { - n || (n = !0, s(t, e)) - }) - } catch (e) { - if (n) return; - n = !0, s(t, e) - } - } - o.prototype.catch = function(e) { - return this.then(null, e) - }, o.prototype.then = function(e, t) { - var n = new this.constructor(r); - return i(this, new l(e, t, n)), n - }, o.prototype.finally = e.a, o.all = function(t) { - return new o(function(r, i) { - if (!t || void 0 === t.length) throw new TypeError("Promise.all accepts an array"); - var o = Array.prototype.slice.call(t); - if (0 === o.length) return r([]); - var a = o.length; - - function s(t, e) { - try { - if (e && ("object" == typeof e || "function" == typeof e)) { - var n = e.then; - if ("function" == typeof n) return void n.call(e, function(e) { - s(t, e) - }, i) - } - o[t] = e, 0 == --a && r(o) - } catch (e) { - i(e) - } - } - for (var e = 0; e < o.length; e++) s(e, o[e]) - }) - }, o.resolve = function(t) { - return t && "object" == typeof t && t.constructor === o ? t : new o(function(e) { - e(t) - }) - }, o.reject = function(n) { - return new o(function(e, t) { - t(n) - }) - }, o.race = function(i) { - return new o(function(e, t) { - for (var n = 0, r = i.length; n < r; n++) i[n].then(e, t) - }) - }, o._immediateFn = "function" == typeof t && function(e) { - t(e) - } || function(e) { - n(e, 0) - }, o._unhandledRejectionFn = function(e) { - "undefined" != typeof console && console && console.warn("Possible Unhandled Promise Rejection:", e) - }, f.a = o - }).call(this, d(21).setImmediate) -}, function(e, t, n) { - "use strict"; - - function r(e, t) { - var n = document.createElement(e); - t && Array.prototype.forEach.call(Object.keys(t), function(e) { - n.setAttribute(e, t[e]) - }); - for (var r = arguments.length, i = new Array(2 < r ? r - 2 : 0), o = 2; o < r; o++) i[o - 2] = arguments[o]; - return function t(e) { - Array.prototype.forEach.call(e, function(e) { - "string" == typeof e || "number" == typeof e ? n.textContent += e : Array.isArray(e) ? t(e) : void 0 !== e.__html ? n.innerHTML += e.__html : e instanceof Node && n.appendChild(e) - }) - }(i), n - } - n.r(t), n.d(t, "createElement", function() { - return r - }) -}, function(e, t) { - var n; - n = function() { - return this - }(); - try { - n = n || new Function("return this")() - } catch (e) { - "object" == typeof window && (n = window) - } - e.exports = n -}, function(e, t, n) { - var r; - r = function() { - return function(n) { - var r = {}; - - function i(e) { - if (r[e]) return r[e].exports; - var t = r[e] = { - i: e, - l: !1, - exports: {} - }; - return n[e].call(t.exports, t, t.exports, i), t.l = !0, t.exports - } - return i.m = n, i.c = r, i.d = function(e, t, n) { - i.o(e, t) || Object.defineProperty(e, t, { - enumerable: !0, - get: n - }) - }, i.r = function(e) { - "undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, { - value: "Module" - }), Object.defineProperty(e, "__esModule", { - value: !0 - }) - }, i.t = function(t, e) { - if (1 & e && (t = i(t)), 8 & e) return t; - if (4 & e && "object" == typeof t && t && t.__esModule) return t; - var n = Object.create(null); - if (i.r(n), Object.defineProperty(n, "default", { - enumerable: !0, - value: t - }), 2 & e && "string" != typeof t) - for (var r in t) i.d(n, r, function(e) { - return t[e] - }.bind(null, r)); - return n - }, i.n = function(e) { - var t = e && e.__esModule ? function() { - return e.default - } : function() { - return e - }; - return i.d(t, "a", t), t - }, i.o = function(e, t) { - return Object.prototype.hasOwnProperty.call(e, t) - }, i.p = "", i(i.s = 0) - }([function(e, t, n) { - "use strict"; - var i = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function(e) { - return typeof e - } : function(e) { - return e && "function" == typeof Symbol && e.constructor === Symbol && e !== Symbol.prototype ? "symbol" : typeof e - }, - o = function() { - function r(e, t) { - for (var n = 0; n < t.length; n++) { - var r = t[n]; - r.enumerable = r.enumerable || !1, r.configurable = !0, "value" in r && (r.writable = !0), Object.defineProperty(e, r.key, r) - } - } - return function(e, t, n) { - return t && r(e.prototype, t), n && r(e, n), e - } - }(), - a = r(n(1)), - s = r(n(3)), - c = r(n(4)); - - function r(e) { - return e && e.__esModule ? e : { - default: e - } - } - var l = function(e) { - function r(e, t) { - ! function(e, t) { - if (!(e instanceof t)) throw new TypeError("Cannot call a class as a function") - }(this, r); - var n = function(e, t) { - if (!e) throw new ReferenceError("this hasn't been initialised - super() hasn't been called"); - return !t || "object" != typeof t && "function" != typeof t ? e : t - }(this, (r.__proto__ || Object.getPrototypeOf(r)).call(this)); - return n.resolveOptions(t), n.listenClick(e), n - } - return function(e, t) { - if ("function" != typeof t && null !== t) throw new TypeError("Super expression must either be null or a function, not " + typeof t); - e.prototype = Object.create(t && t.prototype, { - constructor: { - value: e, - enumerable: !1, - writable: !0, - configurable: !0 - } - }), t && (Object.setPrototypeOf ? Object.setPrototypeOf(e, t) : e.__proto__ = t) - }(r, s.default), o(r, [{ - key: "resolveOptions", - value: function() { - var e = 0 < arguments.length && void 0 !== arguments[0] ? arguments[0] : {}; - this.action = "function" == typeof e.action ? e.action : this.defaultAction, this.target = "function" == typeof e.target ? e.target : this.defaultTarget, this.text = "function" == typeof e.text ? e.text : this.defaultText, this.container = "object" === i(e.container) ? e.container : document.body - } - }, { - key: "listenClick", - value: function(e) { - var t = this; - this.listener = (0, c.default)(e, "click", function(e) { - return t.onClick(e) - }) - } - }, { - key: "onClick", - value: function(e) { - var t = e.delegateTarget || e.currentTarget; - this.clipboardAction && (this.clipboardAction = null), this.clipboardAction = new a.default({ - action: this.action(t), - target: this.target(t), - text: this.text(t), - container: this.container, - trigger: t, - emitter: this - }) - } - }, { - key: "defaultAction", - value: function(e) { - return u("action", e) - } - }, { - key: "defaultTarget", - value: function(e) { - var t = u("target", e); - if (t) return document.querySelector(t) - } - }, { - key: "defaultText", - value: function(e) { - return u("text", e) - } - }, { - key: "destroy", - value: function() { - this.listener.destroy(), this.clipboardAction && (this.clipboardAction.destroy(), this.clipboardAction = null) - } - }], [{ - key: "isSupported", - value: function() { - var e = 0 < arguments.length && void 0 !== arguments[0] ? arguments[0] : ["copy", "cut"], - t = "string" == typeof e ? [e] : e, - n = !!document.queryCommandSupported; - return t.forEach(function(e) { - n = n && !!document.queryCommandSupported(e) - }), n - } - }]), r - }(); - - function u(e, t) { - var n = "data-clipboard-" + e; - if (t.hasAttribute(n)) return t.getAttribute(n) - } - e.exports = l - }, function(e, t, n) { - "use strict"; - var r, i = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function(e) { - return typeof e - } : function(e) { - return e && "function" == typeof Symbol && e.constructor === Symbol && e !== Symbol.prototype ? "symbol" : typeof e - }, - o = function() { - function r(e, t) { - for (var n = 0; n < t.length; n++) { - var r = t[n]; - r.enumerable = r.enumerable || !1, r.configurable = !0, "value" in r && (r.writable = !0), Object.defineProperty(e, r.key, r) - } - } - return function(e, t, n) { - return t && r(e.prototype, t), n && r(e, n), e - } - }(), - a = n(2), - s = (r = a) && r.__esModule ? r : { - default: r - }; - var c = function() { - function t(e) { - ! function(e, t) { - if (!(e instanceof t)) throw new TypeError("Cannot call a class as a function") - }(this, t), this.resolveOptions(e), this.initSelection() - } - return o(t, [{ - key: "resolveOptions", - value: function() { - var e = 0 < arguments.length && void 0 !== arguments[0] ? arguments[0] : {}; - this.action = e.action, this.container = e.container, this.emitter = e.emitter, this.target = e.target, this.text = e.text, this.trigger = e.trigger, this.selectedText = "" - } - }, { - key: "initSelection", - value: function() { - this.text ? this.selectFake() : this.target && this.selectTarget() - } - }, { - key: "selectFake", - value: function() { - var e = this, - t = "rtl" == document.documentElement.getAttribute("dir"); - this.removeFake(), this.fakeHandlerCallback = function() { - return e.removeFake() - }, this.fakeHandler = this.container.addEventListener("click", this.fakeHandlerCallback) || !0, this.fakeElem = document.createElement("textarea"), this.fakeElem.style.fontSize = "12pt", this.fakeElem.style.border = "0", this.fakeElem.style.padding = "0", this.fakeElem.style.margin = "0", this.fakeElem.style.position = "absolute", this.fakeElem.style[t ? "right" : "left"] = "-9999px"; - var n = window.pageYOffset || document.documentElement.scrollTop; - this.fakeElem.style.top = n + "px", this.fakeElem.setAttribute("readonly", ""), this.fakeElem.value = this.text, this.container.appendChild(this.fakeElem), this.selectedText = (0, s.default)(this.fakeElem), this.copyText() - } - }, { - key: "removeFake", - value: function() { - this.fakeHandler && (this.container.removeEventListener("click", this.fakeHandlerCallback), this.fakeHandler = null, this.fakeHandlerCallback = null), this.fakeElem && (this.container.removeChild(this.fakeElem), this.fakeElem = null) - } - }, { - key: "selectTarget", - value: function() { - this.selectedText = (0, s.default)(this.target), this.copyText() - } - }, { - key: "copyText", - value: function() { - var t = void 0; - try { - t = document.execCommand(this.action) - } catch (e) { - t = !1 - } - this.handleResult(t) - } - }, { - key: "handleResult", - value: function(e) { - this.emitter.emit(e ? "success" : "error", { - action: this.action, - text: this.selectedText, - trigger: this.trigger, - clearSelection: this.clearSelection.bind(this) - }) - } - }, { - key: "clearSelection", - value: function() { - this.trigger && this.trigger.focus(), window.getSelection().removeAllRanges() - } - }, { - key: "destroy", - value: function() { - this.removeFake() - } - }, { - key: "action", - set: function() { - var e = 0 < arguments.length && void 0 !== arguments[0] ? arguments[0] : "copy"; - if (this._action = e, "copy" !== this._action && "cut" !== this._action) throw new Error('Invalid "action" value, use either "copy" or "cut"') - }, - get: function() { - return this._action - } - }, { - key: "target", - set: function(e) { - if (void 0 !== e) { - if (!e || "object" !== (void 0 === e ? "undefined" : i(e)) || 1 !== e.nodeType) throw new Error('Invalid "target" value, use a valid Element'); - if ("copy" === this.action && e.hasAttribute("disabled")) throw new Error('Invalid "target" attribute. Please use "readonly" instead of "disabled" attribute'); - if ("cut" === this.action && (e.hasAttribute("readonly") || e.hasAttribute("disabled"))) throw new Error('Invalid "target" attribute. You can\'t cut text from elements with "readonly" or "disabled" attributes'); - this._target = e - } - }, - get: function() { - return this._target - } - }]), t - }(); - e.exports = c - }, function(e, t) { - e.exports = function(e) { - var t; - if ("SELECT" === e.nodeName) e.focus(), t = e.value; - else if ("INPUT" === e.nodeName || "TEXTAREA" === e.nodeName) { - var n = e.hasAttribute("readonly"); - n || e.setAttribute("readonly", ""), e.select(), e.setSelectionRange(0, e.value.length), n || e.removeAttribute("readonly"), t = e.value - } else { - e.hasAttribute("contenteditable") && e.focus(); - var r = window.getSelection(), - i = document.createRange(); - i.selectNodeContents(e), r.removeAllRanges(), r.addRange(i), t = r.toString() - } - return t - } - }, function(e, t) { - function n() {} - n.prototype = { - on: function(e, t, n) { - var r = this.e || (this.e = {}); - return (r[e] || (r[e] = [])).push({ - fn: t, - ctx: n - }), this - }, - once: function(e, t, n) { - var r = this; - - function i() { - r.off(e, i), t.apply(n, arguments) - } - return i._ = t, this.on(e, i, n) - }, - emit: function(e) { - for (var t = [].slice.call(arguments, 1), n = ((this.e || (this.e = {}))[e] || []).slice(), r = 0, i = n.length; r < i; r++) n[r].fn.apply(n[r].ctx, t); - return this - }, - off: function(e, t) { - var n = this.e || (this.e = {}), - r = n[e], - i = []; - if (r && t) - for (var o = 0, a = r.length; o < a; o++) r[o].fn !== t && r[o].fn._ !== t && i.push(r[o]); - return i.length ? n[e] = i : delete n[e], this - } - }, e.exports = n - }, function(e, t, n) { - var d = n(5), - h = n(6); - e.exports = function(e, t, n) { - if (!e && !t && !n) throw new Error("Missing required arguments"); - if (!d.string(t)) throw new TypeError("Second argument must be a String"); - if (!d.fn(n)) throw new TypeError("Third argument must be a Function"); - if (d.node(e)) return u = t, f = n, (l = e).addEventListener(u, f), { - destroy: function() { - l.removeEventListener(u, f) - } - }; - if (d.nodeList(e)) return a = e, s = t, c = n, Array.prototype.forEach.call(a, function(e) { - e.addEventListener(s, c) - }), { - destroy: function() { - Array.prototype.forEach.call(a, function(e) { - e.removeEventListener(s, c) - }) - } - }; - if (d.string(e)) return r = e, i = t, o = n, h(document.body, r, i, o); - throw new TypeError("First argument must be a String, HTMLElement, HTMLCollection, or NodeList"); - var r, i, o, a, s, c, l, u, f - } - }, function(e, n) { - n.node = function(e) { - return void 0 !== e && e instanceof HTMLElement && 1 === e.nodeType - }, n.nodeList = function(e) { - var t = Object.prototype.toString.call(e); - return void 0 !== e && ("[object NodeList]" === t || "[object HTMLCollection]" === t) && "length" in e && (0 === e.length || n.node(e[0])) - }, n.string = function(e) { - return "string" == typeof e || e instanceof String - }, n.fn = function(e) { - return "[object Function]" === Object.prototype.toString.call(e) - } - }, function(e, t, n) { - var a = n(7); - - function o(e, t, n, r, i) { - var o = function(t, n, e, r) { - return function(e) { - e.delegateTarget = a(e.target, n), e.delegateTarget && r.call(t, e) - } - }.apply(this, arguments); - return e.addEventListener(n, o, i), { - destroy: function() { - e.removeEventListener(n, o, i) - } - } - } - e.exports = function(e, t, n, r, i) { - return "function" == typeof e.addEventListener ? o.apply(null, arguments) : "function" == typeof n ? o.bind(null, document).apply(null, arguments) : ("string" == typeof e && (e = document.querySelectorAll(e)), Array.prototype.map.call(e, function(e) { - return o(e, t, n, r, i) - })) - } - }, function(e, t) { - if ("undefined" != typeof Element && !Element.prototype.matches) { - var n = Element.prototype; - n.matches = n.matchesSelector || n.mozMatchesSelector || n.msMatchesSelector || n.oMatchesSelector || n.webkitMatchesSelector - } - e.exports = function(e, t) { - for (; e && 9 !== e.nodeType;) { - if ("function" == typeof e.matches && e.matches(t)) return e; - e = e.parentNode - } - } - }]) - }, e.exports = r() -}, function(r, i, o) { - var a, s; - ! function(e) { - if (void 0 === (s = "function" == typeof(a = e) ? a.call(i, o, i, r) : a) || (r.exports = s), !0, r.exports = e(), !!0) { - var t = window.Cookies, - n = window.Cookies = e(); - n.noConflict = function() { - return window.Cookies = t, n - } - } - }(function() { - function m() { - for (var e = 0, t = {}; e < arguments.length; e++) { - var n = arguments[e]; - for (var r in n) t[r] = n[r] - } - return t - } - return function e(h) { - function p(e, t, n) { - var r; - if ("undefined" != typeof document) { - if (1 < arguments.length) { - if ("number" == typeof(n = m({ - path: "/" - }, p.defaults, n)).expires) { - var i = new Date; - i.setMilliseconds(i.getMilliseconds() + 864e5 * n.expires), n.expires = i - } - n.expires = n.expires ? n.expires.toUTCString() : ""; - try { - r = JSON.stringify(t), /^[\{\[]/.test(r) && (t = r) - } catch (e) {} - t = h.write ? h.write(t, e) : encodeURIComponent(String(t)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent), e = (e = (e = encodeURIComponent(String(e))).replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent)).replace(/[\(\)]/g, escape); - var o = ""; - for (var a in n) n[a] && (o += "; " + a, !0 !== n[a] && (o += "=" + n[a])); - return document.cookie = e + "=" + t + o - } - e || (r = {}); - for (var s = document.cookie ? document.cookie.split("; ") : [], c = /(%[0-9A-Z]{2})+/g, l = 0; l < s.length; l++) { - var u = s[l].split("="), - f = u.slice(1).join("="); - this.json || '"' !== f.charAt(0) || (f = f.slice(1, -1)); - try { - var d = u[0].replace(c, decodeURIComponent); - if (f = h.read ? h.read(f, d) : h(f, d) || f.replace(c, decodeURIComponent), this.json) try { - f = JSON.parse(f) - } catch (e) {} - if (e === d) { - r = f; - break - } - e || (r[d] = f) - } catch (e) {} - } - return r - } - } - return (p.set = p).get = function(e) { - return p.call(p, e) - }, p.getJSON = function() { - return p.apply({ - json: !0 - }, [].slice.call(arguments)) - }, p.defaults = {}, p.remove = function(e, t) { - p(e, "", m(t, { - expires: -1 - })) - }, p.withConverter = e, p - }(function() {}) - }) -}, function(e, t, n) { - "use strict"; - n.r(t); - var r = "function" == typeof fetch ? fetch.bind() : function(i, o) { - return o = o || {}, new Promise(function(e, t) { - var n = new XMLHttpRequest; - for (var r in n.open(o.method || "get", i, !0), o.headers) n.setRequestHeader(r, o.headers[r]); - - function s() { - var r, i = [], - o = [], - a = {}; - return n.getAllResponseHeaders().replace(/^(.*?):[^\S\n]*([\s\S]*?)$/gm, function(e, t, n) { - i.push(t = t.toLowerCase()), o.push([t, n]), r = a[t], a[t] = r ? r + "," + n : n - }), { - ok: 2 == (n.status / 100 | 0), - status: n.status, - statusText: n.statusText, - url: n.responseURL, - clone: s, - text: function() { - return Promise.resolve(n.responseText) - }, - json: function() { - return Promise.resolve(n.responseText).then(JSON.parse) - }, - blob: function() { - return Promise.resolve(new Blob([n.response])) - }, - headers: { - keys: function() { - return i - }, - entries: function() { - return o - }, - get: function(e) { - return a[e.toLowerCase()] - }, - has: function(e) { - return e.toLowerCase() in a - } - } - } - } - n.withCredentials = "include" == o.credentials, n.onload = function() { - e(s()) - }, n.onerror = t, n.send(o.body || null) - }) - }; - t.default = r -}, function(e, t, n) { - "use strict"; - t.a = function(t) { - var n = this.constructor; - return this.then(function(e) { - return n.resolve(t()).then(function() { - return e - }) - }, function(e) { - return n.resolve(t()).then(function() { - return n.reject(e) - }) - }) - } -}, function(e, n, r) { - "use strict"; - (function(f) { - r.d(n, "a", function() { - return t - }); - var e = r(1), - d = r.n(e), - h = function(e) { - var t = document.getElementsByName("lang:" + e)[0]; - if (!(t instanceof HTMLMetaElement)) throw new ReferenceError; - return t.content - }, - t = function() { - function e(e, t) { - var n = "string" == typeof e ? document.querySelector(e) : e; - if (!(n instanceof HTMLElement)) throw new ReferenceError; - this.el_ = n; - var r = Array.prototype.slice.call(this.el_.children), - i = r[0], - o = r[1]; - this.data_ = t, this.meta_ = i, this.list_ = o, this.message_ = { - placeholder: this.meta_.textContent, - none: h("search.result.none"), - one: h("search.result.one"), - other: h("search.result.other") - }; - var a = h("search.tokenizer"); - a.length && (d.a.tokenizer.separator = a), this.lang_ = h("search.language").split(",").filter(Boolean).map(function(e) { - return e.trim() - }) - } - return e.prototype.update = function(e) { - var t, a = this; - if ("focus" !== e.type || this.index_) { - if ("focus" === e.type || "keyup" === e.type) { - var n = e.target; - if (!(n instanceof HTMLInputElement)) throw new ReferenceError; - if (!this.index_ || n.value === this.value_) return; - for (; this.list_.firstChild;) this.list_.removeChild(this.list_.firstChild); - if (this.value_ = n.value, 0 === this.value_.length) return void(this.meta_.textContent = this.message_.placeholder); - var r = this.index_.query(function(t) { - a.value_.toLowerCase().split(" ").filter(Boolean).forEach(function(e) { - t.term(e, { - wildcard: d.a.Query.wildcard.TRAILING - }) - }) - }).reduce(function(e, t) { - var n = a.docs_.get(t.ref); - if (n.parent) { - var r = n.parent.location; - e.set(r, (e.get(r) || []).concat(t)) - } else { - var i = n.location; - e.set(i, e.get(i) || []) - } - return e - }, new Map), - i = (t = this.value_.trim(), t.replace(/[|\\{}()[\]^$+*?.-]/g, "\\$&")).replace(new RegExp(d.a.tokenizer.separator, "img"), "|"), - s = new RegExp("(^|" + d.a.tokenizer.separator + ")(" + i + ")", "img"), - c = function(e, t, n) { - return t + "" + n + "" - }; - this.stack_ = [], r.forEach(function(e, t) { - var n, r = a.docs_.get(t), - i = f.createElement("li", { - class: "md-search-result__item" - }, f.createElement("a", { - href: r.location, - title: r.title, - class: "md-search-result__link", - tabindex: "-1" - }, f.createElement("article", { - class: "md-search-result__article md-search-result__article--document" - }, f.createElement("h1", { - class: "md-search-result__title" - }, { - __html: r.title.replace(s, c) - }), r.text.length ? f.createElement("p", { - class: "md-search-result__teaser" - }, { - __html: r.text.replace(s, c) - }) : {}))), - o = e.map(function(t) { - return function() { - var e = a.docs_.get(t.ref); - i.appendChild(f.createElement("a", { - href: e.location, - title: e.title, - class: "md-search-result__link", - "data-md-rel": "anchor", - tabindex: "-1" - }, f.createElement("article", { - class: "md-search-result__article" - }, f.createElement("h1", { - class: "md-search-result__title" - }, { - __html: e.title.replace(s, c) - }), e.text.length ? f.createElement("p", { - class: "md-search-result__teaser" - }, { - __html: function(e, t) { - var n = t; - if (e.length > n) { - for (; - " " !== e[n] && 0 < --n;); - return e.substring(0, n) + "..." - } - return e - }(e.text.replace(s, c), 400) - }) : {}))) - } - }); - (n = a.stack_).push.apply(n, [function() { - return a.list_.appendChild(i) - }].concat(o)) - }); - var o = this.el_.parentNode; - if (!(o instanceof HTMLElement)) throw new ReferenceError; - for (; this.stack_.length && o.offsetHeight >= o.scrollHeight - 16;) this.stack_.shift()(); - var l = this.list_.querySelectorAll("[data-md-rel=anchor]"); - switch (Array.prototype.forEach.call(l, function(r) { - ["click", "keydown"].forEach(function(n) { - r.addEventListener(n, function(e) { - if ("keydown" !== n || 13 === e.keyCode) { - var t = document.querySelector("[data-md-toggle=search]"); - if (!(t instanceof HTMLInputElement)) throw new ReferenceError; - t.checked && (t.checked = !1, t.dispatchEvent(new CustomEvent("change"))), e.preventDefault(), setTimeout(function() { - document.location.href = r.href - }, 100) - } - }) - }) - }), r.size) { - case 0: - this.meta_.textContent = this.message_.none; - break; - case 1: - this.meta_.textContent = this.message_.one; - break; - default: - this.meta_.textContent = this.message_.other.replace("#", r.size) - } - } - } else { - var u = function(e) { - a.docs_ = e.reduce(function(e, t) { - var n, r, i, o = t.location.split("#"), - a = o[0], - s = o[1]; - return t.text = (n = t.text, r = document.createTextNode(n), (i = document.createElement("p")).appendChild(r), i.innerHTML), s && (t.parent = e.get(a), t.parent && !t.parent.done && (t.parent.title = t.title, t.parent.text = t.text, t.parent.done = !0)), t.text = t.text.replace(/\n/g, " ").replace(/\s+/g, " ").replace(/\s+([,.:;!?])/g, function(e, t) { - return t - }), t.parent && t.parent.title === t.title || e.set(t.location, t), e - }, new Map); - var i = a.docs_, - o = a.lang_; - a.stack_ = [], a.index_ = d()(function() { - var e, t = this, - n = { - "search.pipeline.trimmer": d.a.trimmer, - "search.pipeline.stopwords": d.a.stopWordFilter - }, - r = Object.keys(n).reduce(function(e, t) { - return h(t).match(/^false$/i) || e.push(n[t]), e - }, []); - this.pipeline.reset(), r && (e = this.pipeline).add.apply(e, r), 1 === o.length && "en" !== o[0] && d.a[o[0]] ? this.use(d.a[o[0]]) : 1 < o.length && this.use(d.a.multiLanguage.apply(d.a, o)), this.field("title", { - boost: 10 - }), this.field("text"), this.ref("location"), i.forEach(function(e) { - return t.add(e) - }) - }); - var t = a.el_.parentNode; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - t.addEventListener("scroll", function() { - for (; a.stack_.length && t.scrollTop + t.offsetHeight >= t.scrollHeight - 16;) a.stack_.splice(0, 10).forEach(function(e) { - return e() - }) - }) - }; - setTimeout(function() { - return "function" == typeof a.data_ ? a.data_().then(u) : u(a.data_) - }, 250) - } - }, e - }() - }).call(this, r(3)) -}, function(e, n, r) { - "use strict"; - (function(t) { - r.d(n, "a", function() { - return e - }); - var e = function() { - function e(e) { - var t = "string" == typeof e ? document.querySelector(e) : e; - if (!(t instanceof HTMLElement)) throw new ReferenceError; - this.el_ = t - } - return e.prototype.initialize = function(e) { - e.length && this.el_.children.length && this.el_.children[this.el_.children.length - 1].appendChild(t.createElement("ul", { - class: "md-source__facts" - }, e.map(function(e) { - return t.createElement("li", { - class: "md-source__fact" - }, e) - }))), this.el_.dataset.mdState = "done" - }, e - }() - }).call(this, r(3)) -}, , , function(e, n, c) { - "use strict"; - c.r(n), - function(o) { - c.d(n, "app", function() { - return t - }); - c(14), c(15), c(16), c(17), c(18), c(19), c(20); - var r = c(2), - e = c(5), - a = c.n(e), - i = c(0); - window.Promise = window.Promise || r.a; - var s = function(e) { - var t = document.getElementsByName("lang:" + e)[0]; - if (!(t instanceof HTMLMetaElement)) throw new ReferenceError; - return t.content - }; - var t = { - initialize: function(t) { - new i.a.Event.Listener(document, "DOMContentLoaded", function() { - if (!(document.body instanceof HTMLElement)) throw new ReferenceError; - Modernizr.addTest("ios", function() { - return !!navigator.userAgent.match(/(iPad|iPhone|iPod)/g) - }); - var e = document.querySelectorAll("table:not([class])"); - if (Array.prototype.forEach.call(e, function(e) { - var t = o.createElement("div", { - class: "md-typeset__scrollwrap" - }, o.createElement("div", { - class: "md-typeset__table" - })); - e.nextSibling ? e.parentNode.insertBefore(t, e.nextSibling) : e.parentNode.appendChild(t), t.children[0].appendChild(e) - }), a.a.isSupported()) { - var t = document.querySelectorAll(".codehilite > pre, pre > code"); - Array.prototype.forEach.call(t, function(e, t) { - var n = "__code_" + t, - r = o.createElement("button", { - class: "md-clipboard", - title: s("clipboard.copy"), - "data-clipboard-target": "#" + n + " pre, #" + n + " code" - }, o.createElement("span", { - class: "md-clipboard__message" - })), - i = e.parentNode; - i.id = n, i.insertBefore(r, e) - }), new a.a(".md-clipboard").on("success", function(e) { - var t = e.trigger.querySelector(".md-clipboard__message"); - if (!(t instanceof HTMLElement)) throw new ReferenceError; - e.clearSelection(), t.dataset.mdTimer && clearTimeout(parseInt(t.dataset.mdTimer, 10)), t.classList.add("md-clipboard__message--active"), t.innerHTML = s("clipboard.copied"), t.dataset.mdTimer = setTimeout(function() { - t.classList.remove("md-clipboard__message--active"), t.dataset.mdTimer = "" - }, 2e3).toString() - }) - } - if (!Modernizr.details) { - var n = document.querySelectorAll("details > summary"); - Array.prototype.forEach.call(n, function(e) { - e.addEventListener("click", function(e) { - var t = e.target.parentNode; - t.hasAttribute("open") ? t.removeAttribute("open") : t.setAttribute("open", "") - }) - }) - } - var r = function() { - if (document.location.hash) { - var e = document.getElementById(document.location.hash.substring(1)); - if (!e) return; - for (var t = e.parentNode; t && !(t instanceof HTMLDetailsElement);) t = t.parentNode; - if (t && !t.open) { - t.open = !0; - var n = location.hash; - location.hash = " ", location.hash = n - } - } - }; - if (window.addEventListener("hashchange", r), r(), Modernizr.ios) { - var i = document.querySelectorAll("[data-md-scrollfix]"); - Array.prototype.forEach.call(i, function(t) { - t.addEventListener("touchstart", function() { - var e = t.scrollTop; - 0 === e ? t.scrollTop = 1 : e + t.offsetHeight === t.scrollHeight && (t.scrollTop = e - 1) - }) - }) - } - }).listen(), new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Header.Shadow("[data-md-component=container]", "[data-md-component=header]")).listen(), new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Header.Title("[data-md-component=title]", ".md-typeset h1")).listen(), document.querySelector("[data-md-component=hero]") && new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Tabs.Toggle("[data-md-component=hero]")).listen(), document.querySelector("[data-md-component=tabs]") && new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Tabs.Toggle("[data-md-component=tabs]")).listen(), new i.a.Event.MatchMedia("(min-width: 1220px)", new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Sidebar.Position("[data-md-component=navigation]", "[data-md-component=header]"))), document.querySelector("[data-md-component=toc]") && new i.a.Event.MatchMedia("(min-width: 960px)", new i.a.Event.Listener(window, ["scroll", "resize", "orientationchange"], new i.a.Sidebar.Position("[data-md-component=toc]", "[data-md-component=header]"))), new i.a.Event.MatchMedia("(min-width: 960px)", new i.a.Event.Listener(window, "scroll", new i.a.Nav.Blur("[data-md-component=toc] .md-nav__link"))); - var e = document.querySelectorAll("[data-md-component=collapsible]"); - Array.prototype.forEach.call(e, function(e) { - new i.a.Event.MatchMedia("(min-width: 1220px)", new i.a.Event.Listener(e.previousElementSibling, "click", new i.a.Nav.Collapse(e))) - }), new i.a.Event.MatchMedia("(max-width: 1219px)", new i.a.Event.Listener("[data-md-component=navigation] [data-md-toggle]", "change", new i.a.Nav.Scrolling("[data-md-component=navigation] nav"))), document.querySelector("[data-md-component=search]") && (new i.a.Event.MatchMedia("(max-width: 959px)", new i.a.Event.Listener("[data-md-toggle=search]", "change", new i.a.Search.Lock("[data-md-toggle=search]")))), - new i.a.Event.Listener(document.body, "keydown", function(e) { - if (9 === e.keyCode) { - var t = document.querySelectorAll("[data-md-component=navigation] .md-nav__link[for]:not([tabindex])"); - Array.prototype.forEach.call(t, function(e) { - e.offsetHeight && (e.tabIndex = 0) - }) - } - }).listen(), new i.a.Event.Listener(document.body, "mousedown", function() { - var e = document.querySelectorAll("[data-md-component=navigation] .md-nav__link[tabindex]"); - Array.prototype.forEach.call(e, function(e) { - e.removeAttribute("tabIndex") - }) - }).listen(), document.body.addEventListener("click", function() { - "tabbing" === document.body.dataset.mdState && (document.body.dataset.mdState = "") - }), new i.a.Event.MatchMedia("(max-width: 959px)", new i.a.Event.Listener("[data-md-component=navigation] [href^='#']", "click", function() { - var e = document.querySelector("[data-md-toggle=drawer]"); - if (!(e instanceof HTMLInputElement)) throw new ReferenceError; - e.checked && (e.checked = !1, e.dispatchEvent(new CustomEvent("change"))) - })), - function() { - var e = document.querySelector("[data-md-source]"); - if (!e) return r.a.resolve([]); - if (!(e instanceof HTMLAnchorElement)) throw new ReferenceError; - switch (e.dataset.mdSource) { - case "github": - return new i.a.Source.Adapter.GitHub(e).fetch(); - default: - return r.a.resolve([]) - } - }().then(function(t) { - var e = document.querySelectorAll("[data-md-source]"); - Array.prototype.forEach.call(e, function(e) { - new i.a.Source.Repository(e).initialize(t) - }) - }); - var n = function() { - var e = document.querySelectorAll("details"); - Array.prototype.forEach.call(e, function(e) { - e.setAttribute("open", "") - }) - }; - new i.a.Event.MatchMedia("print", { - listen: n, - unlisten: function() {} - }), window.onbeforeprint = n - } - } - }.call(this, c(3)) -}, function(e, t, n) { - e.exports = n.p + "assets/images/icons/bitbucket.1b09e088.svg" -}, function(e, t, n) { - e.exports = n.p + "assets/images/icons/github.f0b8504a.svg" -}, function(e, t, n) { - e.exports = n.p + "assets/images/icons/gitlab.6dd19c00.svg" -}, function(e, t) { - e.exports = "/Users/squidfunk/Desktop/General/Sources/mkdocs-material/material/application.4031d38b.css" -}, function(e, t) { - e.exports = "/Users/squidfunk/Desktop/General/Sources/mkdocs-material/material/application-palette.224b79ff.css" -}, function(e, t) { - ! function() { - if ("undefined" != typeof window) try { - var e = new window.CustomEvent("test", { - cancelable: !0 - }); - if (e.preventDefault(), !0 !== e.defaultPrevented) throw new Error("Could not prevent default") - } catch (e) { - var t = function(e, t) { - var n, r; - return (t = t || {}).bubbles = !!t.bubbles, t.cancelable = !!t.cancelable, (n = document.createEvent("CustomEvent")).initCustomEvent(e, t.bubbles, t.cancelable, t.detail), r = n.preventDefault, n.preventDefault = function() { - r.call(this); - try { - Object.defineProperty(this, "defaultPrevented", { - get: function() { - return !0 - } - }) - } catch (e) { - this.defaultPrevented = !0 - } - }, n - }; - t.prototype = window.Event.prototype, window.CustomEvent = t - } - }() -}, function(e, t, n) { - window.fetch || (window.fetch = n(7).default || n(7)) -}, function(e, i, o) { - (function(e) { - var t = void 0 !== e && e || "undefined" != typeof self && self || window, - n = Function.prototype.apply; - - function r(e, t) { - this._id = e, this._clearFn = t - } - i.setTimeout = function() { - return new r(n.call(setTimeout, t, arguments), clearTimeout) - }, i.setInterval = function() { - return new r(n.call(setInterval, t, arguments), clearInterval) - }, i.clearTimeout = i.clearInterval = function(e) { - e && e.close() - }, r.prototype.unref = r.prototype.ref = function() {}, r.prototype.close = function() { - this._clearFn.call(t, this._id) - }, i.enroll = function(e, t) { - clearTimeout(e._idleTimeoutId), e._idleTimeout = t - }, i.unenroll = function(e) { - clearTimeout(e._idleTimeoutId), e._idleTimeout = -1 - }, i._unrefActive = i.active = function(e) { - clearTimeout(e._idleTimeoutId); - var t = e._idleTimeout; - 0 <= t && (e._idleTimeoutId = setTimeout(function() { - e._onTimeout && e._onTimeout() - }, t)) - }, o(22), i.setImmediate = "undefined" != typeof self && self.setImmediate || void 0 !== e && e.setImmediate || this && this.setImmediate, i.clearImmediate = "undefined" != typeof self && self.clearImmediate || void 0 !== e && e.clearImmediate || this && this.clearImmediate - }).call(this, o(4)) -}, function(e, t, n) { - (function(e, p) { - ! function(n, r) { - "use strict"; - if (!n.setImmediate) { - var i, o, t, a, e, s = 1, - c = {}, - l = !1, - u = n.document, - f = Object.getPrototypeOf && Object.getPrototypeOf(n); - f = f && f.setTimeout ? f : n, i = "[object process]" === {}.toString.call(n.process) ? function(e) { - p.nextTick(function() { - h(e) - }) - } : function() { - if (n.postMessage && !n.importScripts) { - var e = !0, - t = n.onmessage; - return n.onmessage = function() { - e = !1 - }, n.postMessage("", "*"), n.onmessage = t, e - } - }() ? (a = "setImmediate$" + Math.random() + "$", e = function(e) { - e.source === n && "string" == typeof e.data && 0 === e.data.indexOf(a) && h(+e.data.slice(a.length)) - }, n.addEventListener ? n.addEventListener("message", e, !1) : n.attachEvent("onmessage", e), function(e) { - n.postMessage(a + e, "*") - }) : n.MessageChannel ? ((t = new MessageChannel).port1.onmessage = function(e) { - h(e.data) - }, function(e) { - t.port2.postMessage(e) - }) : u && "onreadystatechange" in u.createElement("script") ? (o = u.documentElement, function(e) { - var t = u.createElement("script"); - t.onreadystatechange = function() { - h(e), t.onreadystatechange = null, o.removeChild(t), t = null - }, o.appendChild(t) - }) : function(e) { - setTimeout(h, 0, e) - }, f.setImmediate = function(e) { - "function" != typeof e && (e = new Function("" + e)); - for (var t = new Array(arguments.length - 1), n = 0; n < t.length; n++) t[n] = arguments[n + 1]; - var r = { - callback: e, - args: t - }; - return c[s] = r, i(s), s++ - }, f.clearImmediate = d - } - - function d(e) { - delete c[e] - } - - function h(e) { - if (l) setTimeout(h, 0, e); - else { - var t = c[e]; - if (t) { - l = !0; - try { - ! function(e) { - var t = e.callback, - n = e.args; - switch (n.length) { - case 0: - t(); - break; - case 1: - t(n[0]); - break; - case 2: - t(n[0], n[1]); - break; - case 3: - t(n[0], n[1], n[2]); - break; - default: - t.apply(r, n) - } - }(t) - } finally { - d(e), l = !1 - } - } - } - } - }("undefined" == typeof self ? void 0 === e ? this : e : self) - }).call(this, n(4), n(23)) -}, function(e, t) { - var n, r, i = e.exports = {}; - - function o() { - throw new Error("setTimeout has not been defined") - } - - function a() { - throw new Error("clearTimeout has not been defined") - } - - function s(t) { - if (n === setTimeout) return setTimeout(t, 0); - if ((n === o || !n) && setTimeout) return n = setTimeout, setTimeout(t, 0); - try { - return n(t, 0) - } catch (e) { - try { - return n.call(null, t, 0) - } catch (e) { - return n.call(this, t, 0) - } - } - }! function() { - try { - n = "function" == typeof setTimeout ? setTimeout : o - } catch (e) { - n = o - } - try { - r = "function" == typeof clearTimeout ? clearTimeout : a - } catch (e) { - r = a - } - }(); - var c, l = [], - u = !1, - f = -1; - - function d() { - u && c && (u = !1, c.length ? l = c.concat(l) : f = -1, l.length && h()) - } - - function h() { - if (!u) { - var e = s(d); - u = !0; - for (var t = l.length; t;) { - for (c = l, l = []; ++f < t;) c && c[f].run(); - f = -1, t = l.length - } - c = null, u = !1, - function(t) { - if (r === clearTimeout) return clearTimeout(t); - if ((r === a || !r) && clearTimeout) return r = clearTimeout, clearTimeout(t); - try { - r(t) - } catch (e) { - try { - return r.call(null, t) - } catch (e) { - return r.call(this, t) - } - } - }(e) - } - } - - function p(e, t) { - this.fun = e, this.array = t - } - - function m() {} - i.nextTick = function(e) { - var t = new Array(arguments.length - 1); - if (1 < arguments.length) - for (var n = 1; n < arguments.length; n++) t[n - 1] = arguments[n]; - l.push(new p(e, t)), 1 !== l.length || u || s(h) - }, p.prototype.run = function() { - this.fun.apply(null, this.array) - }, i.title = "browser", i.browser = !0, i.env = {}, i.argv = [], i.version = "", i.versions = {}, i.on = m, i.addListener = m, i.once = m, i.off = m, i.removeListener = m, i.removeAllListeners = m, i.emit = m, i.prependListener = m, i.prependOnceListener = m, i.listeners = function(e) { - return [] - }, i.binding = function(e) { - throw new Error("process.binding is not supported") - }, i.cwd = function() { - return "/" - }, i.chdir = function(e) { - throw new Error("process.chdir is not supported") - }, i.umask = function() { - return 0 - } -}, function(i, o, a) { - var s, c; - /** - * lunr - http://lunrjs.com - A bit like Solr, but much smaller and not as bright - 2.3.6 - * Copyright (C) 2019 Oliver Nightingale - * @license MIT - */ - ! function() { - var t, l, u, e, n, f, d, h, p, m, y, v, g, w, _, E, x, b, k, S, T, L, R, O, C, r, D = function(e) { - var t = new D.Builder; - return t.pipeline.add(D.trimmer, D.stopWordFilter, D.stemmer), t.searchPipeline.add(D.stemmer), e.call(t, t), t.build() - }; - D.version = "2.3.6", D.utils = {}, D.utils.warn = (t = this, function(e) { - t.console && console.warn && console.warn(e) - }), D.utils.asString = function(e) { - return null == e ? "" : e.toString() - }, D.utils.clone = function(e) { - if (null == e) return e; - for (var t = Object.create(null), n = Object.keys(e), r = 0; r < n.length; r++) { - var i = n[r], - o = e[i]; - if (Array.isArray(o)) t[i] = o.slice(); - else { - if ("string" != typeof o && "number" != typeof o && "boolean" != typeof o) throw new TypeError("clone is not deep and does not support nested objects"); - t[i] = o - } - } - return t - }, D.FieldRef = function(e, t, n) { - this.docRef = e, this.fieldName = t, this._stringValue = n - }, D.FieldRef.joiner = "/", D.FieldRef.fromString = function(e) { - var t = e.indexOf(D.FieldRef.joiner); - if (-1 === t) throw "malformed field ref string"; - var n = e.slice(0, t), - r = e.slice(t + 1); - return new D.FieldRef(r, n, e) - }, D.FieldRef.prototype.toString = function() { - return null == this._stringValue && (this._stringValue = this.fieldName + D.FieldRef.joiner + this.docRef), this._stringValue - }, D.Set = function(e) { - if (this.elements = Object.create(null), e) { - this.length = e.length; - for (var t = 0; t < this.length; t++) this.elements[e[t]] = !0 - } else this.length = 0 - }, D.Set.complete = { - intersect: function(e) { - return e - }, - union: function(e) { - return e - }, - contains: function() { - return !0 - } - }, D.Set.empty = { - intersect: function() { - return this - }, - union: function(e) { - return e - }, - contains: function() { - return !1 - } - }, D.Set.prototype.contains = function(e) { - return !!this.elements[e] - }, D.Set.prototype.intersect = function(e) { - var t, n, r, i = []; - if (e === D.Set.complete) return this; - if (e === D.Set.empty) return e; - n = this.length < e.length ? (t = this, e) : (t = e, this), r = Object.keys(t.elements); - for (var o = 0; o < r.length; o++) { - var a = r[o]; - a in n.elements && i.push(a) - } - return new D.Set(i) - }, D.Set.prototype.union = function(e) { - return e === D.Set.complete ? D.Set.complete : e === D.Set.empty ? this : new D.Set(Object.keys(this.elements).concat(Object.keys(e.elements))) - }, D.idf = function(e, t) { - var n = 0; - for (var r in e) "_index" != r && (n += Object.keys(e[r]).length); - var i = (t - n + .5) / (n + .5); - return Math.log(1 + Math.abs(i)) - }, D.Token = function(e, t) { - this.str = e || "", this.metadata = t || {} - }, D.Token.prototype.toString = function() { - return this.str - }, D.Token.prototype.update = function(e) { - return this.str = e(this.str, this.metadata), this - }, D.Token.prototype.clone = function(e) { - return e = e || function(e) { - return e - }, new D.Token(e(this.str, this.metadata), this.metadata) - }, D.tokenizer = function(e, t) { - if (null == e || null == e) return []; - if (Array.isArray(e)) return e.map(function(e) { - return new D.Token(D.utils.asString(e).toLowerCase(), D.utils.clone(t)) - }); - for (var n = e.toString().trim().toLowerCase(), r = n.length, i = [], o = 0, a = 0; o <= r; o++) { - var s = o - a; - if (n.charAt(o).match(D.tokenizer.separator) || o == r) { - if (0 < s) { - var c = D.utils.clone(t) || {}; - c.position = [a, s], c.index = i.length, i.push(new D.Token(n.slice(a, o), c)) - } - a = o + 1 - } - } - return i - }, D.tokenizer.separator = /[\s\-]+/, D.Pipeline = function() { - this._stack = [] - }, D.Pipeline.registeredFunctions = Object.create(null), D.Pipeline.registerFunction = function(e, t) { - t in this.registeredFunctions && D.utils.warn("Overwriting existing registered function: " + t), e.label = t, D.Pipeline.registeredFunctions[e.label] = e - }, D.Pipeline.warnIfFunctionNotRegistered = function(e) { - e.label && e.label in this.registeredFunctions || D.utils.warn("Function is not registered with pipeline. This may cause problems when serialising the index.\n", e) - }, D.Pipeline.load = function(e) { - var n = new D.Pipeline; - return e.forEach(function(e) { - var t = D.Pipeline.registeredFunctions[e]; - if (!t) throw new Error("Cannot load unregistered function: " + e); - n.add(t) - }), n - }, D.Pipeline.prototype.add = function() { - Array.prototype.slice.call(arguments).forEach(function(e) { - D.Pipeline.warnIfFunctionNotRegistered(e), this._stack.push(e) - }, this) - }, D.Pipeline.prototype.after = function(e, t) { - D.Pipeline.warnIfFunctionNotRegistered(t); - var n = this._stack.indexOf(e); - if (-1 == n) throw new Error("Cannot find existingFn"); - n += 1, this._stack.splice(n, 0, t) - }, D.Pipeline.prototype.before = function(e, t) { - D.Pipeline.warnIfFunctionNotRegistered(t); - var n = this._stack.indexOf(e); - if (-1 == n) throw new Error("Cannot find existingFn"); - this._stack.splice(n, 0, t) - }, D.Pipeline.prototype.remove = function(e) { - var t = this._stack.indexOf(e); - 1 != t && this._stack.splice(t, 1) - }, D.Pipeline.prototype.run = function(e) { - for (var t = this._stack.length, n = 0; n < t; n++) { - for (var r = this._stack[n], i = [], o = 0; o < e.length; o++) { - var a = r(e[o], o, e); - if (void 0 !== a && "" !== a) - if (Array.isArray(a)) - for (var s = 0; s < a.length; s++) i.push(a[s]); - else i.push(a) - } - e = i - } - return e - }, D.Pipeline.prototype.runString = function(e, t) { - var n = new D.Token(e, t); - return this.run([n]).map(function(e) { - return e.toString() - }) - }, D.Pipeline.prototype.reset = function() { - this._stack = [] - }, D.Pipeline.prototype.toJSON = function() { - return this._stack.map(function(e) { - return D.Pipeline.warnIfFunctionNotRegistered(e), e.label - }) - }, D.Vector = function(e) { - this._magnitude = 0, this.elements = e || [] - }, D.Vector.prototype.positionForIndex = function(e) { - if (0 == this.elements.length) return 0; - for (var t = 0, n = this.elements.length / 2, r = n - t, i = Math.floor(r / 2), o = this.elements[2 * i]; 1 < r && (o < e && (t = i), e < o && (n = i), o != e);) r = n - t, i = t + Math.floor(r / 2), o = this.elements[2 * i]; - return o == e ? 2 * i : e < o ? 2 * i : o < e ? 2 * (i + 1) : void 0 - }, D.Vector.prototype.insert = function(e, t) { - this.upsert(e, t, function() { - throw "duplicate index" - }) - }, D.Vector.prototype.upsert = function(e, t, n) { - this._magnitude = 0; - var r = this.positionForIndex(e); - this.elements[r] == e ? this.elements[r + 1] = n(this.elements[r + 1], t) : this.elements.splice(r, 0, e, t) - }, D.Vector.prototype.magnitude = function() { - if (this._magnitude) return this._magnitude; - for (var e = 0, t = this.elements.length, n = 1; n < t; n += 2) { - var r = this.elements[n]; - e += r * r - } - return this._magnitude = Math.sqrt(e) - }, D.Vector.prototype.dot = function(e) { - for (var t = 0, n = this.elements, r = e.elements, i = n.length, o = r.length, a = 0, s = 0, c = 0, l = 0; c < i && l < o;)(a = n[c]) < (s = r[l]) ? c += 2 : s < a ? l += 2 : a == s && (t += n[c + 1] * r[l + 1], c += 2, l += 2); - return t - }, D.Vector.prototype.similarity = function(e) { - return this.dot(e) / this.magnitude() || 0 - }, D.Vector.prototype.toArray = function() { - for (var e = new Array(this.elements.length / 2), t = 1, n = 0; t < this.elements.length; t += 2, n++) e[n] = this.elements[t]; - return e - }, D.Vector.prototype.toJSON = function() { - return this.elements - }, D.stemmer = (l = { - ational: "ate", - tional: "tion", - enci: "ence", - anci: "ance", - izer: "ize", - bli: "ble", - alli: "al", - entli: "ent", - eli: "e", - ousli: "ous", - ization: "ize", - ation: "ate", - ator: "ate", - alism: "al", - iveness: "ive", - fulness: "ful", - ousness: "ous", - aliti: "al", - iviti: "ive", - biliti: "ble", - logi: "log" - }, u = { - icate: "ic", - ative: "", - alize: "al", - iciti: "ic", - ical: "ic", - ful: "", - ness: "" - }, e = "[aeiouy]", n = "[^aeiou][^aeiouy]*", f = new RegExp("^([^aeiou][^aeiouy]*)?[aeiouy][aeiou]*[^aeiou][^aeiouy]*"), d = new RegExp("^([^aeiou][^aeiouy]*)?[aeiouy][aeiou]*[^aeiou][^aeiouy]*[aeiouy][aeiou]*[^aeiou][^aeiouy]*"), h = new RegExp("^([^aeiou][^aeiouy]*)?[aeiouy][aeiou]*[^aeiou][^aeiouy]*([aeiouy][aeiou]*)?$"), p = new RegExp("^([^aeiou][^aeiouy]*)?[aeiouy]"), m = /^(.+?)(ss|i)es$/, y = /^(.+?)([^s])s$/, v = /^(.+?)eed$/, g = /^(.+?)(ed|ing)$/, w = /.$/, _ = /(at|bl|iz)$/, E = new RegExp("([^aeiouylsz])\\1$"), x = new RegExp("^" + n + e + "[^aeiouwxy]$"), b = /^(.+?[^aeiou])y$/, k = /^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/, S = /^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/, T = /^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/, L = /^(.+?)(s|t)(ion)$/, R = /^(.+?)e$/, O = /ll$/, C = new RegExp("^" + n + e + "[^aeiouwxy]$"), r = function(e) { - var t, n, r, i, o, a, s; - if (e.length < 3) return e; - if ("y" == (r = e.substr(0, 1)) && (e = r.toUpperCase() + e.substr(1)), o = y, (i = m).test(e) ? e = e.replace(i, "$1$2") : o.test(e) && (e = e.replace(o, "$1$2")), o = g, (i = v).test(e)) { - var c = i.exec(e); - (i = f).test(c[1]) && (i = w, e = e.replace(i, "")) - } else if (o.test(e)) { - t = (c = o.exec(e))[1], (o = p).test(t) && (a = E, s = x, (o = _).test(e = t) ? e += "e" : a.test(e) ? (i = w, e = e.replace(i, "")) : s.test(e) && (e += "e")) - }(i = b).test(e) && (e = (t = (c = i.exec(e))[1]) + "i"); - (i = k).test(e) && (t = (c = i.exec(e))[1], n = c[2], (i = f).test(t) && (e = t + l[n])); - (i = S).test(e) && (t = (c = i.exec(e))[1], n = c[2], (i = f).test(t) && (e = t + u[n])); - if (o = L, (i = T).test(e)) t = (c = i.exec(e))[1], (i = d).test(t) && (e = t); - else if (o.test(e)) { - t = (c = o.exec(e))[1] + c[2], (o = d).test(t) && (e = t) - }(i = R).test(e) && (t = (c = i.exec(e))[1], o = h, a = C, ((i = d).test(t) || o.test(t) && !a.test(t)) && (e = t)); - return o = d, (i = O).test(e) && o.test(e) && (i = w, e = e.replace(i, "")), "y" == r && (e = r.toLowerCase() + e.substr(1)), e - }, function(e) { - return e.update(r) - }), D.Pipeline.registerFunction(D.stemmer, "stemmer"), D.generateStopWordFilter = function(e) { - var t = e.reduce(function(e, t) { - return e[t] = t, e - }, {}); - return function(e) { - if (e && t[e.toString()] !== e.toString()) return e - } - }, D.stopWordFilter = D.generateStopWordFilter(["a", "able", "about", "across", "after", "all", "almost", "also", "am", "among", "an", "and", "any", "are", "as", "at", "be", "because", "been", "but", "by", "can", "cannot", "could", "dear", "did", "do", "does", "either", "else", "ever", "every", "for", "from", "get", "got", "had", "has", "have", "he", "her", "hers", "him", "his", "how", "however", "i", "if", "in", "into", "is", "it", "its", "just", "least", "let", "like", "likely", "may", "me", "might", "most", "must", "my", "neither", "no", "nor", "not", "of", "off", "often", "on", "only", "or", "other", "our", "own", "rather", "said", "say", "says", "she", "should", "since", "so", "some", "than", "that", "the", "their", "them", "then", "there", "these", "they", "this", "tis", "to", "too", "twas", "us", "wants", "was", "we", "were", "what", "when", "where", "which", "while", "who", "whom", "why", "will", "with", "would", "yet", "you", "your"]), D.Pipeline.registerFunction(D.stopWordFilter, "stopWordFilter"), D.trimmer = function(e) { - return e.update(function(e) { - return e.replace(/^\W+/, "").replace(/\W+$/, "") - }) - }, D.Pipeline.registerFunction(D.trimmer, "trimmer"), D.TokenSet = function() { - this.final = !1, this.edges = {}, this.id = D.TokenSet._nextId, D.TokenSet._nextId += 1 - }, D.TokenSet._nextId = 1, D.TokenSet.fromArray = function(e) { - for (var t = new D.TokenSet.Builder, n = 0, r = e.length; n < r; n++) t.insert(e[n]); - return t.finish(), t.root - }, D.TokenSet.fromClause = function(e) { - return "editDistance" in e ? D.TokenSet.fromFuzzyString(e.term, e.editDistance) : D.TokenSet.fromString(e.term) - }, D.TokenSet.fromFuzzyString = function(e, t) { - for (var n = new D.TokenSet, r = [{ - node: n, - editsRemaining: t, - str: e - }]; r.length;) { - var i = r.pop(); - if (0 < i.str.length) { - var o, a = i.str.charAt(0); - a in i.node.edges ? o = i.node.edges[a] : (o = new D.TokenSet, i.node.edges[a] = o), 1 == i.str.length && (o.final = !0), r.push({ - node: o, - editsRemaining: i.editsRemaining, - str: i.str.slice(1) - }) - } - if (0 != i.editsRemaining) { - if ("*" in i.node.edges) var s = i.node.edges["*"]; - else { - s = new D.TokenSet; - i.node.edges["*"] = s - } - if (0 == i.str.length && (s.final = !0), r.push({ - node: s, - editsRemaining: i.editsRemaining - 1, - str: i.str - }), 1 < i.str.length && r.push({ - node: i.node, - editsRemaining: i.editsRemaining - 1, - str: i.str.slice(1) - }), 1 == i.str.length && (i.node.final = !0), 1 <= i.str.length) { - if ("*" in i.node.edges) var c = i.node.edges["*"]; - else { - c = new D.TokenSet; - i.node.edges["*"] = c - } - 1 == i.str.length && (c.final = !0), r.push({ - node: c, - editsRemaining: i.editsRemaining - 1, - str: i.str.slice(1) - }) - } - if (1 < i.str.length) { - var l, u = i.str.charAt(0), - f = i.str.charAt(1); - f in i.node.edges ? l = i.node.edges[f] : (l = new D.TokenSet, i.node.edges[f] = l), 1 == i.str.length && (l.final = !0), r.push({ - node: l, - editsRemaining: i.editsRemaining - 1, - str: u + i.str.slice(2) - }) - } - } - } - return n - }, D.TokenSet.fromString = function(e) { - for (var t = new D.TokenSet, n = t, r = 0, i = e.length; r < i; r++) { - var o = e[r], - a = r == i - 1; - if ("*" == o)(t.edges[o] = t).final = a; - else { - var s = new D.TokenSet; - s.final = a, t.edges[o] = s, t = s - } - } - return n - }, D.TokenSet.prototype.toArray = function() { - for (var e = [], t = [{ - prefix: "", - node: this - }]; t.length;) { - var n = t.pop(), - r = Object.keys(n.node.edges), - i = r.length; - n.node.final && (n.prefix.charAt(0), e.push(n.prefix)); - for (var o = 0; o < i; o++) { - var a = r[o]; - t.push({ - prefix: n.prefix.concat(a), - node: n.node.edges[a] - }) - } - } - return e - }, D.TokenSet.prototype.toString = function() { - if (this._str) return this._str; - for (var e = this.final ? "1" : "0", t = Object.keys(this.edges).sort(), n = t.length, r = 0; r < n; r++) { - var i = t[r]; - e = e + i + this.edges[i].id - } - return e - }, D.TokenSet.prototype.intersect = function(e) { - for (var t = new D.TokenSet, n = void 0, r = [{ - qNode: e, - output: t, - node: this - }]; r.length;) { - n = r.pop(); - for (var i = Object.keys(n.qNode.edges), o = i.length, a = Object.keys(n.node.edges), s = a.length, c = 0; c < o; c++) - for (var l = i[c], u = 0; u < s; u++) { - var f = a[u]; - if (f == l || "*" == l) { - var d = n.node.edges[f], - h = n.qNode.edges[l], - p = d.final && h.final, - m = void 0; - f in n.output.edges ? (m = n.output.edges[f]).final = m.final || p : ((m = new D.TokenSet).final = p, n.output.edges[f] = m), r.push({ - qNode: h, - output: m, - node: d - }) - } - } - } - return t - }, D.TokenSet.Builder = function() { - this.previousWord = "", this.root = new D.TokenSet, this.uncheckedNodes = [], this.minimizedNodes = {} - }, D.TokenSet.Builder.prototype.insert = function(e) { - var t, n = 0; - if (e < this.previousWord) throw new Error("Out of order word insertion"); - for (var r = 0; r < e.length && r < this.previousWord.length && e[r] == this.previousWord[r]; r++) n++; - this.minimize(n), t = 0 == this.uncheckedNodes.length ? this.root : this.uncheckedNodes[this.uncheckedNodes.length - 1].child; - for (r = n; r < e.length; r++) { - var i = new D.TokenSet, - o = e[r]; - t.edges[o] = i, this.uncheckedNodes.push({ - parent: t, - char: o, - child: i - }), t = i - } - t.final = !0, this.previousWord = e - }, D.TokenSet.Builder.prototype.finish = function() { - this.minimize(0) - }, D.TokenSet.Builder.prototype.minimize = function(e) { - for (var t = this.uncheckedNodes.length - 1; e <= t; t--) { - var n = this.uncheckedNodes[t], - r = n.child.toString(); - r in this.minimizedNodes ? n.parent.edges[n.char] = this.minimizedNodes[r] : (n.child._str = r, this.minimizedNodes[r] = n.child), this.uncheckedNodes.pop() - } - }, D.Index = function(e) { - this.invertedIndex = e.invertedIndex, this.fieldVectors = e.fieldVectors, this.tokenSet = e.tokenSet, this.fields = e.fields, this.pipeline = e.pipeline - }, D.Index.prototype.search = function(t) { - return this.query(function(e) { - new D.QueryParser(t, e).parse() - }) - }, D.Index.prototype.query = function(e) { - for (var t = new D.Query(this.fields), n = Object.create(null), r = Object.create(null), i = Object.create(null), o = Object.create(null), a = Object.create(null), s = 0; s < this.fields.length; s++) r[this.fields[s]] = new D.Vector; - e.call(t, t); - for (s = 0; s < t.clauses.length; s++) { - var c = t.clauses[s], - l = null, - u = D.Set.complete; - l = c.usePipeline ? this.pipeline.runString(c.term, { - fields: c.fields - }) : [c.term]; - for (var f = 0; f < l.length; f++) { - var d = l[f]; - c.term = d; - var h = D.TokenSet.fromClause(c), - p = this.tokenSet.intersect(h).toArray(); - if (0 === p.length && c.presence === D.Query.presence.REQUIRED) { - for (var m = 0; m < c.fields.length; m++) { - o[Q = c.fields[m]] = D.Set.empty - } - break - } - for (var y = 0; y < p.length; y++) { - var v = p[y], - g = this.invertedIndex[v], - w = g._index; - for (m = 0; m < c.fields.length; m++) { - var _ = g[Q = c.fields[m]], - E = Object.keys(_), - x = v + "/" + Q, - b = new D.Set(E); - if (c.presence == D.Query.presence.REQUIRED && (u = u.union(b), void 0 === o[Q] && (o[Q] = D.Set.complete)), c.presence != D.Query.presence.PROHIBITED) { - if (r[Q].upsert(w, c.boost, function(e, t) { - return e + t - }), !i[x]) { - for (var k = 0; k < E.length; k++) { - var S, T = E[k], - L = new D.FieldRef(T, Q), - R = _[T]; - void 0 === (S = n[L]) ? n[L] = new D.MatchData(v, Q, R) : S.add(v, Q, R) - } - i[x] = !0 - } - } else void 0 === a[Q] && (a[Q] = D.Set.empty), a[Q] = a[Q].union(b) - } - } - } - if (c.presence === D.Query.presence.REQUIRED) - for (m = 0; m < c.fields.length; m++) { - o[Q = c.fields[m]] = o[Q].intersect(u) - } - } - var O = D.Set.complete, - C = D.Set.empty; - for (s = 0; s < this.fields.length; s++) { - var Q; - o[Q = this.fields[s]] && (O = O.intersect(o[Q])), a[Q] && (C = C.union(a[Q])) - } - var P = Object.keys(n), - A = [], - I = Object.create(null); - if (t.isNegated()) { - P = Object.keys(this.fieldVectors); - for (s = 0; s < P.length; s++) { - L = P[s]; - var M = D.FieldRef.fromString(L); - n[L] = new D.MatchData - } - } - for (s = 0; s < P.length; s++) { - var N = (M = D.FieldRef.fromString(P[s])).docRef; - if (O.contains(N) && !C.contains(N)) { - var j, F = this.fieldVectors[M], - H = r[M.fieldName].similarity(F); - if (void 0 !== (j = I[N])) j.score += H, j.matchData.combine(n[M]); - else { - var q = { - ref: N, - score: H, - matchData: n[M] - }; - I[N] = q, A.push(q) - } - } - } - return A.sort(function(e, t) { - return t.score - e.score - }) - }, D.Index.prototype.toJSON = function() { - var e = Object.keys(this.invertedIndex).sort().map(function(e) { - return [e, this.invertedIndex[e]] - }, this), - t = Object.keys(this.fieldVectors).map(function(e) { - return [e, this.fieldVectors[e].toJSON()] - }, this); - return { - version: D.version, - fields: this.fields, - fieldVectors: t, - invertedIndex: e, - pipeline: this.pipeline.toJSON() - } - }, D.Index.load = function(e) { - var t = {}, - n = {}, - r = e.fieldVectors, - i = Object.create(null), - o = e.invertedIndex, - a = new D.TokenSet.Builder, - s = D.Pipeline.load(e.pipeline); - e.version != D.version && D.utils.warn("Version mismatch when loading serialised index. Current version of lunr '" + D.version + "' does not match serialized index '" + e.version + "'"); - for (var c = 0; c < r.length; c++) { - var l = (f = r[c])[0], - u = f[1]; - n[l] = new D.Vector(u) - } - for (c = 0; c < o.length; c++) { - var f, d = (f = o[c])[0], - h = f[1]; - a.insert(d), i[d] = h - } - return a.finish(), t.fields = e.fields, t.fieldVectors = n, t.invertedIndex = i, t.tokenSet = a.root, t.pipeline = s, new D.Index(t) - }, D.Builder = function() { - this._ref = "id", this._fields = Object.create(null), this._documents = Object.create(null), this.invertedIndex = Object.create(null), this.fieldTermFrequencies = {}, this.fieldLengths = {}, this.tokenizer = D.tokenizer, this.pipeline = new D.Pipeline, this.searchPipeline = new D.Pipeline, this.documentCount = 0, this._b = .75, this._k1 = 1.2, this.termIndex = 0, this.metadataWhitelist = [] - }, D.Builder.prototype.ref = function(e) { - this._ref = e - }, D.Builder.prototype.field = function(e, t) { - if (/\//.test(e)) throw new RangeError("Field '" + e + "' contains illegal character '/'"); - this._fields[e] = t || {} - }, D.Builder.prototype.b = function(e) { - this._b = e < 0 ? 0 : 1 < e ? 1 : e - }, D.Builder.prototype.k1 = function(e) { - this._k1 = e - }, D.Builder.prototype.add = function(e, t) { - var n = e[this._ref], - r = Object.keys(this._fields); - this._documents[n] = t || {}, this.documentCount += 1; - for (var i = 0; i < r.length; i++) { - var o = r[i], - a = this._fields[o].extractor, - s = a ? a(e) : e[o], - c = this.tokenizer(s, { - fields: [o] - }), - l = this.pipeline.run(c), - u = new D.FieldRef(n, o), - f = Object.create(null); - this.fieldTermFrequencies[u] = f, this.fieldLengths[u] = 0, this.fieldLengths[u] += l.length; - for (var d = 0; d < l.length; d++) { - var h = l[d]; - if (null == f[h] && (f[h] = 0), f[h] += 1, null == this.invertedIndex[h]) { - var p = Object.create(null); - p._index = this.termIndex, this.termIndex += 1; - for (var m = 0; m < r.length; m++) p[r[m]] = Object.create(null); - this.invertedIndex[h] = p - } - null == this.invertedIndex[h][o][n] && (this.invertedIndex[h][o][n] = Object.create(null)); - for (var y = 0; y < this.metadataWhitelist.length; y++) { - var v = this.metadataWhitelist[y], - g = h.metadata[v]; - null == this.invertedIndex[h][o][n][v] && (this.invertedIndex[h][o][n][v] = []), this.invertedIndex[h][o][n][v].push(g) - } - } - } - }, D.Builder.prototype.calculateAverageFieldLengths = function() { - for (var e = Object.keys(this.fieldLengths), t = e.length, n = {}, r = {}, i = 0; i < t; i++) { - var o = D.FieldRef.fromString(e[i]), - a = o.fieldName; - r[a] || (r[a] = 0), r[a] += 1, n[a] || (n[a] = 0), n[a] += this.fieldLengths[o] - } - var s = Object.keys(this._fields); - for (i = 0; i < s.length; i++) { - var c = s[i]; - n[c] = n[c] / r[c] - } - this.averageFieldLength = n - }, D.Builder.prototype.createFieldVectors = function() { - for (var e = {}, t = Object.keys(this.fieldTermFrequencies), n = t.length, r = Object.create(null), i = 0; i < n; i++) { - for (var o = D.FieldRef.fromString(t[i]), a = o.fieldName, s = this.fieldLengths[o], c = new D.Vector, l = this.fieldTermFrequencies[o], u = Object.keys(l), f = u.length, d = this._fields[a].boost || 1, h = this._documents[o.docRef].boost || 1, p = 0; p < f; p++) { - var m, y, v, g = u[p], - w = l[g], - _ = this.invertedIndex[g]._index; - void 0 === r[g] ? (m = D.idf(this.invertedIndex[g], this.documentCount), r[g] = m) : m = r[g], y = m * ((this._k1 + 1) * w) / (this._k1 * (1 - this._b + this._b * (s / this.averageFieldLength[a])) + w), y *= d, y *= h, v = Math.round(1e3 * y) / 1e3, c.insert(_, v) - } - e[o] = c - } - this.fieldVectors = e - }, D.Builder.prototype.createTokenSet = function() { - this.tokenSet = D.TokenSet.fromArray(Object.keys(this.invertedIndex).sort()) - }, D.Builder.prototype.build = function() { - return this.calculateAverageFieldLengths(), this.createFieldVectors(), this.createTokenSet(), new D.Index({ - invertedIndex: this.invertedIndex, - fieldVectors: this.fieldVectors, - tokenSet: this.tokenSet, - fields: Object.keys(this._fields), - pipeline: this.searchPipeline - }) - }, D.Builder.prototype.use = function(e) { - var t = Array.prototype.slice.call(arguments, 1); - t.unshift(this), e.apply(this, t) - }, D.MatchData = function(e, t, n) { - for (var r = Object.create(null), i = Object.keys(n || {}), o = 0; o < i.length; o++) { - var a = i[o]; - r[a] = n[a].slice() - } - this.metadata = Object.create(null), void 0 !== e && (this.metadata[e] = Object.create(null), this.metadata[e][t] = r) - }, D.MatchData.prototype.combine = function(e) { - for (var t = Object.keys(e.metadata), n = 0; n < t.length; n++) { - var r = t[n], - i = Object.keys(e.metadata[r]); - null == this.metadata[r] && (this.metadata[r] = Object.create(null)); - for (var o = 0; o < i.length; o++) { - var a = i[o], - s = Object.keys(e.metadata[r][a]); - null == this.metadata[r][a] && (this.metadata[r][a] = Object.create(null)); - for (var c = 0; c < s.length; c++) { - var l = s[c]; - null == this.metadata[r][a][l] ? this.metadata[r][a][l] = e.metadata[r][a][l] : this.metadata[r][a][l] = this.metadata[r][a][l].concat(e.metadata[r][a][l]) - } - } - } - }, D.MatchData.prototype.add = function(e, t, n) { - if (!(e in this.metadata)) return this.metadata[e] = Object.create(null), void(this.metadata[e][t] = n); - if (t in this.metadata[e]) - for (var r = Object.keys(n), i = 0; i < r.length; i++) { - var o = r[i]; - o in this.metadata[e][t] ? this.metadata[e][t][o] = this.metadata[e][t][o].concat(n[o]) : this.metadata[e][t][o] = n[o] - } else this.metadata[e][t] = n - }, D.Query = function(e) { - this.clauses = [], this.allFields = e - }, D.Query.wildcard = new String("*"), D.Query.wildcard.NONE = 0, D.Query.wildcard.LEADING = 1, D.Query.wildcard.TRAILING = 2, D.Query.presence = { - OPTIONAL: 1, - REQUIRED: 2, - PROHIBITED: 3 - }, D.Query.prototype.clause = function(e) { - return "fields" in e || (e.fields = this.allFields), "boost" in e || (e.boost = 1), "usePipeline" in e || (e.usePipeline = !0), "wildcard" in e || (e.wildcard = D.Query.wildcard.NONE), e.wildcard & D.Query.wildcard.LEADING && e.term.charAt(0) != D.Query.wildcard && (e.term = "*" + e.term), e.wildcard & D.Query.wildcard.TRAILING && e.term.slice(-1) != D.Query.wildcard && (e.term = e.term + "*"), "presence" in e || (e.presence = D.Query.presence.OPTIONAL), this.clauses.push(e), this - }, D.Query.prototype.isNegated = function() { - for (var e = 0; e < this.clauses.length; e++) - if (this.clauses[e].presence != D.Query.presence.PROHIBITED) return !1; - return !0 - }, D.Query.prototype.term = function(e, t) { - if (Array.isArray(e)) return e.forEach(function(e) { - this.term(e, D.utils.clone(t)) - }, this), this; - var n = t || {}; - return n.term = e.toString(), this.clause(n), this - }, D.QueryParseError = function(e, t, n) { - this.name = "QueryParseError", this.message = e, this.start = t, this.end = n - }, D.QueryParseError.prototype = new Error, D.QueryLexer = function(e) { - this.lexemes = [], this.str = e, this.length = e.length, this.pos = 0, this.start = 0, this.escapeCharPositions = [] - }, D.QueryLexer.prototype.run = function() { - for (var e = D.QueryLexer.lexText; e;) e = e(this) - }, D.QueryLexer.prototype.sliceString = function() { - for (var e = [], t = this.start, n = this.pos, r = 0; r < this.escapeCharPositions.length; r++) n = this.escapeCharPositions[r], e.push(this.str.slice(t, n)), t = n + 1; - return e.push(this.str.slice(t, this.pos)), this.escapeCharPositions.length = 0, e.join("") - }, D.QueryLexer.prototype.emit = function(e) { - this.lexemes.push({ - type: e, - str: this.sliceString(), - start: this.start, - end: this.pos - }), this.start = this.pos - }, D.QueryLexer.prototype.escapeCharacter = function() { - this.escapeCharPositions.push(this.pos - 1), this.pos += 1 - }, D.QueryLexer.prototype.next = function() { - if (this.pos >= this.length) return D.QueryLexer.EOS; - var e = this.str.charAt(this.pos); - return this.pos += 1, e - }, D.QueryLexer.prototype.width = function() { - return this.pos - this.start - }, D.QueryLexer.prototype.ignore = function() { - this.start == this.pos && (this.pos += 1), this.start = this.pos - }, D.QueryLexer.prototype.backup = function() { - this.pos -= 1 - }, D.QueryLexer.prototype.acceptDigitRun = function() { - for (var e, t; 47 < (t = (e = this.next()).charCodeAt(0)) && t < 58;); - e != D.QueryLexer.EOS && this.backup() - }, D.QueryLexer.prototype.more = function() { - return this.pos < this.length - }, D.QueryLexer.EOS = "EOS", D.QueryLexer.FIELD = "FIELD", D.QueryLexer.TERM = "TERM", D.QueryLexer.EDIT_DISTANCE = "EDIT_DISTANCE", D.QueryLexer.BOOST = "BOOST", D.QueryLexer.PRESENCE = "PRESENCE", D.QueryLexer.lexField = function(e) { - return e.backup(), e.emit(D.QueryLexer.FIELD), e.ignore(), D.QueryLexer.lexText - }, D.QueryLexer.lexTerm = function(e) { - if (1 < e.width() && (e.backup(), e.emit(D.QueryLexer.TERM)), e.ignore(), e.more()) return D.QueryLexer.lexText - }, D.QueryLexer.lexEditDistance = function(e) { - return e.ignore(), e.acceptDigitRun(), e.emit(D.QueryLexer.EDIT_DISTANCE), D.QueryLexer.lexText - }, D.QueryLexer.lexBoost = function(e) { - return e.ignore(), e.acceptDigitRun(), e.emit(D.QueryLexer.BOOST), D.QueryLexer.lexText - }, D.QueryLexer.lexEOS = function(e) { - 0 < e.width() && e.emit(D.QueryLexer.TERM) - }, D.QueryLexer.termSeparator = D.tokenizer.separator, D.QueryLexer.lexText = function(e) { - for (;;) { - var t = e.next(); - if (t == D.QueryLexer.EOS) return D.QueryLexer.lexEOS; - if (92 != t.charCodeAt(0)) { - if (":" == t) return D.QueryLexer.lexField; - if ("~" == t) return e.backup(), 0 < e.width() && e.emit(D.QueryLexer.TERM), D.QueryLexer.lexEditDistance; - if ("^" == t) return e.backup(), 0 < e.width() && e.emit(D.QueryLexer.TERM), D.QueryLexer.lexBoost; - if ("+" == t && 1 === e.width()) return e.emit(D.QueryLexer.PRESENCE), D.QueryLexer.lexText; - if ("-" == t && 1 === e.width()) return e.emit(D.QueryLexer.PRESENCE), D.QueryLexer.lexText; - if (t.match(D.QueryLexer.termSeparator)) return D.QueryLexer.lexTerm - } else e.escapeCharacter() - } - }, D.QueryParser = function(e, t) { - this.lexer = new D.QueryLexer(e), this.query = t, this.currentClause = {}, this.lexemeIdx = 0 - }, D.QueryParser.prototype.parse = function() { - this.lexer.run(), this.lexemes = this.lexer.lexemes; - for (var e = D.QueryParser.parseClause; e;) e = e(this); - return this.query - }, D.QueryParser.prototype.peekLexeme = function() { - return this.lexemes[this.lexemeIdx] - }, D.QueryParser.prototype.consumeLexeme = function() { - var e = this.peekLexeme(); - return this.lexemeIdx += 1, e - }, D.QueryParser.prototype.nextClause = function() { - var e = this.currentClause; - this.query.clause(e), this.currentClause = {} - }, D.QueryParser.parseClause = function(e) { - var t = e.peekLexeme(); - if (null != t) switch (t.type) { - case D.QueryLexer.PRESENCE: - return D.QueryParser.parsePresence; - case D.QueryLexer.FIELD: - return D.QueryParser.parseField; - case D.QueryLexer.TERM: - return D.QueryParser.parseTerm; - default: - var n = "expected either a field or a term, found " + t.type; - throw 1 <= t.str.length && (n += " with value '" + t.str + "'"), new D.QueryParseError(n, t.start, t.end) - } - }, D.QueryParser.parsePresence = function(e) { - var t = e.consumeLexeme(); - if (null != t) { - switch (t.str) { - case "-": - e.currentClause.presence = D.Query.presence.PROHIBITED; - break; - case "+": - e.currentClause.presence = D.Query.presence.REQUIRED; - break; - default: - var n = "unrecognised presence operator'" + t.str + "'"; - throw new D.QueryParseError(n, t.start, t.end) - } - var r = e.peekLexeme(); - if (null == r) { - n = "expecting term or field, found nothing"; - throw new D.QueryParseError(n, t.start, t.end) - } - switch (r.type) { - case D.QueryLexer.FIELD: - return D.QueryParser.parseField; - case D.QueryLexer.TERM: - return D.QueryParser.parseTerm; - default: - n = "expecting term or field, found '" + r.type + "'"; - throw new D.QueryParseError(n, r.start, r.end) - } - } - }, D.QueryParser.parseField = function(e) { - var t = e.consumeLexeme(); - if (null != t) { - if (-1 == e.query.allFields.indexOf(t.str)) { - var n = e.query.allFields.map(function(e) { - return "'" + e + "'" - }).join(", "), - r = "unrecognised field '" + t.str + "', possible fields: " + n; - throw new D.QueryParseError(r, t.start, t.end) - } - e.currentClause.fields = [t.str]; - var i = e.peekLexeme(); - if (null == i) { - r = "expecting term, found nothing"; - throw new D.QueryParseError(r, t.start, t.end) - } - switch (i.type) { - case D.QueryLexer.TERM: - return D.QueryParser.parseTerm; - default: - r = "expecting term, found '" + i.type + "'"; - throw new D.QueryParseError(r, i.start, i.end) - } - } - }, D.QueryParser.parseTerm = function(e) { - var t = e.consumeLexeme(); - if (null != t) { - e.currentClause.term = t.str.toLowerCase(), -1 != t.str.indexOf("*") && (e.currentClause.usePipeline = !1); - var n = e.peekLexeme(); - if (null != n) switch (n.type) { - case D.QueryLexer.TERM: - return e.nextClause(), D.QueryParser.parseTerm; - case D.QueryLexer.FIELD: - return e.nextClause(), D.QueryParser.parseField; - case D.QueryLexer.EDIT_DISTANCE: - return D.QueryParser.parseEditDistance; - case D.QueryLexer.BOOST: - return D.QueryParser.parseBoost; - case D.QueryLexer.PRESENCE: - return e.nextClause(), D.QueryParser.parsePresence; - default: - var r = "Unexpected lexeme type '" + n.type + "'"; - throw new D.QueryParseError(r, n.start, n.end) - } else e.nextClause() - } - }, D.QueryParser.parseEditDistance = function(e) { - var t = e.consumeLexeme(); - if (null != t) { - var n = parseInt(t.str, 10); - if (isNaN(n)) { - var r = "edit distance must be numeric"; - throw new D.QueryParseError(r, t.start, t.end) - } - e.currentClause.editDistance = n; - var i = e.peekLexeme(); - if (null != i) switch (i.type) { - case D.QueryLexer.TERM: - return e.nextClause(), D.QueryParser.parseTerm; - case D.QueryLexer.FIELD: - return e.nextClause(), D.QueryParser.parseField; - case D.QueryLexer.EDIT_DISTANCE: - return D.QueryParser.parseEditDistance; - case D.QueryLexer.BOOST: - return D.QueryParser.parseBoost; - case D.QueryLexer.PRESENCE: - return e.nextClause(), D.QueryParser.parsePresence; - default: - r = "Unexpected lexeme type '" + i.type + "'"; - throw new D.QueryParseError(r, i.start, i.end) - } else e.nextClause() - } - }, D.QueryParser.parseBoost = function(e) { - var t = e.consumeLexeme(); - if (null != t) { - var n = parseInt(t.str, 10); - if (isNaN(n)) { - var r = "boost must be numeric"; - throw new D.QueryParseError(r, t.start, t.end) - } - e.currentClause.boost = n; - var i = e.peekLexeme(); - if (null != i) switch (i.type) { - case D.QueryLexer.TERM: - return e.nextClause(), D.QueryParser.parseTerm; - case D.QueryLexer.FIELD: - return e.nextClause(), D.QueryParser.parseField; - case D.QueryLexer.EDIT_DISTANCE: - return D.QueryParser.parseEditDistance; - case D.QueryLexer.BOOST: - return D.QueryParser.parseBoost; - case D.QueryLexer.PRESENCE: - return e.nextClause(), D.QueryParser.parsePresence; - default: - r = "Unexpected lexeme type '" + i.type + "'"; - throw new D.QueryParseError(r, i.start, i.end) - } else e.nextClause() - } - }, void 0 === (c = "function" == typeof(s = function() { - return D - }) ? s.call(o, a, o, i) : s) || (i.exports = c) - }() -}])); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.da.js b/docs/_build/html/_static/javascripts/lunr/lunr.da.js deleted file mode 100644 index 34910dfe..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.da.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var r,m,i;e.da=function(){this.pipeline.reset(),this.pipeline.add(e.da.trimmer,e.da.stopWordFilter,e.da.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.da.stemmer))},e.da.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.da.trimmer=e.trimmerSupport.generateTrimmer(e.da.wordCharacters),e.Pipeline.registerFunction(e.da.trimmer,"trimmer-da"),e.da.stemmer=(r=e.stemmerSupport.Among,m=e.stemmerSupport.SnowballProgram,i=new function(){var i,t,n,s=[new r("hed",-1,1),new r("ethed",0,1),new r("ered",-1,1),new r("e",-1,1),new r("erede",3,1),new r("ende",3,1),new r("erende",5,1),new r("ene",3,1),new r("erne",3,1),new r("ere",3,1),new r("en",-1,1),new r("heden",10,1),new r("eren",10,1),new r("er",-1,1),new r("heder",13,1),new r("erer",13,1),new r("s",-1,2),new r("heds",16,1),new r("es",16,1),new r("endes",18,1),new r("erendes",19,1),new r("enes",18,1),new r("ernes",18,1),new r("eres",18,1),new r("ens",16,1),new r("hedens",24,1),new r("erens",24,1),new r("ers",16,1),new r("ets",16,1),new r("erets",28,1),new r("et",-1,1),new r("eret",30,1)],o=[new r("gd",-1,-1),new r("dt",-1,-1),new r("gt",-1,-1),new r("kt",-1,-1)],a=[new r("ig",-1,1),new r("lig",0,1),new r("elig",1,1),new r("els",-1,1),new r("løst",-1,2)],d=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,48,0,128],u=[239,254,42,3,0,0,0,0,0,0,0,0,0,0,0,0,16],c=new m;function l(){var e,r=c.limit-c.cursor;c.cursor>=t&&(e=c.limit_backward,c.limit_backward=t,c.ket=c.cursor,c.find_among_b(o,4)?(c.bra=c.cursor,c.limit_backward=e,c.cursor=c.limit-r,c.cursor>c.limit_backward&&(c.cursor--,c.bra=c.cursor,c.slice_del())):c.limit_backward=e)}this.setCurrent=function(e){c.setCurrent(e)},this.getCurrent=function(){return c.getCurrent()},this.stem=function(){var e,r=c.cursor;return function(){var e,r=c.cursor+3;if(t=c.limit,0<=r&&r<=c.limit){for(i=r;;){if(e=c.cursor,c.in_grouping(d,97,248)){c.cursor=e;break}if((c.cursor=e)>=c.limit)return;c.cursor++}for(;!c.out_grouping(d,97,248);){if(c.cursor>=c.limit)return;c.cursor++}(t=c.cursor)=t&&(r=c.limit_backward,c.limit_backward=t,c.ket=c.cursor,e=c.find_among_b(s,32),c.limit_backward=r,e))switch(c.bra=c.cursor,e){case 1:c.slice_del();break;case 2:c.in_grouping_b(u,97,229)&&c.slice_del()}}(),c.cursor=c.limit,l(),c.cursor=c.limit,function(){var e,r,i,n=c.limit-c.cursor;if(c.ket=c.cursor,c.eq_s_b(2,"st")&&(c.bra=c.cursor,c.eq_s_b(2,"ig")&&c.slice_del()),c.cursor=c.limit-n,c.cursor>=t&&(r=c.limit_backward,c.limit_backward=t,c.ket=c.cursor,e=c.find_among_b(a,5),c.limit_backward=r,e))switch(c.bra=c.cursor,e){case 1:c.slice_del(),i=c.limit-c.cursor,l(),c.cursor=c.limit-i;break;case 2:c.slice_from("løs")}}(),c.cursor=c.limit,c.cursor>=t&&(e=c.limit_backward,c.limit_backward=t,c.ket=c.cursor,c.out_grouping_b(d,97,248)?(c.bra=c.cursor,n=c.slice_to(n),c.limit_backward=e,c.eq_v_b(n)&&c.slice_del()):c.limit_backward=e),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return i.setCurrent(e),i.stem(),i.getCurrent()}):(i.setCurrent(e),i.stem(),i.getCurrent())}),e.Pipeline.registerFunction(e.da.stemmer,"stemmer-da"),e.da.stopWordFilter=e.generateStopWordFilter("ad af alle alt anden at blev blive bliver da de dem den denne der deres det dette dig din disse dog du efter eller en end er et for fra ham han hans har havde have hende hendes her hos hun hvad hvis hvor i ikke ind jeg jer jo kunne man mange med meget men mig min mine mit mod ned noget nogle nu når og også om op os over på selv sig sin sine sit skal skulle som sådan thi til ud under var vi vil ville vor være været".split(" ")),e.Pipeline.registerFunction(e.da.stopWordFilter,"stopWordFilter-da")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.de.js b/docs/_build/html/_static/javascripts/lunr/lunr.de.js deleted file mode 100644 index 1529892c..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.de.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var _,p,r;e.de=function(){this.pipeline.reset(),this.pipeline.add(e.de.trimmer,e.de.stopWordFilter,e.de.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.de.stemmer))},e.de.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.de.trimmer=e.trimmerSupport.generateTrimmer(e.de.wordCharacters),e.Pipeline.registerFunction(e.de.trimmer,"trimmer-de"),e.de.stemmer=(_=e.stemmerSupport.Among,p=e.stemmerSupport.SnowballProgram,r=new function(){var r,n,i,s=[new _("",-1,6),new _("U",0,2),new _("Y",0,1),new _("ä",0,3),new _("ö",0,4),new _("ü",0,5)],o=[new _("e",-1,2),new _("em",-1,1),new _("en",-1,2),new _("ern",-1,1),new _("er",-1,1),new _("s",-1,3),new _("es",5,2)],c=[new _("en",-1,1),new _("er",-1,1),new _("st",-1,2),new _("est",2,1)],u=[new _("ig",-1,1),new _("lich",-1,1)],a=[new _("end",-1,1),new _("ig",-1,2),new _("ung",-1,1),new _("lich",-1,3),new _("isch",-1,2),new _("ik",-1,2),new _("heit",-1,3),new _("keit",-1,4)],t=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,32,8],d=[117,30,5],l=[117,30,4],m=new p;function h(e,r,n){return!(!m.eq_s(1,e)||(m.ket=m.cursor,!m.in_grouping(t,97,252)))&&(m.slice_from(r),m.cursor=n,!0)}function w(){for(;!m.in_grouping(t,97,252);){if(m.cursor>=m.limit)return!0;m.cursor++}for(;!m.out_grouping(t,97,252);){if(m.cursor>=m.limit)return!0;m.cursor++}return!1}function f(){return i<=m.cursor}function b(){return n<=m.cursor}this.setCurrent=function(e){m.setCurrent(e)},this.getCurrent=function(){return m.getCurrent()},this.stem=function(){var e=m.cursor;return function(){for(var e,r,n,i,s=m.cursor;;)if(e=m.cursor,m.bra=e,m.eq_s(1,"ß"))m.ket=m.cursor,m.slice_from("ss");else{if(e>=m.limit)break;m.cursor=e+1}for(m.cursor=s;;)for(r=m.cursor;;){if(n=m.cursor,m.in_grouping(t,97,252)){if(i=m.cursor,m.bra=i,h("u","U",n))break;if(m.cursor=i,h("y","Y",n))break}if(n>=m.limit)return m.cursor=r;m.cursor=n+1}}(),m.cursor=e,function(){i=m.limit,n=i;var e=m.cursor+3;0<=e&&e<=m.limit&&(r=e,w()||((i=m.cursor)=m.limit)return;m.cursor++}}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return r.setCurrent(e),r.stem(),r.getCurrent()}):(r.setCurrent(e),r.stem(),r.getCurrent())}),e.Pipeline.registerFunction(e.de.stemmer,"stemmer-de"),e.de.stopWordFilter=e.generateStopWordFilter("aber alle allem allen aller alles als also am an ander andere anderem anderen anderer anderes anderm andern anderr anders auch auf aus bei bin bis bist da damit dann das dasselbe dazu daß dein deine deinem deinen deiner deines dem demselben den denn denselben der derer derselbe derselben des desselben dessen dich die dies diese dieselbe dieselben diesem diesen dieser dieses dir doch dort du durch ein eine einem einen einer eines einig einige einigem einigen einiger einiges einmal er es etwas euch euer eure eurem euren eurer eures für gegen gewesen hab habe haben hat hatte hatten hier hin hinter ich ihm ihn ihnen ihr ihre ihrem ihren ihrer ihres im in indem ins ist jede jedem jeden jeder jedes jene jenem jenen jener jenes jetzt kann kein keine keinem keinen keiner keines können könnte machen man manche manchem manchen mancher manches mein meine meinem meinen meiner meines mich mir mit muss musste nach nicht nichts noch nun nur ob oder ohne sehr sein seine seinem seinen seiner seines selbst sich sie sind so solche solchem solchen solcher solches soll sollte sondern sonst um und uns unse unsem unsen unser unses unter viel vom von vor war waren warst was weg weil weiter welche welchem welchen welcher welches wenn werde werden wie wieder will wir wird wirst wo wollen wollte während würde würden zu zum zur zwar zwischen über".split(" ")),e.Pipeline.registerFunction(e.de.stopWordFilter,"stopWordFilter-de")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.du.js b/docs/_build/html/_static/javascripts/lunr/lunr.du.js deleted file mode 100644 index 52632004..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.du.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var v,q,r;console.warn('[Lunr Languages] Please use the "nl" instead of the "du". The "nl" code is the standard code for Dutch language, and "du" will be removed in the next major versions.'),e.du=function(){this.pipeline.reset(),this.pipeline.add(e.du.trimmer,e.du.stopWordFilter,e.du.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.du.stemmer))},e.du.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.du.trimmer=e.trimmerSupport.generateTrimmer(e.du.wordCharacters),e.Pipeline.registerFunction(e.du.trimmer,"trimmer-du"),e.du.stemmer=(v=e.stemmerSupport.Among,q=e.stemmerSupport.SnowballProgram,r=new function(){var r,i,u,o=[new v("",-1,6),new v("á",0,1),new v("ä",0,1),new v("é",0,2),new v("ë",0,2),new v("í",0,3),new v("ï",0,3),new v("ó",0,4),new v("ö",0,4),new v("ú",0,5),new v("ü",0,5)],n=[new v("",-1,3),new v("I",0,2),new v("Y",0,1)],t=[new v("dd",-1,-1),new v("kk",-1,-1),new v("tt",-1,-1)],c=[new v("ene",-1,2),new v("se",-1,3),new v("en",-1,2),new v("heden",2,1),new v("s",-1,3)],a=[new v("end",-1,1),new v("ig",-1,2),new v("ing",-1,1),new v("lijk",-1,3),new v("baar",-1,4),new v("bar",-1,5)],l=[new v("aa",-1,-1),new v("ee",-1,-1),new v("oo",-1,-1),new v("uu",-1,-1)],m=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,128],d=[1,0,0,17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,128],f=[17,67,16,1,0,0,0,0,0,0,0,0,0,0,0,0,128],_=new q;function s(e){return(_.cursor=e)>=_.limit||(_.cursor++,!1)}function w(){for(;!_.in_grouping(m,97,232);){if(_.cursor>=_.limit)return!0;_.cursor++}for(;!_.out_grouping(m,97,232);){if(_.cursor>=_.limit)return!0;_.cursor++}return!1}function b(){return i<=_.cursor}function p(){return r<=_.cursor}function g(){var e=_.limit-_.cursor;_.find_among_b(t,3)&&(_.cursor=_.limit-e,_.ket=_.cursor,_.cursor>_.limit_backward&&(_.cursor--,_.bra=_.cursor,_.slice_del()))}function h(){var e;u=!1,_.ket=_.cursor,_.eq_s_b(1,"e")&&(_.bra=_.cursor,b()&&(e=_.limit-_.cursor,_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-e,_.slice_del(),u=!0,g())))}function k(){var e;b()&&(e=_.limit-_.cursor,_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-e,_.eq_s_b(3,"gem")||(_.cursor=_.limit-e,_.slice_del(),g())))}this.setCurrent=function(e){_.setCurrent(e)},this.getCurrent=function(){return _.getCurrent()},this.stem=function(){var e=_.cursor;return function(){for(var e,r,i,n=_.cursor;;){if(_.bra=_.cursor,e=_.find_among(o,11))switch(_.ket=_.cursor,e){case 1:_.slice_from("a");continue;case 2:_.slice_from("e");continue;case 3:_.slice_from("i");continue;case 4:_.slice_from("o");continue;case 5:_.slice_from("u");continue;case 6:if(_.cursor>=_.limit)break;_.cursor++;continue}break}for(_.cursor=n,_.bra=n,_.eq_s(1,"y")?(_.ket=_.cursor,_.slice_from("Y")):_.cursor=n;;)if(r=_.cursor,_.in_grouping(m,97,232)){if(i=_.cursor,_.bra=i,_.eq_s(1,"i"))_.ket=_.cursor,_.in_grouping(m,97,232)&&(_.slice_from("I"),_.cursor=r);else if(_.cursor=i,_.eq_s(1,"y"))_.ket=_.cursor,_.slice_from("Y"),_.cursor=r;else if(s(r))break}else if(s(r))break}(),_.cursor=e,i=_.limit,r=i,w()||((i=_.cursor)<3&&(i=3),w()||(r=_.cursor)),_.limit_backward=e,_.cursor=_.limit,function(){var e,r,i,n,o,t,s=_.limit-_.cursor;if(_.ket=_.cursor,e=_.find_among_b(c,5))switch(_.bra=_.cursor,e){case 1:b()&&_.slice_from("heid");break;case 2:k();break;case 3:b()&&_.out_grouping_b(f,97,232)&&_.slice_del()}if(_.cursor=_.limit-s,h(),_.cursor=_.limit-s,_.ket=_.cursor,_.eq_s_b(4,"heid")&&(_.bra=_.cursor,p()&&(r=_.limit-_.cursor,_.eq_s_b(1,"c")||(_.cursor=_.limit-r,_.slice_del(),_.ket=_.cursor,_.eq_s_b(2,"en")&&(_.bra=_.cursor,k())))),_.cursor=_.limit-s,_.ket=_.cursor,e=_.find_among_b(a,6))switch(_.bra=_.cursor,e){case 1:if(p()){if(_.slice_del(),i=_.limit-_.cursor,_.ket=_.cursor,_.eq_s_b(2,"ig")&&(_.bra=_.cursor,p()&&(n=_.limit-_.cursor,!_.eq_s_b(1,"e")))){_.cursor=_.limit-n,_.slice_del();break}_.cursor=_.limit-i,g()}break;case 2:p()&&(o=_.limit-_.cursor,_.eq_s_b(1,"e")||(_.cursor=_.limit-o,_.slice_del()));break;case 3:p()&&(_.slice_del(),h());break;case 4:p()&&_.slice_del();break;case 5:p()&&u&&_.slice_del()}_.cursor=_.limit-s,_.out_grouping_b(d,73,232)&&(t=_.limit-_.cursor,_.find_among_b(l,4)&&_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-t,_.ket=_.cursor,_.cursor>_.limit_backward&&(_.cursor--,_.bra=_.cursor,_.slice_del())))}(),_.cursor=_.limit_backward,function(){for(var e;;)if(_.bra=_.cursor,e=_.find_among(n,3))switch(_.ket=_.cursor,e){case 1:_.slice_from("y");break;case 2:_.slice_from("i");break;case 3:if(_.cursor>=_.limit)return;_.cursor++}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return r.setCurrent(e),r.stem(),r.getCurrent()}):(r.setCurrent(e),r.stem(),r.getCurrent())}),e.Pipeline.registerFunction(e.du.stemmer,"stemmer-du"),e.du.stopWordFilter=e.generateStopWordFilter(" aan al alles als altijd andere ben bij daar dan dat de der deze die dit doch doen door dus een eens en er ge geen geweest haar had heb hebben heeft hem het hier hij hoe hun iemand iets ik in is ja je kan kon kunnen maar me meer men met mij mijn moet na naar niet niets nog nu of om omdat onder ons ook op over reeds te tegen toch toen tot u uit uw van veel voor want waren was wat werd wezen wie wil worden wordt zal ze zelf zich zij zijn zo zonder zou".split(" ")),e.Pipeline.registerFunction(e.du.stopWordFilter,"stopWordFilter-du")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.es.js b/docs/_build/html/_static/javascripts/lunr/lunr.es.js deleted file mode 100644 index 9de6c09c..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.es.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,s){"function"==typeof define&&define.amd?define(s):"object"==typeof exports?module.exports=s():s()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var C,P,s;e.es=function(){this.pipeline.reset(),this.pipeline.add(e.es.trimmer,e.es.stopWordFilter,e.es.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.es.stemmer))},e.es.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.es.trimmer=e.trimmerSupport.generateTrimmer(e.es.wordCharacters),e.Pipeline.registerFunction(e.es.trimmer,"trimmer-es"),e.es.stemmer=(C=e.stemmerSupport.Among,P=e.stemmerSupport.SnowballProgram,s=new function(){var r,n,i,a=[new C("",-1,6),new C("á",0,1),new C("é",0,2),new C("í",0,3),new C("ó",0,4),new C("ú",0,5)],t=[new C("la",-1,-1),new C("sela",0,-1),new C("le",-1,-1),new C("me",-1,-1),new C("se",-1,-1),new C("lo",-1,-1),new C("selo",5,-1),new C("las",-1,-1),new C("selas",7,-1),new C("les",-1,-1),new C("los",-1,-1),new C("selos",10,-1),new C("nos",-1,-1)],o=[new C("ando",-1,6),new C("iendo",-1,6),new C("yendo",-1,7),new C("ándo",-1,2),new C("iéndo",-1,1),new C("ar",-1,6),new C("er",-1,6),new C("ir",-1,6),new C("ár",-1,3),new C("ér",-1,4),new C("ír",-1,5)],s=[new C("ic",-1,-1),new C("ad",-1,-1),new C("os",-1,-1),new C("iv",-1,1)],u=[new C("able",-1,1),new C("ible",-1,1),new C("ante",-1,1)],w=[new C("ic",-1,1),new C("abil",-1,1),new C("iv",-1,1)],c=[new C("ica",-1,1),new C("ancia",-1,2),new C("encia",-1,5),new C("adora",-1,2),new C("osa",-1,1),new C("ista",-1,1),new C("iva",-1,9),new C("anza",-1,1),new C("logía",-1,3),new C("idad",-1,8),new C("able",-1,1),new C("ible",-1,1),new C("ante",-1,2),new C("mente",-1,7),new C("amente",13,6),new C("ación",-1,2),new C("ución",-1,4),new C("ico",-1,1),new C("ismo",-1,1),new C("oso",-1,1),new C("amiento",-1,1),new C("imiento",-1,1),new C("ivo",-1,9),new C("ador",-1,2),new C("icas",-1,1),new C("ancias",-1,2),new C("encias",-1,5),new C("adoras",-1,2),new C("osas",-1,1),new C("istas",-1,1),new C("ivas",-1,9),new C("anzas",-1,1),new C("logías",-1,3),new C("idades",-1,8),new C("ables",-1,1),new C("ibles",-1,1),new C("aciones",-1,2),new C("uciones",-1,4),new C("adores",-1,2),new C("antes",-1,2),new C("icos",-1,1),new C("ismos",-1,1),new C("osos",-1,1),new C("amientos",-1,1),new C("imientos",-1,1),new C("ivos",-1,9)],m=[new C("ya",-1,1),new C("ye",-1,1),new C("yan",-1,1),new C("yen",-1,1),new C("yeron",-1,1),new C("yendo",-1,1),new C("yo",-1,1),new C("yas",-1,1),new C("yes",-1,1),new C("yais",-1,1),new C("yamos",-1,1),new C("yó",-1,1)],l=[new C("aba",-1,2),new C("ada",-1,2),new C("ida",-1,2),new C("ara",-1,2),new C("iera",-1,2),new C("ía",-1,2),new C("aría",5,2),new C("ería",5,2),new C("iría",5,2),new C("ad",-1,2),new C("ed",-1,2),new C("id",-1,2),new C("ase",-1,2),new C("iese",-1,2),new C("aste",-1,2),new C("iste",-1,2),new C("an",-1,2),new C("aban",16,2),new C("aran",16,2),new C("ieran",16,2),new C("ían",16,2),new C("arían",20,2),new C("erían",20,2),new C("irían",20,2),new C("en",-1,1),new C("asen",24,2),new C("iesen",24,2),new C("aron",-1,2),new C("ieron",-1,2),new C("arán",-1,2),new C("erán",-1,2),new C("irán",-1,2),new C("ado",-1,2),new C("ido",-1,2),new C("ando",-1,2),new C("iendo",-1,2),new C("ar",-1,2),new C("er",-1,2),new C("ir",-1,2),new C("as",-1,2),new C("abas",39,2),new C("adas",39,2),new C("idas",39,2),new C("aras",39,2),new C("ieras",39,2),new C("ías",39,2),new C("arías",45,2),new C("erías",45,2),new C("irías",45,2),new C("es",-1,1),new C("ases",49,2),new C("ieses",49,2),new C("abais",-1,2),new C("arais",-1,2),new C("ierais",-1,2),new C("íais",-1,2),new C("aríais",55,2),new C("eríais",55,2),new C("iríais",55,2),new C("aseis",-1,2),new C("ieseis",-1,2),new C("asteis",-1,2),new C("isteis",-1,2),new C("áis",-1,2),new C("éis",-1,1),new C("aréis",64,2),new C("eréis",64,2),new C("iréis",64,2),new C("ados",-1,2),new C("idos",-1,2),new C("amos",-1,2),new C("ábamos",70,2),new C("áramos",70,2),new C("iéramos",70,2),new C("íamos",70,2),new C("aríamos",74,2),new C("eríamos",74,2),new C("iríamos",74,2),new C("emos",-1,1),new C("aremos",78,2),new C("eremos",78,2),new C("iremos",78,2),new C("ásemos",78,2),new C("iésemos",78,2),new C("imos",-1,2),new C("arás",-1,2),new C("erás",-1,2),new C("irás",-1,2),new C("ís",-1,2),new C("ará",-1,2),new C("erá",-1,2),new C("irá",-1,2),new C("aré",-1,2),new C("eré",-1,2),new C("iré",-1,2),new C("ió",-1,2)],d=[new C("a",-1,1),new C("e",-1,2),new C("o",-1,1),new C("os",-1,1),new C("á",-1,1),new C("é",-1,2),new C("í",-1,1),new C("ó",-1,1)],b=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,1,17,4,10],f=new P;function _(){if(f.out_grouping(b,97,252)){for(;!f.in_grouping(b,97,252);){if(f.cursor>=f.limit)return!0;f.cursor++}return!1}return!0}function h(){var e,s=f.cursor;if(function(){if(f.in_grouping(b,97,252)){var e=f.cursor;if(_()){if(f.cursor=e,!f.in_grouping(b,97,252))return!0;for(;!f.out_grouping(b,97,252);){if(f.cursor>=f.limit)return!0;f.cursor++}}return!1}return!0}()){if(f.cursor=s,!f.out_grouping(b,97,252))return;if(e=f.cursor,_()){if(f.cursor=e,!f.in_grouping(b,97,252)||f.cursor>=f.limit)return;f.cursor++}}i=f.cursor}function v(){for(;!f.in_grouping(b,97,252);){if(f.cursor>=f.limit)return!1;f.cursor++}for(;!f.out_grouping(b,97,252);){if(f.cursor>=f.limit)return!1;f.cursor++}return!0}function p(){return i<=f.cursor}function g(){return r<=f.cursor}function k(e,s){if(!g())return!0;f.slice_del(),f.ket=f.cursor;var r=f.find_among_b(e,s);return r&&(f.bra=f.cursor,1==r&&g()&&f.slice_del()),!1}function y(e){return!g()||(f.slice_del(),f.ket=f.cursor,f.eq_s_b(2,e)&&(f.bra=f.cursor,g()&&f.slice_del()),!1)}function q(){var e;if(f.ket=f.cursor,e=f.find_among_b(c,46)){switch(f.bra=f.cursor,e){case 1:if(!g())return!1;f.slice_del();break;case 2:if(y("ic"))return!1;break;case 3:if(!g())return!1;f.slice_from("log");break;case 4:if(!g())return!1;f.slice_from("u");break;case 5:if(!g())return!1;f.slice_from("ente");break;case 6:if(!(n<=f.cursor))return!1;f.slice_del(),f.ket=f.cursor,(e=f.find_among_b(s,4))&&(f.bra=f.cursor,g()&&(f.slice_del(),1==e&&(f.ket=f.cursor,f.eq_s_b(2,"at")&&(f.bra=f.cursor,g()&&f.slice_del()))));break;case 7:if(k(u,3))return!1;break;case 8:if(k(w,3))return!1;break;case 9:if(y("at"))return!1}return!0}return!1}this.setCurrent=function(e){f.setCurrent(e)},this.getCurrent=function(){return f.getCurrent()},this.stem=function(){var e,s=f.cursor;return e=f.cursor,i=f.limit,r=n=i,h(),f.cursor=e,v()&&(n=f.cursor,v()&&(r=f.cursor)),f.limit_backward=s,f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,f.find_among_b(t,13)&&(f.bra=f.cursor,(e=f.find_among_b(o,11))&&p()))switch(e){case 1:f.bra=f.cursor,f.slice_from("iendo");break;case 2:f.bra=f.cursor,f.slice_from("ando");break;case 3:f.bra=f.cursor,f.slice_from("ar");break;case 4:f.bra=f.cursor,f.slice_from("er");break;case 5:f.bra=f.cursor,f.slice_from("ir");break;case 6:f.slice_del();break;case 7:f.eq_s_b(1,"u")&&f.slice_del()}}(),f.cursor=f.limit,q()||(f.cursor=f.limit,function(){var e,s;if(f.cursor>=i&&(s=f.limit_backward,f.limit_backward=i,f.ket=f.cursor,e=f.find_among_b(m,12),f.limit_backward=s,e)){if(f.bra=f.cursor,1==e){if(!f.eq_s_b(1,"u"))return!1;f.slice_del()}return!0}return!1}()||(f.cursor=f.limit,function(){var e,s,r,n;if(f.cursor>=i&&(s=f.limit_backward,f.limit_backward=i,f.ket=f.cursor,e=f.find_among_b(l,96),f.limit_backward=s,e))switch(f.bra=f.cursor,e){case 1:r=f.limit-f.cursor,f.eq_s_b(1,"u")?(n=f.limit-f.cursor,f.eq_s_b(1,"g")?f.cursor=f.limit-n:f.cursor=f.limit-r):f.cursor=f.limit-r,f.bra=f.cursor;case 2:f.slice_del()}}())),f.cursor=f.limit,function(){var e,s;if(f.ket=f.cursor,e=f.find_among_b(d,8))switch(f.bra=f.cursor,e){case 1:p()&&f.slice_del();break;case 2:p()&&(f.slice_del(),f.ket=f.cursor,f.eq_s_b(1,"u")&&(f.bra=f.cursor,s=f.limit-f.cursor,f.eq_s_b(1,"g")&&(f.cursor=f.limit-s,p()&&f.slice_del())))}}(),f.cursor=f.limit_backward,function(){for(var e;;){if(f.bra=f.cursor,e=f.find_among(a,6))switch(f.ket=f.cursor,e){case 1:f.slice_from("a");continue;case 2:f.slice_from("e");continue;case 3:f.slice_from("i");continue;case 4:f.slice_from("o");continue;case 5:f.slice_from("u");continue;case 6:if(f.cursor>=f.limit)break;f.cursor++;continue}break}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return s.setCurrent(e),s.stem(),s.getCurrent()}):(s.setCurrent(e),s.stem(),s.getCurrent())}),e.Pipeline.registerFunction(e.es.stemmer,"stemmer-es"),e.es.stopWordFilter=e.generateStopWordFilter("a al algo algunas algunos ante antes como con contra cual cuando de del desde donde durante e el ella ellas ellos en entre era erais eran eras eres es esa esas ese eso esos esta estaba estabais estaban estabas estad estada estadas estado estados estamos estando estar estaremos estará estarán estarás estaré estaréis estaría estaríais estaríamos estarían estarías estas este estemos esto estos estoy estuve estuviera estuvierais estuvieran estuvieras estuvieron estuviese estuvieseis estuviesen estuvieses estuvimos estuviste estuvisteis estuviéramos estuviésemos estuvo está estábamos estáis están estás esté estéis estén estés fue fuera fuerais fueran fueras fueron fuese fueseis fuesen fueses fui fuimos fuiste fuisteis fuéramos fuésemos ha habida habidas habido habidos habiendo habremos habrá habrán habrás habré habréis habría habríais habríamos habrían habrías habéis había habíais habíamos habían habías han has hasta hay haya hayamos hayan hayas hayáis he hemos hube hubiera hubierais hubieran hubieras hubieron hubiese hubieseis hubiesen hubieses hubimos hubiste hubisteis hubiéramos hubiésemos hubo la las le les lo los me mi mis mucho muchos muy más mí mía mías mío míos nada ni no nos nosotras nosotros nuestra nuestras nuestro nuestros o os otra otras otro otros para pero poco por porque que quien quienes qué se sea seamos sean seas seremos será serán serás seré seréis sería seríais seríamos serían serías seáis sido siendo sin sobre sois somos son soy su sus suya suyas suyo suyos sí también tanto te tendremos tendrá tendrán tendrás tendré tendréis tendría tendríais tendríamos tendrían tendrías tened tenemos tenga tengamos tengan tengas tengo tengáis tenida tenidas tenido tenidos teniendo tenéis tenía teníais teníamos tenían tenías ti tiene tienen tienes todo todos tu tus tuve tuviera tuvierais tuvieran tuvieras tuvieron tuviese tuvieseis tuviesen tuvieses tuvimos tuviste tuvisteis tuviéramos tuviésemos tuvo tuya tuyas tuyo tuyos tú un una uno unos vosotras vosotros vuestra vuestras vuestro vuestros y ya yo él éramos".split(" ")),e.Pipeline.registerFunction(e.es.stopWordFilter,"stopWordFilter-es")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.fi.js b/docs/_build/html/_static/javascripts/lunr/lunr.fi.js deleted file mode 100644 index 2f9bf5ae..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.fi.js +++ /dev/null @@ -1 +0,0 @@ -!function(i,e){"function"==typeof define&&define.amd?define(e):"object"==typeof exports?module.exports=e():e()(i.lunr)}(this,function(){return function(i){if(void 0===i)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===i.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var v,C,e;i.fi=function(){this.pipeline.reset(),this.pipeline.add(i.fi.trimmer,i.fi.stopWordFilter,i.fi.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(i.fi.stemmer))},i.fi.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",i.fi.trimmer=i.trimmerSupport.generateTrimmer(i.fi.wordCharacters),i.Pipeline.registerFunction(i.fi.trimmer,"trimmer-fi"),i.fi.stemmer=(v=i.stemmerSupport.Among,C=i.stemmerSupport.SnowballProgram,e=new function(){var n,t,l,o,r=[new v("pa",-1,1),new v("sti",-1,2),new v("kaan",-1,1),new v("han",-1,1),new v("kin",-1,1),new v("hän",-1,1),new v("kään",-1,1),new v("ko",-1,1),new v("pä",-1,1),new v("kö",-1,1)],s=[new v("lla",-1,-1),new v("na",-1,-1),new v("ssa",-1,-1),new v("ta",-1,-1),new v("lta",3,-1),new v("sta",3,-1)],a=[new v("llä",-1,-1),new v("nä",-1,-1),new v("ssä",-1,-1),new v("tä",-1,-1),new v("ltä",3,-1),new v("stä",3,-1)],u=[new v("lle",-1,-1),new v("ine",-1,-1)],c=[new v("nsa",-1,3),new v("mme",-1,3),new v("nne",-1,3),new v("ni",-1,2),new v("si",-1,1),new v("an",-1,4),new v("en",-1,6),new v("än",-1,5),new v("nsä",-1,3)],i=[new v("aa",-1,-1),new v("ee",-1,-1),new v("ii",-1,-1),new v("oo",-1,-1),new v("uu",-1,-1),new v("ää",-1,-1),new v("öö",-1,-1)],m=[new v("a",-1,8),new v("lla",0,-1),new v("na",0,-1),new v("ssa",0,-1),new v("ta",0,-1),new v("lta",4,-1),new v("sta",4,-1),new v("tta",4,9),new v("lle",-1,-1),new v("ine",-1,-1),new v("ksi",-1,-1),new v("n",-1,7),new v("han",11,1),new v("den",11,-1,q),new v("seen",11,-1,j),new v("hen",11,2),new v("tten",11,-1,q),new v("hin",11,3),new v("siin",11,-1,q),new v("hon",11,4),new v("hän",11,5),new v("hön",11,6),new v("ä",-1,8),new v("llä",22,-1),new v("nä",22,-1),new v("ssä",22,-1),new v("tä",22,-1),new v("ltä",26,-1),new v("stä",26,-1),new v("ttä",26,9)],w=[new v("eja",-1,-1),new v("mma",-1,1),new v("imma",1,-1),new v("mpa",-1,1),new v("impa",3,-1),new v("mmi",-1,1),new v("immi",5,-1),new v("mpi",-1,1),new v("impi",7,-1),new v("ejä",-1,-1),new v("mmä",-1,1),new v("immä",10,-1),new v("mpä",-1,1),new v("impä",12,-1)],_=[new v("i",-1,-1),new v("j",-1,-1)],k=[new v("mma",-1,1),new v("imma",0,-1)],b=[17,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8],d=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,32],e=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,32],f=[17,97,24,1,0,0,0,0,0,0,0,0,0,0,0,0,8,0,32],h=new C;function p(){for(var i;i=h.cursor,!h.in_grouping(d,97,246);){if((h.cursor=i)>=h.limit)return!0;h.cursor++}for(h.cursor=i;!h.out_grouping(d,97,246);){if(h.cursor>=h.limit)return!0;h.cursor++}return!1}function g(){var i,e;if(h.cursor>=o)if(e=h.limit_backward,h.limit_backward=o,h.ket=h.cursor,i=h.find_among_b(r,10)){switch(h.bra=h.cursor,h.limit_backward=e,i){case 1:if(!h.in_grouping_b(f,97,246))return;break;case 2:if(!(l<=h.cursor))return}h.slice_del()}else h.limit_backward=e}function j(){return h.find_among_b(i,7)}function q(){return h.eq_s_b(1,"i")&&h.in_grouping_b(e,97,246)}this.setCurrent=function(i){h.setCurrent(i)},this.getCurrent=function(){return h.getCurrent()},this.stem=function(){var i,e=h.cursor;return o=h.limit,l=o,p()||(o=h.cursor,p()||(l=h.cursor)),n=!1,h.limit_backward=e,h.cursor=h.limit,g(),h.cursor=h.limit,function(){var i,e,r;if(h.cursor>=o)if(e=h.limit_backward,h.limit_backward=o,h.ket=h.cursor,i=h.find_among_b(c,9))switch(h.bra=h.cursor,h.limit_backward=e,i){case 1:r=h.limit-h.cursor,h.eq_s_b(1,"k")||(h.cursor=h.limit-r,h.slice_del());break;case 2:h.slice_del(),h.ket=h.cursor,h.eq_s_b(3,"kse")&&(h.bra=h.cursor,h.slice_from("ksi"));break;case 3:h.slice_del();break;case 4:h.find_among_b(s,6)&&h.slice_del();break;case 5:h.find_among_b(a,6)&&h.slice_del();break;case 6:h.find_among_b(u,2)&&h.slice_del()}else h.limit_backward=e}(),h.cursor=h.limit,function(){var i,e,r;if(h.cursor>=o)if(e=h.limit_backward,h.limit_backward=o,h.ket=h.cursor,i=h.find_among_b(m,30)){switch(h.bra=h.cursor,h.limit_backward=e,i){case 1:if(!h.eq_s_b(1,"a"))return;break;case 2:case 9:if(!h.eq_s_b(1,"e"))return;break;case 3:if(!h.eq_s_b(1,"i"))return;break;case 4:if(!h.eq_s_b(1,"o"))return;break;case 5:if(!h.eq_s_b(1,"ä"))return;break;case 6:if(!h.eq_s_b(1,"ö"))return;break;case 7:if(r=h.limit-h.cursor,!j()&&(h.cursor=h.limit-r,!h.eq_s_b(2,"ie"))){h.cursor=h.limit-r;break}if(h.cursor=h.limit-r,h.cursor<=h.limit_backward){h.cursor=h.limit-r;break}h.cursor--,h.bra=h.cursor;break;case 8:if(!h.in_grouping_b(d,97,246)||!h.out_grouping_b(d,97,246))return}h.slice_del(),n=!0}else h.limit_backward=e}(),h.cursor=h.limit,function(){var i,e,r;if(h.cursor>=l)if(e=h.limit_backward,h.limit_backward=l,h.ket=h.cursor,i=h.find_among_b(w,14)){if(h.bra=h.cursor,h.limit_backward=e,1==i){if(r=h.limit-h.cursor,h.eq_s_b(2,"po"))return;h.cursor=h.limit-r}h.slice_del()}else h.limit_backward=e}(),h.cursor=h.limit,h.cursor=(n?h.cursor>=o&&(i=h.limit_backward,h.limit_backward=o,h.ket=h.cursor,h.find_among_b(_,2)?(h.bra=h.cursor,h.limit_backward=i,h.slice_del()):h.limit_backward=i):(h.cursor=h.limit,function(){var i,e,r,n,t,s;if(h.cursor>=o){if(e=h.limit_backward,h.limit_backward=o,h.ket=h.cursor,h.eq_s_b(1,"t")&&(h.bra=h.cursor,r=h.limit-h.cursor,h.in_grouping_b(d,97,246)&&(h.cursor=h.limit-r,h.slice_del(),h.limit_backward=e,n=h.limit-h.cursor,h.cursor>=l&&(h.cursor=l,t=h.limit_backward,h.limit_backward=h.cursor,h.cursor=h.limit-n,h.ket=h.cursor,i=h.find_among_b(k,2))))){if(h.bra=h.cursor,h.limit_backward=t,1==i){if(s=h.limit-h.cursor,h.eq_s_b(2,"po"))return;h.cursor=h.limit-s}return h.slice_del()}h.limit_backward=e}}()),h.limit),function(){var i,e,r,n;if(h.cursor>=o){for(i=h.limit_backward,h.limit_backward=o,e=h.limit-h.cursor,j()&&(h.cursor=h.limit-e,h.ket=h.cursor,h.cursor>h.limit_backward&&(h.cursor--,h.bra=h.cursor,h.slice_del())),h.cursor=h.limit-e,h.ket=h.cursor,h.in_grouping_b(b,97,228)&&(h.bra=h.cursor,h.out_grouping_b(d,97,246)&&h.slice_del()),h.cursor=h.limit-e,h.ket=h.cursor,h.eq_s_b(1,"j")&&(h.bra=h.cursor,r=h.limit-h.cursor,h.eq_s_b(1,"o")?h.slice_del():(h.cursor=h.limit-r,h.eq_s_b(1,"u")&&h.slice_del())),h.cursor=h.limit-e,h.ket=h.cursor,h.eq_s_b(1,"o")&&(h.bra=h.cursor,h.eq_s_b(1,"j")&&h.slice_del()),h.cursor=h.limit-e,h.limit_backward=i;;){if(n=h.limit-h.cursor,h.out_grouping_b(d,97,246)){h.cursor=h.limit-n;break}if(h.cursor=h.limit-n,h.cursor<=h.limit_backward)return;h.cursor--}h.ket=h.cursor,h.cursor>h.limit_backward&&(h.cursor--,h.bra=h.cursor,t=h.slice_to(),h.eq_v_b(t)&&h.slice_del())}}(),!0}},function(i){return"function"==typeof i.update?i.update(function(i){return e.setCurrent(i),e.stem(),e.getCurrent()}):(e.setCurrent(i),e.stem(),e.getCurrent())}),i.Pipeline.registerFunction(i.fi.stemmer,"stemmer-fi"),i.fi.stopWordFilter=i.generateStopWordFilter("ei eivät emme en et ette että he heidän heidät heihin heille heillä heiltä heissä heistä heitä hän häneen hänelle hänellä häneltä hänen hänessä hänestä hänet häntä itse ja johon joiden joihin joiksi joilla joille joilta joina joissa joista joita joka joksi jolla jolle jolta jona jonka jos jossa josta jota jotka kanssa keiden keihin keiksi keille keillä keiltä keinä keissä keistä keitä keneen keneksi kenelle kenellä keneltä kenen kenenä kenessä kenestä kenet ketkä ketkä ketä koska kuin kuka kun me meidän meidät meihin meille meillä meiltä meissä meistä meitä mihin miksi mikä mille millä miltä minkä minkä minua minulla minulle minulta minun minussa minusta minut minuun minä minä missä mistä mitkä mitä mukaan mutta ne niiden niihin niiksi niille niillä niiltä niin niin niinä niissä niistä niitä noiden noihin noiksi noilla noille noilta noin noina noissa noista noita nuo nyt näiden näihin näiksi näille näillä näiltä näinä näissä näistä näitä nämä ole olemme olen olet olette oli olimme olin olisi olisimme olisin olisit olisitte olisivat olit olitte olivat olla olleet ollut on ovat poikki se sekä sen siihen siinä siitä siksi sille sillä sillä siltä sinua sinulla sinulle sinulta sinun sinussa sinusta sinut sinuun sinä sinä sitä tai te teidän teidät teihin teille teillä teiltä teissä teistä teitä tuo tuohon tuoksi tuolla tuolle tuolta tuon tuona tuossa tuosta tuota tähän täksi tälle tällä tältä tämä tämän tänä tässä tästä tätä vaan vai vaikka yli".split(" ")),i.Pipeline.registerFunction(i.fi.stopWordFilter,"stopWordFilter-fi")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.fr.js b/docs/_build/html/_static/javascripts/lunr/lunr.fr.js deleted file mode 100644 index 078d0cab..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.fr.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var r,y,s;e.fr=function(){this.pipeline.reset(),this.pipeline.add(e.fr.trimmer,e.fr.stopWordFilter,e.fr.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.fr.stemmer))},e.fr.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.fr.trimmer=e.trimmerSupport.generateTrimmer(e.fr.wordCharacters),e.Pipeline.registerFunction(e.fr.trimmer,"trimmer-fr"),e.fr.stemmer=(r=e.stemmerSupport.Among,y=e.stemmerSupport.SnowballProgram,s=new function(){var s,i,t,n=[new r("col",-1,-1),new r("par",-1,-1),new r("tap",-1,-1)],u=[new r("",-1,4),new r("I",0,1),new r("U",0,2),new r("Y",0,3)],o=[new r("iqU",-1,3),new r("abl",-1,3),new r("Ièr",-1,4),new r("ièr",-1,4),new r("eus",-1,2),new r("iv",-1,1)],c=[new r("ic",-1,2),new r("abil",-1,1),new r("iv",-1,3)],a=[new r("iqUe",-1,1),new r("atrice",-1,2),new r("ance",-1,1),new r("ence",-1,5),new r("logie",-1,3),new r("able",-1,1),new r("isme",-1,1),new r("euse",-1,11),new r("iste",-1,1),new r("ive",-1,8),new r("if",-1,8),new r("usion",-1,4),new r("ation",-1,2),new r("ution",-1,4),new r("ateur",-1,2),new r("iqUes",-1,1),new r("atrices",-1,2),new r("ances",-1,1),new r("ences",-1,5),new r("logies",-1,3),new r("ables",-1,1),new r("ismes",-1,1),new r("euses",-1,11),new r("istes",-1,1),new r("ives",-1,8),new r("ifs",-1,8),new r("usions",-1,4),new r("ations",-1,2),new r("utions",-1,4),new r("ateurs",-1,2),new r("ments",-1,15),new r("ements",30,6),new r("issements",31,12),new r("ités",-1,7),new r("ment",-1,15),new r("ement",34,6),new r("issement",35,12),new r("amment",34,13),new r("emment",34,14),new r("aux",-1,10),new r("eaux",39,9),new r("eux",-1,1),new r("ité",-1,7)],l=[new r("ira",-1,1),new r("ie",-1,1),new r("isse",-1,1),new r("issante",-1,1),new r("i",-1,1),new r("irai",4,1),new r("ir",-1,1),new r("iras",-1,1),new r("ies",-1,1),new r("îmes",-1,1),new r("isses",-1,1),new r("issantes",-1,1),new r("îtes",-1,1),new r("is",-1,1),new r("irais",13,1),new r("issais",13,1),new r("irions",-1,1),new r("issions",-1,1),new r("irons",-1,1),new r("issons",-1,1),new r("issants",-1,1),new r("it",-1,1),new r("irait",21,1),new r("issait",21,1),new r("issant",-1,1),new r("iraIent",-1,1),new r("issaIent",-1,1),new r("irent",-1,1),new r("issent",-1,1),new r("iront",-1,1),new r("ît",-1,1),new r("iriez",-1,1),new r("issiez",-1,1),new r("irez",-1,1),new r("issez",-1,1)],w=[new r("a",-1,3),new r("era",0,2),new r("asse",-1,3),new r("ante",-1,3),new r("ée",-1,2),new r("ai",-1,3),new r("erai",5,2),new r("er",-1,2),new r("as",-1,3),new r("eras",8,2),new r("âmes",-1,3),new r("asses",-1,3),new r("antes",-1,3),new r("âtes",-1,3),new r("ées",-1,2),new r("ais",-1,3),new r("erais",15,2),new r("ions",-1,1),new r("erions",17,2),new r("assions",17,3),new r("erons",-1,2),new r("ants",-1,3),new r("és",-1,2),new r("ait",-1,3),new r("erait",23,2),new r("ant",-1,3),new r("aIent",-1,3),new r("eraIent",26,2),new r("èrent",-1,2),new r("assent",-1,3),new r("eront",-1,2),new r("ât",-1,3),new r("ez",-1,2),new r("iez",32,2),new r("eriez",33,2),new r("assiez",33,3),new r("erez",32,2),new r("é",-1,2)],f=[new r("e",-1,3),new r("Ière",0,2),new r("ière",0,2),new r("ion",-1,1),new r("Ier",-1,2),new r("ier",-1,2),new r("ë",-1,4)],m=[new r("ell",-1,-1),new r("eill",-1,-1),new r("enn",-1,-1),new r("onn",-1,-1),new r("ett",-1,-1)],_=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,128,130,103,8,5],b=[1,65,20,0,0,0,0,0,0,0,0,0,0,0,0,0,128],d=new y;function k(e,r,s){return!(!d.eq_s(1,e)||(d.ket=d.cursor,!d.in_grouping(_,97,251)))&&(d.slice_from(r),d.cursor=s,!0)}function p(e,r,s){return!!d.eq_s(1,e)&&(d.ket=d.cursor,d.slice_from(r),d.cursor=s,!0)}function g(){for(;!d.in_grouping(_,97,251);){if(d.cursor>=d.limit)return!0;d.cursor++}for(;!d.out_grouping(_,97,251);){if(d.cursor>=d.limit)return!0;d.cursor++}return!1}function q(){return t<=d.cursor}function v(){return i<=d.cursor}function h(){return s<=d.cursor}function z(){if(!function(){var e,r;if(d.ket=d.cursor,e=d.find_among_b(a,43)){switch(d.bra=d.cursor,e){case 1:if(!h())return!1;d.slice_del();break;case 2:if(!h())return!1;d.slice_del(),d.ket=d.cursor,d.eq_s_b(2,"ic")&&(d.bra=d.cursor,h()?d.slice_del():d.slice_from("iqU"));break;case 3:if(!h())return!1;d.slice_from("log");break;case 4:if(!h())return!1;d.slice_from("u");break;case 5:if(!h())return!1;d.slice_from("ent");break;case 6:if(!q())return!1;if(d.slice_del(),d.ket=d.cursor,e=d.find_among_b(o,6))switch(d.bra=d.cursor,e){case 1:h()&&(d.slice_del(),d.ket=d.cursor,d.eq_s_b(2,"at")&&(d.bra=d.cursor,h()&&d.slice_del()));break;case 2:h()?d.slice_del():v()&&d.slice_from("eux");break;case 3:h()&&d.slice_del();break;case 4:q()&&d.slice_from("i")}break;case 7:if(!h())return!1;if(d.slice_del(),d.ket=d.cursor,e=d.find_among_b(c,3))switch(d.bra=d.cursor,e){case 1:h()?d.slice_del():d.slice_from("abl");break;case 2:h()?d.slice_del():d.slice_from("iqU");break;case 3:h()&&d.slice_del()}break;case 8:if(!h())return!1;if(d.slice_del(),d.ket=d.cursor,d.eq_s_b(2,"at")&&(d.bra=d.cursor,h()&&(d.slice_del(),d.ket=d.cursor,d.eq_s_b(2,"ic")))){d.bra=d.cursor,h()?d.slice_del():d.slice_from("iqU");break}break;case 9:d.slice_from("eau");break;case 10:if(!v())return!1;d.slice_from("al");break;case 11:if(h())d.slice_del();else{if(!v())return!1;d.slice_from("eux")}break;case 12:if(!v()||!d.out_grouping_b(_,97,251))return!1;d.slice_del();break;case 13:return q()&&d.slice_from("ant"),!1;case 14:return q()&&d.slice_from("ent"),!1;case 15:return r=d.limit-d.cursor,d.in_grouping_b(_,97,251)&&q()&&(d.cursor=d.limit-r,d.slice_del()),!1}return!0}return!1}()&&(d.cursor=d.limit,!function(){var e,r;if(d.cursor=t){if(s=d.limit_backward,d.limit_backward=t,d.ket=d.cursor,e=d.find_among_b(f,7))switch(d.bra=d.cursor,e){case 1:if(h()){if(i=d.limit-d.cursor,!d.eq_s_b(1,"s")&&(d.cursor=d.limit-i,!d.eq_s_b(1,"t")))break;d.slice_del()}break;case 2:d.slice_from("i");break;case 3:d.slice_del();break;case 4:d.eq_s_b(2,"gu")&&d.slice_del()}d.limit_backward=s}}();d.cursor=d.limit,d.ket=d.cursor,d.eq_s_b(1,"Y")?(d.bra=d.cursor,d.slice_from("i")):(d.cursor=d.limit,d.eq_s_b(1,"ç")&&(d.bra=d.cursor,d.slice_from("c")))}this.setCurrent=function(e){d.setCurrent(e)},this.getCurrent=function(){return d.getCurrent()},this.stem=function(){var e,r=d.cursor;return function(){for(var e,r;;){if(e=d.cursor,d.in_grouping(_,97,251)){if(d.bra=d.cursor,r=d.cursor,k("u","U",e))continue;if(d.cursor=r,k("i","I",e))continue;if(d.cursor=r,p("y","Y",e))continue}if(d.cursor=e,!k("y","Y",d.bra=e)){if(d.cursor=e,d.eq_s(1,"q")&&(d.bra=d.cursor,p("u","U",e)))continue;if((d.cursor=e)>=d.limit)return;d.cursor++}}}(),d.cursor=r,function(){var e=d.cursor;if(t=d.limit,s=i=t,d.in_grouping(_,97,251)&&d.in_grouping(_,97,251)&&d.cursor=d.limit){d.cursor=t;break}d.cursor++}while(!d.in_grouping(_,97,251))}t=d.cursor,d.cursor=e,g()||(i=d.cursor,g()||(s=d.cursor))}(),d.limit_backward=r,d.cursor=d.limit,z(),d.cursor=d.limit,e=d.limit-d.cursor,d.find_among_b(m,5)&&(d.cursor=d.limit-e,d.ket=d.cursor,d.cursor>d.limit_backward&&(d.cursor--,d.bra=d.cursor,d.slice_del())),d.cursor=d.limit,function(){for(var e,r=1;d.out_grouping_b(_,97,251);)r--;if(r<=0){if(d.ket=d.cursor,e=d.limit-d.cursor,!d.eq_s_b(1,"é")&&(d.cursor=d.limit-e,!d.eq_s_b(1,"è")))return;d.bra=d.cursor,d.slice_from("e")}}(),d.cursor=d.limit_backward,function(){for(var e,r;r=d.cursor,d.bra=r,e=d.find_among(u,4);)switch(d.ket=d.cursor,e){case 1:d.slice_from("i");break;case 2:d.slice_from("u");break;case 3:d.slice_from("y");break;case 4:if(d.cursor>=d.limit)return;d.cursor++}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return s.setCurrent(e),s.stem(),s.getCurrent()}):(s.setCurrent(e),s.stem(),s.getCurrent())}),e.Pipeline.registerFunction(e.fr.stemmer,"stemmer-fr"),e.fr.stopWordFilter=e.generateStopWordFilter("ai aie aient aies ait as au aura aurai auraient aurais aurait auras aurez auriez aurions aurons auront aux avaient avais avait avec avez aviez avions avons ayant ayez ayons c ce ceci celà ces cet cette d dans de des du elle en es est et eu eue eues eurent eus eusse eussent eusses eussiez eussions eut eux eûmes eût eûtes furent fus fusse fussent fusses fussiez fussions fut fûmes fût fûtes ici il ils j je l la le les leur leurs lui m ma mais me mes moi mon même n ne nos notre nous on ont ou par pas pour qu que quel quelle quelles quels qui s sa sans se sera serai seraient serais serait seras serez seriez serions serons seront ses soi soient sois soit sommes son sont soyez soyons suis sur t ta te tes toi ton tu un une vos votre vous y à étaient étais était étant étiez étions été étée étées étés êtes".split(" ")),e.Pipeline.registerFunction(e.fr.stopWordFilter,"stopWordFilter-fr")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.hu.js b/docs/_build/html/_static/javascripts/lunr/lunr.hu.js deleted file mode 100644 index 56a4b0dc..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.hu.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,n){"function"==typeof define&&define.amd?define(n):"object"==typeof exports?module.exports=n():n()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var p,_,n;e.hu=function(){this.pipeline.reset(),this.pipeline.add(e.hu.trimmer,e.hu.stopWordFilter,e.hu.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.hu.stemmer))},e.hu.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.hu.trimmer=e.trimmerSupport.generateTrimmer(e.hu.wordCharacters),e.Pipeline.registerFunction(e.hu.trimmer,"trimmer-hu"),e.hu.stemmer=(p=e.stemmerSupport.Among,_=e.stemmerSupport.SnowballProgram,n=new function(){var r,i=[new p("cs",-1,-1),new p("dzs",-1,-1),new p("gy",-1,-1),new p("ly",-1,-1),new p("ny",-1,-1),new p("sz",-1,-1),new p("ty",-1,-1),new p("zs",-1,-1)],n=[new p("á",-1,1),new p("é",-1,2)],a=[new p("bb",-1,-1),new p("cc",-1,-1),new p("dd",-1,-1),new p("ff",-1,-1),new p("gg",-1,-1),new p("jj",-1,-1),new p("kk",-1,-1),new p("ll",-1,-1),new p("mm",-1,-1),new p("nn",-1,-1),new p("pp",-1,-1),new p("rr",-1,-1),new p("ccs",-1,-1),new p("ss",-1,-1),new p("zzs",-1,-1),new p("tt",-1,-1),new p("vv",-1,-1),new p("ggy",-1,-1),new p("lly",-1,-1),new p("nny",-1,-1),new p("tty",-1,-1),new p("ssz",-1,-1),new p("zz",-1,-1)],t=[new p("al",-1,1),new p("el",-1,2)],e=[new p("ba",-1,-1),new p("ra",-1,-1),new p("be",-1,-1),new p("re",-1,-1),new p("ig",-1,-1),new p("nak",-1,-1),new p("nek",-1,-1),new p("val",-1,-1),new p("vel",-1,-1),new p("ul",-1,-1),new p("nál",-1,-1),new p("nél",-1,-1),new p("ból",-1,-1),new p("ról",-1,-1),new p("tól",-1,-1),new p("bõl",-1,-1),new p("rõl",-1,-1),new p("tõl",-1,-1),new p("ül",-1,-1),new p("n",-1,-1),new p("an",19,-1),new p("ban",20,-1),new p("en",19,-1),new p("ben",22,-1),new p("képpen",22,-1),new p("on",19,-1),new p("ön",19,-1),new p("képp",-1,-1),new p("kor",-1,-1),new p("t",-1,-1),new p("at",29,-1),new p("et",29,-1),new p("ként",29,-1),new p("anként",32,-1),new p("enként",32,-1),new p("onként",32,-1),new p("ot",29,-1),new p("ért",29,-1),new p("öt",29,-1),new p("hez",-1,-1),new p("hoz",-1,-1),new p("höz",-1,-1),new p("vá",-1,-1),new p("vé",-1,-1)],s=[new p("án",-1,2),new p("én",-1,1),new p("ánként",-1,3)],c=[new p("stul",-1,2),new p("astul",0,1),new p("ástul",0,3),new p("stül",-1,2),new p("estül",3,1),new p("éstül",3,4)],w=[new p("á",-1,1),new p("é",-1,2)],o=[new p("k",-1,7),new p("ak",0,4),new p("ek",0,6),new p("ok",0,5),new p("ák",0,1),new p("ék",0,2),new p("ök",0,3)],l=[new p("éi",-1,7),new p("áéi",0,6),new p("ééi",0,5),new p("é",-1,9),new p("ké",3,4),new p("aké",4,1),new p("eké",4,1),new p("oké",4,1),new p("áké",4,3),new p("éké",4,2),new p("öké",4,1),new p("éé",3,8)],u=[new p("a",-1,18),new p("ja",0,17),new p("d",-1,16),new p("ad",2,13),new p("ed",2,13),new p("od",2,13),new p("ád",2,14),new p("éd",2,15),new p("öd",2,13),new p("e",-1,18),new p("je",9,17),new p("nk",-1,4),new p("unk",11,1),new p("ánk",11,2),new p("énk",11,3),new p("ünk",11,1),new p("uk",-1,8),new p("juk",16,7),new p("ájuk",17,5),new p("ük",-1,8),new p("jük",19,7),new p("éjük",20,6),new p("m",-1,12),new p("am",22,9),new p("em",22,9),new p("om",22,9),new p("ám",22,10),new p("ém",22,11),new p("o",-1,18),new p("á",-1,19),new p("é",-1,20)],m=[new p("id",-1,10),new p("aid",0,9),new p("jaid",1,6),new p("eid",0,9),new p("jeid",3,6),new p("áid",0,7),new p("éid",0,8),new p("i",-1,15),new p("ai",7,14),new p("jai",8,11),new p("ei",7,14),new p("jei",10,11),new p("ái",7,12),new p("éi",7,13),new p("itek",-1,24),new p("eitek",14,21),new p("jeitek",15,20),new p("éitek",14,23),new p("ik",-1,29),new p("aik",18,26),new p("jaik",19,25),new p("eik",18,26),new p("jeik",21,25),new p("áik",18,27),new p("éik",18,28),new p("ink",-1,20),new p("aink",25,17),new p("jaink",26,16),new p("eink",25,17),new p("jeink",28,16),new p("áink",25,18),new p("éink",25,19),new p("aitok",-1,21),new p("jaitok",32,20),new p("áitok",-1,22),new p("im",-1,5),new p("aim",35,4),new p("jaim",36,1),new p("eim",35,4),new p("jeim",38,1),new p("áim",35,2),new p("éim",35,3)],k=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,1,17,52,14],f=new _;function b(){return r<=f.cursor}function d(){var e=f.limit-f.cursor;return!!f.find_among_b(a,23)&&(f.cursor=f.limit-e,!0)}function g(){if(f.cursor>f.limit_backward){f.cursor--,f.ket=f.cursor;var e=f.cursor-1;f.limit_backward<=e&&e<=f.limit&&(f.cursor=e,f.bra=e,f.slice_del())}}function h(){f.ket=f.cursor,f.find_among_b(e,44)&&(f.bra=f.cursor,b()&&(f.slice_del(),function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(n,2))&&(f.bra=f.cursor,b()))switch(e){case 1:f.slice_from("a");break;case 2:f.slice_from("e")}}()))}this.setCurrent=function(e){f.setCurrent(e)},this.getCurrent=function(){return f.getCurrent()},this.stem=function(){var e=f.cursor;return function(){var e,n=f.cursor;if(r=f.limit,f.in_grouping(k,97,252))for(;;){if(e=f.cursor,f.out_grouping(k,97,252))return f.cursor=e,f.find_among(i,8)||(f.cursor=e)=f.limit)return r=e;f.cursor++}if(f.cursor=n,f.out_grouping(k,97,252)){for(;!f.in_grouping(k,97,252);){if(f.cursor>=f.limit)return;f.cursor++}r=f.cursor}}(),f.limit_backward=e,f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(t,2))&&(f.bra=f.cursor,b())){if((1==e||2==e)&&!d())return;f.slice_del(),g()}}(),f.cursor=f.limit,h(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(s,3))&&(f.bra=f.cursor,b()))switch(e){case 1:f.slice_from("e");break;case 2:case 3:f.slice_from("a")}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(c,6))&&(f.bra=f.cursor,b()))switch(e){case 1:case 2:f.slice_del();break;case 3:f.slice_from("a");break;case 4:f.slice_from("e")}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(w,2))&&(f.bra=f.cursor,b())){if((1==e||2==e)&&!d())return;f.slice_del(),g()}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(l,12))&&(f.bra=f.cursor,b()))switch(e){case 1:case 4:case 7:case 9:f.slice_del();break;case 2:case 5:case 8:f.slice_from("e");break;case 3:case 6:f.slice_from("a")}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(u,31))&&(f.bra=f.cursor,b()))switch(e){case 1:case 4:case 7:case 8:case 9:case 12:case 13:case 16:case 17:case 18:f.slice_del();break;case 2:case 5:case 10:case 14:case 19:f.slice_from("a");break;case 3:case 6:case 11:case 15:case 20:f.slice_from("e")}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(m,42))&&(f.bra=f.cursor,b()))switch(e){case 1:case 4:case 5:case 6:case 9:case 10:case 11:case 14:case 15:case 16:case 17:case 20:case 21:case 24:case 25:case 26:case 29:f.slice_del();break;case 2:case 7:case 12:case 18:case 22:case 27:f.slice_from("a");break;case 3:case 8:case 13:case 19:case 23:case 28:f.slice_from("e")}}(),f.cursor=f.limit,function(){var e;if(f.ket=f.cursor,(e=f.find_among_b(o,7))&&(f.bra=f.cursor,b()))switch(e){case 1:f.slice_from("a");break;case 2:f.slice_from("e");break;case 3:case 4:case 5:case 6:case 7:f.slice_del()}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return n.setCurrent(e),n.stem(),n.getCurrent()}):(n.setCurrent(e),n.stem(),n.getCurrent())}),e.Pipeline.registerFunction(e.hu.stemmer,"stemmer-hu"),e.hu.stopWordFilter=e.generateStopWordFilter("a abban ahhoz ahogy ahol aki akik akkor alatt amely amelyek amelyekben amelyeket amelyet amelynek ami amikor amit amolyan amíg annak arra arról az azok azon azonban azt aztán azután azzal azért be belül benne bár cikk cikkek cikkeket csak de e ebben eddig egy egyes egyetlen egyik egyre egyéb egész ehhez ekkor el ellen elsõ elég elõ elõször elõtt emilyen ennek erre ez ezek ezen ezt ezzel ezért fel felé hanem hiszen hogy hogyan igen ill ill. illetve ilyen ilyenkor ismét ison itt jobban jó jól kell kellett keressünk keresztül ki kívül között közül legalább legyen lehet lehetett lenne lenni lesz lett maga magát majd majd meg mellett mely melyek mert mi mikor milyen minden mindenki mindent mindig mint mintha mit mivel miért most már más másik még míg nagy nagyobb nagyon ne nekem neki nem nincs néha néhány nélkül olyan ott pedig persze rá s saját sem semmi sok sokat sokkal szemben szerint szinte számára talán tehát teljes tovább továbbá több ugyanis utolsó után utána vagy vagyis vagyok valaki valami valamint való van vannak vele vissza viszont volna volt voltak voltam voltunk által általában át én éppen és így õ õk õket össze úgy új újabb újra".split(" ")),e.Pipeline.registerFunction(e.hu.stopWordFilter,"stopWordFilter-hu")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.it.js b/docs/_build/html/_static/javascripts/lunr/lunr.it.js deleted file mode 100644 index 50dddaa0..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.it.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var z,P,r;e.it=function(){this.pipeline.reset(),this.pipeline.add(e.it.trimmer,e.it.stopWordFilter,e.it.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.it.stemmer))},e.it.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.it.trimmer=e.trimmerSupport.generateTrimmer(e.it.wordCharacters),e.Pipeline.registerFunction(e.it.trimmer,"trimmer-it"),e.it.stemmer=(z=e.stemmerSupport.Among,P=e.stemmerSupport.SnowballProgram,r=new function(){var o,t,s,a=[new z("",-1,7),new z("qu",0,6),new z("á",0,1),new z("é",0,2),new z("í",0,3),new z("ó",0,4),new z("ú",0,5)],u=[new z("",-1,3),new z("I",0,1),new z("U",0,2)],c=[new z("la",-1,-1),new z("cela",0,-1),new z("gliela",0,-1),new z("mela",0,-1),new z("tela",0,-1),new z("vela",0,-1),new z("le",-1,-1),new z("cele",6,-1),new z("gliele",6,-1),new z("mele",6,-1),new z("tele",6,-1),new z("vele",6,-1),new z("ne",-1,-1),new z("cene",12,-1),new z("gliene",12,-1),new z("mene",12,-1),new z("sene",12,-1),new z("tene",12,-1),new z("vene",12,-1),new z("ci",-1,-1),new z("li",-1,-1),new z("celi",20,-1),new z("glieli",20,-1),new z("meli",20,-1),new z("teli",20,-1),new z("veli",20,-1),new z("gli",20,-1),new z("mi",-1,-1),new z("si",-1,-1),new z("ti",-1,-1),new z("vi",-1,-1),new z("lo",-1,-1),new z("celo",31,-1),new z("glielo",31,-1),new z("melo",31,-1),new z("telo",31,-1),new z("velo",31,-1)],w=[new z("ando",-1,1),new z("endo",-1,1),new z("ar",-1,2),new z("er",-1,2),new z("ir",-1,2)],r=[new z("ic",-1,-1),new z("abil",-1,-1),new z("os",-1,-1),new z("iv",-1,1)],n=[new z("ic",-1,1),new z("abil",-1,1),new z("iv",-1,1)],i=[new z("ica",-1,1),new z("logia",-1,3),new z("osa",-1,1),new z("ista",-1,1),new z("iva",-1,9),new z("anza",-1,1),new z("enza",-1,5),new z("ice",-1,1),new z("atrice",7,1),new z("iche",-1,1),new z("logie",-1,3),new z("abile",-1,1),new z("ibile",-1,1),new z("usione",-1,4),new z("azione",-1,2),new z("uzione",-1,4),new z("atore",-1,2),new z("ose",-1,1),new z("ante",-1,1),new z("mente",-1,1),new z("amente",19,7),new z("iste",-1,1),new z("ive",-1,9),new z("anze",-1,1),new z("enze",-1,5),new z("ici",-1,1),new z("atrici",25,1),new z("ichi",-1,1),new z("abili",-1,1),new z("ibili",-1,1),new z("ismi",-1,1),new z("usioni",-1,4),new z("azioni",-1,2),new z("uzioni",-1,4),new z("atori",-1,2),new z("osi",-1,1),new z("anti",-1,1),new z("amenti",-1,6),new z("imenti",-1,6),new z("isti",-1,1),new z("ivi",-1,9),new z("ico",-1,1),new z("ismo",-1,1),new z("oso",-1,1),new z("amento",-1,6),new z("imento",-1,6),new z("ivo",-1,9),new z("ità",-1,8),new z("istà",-1,1),new z("istè",-1,1),new z("istì",-1,1)],l=[new z("isca",-1,1),new z("enda",-1,1),new z("ata",-1,1),new z("ita",-1,1),new z("uta",-1,1),new z("ava",-1,1),new z("eva",-1,1),new z("iva",-1,1),new z("erebbe",-1,1),new z("irebbe",-1,1),new z("isce",-1,1),new z("ende",-1,1),new z("are",-1,1),new z("ere",-1,1),new z("ire",-1,1),new z("asse",-1,1),new z("ate",-1,1),new z("avate",16,1),new z("evate",16,1),new z("ivate",16,1),new z("ete",-1,1),new z("erete",20,1),new z("irete",20,1),new z("ite",-1,1),new z("ereste",-1,1),new z("ireste",-1,1),new z("ute",-1,1),new z("erai",-1,1),new z("irai",-1,1),new z("isci",-1,1),new z("endi",-1,1),new z("erei",-1,1),new z("irei",-1,1),new z("assi",-1,1),new z("ati",-1,1),new z("iti",-1,1),new z("eresti",-1,1),new z("iresti",-1,1),new z("uti",-1,1),new z("avi",-1,1),new z("evi",-1,1),new z("ivi",-1,1),new z("isco",-1,1),new z("ando",-1,1),new z("endo",-1,1),new z("Yamo",-1,1),new z("iamo",-1,1),new z("avamo",-1,1),new z("evamo",-1,1),new z("ivamo",-1,1),new z("eremo",-1,1),new z("iremo",-1,1),new z("assimo",-1,1),new z("ammo",-1,1),new z("emmo",-1,1),new z("eremmo",54,1),new z("iremmo",54,1),new z("immo",-1,1),new z("ano",-1,1),new z("iscano",58,1),new z("avano",58,1),new z("evano",58,1),new z("ivano",58,1),new z("eranno",-1,1),new z("iranno",-1,1),new z("ono",-1,1),new z("iscono",65,1),new z("arono",65,1),new z("erono",65,1),new z("irono",65,1),new z("erebbero",-1,1),new z("irebbero",-1,1),new z("assero",-1,1),new z("essero",-1,1),new z("issero",-1,1),new z("ato",-1,1),new z("ito",-1,1),new z("uto",-1,1),new z("avo",-1,1),new z("evo",-1,1),new z("ivo",-1,1),new z("ar",-1,1),new z("ir",-1,1),new z("erà",-1,1),new z("irà",-1,1),new z("erò",-1,1),new z("irò",-1,1)],m=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,128,128,8,2,1],f=[17,65,0,0,0,0,0,0,0,0,0,0,0,0,0,128,128,8,2],v=[17],b=new P;function d(e,r,n){return!(!b.eq_s(1,e)||(b.ket=b.cursor,!b.in_grouping(m,97,249)))&&(b.slice_from(r),b.cursor=n,!0)}function _(e){if(b.cursor=e,!b.in_grouping(m,97,249))return!1;for(;!b.out_grouping(m,97,249);){if(b.cursor>=b.limit)return!1;b.cursor++}return!0}function g(){var e,r=b.cursor;if(!function(){if(b.in_grouping(m,97,249)){var e=b.cursor;if(b.out_grouping(m,97,249)){for(;!b.in_grouping(m,97,249);){if(b.cursor>=b.limit)return _(e);b.cursor++}return!0}return _(e)}return!1}()){if(b.cursor=r,!b.out_grouping(m,97,249))return;if(e=b.cursor,b.out_grouping(m,97,249)){for(;!b.in_grouping(m,97,249);){if(b.cursor>=b.limit)return b.cursor=e,void(b.in_grouping(m,97,249)&&b.cursor=b.limit)return;b.cursor++}s=b.cursor}function p(){for(;!b.in_grouping(m,97,249);){if(b.cursor>=b.limit)return!1;b.cursor++}for(;!b.out_grouping(m,97,249);){if(b.cursor>=b.limit)return!1;b.cursor++}return!0}function k(){return s<=b.cursor}function h(){return o<=b.cursor}function q(){var e;if(b.ket=b.cursor,!(e=b.find_among_b(i,51)))return!1;switch(b.bra=b.cursor,e){case 1:if(!h())return!1;b.slice_del();break;case 2:if(!h())return!1;b.slice_del(),b.ket=b.cursor,b.eq_s_b(2,"ic")&&(b.bra=b.cursor,h()&&b.slice_del());break;case 3:if(!h())return!1;b.slice_from("log");break;case 4:if(!h())return!1;b.slice_from("u");break;case 5:if(!h())return!1;b.slice_from("ente");break;case 6:if(!k())return!1;b.slice_del();break;case 7:if(!(t<=b.cursor))return!1;b.slice_del(),b.ket=b.cursor,(e=b.find_among_b(r,4))&&(b.bra=b.cursor,h()&&(b.slice_del(),1==e&&(b.ket=b.cursor,b.eq_s_b(2,"at")&&(b.bra=b.cursor,h()&&b.slice_del()))));break;case 8:if(!h())return!1;b.slice_del(),b.ket=b.cursor,(e=b.find_among_b(n,3))&&(b.bra=b.cursor,1==e&&h()&&b.slice_del());break;case 9:if(!h())return!1;b.slice_del(),b.ket=b.cursor,b.eq_s_b(2,"at")&&(b.bra=b.cursor,h()&&(b.slice_del(),b.ket=b.cursor,b.eq_s_b(2,"ic")&&(b.bra=b.cursor,h()&&b.slice_del())))}return!0}function C(){var e;e=b.limit-b.cursor,b.ket=b.cursor,b.in_grouping_b(f,97,242)&&(b.bra=b.cursor,k()&&(b.slice_del(),b.ket=b.cursor,b.eq_s_b(1,"i")&&(b.bra=b.cursor,k())))?b.slice_del():b.cursor=b.limit-e,b.ket=b.cursor,b.eq_s_b(1,"h")&&(b.bra=b.cursor,b.in_grouping_b(v,99,103)&&k()&&b.slice_del())}this.setCurrent=function(e){b.setCurrent(e)},this.getCurrent=function(){return b.getCurrent()},this.stem=function(){var e,r,n,i=b.cursor;return function(){for(var e,r,n,i,o=b.cursor;;){if(b.bra=b.cursor,e=b.find_among(a,7))switch(b.ket=b.cursor,e){case 1:b.slice_from("à");continue;case 2:b.slice_from("è");continue;case 3:b.slice_from("ì");continue;case 4:b.slice_from("ò");continue;case 5:b.slice_from("ù");continue;case 6:b.slice_from("qU");continue;case 7:if(b.cursor>=b.limit)break;b.cursor++;continue}break}for(b.cursor=o;;)for(r=b.cursor;;){if(n=b.cursor,b.in_grouping(m,97,249)){if(b.bra=b.cursor,i=b.cursor,d("u","U",n))break;if(b.cursor=i,d("i","I",n))break}if(b.cursor=n,b.cursor>=b.limit)return b.cursor=r;b.cursor++}}(),b.cursor=i,e=b.cursor,s=b.limit,o=t=s,g(),b.cursor=e,p()&&(t=b.cursor,p()&&(o=b.cursor)),b.limit_backward=i,b.cursor=b.limit,function(){var e;if(b.ket=b.cursor,b.find_among_b(c,37)&&(b.bra=b.cursor,(e=b.find_among_b(w,5))&&k()))switch(e){case 1:b.slice_del();break;case 2:b.slice_from("e")}}(),b.cursor=b.limit,q()||(b.cursor=b.limit,b.cursor>=s&&(n=b.limit_backward,b.limit_backward=s,b.ket=b.cursor,(r=b.find_among_b(l,87))&&(b.bra=b.cursor,1==r&&b.slice_del()),b.limit_backward=n)),b.cursor=b.limit,C(),b.cursor=b.limit_backward,function(){for(var e;b.bra=b.cursor,e=b.find_among(u,3);)switch(b.ket=b.cursor,e){case 1:b.slice_from("i");break;case 2:b.slice_from("u");break;case 3:if(b.cursor>=b.limit)return;b.cursor++}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return r.setCurrent(e),r.stem(),r.getCurrent()}):(r.setCurrent(e),r.stem(),r.getCurrent())}),e.Pipeline.registerFunction(e.it.stemmer,"stemmer-it"),e.it.stopWordFilter=e.generateStopWordFilter("a abbia abbiamo abbiano abbiate ad agl agli ai al all alla alle allo anche avemmo avendo avesse avessero avessi avessimo aveste avesti avete aveva avevamo avevano avevate avevi avevo avrai avranno avrebbe avrebbero avrei avremmo avremo avreste avresti avrete avrà avrò avuta avute avuti avuto c che chi ci coi col come con contro cui da dagl dagli dai dal dall dalla dalle dallo degl degli dei del dell della delle dello di dov dove e ebbe ebbero ebbi ed era erano eravamo eravate eri ero essendo faccia facciamo facciano facciate faccio facemmo facendo facesse facessero facessi facessimo faceste facesti faceva facevamo facevano facevate facevi facevo fai fanno farai faranno farebbe farebbero farei faremmo faremo fareste faresti farete farà farò fece fecero feci fosse fossero fossi fossimo foste fosti fu fui fummo furono gli ha hai hanno ho i il in io l la le lei li lo loro lui ma mi mia mie miei mio ne negl negli nei nel nell nella nelle nello noi non nostra nostre nostri nostro o per perché più quale quanta quante quanti quanto quella quelle quelli quello questa queste questi questo sarai saranno sarebbe sarebbero sarei saremmo saremo sareste saresti sarete sarà sarò se sei si sia siamo siano siate siete sono sta stai stando stanno starai staranno starebbe starebbero starei staremmo staremo stareste staresti starete starà starò stava stavamo stavano stavate stavi stavo stemmo stesse stessero stessi stessimo steste stesti stette stettero stetti stia stiamo stiano stiate sto su sua sue sugl sugli sui sul sull sulla sulle sullo suo suoi ti tra tu tua tue tuo tuoi tutti tutto un una uno vi voi vostra vostre vostri vostro è".split(" ")),e.Pipeline.registerFunction(e.it.stopWordFilter,"stopWordFilter-it")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.ja.js b/docs/_build/html/_static/javascripts/lunr/lunr.ja.js deleted file mode 100644 index 69f62025..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.ja.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(m){if(void 0===m)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===m.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var l="2"==m.version[0];m.ja=function(){this.pipeline.reset(),this.pipeline.add(m.ja.trimmer,m.ja.stopWordFilter,m.ja.stemmer),l?this.tokenizer=m.ja.tokenizer:(m.tokenizer&&(m.tokenizer=m.ja.tokenizer),this.tokenizerFn&&(this.tokenizerFn=m.ja.tokenizer))};var j=new m.TinySegmenter;m.ja.tokenizer=function(e){var r,t,i,n,o,s,p,a,u;if(!arguments.length||null==e||null==e)return[];if(Array.isArray(e))return e.map(function(e){return l?new m.Token(e.toLowerCase()):e.toLowerCase()});for(r=(t=e.toString().toLowerCase().replace(/^\s+/,"")).length-1;0<=r;r--)if(/\S/.test(t.charAt(r))){t=t.substring(0,r+1);break}for(o=[],i=t.length,p=a=0;a<=i;a++)if(s=a-p,t.charAt(a).match(/\s/)||a==i){if(0=_.limit||(_.cursor++,!1)}function w(){for(;!_.in_grouping(m,97,232);){if(_.cursor>=_.limit)return!0;_.cursor++}for(;!_.out_grouping(m,97,232);){if(_.cursor>=_.limit)return!0;_.cursor++}return!1}function b(){return i<=_.cursor}function p(){return e<=_.cursor}function g(){var r=_.limit-_.cursor;_.find_among_b(t,3)&&(_.cursor=_.limit-r,_.ket=_.cursor,_.cursor>_.limit_backward&&(_.cursor--,_.bra=_.cursor,_.slice_del()))}function h(){var r;u=!1,_.ket=_.cursor,_.eq_s_b(1,"e")&&(_.bra=_.cursor,b()&&(r=_.limit-_.cursor,_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-r,_.slice_del(),u=!0,g())))}function k(){var r;b()&&(r=_.limit-_.cursor,_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-r,_.eq_s_b(3,"gem")||(_.cursor=_.limit-r,_.slice_del(),g())))}this.setCurrent=function(r){_.setCurrent(r)},this.getCurrent=function(){return _.getCurrent()},this.stem=function(){var r=_.cursor;return function(){for(var r,e,i,n=_.cursor;;){if(_.bra=_.cursor,r=_.find_among(o,11))switch(_.ket=_.cursor,r){case 1:_.slice_from("a");continue;case 2:_.slice_from("e");continue;case 3:_.slice_from("i");continue;case 4:_.slice_from("o");continue;case 5:_.slice_from("u");continue;case 6:if(_.cursor>=_.limit)break;_.cursor++;continue}break}for(_.cursor=n,_.bra=n,_.eq_s(1,"y")?(_.ket=_.cursor,_.slice_from("Y")):_.cursor=n;;)if(e=_.cursor,_.in_grouping(m,97,232)){if(i=_.cursor,_.bra=i,_.eq_s(1,"i"))_.ket=_.cursor,_.in_grouping(m,97,232)&&(_.slice_from("I"),_.cursor=e);else if(_.cursor=i,_.eq_s(1,"y"))_.ket=_.cursor,_.slice_from("Y"),_.cursor=e;else if(s(e))break}else if(s(e))break}(),_.cursor=r,i=_.limit,e=i,w()||((i=_.cursor)<3&&(i=3),w()||(e=_.cursor)),_.limit_backward=r,_.cursor=_.limit,function(){var r,e,i,n,o,t,s=_.limit-_.cursor;if(_.ket=_.cursor,r=_.find_among_b(c,5))switch(_.bra=_.cursor,r){case 1:b()&&_.slice_from("heid");break;case 2:k();break;case 3:b()&&_.out_grouping_b(f,97,232)&&_.slice_del()}if(_.cursor=_.limit-s,h(),_.cursor=_.limit-s,_.ket=_.cursor,_.eq_s_b(4,"heid")&&(_.bra=_.cursor,p()&&(e=_.limit-_.cursor,_.eq_s_b(1,"c")||(_.cursor=_.limit-e,_.slice_del(),_.ket=_.cursor,_.eq_s_b(2,"en")&&(_.bra=_.cursor,k())))),_.cursor=_.limit-s,_.ket=_.cursor,r=_.find_among_b(a,6))switch(_.bra=_.cursor,r){case 1:if(p()){if(_.slice_del(),i=_.limit-_.cursor,_.ket=_.cursor,_.eq_s_b(2,"ig")&&(_.bra=_.cursor,p()&&(n=_.limit-_.cursor,!_.eq_s_b(1,"e")))){_.cursor=_.limit-n,_.slice_del();break}_.cursor=_.limit-i,g()}break;case 2:p()&&(o=_.limit-_.cursor,_.eq_s_b(1,"e")||(_.cursor=_.limit-o,_.slice_del()));break;case 3:p()&&(_.slice_del(),h());break;case 4:p()&&_.slice_del();break;case 5:p()&&u&&_.slice_del()}_.cursor=_.limit-s,_.out_grouping_b(d,73,232)&&(t=_.limit-_.cursor,_.find_among_b(l,4)&&_.out_grouping_b(m,97,232)&&(_.cursor=_.limit-t,_.ket=_.cursor,_.cursor>_.limit_backward&&(_.cursor--,_.bra=_.cursor,_.slice_del())))}(),_.cursor=_.limit_backward,function(){for(var r;;)if(_.bra=_.cursor,r=_.find_among(n,3))switch(_.ket=_.cursor,r){case 1:_.slice_from("y");break;case 2:_.slice_from("i");break;case 3:if(_.cursor>=_.limit)return;_.cursor++}}(),!0}},function(r){return"function"==typeof r.update?r.update(function(r){return e.setCurrent(r),e.stem(),e.getCurrent()}):(e.setCurrent(r),e.stem(),e.getCurrent())}),r.Pipeline.registerFunction(r.nl.stemmer,"stemmer-nl"),r.nl.stopWordFilter=r.generateStopWordFilter(" aan al alles als altijd andere ben bij daar dan dat de der deze die dit doch doen door dus een eens en er ge geen geweest haar had heb hebben heeft hem het hier hij hoe hun iemand iets ik in is ja je kan kon kunnen maar me meer men met mij mijn moet na naar niet niets nog nu of om omdat onder ons ook op over reeds te tegen toch toen tot u uit uw van veel voor want waren was wat werd wezen wie wil worden wordt zal ze zelf zich zij zijn zo zonder zou".split(" ")),r.Pipeline.registerFunction(r.nl.stopWordFilter,"stopWordFilter-nl")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.no.js b/docs/_build/html/_static/javascripts/lunr/lunr.no.js deleted file mode 100644 index 3d156b9c..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.no.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var r,n,i;e.no=function(){this.pipeline.reset(),this.pipeline.add(e.no.trimmer,e.no.stopWordFilter,e.no.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.no.stemmer))},e.no.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.no.trimmer=e.trimmerSupport.generateTrimmer(e.no.wordCharacters),e.Pipeline.registerFunction(e.no.trimmer,"trimmer-no"),e.no.stemmer=(r=e.stemmerSupport.Among,n=e.stemmerSupport.SnowballProgram,i=new function(){var o,s,a=[new r("a",-1,1),new r("e",-1,1),new r("ede",1,1),new r("ande",1,1),new r("ende",1,1),new r("ane",1,1),new r("ene",1,1),new r("hetene",6,1),new r("erte",1,3),new r("en",-1,1),new r("heten",9,1),new r("ar",-1,1),new r("er",-1,1),new r("heter",12,1),new r("s",-1,2),new r("as",14,1),new r("es",14,1),new r("edes",16,1),new r("endes",16,1),new r("enes",16,1),new r("hetenes",19,1),new r("ens",14,1),new r("hetens",21,1),new r("ers",14,1),new r("ets",14,1),new r("et",-1,1),new r("het",25,1),new r("ert",-1,3),new r("ast",-1,1)],m=[new r("dt",-1,-1),new r("vt",-1,-1)],l=[new r("leg",-1,1),new r("eleg",0,1),new r("ig",-1,1),new r("eig",2,1),new r("lig",2,1),new r("elig",4,1),new r("els",-1,1),new r("lov",-1,1),new r("elov",7,1),new r("slov",7,1),new r("hetslov",9,1)],u=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,48,0,128],d=[119,125,149,1],c=new n;this.setCurrent=function(e){c.setCurrent(e)},this.getCurrent=function(){return c.getCurrent()},this.stem=function(){var e,r,n,i,t=c.cursor;return function(){var e,r=c.cursor+3;if(s=c.limit,0<=r||r<=c.limit){for(o=r;;){if(e=c.cursor,c.in_grouping(u,97,248)){c.cursor=e;break}if(e>=c.limit)return;c.cursor=e+1}for(;!c.out_grouping(u,97,248);){if(c.cursor>=c.limit)return;c.cursor++}(s=c.cursor)=s&&(r=c.limit_backward,c.limit_backward=s,c.ket=c.cursor,e=c.find_among_b(a,29),c.limit_backward=r,e))switch(c.bra=c.cursor,e){case 1:c.slice_del();break;case 2:n=c.limit-c.cursor,c.in_grouping_b(d,98,122)?c.slice_del():(c.cursor=c.limit-n,c.eq_s_b(1,"k")&&c.out_grouping_b(u,97,248)&&c.slice_del());break;case 3:c.slice_from("er")}}(),c.cursor=c.limit,r=c.limit-c.cursor,c.cursor>=s&&(e=c.limit_backward,c.limit_backward=s,c.ket=c.cursor,c.find_among_b(m,2)?(c.bra=c.cursor,c.limit_backward=e,c.cursor=c.limit-r,c.cursor>c.limit_backward&&(c.cursor--,c.bra=c.cursor,c.slice_del())):c.limit_backward=e),c.cursor=c.limit,c.cursor>=s&&(i=c.limit_backward,c.limit_backward=s,c.ket=c.cursor,(n=c.find_among_b(l,11))?(c.bra=c.cursor,c.limit_backward=i,1==n&&c.slice_del()):c.limit_backward=i),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return i.setCurrent(e),i.stem(),i.getCurrent()}):(i.setCurrent(e),i.stem(),i.getCurrent())}),e.Pipeline.registerFunction(e.no.stemmer,"stemmer-no"),e.no.stopWordFilter=e.generateStopWordFilter("alle at av bare begge ble blei bli blir blitt både båe da de deg dei deim deira deires dem den denne der dere deres det dette di din disse ditt du dykk dykkar då eg ein eit eitt eller elles en enn er et ett etter for fordi fra før ha hadde han hans har hennar henne hennes her hjå ho hoe honom hoss hossen hun hva hvem hver hvilke hvilken hvis hvor hvordan hvorfor i ikke ikkje ikkje ingen ingi inkje inn inni ja jeg kan kom korleis korso kun kunne kva kvar kvarhelst kven kvi kvifor man mange me med medan meg meget mellom men mi min mine mitt mot mykje ned no noe noen noka noko nokon nokor nokre nå når og også om opp oss over på samme seg selv si si sia sidan siden sin sine sitt sjøl skal skulle slik so som som somme somt så sånn til um upp ut uten var vart varte ved vere verte vi vil ville vore vors vort vår være være vært å".split(" ")),e.Pipeline.registerFunction(e.no.stopWordFilter,"stopWordFilter-no")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.pt.js b/docs/_build/html/_static/javascripts/lunr/lunr.pt.js deleted file mode 100644 index f50fc9fa..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.pt.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var j,C,r;e.pt=function(){this.pipeline.reset(),this.pipeline.add(e.pt.trimmer,e.pt.stopWordFilter,e.pt.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.pt.stemmer))},e.pt.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.pt.trimmer=e.trimmerSupport.generateTrimmer(e.pt.wordCharacters),e.Pipeline.registerFunction(e.pt.trimmer,"trimmer-pt"),e.pt.stemmer=(j=e.stemmerSupport.Among,C=e.stemmerSupport.SnowballProgram,r=new function(){var s,n,i,o=[new j("",-1,3),new j("ã",0,1),new j("õ",0,2)],a=[new j("",-1,3),new j("a~",0,1),new j("o~",0,2)],r=[new j("ic",-1,-1),new j("ad",-1,-1),new j("os",-1,-1),new j("iv",-1,1)],t=[new j("ante",-1,1),new j("avel",-1,1),new j("ível",-1,1)],u=[new j("ic",-1,1),new j("abil",-1,1),new j("iv",-1,1)],w=[new j("ica",-1,1),new j("ância",-1,1),new j("ência",-1,4),new j("ira",-1,9),new j("adora",-1,1),new j("osa",-1,1),new j("ista",-1,1),new j("iva",-1,8),new j("eza",-1,1),new j("logía",-1,2),new j("idade",-1,7),new j("ante",-1,1),new j("mente",-1,6),new j("amente",12,5),new j("ável",-1,1),new j("ível",-1,1),new j("ución",-1,3),new j("ico",-1,1),new j("ismo",-1,1),new j("oso",-1,1),new j("amento",-1,1),new j("imento",-1,1),new j("ivo",-1,8),new j("aça~o",-1,1),new j("ador",-1,1),new j("icas",-1,1),new j("ências",-1,4),new j("iras",-1,9),new j("adoras",-1,1),new j("osas",-1,1),new j("istas",-1,1),new j("ivas",-1,8),new j("ezas",-1,1),new j("logías",-1,2),new j("idades",-1,7),new j("uciones",-1,3),new j("adores",-1,1),new j("antes",-1,1),new j("aço~es",-1,1),new j("icos",-1,1),new j("ismos",-1,1),new j("osos",-1,1),new j("amentos",-1,1),new j("imentos",-1,1),new j("ivos",-1,8)],m=[new j("ada",-1,1),new j("ida",-1,1),new j("ia",-1,1),new j("aria",2,1),new j("eria",2,1),new j("iria",2,1),new j("ara",-1,1),new j("era",-1,1),new j("ira",-1,1),new j("ava",-1,1),new j("asse",-1,1),new j("esse",-1,1),new j("isse",-1,1),new j("aste",-1,1),new j("este",-1,1),new j("iste",-1,1),new j("ei",-1,1),new j("arei",16,1),new j("erei",16,1),new j("irei",16,1),new j("am",-1,1),new j("iam",20,1),new j("ariam",21,1),new j("eriam",21,1),new j("iriam",21,1),new j("aram",20,1),new j("eram",20,1),new j("iram",20,1),new j("avam",20,1),new j("em",-1,1),new j("arem",29,1),new j("erem",29,1),new j("irem",29,1),new j("assem",29,1),new j("essem",29,1),new j("issem",29,1),new j("ado",-1,1),new j("ido",-1,1),new j("ando",-1,1),new j("endo",-1,1),new j("indo",-1,1),new j("ara~o",-1,1),new j("era~o",-1,1),new j("ira~o",-1,1),new j("ar",-1,1),new j("er",-1,1),new j("ir",-1,1),new j("as",-1,1),new j("adas",47,1),new j("idas",47,1),new j("ias",47,1),new j("arias",50,1),new j("erias",50,1),new j("irias",50,1),new j("aras",47,1),new j("eras",47,1),new j("iras",47,1),new j("avas",47,1),new j("es",-1,1),new j("ardes",58,1),new j("erdes",58,1),new j("irdes",58,1),new j("ares",58,1),new j("eres",58,1),new j("ires",58,1),new j("asses",58,1),new j("esses",58,1),new j("isses",58,1),new j("astes",58,1),new j("estes",58,1),new j("istes",58,1),new j("is",-1,1),new j("ais",71,1),new j("eis",71,1),new j("areis",73,1),new j("ereis",73,1),new j("ireis",73,1),new j("áreis",73,1),new j("éreis",73,1),new j("íreis",73,1),new j("ásseis",73,1),new j("ésseis",73,1),new j("ísseis",73,1),new j("áveis",73,1),new j("íeis",73,1),new j("aríeis",84,1),new j("eríeis",84,1),new j("iríeis",84,1),new j("ados",-1,1),new j("idos",-1,1),new j("amos",-1,1),new j("áramos",90,1),new j("éramos",90,1),new j("íramos",90,1),new j("ávamos",90,1),new j("íamos",90,1),new j("aríamos",95,1),new j("eríamos",95,1),new j("iríamos",95,1),new j("emos",-1,1),new j("aremos",99,1),new j("eremos",99,1),new j("iremos",99,1),new j("ássemos",99,1),new j("êssemos",99,1),new j("íssemos",99,1),new j("imos",-1,1),new j("armos",-1,1),new j("ermos",-1,1),new j("irmos",-1,1),new j("ámos",-1,1),new j("arás",-1,1),new j("erás",-1,1),new j("irás",-1,1),new j("eu",-1,1),new j("iu",-1,1),new j("ou",-1,1),new j("ará",-1,1),new j("erá",-1,1),new j("irá",-1,1)],c=[new j("a",-1,1),new j("i",-1,1),new j("o",-1,1),new j("os",-1,1),new j("á",-1,1),new j("í",-1,1),new j("ó",-1,1)],l=[new j("e",-1,1),new j("ç",-1,2),new j("é",-1,1),new j("ê",-1,1)],f=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,3,19,12,2],d=new C;function v(){if(d.out_grouping(f,97,250)){for(;!d.in_grouping(f,97,250);){if(d.cursor>=d.limit)return!0;d.cursor++}return!1}return!0}function p(){var e,r,s=d.cursor;if(d.in_grouping(f,97,250))if(e=d.cursor,v()){if(d.cursor=e,function(){if(d.in_grouping(f,97,250))for(;!d.out_grouping(f,97,250);){if(d.cursor>=d.limit)return!1;d.cursor++}return i=d.cursor,!0}())return}else i=d.cursor;if(d.cursor=s,d.out_grouping(f,97,250)){if(r=d.cursor,v()){if(d.cursor=r,!d.in_grouping(f,97,250)||d.cursor>=d.limit)return;d.cursor++}i=d.cursor}}function _(){for(;!d.in_grouping(f,97,250);){if(d.cursor>=d.limit)return!1;d.cursor++}for(;!d.out_grouping(f,97,250);){if(d.cursor>=d.limit)return!1;d.cursor++}return!0}function h(){return i<=d.cursor}function b(){return s<=d.cursor}function g(){var e;if(d.ket=d.cursor,!(e=d.find_among_b(w,45)))return!1;switch(d.bra=d.cursor,e){case 1:if(!b())return!1;d.slice_del();break;case 2:if(!b())return!1;d.slice_from("log");break;case 3:if(!b())return!1;d.slice_from("u");break;case 4:if(!b())return!1;d.slice_from("ente");break;case 5:if(!(n<=d.cursor))return!1;d.slice_del(),d.ket=d.cursor,(e=d.find_among_b(r,4))&&(d.bra=d.cursor,b()&&(d.slice_del(),1==e&&(d.ket=d.cursor,d.eq_s_b(2,"at")&&(d.bra=d.cursor,b()&&d.slice_del()))));break;case 6:if(!b())return!1;d.slice_del(),d.ket=d.cursor,(e=d.find_among_b(t,3))&&(d.bra=d.cursor,1==e&&b()&&d.slice_del());break;case 7:if(!b())return!1;d.slice_del(),d.ket=d.cursor,(e=d.find_among_b(u,3))&&(d.bra=d.cursor,1==e&&b()&&d.slice_del());break;case 8:if(!b())return!1;d.slice_del(),d.ket=d.cursor,d.eq_s_b(2,"at")&&(d.bra=d.cursor,b()&&d.slice_del());break;case 9:if(!h()||!d.eq_s_b(1,"e"))return!1;d.slice_from("ir")}return!0}function k(e,r){if(d.eq_s_b(1,e)){d.bra=d.cursor;var s=d.limit-d.cursor;if(d.eq_s_b(1,r))return d.cursor=d.limit-s,h()&&d.slice_del(),!1}return!0}function q(){if(!g()&&(d.cursor=d.limit,!function(){var e,r;if(d.cursor>=i){if(r=d.limit_backward,d.limit_backward=i,d.ket=d.cursor,e=d.find_among_b(m,120))return d.bra=d.cursor,1==e&&d.slice_del(),d.limit_backward=r,!0;d.limit_backward=r}return!1}()))return d.cursor=d.limit,d.ket=d.cursor,void((e=d.find_among_b(c,7))&&(d.bra=d.cursor,1==e&&h()&&d.slice_del()));var e;d.cursor=d.limit,d.ket=d.cursor,d.eq_s_b(1,"i")&&(d.bra=d.cursor,d.eq_s_b(1,"c")&&(d.cursor=d.limit,h()&&d.slice_del()))}this.setCurrent=function(e){d.setCurrent(e)},this.getCurrent=function(){return d.getCurrent()},this.stem=function(){var e,r=d.cursor;return function(){for(var e;;){if(d.bra=d.cursor,e=d.find_among(o,3))switch(d.ket=d.cursor,e){case 1:d.slice_from("a~");continue;case 2:d.slice_from("o~");continue;case 3:if(d.cursor>=d.limit)break;d.cursor++;continue}break}}(),d.cursor=r,e=d.cursor,i=d.limit,s=n=i,p(),d.cursor=e,_()&&(n=d.cursor,_()&&(s=d.cursor)),d.limit_backward=r,d.cursor=d.limit,q(),d.cursor=d.limit,function(){var e;if(d.ket=d.cursor,e=d.find_among_b(l,4))switch(d.bra=d.cursor,e){case 1:h()&&(d.slice_del(),d.ket=d.cursor,d.limit,d.cursor,k("u","g")&&k("i","c"));break;case 2:d.slice_from("c")}}(),d.cursor=d.limit_backward,function(){for(var e;;){if(d.bra=d.cursor,e=d.find_among(a,3))switch(d.ket=d.cursor,e){case 1:d.slice_from("ã");continue;case 2:d.slice_from("õ");continue;case 3:if(d.cursor>=d.limit)break;d.cursor++;continue}break}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return r.setCurrent(e),r.stem(),r.getCurrent()}):(r.setCurrent(e),r.stem(),r.getCurrent())}),e.Pipeline.registerFunction(e.pt.stemmer,"stemmer-pt"),e.pt.stopWordFilter=e.generateStopWordFilter("a ao aos aquela aquelas aquele aqueles aquilo as até com como da das de dela delas dele deles depois do dos e ela elas ele eles em entre era eram essa essas esse esses esta estamos estas estava estavam este esteja estejam estejamos estes esteve estive estivemos estiver estivera estiveram estiverem estivermos estivesse estivessem estivéramos estivéssemos estou está estávamos estão eu foi fomos for fora foram forem formos fosse fossem fui fôramos fôssemos haja hajam hajamos havemos hei houve houvemos houver houvera houveram houverei houverem houveremos houveria houveriam houvermos houverá houverão houveríamos houvesse houvessem houvéramos houvéssemos há hão isso isto já lhe lhes mais mas me mesmo meu meus minha minhas muito na nas nem no nos nossa nossas nosso nossos num numa não nós o os ou para pela pelas pelo pelos por qual quando que quem se seja sejam sejamos sem serei seremos seria seriam será serão seríamos seu seus somos sou sua suas são só também te tem temos tenha tenham tenhamos tenho terei teremos teria teriam terá terão teríamos teu teus teve tinha tinham tive tivemos tiver tivera tiveram tiverem tivermos tivesse tivessem tivéramos tivéssemos tu tua tuas tém tínhamos um uma você vocês vos à às éramos".split(" ")),e.Pipeline.registerFunction(e.pt.stopWordFilter,"stopWordFilter-pt")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.ro.js b/docs/_build/html/_static/javascripts/lunr/lunr.ro.js deleted file mode 100644 index b19627e1..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.ro.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,i){"function"==typeof define&&define.amd?define(i):"object"==typeof exports?module.exports=i():i()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var h,z,i;e.ro=function(){this.pipeline.reset(),this.pipeline.add(e.ro.trimmer,e.ro.stopWordFilter,e.ro.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.ro.stemmer))},e.ro.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.ro.trimmer=e.trimmerSupport.generateTrimmer(e.ro.wordCharacters),e.Pipeline.registerFunction(e.ro.trimmer,"trimmer-ro"),e.ro.stemmer=(h=e.stemmerSupport.Among,z=e.stemmerSupport.SnowballProgram,i=new function(){var r,n,t,a,o=[new h("",-1,3),new h("I",0,1),new h("U",0,2)],s=[new h("ea",-1,3),new h("aţia",-1,7),new h("aua",-1,2),new h("iua",-1,4),new h("aţie",-1,7),new h("ele",-1,3),new h("ile",-1,5),new h("iile",6,4),new h("iei",-1,4),new h("atei",-1,6),new h("ii",-1,4),new h("ului",-1,1),new h("ul",-1,1),new h("elor",-1,3),new h("ilor",-1,4),new h("iilor",14,4)],c=[new h("icala",-1,4),new h("iciva",-1,4),new h("ativa",-1,5),new h("itiva",-1,6),new h("icale",-1,4),new h("aţiune",-1,5),new h("iţiune",-1,6),new h("atoare",-1,5),new h("itoare",-1,6),new h("ătoare",-1,5),new h("icitate",-1,4),new h("abilitate",-1,1),new h("ibilitate",-1,2),new h("ivitate",-1,3),new h("icive",-1,4),new h("ative",-1,5),new h("itive",-1,6),new h("icali",-1,4),new h("atori",-1,5),new h("icatori",18,4),new h("itori",-1,6),new h("ători",-1,5),new h("icitati",-1,4),new h("abilitati",-1,1),new h("ivitati",-1,3),new h("icivi",-1,4),new h("ativi",-1,5),new h("itivi",-1,6),new h("icităi",-1,4),new h("abilităi",-1,1),new h("ivităi",-1,3),new h("icităţi",-1,4),new h("abilităţi",-1,1),new h("ivităţi",-1,3),new h("ical",-1,4),new h("ator",-1,5),new h("icator",35,4),new h("itor",-1,6),new h("ător",-1,5),new h("iciv",-1,4),new h("ativ",-1,5),new h("itiv",-1,6),new h("icală",-1,4),new h("icivă",-1,4),new h("ativă",-1,5),new h("itivă",-1,6)],u=[new h("ica",-1,1),new h("abila",-1,1),new h("ibila",-1,1),new h("oasa",-1,1),new h("ata",-1,1),new h("ita",-1,1),new h("anta",-1,1),new h("ista",-1,3),new h("uta",-1,1),new h("iva",-1,1),new h("ic",-1,1),new h("ice",-1,1),new h("abile",-1,1),new h("ibile",-1,1),new h("isme",-1,3),new h("iune",-1,2),new h("oase",-1,1),new h("ate",-1,1),new h("itate",17,1),new h("ite",-1,1),new h("ante",-1,1),new h("iste",-1,3),new h("ute",-1,1),new h("ive",-1,1),new h("ici",-1,1),new h("abili",-1,1),new h("ibili",-1,1),new h("iuni",-1,2),new h("atori",-1,1),new h("osi",-1,1),new h("ati",-1,1),new h("itati",30,1),new h("iti",-1,1),new h("anti",-1,1),new h("isti",-1,3),new h("uti",-1,1),new h("işti",-1,3),new h("ivi",-1,1),new h("ităi",-1,1),new h("oşi",-1,1),new h("ităţi",-1,1),new h("abil",-1,1),new h("ibil",-1,1),new h("ism",-1,3),new h("ator",-1,1),new h("os",-1,1),new h("at",-1,1),new h("it",-1,1),new h("ant",-1,1),new h("ist",-1,3),new h("ut",-1,1),new h("iv",-1,1),new h("ică",-1,1),new h("abilă",-1,1),new h("ibilă",-1,1),new h("oasă",-1,1),new h("ată",-1,1),new h("ită",-1,1),new h("antă",-1,1),new h("istă",-1,3),new h("ută",-1,1),new h("ivă",-1,1)],w=[new h("ea",-1,1),new h("ia",-1,1),new h("esc",-1,1),new h("ăsc",-1,1),new h("ind",-1,1),new h("ând",-1,1),new h("are",-1,1),new h("ere",-1,1),new h("ire",-1,1),new h("âre",-1,1),new h("se",-1,2),new h("ase",10,1),new h("sese",10,2),new h("ise",10,1),new h("use",10,1),new h("âse",10,1),new h("eşte",-1,1),new h("ăşte",-1,1),new h("eze",-1,1),new h("ai",-1,1),new h("eai",19,1),new h("iai",19,1),new h("sei",-1,2),new h("eşti",-1,1),new h("ăşti",-1,1),new h("ui",-1,1),new h("ezi",-1,1),new h("âi",-1,1),new h("aşi",-1,1),new h("seşi",-1,2),new h("aseşi",29,1),new h("seseşi",29,2),new h("iseşi",29,1),new h("useşi",29,1),new h("âseşi",29,1),new h("işi",-1,1),new h("uşi",-1,1),new h("âşi",-1,1),new h("aţi",-1,2),new h("eaţi",38,1),new h("iaţi",38,1),new h("eţi",-1,2),new h("iţi",-1,2),new h("âţi",-1,2),new h("arăţi",-1,1),new h("serăţi",-1,2),new h("aserăţi",45,1),new h("seserăţi",45,2),new h("iserăţi",45,1),new h("userăţi",45,1),new h("âserăţi",45,1),new h("irăţi",-1,1),new h("urăţi",-1,1),new h("ârăţi",-1,1),new h("am",-1,1),new h("eam",54,1),new h("iam",54,1),new h("em",-1,2),new h("asem",57,1),new h("sesem",57,2),new h("isem",57,1),new h("usem",57,1),new h("âsem",57,1),new h("im",-1,2),new h("âm",-1,2),new h("ăm",-1,2),new h("arăm",65,1),new h("serăm",65,2),new h("aserăm",67,1),new h("seserăm",67,2),new h("iserăm",67,1),new h("userăm",67,1),new h("âserăm",67,1),new h("irăm",65,1),new h("urăm",65,1),new h("ârăm",65,1),new h("au",-1,1),new h("eau",76,1),new h("iau",76,1),new h("indu",-1,1),new h("ându",-1,1),new h("ez",-1,1),new h("ească",-1,1),new h("ară",-1,1),new h("seră",-1,2),new h("aseră",84,1),new h("seseră",84,2),new h("iseră",84,1),new h("useră",84,1),new h("âseră",84,1),new h("iră",-1,1),new h("ură",-1,1),new h("âră",-1,1),new h("ează",-1,1)],i=[new h("a",-1,1),new h("e",-1,1),new h("ie",1,1),new h("i",-1,1),new h("ă",-1,1)],m=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,2,32,0,0,4],l=new z;function f(e,i){l.eq_s(1,e)&&(l.ket=l.cursor,l.in_grouping(m,97,259)&&l.slice_from(i))}function p(){if(l.out_grouping(m,97,259)){for(;!l.in_grouping(m,97,259);){if(l.cursor>=l.limit)return!0;l.cursor++}return!1}return!0}function d(){var e,i,r=l.cursor;if(l.in_grouping(m,97,259)){if(e=l.cursor,!p())return void(a=l.cursor);if(l.cursor=e,!function(){if(l.in_grouping(m,97,259))for(;!l.out_grouping(m,97,259);){if(l.cursor>=l.limit)return!0;l.cursor++}return!1}())return void(a=l.cursor)}l.cursor=r,l.out_grouping(m,97,259)&&(i=l.cursor,p()&&(l.cursor=i,l.in_grouping(m,97,259)&&l.cursor=l.limit)return!1;l.cursor++}for(;!l.out_grouping(m,97,259);){if(l.cursor>=l.limit)return!1;l.cursor++}return!0}function v(){return t<=l.cursor}function _(){var e,i=l.limit-l.cursor;if(l.ket=l.cursor,(e=l.find_among_b(c,46))&&(l.bra=l.cursor,v())){switch(e){case 1:l.slice_from("abil");break;case 2:l.slice_from("ibil");break;case 3:l.slice_from("iv");break;case 4:l.slice_from("ic");break;case 5:l.slice_from("at");break;case 6:l.slice_from("it")}return r=!0,l.cursor=l.limit-i,!0}return!1}function g(){var e,i;for(r=!1;;)if(i=l.limit-l.cursor,!_()){l.cursor=l.limit-i;break}if(l.ket=l.cursor,(e=l.find_among_b(u,62))&&(l.bra=l.cursor,n<=l.cursor)){switch(e){case 1:l.slice_del();break;case 2:l.eq_s_b(1,"ţ")&&(l.bra=l.cursor,l.slice_from("t"));break;case 3:l.slice_from("ist")}r=!0}}function k(){var e;l.ket=l.cursor,(e=l.find_among_b(i,5))&&(l.bra=l.cursor,a<=l.cursor&&1==e&&l.slice_del())}this.setCurrent=function(e){l.setCurrent(e)},this.getCurrent=function(){return l.getCurrent()},this.stem=function(){var e,i=l.cursor;return function(){for(var e,i;e=l.cursor,l.in_grouping(m,97,259)&&(i=l.cursor,l.bra=i,f("u","U"),l.cursor=i,f("i","I")),l.cursor=e,!(l.cursor>=l.limit);)l.cursor++}(),l.cursor=i,e=l.cursor,a=l.limit,n=t=a,d(),l.cursor=e,b()&&(t=l.cursor,b()&&(n=l.cursor)),l.limit_backward=i,l.cursor=l.limit,function(){var e,i;if(l.ket=l.cursor,(e=l.find_among_b(s,16))&&(l.bra=l.cursor,v()))switch(e){case 1:l.slice_del();break;case 2:l.slice_from("a");break;case 3:l.slice_from("e");break;case 4:l.slice_from("i");break;case 5:i=l.limit-l.cursor,l.eq_s_b(2,"ab")||(l.cursor=l.limit-i,l.slice_from("i"));break;case 6:l.slice_from("at");break;case 7:l.slice_from("aţi")}}(),l.cursor=l.limit,g(),l.cursor=l.limit,r||(l.cursor=l.limit,function(){var e,i,r;if(l.cursor>=a){if(i=l.limit_backward,l.limit_backward=a,l.ket=l.cursor,e=l.find_among_b(w,94))switch(l.bra=l.cursor,e){case 1:if(r=l.limit-l.cursor,!l.out_grouping_b(m,97,259)&&(l.cursor=l.limit-r,!l.eq_s_b(1,"u")))break;case 2:l.slice_del()}l.limit_backward=i}}(),l.cursor=l.limit),k(),l.cursor=l.limit_backward,function(){for(var e;;){if(l.bra=l.cursor,e=l.find_among(o,3))switch(l.ket=l.cursor,e){case 1:l.slice_from("i");continue;case 2:l.slice_from("u");continue;case 3:if(l.cursor>=l.limit)break;l.cursor++;continue}break}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return i.setCurrent(e),i.stem(),i.getCurrent()}):(i.setCurrent(e),i.stem(),i.getCurrent())}),e.Pipeline.registerFunction(e.ro.stemmer,"stemmer-ro"),e.ro.stopWordFilter=e.generateStopWordFilter("acea aceasta această aceea acei aceia acel acela acele acelea acest acesta aceste acestea aceşti aceştia acolo acord acum ai aia aibă aici al ale alea altceva altcineva am ar are asemenea asta astea astăzi asupra au avea avem aveţi azi aş aşadar aţi bine bucur bună ca care caut ce cel ceva chiar cinci cine cineva contra cu cum cumva curând curînd când cât câte câtva câţi cînd cît cîte cîtva cîţi că căci cărei căror cărui către da dacă dar datorită dată dau de deci deja deoarece departe deşi din dinaintea dintr- dintre doi doilea două drept după dă ea ei el ele eram este eu eşti face fata fi fie fiecare fii fim fiu fiţi frumos fără graţie halbă iar ieri la le li lor lui lângă lîngă mai mea mei mele mereu meu mi mie mine mult multă mulţi mulţumesc mâine mîine mă ne nevoie nici nicăieri nimeni nimeri nimic nişte noastre noastră noi noroc nostru nouă noştri nu opt ori oricare orice oricine oricum oricând oricât oricînd oricît oriunde patra patru patrulea pe pentru peste pic poate pot prea prima primul prin puţin puţina puţină până pînă rog sa sale sau se spate spre sub sunt suntem sunteţi sută sînt sîntem sînteţi să săi său ta tale te timp tine toate toată tot totuşi toţi trei treia treilea tu tăi tău un una unde undeva unei uneia unele uneori unii unor unora unu unui unuia unul vi voastre voastră voi vostru vouă voştri vreme vreo vreun vă zece zero zi zice îi îl îmi împotriva în înainte înaintea încotro încât încît între întrucât întrucît îţi ăla ălea ăsta ăstea ăştia şapte şase şi ştiu ţi ţie".split(" ")),e.Pipeline.registerFunction(e.ro.stopWordFilter,"stopWordFilter-ro")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.ru.js b/docs/_build/html/_static/javascripts/lunr/lunr.ru.js deleted file mode 100644 index ac992480..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.ru.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,n){"function"==typeof define&&define.amd?define(n):"object"==typeof exports?module.exports=n():n()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var h,g,n;e.ru=function(){this.pipeline.reset(),this.pipeline.add(e.ru.trimmer,e.ru.stopWordFilter,e.ru.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.ru.stemmer))},e.ru.wordCharacters="Ѐ-҄҇-ԯᴫᵸⷠ-ⷿꙀ-ꚟ︮︯",e.ru.trimmer=e.trimmerSupport.generateTrimmer(e.ru.wordCharacters),e.Pipeline.registerFunction(e.ru.trimmer,"trimmer-ru"),e.ru.stemmer=(h=e.stemmerSupport.Among,g=e.stemmerSupport.SnowballProgram,n=new function(){var n,e,r=[new h("в",-1,1),new h("ив",0,2),new h("ыв",0,2),new h("вши",-1,1),new h("ивши",3,2),new h("ывши",3,2),new h("вшись",-1,1),new h("ившись",6,2),new h("ывшись",6,2)],t=[new h("ее",-1,1),new h("ие",-1,1),new h("ое",-1,1),new h("ые",-1,1),new h("ими",-1,1),new h("ыми",-1,1),new h("ей",-1,1),new h("ий",-1,1),new h("ой",-1,1),new h("ый",-1,1),new h("ем",-1,1),new h("им",-1,1),new h("ом",-1,1),new h("ым",-1,1),new h("его",-1,1),new h("ого",-1,1),new h("ему",-1,1),new h("ому",-1,1),new h("их",-1,1),new h("ых",-1,1),new h("ею",-1,1),new h("ою",-1,1),new h("ую",-1,1),new h("юю",-1,1),new h("ая",-1,1),new h("яя",-1,1)],w=[new h("ем",-1,1),new h("нн",-1,1),new h("вш",-1,1),new h("ивш",2,2),new h("ывш",2,2),new h("щ",-1,1),new h("ющ",5,1),new h("ующ",6,2)],i=[new h("сь",-1,1),new h("ся",-1,1)],u=[new h("ла",-1,1),new h("ила",0,2),new h("ыла",0,2),new h("на",-1,1),new h("ена",3,2),new h("ете",-1,1),new h("ите",-1,2),new h("йте",-1,1),new h("ейте",7,2),new h("уйте",7,2),new h("ли",-1,1),new h("или",10,2),new h("ыли",10,2),new h("й",-1,1),new h("ей",13,2),new h("уй",13,2),new h("л",-1,1),new h("ил",16,2),new h("ыл",16,2),new h("ем",-1,1),new h("им",-1,2),new h("ым",-1,2),new h("н",-1,1),new h("ен",22,2),new h("ло",-1,1),new h("ило",24,2),new h("ыло",24,2),new h("но",-1,1),new h("ено",27,2),new h("нно",27,1),new h("ет",-1,1),new h("ует",30,2),new h("ит",-1,2),new h("ыт",-1,2),new h("ют",-1,1),new h("уют",34,2),new h("ят",-1,2),new h("ны",-1,1),new h("ены",37,2),new h("ть",-1,1),new h("ить",39,2),new h("ыть",39,2),new h("ешь",-1,1),new h("ишь",-1,2),new h("ю",-1,2),new h("ую",44,2)],s=[new h("а",-1,1),new h("ев",-1,1),new h("ов",-1,1),new h("е",-1,1),new h("ие",3,1),new h("ье",3,1),new h("и",-1,1),new h("еи",6,1),new h("ии",6,1),new h("ами",6,1),new h("ями",6,1),new h("иями",10,1),new h("й",-1,1),new h("ей",12,1),new h("ией",13,1),new h("ий",12,1),new h("ой",12,1),new h("ам",-1,1),new h("ем",-1,1),new h("ием",18,1),new h("ом",-1,1),new h("ям",-1,1),new h("иям",21,1),new h("о",-1,1),new h("у",-1,1),new h("ах",-1,1),new h("ях",-1,1),new h("иях",26,1),new h("ы",-1,1),new h("ь",-1,1),new h("ю",-1,1),new h("ию",30,1),new h("ью",30,1),new h("я",-1,1),new h("ия",33,1),new h("ья",33,1)],o=[new h("ост",-1,1),new h("ость",-1,1)],c=[new h("ейше",-1,1),new h("н",-1,2),new h("ейш",-1,1),new h("ь",-1,3)],m=[33,65,8,232],l=new g;function f(){for(;!l.in_grouping(m,1072,1103);){if(l.cursor>=l.limit)return!1;l.cursor++}return!0}function a(){for(;!l.out_grouping(m,1072,1103);){if(l.cursor>=l.limit)return!1;l.cursor++}return!0}function p(e,n){var r,t;if(l.ket=l.cursor,r=l.find_among_b(e,n)){switch(l.bra=l.cursor,r){case 1:if(t=l.limit-l.cursor,!l.eq_s_b(1,"а")&&(l.cursor=l.limit-t,!l.eq_s_b(1,"я")))return!1;case 2:l.slice_del()}return!0}return!1}function d(e,n){var r;return l.ket=l.cursor,!!(r=l.find_among_b(e,n))&&(l.bra=l.cursor,1==r&&l.slice_del(),!0)}function _(){return!!d(t,26)&&(p(w,8),!0)}function b(){var e;l.ket=l.cursor,(e=l.find_among_b(o,2))&&(l.bra=l.cursor,n<=l.cursor&&1==e&&l.slice_del())}this.setCurrent=function(e){l.setCurrent(e)},this.getCurrent=function(){return l.getCurrent()},this.stem=function(){return e=l.limit,n=e,f()&&(e=l.cursor,a()&&f()&&a()&&(n=l.cursor)),l.cursor=l.limit,!(l.cursor>3]&1<<(7&s))return this.cursor++,!0}return!1},in_grouping_b:function(r,t,i){if(this.cursor>this.limit_backward){var s=b.charCodeAt(this.cursor-1);if(s<=i&&t<=s&&r[(s-=t)>>3]&1<<(7&s))return this.cursor--,!0}return!1},out_grouping:function(r,t,i){if(this.cursor>3]&1<<(7&s)))return this.cursor++,!0}return!1},out_grouping_b:function(r,t,i){if(this.cursor>this.limit_backward){var s=b.charCodeAt(this.cursor-1);if(i>3]&1<<(7&s)))return this.cursor--,!0}return!1},eq_s:function(r,t){if(this.limit-this.cursor>1),a=0,f=u=(l=r[i]).s_size){if(this.cursor=e+l.s_size,!l.method)return l.result;var m=l.method();if(this.cursor=e+l.s_size,m)return l.result}if((i=l.substring_i)<0)return 0}},find_among_b:function(r,t){for(var i=0,s=t,e=this.cursor,n=this.limit_backward,u=0,o=0,h=!1;;){for(var c=i+(s-i>>1),a=0,f=u=(_=r[i]).s_size){if(this.cursor=e-_.s_size,!_.method)return _.result;var m=_.method();if(this.cursor=e-_.s_size,m)return _.result}if((i=_.substring_i)<0)return 0}},replace_s:function(r,t,i){var s=i.length-(t-r);return b=b.substring(0,r)+i+b.substring(t),this.limit+=s,this.cursor>=t?this.cursor+=s:this.cursor>r&&(this.cursor=r),s},slice_check:function(){if(this.bra<0||this.bra>this.ket||this.ket>this.limit||this.limit>b.length)throw"faulty slice operation"},slice_from:function(r){this.slice_check(),this.replace_s(this.bra,this.ket,r)},slice_del:function(){this.slice_from("")},insert:function(r,t,i){var s=this.replace_s(r,t,i);r<=this.bra&&(this.bra+=s),r<=this.ket&&(this.ket+=s)},slice_to:function(){return this.slice_check(),b.substring(this.bra,this.ket)},eq_v_b:function(r){return this.eq_s_b(r.length,r)}}}},r.trimmerSupport={generateTrimmer:function(r){var t=new RegExp("^[^"+r+"]+"),i=new RegExp("[^"+r+"]+$");return function(r){return"function"==typeof r.update?r.update(function(r){return r.replace(t,"").replace(i,"")}):r.replace(t,"").replace(i,"")}}}}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.sv.js b/docs/_build/html/_static/javascripts/lunr/lunr.sv.js deleted file mode 100644 index 6daf5f9d..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.sv.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(e){if(void 0===e)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===e.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var r,l,n;e.sv=function(){this.pipeline.reset(),this.pipeline.add(e.sv.trimmer,e.sv.stopWordFilter,e.sv.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(e.sv.stemmer))},e.sv.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",e.sv.trimmer=e.trimmerSupport.generateTrimmer(e.sv.wordCharacters),e.Pipeline.registerFunction(e.sv.trimmer,"trimmer-sv"),e.sv.stemmer=(r=e.stemmerSupport.Among,l=e.stemmerSupport.SnowballProgram,n=new function(){var n,t,i=[new r("a",-1,1),new r("arna",0,1),new r("erna",0,1),new r("heterna",2,1),new r("orna",0,1),new r("ad",-1,1),new r("e",-1,1),new r("ade",6,1),new r("ande",6,1),new r("arne",6,1),new r("are",6,1),new r("aste",6,1),new r("en",-1,1),new r("anden",12,1),new r("aren",12,1),new r("heten",12,1),new r("ern",-1,1),new r("ar",-1,1),new r("er",-1,1),new r("heter",18,1),new r("or",-1,1),new r("s",-1,2),new r("as",21,1),new r("arnas",22,1),new r("ernas",22,1),new r("ornas",22,1),new r("es",21,1),new r("ades",26,1),new r("andes",26,1),new r("ens",21,1),new r("arens",29,1),new r("hetens",29,1),new r("erns",21,1),new r("at",-1,1),new r("andet",-1,1),new r("het",-1,1),new r("ast",-1,1)],s=[new r("dd",-1,-1),new r("gd",-1,-1),new r("nn",-1,-1),new r("dt",-1,-1),new r("gt",-1,-1),new r("kt",-1,-1),new r("tt",-1,-1)],a=[new r("ig",-1,1),new r("lig",0,1),new r("els",-1,1),new r("fullt",-1,3),new r("löst",-1,2)],o=[17,65,16,1,0,0,0,0,0,0,0,0,0,0,0,0,24,0,32],u=[119,127,149],m=new l;this.setCurrent=function(e){m.setCurrent(e)},this.getCurrent=function(){return m.getCurrent()},this.stem=function(){var e,r=m.cursor;return function(){var e,r=m.cursor+3;if(t=m.limit,0<=r||r<=m.limit){for(n=r;;){if(e=m.cursor,m.in_grouping(o,97,246)){m.cursor=e;break}if(m.cursor=e,m.cursor>=m.limit)return;m.cursor++}for(;!m.out_grouping(o,97,246);){if(m.cursor>=m.limit)return;m.cursor++}(t=m.cursor)=t&&(m.limit_backward=t,m.cursor=m.limit,m.ket=m.cursor,e=m.find_among_b(i,37),m.limit_backward=r,e))switch(m.bra=m.cursor,e){case 1:m.slice_del();break;case 2:m.in_grouping_b(u,98,121)&&m.slice_del()}}(),m.cursor=m.limit,e=m.limit_backward,m.cursor>=t&&(m.limit_backward=t,m.cursor=m.limit,m.find_among_b(s,7)&&(m.cursor=m.limit,m.ket=m.cursor,m.cursor>m.limit_backward&&(m.bra=--m.cursor,m.slice_del())),m.limit_backward=e),m.cursor=m.limit,function(){var e,r;if(m.cursor>=t){if(r=m.limit_backward,m.limit_backward=t,m.cursor=m.limit,m.ket=m.cursor,e=m.find_among_b(a,5))switch(m.bra=m.cursor,e){case 1:m.slice_del();break;case 2:m.slice_from("lös");break;case 3:m.slice_from("full")}m.limit_backward=r}}(),!0}},function(e){return"function"==typeof e.update?e.update(function(e){return n.setCurrent(e),n.stem(),n.getCurrent()}):(n.setCurrent(e),n.stem(),n.getCurrent())}),e.Pipeline.registerFunction(e.sv.stemmer,"stemmer-sv"),e.sv.stopWordFilter=e.generateStopWordFilter("alla allt att av blev bli blir blivit de dem den denna deras dess dessa det detta dig din dina ditt du där då efter ej eller en er era ert ett från för ha hade han hans har henne hennes hon honom hur här i icke ingen inom inte jag ju kan kunde man med mellan men mig min mina mitt mot mycket ni nu när någon något några och om oss på samma sedan sig sin sina sitta själv skulle som så sådan sådana sådant till under upp ut utan vad var vara varför varit varje vars vart vem vi vid vilka vilkas vilken vilket vår våra vårt än är åt över".split(" ")),e.Pipeline.registerFunction(e.sv.stopWordFilter,"stopWordFilter-sv")}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.th.js b/docs/_build/html/_static/javascripts/lunr/lunr.th.js deleted file mode 100644 index ee8ef373..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.th.js +++ /dev/null @@ -1 +0,0 @@ -!function(e,r){"function"==typeof define&&define.amd?define(r):"object"==typeof exports?module.exports=r():r()(e.lunr)}(this,function(){return function(t){if(void 0===t)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===t.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var i="2"==t.version[0];t.th=function(){this.pipeline.reset(),this.pipeline.add(t.th.trimmer),i?this.tokenizer=t.th.tokenizer:(t.tokenizer&&(t.tokenizer=t.th.tokenizer),this.tokenizerFn&&(this.tokenizerFn=t.th.tokenizer))},t.th.wordCharacters="[฀-๿]",t.th.trimmer=t.trimmerSupport.generateTrimmer(t.th.wordCharacters),t.Pipeline.registerFunction(t.th.trimmer,"trimmer-th");var n=t.wordcut;n.init(),t.th.tokenizer=function(e){if(!arguments.length||null==e||null==e)return[];if(Array.isArray(e))return e.map(function(e){return i?new t.Token(e):e});var r=e.toString().replace(/^\s+/,"");return n.cut(r).split("|")}}}); \ No newline at end of file diff --git a/docs/_build/html/_static/javascripts/lunr/lunr.tr.js b/docs/_build/html/_static/javascripts/lunr/lunr.tr.js deleted file mode 100644 index e8fb5a7d..00000000 --- a/docs/_build/html/_static/javascripts/lunr/lunr.tr.js +++ /dev/null @@ -1 +0,0 @@ -!function(r,i){"function"==typeof define&&define.amd?define(i):"object"==typeof exports?module.exports=i():i()(r.lunr)}(this,function(){return function(r){if(void 0===r)throw new Error("Lunr is not present. Please include / require Lunr before this script.");if(void 0===r.stemmerSupport)throw new Error("Lunr stemmer support is not present. Please include / require Lunr stemmer support before this script.");var mr,dr,i;r.tr=function(){this.pipeline.reset(),this.pipeline.add(r.tr.trimmer,r.tr.stopWordFilter,r.tr.stemmer),this.searchPipeline&&(this.searchPipeline.reset(),this.searchPipeline.add(r.tr.stemmer))},r.tr.wordCharacters="A-Za-zªºÀ-ÖØ-öø-ʸˠ-ˤᴀ-ᴥᴬ-ᵜᵢ-ᵥᵫ-ᵷᵹ-ᶾḀ-ỿⁱⁿₐ-ₜKÅℲⅎⅠ-ↈⱠ-ⱿꜢ-ꞇꞋ-ꞭꞰ-ꞷꟷ-ꟿꬰ-ꭚꭜ-ꭤff-stA-Za-z",r.tr.trimmer=r.trimmerSupport.generateTrimmer(r.tr.wordCharacters),r.Pipeline.registerFunction(r.tr.trimmer,"trimmer-tr"),r.tr.stemmer=(mr=r.stemmerSupport.Among,dr=r.stemmerSupport.SnowballProgram,i=new function(){var t,r=[new mr("m",-1,-1),new mr("n",-1,-1),new mr("miz",-1,-1),new mr("niz",-1,-1),new mr("muz",-1,-1),new mr("nuz",-1,-1),new mr("müz",-1,-1),new mr("nüz",-1,-1),new mr("mız",-1,-1),new mr("nız",-1,-1)],i=[new mr("leri",-1,-1),new mr("ları",-1,-1)],e=[new mr("ni",-1,-1),new mr("nu",-1,-1),new mr("nü",-1,-1),new mr("nı",-1,-1)],n=[new mr("in",-1,-1),new mr("un",-1,-1),new mr("ün",-1,-1),new mr("ın",-1,-1)],u=[new mr("a",-1,-1),new mr("e",-1,-1)],o=[new mr("na",-1,-1),new mr("ne",-1,-1)],s=[new mr("da",-1,-1),new mr("ta",-1,-1),new mr("de",-1,-1),new mr("te",-1,-1)],c=[new mr("nda",-1,-1),new mr("nde",-1,-1)],l=[new mr("dan",-1,-1),new mr("tan",-1,-1),new mr("den",-1,-1),new mr("ten",-1,-1)],a=[new mr("ndan",-1,-1),new mr("nden",-1,-1)],m=[new mr("la",-1,-1),new mr("le",-1,-1)],d=[new mr("ca",-1,-1),new mr("ce",-1,-1)],f=[new mr("im",-1,-1),new mr("um",-1,-1),new mr("üm",-1,-1),new mr("ım",-1,-1)],b=[new mr("sin",-1,-1),new mr("sun",-1,-1),new mr("sün",-1,-1),new mr("sın",-1,-1)],w=[new mr("iz",-1,-1),new mr("uz",-1,-1),new mr("üz",-1,-1),new mr("ız",-1,-1)],_=[new mr("siniz",-1,-1),new mr("sunuz",-1,-1),new mr("sünüz",-1,-1),new mr("sınız",-1,-1)],k=[new mr("lar",-1,-1),new mr("ler",-1,-1)],p=[new mr("niz",-1,-1),new mr("nuz",-1,-1),new mr("nüz",-1,-1),new mr("nız",-1,-1)],g=[new mr("dir",-1,-1),new mr("tir",-1,-1),new mr("dur",-1,-1),new mr("tur",-1,-1),new mr("dür",-1,-1),new mr("tür",-1,-1),new mr("dır",-1,-1),new mr("tır",-1,-1)],y=[new mr("casına",-1,-1),new mr("cesine",-1,-1)],z=[new mr("di",-1,-1),new mr("ti",-1,-1),new mr("dik",-1,-1),new mr("tik",-1,-1),new mr("duk",-1,-1),new mr("tuk",-1,-1),new mr("dük",-1,-1),new mr("tük",-1,-1),new mr("dık",-1,-1),new mr("tık",-1,-1),new mr("dim",-1,-1),new mr("tim",-1,-1),new mr("dum",-1,-1),new mr("tum",-1,-1),new mr("düm",-1,-1),new mr("tüm",-1,-1),new mr("dım",-1,-1),new mr("tım",-1,-1),new mr("din",-1,-1),new mr("tin",-1,-1),new mr("dun",-1,-1),new mr("tun",-1,-1),new mr("dün",-1,-1),new mr("tün",-1,-1),new mr("dın",-1,-1),new mr("tın",-1,-1),new mr("du",-1,-1),new mr("tu",-1,-1),new mr("dü",-1,-1),new mr("tü",-1,-1),new mr("dı",-1,-1),new mr("tı",-1,-1)],h=[new mr("sa",-1,-1),new mr("se",-1,-1),new mr("sak",-1,-1),new mr("sek",-1,-1),new mr("sam",-1,-1),new mr("sem",-1,-1),new mr("san",-1,-1),new mr("sen",-1,-1)],v=[new mr("miş",-1,-1),new mr("muş",-1,-1),new mr("müş",-1,-1),new mr("mış",-1,-1)],q=[new mr("b",-1,1),new mr("c",-1,2),new mr("d",-1,3),new mr("ğ",-1,4)],C=[17,65,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,8,0,0,0,0,0,0,1],P=[1,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,1],F=[65],S=[65],W=[["a",[1,64,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],97,305],["e",[17,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,130],101,252],["ı",[1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1],97,305],["i",[17],101,105],["o",F,111,117],["ö",S,246,252],["u",F,111,117]],L=new dr;function x(r,i,e){for(;;){var n=L.limit-L.cursor;if(L.in_grouping_b(r,i,e)){L.cursor=L.limit-n;break}if(L.cursor=L.limit-n,L.cursor<=L.limit_backward)return!1;L.cursor--}return!0}function A(){var r,i;r=L.limit-L.cursor,x(C,97,305);for(var e=0;eL.limit_backward&&(L.cursor--,e=L.limit-L.cursor,i()))?(L.cursor=L.limit-e,!0):(L.cursor=L.limit-n,r()?(L.cursor=L.limit-n,!1):(L.cursor=L.limit-n,!(L.cursor<=L.limit_backward)&&(L.cursor--,!!i()&&(L.cursor=L.limit-n,!0))))}function j(r){return E(r,function(){return L.in_grouping_b(C,97,305)})}function T(){return j(function(){return L.eq_s_b(1,"n")})}function Z(){return j(function(){return L.eq_s_b(1,"y")})}function B(){return L.find_among_b(r,10)&&E(function(){return L.in_grouping_b(P,105,305)},function(){return L.out_grouping_b(C,97,305)})}function D(){return A()&&L.in_grouping_b(P,105,305)&&j(function(){return L.eq_s_b(1,"s")})}function G(){return L.find_among_b(i,2)}function H(){return A()&&L.find_among_b(n,4)&&T()}function I(){return A()&&L.find_among_b(s,4)}function J(){return A()&&L.find_among_b(c,2)}function K(){return A()&&L.find_among_b(f,4)&&Z()}function M(){return A()&&L.find_among_b(b,4)}function N(){return A()&&L.find_among_b(w,4)&&Z()}function O(){return L.find_among_b(_,4)}function Q(){return A()&&L.find_among_b(k,2)}function R(){return A()&&L.find_among_b(g,8)}function U(){return A()&&L.find_among_b(z,32)&&Z()}function V(){return L.find_among_b(h,8)&&Z()}function X(){return A()&&L.find_among_b(v,4)&&Z()}function Y(){var r=L.limit-L.cursor;return!(X()||(L.cursor=L.limit-r,U()||(L.cursor=L.limit-r,V()||(L.cursor=L.limit-r,L.eq_s_b(3,"ken")&&Z()))))}function $(){if(L.find_among_b(y,2)){var r=L.limit-L.cursor;if(O()||(L.cursor=L.limit-r,Q()||(L.cursor=L.limit-r,K()||(L.cursor=L.limit-r,M()||(L.cursor=L.limit-r,N()||(L.cursor=L.limit-r))))),X())return!1}return!0}function rr(){if(!A()||!L.find_among_b(p,4))return!0;var r=L.limit-L.cursor;return!U()&&(L.cursor=L.limit-r,!V())}function ir(){var r,i,e,n=L.limit-L.cursor;if(L.ket=L.cursor,t=!0,Y()&&(L.cursor=L.limit-n,$()&&(L.cursor=L.limit-n,function(){if(Q()){L.bra=L.cursor,L.slice_del();var r=L.limit-L.cursor;return L.ket=L.cursor,R()||(L.cursor=L.limit-r,U()||(L.cursor=L.limit-r,V()||(L.cursor=L.limit-r,X()||(L.cursor=L.limit-r)))),t=!1}return!0}()&&(L.cursor=L.limit-n,rr()&&(L.cursor=L.limit-n,e=L.limit-L.cursor,!(O()||(L.cursor=L.limit-e,N()||(L.cursor=L.limit-e,M()||(L.cursor=L.limit-e,K()))))||(L.bra=L.cursor,L.slice_del(),i=L.limit-L.cursor,L.ket=L.cursor,X()||(L.cursor=L.limit-i),0)))))){if(L.cursor=L.limit-n,!R())return;L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,r=L.limit-L.cursor,O()||(L.cursor=L.limit-r,Q()||(L.cursor=L.limit-r,K()||(L.cursor=L.limit-r,M()||(L.cursor=L.limit-r,N()||(L.cursor=L.limit-r))))),X()||(L.cursor=L.limit-r)}L.bra=L.cursor,L.slice_del()}function er(){var r,i,e,n;if(L.ket=L.cursor,L.eq_s_b(2,"ki")){if(r=L.limit-L.cursor,I())return L.bra=L.cursor,L.slice_del(),i=L.limit-L.cursor,L.ket=L.cursor,Q()?(L.bra=L.cursor,L.slice_del(),er()):(L.cursor=L.limit-i,B()&&(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er()))),!0;if(L.cursor=L.limit-r,H()){if(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,e=L.limit-L.cursor,G())L.bra=L.cursor,L.slice_del();else{if(L.cursor=L.limit-e,L.ket=L.cursor,!B()&&(L.cursor=L.limit-e,!D()&&(L.cursor=L.limit-e,!er())))return!0;L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er())}return!0}if(L.cursor=L.limit-r,J()){if(n=L.limit-L.cursor,G())L.bra=L.cursor,L.slice_del();else if(L.cursor=L.limit-n,D())L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er());else if(L.cursor=L.limit-n,!er())return!1;return!0}}return!1}function nr(r){if(L.ket=L.cursor,!J()&&(L.cursor=L.limit-r,!A()||!L.find_among_b(o,2)))return!1;var i=L.limit-L.cursor;if(G())L.bra=L.cursor,L.slice_del();else if(L.cursor=L.limit-i,D())L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er());else if(L.cursor=L.limit-i,!er())return!1;return!0}function tr(r){if(L.ket=L.cursor,!(A()&&L.find_among_b(a,2)||(L.cursor=L.limit-r,A()&&L.find_among_b(e,4))))return!1;var i=L.limit-L.cursor;return!(!D()&&(L.cursor=L.limit-i,!G()))&&(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er()),!0)}function ur(){var r,i=L.limit-L.cursor;return L.ket=L.cursor,!!(H()||(L.cursor=L.limit-i,A()&&L.find_among_b(m,2)&&Z()))&&(L.bra=L.cursor,L.slice_del(),r=L.limit-L.cursor,L.ket=L.cursor,!(!Q()||(L.bra=L.cursor,L.slice_del(),!er()))||(L.cursor=L.limit-r,L.ket=L.cursor,(B()||(L.cursor=L.limit-r,D()||(L.cursor=L.limit-r,er())))&&(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er())),!0))}function or(){var r,i,e=L.limit-L.cursor;if(L.ket=L.cursor,!(I()||(L.cursor=L.limit-e,A()&&L.in_grouping_b(P,105,305)&&Z()||(L.cursor=L.limit-e,A()&&L.find_among_b(u,2)&&Z()))))return!1;if(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,r=L.limit-L.cursor,B())L.bra=L.cursor,L.slice_del(),i=L.limit-L.cursor,L.ket=L.cursor,Q()||(L.cursor=L.limit-i);else if(L.cursor=L.limit-r,!Q())return!0;return L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,er(),!0}function sr(){var r,i,e=L.limit-L.cursor;if(L.ket=L.cursor,Q())return L.bra=L.cursor,L.slice_del(),void er();if(L.cursor=L.limit-e,L.ket=L.cursor,A()&&L.find_among_b(d,2)&&T())if(L.bra=L.cursor,L.slice_del(),r=L.limit-L.cursor,L.ket=L.cursor,G())L.bra=L.cursor,L.slice_del();else{if(L.cursor=L.limit-r,L.ket=L.cursor,!B()&&(L.cursor=L.limit-r,!D())){if(L.cursor=L.limit-r,L.ket=L.cursor,!Q())return;if(L.bra=L.cursor,L.slice_del(),!er())return}L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er())}else if(L.cursor=L.limit-e,!nr(e)&&(L.cursor=L.limit-e,!tr(e))){if(L.cursor=L.limit-e,L.ket=L.cursor,A()&&L.find_among_b(l,4))return L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,i=L.limit-L.cursor,void(B()?(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er())):(L.cursor=L.limit-i,Q()?(L.bra=L.cursor,L.slice_del()):L.cursor=L.limit-i,er()));if(L.cursor=L.limit-e,!ur()){if(L.cursor=L.limit-e,G())return L.bra=L.cursor,void L.slice_del();L.cursor=L.limit-e,er()||(L.cursor=L.limit-e,or()||(L.cursor=L.limit-e,L.ket=L.cursor,(B()||(L.cursor=L.limit-e,D()))&&(L.bra=L.cursor,L.slice_del(),L.ket=L.cursor,Q()&&(L.bra=L.cursor,L.slice_del(),er()))))}}}function cr(r,i,e){if(L.cursor=L.limit-r,function(){for(;;){var r=L.limit-L.cursor;if(L.in_grouping_b(C,97,305)){L.cursor=L.limit-r;break}if(L.cursor=L.limit-r,L.cursor<=L.limit_backward)return!1;L.cursor--}return!0}()){var n=L.limit-L.cursor;if(!L.eq_s_b(1,i)&&(L.cursor=L.limit-n,!L.eq_s_b(1,e)))return!0;L.cursor=L.limit-r;var t=L.cursor;return L.insert(L.cursor,L.cursor,e),L.cursor=t,!1}return!0}function lr(r,i,e){for(;!L.eq_s(i,e);){if(L.cursor>=L.limit)return!0;L.cursor++}return i!=L.limit||(L.cursor=r,!1)}function ar(){var r,i,e=L.cursor;return!(!lr(r=L.cursor,2,"ad")||!lr(L.cursor=r,5,"soyad"))&&(L.limit_backward=e,L.cursor=L.limit,i=L.limit-L.cursor,(L.eq_s_b(1,"d")||(L.cursor=L.limit-i,L.eq_s_b(1,"g")))&&cr(i,"a","ı")&&cr(i,"e","i")&&cr(i,"o","u")&&cr(i,"ö","ü"),L.cursor=L.limit,function(){var r;if(L.ket=L.cursor,r=L.find_among_b(q,4))switch(L.bra=L.cursor,r){case 1:L.slice_from("p");break;case 2:L.slice_from("ç");break;case 3:L.slice_from("t");break;case 4:L.slice_from("k")}}(),!0)}this.setCurrent=function(r){L.setCurrent(r)},this.getCurrent=function(){return L.getCurrent()},this.stem=function(){return!!(function(){for(var r,i=L.cursor,e=2;;){for(r=L.cursor;!L.in_grouping(C,97,305);){if(L.cursor>=L.limit)return L.cursor=r,!(0e&&(this._events[n].warned=!0,console.error("(node) warning: possible EventEmitter memory leak detected. %d listeners added. Use emitter.setMaxListeners() to increase limit.",this._events[n].length),"function"==typeof console.trace&&console.trace()));return this},r.prototype.once=function(n,t){if(!a(t))throw TypeError("listener must be a function");var e=!1;function r(){this.removeListener(n,r),e||(e=!0,t.apply(this,arguments))}return r.listener=t,this.on(n,r),this},r.prototype.removeListener=function(n,t){var e,r,i,o;if(!a(t))throw TypeError("listener must be a function");if(!this._events||!this._events[n])return this;if(i=(e=this._events[n]).length,r=-1,e===t||a(e.listener)&&e.listener===t)delete this._events[n],this._events.removeListener&&this.emit("removeListener",n,t);else if(c(e)){for(o=i;0this.maxLength)return i();if(!this.stat&&p(this.cache,o)){var t=this.cache[o];if(Array.isArray(t)&&(t="DIR"),!n||"DIR"===t)return i(null,t);if(n&&"FILE"===t)return i()}var e=this.statCache[o];if(void 0!==e){if(!1===e)return i(null,e);var s=e.isDirectory()?"DIR":"FILE";return n&&"FILE"===s?i():i(null,s,e)}var a=this,c=d("stat\0"+o,function(n,e){{if(e&&e.isSymbolicLink())return u.stat(o,function(n,t){n?a._stat2(r,o,null,e,i):a._stat2(r,o,n,t,i)});a._stat2(r,o,n,e,i)}});c&&u.lstat(o,c)},b.prototype._stat2=function(n,t,e,r,i){if(e)return this.statCache[t]=!1,i();var o="/"===n.slice(-1);if(this.statCache[t]=r,"/"===t.slice(-1)&&!r.isDirectory())return i(null,!1,r);var s=r.isDirectory()?"DIR":"FILE";return this.cache[t]=this.cache[t]||s,o&&"DIR"!==s?i():i(null,s,r)}}).call(this,_("_process"))},{"./common.js":15,"./sync.js":17,_process:24,assert:9,events:14,fs:12,inflight:18,inherits:19,minimatch:20,once:21,path:22,"path-is-absolute":23,util:28}],17:[function(e,r,n){(function(i){(r.exports=n).GlobSync=h;var s=e("fs"),c=e("minimatch"),g=(c.Minimatch,e("./glob.js").Glob,e("util"),e("path")),u=e("assert"),l=e("path-is-absolute"),t=e("./common.js"),o=(t.alphasort,t.alphasorti,t.setopts),a=t.ownProp,f=t.childrenIgnored;function n(n,t){if("function"==typeof t||3===arguments.length)throw new TypeError("callback provided to sync glob\nSee: https://github.com/isaacs/node-glob/issues/167");return new h(n,t).found}function h(n,t){if(!n)throw new Error("must provide pattern");if("function"==typeof t||3===arguments.length)throw new TypeError("callback provided to sync glob\nSee: https://github.com/isaacs/node-glob/issues/167");if(!(this instanceof h))return new h(n,t);if(o(this,n,t),this.noprocess)return this;var e=this.minimatch.set.length;this.matches=new Array(e);for(var r=0;rthis.maxLength)return!1;if(!this.stat&&a(this.cache,t)){var r=this.cache[t];if(Array.isArray(r)&&(r="DIR"),!e||"DIR"===r)return r;if(e&&"FILE"===r)return!1}var i=this.statCache[t];if(!i){var o;try{o=s.lstatSync(t)}catch(n){return!1}if(o.isSymbolicLink())try{i=s.statSync(t)}catch(n){i=o}else i=o}r=(this.statCache[t]=i).isDirectory()?"DIR":"FILE";return this.cache[t]=this.cache[t]||r,(!e||"DIR"===r)&&r},h.prototype._mark=function(n){return t.mark(this,n)},h.prototype._makeAbs=function(n){return t.makeAbs(this,n)}}).call(this,e("_process"))},{"./common.js":15,"./glob.js":16,_process:24,assert:9,fs:12,minimatch:20,path:22,"path-is-absolute":23,util:28}],18:[function(t,r,n){(function(s){var n=t("wrappy"),a=Object.create(null),e=t("once");r.exports=n(function(n,t){return a[n]?(a[n].push(t),null):(a[n]=[t],o=n,e(function n(){var t=a[o],e=t.length,r=function(n){for(var t=n.length,e=[],r=0;re?(t.splice(0,e),s.nextTick(function(){n.apply(null,r)})):delete a[o]}}));var o})}).call(this,t("_process"))},{_process:24,once:21,wrappy:29}],19:[function(n,t,e){"function"==typeof Object.create?t.exports=function(n,t){n.super_=t,n.prototype=Object.create(t.prototype,{constructor:{value:n,enumerable:!1,writable:!0,configurable:!0}})}:t.exports=function(n,t){n.super_=t;var e=function(){};e.prototype=t.prototype,n.prototype=new e,n.prototype.constructor=n}},{}],20:[function(n,t,e){(t.exports=s).Minimatch=i;var u={sep:"/"};try{u=n("path")}catch(n){}var M=s.GLOBSTAR=i.GLOBSTAR={},r=n("brace-expansion"),C={"!":{open:"(?:(?!(?:",close:"))[^/]*?)"},"?":{open:"(?:",close:")?"},"+":{open:"(?:",close:")+"},"*":{open:"(?:",close:")*"},"@":{open:"(?:",close:")"}},P="[^/]",z=P+"*?",B="().*{}+?[]^$\\!".split("").reduce(function(n,t){return n[t]=!0,n},{});var l=/\/+/;function o(t,e){t=t||{},e=e||{};var r={};return Object.keys(e).forEach(function(n){r[n]=e[n]}),Object.keys(t).forEach(function(n){r[n]=t[n]}),r}function s(n,t,e){if("string"!=typeof t)throw new TypeError("glob pattern string required");return e||(e={}),!(!e.nocomment&&"#"===t.charAt(0))&&(""===t.trim()?""===n:new i(t,e).match(n))}function i(n,t){if(!(this instanceof i))return new i(n,t);if("string"!=typeof n)throw new TypeError("glob pattern string required");t||(t={}),n=n.trim(),"/"!==u.sep&&(n=n.split(u.sep).join("/")),this.options=t,this.set=[],this.pattern=n,this.regexp=null,this.negate=!1,this.comment=!1,this.empty=!1,this.make()}function a(n,t){if(t||(t=this instanceof i?this.options:{}),void 0===(n=void 0===n?this.pattern:n))throw new TypeError("undefined pattern");return t.nobrace||!n.match(/\{.*\}/)?[n]:r(n)}s.filter=function(r,i){return i=i||{},function(n,t,e){return s(n,r,i)}},s.defaults=function(r){if(!r||!Object.keys(r).length)return s;var i=s,n=function(n,t,e){return i.minimatch(n,t,o(r,e))};return n.Minimatch=function(n,t){return new i.Minimatch(n,o(r,t))},n},i.defaults=function(n){return n&&Object.keys(n).length?s.defaults(n).Minimatch:i},i.prototype.debug=function(){},i.prototype.make=function(){if(this._made)return;var n=this.pattern,t=this.options;if(!t.nocomment&&"#"===n.charAt(0))return void(this.comment=!0);if(!n)return void(this.empty=!0);this.parseNegate();var e=this.globSet=this.braceExpand();t.debug&&(this.debug=console.error);this.debug(this.pattern,e),e=this.globParts=e.map(function(n){return n.split(l)}),this.debug(this.pattern,e),e=e.map(function(n,t,e){return n.map(this.parse,this)},this),this.debug(this.pattern,e),e=e.filter(function(n){return-1===n.indexOf(!1)}),this.debug(this.pattern,e),this.set=e},i.prototype.parseNegate=function(){var n=this.pattern,t=!1,e=this.options,r=0;if(e.nonegate)return;for(var i=0,o=n.length;i>> no match, partial?",n,f,t,h),f!==s))}if("string"==typeof u?(c=r.nocase?l.toLowerCase()===u.toLowerCase():l===u,this.debug("string match",u,l,c)):(c=l.match(u),this.debug("pattern match",u,l,c)),!c)return!1}if(i===s&&o===a)return!0;if(i===s)return e;if(o===a)return i===s-1&&""===n[i];throw new Error("wtf?")}},{"brace-expansion":11,path:22}],21:[function(n,t,e){var r=n("wrappy");function i(n){var t=function(){return t.called?t.value:(t.called=!0,t.value=n.apply(this,arguments))};return t.called=!1,t}function o(n){var t=function(){if(t.called)throw new Error(t.onceError);return t.called=!0,t.value=n.apply(this,arguments)},e=n.name||"Function wrapped with `once`";return t.onceError=e+" shouldn't be called more than once",t.called=!1,t}t.exports=r(i),t.exports.strict=r(o),i.proto=i(function(){Object.defineProperty(Function.prototype,"once",{value:function(){return i(this)},configurable:!0}),Object.defineProperty(Function.prototype,"onceStrict",{value:function(){return o(this)},configurable:!0})})},{wrappy:29}],22:[function(n,t,u){(function(i){function o(n,t){for(var e=0,r=n.length-1;0<=r;r--){var i=n[r];"."===i?n.splice(r,1):".."===i?(n.splice(r,1),e++):e&&(n.splice(r,1),e--)}if(t)for(;e--;e)n.unshift("..");return n}var t=/^(\/?|)([\s\S]*?)((?:\.{1,2}|[^\/]+?|)(\.[^.\/]*|))(?:[\/]*)$/,s=function(n){return t.exec(n).slice(1)};function a(n,t){if(n.filter)return n.filter(t);for(var e=[],r=0;r":">",'"':""","'":"'","`":"`"},D=d.invert(N),F=function(t){var e=function(n){return t[n]},n="(?:"+d.keys(t).join("|")+")",r=RegExp(n),i=RegExp(n,"g");return function(n){return n=null==n?"":""+n,r.test(n)?n.replace(i,e):n}};d.escape=F(N),d.unescape=F(D),d.result=function(n,t,e){var r=null==n?void 0:n[t];return void 0===r&&(r=e),d.isFunction(r)?r.call(n):r};var M=0;d.uniqueId=function(n){var t=++M+"";return n?n+t:t},d.templateSettings={evaluate:/<%([\s\S]+?)%>/g,interpolate:/<%=([\s\S]+?)%>/g,escape:/<%-([\s\S]+?)%>/g};var C=/(.)^/,P={"'":"'","\\":"\\","\r":"r","\n":"n","\u2028":"u2028","\u2029":"u2029"},z=/\\|'|\r|\n|\u2028|\u2029/g,B=function(n){return"\\"+P[n]};d.template=function(o,n,t){!n&&t&&(n=t),n=d.defaults({},n,d.templateSettings);var e=RegExp([(n.escape||C).source,(n.interpolate||C).source,(n.evaluate||C).source].join("|")+"|$","g"),s=0,a="__p+='";o.replace(e,function(n,t,e,r,i){return a+=o.slice(s,i).replace(z,B),s=i+n.length,t?a+="'+\n((__t=("+t+"))==null?'':_.escape(__t))+\n'":e?a+="'+\n((__t=("+e+"))==null?'':__t)+\n'":r&&(a+="';\n"+r+"\n__p+='"),n}),a+="';\n",n.variable||(a="with(obj||{}){\n"+a+"}\n"),a="var __t,__p='',__j=Array.prototype.join,print=function(){__p+=__j.call(arguments,'');};\n"+a+"return __p;\n";try{var r=new Function(n.variable||"obj","_",a)}catch(n){throw n.source=a,n}var i=function(n){return r.call(this,n,d)},c=n.variable||"obj";return i.source="function("+c+"){\n"+a+"}",i},d.chain=function(n){var t=d(n);return t._chain=!0,t};var U=function(n,t){return n._chain?d(t).chain():t};d.mixin=function(e){d.each(d.functions(e),function(n){var t=d[n]=e[n];d.prototype[n]=function(){var n=[this._wrapped];return i.apply(n,arguments),U(this,t.apply(d,n))}})},d.mixin(d),d.each(["pop","push","reverse","shift","sort","splice","unshift"],function(t){var e=r[t];d.prototype[t]=function(){var n=this._wrapped;return e.apply(n,arguments),"shift"!==t&&"splice"!==t||0!==n.length||delete n[0],U(this,n)}}),d.each(["concat","join","slice"],function(n){var t=r[n];d.prototype[n]=function(){return U(this,t.apply(this._wrapped,arguments))}}),d.prototype.value=function(){return this._wrapped},d.prototype.valueOf=d.prototype.toJSON=d.prototype.value,d.prototype.toString=function(){return""+this._wrapped}}).call(this)},{}],26:[function(n,t,e){arguments[4][19][0].apply(e,arguments)},{dup:19}],27:[function(n,t,e){t.exports=function(n){return n&&"object"==typeof n&&"function"==typeof n.copy&&"function"==typeof n.fill&&"function"==typeof n.readUInt8}},{}],28:[function(h,n,k){(function(r,i){var a=/%[sdj%]/g;k.format=function(n){if(!_(n)){for(var t=[],e=0;e elements - // (i.e., `typeof document.createElement( "object" ) === "function"`). - // We don't want to classify *any* DOM node as a function. - return typeof obj === "function" && typeof obj.nodeType !== "number"; - }; - - -var isWindow = function isWindow( obj ) { - return obj != null && obj === obj.window; - }; - - -var document = window.document; - - - - var preservedScriptAttributes = { - type: true, - src: true, - nonce: true, - noModule: true - }; - - function DOMEval( code, node, doc ) { - doc = doc || document; - - var i, val, - script = doc.createElement( "script" ); - - script.text = code; - if ( node ) { - for ( i in preservedScriptAttributes ) { - - // Support: Firefox 64+, Edge 18+ - // Some browsers don't support the "nonce" property on scripts. - // On the other hand, just using `getAttribute` is not enough as - // the `nonce` attribute is reset to an empty string whenever it - // becomes browsing-context connected. - // See https://github.com/whatwg/html/issues/2369 - // See https://html.spec.whatwg.org/#nonce-attributes - // The `node.getAttribute` check was added for the sake of - // `jQuery.globalEval` so that it can fake a nonce-containing node - // via an object. - val = node[ i ] || node.getAttribute && node.getAttribute( i ); - if ( val ) { - script.setAttribute( i, val ); - } - } - } - doc.head.appendChild( script ).parentNode.removeChild( script ); - } - - -function toType( obj ) { - if ( obj == null ) { - return obj + ""; - } - - // Support: Android <=2.3 only (functionish RegExp) - return typeof obj === "object" || typeof obj === "function" ? - class2type[ toString.call( obj ) ] || "object" : - typeof obj; -} -/* global Symbol */ -// Defining this global in .eslintrc.json would create a danger of using the global -// unguarded in another place, it seems safer to define global only for this module - - - -var - version = "3.5.1", - - // Define a local copy of jQuery - jQuery = function( selector, context ) { - - // The jQuery object is actually just the init constructor 'enhanced' - // Need init if jQuery is called (just allow error to be thrown if not included) - return new jQuery.fn.init( selector, context ); - }; - -jQuery.fn = jQuery.prototype = { - - // The current version of jQuery being used - jquery: version, - - constructor: jQuery, - - // The default length of a jQuery object is 0 - length: 0, - - toArray: function() { - return slice.call( this ); - }, - - // Get the Nth element in the matched element set OR - // Get the whole matched element set as a clean array - get: function( num ) { - - // Return all the elements in a clean array - if ( num == null ) { - return slice.call( this ); - } - - // Return just the one element from the set - return num < 0 ? this[ num + this.length ] : this[ num ]; - }, - - // Take an array of elements and push it onto the stack - // (returning the new matched element set) - pushStack: function( elems ) { - - // Build a new jQuery matched element set - var ret = jQuery.merge( this.constructor(), elems ); - - // Add the old object onto the stack (as a reference) - ret.prevObject = this; - - // Return the newly-formed element set - return ret; - }, - - // Execute a callback for every element in the matched set. - each: function( callback ) { - return jQuery.each( this, callback ); - }, - - map: function( callback ) { - return this.pushStack( jQuery.map( this, function( elem, i ) { - return callback.call( elem, i, elem ); - } ) ); - }, - - slice: function() { - return this.pushStack( slice.apply( this, arguments ) ); - }, - - first: function() { - return this.eq( 0 ); - }, - - last: function() { - return this.eq( -1 ); - }, - - even: function() { - return this.pushStack( jQuery.grep( this, function( _elem, i ) { - return ( i + 1 ) % 2; - } ) ); - }, - - odd: function() { - return this.pushStack( jQuery.grep( this, function( _elem, i ) { - return i % 2; - } ) ); - }, - - eq: function( i ) { - var len = this.length, - j = +i + ( i < 0 ? len : 0 ); - return this.pushStack( j >= 0 && j < len ? [ this[ j ] ] : [] ); - }, - - end: function() { - return this.prevObject || this.constructor(); - }, - - // For internal use only. - // Behaves like an Array's method, not like a jQuery method. - push: push, - sort: arr.sort, - splice: arr.splice -}; - -jQuery.extend = jQuery.fn.extend = function() { - var options, name, src, copy, copyIsArray, clone, - target = arguments[ 0 ] || {}, - i = 1, - length = arguments.length, - deep = false; - - // Handle a deep copy situation - if ( typeof target === "boolean" ) { - deep = target; - - // Skip the boolean and the target - target = arguments[ i ] || {}; - i++; - } - - // Handle case when target is a string or something (possible in deep copy) - if ( typeof target !== "object" && !isFunction( target ) ) { - target = {}; - } - - // Extend jQuery itself if only one argument is passed - if ( i === length ) { - target = this; - i--; - } - - for ( ; i < length; i++ ) { - - // Only deal with non-null/undefined values - if ( ( options = arguments[ i ] ) != null ) { - - // Extend the base object - for ( name in options ) { - copy = options[ name ]; - - // Prevent Object.prototype pollution - // Prevent never-ending loop - if ( name === "__proto__" || target === copy ) { - continue; - } - - // Recurse if we're merging plain objects or arrays - if ( deep && copy && ( jQuery.isPlainObject( copy ) || - ( copyIsArray = Array.isArray( copy ) ) ) ) { - src = target[ name ]; - - // Ensure proper type for the source value - if ( copyIsArray && !Array.isArray( src ) ) { - clone = []; - } else if ( !copyIsArray && !jQuery.isPlainObject( src ) ) { - clone = {}; - } else { - clone = src; - } - copyIsArray = false; - - // Never move original objects, clone them - target[ name ] = jQuery.extend( deep, clone, copy ); - - // Don't bring in undefined values - } else if ( copy !== undefined ) { - target[ name ] = copy; - } - } - } - } - - // Return the modified object - return target; -}; - -jQuery.extend( { - - // Unique for each copy of jQuery on the page - expando: "jQuery" + ( version + Math.random() ).replace( /\D/g, "" ), - - // Assume jQuery is ready without the ready module - isReady: true, - - error: function( msg ) { - throw new Error( msg ); - }, - - noop: function() {}, - - isPlainObject: function( obj ) { - var proto, Ctor; - - // Detect obvious negatives - // Use toString instead of jQuery.type to catch host objects - if ( !obj || toString.call( obj ) !== "[object Object]" ) { - return false; - } - - proto = getProto( obj ); - - // Objects with no prototype (e.g., `Object.create( null )`) are plain - if ( !proto ) { - return true; - } - - // Objects with prototype are plain iff they were constructed by a global Object function - Ctor = hasOwn.call( proto, "constructor" ) && proto.constructor; - return typeof Ctor === "function" && fnToString.call( Ctor ) === ObjectFunctionString; - }, - - isEmptyObject: function( obj ) { - var name; - - for ( name in obj ) { - return false; - } - return true; - }, - - // Evaluates a script in a provided context; falls back to the global one - // if not specified. - globalEval: function( code, options, doc ) { - DOMEval( code, { nonce: options && options.nonce }, doc ); - }, - - each: function( obj, callback ) { - var length, i = 0; - - if ( isArrayLike( obj ) ) { - length = obj.length; - for ( ; i < length; i++ ) { - if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) { - break; - } - } - } else { - for ( i in obj ) { - if ( callback.call( obj[ i ], i, obj[ i ] ) === false ) { - break; - } - } - } - - return obj; - }, - - // results is for internal usage only - makeArray: function( arr, results ) { - var ret = results || []; - - if ( arr != null ) { - if ( isArrayLike( Object( arr ) ) ) { - jQuery.merge( ret, - typeof arr === "string" ? - [ arr ] : arr - ); - } else { - push.call( ret, arr ); - } - } - - return ret; - }, - - inArray: function( elem, arr, i ) { - return arr == null ? -1 : indexOf.call( arr, elem, i ); - }, - - // Support: Android <=4.0 only, PhantomJS 1 only - // push.apply(_, arraylike) throws on ancient WebKit - merge: function( first, second ) { - var len = +second.length, - j = 0, - i = first.length; - - for ( ; j < len; j++ ) { - first[ i++ ] = second[ j ]; - } - - first.length = i; - - return first; - }, - - grep: function( elems, callback, invert ) { - var callbackInverse, - matches = [], - i = 0, - length = elems.length, - callbackExpect = !invert; - - // Go through the array, only saving the items - // that pass the validator function - for ( ; i < length; i++ ) { - callbackInverse = !callback( elems[ i ], i ); - if ( callbackInverse !== callbackExpect ) { - matches.push( elems[ i ] ); - } - } - - return matches; - }, - - // arg is for internal usage only - map: function( elems, callback, arg ) { - var length, value, - i = 0, - ret = []; - - // Go through the array, translating each of the items to their new values - if ( isArrayLike( elems ) ) { - length = elems.length; - for ( ; i < length; i++ ) { - value = callback( elems[ i ], i, arg ); - - if ( value != null ) { - ret.push( value ); - } - } - - // Go through every key on the object, - } else { - for ( i in elems ) { - value = callback( elems[ i ], i, arg ); - - if ( value != null ) { - ret.push( value ); - } - } - } - - // Flatten any nested arrays - return flat( ret ); - }, - - // A global GUID counter for objects - guid: 1, - - // jQuery.support is not used in Core but other projects attach their - // properties to it so it needs to exist. - support: support -} ); - -if ( typeof Symbol === "function" ) { - jQuery.fn[ Symbol.iterator ] = arr[ Symbol.iterator ]; -} - -// Populate the class2type map -jQuery.each( "Boolean Number String Function Array Date RegExp Object Error Symbol".split( " " ), -function( _i, name ) { - class2type[ "[object " + name + "]" ] = name.toLowerCase(); -} ); - -function isArrayLike( obj ) { - - // Support: real iOS 8.2 only (not reproducible in simulator) - // `in` check used to prevent JIT error (gh-2145) - // hasOwn isn't used here due to false negatives - // regarding Nodelist length in IE - var length = !!obj && "length" in obj && obj.length, - type = toType( obj ); - - if ( isFunction( obj ) || isWindow( obj ) ) { - return false; - } - - return type === "array" || length === 0 || - typeof length === "number" && length > 0 && ( length - 1 ) in obj; -} -var Sizzle = -/*! - * Sizzle CSS Selector Engine v2.3.5 - * https://sizzlejs.com/ - * - * Copyright JS Foundation and other contributors - * Released under the MIT license - * https://js.foundation/ - * - * Date: 2020-03-14 - */ -( function( window ) { -var i, - support, - Expr, - getText, - isXML, - tokenize, - compile, - select, - outermostContext, - sortInput, - hasDuplicate, - - // Local document vars - setDocument, - document, - docElem, - documentIsHTML, - rbuggyQSA, - rbuggyMatches, - matches, - contains, - - // Instance-specific data - expando = "sizzle" + 1 * new Date(), - preferredDoc = window.document, - dirruns = 0, - done = 0, - classCache = createCache(), - tokenCache = createCache(), - compilerCache = createCache(), - nonnativeSelectorCache = createCache(), - sortOrder = function( a, b ) { - if ( a === b ) { - hasDuplicate = true; - } - return 0; - }, - - // Instance methods - hasOwn = ( {} ).hasOwnProperty, - arr = [], - pop = arr.pop, - pushNative = arr.push, - push = arr.push, - slice = arr.slice, - - // Use a stripped-down indexOf as it's faster than native - // https://jsperf.com/thor-indexof-vs-for/5 - indexOf = function( list, elem ) { - var i = 0, - len = list.length; - for ( ; i < len; i++ ) { - if ( list[ i ] === elem ) { - return i; - } - } - return -1; - }, - - booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|" + - "ismap|loop|multiple|open|readonly|required|scoped", - - // Regular expressions - - // http://www.w3.org/TR/css3-selectors/#whitespace - whitespace = "[\\x20\\t\\r\\n\\f]", - - // https://www.w3.org/TR/css-syntax-3/#ident-token-diagram - identifier = "(?:\\\\[\\da-fA-F]{1,6}" + whitespace + - "?|\\\\[^\\r\\n\\f]|[\\w-]|[^\0-\\x7f])+", - - // Attribute selectors: http://www.w3.org/TR/selectors/#attribute-selectors - attributes = "\\[" + whitespace + "*(" + identifier + ")(?:" + whitespace + - - // Operator (capture 2) - "*([*^$|!~]?=)" + whitespace + - - // "Attribute values must be CSS identifiers [capture 5] - // or strings [capture 3 or capture 4]" - "*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|(" + identifier + "))|)" + - whitespace + "*\\]", - - pseudos = ":(" + identifier + ")(?:\\((" + - - // To reduce the number of selectors needing tokenize in the preFilter, prefer arguments: - // 1. quoted (capture 3; capture 4 or capture 5) - "('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|" + - - // 2. simple (capture 6) - "((?:\\\\.|[^\\\\()[\\]]|" + attributes + ")*)|" + - - // 3. anything else (capture 2) - ".*" + - ")\\)|)", - - // Leading and non-escaped trailing whitespace, capturing some non-whitespace characters preceding the latter - rwhitespace = new RegExp( whitespace + "+", "g" ), - rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + - whitespace + "+$", "g" ), - - rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ), - rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + - "*" ), - rdescend = new RegExp( whitespace + "|>" ), - - rpseudo = new RegExp( pseudos ), - ridentifier = new RegExp( "^" + identifier + "$" ), - - matchExpr = { - "ID": new RegExp( "^#(" + identifier + ")" ), - "CLASS": new RegExp( "^\\.(" + identifier + ")" ), - "TAG": new RegExp( "^(" + identifier + "|[*])" ), - "ATTR": new RegExp( "^" + attributes ), - "PSEUDO": new RegExp( "^" + pseudos ), - "CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + - whitespace + "*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + - whitespace + "*(\\d+)|))" + whitespace + "*\\)|)", "i" ), - "bool": new RegExp( "^(?:" + booleans + ")$", "i" ), - - // For use in libraries implementing .is() - // We use this for POS matching in `select` - "needsContext": new RegExp( "^" + whitespace + - "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" + whitespace + - "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" ) - }, - - rhtml = /HTML$/i, - rinputs = /^(?:input|select|textarea|button)$/i, - rheader = /^h\d$/i, - - rnative = /^[^{]+\{\s*\[native \w/, - - // Easily-parseable/retrievable ID or TAG or CLASS selectors - rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/, - - rsibling = /[+~]/, - - // CSS escapes - // http://www.w3.org/TR/CSS21/syndata.html#escaped-characters - runescape = new RegExp( "\\\\[\\da-fA-F]{1,6}" + whitespace + "?|\\\\([^\\r\\n\\f])", "g" ), - funescape = function( escape, nonHex ) { - var high = "0x" + escape.slice( 1 ) - 0x10000; - - return nonHex ? - - // Strip the backslash prefix from a non-hex escape sequence - nonHex : - - // Replace a hexadecimal escape sequence with the encoded Unicode code point - // Support: IE <=11+ - // For values outside the Basic Multilingual Plane (BMP), manually construct a - // surrogate pair - high < 0 ? - String.fromCharCode( high + 0x10000 ) : - String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 ); - }, - - // CSS string/identifier serialization - // https://drafts.csswg.org/cssom/#common-serializing-idioms - rcssescape = /([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g, - fcssescape = function( ch, asCodePoint ) { - if ( asCodePoint ) { - - // U+0000 NULL becomes U+FFFD REPLACEMENT CHARACTER - if ( ch === "\0" ) { - return "\uFFFD"; - } - - // Control characters and (dependent upon position) numbers get escaped as code points - return ch.slice( 0, -1 ) + "\\" + - ch.charCodeAt( ch.length - 1 ).toString( 16 ) + " "; - } - - // Other potentially-special ASCII characters get backslash-escaped - return "\\" + ch; - }, - - // Used for iframes - // See setDocument() - // Removing the function wrapper causes a "Permission Denied" - // error in IE - unloadHandler = function() { - setDocument(); - }, - - inDisabledFieldset = addCombinator( - function( elem ) { - return elem.disabled === true && elem.nodeName.toLowerCase() === "fieldset"; - }, - { dir: "parentNode", next: "legend" } - ); - -// Optimize for push.apply( _, NodeList ) -try { - push.apply( - ( arr = slice.call( preferredDoc.childNodes ) ), - preferredDoc.childNodes - ); - - // Support: Android<4.0 - // Detect silently failing push.apply - // eslint-disable-next-line no-unused-expressions - arr[ preferredDoc.childNodes.length ].nodeType; -} catch ( e ) { - push = { apply: arr.length ? - - // Leverage slice if possible - function( target, els ) { - pushNative.apply( target, slice.call( els ) ); - } : - - // Support: IE<9 - // Otherwise append directly - function( target, els ) { - var j = target.length, - i = 0; - - // Can't trust NodeList.length - while ( ( target[ j++ ] = els[ i++ ] ) ) {} - target.length = j - 1; - } - }; -} - -function Sizzle( selector, context, results, seed ) { - var m, i, elem, nid, match, groups, newSelector, - newContext = context && context.ownerDocument, - - // nodeType defaults to 9, since context defaults to document - nodeType = context ? context.nodeType : 9; - - results = results || []; - - // Return early from calls with invalid selector or context - if ( typeof selector !== "string" || !selector || - nodeType !== 1 && nodeType !== 9 && nodeType !== 11 ) { - - return results; - } - - // Try to shortcut find operations (as opposed to filters) in HTML documents - if ( !seed ) { - setDocument( context ); - context = context || document; - - if ( documentIsHTML ) { - - // If the selector is sufficiently simple, try using a "get*By*" DOM method - // (excepting DocumentFragment context, where the methods don't exist) - if ( nodeType !== 11 && ( match = rquickExpr.exec( selector ) ) ) { - - // ID selector - if ( ( m = match[ 1 ] ) ) { - - // Document context - if ( nodeType === 9 ) { - if ( ( elem = context.getElementById( m ) ) ) { - - // Support: IE, Opera, Webkit - // TODO: identify versions - // getElementById can match elements by name instead of ID - if ( elem.id === m ) { - results.push( elem ); - return results; - } - } else { - return results; - } - - // Element context - } else { - - // Support: IE, Opera, Webkit - // TODO: identify versions - // getElementById can match elements by name instead of ID - if ( newContext && ( elem = newContext.getElementById( m ) ) && - contains( context, elem ) && - elem.id === m ) { - - results.push( elem ); - return results; - } - } - - // Type selector - } else if ( match[ 2 ] ) { - push.apply( results, context.getElementsByTagName( selector ) ); - return results; - - // Class selector - } else if ( ( m = match[ 3 ] ) && support.getElementsByClassName && - context.getElementsByClassName ) { - - push.apply( results, context.getElementsByClassName( m ) ); - return results; - } - } - - // Take advantage of querySelectorAll - if ( support.qsa && - !nonnativeSelectorCache[ selector + " " ] && - ( !rbuggyQSA || !rbuggyQSA.test( selector ) ) && - - // Support: IE 8 only - // Exclude object elements - ( nodeType !== 1 || context.nodeName.toLowerCase() !== "object" ) ) { - - newSelector = selector; - newContext = context; - - // qSA considers elements outside a scoping root when evaluating child or - // descendant combinators, which is not what we want. - // In such cases, we work around the behavior by prefixing every selector in the - // list with an ID selector referencing the scope context. - // The technique has to be used as well when a leading combinator is used - // as such selectors are not recognized by querySelectorAll. - // Thanks to Andrew Dupont for this technique. - if ( nodeType === 1 && - ( rdescend.test( selector ) || rcombinators.test( selector ) ) ) { - - // Expand context for sibling selectors - newContext = rsibling.test( selector ) && testContext( context.parentNode ) || - context; - - // We can use :scope instead of the ID hack if the browser - // supports it & if we're not changing the context. - if ( newContext !== context || !support.scope ) { - - // Capture the context ID, setting it first if necessary - if ( ( nid = context.getAttribute( "id" ) ) ) { - nid = nid.replace( rcssescape, fcssescape ); - } else { - context.setAttribute( "id", ( nid = expando ) ); - } - } - - // Prefix every selector in the list - groups = tokenize( selector ); - i = groups.length; - while ( i-- ) { - groups[ i ] = ( nid ? "#" + nid : ":scope" ) + " " + - toSelector( groups[ i ] ); - } - newSelector = groups.join( "," ); - } - - try { - push.apply( results, - newContext.querySelectorAll( newSelector ) - ); - return results; - } catch ( qsaError ) { - nonnativeSelectorCache( selector, true ); - } finally { - if ( nid === expando ) { - context.removeAttribute( "id" ); - } - } - } - } - } - - // All others - return select( selector.replace( rtrim, "$1" ), context, results, seed ); -} - -/** - * Create key-value caches of limited size - * @returns {function(string, object)} Returns the Object data after storing it on itself with - * property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength) - * deleting the oldest entry - */ -function createCache() { - var keys = []; - - function cache( key, value ) { - - // Use (key + " ") to avoid collision with native prototype properties (see Issue #157) - if ( keys.push( key + " " ) > Expr.cacheLength ) { - - // Only keep the most recent entries - delete cache[ keys.shift() ]; - } - return ( cache[ key + " " ] = value ); - } - return cache; -} - -/** - * Mark a function for special use by Sizzle - * @param {Function} fn The function to mark - */ -function markFunction( fn ) { - fn[ expando ] = true; - return fn; -} - -/** - * Support testing using an element - * @param {Function} fn Passed the created element and returns a boolean result - */ -function assert( fn ) { - var el = document.createElement( "fieldset" ); - - try { - return !!fn( el ); - } catch ( e ) { - return false; - } finally { - - // Remove from its parent by default - if ( el.parentNode ) { - el.parentNode.removeChild( el ); - } - - // release memory in IE - el = null; - } -} - -/** - * Adds the same handler for all of the specified attrs - * @param {String} attrs Pipe-separated list of attributes - * @param {Function} handler The method that will be applied - */ -function addHandle( attrs, handler ) { - var arr = attrs.split( "|" ), - i = arr.length; - - while ( i-- ) { - Expr.attrHandle[ arr[ i ] ] = handler; - } -} - -/** - * Checks document order of two siblings - * @param {Element} a - * @param {Element} b - * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b - */ -function siblingCheck( a, b ) { - var cur = b && a, - diff = cur && a.nodeType === 1 && b.nodeType === 1 && - a.sourceIndex - b.sourceIndex; - - // Use IE sourceIndex if available on both nodes - if ( diff ) { - return diff; - } - - // Check if b follows a - if ( cur ) { - while ( ( cur = cur.nextSibling ) ) { - if ( cur === b ) { - return -1; - } - } - } - - return a ? 1 : -1; -} - -/** - * Returns a function to use in pseudos for input types - * @param {String} type - */ -function createInputPseudo( type ) { - return function( elem ) { - var name = elem.nodeName.toLowerCase(); - return name === "input" && elem.type === type; - }; -} - -/** - * Returns a function to use in pseudos for buttons - * @param {String} type - */ -function createButtonPseudo( type ) { - return function( elem ) { - var name = elem.nodeName.toLowerCase(); - return ( name === "input" || name === "button" ) && elem.type === type; - }; -} - -/** - * Returns a function to use in pseudos for :enabled/:disabled - * @param {Boolean} disabled true for :disabled; false for :enabled - */ -function createDisabledPseudo( disabled ) { - - // Known :disabled false positives: fieldset[disabled] > legend:nth-of-type(n+2) :can-disable - return function( elem ) { - - // Only certain elements can match :enabled or :disabled - // https://html.spec.whatwg.org/multipage/scripting.html#selector-enabled - // https://html.spec.whatwg.org/multipage/scripting.html#selector-disabled - if ( "form" in elem ) { - - // Check for inherited disabledness on relevant non-disabled elements: - // * listed form-associated elements in a disabled fieldset - // https://html.spec.whatwg.org/multipage/forms.html#category-listed - // https://html.spec.whatwg.org/multipage/forms.html#concept-fe-disabled - // * option elements in a disabled optgroup - // https://html.spec.whatwg.org/multipage/forms.html#concept-option-disabled - // All such elements have a "form" property. - if ( elem.parentNode && elem.disabled === false ) { - - // Option elements defer to a parent optgroup if present - if ( "label" in elem ) { - if ( "label" in elem.parentNode ) { - return elem.parentNode.disabled === disabled; - } else { - return elem.disabled === disabled; - } - } - - // Support: IE 6 - 11 - // Use the isDisabled shortcut property to check for disabled fieldset ancestors - return elem.isDisabled === disabled || - - // Where there is no isDisabled, check manually - /* jshint -W018 */ - elem.isDisabled !== !disabled && - inDisabledFieldset( elem ) === disabled; - } - - return elem.disabled === disabled; - - // Try to winnow out elements that can't be disabled before trusting the disabled property. - // Some victims get caught in our net (label, legend, menu, track), but it shouldn't - // even exist on them, let alone have a boolean value. - } else if ( "label" in elem ) { - return elem.disabled === disabled; - } - - // Remaining elements are neither :enabled nor :disabled - return false; - }; -} - -/** - * Returns a function to use in pseudos for positionals - * @param {Function} fn - */ -function createPositionalPseudo( fn ) { - return markFunction( function( argument ) { - argument = +argument; - return markFunction( function( seed, matches ) { - var j, - matchIndexes = fn( [], seed.length, argument ), - i = matchIndexes.length; - - // Match elements found at the specified indexes - while ( i-- ) { - if ( seed[ ( j = matchIndexes[ i ] ) ] ) { - seed[ j ] = !( matches[ j ] = seed[ j ] ); - } - } - } ); - } ); -} - -/** - * Checks a node for validity as a Sizzle context - * @param {Element|Object=} context - * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value - */ -function testContext( context ) { - return context && typeof context.getElementsByTagName !== "undefined" && context; -} - -// Expose support vars for convenience -support = Sizzle.support = {}; - -/** - * Detects XML nodes - * @param {Element|Object} elem An element or a document - * @returns {Boolean} True iff elem is a non-HTML XML node - */ -isXML = Sizzle.isXML = function( elem ) { - var namespace = elem.namespaceURI, - docElem = ( elem.ownerDocument || elem ).documentElement; - - // Support: IE <=8 - // Assume HTML when documentElement doesn't yet exist, such as inside loading iframes - // https://bugs.jquery.com/ticket/4833 - return !rhtml.test( namespace || docElem && docElem.nodeName || "HTML" ); -}; - -/** - * Sets document-related variables once based on the current document - * @param {Element|Object} [doc] An element or document object to use to set the document - * @returns {Object} Returns the current document - */ -setDocument = Sizzle.setDocument = function( node ) { - var hasCompare, subWindow, - doc = node ? node.ownerDocument || node : preferredDoc; - - // Return early if doc is invalid or already selected - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( doc == document || doc.nodeType !== 9 || !doc.documentElement ) { - return document; - } - - // Update global variables - document = doc; - docElem = document.documentElement; - documentIsHTML = !isXML( document ); - - // Support: IE 9 - 11+, Edge 12 - 18+ - // Accessing iframe documents after unload throws "permission denied" errors (jQuery #13936) - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( preferredDoc != document && - ( subWindow = document.defaultView ) && subWindow.top !== subWindow ) { - - // Support: IE 11, Edge - if ( subWindow.addEventListener ) { - subWindow.addEventListener( "unload", unloadHandler, false ); - - // Support: IE 9 - 10 only - } else if ( subWindow.attachEvent ) { - subWindow.attachEvent( "onunload", unloadHandler ); - } - } - - // Support: IE 8 - 11+, Edge 12 - 18+, Chrome <=16 - 25 only, Firefox <=3.6 - 31 only, - // Safari 4 - 5 only, Opera <=11.6 - 12.x only - // IE/Edge & older browsers don't support the :scope pseudo-class. - // Support: Safari 6.0 only - // Safari 6.0 supports :scope but it's an alias of :root there. - support.scope = assert( function( el ) { - docElem.appendChild( el ).appendChild( document.createElement( "div" ) ); - return typeof el.querySelectorAll !== "undefined" && - !el.querySelectorAll( ":scope fieldset div" ).length; - } ); - - /* Attributes - ---------------------------------------------------------------------- */ - - // Support: IE<8 - // Verify that getAttribute really returns attributes and not properties - // (excepting IE8 booleans) - support.attributes = assert( function( el ) { - el.className = "i"; - return !el.getAttribute( "className" ); - } ); - - /* getElement(s)By* - ---------------------------------------------------------------------- */ - - // Check if getElementsByTagName("*") returns only elements - support.getElementsByTagName = assert( function( el ) { - el.appendChild( document.createComment( "" ) ); - return !el.getElementsByTagName( "*" ).length; - } ); - - // Support: IE<9 - support.getElementsByClassName = rnative.test( document.getElementsByClassName ); - - // Support: IE<10 - // Check if getElementById returns elements by name - // The broken getElementById methods don't pick up programmatically-set names, - // so use a roundabout getElementsByName test - support.getById = assert( function( el ) { - docElem.appendChild( el ).id = expando; - return !document.getElementsByName || !document.getElementsByName( expando ).length; - } ); - - // ID filter and find - if ( support.getById ) { - Expr.filter[ "ID" ] = function( id ) { - var attrId = id.replace( runescape, funescape ); - return function( elem ) { - return elem.getAttribute( "id" ) === attrId; - }; - }; - Expr.find[ "ID" ] = function( id, context ) { - if ( typeof context.getElementById !== "undefined" && documentIsHTML ) { - var elem = context.getElementById( id ); - return elem ? [ elem ] : []; - } - }; - } else { - Expr.filter[ "ID" ] = function( id ) { - var attrId = id.replace( runescape, funescape ); - return function( elem ) { - var node = typeof elem.getAttributeNode !== "undefined" && - elem.getAttributeNode( "id" ); - return node && node.value === attrId; - }; - }; - - // Support: IE 6 - 7 only - // getElementById is not reliable as a find shortcut - Expr.find[ "ID" ] = function( id, context ) { - if ( typeof context.getElementById !== "undefined" && documentIsHTML ) { - var node, i, elems, - elem = context.getElementById( id ); - - if ( elem ) { - - // Verify the id attribute - node = elem.getAttributeNode( "id" ); - if ( node && node.value === id ) { - return [ elem ]; - } - - // Fall back on getElementsByName - elems = context.getElementsByName( id ); - i = 0; - while ( ( elem = elems[ i++ ] ) ) { - node = elem.getAttributeNode( "id" ); - if ( node && node.value === id ) { - return [ elem ]; - } - } - } - - return []; - } - }; - } - - // Tag - Expr.find[ "TAG" ] = support.getElementsByTagName ? - function( tag, context ) { - if ( typeof context.getElementsByTagName !== "undefined" ) { - return context.getElementsByTagName( tag ); - - // DocumentFragment nodes don't have gEBTN - } else if ( support.qsa ) { - return context.querySelectorAll( tag ); - } - } : - - function( tag, context ) { - var elem, - tmp = [], - i = 0, - - // By happy coincidence, a (broken) gEBTN appears on DocumentFragment nodes too - results = context.getElementsByTagName( tag ); - - // Filter out possible comments - if ( tag === "*" ) { - while ( ( elem = results[ i++ ] ) ) { - if ( elem.nodeType === 1 ) { - tmp.push( elem ); - } - } - - return tmp; - } - return results; - }; - - // Class - Expr.find[ "CLASS" ] = support.getElementsByClassName && function( className, context ) { - if ( typeof context.getElementsByClassName !== "undefined" && documentIsHTML ) { - return context.getElementsByClassName( className ); - } - }; - - /* QSA/matchesSelector - ---------------------------------------------------------------------- */ - - // QSA and matchesSelector support - - // matchesSelector(:active) reports false when true (IE9/Opera 11.5) - rbuggyMatches = []; - - // qSa(:focus) reports false when true (Chrome 21) - // We allow this because of a bug in IE8/9 that throws an error - // whenever `document.activeElement` is accessed on an iframe - // So, we allow :focus to pass through QSA all the time to avoid the IE error - // See https://bugs.jquery.com/ticket/13378 - rbuggyQSA = []; - - if ( ( support.qsa = rnative.test( document.querySelectorAll ) ) ) { - - // Build QSA regex - // Regex strategy adopted from Diego Perini - assert( function( el ) { - - var input; - - // Select is set to empty string on purpose - // This is to test IE's treatment of not explicitly - // setting a boolean content attribute, - // since its presence should be enough - // https://bugs.jquery.com/ticket/12359 - docElem.appendChild( el ).innerHTML = "" + - ""; - - // Support: IE8, Opera 11-12.16 - // Nothing should be selected when empty strings follow ^= or $= or *= - // The test attribute must be unknown in Opera but "safe" for WinRT - // https://msdn.microsoft.com/en-us/library/ie/hh465388.aspx#attribute_section - if ( el.querySelectorAll( "[msallowcapture^='']" ).length ) { - rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" ); - } - - // Support: IE8 - // Boolean attributes and "value" are not treated correctly - if ( !el.querySelectorAll( "[selected]" ).length ) { - rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" ); - } - - // Support: Chrome<29, Android<4.4, Safari<7.0+, iOS<7.0+, PhantomJS<1.9.8+ - if ( !el.querySelectorAll( "[id~=" + expando + "-]" ).length ) { - rbuggyQSA.push( "~=" ); - } - - // Support: IE 11+, Edge 15 - 18+ - // IE 11/Edge don't find elements on a `[name='']` query in some cases. - // Adding a temporary attribute to the document before the selection works - // around the issue. - // Interestingly, IE 10 & older don't seem to have the issue. - input = document.createElement( "input" ); - input.setAttribute( "name", "" ); - el.appendChild( input ); - if ( !el.querySelectorAll( "[name='']" ).length ) { - rbuggyQSA.push( "\\[" + whitespace + "*name" + whitespace + "*=" + - whitespace + "*(?:''|\"\")" ); - } - - // Webkit/Opera - :checked should return selected option elements - // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked - // IE8 throws error here and will not see later tests - if ( !el.querySelectorAll( ":checked" ).length ) { - rbuggyQSA.push( ":checked" ); - } - - // Support: Safari 8+, iOS 8+ - // https://bugs.webkit.org/show_bug.cgi?id=136851 - // In-page `selector#id sibling-combinator selector` fails - if ( !el.querySelectorAll( "a#" + expando + "+*" ).length ) { - rbuggyQSA.push( ".#.+[+~]" ); - } - - // Support: Firefox <=3.6 - 5 only - // Old Firefox doesn't throw on a badly-escaped identifier. - el.querySelectorAll( "\\\f" ); - rbuggyQSA.push( "[\\r\\n\\f]" ); - } ); - - assert( function( el ) { - el.innerHTML = "" + - ""; - - // Support: Windows 8 Native Apps - // The type and name attributes are restricted during .innerHTML assignment - var input = document.createElement( "input" ); - input.setAttribute( "type", "hidden" ); - el.appendChild( input ).setAttribute( "name", "D" ); - - // Support: IE8 - // Enforce case-sensitivity of name attribute - if ( el.querySelectorAll( "[name=d]" ).length ) { - rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" ); - } - - // FF 3.5 - :enabled/:disabled and hidden elements (hidden elements are still enabled) - // IE8 throws error here and will not see later tests - if ( el.querySelectorAll( ":enabled" ).length !== 2 ) { - rbuggyQSA.push( ":enabled", ":disabled" ); - } - - // Support: IE9-11+ - // IE's :disabled selector does not pick up the children of disabled fieldsets - docElem.appendChild( el ).disabled = true; - if ( el.querySelectorAll( ":disabled" ).length !== 2 ) { - rbuggyQSA.push( ":enabled", ":disabled" ); - } - - // Support: Opera 10 - 11 only - // Opera 10-11 does not throw on post-comma invalid pseudos - el.querySelectorAll( "*,:x" ); - rbuggyQSA.push( ",.*:" ); - } ); - } - - if ( ( support.matchesSelector = rnative.test( ( matches = docElem.matches || - docElem.webkitMatchesSelector || - docElem.mozMatchesSelector || - docElem.oMatchesSelector || - docElem.msMatchesSelector ) ) ) ) { - - assert( function( el ) { - - // Check to see if it's possible to do matchesSelector - // on a disconnected node (IE 9) - support.disconnectedMatch = matches.call( el, "*" ); - - // This should fail with an exception - // Gecko does not error, returns false instead - matches.call( el, "[s!='']:x" ); - rbuggyMatches.push( "!=", pseudos ); - } ); - } - - rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join( "|" ) ); - rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join( "|" ) ); - - /* Contains - ---------------------------------------------------------------------- */ - hasCompare = rnative.test( docElem.compareDocumentPosition ); - - // Element contains another - // Purposefully self-exclusive - // As in, an element does not contain itself - contains = hasCompare || rnative.test( docElem.contains ) ? - function( a, b ) { - var adown = a.nodeType === 9 ? a.documentElement : a, - bup = b && b.parentNode; - return a === bup || !!( bup && bup.nodeType === 1 && ( - adown.contains ? - adown.contains( bup ) : - a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16 - ) ); - } : - function( a, b ) { - if ( b ) { - while ( ( b = b.parentNode ) ) { - if ( b === a ) { - return true; - } - } - } - return false; - }; - - /* Sorting - ---------------------------------------------------------------------- */ - - // Document order sorting - sortOrder = hasCompare ? - function( a, b ) { - - // Flag for duplicate removal - if ( a === b ) { - hasDuplicate = true; - return 0; - } - - // Sort on method existence if only one input has compareDocumentPosition - var compare = !a.compareDocumentPosition - !b.compareDocumentPosition; - if ( compare ) { - return compare; - } - - // Calculate position if both inputs belong to the same document - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - compare = ( a.ownerDocument || a ) == ( b.ownerDocument || b ) ? - a.compareDocumentPosition( b ) : - - // Otherwise we know they are disconnected - 1; - - // Disconnected nodes - if ( compare & 1 || - ( !support.sortDetached && b.compareDocumentPosition( a ) === compare ) ) { - - // Choose the first element that is related to our preferred document - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( a == document || a.ownerDocument == preferredDoc && - contains( preferredDoc, a ) ) { - return -1; - } - - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( b == document || b.ownerDocument == preferredDoc && - contains( preferredDoc, b ) ) { - return 1; - } - - // Maintain original order - return sortInput ? - ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) : - 0; - } - - return compare & 4 ? -1 : 1; - } : - function( a, b ) { - - // Exit early if the nodes are identical - if ( a === b ) { - hasDuplicate = true; - return 0; - } - - var cur, - i = 0, - aup = a.parentNode, - bup = b.parentNode, - ap = [ a ], - bp = [ b ]; - - // Parentless nodes are either documents or disconnected - if ( !aup || !bup ) { - - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - /* eslint-disable eqeqeq */ - return a == document ? -1 : - b == document ? 1 : - /* eslint-enable eqeqeq */ - aup ? -1 : - bup ? 1 : - sortInput ? - ( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) : - 0; - - // If the nodes are siblings, we can do a quick check - } else if ( aup === bup ) { - return siblingCheck( a, b ); - } - - // Otherwise we need full lists of their ancestors for comparison - cur = a; - while ( ( cur = cur.parentNode ) ) { - ap.unshift( cur ); - } - cur = b; - while ( ( cur = cur.parentNode ) ) { - bp.unshift( cur ); - } - - // Walk down the tree looking for a discrepancy - while ( ap[ i ] === bp[ i ] ) { - i++; - } - - return i ? - - // Do a sibling check if the nodes have a common ancestor - siblingCheck( ap[ i ], bp[ i ] ) : - - // Otherwise nodes in our document sort first - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - /* eslint-disable eqeqeq */ - ap[ i ] == preferredDoc ? -1 : - bp[ i ] == preferredDoc ? 1 : - /* eslint-enable eqeqeq */ - 0; - }; - - return document; -}; - -Sizzle.matches = function( expr, elements ) { - return Sizzle( expr, null, null, elements ); -}; - -Sizzle.matchesSelector = function( elem, expr ) { - setDocument( elem ); - - if ( support.matchesSelector && documentIsHTML && - !nonnativeSelectorCache[ expr + " " ] && - ( !rbuggyMatches || !rbuggyMatches.test( expr ) ) && - ( !rbuggyQSA || !rbuggyQSA.test( expr ) ) ) { - - try { - var ret = matches.call( elem, expr ); - - // IE 9's matchesSelector returns false on disconnected nodes - if ( ret || support.disconnectedMatch || - - // As well, disconnected nodes are said to be in a document - // fragment in IE 9 - elem.document && elem.document.nodeType !== 11 ) { - return ret; - } - } catch ( e ) { - nonnativeSelectorCache( expr, true ); - } - } - - return Sizzle( expr, document, null, [ elem ] ).length > 0; -}; - -Sizzle.contains = function( context, elem ) { - - // Set document vars if needed - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( ( context.ownerDocument || context ) != document ) { - setDocument( context ); - } - return contains( context, elem ); -}; - -Sizzle.attr = function( elem, name ) { - - // Set document vars if needed - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( ( elem.ownerDocument || elem ) != document ) { - setDocument( elem ); - } - - var fn = Expr.attrHandle[ name.toLowerCase() ], - - // Don't get fooled by Object.prototype properties (jQuery #13807) - val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ? - fn( elem, name, !documentIsHTML ) : - undefined; - - return val !== undefined ? - val : - support.attributes || !documentIsHTML ? - elem.getAttribute( name ) : - ( val = elem.getAttributeNode( name ) ) && val.specified ? - val.value : - null; -}; - -Sizzle.escape = function( sel ) { - return ( sel + "" ).replace( rcssescape, fcssescape ); -}; - -Sizzle.error = function( msg ) { - throw new Error( "Syntax error, unrecognized expression: " + msg ); -}; - -/** - * Document sorting and removing duplicates - * @param {ArrayLike} results - */ -Sizzle.uniqueSort = function( results ) { - var elem, - duplicates = [], - j = 0, - i = 0; - - // Unless we *know* we can detect duplicates, assume their presence - hasDuplicate = !support.detectDuplicates; - sortInput = !support.sortStable && results.slice( 0 ); - results.sort( sortOrder ); - - if ( hasDuplicate ) { - while ( ( elem = results[ i++ ] ) ) { - if ( elem === results[ i ] ) { - j = duplicates.push( i ); - } - } - while ( j-- ) { - results.splice( duplicates[ j ], 1 ); - } - } - - // Clear input after sorting to release objects - // See https://github.com/jquery/sizzle/pull/225 - sortInput = null; - - return results; -}; - -/** - * Utility function for retrieving the text value of an array of DOM nodes - * @param {Array|Element} elem - */ -getText = Sizzle.getText = function( elem ) { - var node, - ret = "", - i = 0, - nodeType = elem.nodeType; - - if ( !nodeType ) { - - // If no nodeType, this is expected to be an array - while ( ( node = elem[ i++ ] ) ) { - - // Do not traverse comment nodes - ret += getText( node ); - } - } else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) { - - // Use textContent for elements - // innerText usage removed for consistency of new lines (jQuery #11153) - if ( typeof elem.textContent === "string" ) { - return elem.textContent; - } else { - - // Traverse its children - for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) { - ret += getText( elem ); - } - } - } else if ( nodeType === 3 || nodeType === 4 ) { - return elem.nodeValue; - } - - // Do not include comment or processing instruction nodes - - return ret; -}; - -Expr = Sizzle.selectors = { - - // Can be adjusted by the user - cacheLength: 50, - - createPseudo: markFunction, - - match: matchExpr, - - attrHandle: {}, - - find: {}, - - relative: { - ">": { dir: "parentNode", first: true }, - " ": { dir: "parentNode" }, - "+": { dir: "previousSibling", first: true }, - "~": { dir: "previousSibling" } - }, - - preFilter: { - "ATTR": function( match ) { - match[ 1 ] = match[ 1 ].replace( runescape, funescape ); - - // Move the given value to match[3] whether quoted or unquoted - match[ 3 ] = ( match[ 3 ] || match[ 4 ] || - match[ 5 ] || "" ).replace( runescape, funescape ); - - if ( match[ 2 ] === "~=" ) { - match[ 3 ] = " " + match[ 3 ] + " "; - } - - return match.slice( 0, 4 ); - }, - - "CHILD": function( match ) { - - /* matches from matchExpr["CHILD"] - 1 type (only|nth|...) - 2 what (child|of-type) - 3 argument (even|odd|\d*|\d*n([+-]\d+)?|...) - 4 xn-component of xn+y argument ([+-]?\d*n|) - 5 sign of xn-component - 6 x of xn-component - 7 sign of y-component - 8 y of y-component - */ - match[ 1 ] = match[ 1 ].toLowerCase(); - - if ( match[ 1 ].slice( 0, 3 ) === "nth" ) { - - // nth-* requires argument - if ( !match[ 3 ] ) { - Sizzle.error( match[ 0 ] ); - } - - // numeric x and y parameters for Expr.filter.CHILD - // remember that false/true cast respectively to 0/1 - match[ 4 ] = +( match[ 4 ] ? - match[ 5 ] + ( match[ 6 ] || 1 ) : - 2 * ( match[ 3 ] === "even" || match[ 3 ] === "odd" ) ); - match[ 5 ] = +( ( match[ 7 ] + match[ 8 ] ) || match[ 3 ] === "odd" ); - - // other types prohibit arguments - } else if ( match[ 3 ] ) { - Sizzle.error( match[ 0 ] ); - } - - return match; - }, - - "PSEUDO": function( match ) { - var excess, - unquoted = !match[ 6 ] && match[ 2 ]; - - if ( matchExpr[ "CHILD" ].test( match[ 0 ] ) ) { - return null; - } - - // Accept quoted arguments as-is - if ( match[ 3 ] ) { - match[ 2 ] = match[ 4 ] || match[ 5 ] || ""; - - // Strip excess characters from unquoted arguments - } else if ( unquoted && rpseudo.test( unquoted ) && - - // Get excess from tokenize (recursively) - ( excess = tokenize( unquoted, true ) ) && - - // advance to the next closing parenthesis - ( excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length ) ) { - - // excess is a negative index - match[ 0 ] = match[ 0 ].slice( 0, excess ); - match[ 2 ] = unquoted.slice( 0, excess ); - } - - // Return only captures needed by the pseudo filter method (type and argument) - return match.slice( 0, 3 ); - } - }, - - filter: { - - "TAG": function( nodeNameSelector ) { - var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase(); - return nodeNameSelector === "*" ? - function() { - return true; - } : - function( elem ) { - return elem.nodeName && elem.nodeName.toLowerCase() === nodeName; - }; - }, - - "CLASS": function( className ) { - var pattern = classCache[ className + " " ]; - - return pattern || - ( pattern = new RegExp( "(^|" + whitespace + - ")" + className + "(" + whitespace + "|$)" ) ) && classCache( - className, function( elem ) { - return pattern.test( - typeof elem.className === "string" && elem.className || - typeof elem.getAttribute !== "undefined" && - elem.getAttribute( "class" ) || - "" - ); - } ); - }, - - "ATTR": function( name, operator, check ) { - return function( elem ) { - var result = Sizzle.attr( elem, name ); - - if ( result == null ) { - return operator === "!="; - } - if ( !operator ) { - return true; - } - - result += ""; - - /* eslint-disable max-len */ - - return operator === "=" ? result === check : - operator === "!=" ? result !== check : - operator === "^=" ? check && result.indexOf( check ) === 0 : - operator === "*=" ? check && result.indexOf( check ) > -1 : - operator === "$=" ? check && result.slice( -check.length ) === check : - operator === "~=" ? ( " " + result.replace( rwhitespace, " " ) + " " ).indexOf( check ) > -1 : - operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" : - false; - /* eslint-enable max-len */ - - }; - }, - - "CHILD": function( type, what, _argument, first, last ) { - var simple = type.slice( 0, 3 ) !== "nth", - forward = type.slice( -4 ) !== "last", - ofType = what === "of-type"; - - return first === 1 && last === 0 ? - - // Shortcut for :nth-*(n) - function( elem ) { - return !!elem.parentNode; - } : - - function( elem, _context, xml ) { - var cache, uniqueCache, outerCache, node, nodeIndex, start, - dir = simple !== forward ? "nextSibling" : "previousSibling", - parent = elem.parentNode, - name = ofType && elem.nodeName.toLowerCase(), - useCache = !xml && !ofType, - diff = false; - - if ( parent ) { - - // :(first|last|only)-(child|of-type) - if ( simple ) { - while ( dir ) { - node = elem; - while ( ( node = node[ dir ] ) ) { - if ( ofType ? - node.nodeName.toLowerCase() === name : - node.nodeType === 1 ) { - - return false; - } - } - - // Reverse direction for :only-* (if we haven't yet done so) - start = dir = type === "only" && !start && "nextSibling"; - } - return true; - } - - start = [ forward ? parent.firstChild : parent.lastChild ]; - - // non-xml :nth-child(...) stores cache data on `parent` - if ( forward && useCache ) { - - // Seek `elem` from a previously-cached index - - // ...in a gzip-friendly way - node = parent; - outerCache = node[ expando ] || ( node[ expando ] = {} ); - - // Support: IE <9 only - // Defend against cloned attroperties (jQuery gh-1709) - uniqueCache = outerCache[ node.uniqueID ] || - ( outerCache[ node.uniqueID ] = {} ); - - cache = uniqueCache[ type ] || []; - nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ]; - diff = nodeIndex && cache[ 2 ]; - node = nodeIndex && parent.childNodes[ nodeIndex ]; - - while ( ( node = ++nodeIndex && node && node[ dir ] || - - // Fallback to seeking `elem` from the start - ( diff = nodeIndex = 0 ) || start.pop() ) ) { - - // When found, cache indexes on `parent` and break - if ( node.nodeType === 1 && ++diff && node === elem ) { - uniqueCache[ type ] = [ dirruns, nodeIndex, diff ]; - break; - } - } - - } else { - - // Use previously-cached element index if available - if ( useCache ) { - - // ...in a gzip-friendly way - node = elem; - outerCache = node[ expando ] || ( node[ expando ] = {} ); - - // Support: IE <9 only - // Defend against cloned attroperties (jQuery gh-1709) - uniqueCache = outerCache[ node.uniqueID ] || - ( outerCache[ node.uniqueID ] = {} ); - - cache = uniqueCache[ type ] || []; - nodeIndex = cache[ 0 ] === dirruns && cache[ 1 ]; - diff = nodeIndex; - } - - // xml :nth-child(...) - // or :nth-last-child(...) or :nth(-last)?-of-type(...) - if ( diff === false ) { - - // Use the same loop as above to seek `elem` from the start - while ( ( node = ++nodeIndex && node && node[ dir ] || - ( diff = nodeIndex = 0 ) || start.pop() ) ) { - - if ( ( ofType ? - node.nodeName.toLowerCase() === name : - node.nodeType === 1 ) && - ++diff ) { - - // Cache the index of each encountered element - if ( useCache ) { - outerCache = node[ expando ] || - ( node[ expando ] = {} ); - - // Support: IE <9 only - // Defend against cloned attroperties (jQuery gh-1709) - uniqueCache = outerCache[ node.uniqueID ] || - ( outerCache[ node.uniqueID ] = {} ); - - uniqueCache[ type ] = [ dirruns, diff ]; - } - - if ( node === elem ) { - break; - } - } - } - } - } - - // Incorporate the offset, then check against cycle size - diff -= last; - return diff === first || ( diff % first === 0 && diff / first >= 0 ); - } - }; - }, - - "PSEUDO": function( pseudo, argument ) { - - // pseudo-class names are case-insensitive - // http://www.w3.org/TR/selectors/#pseudo-classes - // Prioritize by case sensitivity in case custom pseudos are added with uppercase letters - // Remember that setFilters inherits from pseudos - var args, - fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] || - Sizzle.error( "unsupported pseudo: " + pseudo ); - - // The user may use createPseudo to indicate that - // arguments are needed to create the filter function - // just as Sizzle does - if ( fn[ expando ] ) { - return fn( argument ); - } - - // But maintain support for old signatures - if ( fn.length > 1 ) { - args = [ pseudo, pseudo, "", argument ]; - return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ? - markFunction( function( seed, matches ) { - var idx, - matched = fn( seed, argument ), - i = matched.length; - while ( i-- ) { - idx = indexOf( seed, matched[ i ] ); - seed[ idx ] = !( matches[ idx ] = matched[ i ] ); - } - } ) : - function( elem ) { - return fn( elem, 0, args ); - }; - } - - return fn; - } - }, - - pseudos: { - - // Potentially complex pseudos - "not": markFunction( function( selector ) { - - // Trim the selector passed to compile - // to avoid treating leading and trailing - // spaces as combinators - var input = [], - results = [], - matcher = compile( selector.replace( rtrim, "$1" ) ); - - return matcher[ expando ] ? - markFunction( function( seed, matches, _context, xml ) { - var elem, - unmatched = matcher( seed, null, xml, [] ), - i = seed.length; - - // Match elements unmatched by `matcher` - while ( i-- ) { - if ( ( elem = unmatched[ i ] ) ) { - seed[ i ] = !( matches[ i ] = elem ); - } - } - } ) : - function( elem, _context, xml ) { - input[ 0 ] = elem; - matcher( input, null, xml, results ); - - // Don't keep the element (issue #299) - input[ 0 ] = null; - return !results.pop(); - }; - } ), - - "has": markFunction( function( selector ) { - return function( elem ) { - return Sizzle( selector, elem ).length > 0; - }; - } ), - - "contains": markFunction( function( text ) { - text = text.replace( runescape, funescape ); - return function( elem ) { - return ( elem.textContent || getText( elem ) ).indexOf( text ) > -1; - }; - } ), - - // "Whether an element is represented by a :lang() selector - // is based solely on the element's language value - // being equal to the identifier C, - // or beginning with the identifier C immediately followed by "-". - // The matching of C against the element's language value is performed case-insensitively. - // The identifier C does not have to be a valid language name." - // http://www.w3.org/TR/selectors/#lang-pseudo - "lang": markFunction( function( lang ) { - - // lang value must be a valid identifier - if ( !ridentifier.test( lang || "" ) ) { - Sizzle.error( "unsupported lang: " + lang ); - } - lang = lang.replace( runescape, funescape ).toLowerCase(); - return function( elem ) { - var elemLang; - do { - if ( ( elemLang = documentIsHTML ? - elem.lang : - elem.getAttribute( "xml:lang" ) || elem.getAttribute( "lang" ) ) ) { - - elemLang = elemLang.toLowerCase(); - return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0; - } - } while ( ( elem = elem.parentNode ) && elem.nodeType === 1 ); - return false; - }; - } ), - - // Miscellaneous - "target": function( elem ) { - var hash = window.location && window.location.hash; - return hash && hash.slice( 1 ) === elem.id; - }, - - "root": function( elem ) { - return elem === docElem; - }, - - "focus": function( elem ) { - return elem === document.activeElement && - ( !document.hasFocus || document.hasFocus() ) && - !!( elem.type || elem.href || ~elem.tabIndex ); - }, - - // Boolean properties - "enabled": createDisabledPseudo( false ), - "disabled": createDisabledPseudo( true ), - - "checked": function( elem ) { - - // In CSS3, :checked should return both checked and selected elements - // http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked - var nodeName = elem.nodeName.toLowerCase(); - return ( nodeName === "input" && !!elem.checked ) || - ( nodeName === "option" && !!elem.selected ); - }, - - "selected": function( elem ) { - - // Accessing this property makes selected-by-default - // options in Safari work properly - if ( elem.parentNode ) { - // eslint-disable-next-line no-unused-expressions - elem.parentNode.selectedIndex; - } - - return elem.selected === true; - }, - - // Contents - "empty": function( elem ) { - - // http://www.w3.org/TR/selectors/#empty-pseudo - // :empty is negated by element (1) or content nodes (text: 3; cdata: 4; entity ref: 5), - // but not by others (comment: 8; processing instruction: 7; etc.) - // nodeType < 6 works because attributes (2) do not appear as children - for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) { - if ( elem.nodeType < 6 ) { - return false; - } - } - return true; - }, - - "parent": function( elem ) { - return !Expr.pseudos[ "empty" ]( elem ); - }, - - // Element/input types - "header": function( elem ) { - return rheader.test( elem.nodeName ); - }, - - "input": function( elem ) { - return rinputs.test( elem.nodeName ); - }, - - "button": function( elem ) { - var name = elem.nodeName.toLowerCase(); - return name === "input" && elem.type === "button" || name === "button"; - }, - - "text": function( elem ) { - var attr; - return elem.nodeName.toLowerCase() === "input" && - elem.type === "text" && - - // Support: IE<8 - // New HTML5 attribute values (e.g., "search") appear with elem.type === "text" - ( ( attr = elem.getAttribute( "type" ) ) == null || - attr.toLowerCase() === "text" ); - }, - - // Position-in-collection - "first": createPositionalPseudo( function() { - return [ 0 ]; - } ), - - "last": createPositionalPseudo( function( _matchIndexes, length ) { - return [ length - 1 ]; - } ), - - "eq": createPositionalPseudo( function( _matchIndexes, length, argument ) { - return [ argument < 0 ? argument + length : argument ]; - } ), - - "even": createPositionalPseudo( function( matchIndexes, length ) { - var i = 0; - for ( ; i < length; i += 2 ) { - matchIndexes.push( i ); - } - return matchIndexes; - } ), - - "odd": createPositionalPseudo( function( matchIndexes, length ) { - var i = 1; - for ( ; i < length; i += 2 ) { - matchIndexes.push( i ); - } - return matchIndexes; - } ), - - "lt": createPositionalPseudo( function( matchIndexes, length, argument ) { - var i = argument < 0 ? - argument + length : - argument > length ? - length : - argument; - for ( ; --i >= 0; ) { - matchIndexes.push( i ); - } - return matchIndexes; - } ), - - "gt": createPositionalPseudo( function( matchIndexes, length, argument ) { - var i = argument < 0 ? argument + length : argument; - for ( ; ++i < length; ) { - matchIndexes.push( i ); - } - return matchIndexes; - } ) - } -}; - -Expr.pseudos[ "nth" ] = Expr.pseudos[ "eq" ]; - -// Add button/input type pseudos -for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) { - Expr.pseudos[ i ] = createInputPseudo( i ); -} -for ( i in { submit: true, reset: true } ) { - Expr.pseudos[ i ] = createButtonPseudo( i ); -} - -// Easy API for creating new setFilters -function setFilters() {} -setFilters.prototype = Expr.filters = Expr.pseudos; -Expr.setFilters = new setFilters(); - -tokenize = Sizzle.tokenize = function( selector, parseOnly ) { - var matched, match, tokens, type, - soFar, groups, preFilters, - cached = tokenCache[ selector + " " ]; - - if ( cached ) { - return parseOnly ? 0 : cached.slice( 0 ); - } - - soFar = selector; - groups = []; - preFilters = Expr.preFilter; - - while ( soFar ) { - - // Comma and first run - if ( !matched || ( match = rcomma.exec( soFar ) ) ) { - if ( match ) { - - // Don't consume trailing commas as valid - soFar = soFar.slice( match[ 0 ].length ) || soFar; - } - groups.push( ( tokens = [] ) ); - } - - matched = false; - - // Combinators - if ( ( match = rcombinators.exec( soFar ) ) ) { - matched = match.shift(); - tokens.push( { - value: matched, - - // Cast descendant combinators to space - type: match[ 0 ].replace( rtrim, " " ) - } ); - soFar = soFar.slice( matched.length ); - } - - // Filters - for ( type in Expr.filter ) { - if ( ( match = matchExpr[ type ].exec( soFar ) ) && ( !preFilters[ type ] || - ( match = preFilters[ type ]( match ) ) ) ) { - matched = match.shift(); - tokens.push( { - value: matched, - type: type, - matches: match - } ); - soFar = soFar.slice( matched.length ); - } - } - - if ( !matched ) { - break; - } - } - - // Return the length of the invalid excess - // if we're just parsing - // Otherwise, throw an error or return tokens - return parseOnly ? - soFar.length : - soFar ? - Sizzle.error( selector ) : - - // Cache the tokens - tokenCache( selector, groups ).slice( 0 ); -}; - -function toSelector( tokens ) { - var i = 0, - len = tokens.length, - selector = ""; - for ( ; i < len; i++ ) { - selector += tokens[ i ].value; - } - return selector; -} - -function addCombinator( matcher, combinator, base ) { - var dir = combinator.dir, - skip = combinator.next, - key = skip || dir, - checkNonElements = base && key === "parentNode", - doneName = done++; - - return combinator.first ? - - // Check against closest ancestor/preceding element - function( elem, context, xml ) { - while ( ( elem = elem[ dir ] ) ) { - if ( elem.nodeType === 1 || checkNonElements ) { - return matcher( elem, context, xml ); - } - } - return false; - } : - - // Check against all ancestor/preceding elements - function( elem, context, xml ) { - var oldCache, uniqueCache, outerCache, - newCache = [ dirruns, doneName ]; - - // We can't set arbitrary data on XML nodes, so they don't benefit from combinator caching - if ( xml ) { - while ( ( elem = elem[ dir ] ) ) { - if ( elem.nodeType === 1 || checkNonElements ) { - if ( matcher( elem, context, xml ) ) { - return true; - } - } - } - } else { - while ( ( elem = elem[ dir ] ) ) { - if ( elem.nodeType === 1 || checkNonElements ) { - outerCache = elem[ expando ] || ( elem[ expando ] = {} ); - - // Support: IE <9 only - // Defend against cloned attroperties (jQuery gh-1709) - uniqueCache = outerCache[ elem.uniqueID ] || - ( outerCache[ elem.uniqueID ] = {} ); - - if ( skip && skip === elem.nodeName.toLowerCase() ) { - elem = elem[ dir ] || elem; - } else if ( ( oldCache = uniqueCache[ key ] ) && - oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) { - - // Assign to newCache so results back-propagate to previous elements - return ( newCache[ 2 ] = oldCache[ 2 ] ); - } else { - - // Reuse newcache so results back-propagate to previous elements - uniqueCache[ key ] = newCache; - - // A match means we're done; a fail means we have to keep checking - if ( ( newCache[ 2 ] = matcher( elem, context, xml ) ) ) { - return true; - } - } - } - } - } - return false; - }; -} - -function elementMatcher( matchers ) { - return matchers.length > 1 ? - function( elem, context, xml ) { - var i = matchers.length; - while ( i-- ) { - if ( !matchers[ i ]( elem, context, xml ) ) { - return false; - } - } - return true; - } : - matchers[ 0 ]; -} - -function multipleContexts( selector, contexts, results ) { - var i = 0, - len = contexts.length; - for ( ; i < len; i++ ) { - Sizzle( selector, contexts[ i ], results ); - } - return results; -} - -function condense( unmatched, map, filter, context, xml ) { - var elem, - newUnmatched = [], - i = 0, - len = unmatched.length, - mapped = map != null; - - for ( ; i < len; i++ ) { - if ( ( elem = unmatched[ i ] ) ) { - if ( !filter || filter( elem, context, xml ) ) { - newUnmatched.push( elem ); - if ( mapped ) { - map.push( i ); - } - } - } - } - - return newUnmatched; -} - -function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) { - if ( postFilter && !postFilter[ expando ] ) { - postFilter = setMatcher( postFilter ); - } - if ( postFinder && !postFinder[ expando ] ) { - postFinder = setMatcher( postFinder, postSelector ); - } - return markFunction( function( seed, results, context, xml ) { - var temp, i, elem, - preMap = [], - postMap = [], - preexisting = results.length, - - // Get initial elements from seed or context - elems = seed || multipleContexts( - selector || "*", - context.nodeType ? [ context ] : context, - [] - ), - - // Prefilter to get matcher input, preserving a map for seed-results synchronization - matcherIn = preFilter && ( seed || !selector ) ? - condense( elems, preMap, preFilter, context, xml ) : - elems, - - matcherOut = matcher ? - - // If we have a postFinder, or filtered seed, or non-seed postFilter or preexisting results, - postFinder || ( seed ? preFilter : preexisting || postFilter ) ? - - // ...intermediate processing is necessary - [] : - - // ...otherwise use results directly - results : - matcherIn; - - // Find primary matches - if ( matcher ) { - matcher( matcherIn, matcherOut, context, xml ); - } - - // Apply postFilter - if ( postFilter ) { - temp = condense( matcherOut, postMap ); - postFilter( temp, [], context, xml ); - - // Un-match failing elements by moving them back to matcherIn - i = temp.length; - while ( i-- ) { - if ( ( elem = temp[ i ] ) ) { - matcherOut[ postMap[ i ] ] = !( matcherIn[ postMap[ i ] ] = elem ); - } - } - } - - if ( seed ) { - if ( postFinder || preFilter ) { - if ( postFinder ) { - - // Get the final matcherOut by condensing this intermediate into postFinder contexts - temp = []; - i = matcherOut.length; - while ( i-- ) { - if ( ( elem = matcherOut[ i ] ) ) { - - // Restore matcherIn since elem is not yet a final match - temp.push( ( matcherIn[ i ] = elem ) ); - } - } - postFinder( null, ( matcherOut = [] ), temp, xml ); - } - - // Move matched elements from seed to results to keep them synchronized - i = matcherOut.length; - while ( i-- ) { - if ( ( elem = matcherOut[ i ] ) && - ( temp = postFinder ? indexOf( seed, elem ) : preMap[ i ] ) > -1 ) { - - seed[ temp ] = !( results[ temp ] = elem ); - } - } - } - - // Add elements to results, through postFinder if defined - } else { - matcherOut = condense( - matcherOut === results ? - matcherOut.splice( preexisting, matcherOut.length ) : - matcherOut - ); - if ( postFinder ) { - postFinder( null, results, matcherOut, xml ); - } else { - push.apply( results, matcherOut ); - } - } - } ); -} - -function matcherFromTokens( tokens ) { - var checkContext, matcher, j, - len = tokens.length, - leadingRelative = Expr.relative[ tokens[ 0 ].type ], - implicitRelative = leadingRelative || Expr.relative[ " " ], - i = leadingRelative ? 1 : 0, - - // The foundational matcher ensures that elements are reachable from top-level context(s) - matchContext = addCombinator( function( elem ) { - return elem === checkContext; - }, implicitRelative, true ), - matchAnyContext = addCombinator( function( elem ) { - return indexOf( checkContext, elem ) > -1; - }, implicitRelative, true ), - matchers = [ function( elem, context, xml ) { - var ret = ( !leadingRelative && ( xml || context !== outermostContext ) ) || ( - ( checkContext = context ).nodeType ? - matchContext( elem, context, xml ) : - matchAnyContext( elem, context, xml ) ); - - // Avoid hanging onto element (issue #299) - checkContext = null; - return ret; - } ]; - - for ( ; i < len; i++ ) { - if ( ( matcher = Expr.relative[ tokens[ i ].type ] ) ) { - matchers = [ addCombinator( elementMatcher( matchers ), matcher ) ]; - } else { - matcher = Expr.filter[ tokens[ i ].type ].apply( null, tokens[ i ].matches ); - - // Return special upon seeing a positional matcher - if ( matcher[ expando ] ) { - - // Find the next relative operator (if any) for proper handling - j = ++i; - for ( ; j < len; j++ ) { - if ( Expr.relative[ tokens[ j ].type ] ) { - break; - } - } - return setMatcher( - i > 1 && elementMatcher( matchers ), - i > 1 && toSelector( - - // If the preceding token was a descendant combinator, insert an implicit any-element `*` - tokens - .slice( 0, i - 1 ) - .concat( { value: tokens[ i - 2 ].type === " " ? "*" : "" } ) - ).replace( rtrim, "$1" ), - matcher, - i < j && matcherFromTokens( tokens.slice( i, j ) ), - j < len && matcherFromTokens( ( tokens = tokens.slice( j ) ) ), - j < len && toSelector( tokens ) - ); - } - matchers.push( matcher ); - } - } - - return elementMatcher( matchers ); -} - -function matcherFromGroupMatchers( elementMatchers, setMatchers ) { - var bySet = setMatchers.length > 0, - byElement = elementMatchers.length > 0, - superMatcher = function( seed, context, xml, results, outermost ) { - var elem, j, matcher, - matchedCount = 0, - i = "0", - unmatched = seed && [], - setMatched = [], - contextBackup = outermostContext, - - // We must always have either seed elements or outermost context - elems = seed || byElement && Expr.find[ "TAG" ]( "*", outermost ), - - // Use integer dirruns iff this is the outermost matcher - dirrunsUnique = ( dirruns += contextBackup == null ? 1 : Math.random() || 0.1 ), - len = elems.length; - - if ( outermost ) { - - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - outermostContext = context == document || context || outermost; - } - - // Add elements passing elementMatchers directly to results - // Support: IE<9, Safari - // Tolerate NodeList properties (IE: "length"; Safari: ) matching elements by id - for ( ; i !== len && ( elem = elems[ i ] ) != null; i++ ) { - if ( byElement && elem ) { - j = 0; - - // Support: IE 11+, Edge 17 - 18+ - // IE/Edge sometimes throw a "Permission denied" error when strict-comparing - // two documents; shallow comparisons work. - // eslint-disable-next-line eqeqeq - if ( !context && elem.ownerDocument != document ) { - setDocument( elem ); - xml = !documentIsHTML; - } - while ( ( matcher = elementMatchers[ j++ ] ) ) { - if ( matcher( elem, context || document, xml ) ) { - results.push( elem ); - break; - } - } - if ( outermost ) { - dirruns = dirrunsUnique; - } - } - - // Track unmatched elements for set filters - if ( bySet ) { - - // They will have gone through all possible matchers - if ( ( elem = !matcher && elem ) ) { - matchedCount--; - } - - // Lengthen the array for every element, matched or not - if ( seed ) { - unmatched.push( elem ); - } - } - } - - // `i` is now the count of elements visited above, and adding it to `matchedCount` - // makes the latter nonnegative. - matchedCount += i; - - // Apply set filters to unmatched elements - // NOTE: This can be skipped if there are no unmatched elements (i.e., `matchedCount` - // equals `i`), unless we didn't visit _any_ elements in the above loop because we have - // no element matchers and no seed. - // Incrementing an initially-string "0" `i` allows `i` to remain a string only in that - // case, which will result in a "00" `matchedCount` that differs from `i` but is also - // numerically zero. - if ( bySet && i !== matchedCount ) { - j = 0; - while ( ( matcher = setMatchers[ j++ ] ) ) { - matcher( unmatched, setMatched, context, xml ); - } - - if ( seed ) { - - // Reintegrate element matches to eliminate the need for sorting - if ( matchedCount > 0 ) { - while ( i-- ) { - if ( !( unmatched[ i ] || setMatched[ i ] ) ) { - setMatched[ i ] = pop.call( results ); - } - } - } - - // Discard index placeholder values to get only actual matches - setMatched = condense( setMatched ); - } - - // Add matches to results - push.apply( results, setMatched ); - - // Seedless set matches succeeding multiple successful matchers stipulate sorting - if ( outermost && !seed && setMatched.length > 0 && - ( matchedCount + setMatchers.length ) > 1 ) { - - Sizzle.uniqueSort( results ); - } - } - - // Override manipulation of globals by nested matchers - if ( outermost ) { - dirruns = dirrunsUnique; - outermostContext = contextBackup; - } - - return unmatched; - }; - - return bySet ? - markFunction( superMatcher ) : - superMatcher; -} - -compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) { - var i, - setMatchers = [], - elementMatchers = [], - cached = compilerCache[ selector + " " ]; - - if ( !cached ) { - - // Generate a function of recursive functions that can be used to check each element - if ( !match ) { - match = tokenize( selector ); - } - i = match.length; - while ( i-- ) { - cached = matcherFromTokens( match[ i ] ); - if ( cached[ expando ] ) { - setMatchers.push( cached ); - } else { - elementMatchers.push( cached ); - } - } - - // Cache the compiled function - cached = compilerCache( - selector, - matcherFromGroupMatchers( elementMatchers, setMatchers ) - ); - - // Save selector and tokenization - cached.selector = selector; - } - return cached; -}; - -/** - * A low-level selection function that works with Sizzle's compiled - * selector functions - * @param {String|Function} selector A selector or a pre-compiled - * selector function built with Sizzle.compile - * @param {Element} context - * @param {Array} [results] - * @param {Array} [seed] A set of elements to match against - */ -select = Sizzle.select = function( selector, context, results, seed ) { - var i, tokens, token, type, find, - compiled = typeof selector === "function" && selector, - match = !seed && tokenize( ( selector = compiled.selector || selector ) ); - - results = results || []; - - // Try to minimize operations if there is only one selector in the list and no seed - // (the latter of which guarantees us context) - if ( match.length === 1 ) { - - // Reduce context if the leading compound selector is an ID - tokens = match[ 0 ] = match[ 0 ].slice( 0 ); - if ( tokens.length > 2 && ( token = tokens[ 0 ] ).type === "ID" && - context.nodeType === 9 && documentIsHTML && Expr.relative[ tokens[ 1 ].type ] ) { - - context = ( Expr.find[ "ID" ]( token.matches[ 0 ] - .replace( runescape, funescape ), context ) || [] )[ 0 ]; - if ( !context ) { - return results; - - // Precompiled matchers will still verify ancestry, so step up a level - } else if ( compiled ) { - context = context.parentNode; - } - - selector = selector.slice( tokens.shift().value.length ); - } - - // Fetch a seed set for right-to-left matching - i = matchExpr[ "needsContext" ].test( selector ) ? 0 : tokens.length; - while ( i-- ) { - token = tokens[ i ]; - - // Abort if we hit a combinator - if ( Expr.relative[ ( type = token.type ) ] ) { - break; - } - if ( ( find = Expr.find[ type ] ) ) { - - // Search, expanding context for leading sibling combinators - if ( ( seed = find( - token.matches[ 0 ].replace( runescape, funescape ), - rsibling.test( tokens[ 0 ].type ) && testContext( context.parentNode ) || - context - ) ) ) { - - // If seed is empty or no tokens remain, we can return early - tokens.splice( i, 1 ); - selector = seed.length && toSelector( tokens ); - if ( !selector ) { - push.apply( results, seed ); - return results; - } - - break; - } - } - } - } - - // Compile and execute a filtering function if one is not provided - // Provide `match` to avoid retokenization if we modified the selector above - ( compiled || compile( selector, match ) )( - seed, - context, - !documentIsHTML, - results, - !context || rsibling.test( selector ) && testContext( context.parentNode ) || context - ); - return results; -}; - -// One-time assignments - -// Sort stability -support.sortStable = expando.split( "" ).sort( sortOrder ).join( "" ) === expando; - -// Support: Chrome 14-35+ -// Always assume duplicates if they aren't passed to the comparison function -support.detectDuplicates = !!hasDuplicate; - -// Initialize against the default document -setDocument(); - -// Support: Webkit<537.32 - Safari 6.0.3/Chrome 25 (fixed in Chrome 27) -// Detached nodes confoundingly follow *each other* -support.sortDetached = assert( function( el ) { - - // Should return 1, but returns 4 (following) - return el.compareDocumentPosition( document.createElement( "fieldset" ) ) & 1; -} ); - -// Support: IE<8 -// Prevent attribute/property "interpolation" -// https://msdn.microsoft.com/en-us/library/ms536429%28VS.85%29.aspx -if ( !assert( function( el ) { - el.innerHTML = ""; - return el.firstChild.getAttribute( "href" ) === "#"; -} ) ) { - addHandle( "type|href|height|width", function( elem, name, isXML ) { - if ( !isXML ) { - return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 ); - } - } ); -} - -// Support: IE<9 -// Use defaultValue in place of getAttribute("value") -if ( !support.attributes || !assert( function( el ) { - el.innerHTML = ""; - el.firstChild.setAttribute( "value", "" ); - return el.firstChild.getAttribute( "value" ) === ""; -} ) ) { - addHandle( "value", function( elem, _name, isXML ) { - if ( !isXML && elem.nodeName.toLowerCase() === "input" ) { - return elem.defaultValue; - } - } ); -} - -// Support: IE<9 -// Use getAttributeNode to fetch booleans when getAttribute lies -if ( !assert( function( el ) { - return el.getAttribute( "disabled" ) == null; -} ) ) { - addHandle( booleans, function( elem, name, isXML ) { - var val; - if ( !isXML ) { - return elem[ name ] === true ? name.toLowerCase() : - ( val = elem.getAttributeNode( name ) ) && val.specified ? - val.value : - null; - } - } ); -} - -return Sizzle; - -} )( window ); - - - -jQuery.find = Sizzle; -jQuery.expr = Sizzle.selectors; - -// Deprecated -jQuery.expr[ ":" ] = jQuery.expr.pseudos; -jQuery.uniqueSort = jQuery.unique = Sizzle.uniqueSort; -jQuery.text = Sizzle.getText; -jQuery.isXMLDoc = Sizzle.isXML; -jQuery.contains = Sizzle.contains; -jQuery.escapeSelector = Sizzle.escape; - - - - -var dir = function( elem, dir, until ) { - var matched = [], - truncate = until !== undefined; - - while ( ( elem = elem[ dir ] ) && elem.nodeType !== 9 ) { - if ( elem.nodeType === 1 ) { - if ( truncate && jQuery( elem ).is( until ) ) { - break; - } - matched.push( elem ); - } - } - return matched; -}; - - -var siblings = function( n, elem ) { - var matched = []; - - for ( ; n; n = n.nextSibling ) { - if ( n.nodeType === 1 && n !== elem ) { - matched.push( n ); - } - } - - return matched; -}; - - -var rneedsContext = jQuery.expr.match.needsContext; - - - -function nodeName( elem, name ) { - - return elem.nodeName && elem.nodeName.toLowerCase() === name.toLowerCase(); - -}; -var rsingleTag = ( /^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i ); - - - -// Implement the identical functionality for filter and not -function winnow( elements, qualifier, not ) { - if ( isFunction( qualifier ) ) { - return jQuery.grep( elements, function( elem, i ) { - return !!qualifier.call( elem, i, elem ) !== not; - } ); - } - - // Single element - if ( qualifier.nodeType ) { - return jQuery.grep( elements, function( elem ) { - return ( elem === qualifier ) !== not; - } ); - } - - // Arraylike of elements (jQuery, arguments, Array) - if ( typeof qualifier !== "string" ) { - return jQuery.grep( elements, function( elem ) { - return ( indexOf.call( qualifier, elem ) > -1 ) !== not; - } ); - } - - // Filtered directly for both simple and complex selectors - return jQuery.filter( qualifier, elements, not ); -} - -jQuery.filter = function( expr, elems, not ) { - var elem = elems[ 0 ]; - - if ( not ) { - expr = ":not(" + expr + ")"; - } - - if ( elems.length === 1 && elem.nodeType === 1 ) { - return jQuery.find.matchesSelector( elem, expr ) ? [ elem ] : []; - } - - return jQuery.find.matches( expr, jQuery.grep( elems, function( elem ) { - return elem.nodeType === 1; - } ) ); -}; - -jQuery.fn.extend( { - find: function( selector ) { - var i, ret, - len = this.length, - self = this; - - if ( typeof selector !== "string" ) { - return this.pushStack( jQuery( selector ).filter( function() { - for ( i = 0; i < len; i++ ) { - if ( jQuery.contains( self[ i ], this ) ) { - return true; - } - } - } ) ); - } - - ret = this.pushStack( [] ); - - for ( i = 0; i < len; i++ ) { - jQuery.find( selector, self[ i ], ret ); - } - - return len > 1 ? jQuery.uniqueSort( ret ) : ret; - }, - filter: function( selector ) { - return this.pushStack( winnow( this, selector || [], false ) ); - }, - not: function( selector ) { - return this.pushStack( winnow( this, selector || [], true ) ); - }, - is: function( selector ) { - return !!winnow( - this, - - // If this is a positional/relative selector, check membership in the returned set - // so $("p:first").is("p:last") won't return true for a doc with two "p". - typeof selector === "string" && rneedsContext.test( selector ) ? - jQuery( selector ) : - selector || [], - false - ).length; - } -} ); - - -// Initialize a jQuery object - - -// A central reference to the root jQuery(document) -var rootjQuery, - - // A simple way to check for HTML strings - // Prioritize #id over to avoid XSS via location.hash (#9521) - // Strict HTML recognition (#11290: must start with <) - // Shortcut simple #id case for speed - rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/, - - init = jQuery.fn.init = function( selector, context, root ) { - var match, elem; - - // HANDLE: $(""), $(null), $(undefined), $(false) - if ( !selector ) { - return this; - } - - // Method init() accepts an alternate rootjQuery - // so migrate can support jQuery.sub (gh-2101) - root = root || rootjQuery; - - // Handle HTML strings - if ( typeof selector === "string" ) { - if ( selector[ 0 ] === "<" && - selector[ selector.length - 1 ] === ">" && - selector.length >= 3 ) { - - // Assume that strings that start and end with <> are HTML and skip the regex check - match = [ null, selector, null ]; - - } else { - match = rquickExpr.exec( selector ); - } - - // Match html or make sure no context is specified for #id - if ( match && ( match[ 1 ] || !context ) ) { - - // HANDLE: $(html) -> $(array) - if ( match[ 1 ] ) { - context = context instanceof jQuery ? context[ 0 ] : context; - - // Option to run scripts is true for back-compat - // Intentionally let the error be thrown if parseHTML is not present - jQuery.merge( this, jQuery.parseHTML( - match[ 1 ], - context && context.nodeType ? context.ownerDocument || context : document, - true - ) ); - - // HANDLE: $(html, props) - if ( rsingleTag.test( match[ 1 ] ) && jQuery.isPlainObject( context ) ) { - for ( match in context ) { - - // Properties of context are called as methods if possible - if ( isFunction( this[ match ] ) ) { - this[ match ]( context[ match ] ); - - // ...and otherwise set as attributes - } else { - this.attr( match, context[ match ] ); - } - } - } - - return this; - - // HANDLE: $(#id) - } else { - elem = document.getElementById( match[ 2 ] ); - - if ( elem ) { - - // Inject the element directly into the jQuery object - this[ 0 ] = elem; - this.length = 1; - } - return this; - } - - // HANDLE: $(expr, $(...)) - } else if ( !context || context.jquery ) { - return ( context || root ).find( selector ); - - // HANDLE: $(expr, context) - // (which is just equivalent to: $(context).find(expr) - } else { - return this.constructor( context ).find( selector ); - } - - // HANDLE: $(DOMElement) - } else if ( selector.nodeType ) { - this[ 0 ] = selector; - this.length = 1; - return this; - - // HANDLE: $(function) - // Shortcut for document ready - } else if ( isFunction( selector ) ) { - return root.ready !== undefined ? - root.ready( selector ) : - - // Execute immediately if ready is not present - selector( jQuery ); - } - - return jQuery.makeArray( selector, this ); - }; - -// Give the init function the jQuery prototype for later instantiation -init.prototype = jQuery.fn; - -// Initialize central reference -rootjQuery = jQuery( document ); - - -var rparentsprev = /^(?:parents|prev(?:Until|All))/, - - // Methods guaranteed to produce a unique set when starting from a unique set - guaranteedUnique = { - children: true, - contents: true, - next: true, - prev: true - }; - -jQuery.fn.extend( { - has: function( target ) { - var targets = jQuery( target, this ), - l = targets.length; - - return this.filter( function() { - var i = 0; - for ( ; i < l; i++ ) { - if ( jQuery.contains( this, targets[ i ] ) ) { - return true; - } - } - } ); - }, - - closest: function( selectors, context ) { - var cur, - i = 0, - l = this.length, - matched = [], - targets = typeof selectors !== "string" && jQuery( selectors ); - - // Positional selectors never match, since there's no _selection_ context - if ( !rneedsContext.test( selectors ) ) { - for ( ; i < l; i++ ) { - for ( cur = this[ i ]; cur && cur !== context; cur = cur.parentNode ) { - - // Always skip document fragments - if ( cur.nodeType < 11 && ( targets ? - targets.index( cur ) > -1 : - - // Don't pass non-elements to Sizzle - cur.nodeType === 1 && - jQuery.find.matchesSelector( cur, selectors ) ) ) { - - matched.push( cur ); - break; - } - } - } - } - - return this.pushStack( matched.length > 1 ? jQuery.uniqueSort( matched ) : matched ); - }, - - // Determine the position of an element within the set - index: function( elem ) { - - // No argument, return index in parent - if ( !elem ) { - return ( this[ 0 ] && this[ 0 ].parentNode ) ? this.first().prevAll().length : -1; - } - - // Index in selector - if ( typeof elem === "string" ) { - return indexOf.call( jQuery( elem ), this[ 0 ] ); - } - - // Locate the position of the desired element - return indexOf.call( this, - - // If it receives a jQuery object, the first element is used - elem.jquery ? elem[ 0 ] : elem - ); - }, - - add: function( selector, context ) { - return this.pushStack( - jQuery.uniqueSort( - jQuery.merge( this.get(), jQuery( selector, context ) ) - ) - ); - }, - - addBack: function( selector ) { - return this.add( selector == null ? - this.prevObject : this.prevObject.filter( selector ) - ); - } -} ); - -function sibling( cur, dir ) { - while ( ( cur = cur[ dir ] ) && cur.nodeType !== 1 ) {} - return cur; -} - -jQuery.each( { - parent: function( elem ) { - var parent = elem.parentNode; - return parent && parent.nodeType !== 11 ? parent : null; - }, - parents: function( elem ) { - return dir( elem, "parentNode" ); - }, - parentsUntil: function( elem, _i, until ) { - return dir( elem, "parentNode", until ); - }, - next: function( elem ) { - return sibling( elem, "nextSibling" ); - }, - prev: function( elem ) { - return sibling( elem, "previousSibling" ); - }, - nextAll: function( elem ) { - return dir( elem, "nextSibling" ); - }, - prevAll: function( elem ) { - return dir( elem, "previousSibling" ); - }, - nextUntil: function( elem, _i, until ) { - return dir( elem, "nextSibling", until ); - }, - prevUntil: function( elem, _i, until ) { - return dir( elem, "previousSibling", until ); - }, - siblings: function( elem ) { - return siblings( ( elem.parentNode || {} ).firstChild, elem ); - }, - children: function( elem ) { - return siblings( elem.firstChild ); - }, - contents: function( elem ) { - if ( elem.contentDocument != null && - - // Support: IE 11+ - // elements with no `data` attribute has an object - // `contentDocument` with a `null` prototype. - getProto( elem.contentDocument ) ) { - - return elem.contentDocument; - } - - // Support: IE 9 - 11 only, iOS 7 only, Android Browser <=4.3 only - // Treat the template element as a regular one in browsers that - // don't support it. - if ( nodeName( elem, "template" ) ) { - elem = elem.content || elem; - } - - return jQuery.merge( [], elem.childNodes ); - } -}, function( name, fn ) { - jQuery.fn[ name ] = function( until, selector ) { - var matched = jQuery.map( this, fn, until ); - - if ( name.slice( -5 ) !== "Until" ) { - selector = until; - } - - if ( selector && typeof selector === "string" ) { - matched = jQuery.filter( selector, matched ); - } - - if ( this.length > 1 ) { - - // Remove duplicates - if ( !guaranteedUnique[ name ] ) { - jQuery.uniqueSort( matched ); - } - - // Reverse order for parents* and prev-derivatives - if ( rparentsprev.test( name ) ) { - matched.reverse(); - } - } - - return this.pushStack( matched ); - }; -} ); -var rnothtmlwhite = ( /[^\x20\t\r\n\f]+/g ); - - - -// Convert String-formatted options into Object-formatted ones -function createOptions( options ) { - var object = {}; - jQuery.each( options.match( rnothtmlwhite ) || [], function( _, flag ) { - object[ flag ] = true; - } ); - return object; -} - -/* - * Create a callback list using the following parameters: - * - * options: an optional list of space-separated options that will change how - * the callback list behaves or a more traditional option object - * - * By default a callback list will act like an event callback list and can be - * "fired" multiple times. - * - * Possible options: - * - * once: will ensure the callback list can only be fired once (like a Deferred) - * - * memory: will keep track of previous values and will call any callback added - * after the list has been fired right away with the latest "memorized" - * values (like a Deferred) - * - * unique: will ensure a callback can only be added once (no duplicate in the list) - * - * stopOnFalse: interrupt callings when a callback returns false - * - */ -jQuery.Callbacks = function( options ) { - - // Convert options from String-formatted to Object-formatted if needed - // (we check in cache first) - options = typeof options === "string" ? - createOptions( options ) : - jQuery.extend( {}, options ); - - var // Flag to know if list is currently firing - firing, - - // Last fire value for non-forgettable lists - memory, - - // Flag to know if list was already fired - fired, - - // Flag to prevent firing - locked, - - // Actual callback list - list = [], - - // Queue of execution data for repeatable lists - queue = [], - - // Index of currently firing callback (modified by add/remove as needed) - firingIndex = -1, - - // Fire callbacks - fire = function() { - - // Enforce single-firing - locked = locked || options.once; - - // Execute callbacks for all pending executions, - // respecting firingIndex overrides and runtime changes - fired = firing = true; - for ( ; queue.length; firingIndex = -1 ) { - memory = queue.shift(); - while ( ++firingIndex < list.length ) { - - // Run callback and check for early termination - if ( list[ firingIndex ].apply( memory[ 0 ], memory[ 1 ] ) === false && - options.stopOnFalse ) { - - // Jump to end and forget the data so .add doesn't re-fire - firingIndex = list.length; - memory = false; - } - } - } - - // Forget the data if we're done with it - if ( !options.memory ) { - memory = false; - } - - firing = false; - - // Clean up if we're done firing for good - if ( locked ) { - - // Keep an empty list if we have data for future add calls - if ( memory ) { - list = []; - - // Otherwise, this object is spent - } else { - list = ""; - } - } - }, - - // Actual Callbacks object - self = { - - // Add a callback or a collection of callbacks to the list - add: function() { - if ( list ) { - - // If we have memory from a past run, we should fire after adding - if ( memory && !firing ) { - firingIndex = list.length - 1; - queue.push( memory ); - } - - ( function add( args ) { - jQuery.each( args, function( _, arg ) { - if ( isFunction( arg ) ) { - if ( !options.unique || !self.has( arg ) ) { - list.push( arg ); - } - } else if ( arg && arg.length && toType( arg ) !== "string" ) { - - // Inspect recursively - add( arg ); - } - } ); - } )( arguments ); - - if ( memory && !firing ) { - fire(); - } - } - return this; - }, - - // Remove a callback from the list - remove: function() { - jQuery.each( arguments, function( _, arg ) { - var index; - while ( ( index = jQuery.inArray( arg, list, index ) ) > -1 ) { - list.splice( index, 1 ); - - // Handle firing indexes - if ( index <= firingIndex ) { - firingIndex--; - } - } - } ); - return this; - }, - - // Check if a given callback is in the list. - // If no argument is given, return whether or not list has callbacks attached. - has: function( fn ) { - return fn ? - jQuery.inArray( fn, list ) > -1 : - list.length > 0; - }, - - // Remove all callbacks from the list - empty: function() { - if ( list ) { - list = []; - } - return this; - }, - - // Disable .fire and .add - // Abort any current/pending executions - // Clear all callbacks and values - disable: function() { - locked = queue = []; - list = memory = ""; - return this; - }, - disabled: function() { - return !list; - }, - - // Disable .fire - // Also disable .add unless we have memory (since it would have no effect) - // Abort any pending executions - lock: function() { - locked = queue = []; - if ( !memory && !firing ) { - list = memory = ""; - } - return this; - }, - locked: function() { - return !!locked; - }, - - // Call all callbacks with the given context and arguments - fireWith: function( context, args ) { - if ( !locked ) { - args = args || []; - args = [ context, args.slice ? args.slice() : args ]; - queue.push( args ); - if ( !firing ) { - fire(); - } - } - return this; - }, - - // Call all the callbacks with the given arguments - fire: function() { - self.fireWith( this, arguments ); - return this; - }, - - // To know if the callbacks have already been called at least once - fired: function() { - return !!fired; - } - }; - - return self; -}; - - -function Identity( v ) { - return v; -} -function Thrower( ex ) { - throw ex; -} - -function adoptValue( value, resolve, reject, noValue ) { - var method; - - try { - - // Check for promise aspect first to privilege synchronous behavior - if ( value && isFunction( ( method = value.promise ) ) ) { - method.call( value ).done( resolve ).fail( reject ); - - // Other thenables - } else if ( value && isFunction( ( method = value.then ) ) ) { - method.call( value, resolve, reject ); - - // Other non-thenables - } else { - - // Control `resolve` arguments by letting Array#slice cast boolean `noValue` to integer: - // * false: [ value ].slice( 0 ) => resolve( value ) - // * true: [ value ].slice( 1 ) => resolve() - resolve.apply( undefined, [ value ].slice( noValue ) ); - } - - // For Promises/A+, convert exceptions into rejections - // Since jQuery.when doesn't unwrap thenables, we can skip the extra checks appearing in - // Deferred#then to conditionally suppress rejection. - } catch ( value ) { - - // Support: Android 4.0 only - // Strict mode functions invoked without .call/.apply get global-object context - reject.apply( undefined, [ value ] ); - } -} - -jQuery.extend( { - - Deferred: function( func ) { - var tuples = [ - - // action, add listener, callbacks, - // ... .then handlers, argument index, [final state] - [ "notify", "progress", jQuery.Callbacks( "memory" ), - jQuery.Callbacks( "memory" ), 2 ], - [ "resolve", "done", jQuery.Callbacks( "once memory" ), - jQuery.Callbacks( "once memory" ), 0, "resolved" ], - [ "reject", "fail", jQuery.Callbacks( "once memory" ), - jQuery.Callbacks( "once memory" ), 1, "rejected" ] - ], - state = "pending", - promise = { - state: function() { - return state; - }, - always: function() { - deferred.done( arguments ).fail( arguments ); - return this; - }, - "catch": function( fn ) { - return promise.then( null, fn ); - }, - - // Keep pipe for back-compat - pipe: function( /* fnDone, fnFail, fnProgress */ ) { - var fns = arguments; - - return jQuery.Deferred( function( newDefer ) { - jQuery.each( tuples, function( _i, tuple ) { - - // Map tuples (progress, done, fail) to arguments (done, fail, progress) - var fn = isFunction( fns[ tuple[ 4 ] ] ) && fns[ tuple[ 4 ] ]; - - // deferred.progress(function() { bind to newDefer or newDefer.notify }) - // deferred.done(function() { bind to newDefer or newDefer.resolve }) - // deferred.fail(function() { bind to newDefer or newDefer.reject }) - deferred[ tuple[ 1 ] ]( function() { - var returned = fn && fn.apply( this, arguments ); - if ( returned && isFunction( returned.promise ) ) { - returned.promise() - .progress( newDefer.notify ) - .done( newDefer.resolve ) - .fail( newDefer.reject ); - } else { - newDefer[ tuple[ 0 ] + "With" ]( - this, - fn ? [ returned ] : arguments - ); - } - } ); - } ); - fns = null; - } ).promise(); - }, - then: function( onFulfilled, onRejected, onProgress ) { - var maxDepth = 0; - function resolve( depth, deferred, handler, special ) { - return function() { - var that = this, - args = arguments, - mightThrow = function() { - var returned, then; - - // Support: Promises/A+ section 2.3.3.3.3 - // https://promisesaplus.com/#point-59 - // Ignore double-resolution attempts - if ( depth < maxDepth ) { - return; - } - - returned = handler.apply( that, args ); - - // Support: Promises/A+ section 2.3.1 - // https://promisesaplus.com/#point-48 - if ( returned === deferred.promise() ) { - throw new TypeError( "Thenable self-resolution" ); - } - - // Support: Promises/A+ sections 2.3.3.1, 3.5 - // https://promisesaplus.com/#point-54 - // https://promisesaplus.com/#point-75 - // Retrieve `then` only once - then = returned && - - // Support: Promises/A+ section 2.3.4 - // https://promisesaplus.com/#point-64 - // Only check objects and functions for thenability - ( typeof returned === "object" || - typeof returned === "function" ) && - returned.then; - - // Handle a returned thenable - if ( isFunction( then ) ) { - - // Special processors (notify) just wait for resolution - if ( special ) { - then.call( - returned, - resolve( maxDepth, deferred, Identity, special ), - resolve( maxDepth, deferred, Thrower, special ) - ); - - // Normal processors (resolve) also hook into progress - } else { - - // ...and disregard older resolution values - maxDepth++; - - then.call( - returned, - resolve( maxDepth, deferred, Identity, special ), - resolve( maxDepth, deferred, Thrower, special ), - resolve( maxDepth, deferred, Identity, - deferred.notifyWith ) - ); - } - - // Handle all other returned values - } else { - - // Only substitute handlers pass on context - // and multiple values (non-spec behavior) - if ( handler !== Identity ) { - that = undefined; - args = [ returned ]; - } - - // Process the value(s) - // Default process is resolve - ( special || deferred.resolveWith )( that, args ); - } - }, - - // Only normal processors (resolve) catch and reject exceptions - process = special ? - mightThrow : - function() { - try { - mightThrow(); - } catch ( e ) { - - if ( jQuery.Deferred.exceptionHook ) { - jQuery.Deferred.exceptionHook( e, - process.stackTrace ); - } - - // Support: Promises/A+ section 2.3.3.3.4.1 - // https://promisesaplus.com/#point-61 - // Ignore post-resolution exceptions - if ( depth + 1 >= maxDepth ) { - - // Only substitute handlers pass on context - // and multiple values (non-spec behavior) - if ( handler !== Thrower ) { - that = undefined; - args = [ e ]; - } - - deferred.rejectWith( that, args ); - } - } - }; - - // Support: Promises/A+ section 2.3.3.3.1 - // https://promisesaplus.com/#point-57 - // Re-resolve promises immediately to dodge false rejection from - // subsequent errors - if ( depth ) { - process(); - } else { - - // Call an optional hook to record the stack, in case of exception - // since it's otherwise lost when execution goes async - if ( jQuery.Deferred.getStackHook ) { - process.stackTrace = jQuery.Deferred.getStackHook(); - } - window.setTimeout( process ); - } - }; - } - - return jQuery.Deferred( function( newDefer ) { - - // progress_handlers.add( ... ) - tuples[ 0 ][ 3 ].add( - resolve( - 0, - newDefer, - isFunction( onProgress ) ? - onProgress : - Identity, - newDefer.notifyWith - ) - ); - - // fulfilled_handlers.add( ... ) - tuples[ 1 ][ 3 ].add( - resolve( - 0, - newDefer, - isFunction( onFulfilled ) ? - onFulfilled : - Identity - ) - ); - - // rejected_handlers.add( ... ) - tuples[ 2 ][ 3 ].add( - resolve( - 0, - newDefer, - isFunction( onRejected ) ? - onRejected : - Thrower - ) - ); - } ).promise(); - }, - - // Get a promise for this deferred - // If obj is provided, the promise aspect is added to the object - promise: function( obj ) { - return obj != null ? jQuery.extend( obj, promise ) : promise; - } - }, - deferred = {}; - - // Add list-specific methods - jQuery.each( tuples, function( i, tuple ) { - var list = tuple[ 2 ], - stateString = tuple[ 5 ]; - - // promise.progress = list.add - // promise.done = list.add - // promise.fail = list.add - promise[ tuple[ 1 ] ] = list.add; - - // Handle state - if ( stateString ) { - list.add( - function() { - - // state = "resolved" (i.e., fulfilled) - // state = "rejected" - state = stateString; - }, - - // rejected_callbacks.disable - // fulfilled_callbacks.disable - tuples[ 3 - i ][ 2 ].disable, - - // rejected_handlers.disable - // fulfilled_handlers.disable - tuples[ 3 - i ][ 3 ].disable, - - // progress_callbacks.lock - tuples[ 0 ][ 2 ].lock, - - // progress_handlers.lock - tuples[ 0 ][ 3 ].lock - ); - } - - // progress_handlers.fire - // fulfilled_handlers.fire - // rejected_handlers.fire - list.add( tuple[ 3 ].fire ); - - // deferred.notify = function() { deferred.notifyWith(...) } - // deferred.resolve = function() { deferred.resolveWith(...) } - // deferred.reject = function() { deferred.rejectWith(...) } - deferred[ tuple[ 0 ] ] = function() { - deferred[ tuple[ 0 ] + "With" ]( this === deferred ? undefined : this, arguments ); - return this; - }; - - // deferred.notifyWith = list.fireWith - // deferred.resolveWith = list.fireWith - // deferred.rejectWith = list.fireWith - deferred[ tuple[ 0 ] + "With" ] = list.fireWith; - } ); - - // Make the deferred a promise - promise.promise( deferred ); - - // Call given func if any - if ( func ) { - func.call( deferred, deferred ); - } - - // All done! - return deferred; - }, - - // Deferred helper - when: function( singleValue ) { - var - - // count of uncompleted subordinates - remaining = arguments.length, - - // count of unprocessed arguments - i = remaining, - - // subordinate fulfillment data - resolveContexts = Array( i ), - resolveValues = slice.call( arguments ), - - // the master Deferred - master = jQuery.Deferred(), - - // subordinate callback factory - updateFunc = function( i ) { - return function( value ) { - resolveContexts[ i ] = this; - resolveValues[ i ] = arguments.length > 1 ? slice.call( arguments ) : value; - if ( !( --remaining ) ) { - master.resolveWith( resolveContexts, resolveValues ); - } - }; - }; - - // Single- and empty arguments are adopted like Promise.resolve - if ( remaining <= 1 ) { - adoptValue( singleValue, master.done( updateFunc( i ) ).resolve, master.reject, - !remaining ); - - // Use .then() to unwrap secondary thenables (cf. gh-3000) - if ( master.state() === "pending" || - isFunction( resolveValues[ i ] && resolveValues[ i ].then ) ) { - - return master.then(); - } - } - - // Multiple arguments are aggregated like Promise.all array elements - while ( i-- ) { - adoptValue( resolveValues[ i ], updateFunc( i ), master.reject ); - } - - return master.promise(); - } -} ); - - -// These usually indicate a programmer mistake during development, -// warn about them ASAP rather than swallowing them by default. -var rerrorNames = /^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/; - -jQuery.Deferred.exceptionHook = function( error, stack ) { - - // Support: IE 8 - 9 only - // Console exists when dev tools are open, which can happen at any time - if ( window.console && window.console.warn && error && rerrorNames.test( error.name ) ) { - window.console.warn( "jQuery.Deferred exception: " + error.message, error.stack, stack ); - } -}; - - - - -jQuery.readyException = function( error ) { - window.setTimeout( function() { - throw error; - } ); -}; - - - - -// The deferred used on DOM ready -var readyList = jQuery.Deferred(); - -jQuery.fn.ready = function( fn ) { - - readyList - .then( fn ) - - // Wrap jQuery.readyException in a function so that the lookup - // happens at the time of error handling instead of callback - // registration. - .catch( function( error ) { - jQuery.readyException( error ); - } ); - - return this; -}; - -jQuery.extend( { - - // Is the DOM ready to be used? Set to true once it occurs. - isReady: false, - - // A counter to track how many items to wait for before - // the ready event fires. See #6781 - readyWait: 1, - - // Handle when the DOM is ready - ready: function( wait ) { - - // Abort if there are pending holds or we're already ready - if ( wait === true ? --jQuery.readyWait : jQuery.isReady ) { - return; - } - - // Remember that the DOM is ready - jQuery.isReady = true; - - // If a normal DOM Ready event fired, decrement, and wait if need be - if ( wait !== true && --jQuery.readyWait > 0 ) { - return; - } - - // If there are functions bound, to execute - readyList.resolveWith( document, [ jQuery ] ); - } -} ); - -jQuery.ready.then = readyList.then; - -// The ready event handler and self cleanup method -function completed() { - document.removeEventListener( "DOMContentLoaded", completed ); - window.removeEventListener( "load", completed ); - jQuery.ready(); -} - -// Catch cases where $(document).ready() is called -// after the browser event has already occurred. -// Support: IE <=9 - 10 only -// Older IE sometimes signals "interactive" too soon -if ( document.readyState === "complete" || - ( document.readyState !== "loading" && !document.documentElement.doScroll ) ) { - - // Handle it asynchronously to allow scripts the opportunity to delay ready - window.setTimeout( jQuery.ready ); - -} else { - - // Use the handy event callback - document.addEventListener( "DOMContentLoaded", completed ); - - // A fallback to window.onload, that will always work - window.addEventListener( "load", completed ); -} - - - - -// Multifunctional method to get and set values of a collection -// The value/s can optionally be executed if it's a function -var access = function( elems, fn, key, value, chainable, emptyGet, raw ) { - var i = 0, - len = elems.length, - bulk = key == null; - - // Sets many values - if ( toType( key ) === "object" ) { - chainable = true; - for ( i in key ) { - access( elems, fn, i, key[ i ], true, emptyGet, raw ); - } - - // Sets one value - } else if ( value !== undefined ) { - chainable = true; - - if ( !isFunction( value ) ) { - raw = true; - } - - if ( bulk ) { - - // Bulk operations run against the entire set - if ( raw ) { - fn.call( elems, value ); - fn = null; - - // ...except when executing function values - } else { - bulk = fn; - fn = function( elem, _key, value ) { - return bulk.call( jQuery( elem ), value ); - }; - } - } - - if ( fn ) { - for ( ; i < len; i++ ) { - fn( - elems[ i ], key, raw ? - value : - value.call( elems[ i ], i, fn( elems[ i ], key ) ) - ); - } - } - } - - if ( chainable ) { - return elems; - } - - // Gets - if ( bulk ) { - return fn.call( elems ); - } - - return len ? fn( elems[ 0 ], key ) : emptyGet; -}; - - -// Matches dashed string for camelizing -var rmsPrefix = /^-ms-/, - rdashAlpha = /-([a-z])/g; - -// Used by camelCase as callback to replace() -function fcamelCase( _all, letter ) { - return letter.toUpperCase(); -} - -// Convert dashed to camelCase; used by the css and data modules -// Support: IE <=9 - 11, Edge 12 - 15 -// Microsoft forgot to hump their vendor prefix (#9572) -function camelCase( string ) { - return string.replace( rmsPrefix, "ms-" ).replace( rdashAlpha, fcamelCase ); -} -var acceptData = function( owner ) { - - // Accepts only: - // - Node - // - Node.ELEMENT_NODE - // - Node.DOCUMENT_NODE - // - Object - // - Any - return owner.nodeType === 1 || owner.nodeType === 9 || !( +owner.nodeType ); -}; - - - - -function Data() { - this.expando = jQuery.expando + Data.uid++; -} - -Data.uid = 1; - -Data.prototype = { - - cache: function( owner ) { - - // Check if the owner object already has a cache - var value = owner[ this.expando ]; - - // If not, create one - if ( !value ) { - value = {}; - - // We can accept data for non-element nodes in modern browsers, - // but we should not, see #8335. - // Always return an empty object. - if ( acceptData( owner ) ) { - - // If it is a node unlikely to be stringify-ed or looped over - // use plain assignment - if ( owner.nodeType ) { - owner[ this.expando ] = value; - - // Otherwise secure it in a non-enumerable property - // configurable must be true to allow the property to be - // deleted when data is removed - } else { - Object.defineProperty( owner, this.expando, { - value: value, - configurable: true - } ); - } - } - } - - return value; - }, - set: function( owner, data, value ) { - var prop, - cache = this.cache( owner ); - - // Handle: [ owner, key, value ] args - // Always use camelCase key (gh-2257) - if ( typeof data === "string" ) { - cache[ camelCase( data ) ] = value; - - // Handle: [ owner, { properties } ] args - } else { - - // Copy the properties one-by-one to the cache object - for ( prop in data ) { - cache[ camelCase( prop ) ] = data[ prop ]; - } - } - return cache; - }, - get: function( owner, key ) { - return key === undefined ? - this.cache( owner ) : - - // Always use camelCase key (gh-2257) - owner[ this.expando ] && owner[ this.expando ][ camelCase( key ) ]; - }, - access: function( owner, key, value ) { - - // In cases where either: - // - // 1. No key was specified - // 2. A string key was specified, but no value provided - // - // Take the "read" path and allow the get method to determine - // which value to return, respectively either: - // - // 1. The entire cache object - // 2. The data stored at the key - // - if ( key === undefined || - ( ( key && typeof key === "string" ) && value === undefined ) ) { - - return this.get( owner, key ); - } - - // When the key is not a string, or both a key and value - // are specified, set or extend (existing objects) with either: - // - // 1. An object of properties - // 2. A key and value - // - this.set( owner, key, value ); - - // Since the "set" path can have two possible entry points - // return the expected data based on which path was taken[*] - return value !== undefined ? value : key; - }, - remove: function( owner, key ) { - var i, - cache = owner[ this.expando ]; - - if ( cache === undefined ) { - return; - } - - if ( key !== undefined ) { - - // Support array or space separated string of keys - if ( Array.isArray( key ) ) { - - // If key is an array of keys... - // We always set camelCase keys, so remove that. - key = key.map( camelCase ); - } else { - key = camelCase( key ); - - // If a key with the spaces exists, use it. - // Otherwise, create an array by matching non-whitespace - key = key in cache ? - [ key ] : - ( key.match( rnothtmlwhite ) || [] ); - } - - i = key.length; - - while ( i-- ) { - delete cache[ key[ i ] ]; - } - } - - // Remove the expando if there's no more data - if ( key === undefined || jQuery.isEmptyObject( cache ) ) { - - // Support: Chrome <=35 - 45 - // Webkit & Blink performance suffers when deleting properties - // from DOM nodes, so set to undefined instead - // https://bugs.chromium.org/p/chromium/issues/detail?id=378607 (bug restricted) - if ( owner.nodeType ) { - owner[ this.expando ] = undefined; - } else { - delete owner[ this.expando ]; - } - } - }, - hasData: function( owner ) { - var cache = owner[ this.expando ]; - return cache !== undefined && !jQuery.isEmptyObject( cache ); - } -}; -var dataPriv = new Data(); - -var dataUser = new Data(); - - - -// Implementation Summary -// -// 1. Enforce API surface and semantic compatibility with 1.9.x branch -// 2. Improve the module's maintainability by reducing the storage -// paths to a single mechanism. -// 3. Use the same single mechanism to support "private" and "user" data. -// 4. _Never_ expose "private" data to user code (TODO: Drop _data, _removeData) -// 5. Avoid exposing implementation details on user objects (eg. expando properties) -// 6. Provide a clear path for implementation upgrade to WeakMap in 2014 - -var rbrace = /^(?:\{[\w\W]*\}|\[[\w\W]*\])$/, - rmultiDash = /[A-Z]/g; - -function getData( data ) { - if ( data === "true" ) { - return true; - } - - if ( data === "false" ) { - return false; - } - - if ( data === "null" ) { - return null; - } - - // Only convert to a number if it doesn't change the string - if ( data === +data + "" ) { - return +data; - } - - if ( rbrace.test( data ) ) { - return JSON.parse( data ); - } - - return data; -} - -function dataAttr( elem, key, data ) { - var name; - - // If nothing was found internally, try to fetch any - // data from the HTML5 data-* attribute - if ( data === undefined && elem.nodeType === 1 ) { - name = "data-" + key.replace( rmultiDash, "-$&" ).toLowerCase(); - data = elem.getAttribute( name ); - - if ( typeof data === "string" ) { - try { - data = getData( data ); - } catch ( e ) {} - - // Make sure we set the data so it isn't changed later - dataUser.set( elem, key, data ); - } else { - data = undefined; - } - } - return data; -} - -jQuery.extend( { - hasData: function( elem ) { - return dataUser.hasData( elem ) || dataPriv.hasData( elem ); - }, - - data: function( elem, name, data ) { - return dataUser.access( elem, name, data ); - }, - - removeData: function( elem, name ) { - dataUser.remove( elem, name ); - }, - - // TODO: Now that all calls to _data and _removeData have been replaced - // with direct calls to dataPriv methods, these can be deprecated. - _data: function( elem, name, data ) { - return dataPriv.access( elem, name, data ); - }, - - _removeData: function( elem, name ) { - dataPriv.remove( elem, name ); - } -} ); - -jQuery.fn.extend( { - data: function( key, value ) { - var i, name, data, - elem = this[ 0 ], - attrs = elem && elem.attributes; - - // Gets all values - if ( key === undefined ) { - if ( this.length ) { - data = dataUser.get( elem ); - - if ( elem.nodeType === 1 && !dataPriv.get( elem, "hasDataAttrs" ) ) { - i = attrs.length; - while ( i-- ) { - - // Support: IE 11 only - // The attrs elements can be null (#14894) - if ( attrs[ i ] ) { - name = attrs[ i ].name; - if ( name.indexOf( "data-" ) === 0 ) { - name = camelCase( name.slice( 5 ) ); - dataAttr( elem, name, data[ name ] ); - } - } - } - dataPriv.set( elem, "hasDataAttrs", true ); - } - } - - return data; - } - - // Sets multiple values - if ( typeof key === "object" ) { - return this.each( function() { - dataUser.set( this, key ); - } ); - } - - return access( this, function( value ) { - var data; - - // The calling jQuery object (element matches) is not empty - // (and therefore has an element appears at this[ 0 ]) and the - // `value` parameter was not undefined. An empty jQuery object - // will result in `undefined` for elem = this[ 0 ] which will - // throw an exception if an attempt to read a data cache is made. - if ( elem && value === undefined ) { - - // Attempt to get data from the cache - // The key will always be camelCased in Data - data = dataUser.get( elem, key ); - if ( data !== undefined ) { - return data; - } - - // Attempt to "discover" the data in - // HTML5 custom data-* attrs - data = dataAttr( elem, key ); - if ( data !== undefined ) { - return data; - } - - // We tried really hard, but the data doesn't exist. - return; - } - - // Set the data... - this.each( function() { - - // We always store the camelCased key - dataUser.set( this, key, value ); - } ); - }, null, value, arguments.length > 1, null, true ); - }, - - removeData: function( key ) { - return this.each( function() { - dataUser.remove( this, key ); - } ); - } -} ); - - -jQuery.extend( { - queue: function( elem, type, data ) { - var queue; - - if ( elem ) { - type = ( type || "fx" ) + "queue"; - queue = dataPriv.get( elem, type ); - - // Speed up dequeue by getting out quickly if this is just a lookup - if ( data ) { - if ( !queue || Array.isArray( data ) ) { - queue = dataPriv.access( elem, type, jQuery.makeArray( data ) ); - } else { - queue.push( data ); - } - } - return queue || []; - } - }, - - dequeue: function( elem, type ) { - type = type || "fx"; - - var queue = jQuery.queue( elem, type ), - startLength = queue.length, - fn = queue.shift(), - hooks = jQuery._queueHooks( elem, type ), - next = function() { - jQuery.dequeue( elem, type ); - }; - - // If the fx queue is dequeued, always remove the progress sentinel - if ( fn === "inprogress" ) { - fn = queue.shift(); - startLength--; - } - - if ( fn ) { - - // Add a progress sentinel to prevent the fx queue from being - // automatically dequeued - if ( type === "fx" ) { - queue.unshift( "inprogress" ); - } - - // Clear up the last queue stop function - delete hooks.stop; - fn.call( elem, next, hooks ); - } - - if ( !startLength && hooks ) { - hooks.empty.fire(); - } - }, - - // Not public - generate a queueHooks object, or return the current one - _queueHooks: function( elem, type ) { - var key = type + "queueHooks"; - return dataPriv.get( elem, key ) || dataPriv.access( elem, key, { - empty: jQuery.Callbacks( "once memory" ).add( function() { - dataPriv.remove( elem, [ type + "queue", key ] ); - } ) - } ); - } -} ); - -jQuery.fn.extend( { - queue: function( type, data ) { - var setter = 2; - - if ( typeof type !== "string" ) { - data = type; - type = "fx"; - setter--; - } - - if ( arguments.length < setter ) { - return jQuery.queue( this[ 0 ], type ); - } - - return data === undefined ? - this : - this.each( function() { - var queue = jQuery.queue( this, type, data ); - - // Ensure a hooks for this queue - jQuery._queueHooks( this, type ); - - if ( type === "fx" && queue[ 0 ] !== "inprogress" ) { - jQuery.dequeue( this, type ); - } - } ); - }, - dequeue: function( type ) { - return this.each( function() { - jQuery.dequeue( this, type ); - } ); - }, - clearQueue: function( type ) { - return this.queue( type || "fx", [] ); - }, - - // Get a promise resolved when queues of a certain type - // are emptied (fx is the type by default) - promise: function( type, obj ) { - var tmp, - count = 1, - defer = jQuery.Deferred(), - elements = this, - i = this.length, - resolve = function() { - if ( !( --count ) ) { - defer.resolveWith( elements, [ elements ] ); - } - }; - - if ( typeof type !== "string" ) { - obj = type; - type = undefined; - } - type = type || "fx"; - - while ( i-- ) { - tmp = dataPriv.get( elements[ i ], type + "queueHooks" ); - if ( tmp && tmp.empty ) { - count++; - tmp.empty.add( resolve ); - } - } - resolve(); - return defer.promise( obj ); - } -} ); -var pnum = ( /[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/ ).source; - -var rcssNum = new RegExp( "^(?:([+-])=|)(" + pnum + ")([a-z%]*)$", "i" ); - - -var cssExpand = [ "Top", "Right", "Bottom", "Left" ]; - -var documentElement = document.documentElement; - - - - var isAttached = function( elem ) { - return jQuery.contains( elem.ownerDocument, elem ); - }, - composed = { composed: true }; - - // Support: IE 9 - 11+, Edge 12 - 18+, iOS 10.0 - 10.2 only - // Check attachment across shadow DOM boundaries when possible (gh-3504) - // Support: iOS 10.0-10.2 only - // Early iOS 10 versions support `attachShadow` but not `getRootNode`, - // leading to errors. We need to check for `getRootNode`. - if ( documentElement.getRootNode ) { - isAttached = function( elem ) { - return jQuery.contains( elem.ownerDocument, elem ) || - elem.getRootNode( composed ) === elem.ownerDocument; - }; - } -var isHiddenWithinTree = function( elem, el ) { - - // isHiddenWithinTree might be called from jQuery#filter function; - // in that case, element will be second argument - elem = el || elem; - - // Inline style trumps all - return elem.style.display === "none" || - elem.style.display === "" && - - // Otherwise, check computed style - // Support: Firefox <=43 - 45 - // Disconnected elements can have computed display: none, so first confirm that elem is - // in the document. - isAttached( elem ) && - - jQuery.css( elem, "display" ) === "none"; - }; - - - -function adjustCSS( elem, prop, valueParts, tween ) { - var adjusted, scale, - maxIterations = 20, - currentValue = tween ? - function() { - return tween.cur(); - } : - function() { - return jQuery.css( elem, prop, "" ); - }, - initial = currentValue(), - unit = valueParts && valueParts[ 3 ] || ( jQuery.cssNumber[ prop ] ? "" : "px" ), - - // Starting value computation is required for potential unit mismatches - initialInUnit = elem.nodeType && - ( jQuery.cssNumber[ prop ] || unit !== "px" && +initial ) && - rcssNum.exec( jQuery.css( elem, prop ) ); - - if ( initialInUnit && initialInUnit[ 3 ] !== unit ) { - - // Support: Firefox <=54 - // Halve the iteration target value to prevent interference from CSS upper bounds (gh-2144) - initial = initial / 2; - - // Trust units reported by jQuery.css - unit = unit || initialInUnit[ 3 ]; - - // Iteratively approximate from a nonzero starting point - initialInUnit = +initial || 1; - - while ( maxIterations-- ) { - - // Evaluate and update our best guess (doubling guesses that zero out). - // Finish if the scale equals or crosses 1 (making the old*new product non-positive). - jQuery.style( elem, prop, initialInUnit + unit ); - if ( ( 1 - scale ) * ( 1 - ( scale = currentValue() / initial || 0.5 ) ) <= 0 ) { - maxIterations = 0; - } - initialInUnit = initialInUnit / scale; - - } - - initialInUnit = initialInUnit * 2; - jQuery.style( elem, prop, initialInUnit + unit ); - - // Make sure we update the tween properties later on - valueParts = valueParts || []; - } - - if ( valueParts ) { - initialInUnit = +initialInUnit || +initial || 0; - - // Apply relative offset (+=/-=) if specified - adjusted = valueParts[ 1 ] ? - initialInUnit + ( valueParts[ 1 ] + 1 ) * valueParts[ 2 ] : - +valueParts[ 2 ]; - if ( tween ) { - tween.unit = unit; - tween.start = initialInUnit; - tween.end = adjusted; - } - } - return adjusted; -} - - -var defaultDisplayMap = {}; - -function getDefaultDisplay( elem ) { - var temp, - doc = elem.ownerDocument, - nodeName = elem.nodeName, - display = defaultDisplayMap[ nodeName ]; - - if ( display ) { - return display; - } - - temp = doc.body.appendChild( doc.createElement( nodeName ) ); - display = jQuery.css( temp, "display" ); - - temp.parentNode.removeChild( temp ); - - if ( display === "none" ) { - display = "block"; - } - defaultDisplayMap[ nodeName ] = display; - - return display; -} - -function showHide( elements, show ) { - var display, elem, - values = [], - index = 0, - length = elements.length; - - // Determine new display value for elements that need to change - for ( ; index < length; index++ ) { - elem = elements[ index ]; - if ( !elem.style ) { - continue; - } - - display = elem.style.display; - if ( show ) { - - // Since we force visibility upon cascade-hidden elements, an immediate (and slow) - // check is required in this first loop unless we have a nonempty display value (either - // inline or about-to-be-restored) - if ( display === "none" ) { - values[ index ] = dataPriv.get( elem, "display" ) || null; - if ( !values[ index ] ) { - elem.style.display = ""; - } - } - if ( elem.style.display === "" && isHiddenWithinTree( elem ) ) { - values[ index ] = getDefaultDisplay( elem ); - } - } else { - if ( display !== "none" ) { - values[ index ] = "none"; - - // Remember what we're overwriting - dataPriv.set( elem, "display", display ); - } - } - } - - // Set the display of the elements in a second loop to avoid constant reflow - for ( index = 0; index < length; index++ ) { - if ( values[ index ] != null ) { - elements[ index ].style.display = values[ index ]; - } - } - - return elements; -} - -jQuery.fn.extend( { - show: function() { - return showHide( this, true ); - }, - hide: function() { - return showHide( this ); - }, - toggle: function( state ) { - if ( typeof state === "boolean" ) { - return state ? this.show() : this.hide(); - } - - return this.each( function() { - if ( isHiddenWithinTree( this ) ) { - jQuery( this ).show(); - } else { - jQuery( this ).hide(); - } - } ); - } -} ); -var rcheckableType = ( /^(?:checkbox|radio)$/i ); - -var rtagName = ( /<([a-z][^\/\0>\x20\t\r\n\f]*)/i ); - -var rscriptType = ( /^$|^module$|\/(?:java|ecma)script/i ); - - - -( function() { - var fragment = document.createDocumentFragment(), - div = fragment.appendChild( document.createElement( "div" ) ), - input = document.createElement( "input" ); - - // Support: Android 4.0 - 4.3 only - // Check state lost if the name is set (#11217) - // Support: Windows Web Apps (WWA) - // `name` and `type` must use .setAttribute for WWA (#14901) - input.setAttribute( "type", "radio" ); - input.setAttribute( "checked", "checked" ); - input.setAttribute( "name", "t" ); - - div.appendChild( input ); - - // Support: Android <=4.1 only - // Older WebKit doesn't clone checked state correctly in fragments - support.checkClone = div.cloneNode( true ).cloneNode( true ).lastChild.checked; - - // Support: IE <=11 only - // Make sure textarea (and checkbox) defaultValue is properly cloned - div.innerHTML = ""; - support.noCloneChecked = !!div.cloneNode( true ).lastChild.defaultValue; - - // Support: IE <=9 only - // IE <=9 replaces "; - support.option = !!div.lastChild; -} )(); - - -// We have to close these tags to support XHTML (#13200) -var wrapMap = { - - // XHTML parsers do not magically insert elements in the - // same way that tag soup parsers do. So we cannot shorten - // this by omitting or other required elements. - thead: [ 1, "", "
" ], - col: [ 2, "", "
" ], - tr: [ 2, "", "
" ], - td: [ 3, "", "
" ], - - _default: [ 0, "", "" ] -}; - -wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead; -wrapMap.th = wrapMap.td; - -// Support: IE <=9 only -if ( !support.option ) { - wrapMap.optgroup = wrapMap.option = [ 1, "" ]; -} - - -function getAll( context, tag ) { - - // Support: IE <=9 - 11 only - // Use typeof to avoid zero-argument method invocation on host objects (#15151) - var ret; - - if ( typeof context.getElementsByTagName !== "undefined" ) { - ret = context.getElementsByTagName( tag || "*" ); - - } else if ( typeof context.querySelectorAll !== "undefined" ) { - ret = context.querySelectorAll( tag || "*" ); - - } else { - ret = []; - } - - if ( tag === undefined || tag && nodeName( context, tag ) ) { - return jQuery.merge( [ context ], ret ); - } - - return ret; -} - - -// Mark scripts as having already been evaluated -function setGlobalEval( elems, refElements ) { - var i = 0, - l = elems.length; - - for ( ; i < l; i++ ) { - dataPriv.set( - elems[ i ], - "globalEval", - !refElements || dataPriv.get( refElements[ i ], "globalEval" ) - ); - } -} - - -var rhtml = /<|&#?\w+;/; - -function buildFragment( elems, context, scripts, selection, ignored ) { - var elem, tmp, tag, wrap, attached, j, - fragment = context.createDocumentFragment(), - nodes = [], - i = 0, - l = elems.length; - - for ( ; i < l; i++ ) { - elem = elems[ i ]; - - if ( elem || elem === 0 ) { - - // Add nodes directly - if ( toType( elem ) === "object" ) { - - // Support: Android <=4.0 only, PhantomJS 1 only - // push.apply(_, arraylike) throws on ancient WebKit - jQuery.merge( nodes, elem.nodeType ? [ elem ] : elem ); - - // Convert non-html into a text node - } else if ( !rhtml.test( elem ) ) { - nodes.push( context.createTextNode( elem ) ); - - // Convert html into DOM nodes - } else { - tmp = tmp || fragment.appendChild( context.createElement( "div" ) ); - - // Deserialize a standard representation - tag = ( rtagName.exec( elem ) || [ "", "" ] )[ 1 ].toLowerCase(); - wrap = wrapMap[ tag ] || wrapMap._default; - tmp.innerHTML = wrap[ 1 ] + jQuery.htmlPrefilter( elem ) + wrap[ 2 ]; - - // Descend through wrappers to the right content - j = wrap[ 0 ]; - while ( j-- ) { - tmp = tmp.lastChild; - } - - // Support: Android <=4.0 only, PhantomJS 1 only - // push.apply(_, arraylike) throws on ancient WebKit - jQuery.merge( nodes, tmp.childNodes ); - - // Remember the top-level container - tmp = fragment.firstChild; - - // Ensure the created nodes are orphaned (#12392) - tmp.textContent = ""; - } - } - } - - // Remove wrapper from fragment - fragment.textContent = ""; - - i = 0; - while ( ( elem = nodes[ i++ ] ) ) { - - // Skip elements already in the context collection (trac-4087) - if ( selection && jQuery.inArray( elem, selection ) > -1 ) { - if ( ignored ) { - ignored.push( elem ); - } - continue; - } - - attached = isAttached( elem ); - - // Append to fragment - tmp = getAll( fragment.appendChild( elem ), "script" ); - - // Preserve script evaluation history - if ( attached ) { - setGlobalEval( tmp ); - } - - // Capture executables - if ( scripts ) { - j = 0; - while ( ( elem = tmp[ j++ ] ) ) { - if ( rscriptType.test( elem.type || "" ) ) { - scripts.push( elem ); - } - } - } - } - - return fragment; -} - - -var - rkeyEvent = /^key/, - rmouseEvent = /^(?:mouse|pointer|contextmenu|drag|drop)|click/, - rtypenamespace = /^([^.]*)(?:\.(.+)|)/; - -function returnTrue() { - return true; -} - -function returnFalse() { - return false; -} - -// Support: IE <=9 - 11+ -// focus() and blur() are asynchronous, except when they are no-op. -// So expect focus to be synchronous when the element is already active, -// and blur to be synchronous when the element is not already active. -// (focus and blur are always synchronous in other supported browsers, -// this just defines when we can count on it). -function expectSync( elem, type ) { - return ( elem === safeActiveElement() ) === ( type === "focus" ); -} - -// Support: IE <=9 only -// Accessing document.activeElement can throw unexpectedly -// https://bugs.jquery.com/ticket/13393 -function safeActiveElement() { - try { - return document.activeElement; - } catch ( err ) { } -} - -function on( elem, types, selector, data, fn, one ) { - var origFn, type; - - // Types can be a map of types/handlers - if ( typeof types === "object" ) { - - // ( types-Object, selector, data ) - if ( typeof selector !== "string" ) { - - // ( types-Object, data ) - data = data || selector; - selector = undefined; - } - for ( type in types ) { - on( elem, type, selector, data, types[ type ], one ); - } - return elem; - } - - if ( data == null && fn == null ) { - - // ( types, fn ) - fn = selector; - data = selector = undefined; - } else if ( fn == null ) { - if ( typeof selector === "string" ) { - - // ( types, selector, fn ) - fn = data; - data = undefined; - } else { - - // ( types, data, fn ) - fn = data; - data = selector; - selector = undefined; - } - } - if ( fn === false ) { - fn = returnFalse; - } else if ( !fn ) { - return elem; - } - - if ( one === 1 ) { - origFn = fn; - fn = function( event ) { - - // Can use an empty set, since event contains the info - jQuery().off( event ); - return origFn.apply( this, arguments ); - }; - - // Use same guid so caller can remove using origFn - fn.guid = origFn.guid || ( origFn.guid = jQuery.guid++ ); - } - return elem.each( function() { - jQuery.event.add( this, types, fn, data, selector ); - } ); -} - -/* - * Helper functions for managing events -- not part of the public interface. - * Props to Dean Edwards' addEvent library for many of the ideas. - */ -jQuery.event = { - - global: {}, - - add: function( elem, types, handler, data, selector ) { - - var handleObjIn, eventHandle, tmp, - events, t, handleObj, - special, handlers, type, namespaces, origType, - elemData = dataPriv.get( elem ); - - // Only attach events to objects that accept data - if ( !acceptData( elem ) ) { - return; - } - - // Caller can pass in an object of custom data in lieu of the handler - if ( handler.handler ) { - handleObjIn = handler; - handler = handleObjIn.handler; - selector = handleObjIn.selector; - } - - // Ensure that invalid selectors throw exceptions at attach time - // Evaluate against documentElement in case elem is a non-element node (e.g., document) - if ( selector ) { - jQuery.find.matchesSelector( documentElement, selector ); - } - - // Make sure that the handler has a unique ID, used to find/remove it later - if ( !handler.guid ) { - handler.guid = jQuery.guid++; - } - - // Init the element's event structure and main handler, if this is the first - if ( !( events = elemData.events ) ) { - events = elemData.events = Object.create( null ); - } - if ( !( eventHandle = elemData.handle ) ) { - eventHandle = elemData.handle = function( e ) { - - // Discard the second event of a jQuery.event.trigger() and - // when an event is called after a page has unloaded - return typeof jQuery !== "undefined" && jQuery.event.triggered !== e.type ? - jQuery.event.dispatch.apply( elem, arguments ) : undefined; - }; - } - - // Handle multiple events separated by a space - types = ( types || "" ).match( rnothtmlwhite ) || [ "" ]; - t = types.length; - while ( t-- ) { - tmp = rtypenamespace.exec( types[ t ] ) || []; - type = origType = tmp[ 1 ]; - namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort(); - - // There *must* be a type, no attaching namespace-only handlers - if ( !type ) { - continue; - } - - // If event changes its type, use the special event handlers for the changed type - special = jQuery.event.special[ type ] || {}; - - // If selector defined, determine special event api type, otherwise given type - type = ( selector ? special.delegateType : special.bindType ) || type; - - // Update special based on newly reset type - special = jQuery.event.special[ type ] || {}; - - // handleObj is passed to all event handlers - handleObj = jQuery.extend( { - type: type, - origType: origType, - data: data, - handler: handler, - guid: handler.guid, - selector: selector, - needsContext: selector && jQuery.expr.match.needsContext.test( selector ), - namespace: namespaces.join( "." ) - }, handleObjIn ); - - // Init the event handler queue if we're the first - if ( !( handlers = events[ type ] ) ) { - handlers = events[ type ] = []; - handlers.delegateCount = 0; - - // Only use addEventListener if the special events handler returns false - if ( !special.setup || - special.setup.call( elem, data, namespaces, eventHandle ) === false ) { - - if ( elem.addEventListener ) { - elem.addEventListener( type, eventHandle ); - } - } - } - - if ( special.add ) { - special.add.call( elem, handleObj ); - - if ( !handleObj.handler.guid ) { - handleObj.handler.guid = handler.guid; - } - } - - // Add to the element's handler list, delegates in front - if ( selector ) { - handlers.splice( handlers.delegateCount++, 0, handleObj ); - } else { - handlers.push( handleObj ); - } - - // Keep track of which events have ever been used, for event optimization - jQuery.event.global[ type ] = true; - } - - }, - - // Detach an event or set of events from an element - remove: function( elem, types, handler, selector, mappedTypes ) { - - var j, origCount, tmp, - events, t, handleObj, - special, handlers, type, namespaces, origType, - elemData = dataPriv.hasData( elem ) && dataPriv.get( elem ); - - if ( !elemData || !( events = elemData.events ) ) { - return; - } - - // Once for each type.namespace in types; type may be omitted - types = ( types || "" ).match( rnothtmlwhite ) || [ "" ]; - t = types.length; - while ( t-- ) { - tmp = rtypenamespace.exec( types[ t ] ) || []; - type = origType = tmp[ 1 ]; - namespaces = ( tmp[ 2 ] || "" ).split( "." ).sort(); - - // Unbind all events (on this namespace, if provided) for the element - if ( !type ) { - for ( type in events ) { - jQuery.event.remove( elem, type + types[ t ], handler, selector, true ); - } - continue; - } - - special = jQuery.event.special[ type ] || {}; - type = ( selector ? special.delegateType : special.bindType ) || type; - handlers = events[ type ] || []; - tmp = tmp[ 2 ] && - new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" ); - - // Remove matching events - origCount = j = handlers.length; - while ( j-- ) { - handleObj = handlers[ j ]; - - if ( ( mappedTypes || origType === handleObj.origType ) && - ( !handler || handler.guid === handleObj.guid ) && - ( !tmp || tmp.test( handleObj.namespace ) ) && - ( !selector || selector === handleObj.selector || - selector === "**" && handleObj.selector ) ) { - handlers.splice( j, 1 ); - - if ( handleObj.selector ) { - handlers.delegateCount--; - } - if ( special.remove ) { - special.remove.call( elem, handleObj ); - } - } - } - - // Remove generic event handler if we removed something and no more handlers exist - // (avoids potential for endless recursion during removal of special event handlers) - if ( origCount && !handlers.length ) { - if ( !special.teardown || - special.teardown.call( elem, namespaces, elemData.handle ) === false ) { - - jQuery.removeEvent( elem, type, elemData.handle ); - } - - delete events[ type ]; - } - } - - // Remove data and the expando if it's no longer used - if ( jQuery.isEmptyObject( events ) ) { - dataPriv.remove( elem, "handle events" ); - } - }, - - dispatch: function( nativeEvent ) { - - var i, j, ret, matched, handleObj, handlerQueue, - args = new Array( arguments.length ), - - // Make a writable jQuery.Event from the native event object - event = jQuery.event.fix( nativeEvent ), - - handlers = ( - dataPriv.get( this, "events" ) || Object.create( null ) - )[ event.type ] || [], - special = jQuery.event.special[ event.type ] || {}; - - // Use the fix-ed jQuery.Event rather than the (read-only) native event - args[ 0 ] = event; - - for ( i = 1; i < arguments.length; i++ ) { - args[ i ] = arguments[ i ]; - } - - event.delegateTarget = this; - - // Call the preDispatch hook for the mapped type, and let it bail if desired - if ( special.preDispatch && special.preDispatch.call( this, event ) === false ) { - return; - } - - // Determine handlers - handlerQueue = jQuery.event.handlers.call( this, event, handlers ); - - // Run delegates first; they may want to stop propagation beneath us - i = 0; - while ( ( matched = handlerQueue[ i++ ] ) && !event.isPropagationStopped() ) { - event.currentTarget = matched.elem; - - j = 0; - while ( ( handleObj = matched.handlers[ j++ ] ) && - !event.isImmediatePropagationStopped() ) { - - // If the event is namespaced, then each handler is only invoked if it is - // specially universal or its namespaces are a superset of the event's. - if ( !event.rnamespace || handleObj.namespace === false || - event.rnamespace.test( handleObj.namespace ) ) { - - event.handleObj = handleObj; - event.data = handleObj.data; - - ret = ( ( jQuery.event.special[ handleObj.origType ] || {} ).handle || - handleObj.handler ).apply( matched.elem, args ); - - if ( ret !== undefined ) { - if ( ( event.result = ret ) === false ) { - event.preventDefault(); - event.stopPropagation(); - } - } - } - } - } - - // Call the postDispatch hook for the mapped type - if ( special.postDispatch ) { - special.postDispatch.call( this, event ); - } - - return event.result; - }, - - handlers: function( event, handlers ) { - var i, handleObj, sel, matchedHandlers, matchedSelectors, - handlerQueue = [], - delegateCount = handlers.delegateCount, - cur = event.target; - - // Find delegate handlers - if ( delegateCount && - - // Support: IE <=9 - // Black-hole SVG instance trees (trac-13180) - cur.nodeType && - - // Support: Firefox <=42 - // Suppress spec-violating clicks indicating a non-primary pointer button (trac-3861) - // https://www.w3.org/TR/DOM-Level-3-Events/#event-type-click - // Support: IE 11 only - // ...but not arrow key "clicks" of radio inputs, which can have `button` -1 (gh-2343) - !( event.type === "click" && event.button >= 1 ) ) { - - for ( ; cur !== this; cur = cur.parentNode || this ) { - - // Don't check non-elements (#13208) - // Don't process clicks on disabled elements (#6911, #8165, #11382, #11764) - if ( cur.nodeType === 1 && !( event.type === "click" && cur.disabled === true ) ) { - matchedHandlers = []; - matchedSelectors = {}; - for ( i = 0; i < delegateCount; i++ ) { - handleObj = handlers[ i ]; - - // Don't conflict with Object.prototype properties (#13203) - sel = handleObj.selector + " "; - - if ( matchedSelectors[ sel ] === undefined ) { - matchedSelectors[ sel ] = handleObj.needsContext ? - jQuery( sel, this ).index( cur ) > -1 : - jQuery.find( sel, this, null, [ cur ] ).length; - } - if ( matchedSelectors[ sel ] ) { - matchedHandlers.push( handleObj ); - } - } - if ( matchedHandlers.length ) { - handlerQueue.push( { elem: cur, handlers: matchedHandlers } ); - } - } - } - } - - // Add the remaining (directly-bound) handlers - cur = this; - if ( delegateCount < handlers.length ) { - handlerQueue.push( { elem: cur, handlers: handlers.slice( delegateCount ) } ); - } - - return handlerQueue; - }, - - addProp: function( name, hook ) { - Object.defineProperty( jQuery.Event.prototype, name, { - enumerable: true, - configurable: true, - - get: isFunction( hook ) ? - function() { - if ( this.originalEvent ) { - return hook( this.originalEvent ); - } - } : - function() { - if ( this.originalEvent ) { - return this.originalEvent[ name ]; - } - }, - - set: function( value ) { - Object.defineProperty( this, name, { - enumerable: true, - configurable: true, - writable: true, - value: value - } ); - } - } ); - }, - - fix: function( originalEvent ) { - return originalEvent[ jQuery.expando ] ? - originalEvent : - new jQuery.Event( originalEvent ); - }, - - special: { - load: { - - // Prevent triggered image.load events from bubbling to window.load - noBubble: true - }, - click: { - - // Utilize native event to ensure correct state for checkable inputs - setup: function( data ) { - - // For mutual compressibility with _default, replace `this` access with a local var. - // `|| data` is dead code meant only to preserve the variable through minification. - var el = this || data; - - // Claim the first handler - if ( rcheckableType.test( el.type ) && - el.click && nodeName( el, "input" ) ) { - - // dataPriv.set( el, "click", ... ) - leverageNative( el, "click", returnTrue ); - } - - // Return false to allow normal processing in the caller - return false; - }, - trigger: function( data ) { - - // For mutual compressibility with _default, replace `this` access with a local var. - // `|| data` is dead code meant only to preserve the variable through minification. - var el = this || data; - - // Force setup before triggering a click - if ( rcheckableType.test( el.type ) && - el.click && nodeName( el, "input" ) ) { - - leverageNative( el, "click" ); - } - - // Return non-false to allow normal event-path propagation - return true; - }, - - // For cross-browser consistency, suppress native .click() on links - // Also prevent it if we're currently inside a leveraged native-event stack - _default: function( event ) { - var target = event.target; - return rcheckableType.test( target.type ) && - target.click && nodeName( target, "input" ) && - dataPriv.get( target, "click" ) || - nodeName( target, "a" ); - } - }, - - beforeunload: { - postDispatch: function( event ) { - - // Support: Firefox 20+ - // Firefox doesn't alert if the returnValue field is not set. - if ( event.result !== undefined && event.originalEvent ) { - event.originalEvent.returnValue = event.result; - } - } - } - } -}; - -// Ensure the presence of an event listener that handles manually-triggered -// synthetic events by interrupting progress until reinvoked in response to -// *native* events that it fires directly, ensuring that state changes have -// already occurred before other listeners are invoked. -function leverageNative( el, type, expectSync ) { - - // Missing expectSync indicates a trigger call, which must force setup through jQuery.event.add - if ( !expectSync ) { - if ( dataPriv.get( el, type ) === undefined ) { - jQuery.event.add( el, type, returnTrue ); - } - return; - } - - // Register the controller as a special universal handler for all event namespaces - dataPriv.set( el, type, false ); - jQuery.event.add( el, type, { - namespace: false, - handler: function( event ) { - var notAsync, result, - saved = dataPriv.get( this, type ); - - if ( ( event.isTrigger & 1 ) && this[ type ] ) { - - // Interrupt processing of the outer synthetic .trigger()ed event - // Saved data should be false in such cases, but might be a leftover capture object - // from an async native handler (gh-4350) - if ( !saved.length ) { - - // Store arguments for use when handling the inner native event - // There will always be at least one argument (an event object), so this array - // will not be confused with a leftover capture object. - saved = slice.call( arguments ); - dataPriv.set( this, type, saved ); - - // Trigger the native event and capture its result - // Support: IE <=9 - 11+ - // focus() and blur() are asynchronous - notAsync = expectSync( this, type ); - this[ type ](); - result = dataPriv.get( this, type ); - if ( saved !== result || notAsync ) { - dataPriv.set( this, type, false ); - } else { - result = {}; - } - if ( saved !== result ) { - - // Cancel the outer synthetic event - event.stopImmediatePropagation(); - event.preventDefault(); - return result.value; - } - - // If this is an inner synthetic event for an event with a bubbling surrogate - // (focus or blur), assume that the surrogate already propagated from triggering the - // native event and prevent that from happening again here. - // This technically gets the ordering wrong w.r.t. to `.trigger()` (in which the - // bubbling surrogate propagates *after* the non-bubbling base), but that seems - // less bad than duplication. - } else if ( ( jQuery.event.special[ type ] || {} ).delegateType ) { - event.stopPropagation(); - } - - // If this is a native event triggered above, everything is now in order - // Fire an inner synthetic event with the original arguments - } else if ( saved.length ) { - - // ...and capture the result - dataPriv.set( this, type, { - value: jQuery.event.trigger( - - // Support: IE <=9 - 11+ - // Extend with the prototype to reset the above stopImmediatePropagation() - jQuery.extend( saved[ 0 ], jQuery.Event.prototype ), - saved.slice( 1 ), - this - ) - } ); - - // Abort handling of the native event - event.stopImmediatePropagation(); - } - } - } ); -} - -jQuery.removeEvent = function( elem, type, handle ) { - - // This "if" is needed for plain objects - if ( elem.removeEventListener ) { - elem.removeEventListener( type, handle ); - } -}; - -jQuery.Event = function( src, props ) { - - // Allow instantiation without the 'new' keyword - if ( !( this instanceof jQuery.Event ) ) { - return new jQuery.Event( src, props ); - } - - // Event object - if ( src && src.type ) { - this.originalEvent = src; - this.type = src.type; - - // Events bubbling up the document may have been marked as prevented - // by a handler lower down the tree; reflect the correct value. - this.isDefaultPrevented = src.defaultPrevented || - src.defaultPrevented === undefined && - - // Support: Android <=2.3 only - src.returnValue === false ? - returnTrue : - returnFalse; - - // Create target properties - // Support: Safari <=6 - 7 only - // Target should not be a text node (#504, #13143) - this.target = ( src.target && src.target.nodeType === 3 ) ? - src.target.parentNode : - src.target; - - this.currentTarget = src.currentTarget; - this.relatedTarget = src.relatedTarget; - - // Event type - } else { - this.type = src; - } - - // Put explicitly provided properties onto the event object - if ( props ) { - jQuery.extend( this, props ); - } - - // Create a timestamp if incoming event doesn't have one - this.timeStamp = src && src.timeStamp || Date.now(); - - // Mark it as fixed - this[ jQuery.expando ] = true; -}; - -// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding -// https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html -jQuery.Event.prototype = { - constructor: jQuery.Event, - isDefaultPrevented: returnFalse, - isPropagationStopped: returnFalse, - isImmediatePropagationStopped: returnFalse, - isSimulated: false, - - preventDefault: function() { - var e = this.originalEvent; - - this.isDefaultPrevented = returnTrue; - - if ( e && !this.isSimulated ) { - e.preventDefault(); - } - }, - stopPropagation: function() { - var e = this.originalEvent; - - this.isPropagationStopped = returnTrue; - - if ( e && !this.isSimulated ) { - e.stopPropagation(); - } - }, - stopImmediatePropagation: function() { - var e = this.originalEvent; - - this.isImmediatePropagationStopped = returnTrue; - - if ( e && !this.isSimulated ) { - e.stopImmediatePropagation(); - } - - this.stopPropagation(); - } -}; - -// Includes all common event props including KeyEvent and MouseEvent specific props -jQuery.each( { - altKey: true, - bubbles: true, - cancelable: true, - changedTouches: true, - ctrlKey: true, - detail: true, - eventPhase: true, - metaKey: true, - pageX: true, - pageY: true, - shiftKey: true, - view: true, - "char": true, - code: true, - charCode: true, - key: true, - keyCode: true, - button: true, - buttons: true, - clientX: true, - clientY: true, - offsetX: true, - offsetY: true, - pointerId: true, - pointerType: true, - screenX: true, - screenY: true, - targetTouches: true, - toElement: true, - touches: true, - - which: function( event ) { - var button = event.button; - - // Add which for key events - if ( event.which == null && rkeyEvent.test( event.type ) ) { - return event.charCode != null ? event.charCode : event.keyCode; - } - - // Add which for click: 1 === left; 2 === middle; 3 === right - if ( !event.which && button !== undefined && rmouseEvent.test( event.type ) ) { - if ( button & 1 ) { - return 1; - } - - if ( button & 2 ) { - return 3; - } - - if ( button & 4 ) { - return 2; - } - - return 0; - } - - return event.which; - } -}, jQuery.event.addProp ); - -jQuery.each( { focus: "focusin", blur: "focusout" }, function( type, delegateType ) { - jQuery.event.special[ type ] = { - - // Utilize native event if possible so blur/focus sequence is correct - setup: function() { - - // Claim the first handler - // dataPriv.set( this, "focus", ... ) - // dataPriv.set( this, "blur", ... ) - leverageNative( this, type, expectSync ); - - // Return false to allow normal processing in the caller - return false; - }, - trigger: function() { - - // Force setup before trigger - leverageNative( this, type ); - - // Return non-false to allow normal event-path propagation - return true; - }, - - delegateType: delegateType - }; -} ); - -// Create mouseenter/leave events using mouseover/out and event-time checks -// so that event delegation works in jQuery. -// Do the same for pointerenter/pointerleave and pointerover/pointerout -// -// Support: Safari 7 only -// Safari sends mouseenter too often; see: -// https://bugs.chromium.org/p/chromium/issues/detail?id=470258 -// for the description of the bug (it existed in older Chrome versions as well). -jQuery.each( { - mouseenter: "mouseover", - mouseleave: "mouseout", - pointerenter: "pointerover", - pointerleave: "pointerout" -}, function( orig, fix ) { - jQuery.event.special[ orig ] = { - delegateType: fix, - bindType: fix, - - handle: function( event ) { - var ret, - target = this, - related = event.relatedTarget, - handleObj = event.handleObj; - - // For mouseenter/leave call the handler if related is outside the target. - // NB: No relatedTarget if the mouse left/entered the browser window - if ( !related || ( related !== target && !jQuery.contains( target, related ) ) ) { - event.type = handleObj.origType; - ret = handleObj.handler.apply( this, arguments ); - event.type = fix; - } - return ret; - } - }; -} ); - -jQuery.fn.extend( { - - on: function( types, selector, data, fn ) { - return on( this, types, selector, data, fn ); - }, - one: function( types, selector, data, fn ) { - return on( this, types, selector, data, fn, 1 ); - }, - off: function( types, selector, fn ) { - var handleObj, type; - if ( types && types.preventDefault && types.handleObj ) { - - // ( event ) dispatched jQuery.Event - handleObj = types.handleObj; - jQuery( types.delegateTarget ).off( - handleObj.namespace ? - handleObj.origType + "." + handleObj.namespace : - handleObj.origType, - handleObj.selector, - handleObj.handler - ); - return this; - } - if ( typeof types === "object" ) { - - // ( types-object [, selector] ) - for ( type in types ) { - this.off( type, selector, types[ type ] ); - } - return this; - } - if ( selector === false || typeof selector === "function" ) { - - // ( types [, fn] ) - fn = selector; - selector = undefined; - } - if ( fn === false ) { - fn = returnFalse; - } - return this.each( function() { - jQuery.event.remove( this, types, fn, selector ); - } ); - } -} ); - - -var - - // Support: IE <=10 - 11, Edge 12 - 13 only - // In IE/Edge using regex groups here causes severe slowdowns. - // See https://connect.microsoft.com/IE/feedback/details/1736512/ - rnoInnerhtml = /\s*$/g; - -// Prefer a tbody over its parent table for containing new rows -function manipulationTarget( elem, content ) { - if ( nodeName( elem, "table" ) && - nodeName( content.nodeType !== 11 ? content : content.firstChild, "tr" ) ) { - - return jQuery( elem ).children( "tbody" )[ 0 ] || elem; - } - - return elem; -} - -// Replace/restore the type attribute of script elements for safe DOM manipulation -function disableScript( elem ) { - elem.type = ( elem.getAttribute( "type" ) !== null ) + "/" + elem.type; - return elem; -} -function restoreScript( elem ) { - if ( ( elem.type || "" ).slice( 0, 5 ) === "true/" ) { - elem.type = elem.type.slice( 5 ); - } else { - elem.removeAttribute( "type" ); - } - - return elem; -} - -function cloneCopyEvent( src, dest ) { - var i, l, type, pdataOld, udataOld, udataCur, events; - - if ( dest.nodeType !== 1 ) { - return; - } - - // 1. Copy private data: events, handlers, etc. - if ( dataPriv.hasData( src ) ) { - pdataOld = dataPriv.get( src ); - events = pdataOld.events; - - if ( events ) { - dataPriv.remove( dest, "handle events" ); - - for ( type in events ) { - for ( i = 0, l = events[ type ].length; i < l; i++ ) { - jQuery.event.add( dest, type, events[ type ][ i ] ); - } - } - } - } - - // 2. Copy user data - if ( dataUser.hasData( src ) ) { - udataOld = dataUser.access( src ); - udataCur = jQuery.extend( {}, udataOld ); - - dataUser.set( dest, udataCur ); - } -} - -// Fix IE bugs, see support tests -function fixInput( src, dest ) { - var nodeName = dest.nodeName.toLowerCase(); - - // Fails to persist the checked state of a cloned checkbox or radio button. - if ( nodeName === "input" && rcheckableType.test( src.type ) ) { - dest.checked = src.checked; - - // Fails to return the selected option to the default selected state when cloning options - } else if ( nodeName === "input" || nodeName === "textarea" ) { - dest.defaultValue = src.defaultValue; - } -} - -function domManip( collection, args, callback, ignored ) { - - // Flatten any nested arrays - args = flat( args ); - - var fragment, first, scripts, hasScripts, node, doc, - i = 0, - l = collection.length, - iNoClone = l - 1, - value = args[ 0 ], - valueIsFunction = isFunction( value ); - - // We can't cloneNode fragments that contain checked, in WebKit - if ( valueIsFunction || - ( l > 1 && typeof value === "string" && - !support.checkClone && rchecked.test( value ) ) ) { - return collection.each( function( index ) { - var self = collection.eq( index ); - if ( valueIsFunction ) { - args[ 0 ] = value.call( this, index, self.html() ); - } - domManip( self, args, callback, ignored ); - } ); - } - - if ( l ) { - fragment = buildFragment( args, collection[ 0 ].ownerDocument, false, collection, ignored ); - first = fragment.firstChild; - - if ( fragment.childNodes.length === 1 ) { - fragment = first; - } - - // Require either new content or an interest in ignored elements to invoke the callback - if ( first || ignored ) { - scripts = jQuery.map( getAll( fragment, "script" ), disableScript ); - hasScripts = scripts.length; - - // Use the original fragment for the last item - // instead of the first because it can end up - // being emptied incorrectly in certain situations (#8070). - for ( ; i < l; i++ ) { - node = fragment; - - if ( i !== iNoClone ) { - node = jQuery.clone( node, true, true ); - - // Keep references to cloned scripts for later restoration - if ( hasScripts ) { - - // Support: Android <=4.0 only, PhantomJS 1 only - // push.apply(_, arraylike) throws on ancient WebKit - jQuery.merge( scripts, getAll( node, "script" ) ); - } - } - - callback.call( collection[ i ], node, i ); - } - - if ( hasScripts ) { - doc = scripts[ scripts.length - 1 ].ownerDocument; - - // Reenable scripts - jQuery.map( scripts, restoreScript ); - - // Evaluate executable scripts on first document insertion - for ( i = 0; i < hasScripts; i++ ) { - node = scripts[ i ]; - if ( rscriptType.test( node.type || "" ) && - !dataPriv.access( node, "globalEval" ) && - jQuery.contains( doc, node ) ) { - - if ( node.src && ( node.type || "" ).toLowerCase() !== "module" ) { - - // Optional AJAX dependency, but won't run scripts if not present - if ( jQuery._evalUrl && !node.noModule ) { - jQuery._evalUrl( node.src, { - nonce: node.nonce || node.getAttribute( "nonce" ) - }, doc ); - } - } else { - DOMEval( node.textContent.replace( rcleanScript, "" ), node, doc ); - } - } - } - } - } - } - - return collection; -} - -function remove( elem, selector, keepData ) { - var node, - nodes = selector ? jQuery.filter( selector, elem ) : elem, - i = 0; - - for ( ; ( node = nodes[ i ] ) != null; i++ ) { - if ( !keepData && node.nodeType === 1 ) { - jQuery.cleanData( getAll( node ) ); - } - - if ( node.parentNode ) { - if ( keepData && isAttached( node ) ) { - setGlobalEval( getAll( node, "script" ) ); - } - node.parentNode.removeChild( node ); - } - } - - return elem; -} - -jQuery.extend( { - htmlPrefilter: function( html ) { - return html; - }, - - clone: function( elem, dataAndEvents, deepDataAndEvents ) { - var i, l, srcElements, destElements, - clone = elem.cloneNode( true ), - inPage = isAttached( elem ); - - // Fix IE cloning issues - if ( !support.noCloneChecked && ( elem.nodeType === 1 || elem.nodeType === 11 ) && - !jQuery.isXMLDoc( elem ) ) { - - // We eschew Sizzle here for performance reasons: https://jsperf.com/getall-vs-sizzle/2 - destElements = getAll( clone ); - srcElements = getAll( elem ); - - for ( i = 0, l = srcElements.length; i < l; i++ ) { - fixInput( srcElements[ i ], destElements[ i ] ); - } - } - - // Copy the events from the original to the clone - if ( dataAndEvents ) { - if ( deepDataAndEvents ) { - srcElements = srcElements || getAll( elem ); - destElements = destElements || getAll( clone ); - - for ( i = 0, l = srcElements.length; i < l; i++ ) { - cloneCopyEvent( srcElements[ i ], destElements[ i ] ); - } - } else { - cloneCopyEvent( elem, clone ); - } - } - - // Preserve script evaluation history - destElements = getAll( clone, "script" ); - if ( destElements.length > 0 ) { - setGlobalEval( destElements, !inPage && getAll( elem, "script" ) ); - } - - // Return the cloned set - return clone; - }, - - cleanData: function( elems ) { - var data, elem, type, - special = jQuery.event.special, - i = 0; - - for ( ; ( elem = elems[ i ] ) !== undefined; i++ ) { - if ( acceptData( elem ) ) { - if ( ( data = elem[ dataPriv.expando ] ) ) { - if ( data.events ) { - for ( type in data.events ) { - if ( special[ type ] ) { - jQuery.event.remove( elem, type ); - - // This is a shortcut to avoid jQuery.event.remove's overhead - } else { - jQuery.removeEvent( elem, type, data.handle ); - } - } - } - - // Support: Chrome <=35 - 45+ - // Assign undefined instead of using delete, see Data#remove - elem[ dataPriv.expando ] = undefined; - } - if ( elem[ dataUser.expando ] ) { - - // Support: Chrome <=35 - 45+ - // Assign undefined instead of using delete, see Data#remove - elem[ dataUser.expando ] = undefined; - } - } - } - } -} ); - -jQuery.fn.extend( { - detach: function( selector ) { - return remove( this, selector, true ); - }, - - remove: function( selector ) { - return remove( this, selector ); - }, - - text: function( value ) { - return access( this, function( value ) { - return value === undefined ? - jQuery.text( this ) : - this.empty().each( function() { - if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) { - this.textContent = value; - } - } ); - }, null, value, arguments.length ); - }, - - append: function() { - return domManip( this, arguments, function( elem ) { - if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) { - var target = manipulationTarget( this, elem ); - target.appendChild( elem ); - } - } ); - }, - - prepend: function() { - return domManip( this, arguments, function( elem ) { - if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) { - var target = manipulationTarget( this, elem ); - target.insertBefore( elem, target.firstChild ); - } - } ); - }, - - before: function() { - return domManip( this, arguments, function( elem ) { - if ( this.parentNode ) { - this.parentNode.insertBefore( elem, this ); - } - } ); - }, - - after: function() { - return domManip( this, arguments, function( elem ) { - if ( this.parentNode ) { - this.parentNode.insertBefore( elem, this.nextSibling ); - } - } ); - }, - - empty: function() { - var elem, - i = 0; - - for ( ; ( elem = this[ i ] ) != null; i++ ) { - if ( elem.nodeType === 1 ) { - - // Prevent memory leaks - jQuery.cleanData( getAll( elem, false ) ); - - // Remove any remaining nodes - elem.textContent = ""; - } - } - - return this; - }, - - clone: function( dataAndEvents, deepDataAndEvents ) { - dataAndEvents = dataAndEvents == null ? false : dataAndEvents; - deepDataAndEvents = deepDataAndEvents == null ? dataAndEvents : deepDataAndEvents; - - return this.map( function() { - return jQuery.clone( this, dataAndEvents, deepDataAndEvents ); - } ); - }, - - html: function( value ) { - return access( this, function( value ) { - var elem = this[ 0 ] || {}, - i = 0, - l = this.length; - - if ( value === undefined && elem.nodeType === 1 ) { - return elem.innerHTML; - } - - // See if we can take a shortcut and just use innerHTML - if ( typeof value === "string" && !rnoInnerhtml.test( value ) && - !wrapMap[ ( rtagName.exec( value ) || [ "", "" ] )[ 1 ].toLowerCase() ] ) { - - value = jQuery.htmlPrefilter( value ); - - try { - for ( ; i < l; i++ ) { - elem = this[ i ] || {}; - - // Remove element nodes and prevent memory leaks - if ( elem.nodeType === 1 ) { - jQuery.cleanData( getAll( elem, false ) ); - elem.innerHTML = value; - } - } - - elem = 0; - - // If using innerHTML throws an exception, use the fallback method - } catch ( e ) {} - } - - if ( elem ) { - this.empty().append( value ); - } - }, null, value, arguments.length ); - }, - - replaceWith: function() { - var ignored = []; - - // Make the changes, replacing each non-ignored context element with the new content - return domManip( this, arguments, function( elem ) { - var parent = this.parentNode; - - if ( jQuery.inArray( this, ignored ) < 0 ) { - jQuery.cleanData( getAll( this ) ); - if ( parent ) { - parent.replaceChild( elem, this ); - } - } - - // Force callback invocation - }, ignored ); - } -} ); - -jQuery.each( { - appendTo: "append", - prependTo: "prepend", - insertBefore: "before", - insertAfter: "after", - replaceAll: "replaceWith" -}, function( name, original ) { - jQuery.fn[ name ] = function( selector ) { - var elems, - ret = [], - insert = jQuery( selector ), - last = insert.length - 1, - i = 0; - - for ( ; i <= last; i++ ) { - elems = i === last ? this : this.clone( true ); - jQuery( insert[ i ] )[ original ]( elems ); - - // Support: Android <=4.0 only, PhantomJS 1 only - // .get() because push.apply(_, arraylike) throws on ancient WebKit - push.apply( ret, elems.get() ); - } - - return this.pushStack( ret ); - }; -} ); -var rnumnonpx = new RegExp( "^(" + pnum + ")(?!px)[a-z%]+$", "i" ); - -var getStyles = function( elem ) { - - // Support: IE <=11 only, Firefox <=30 (#15098, #14150) - // IE throws on elements created in popups - // FF meanwhile throws on frame elements through "defaultView.getComputedStyle" - var view = elem.ownerDocument.defaultView; - - if ( !view || !view.opener ) { - view = window; - } - - return view.getComputedStyle( elem ); - }; - -var swap = function( elem, options, callback ) { - var ret, name, - old = {}; - - // Remember the old values, and insert the new ones - for ( name in options ) { - old[ name ] = elem.style[ name ]; - elem.style[ name ] = options[ name ]; - } - - ret = callback.call( elem ); - - // Revert the old values - for ( name in options ) { - elem.style[ name ] = old[ name ]; - } - - return ret; -}; - - -var rboxStyle = new RegExp( cssExpand.join( "|" ), "i" ); - - - -( function() { - - // Executing both pixelPosition & boxSizingReliable tests require only one layout - // so they're executed at the same time to save the second computation. - function computeStyleTests() { - - // This is a singleton, we need to execute it only once - if ( !div ) { - return; - } - - container.style.cssText = "position:absolute;left:-11111px;width:60px;" + - "margin-top:1px;padding:0;border:0"; - div.style.cssText = - "position:relative;display:block;box-sizing:border-box;overflow:scroll;" + - "margin:auto;border:1px;padding:1px;" + - "width:60%;top:1%"; - documentElement.appendChild( container ).appendChild( div ); - - var divStyle = window.getComputedStyle( div ); - pixelPositionVal = divStyle.top !== "1%"; - - // Support: Android 4.0 - 4.3 only, Firefox <=3 - 44 - reliableMarginLeftVal = roundPixelMeasures( divStyle.marginLeft ) === 12; - - // Support: Android 4.0 - 4.3 only, Safari <=9.1 - 10.1, iOS <=7.0 - 9.3 - // Some styles come back with percentage values, even though they shouldn't - div.style.right = "60%"; - pixelBoxStylesVal = roundPixelMeasures( divStyle.right ) === 36; - - // Support: IE 9 - 11 only - // Detect misreporting of content dimensions for box-sizing:border-box elements - boxSizingReliableVal = roundPixelMeasures( divStyle.width ) === 36; - - // Support: IE 9 only - // Detect overflow:scroll screwiness (gh-3699) - // Support: Chrome <=64 - // Don't get tricked when zoom affects offsetWidth (gh-4029) - div.style.position = "absolute"; - scrollboxSizeVal = roundPixelMeasures( div.offsetWidth / 3 ) === 12; - - documentElement.removeChild( container ); - - // Nullify the div so it wouldn't be stored in the memory and - // it will also be a sign that checks already performed - div = null; - } - - function roundPixelMeasures( measure ) { - return Math.round( parseFloat( measure ) ); - } - - var pixelPositionVal, boxSizingReliableVal, scrollboxSizeVal, pixelBoxStylesVal, - reliableTrDimensionsVal, reliableMarginLeftVal, - container = document.createElement( "div" ), - div = document.createElement( "div" ); - - // Finish early in limited (non-browser) environments - if ( !div.style ) { - return; - } - - // Support: IE <=9 - 11 only - // Style of cloned element affects source element cloned (#8908) - div.style.backgroundClip = "content-box"; - div.cloneNode( true ).style.backgroundClip = ""; - support.clearCloneStyle = div.style.backgroundClip === "content-box"; - - jQuery.extend( support, { - boxSizingReliable: function() { - computeStyleTests(); - return boxSizingReliableVal; - }, - pixelBoxStyles: function() { - computeStyleTests(); - return pixelBoxStylesVal; - }, - pixelPosition: function() { - computeStyleTests(); - return pixelPositionVal; - }, - reliableMarginLeft: function() { - computeStyleTests(); - return reliableMarginLeftVal; - }, - scrollboxSize: function() { - computeStyleTests(); - return scrollboxSizeVal; - }, - - // Support: IE 9 - 11+, Edge 15 - 18+ - // IE/Edge misreport `getComputedStyle` of table rows with width/height - // set in CSS while `offset*` properties report correct values. - // Behavior in IE 9 is more subtle than in newer versions & it passes - // some versions of this test; make sure not to make it pass there! - reliableTrDimensions: function() { - var table, tr, trChild, trStyle; - if ( reliableTrDimensionsVal == null ) { - table = document.createElement( "table" ); - tr = document.createElement( "tr" ); - trChild = document.createElement( "div" ); - - table.style.cssText = "position:absolute;left:-11111px"; - tr.style.height = "1px"; - trChild.style.height = "9px"; - - documentElement - .appendChild( table ) - .appendChild( tr ) - .appendChild( trChild ); - - trStyle = window.getComputedStyle( tr ); - reliableTrDimensionsVal = parseInt( trStyle.height ) > 3; - - documentElement.removeChild( table ); - } - return reliableTrDimensionsVal; - } - } ); -} )(); - - -function curCSS( elem, name, computed ) { - var width, minWidth, maxWidth, ret, - - // Support: Firefox 51+ - // Retrieving style before computed somehow - // fixes an issue with getting wrong values - // on detached elements - style = elem.style; - - computed = computed || getStyles( elem ); - - // getPropertyValue is needed for: - // .css('filter') (IE 9 only, #12537) - // .css('--customProperty) (#3144) - if ( computed ) { - ret = computed.getPropertyValue( name ) || computed[ name ]; - - if ( ret === "" && !isAttached( elem ) ) { - ret = jQuery.style( elem, name ); - } - - // A tribute to the "awesome hack by Dean Edwards" - // Android Browser returns percentage for some values, - // but width seems to be reliably pixels. - // This is against the CSSOM draft spec: - // https://drafts.csswg.org/cssom/#resolved-values - if ( !support.pixelBoxStyles() && rnumnonpx.test( ret ) && rboxStyle.test( name ) ) { - - // Remember the original values - width = style.width; - minWidth = style.minWidth; - maxWidth = style.maxWidth; - - // Put in the new values to get a computed value out - style.minWidth = style.maxWidth = style.width = ret; - ret = computed.width; - - // Revert the changed values - style.width = width; - style.minWidth = minWidth; - style.maxWidth = maxWidth; - } - } - - return ret !== undefined ? - - // Support: IE <=9 - 11 only - // IE returns zIndex value as an integer. - ret + "" : - ret; -} - - -function addGetHookIf( conditionFn, hookFn ) { - - // Define the hook, we'll check on the first run if it's really needed. - return { - get: function() { - if ( conditionFn() ) { - - // Hook not needed (or it's not possible to use it due - // to missing dependency), remove it. - delete this.get; - return; - } - - // Hook needed; redefine it so that the support test is not executed again. - return ( this.get = hookFn ).apply( this, arguments ); - } - }; -} - - -var cssPrefixes = [ "Webkit", "Moz", "ms" ], - emptyStyle = document.createElement( "div" ).style, - vendorProps = {}; - -// Return a vendor-prefixed property or undefined -function vendorPropName( name ) { - - // Check for vendor prefixed names - var capName = name[ 0 ].toUpperCase() + name.slice( 1 ), - i = cssPrefixes.length; - - while ( i-- ) { - name = cssPrefixes[ i ] + capName; - if ( name in emptyStyle ) { - return name; - } - } -} - -// Return a potentially-mapped jQuery.cssProps or vendor prefixed property -function finalPropName( name ) { - var final = jQuery.cssProps[ name ] || vendorProps[ name ]; - - if ( final ) { - return final; - } - if ( name in emptyStyle ) { - return name; - } - return vendorProps[ name ] = vendorPropName( name ) || name; -} - - -var - - // Swappable if display is none or starts with table - // except "table", "table-cell", or "table-caption" - // See here for display values: https://developer.mozilla.org/en-US/docs/CSS/display - rdisplayswap = /^(none|table(?!-c[ea]).+)/, - rcustomProp = /^--/, - cssShow = { position: "absolute", visibility: "hidden", display: "block" }, - cssNormalTransform = { - letterSpacing: "0", - fontWeight: "400" - }; - -function setPositiveNumber( _elem, value, subtract ) { - - // Any relative (+/-) values have already been - // normalized at this point - var matches = rcssNum.exec( value ); - return matches ? - - // Guard against undefined "subtract", e.g., when used as in cssHooks - Math.max( 0, matches[ 2 ] - ( subtract || 0 ) ) + ( matches[ 3 ] || "px" ) : - value; -} - -function boxModelAdjustment( elem, dimension, box, isBorderBox, styles, computedVal ) { - var i = dimension === "width" ? 1 : 0, - extra = 0, - delta = 0; - - // Adjustment may not be necessary - if ( box === ( isBorderBox ? "border" : "content" ) ) { - return 0; - } - - for ( ; i < 4; i += 2 ) { - - // Both box models exclude margin - if ( box === "margin" ) { - delta += jQuery.css( elem, box + cssExpand[ i ], true, styles ); - } - - // If we get here with a content-box, we're seeking "padding" or "border" or "margin" - if ( !isBorderBox ) { - - // Add padding - delta += jQuery.css( elem, "padding" + cssExpand[ i ], true, styles ); - - // For "border" or "margin", add border - if ( box !== "padding" ) { - delta += jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles ); - - // But still keep track of it otherwise - } else { - extra += jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles ); - } - - // If we get here with a border-box (content + padding + border), we're seeking "content" or - // "padding" or "margin" - } else { - - // For "content", subtract padding - if ( box === "content" ) { - delta -= jQuery.css( elem, "padding" + cssExpand[ i ], true, styles ); - } - - // For "content" or "padding", subtract border - if ( box !== "margin" ) { - delta -= jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles ); - } - } - } - - // Account for positive content-box scroll gutter when requested by providing computedVal - if ( !isBorderBox && computedVal >= 0 ) { - - // offsetWidth/offsetHeight is a rounded sum of content, padding, scroll gutter, and border - // Assuming integer scroll gutter, subtract the rest and round down - delta += Math.max( 0, Math.ceil( - elem[ "offset" + dimension[ 0 ].toUpperCase() + dimension.slice( 1 ) ] - - computedVal - - delta - - extra - - 0.5 - - // If offsetWidth/offsetHeight is unknown, then we can't determine content-box scroll gutter - // Use an explicit zero to avoid NaN (gh-3964) - ) ) || 0; - } - - return delta; -} - -function getWidthOrHeight( elem, dimension, extra ) { - - // Start with computed style - var styles = getStyles( elem ), - - // To avoid forcing a reflow, only fetch boxSizing if we need it (gh-4322). - // Fake content-box until we know it's needed to know the true value. - boxSizingNeeded = !support.boxSizingReliable() || extra, - isBorderBox = boxSizingNeeded && - jQuery.css( elem, "boxSizing", false, styles ) === "border-box", - valueIsBorderBox = isBorderBox, - - val = curCSS( elem, dimension, styles ), - offsetProp = "offset" + dimension[ 0 ].toUpperCase() + dimension.slice( 1 ); - - // Support: Firefox <=54 - // Return a confounding non-pixel value or feign ignorance, as appropriate. - if ( rnumnonpx.test( val ) ) { - if ( !extra ) { - return val; - } - val = "auto"; - } - - - // Support: IE 9 - 11 only - // Use offsetWidth/offsetHeight for when box sizing is unreliable. - // In those cases, the computed value can be trusted to be border-box. - if ( ( !support.boxSizingReliable() && isBorderBox || - - // Support: IE 10 - 11+, Edge 15 - 18+ - // IE/Edge misreport `getComputedStyle` of table rows with width/height - // set in CSS while `offset*` properties report correct values. - // Interestingly, in some cases IE 9 doesn't suffer from this issue. - !support.reliableTrDimensions() && nodeName( elem, "tr" ) || - - // Fall back to offsetWidth/offsetHeight when value is "auto" - // This happens for inline elements with no explicit setting (gh-3571) - val === "auto" || - - // Support: Android <=4.1 - 4.3 only - // Also use offsetWidth/offsetHeight for misreported inline dimensions (gh-3602) - !parseFloat( val ) && jQuery.css( elem, "display", false, styles ) === "inline" ) && - - // Make sure the element is visible & connected - elem.getClientRects().length ) { - - isBorderBox = jQuery.css( elem, "boxSizing", false, styles ) === "border-box"; - - // Where available, offsetWidth/offsetHeight approximate border box dimensions. - // Where not available (e.g., SVG), assume unreliable box-sizing and interpret the - // retrieved value as a content box dimension. - valueIsBorderBox = offsetProp in elem; - if ( valueIsBorderBox ) { - val = elem[ offsetProp ]; - } - } - - // Normalize "" and auto - val = parseFloat( val ) || 0; - - // Adjust for the element's box model - return ( val + - boxModelAdjustment( - elem, - dimension, - extra || ( isBorderBox ? "border" : "content" ), - valueIsBorderBox, - styles, - - // Provide the current computed size to request scroll gutter calculation (gh-3589) - val - ) - ) + "px"; -} - -jQuery.extend( { - - // Add in style property hooks for overriding the default - // behavior of getting and setting a style property - cssHooks: { - opacity: { - get: function( elem, computed ) { - if ( computed ) { - - // We should always get a number back from opacity - var ret = curCSS( elem, "opacity" ); - return ret === "" ? "1" : ret; - } - } - } - }, - - // Don't automatically add "px" to these possibly-unitless properties - cssNumber: { - "animationIterationCount": true, - "columnCount": true, - "fillOpacity": true, - "flexGrow": true, - "flexShrink": true, - "fontWeight": true, - "gridArea": true, - "gridColumn": true, - "gridColumnEnd": true, - "gridColumnStart": true, - "gridRow": true, - "gridRowEnd": true, - "gridRowStart": true, - "lineHeight": true, - "opacity": true, - "order": true, - "orphans": true, - "widows": true, - "zIndex": true, - "zoom": true - }, - - // Add in properties whose names you wish to fix before - // setting or getting the value - cssProps: {}, - - // Get and set the style property on a DOM Node - style: function( elem, name, value, extra ) { - - // Don't set styles on text and comment nodes - if ( !elem || elem.nodeType === 3 || elem.nodeType === 8 || !elem.style ) { - return; - } - - // Make sure that we're working with the right name - var ret, type, hooks, - origName = camelCase( name ), - isCustomProp = rcustomProp.test( name ), - style = elem.style; - - // Make sure that we're working with the right name. We don't - // want to query the value if it is a CSS custom property - // since they are user-defined. - if ( !isCustomProp ) { - name = finalPropName( origName ); - } - - // Gets hook for the prefixed version, then unprefixed version - hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ]; - - // Check if we're setting a value - if ( value !== undefined ) { - type = typeof value; - - // Convert "+=" or "-=" to relative numbers (#7345) - if ( type === "string" && ( ret = rcssNum.exec( value ) ) && ret[ 1 ] ) { - value = adjustCSS( elem, name, ret ); - - // Fixes bug #9237 - type = "number"; - } - - // Make sure that null and NaN values aren't set (#7116) - if ( value == null || value !== value ) { - return; - } - - // If a number was passed in, add the unit (except for certain CSS properties) - // The isCustomProp check can be removed in jQuery 4.0 when we only auto-append - // "px" to a few hardcoded values. - if ( type === "number" && !isCustomProp ) { - value += ret && ret[ 3 ] || ( jQuery.cssNumber[ origName ] ? "" : "px" ); - } - - // background-* props affect original clone's values - if ( !support.clearCloneStyle && value === "" && name.indexOf( "background" ) === 0 ) { - style[ name ] = "inherit"; - } - - // If a hook was provided, use that value, otherwise just set the specified value - if ( !hooks || !( "set" in hooks ) || - ( value = hooks.set( elem, value, extra ) ) !== undefined ) { - - if ( isCustomProp ) { - style.setProperty( name, value ); - } else { - style[ name ] = value; - } - } - - } else { - - // If a hook was provided get the non-computed value from there - if ( hooks && "get" in hooks && - ( ret = hooks.get( elem, false, extra ) ) !== undefined ) { - - return ret; - } - - // Otherwise just get the value from the style object - return style[ name ]; - } - }, - - css: function( elem, name, extra, styles ) { - var val, num, hooks, - origName = camelCase( name ), - isCustomProp = rcustomProp.test( name ); - - // Make sure that we're working with the right name. We don't - // want to modify the value if it is a CSS custom property - // since they are user-defined. - if ( !isCustomProp ) { - name = finalPropName( origName ); - } - - // Try prefixed name followed by the unprefixed name - hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ]; - - // If a hook was provided get the computed value from there - if ( hooks && "get" in hooks ) { - val = hooks.get( elem, true, extra ); - } - - // Otherwise, if a way to get the computed value exists, use that - if ( val === undefined ) { - val = curCSS( elem, name, styles ); - } - - // Convert "normal" to computed value - if ( val === "normal" && name in cssNormalTransform ) { - val = cssNormalTransform[ name ]; - } - - // Make numeric if forced or a qualifier was provided and val looks numeric - if ( extra === "" || extra ) { - num = parseFloat( val ); - return extra === true || isFinite( num ) ? num || 0 : val; - } - - return val; - } -} ); - -jQuery.each( [ "height", "width" ], function( _i, dimension ) { - jQuery.cssHooks[ dimension ] = { - get: function( elem, computed, extra ) { - if ( computed ) { - - // Certain elements can have dimension info if we invisibly show them - // but it must have a current display style that would benefit - return rdisplayswap.test( jQuery.css( elem, "display" ) ) && - - // Support: Safari 8+ - // Table columns in Safari have non-zero offsetWidth & zero - // getBoundingClientRect().width unless display is changed. - // Support: IE <=11 only - // Running getBoundingClientRect on a disconnected node - // in IE throws an error. - ( !elem.getClientRects().length || !elem.getBoundingClientRect().width ) ? - swap( elem, cssShow, function() { - return getWidthOrHeight( elem, dimension, extra ); - } ) : - getWidthOrHeight( elem, dimension, extra ); - } - }, - - set: function( elem, value, extra ) { - var matches, - styles = getStyles( elem ), - - // Only read styles.position if the test has a chance to fail - // to avoid forcing a reflow. - scrollboxSizeBuggy = !support.scrollboxSize() && - styles.position === "absolute", - - // To avoid forcing a reflow, only fetch boxSizing if we need it (gh-3991) - boxSizingNeeded = scrollboxSizeBuggy || extra, - isBorderBox = boxSizingNeeded && - jQuery.css( elem, "boxSizing", false, styles ) === "border-box", - subtract = extra ? - boxModelAdjustment( - elem, - dimension, - extra, - isBorderBox, - styles - ) : - 0; - - // Account for unreliable border-box dimensions by comparing offset* to computed and - // faking a content-box to get border and padding (gh-3699) - if ( isBorderBox && scrollboxSizeBuggy ) { - subtract -= Math.ceil( - elem[ "offset" + dimension[ 0 ].toUpperCase() + dimension.slice( 1 ) ] - - parseFloat( styles[ dimension ] ) - - boxModelAdjustment( elem, dimension, "border", false, styles ) - - 0.5 - ); - } - - // Convert to pixels if value adjustment is needed - if ( subtract && ( matches = rcssNum.exec( value ) ) && - ( matches[ 3 ] || "px" ) !== "px" ) { - - elem.style[ dimension ] = value; - value = jQuery.css( elem, dimension ); - } - - return setPositiveNumber( elem, value, subtract ); - } - }; -} ); - -jQuery.cssHooks.marginLeft = addGetHookIf( support.reliableMarginLeft, - function( elem, computed ) { - if ( computed ) { - return ( parseFloat( curCSS( elem, "marginLeft" ) ) || - elem.getBoundingClientRect().left - - swap( elem, { marginLeft: 0 }, function() { - return elem.getBoundingClientRect().left; - } ) - ) + "px"; - } - } -); - -// These hooks are used by animate to expand properties -jQuery.each( { - margin: "", - padding: "", - border: "Width" -}, function( prefix, suffix ) { - jQuery.cssHooks[ prefix + suffix ] = { - expand: function( value ) { - var i = 0, - expanded = {}, - - // Assumes a single number if not a string - parts = typeof value === "string" ? value.split( " " ) : [ value ]; - - for ( ; i < 4; i++ ) { - expanded[ prefix + cssExpand[ i ] + suffix ] = - parts[ i ] || parts[ i - 2 ] || parts[ 0 ]; - } - - return expanded; - } - }; - - if ( prefix !== "margin" ) { - jQuery.cssHooks[ prefix + suffix ].set = setPositiveNumber; - } -} ); - -jQuery.fn.extend( { - css: function( name, value ) { - return access( this, function( elem, name, value ) { - var styles, len, - map = {}, - i = 0; - - if ( Array.isArray( name ) ) { - styles = getStyles( elem ); - len = name.length; - - for ( ; i < len; i++ ) { - map[ name[ i ] ] = jQuery.css( elem, name[ i ], false, styles ); - } - - return map; - } - - return value !== undefined ? - jQuery.style( elem, name, value ) : - jQuery.css( elem, name ); - }, name, value, arguments.length > 1 ); - } -} ); - - -function Tween( elem, options, prop, end, easing ) { - return new Tween.prototype.init( elem, options, prop, end, easing ); -} -jQuery.Tween = Tween; - -Tween.prototype = { - constructor: Tween, - init: function( elem, options, prop, end, easing, unit ) { - this.elem = elem; - this.prop = prop; - this.easing = easing || jQuery.easing._default; - this.options = options; - this.start = this.now = this.cur(); - this.end = end; - this.unit = unit || ( jQuery.cssNumber[ prop ] ? "" : "px" ); - }, - cur: function() { - var hooks = Tween.propHooks[ this.prop ]; - - return hooks && hooks.get ? - hooks.get( this ) : - Tween.propHooks._default.get( this ); - }, - run: function( percent ) { - var eased, - hooks = Tween.propHooks[ this.prop ]; - - if ( this.options.duration ) { - this.pos = eased = jQuery.easing[ this.easing ]( - percent, this.options.duration * percent, 0, 1, this.options.duration - ); - } else { - this.pos = eased = percent; - } - this.now = ( this.end - this.start ) * eased + this.start; - - if ( this.options.step ) { - this.options.step.call( this.elem, this.now, this ); - } - - if ( hooks && hooks.set ) { - hooks.set( this ); - } else { - Tween.propHooks._default.set( this ); - } - return this; - } -}; - -Tween.prototype.init.prototype = Tween.prototype; - -Tween.propHooks = { - _default: { - get: function( tween ) { - var result; - - // Use a property on the element directly when it is not a DOM element, - // or when there is no matching style property that exists. - if ( tween.elem.nodeType !== 1 || - tween.elem[ tween.prop ] != null && tween.elem.style[ tween.prop ] == null ) { - return tween.elem[ tween.prop ]; - } - - // Passing an empty string as a 3rd parameter to .css will automatically - // attempt a parseFloat and fallback to a string if the parse fails. - // Simple values such as "10px" are parsed to Float; - // complex values such as "rotate(1rad)" are returned as-is. - result = jQuery.css( tween.elem, tween.prop, "" ); - - // Empty strings, null, undefined and "auto" are converted to 0. - return !result || result === "auto" ? 0 : result; - }, - set: function( tween ) { - - // Use step hook for back compat. - // Use cssHook if its there. - // Use .style if available and use plain properties where available. - if ( jQuery.fx.step[ tween.prop ] ) { - jQuery.fx.step[ tween.prop ]( tween ); - } else if ( tween.elem.nodeType === 1 && ( - jQuery.cssHooks[ tween.prop ] || - tween.elem.style[ finalPropName( tween.prop ) ] != null ) ) { - jQuery.style( tween.elem, tween.prop, tween.now + tween.unit ); - } else { - tween.elem[ tween.prop ] = tween.now; - } - } - } -}; - -// Support: IE <=9 only -// Panic based approach to setting things on disconnected nodes -Tween.propHooks.scrollTop = Tween.propHooks.scrollLeft = { - set: function( tween ) { - if ( tween.elem.nodeType && tween.elem.parentNode ) { - tween.elem[ tween.prop ] = tween.now; - } - } -}; - -jQuery.easing = { - linear: function( p ) { - return p; - }, - swing: function( p ) { - return 0.5 - Math.cos( p * Math.PI ) / 2; - }, - _default: "swing" -}; - -jQuery.fx = Tween.prototype.init; - -// Back compat <1.8 extension point -jQuery.fx.step = {}; - - - - -var - fxNow, inProgress, - rfxtypes = /^(?:toggle|show|hide)$/, - rrun = /queueHooks$/; - -function schedule() { - if ( inProgress ) { - if ( document.hidden === false && window.requestAnimationFrame ) { - window.requestAnimationFrame( schedule ); - } else { - window.setTimeout( schedule, jQuery.fx.interval ); - } - - jQuery.fx.tick(); - } -} - -// Animations created synchronously will run synchronously -function createFxNow() { - window.setTimeout( function() { - fxNow = undefined; - } ); - return ( fxNow = Date.now() ); -} - -// Generate parameters to create a standard animation -function genFx( type, includeWidth ) { - var which, - i = 0, - attrs = { height: type }; - - // If we include width, step value is 1 to do all cssExpand values, - // otherwise step value is 2 to skip over Left and Right - includeWidth = includeWidth ? 1 : 0; - for ( ; i < 4; i += 2 - includeWidth ) { - which = cssExpand[ i ]; - attrs[ "margin" + which ] = attrs[ "padding" + which ] = type; - } - - if ( includeWidth ) { - attrs.opacity = attrs.width = type; - } - - return attrs; -} - -function createTween( value, prop, animation ) { - var tween, - collection = ( Animation.tweeners[ prop ] || [] ).concat( Animation.tweeners[ "*" ] ), - index = 0, - length = collection.length; - for ( ; index < length; index++ ) { - if ( ( tween = collection[ index ].call( animation, prop, value ) ) ) { - - // We're done with this property - return tween; - } - } -} - -function defaultPrefilter( elem, props, opts ) { - var prop, value, toggle, hooks, oldfire, propTween, restoreDisplay, display, - isBox = "width" in props || "height" in props, - anim = this, - orig = {}, - style = elem.style, - hidden = elem.nodeType && isHiddenWithinTree( elem ), - dataShow = dataPriv.get( elem, "fxshow" ); - - // Queue-skipping animations hijack the fx hooks - if ( !opts.queue ) { - hooks = jQuery._queueHooks( elem, "fx" ); - if ( hooks.unqueued == null ) { - hooks.unqueued = 0; - oldfire = hooks.empty.fire; - hooks.empty.fire = function() { - if ( !hooks.unqueued ) { - oldfire(); - } - }; - } - hooks.unqueued++; - - anim.always( function() { - - // Ensure the complete handler is called before this completes - anim.always( function() { - hooks.unqueued--; - if ( !jQuery.queue( elem, "fx" ).length ) { - hooks.empty.fire(); - } - } ); - } ); - } - - // Detect show/hide animations - for ( prop in props ) { - value = props[ prop ]; - if ( rfxtypes.test( value ) ) { - delete props[ prop ]; - toggle = toggle || value === "toggle"; - if ( value === ( hidden ? "hide" : "show" ) ) { - - // Pretend to be hidden if this is a "show" and - // there is still data from a stopped show/hide - if ( value === "show" && dataShow && dataShow[ prop ] !== undefined ) { - hidden = true; - - // Ignore all other no-op show/hide data - } else { - continue; - } - } - orig[ prop ] = dataShow && dataShow[ prop ] || jQuery.style( elem, prop ); - } - } - - // Bail out if this is a no-op like .hide().hide() - propTween = !jQuery.isEmptyObject( props ); - if ( !propTween && jQuery.isEmptyObject( orig ) ) { - return; - } - - // Restrict "overflow" and "display" styles during box animations - if ( isBox && elem.nodeType === 1 ) { - - // Support: IE <=9 - 11, Edge 12 - 15 - // Record all 3 overflow attributes because IE does not infer the shorthand - // from identically-valued overflowX and overflowY and Edge just mirrors - // the overflowX value there. - opts.overflow = [ style.overflow, style.overflowX, style.overflowY ]; - - // Identify a display type, preferring old show/hide data over the CSS cascade - restoreDisplay = dataShow && dataShow.display; - if ( restoreDisplay == null ) { - restoreDisplay = dataPriv.get( elem, "display" ); - } - display = jQuery.css( elem, "display" ); - if ( display === "none" ) { - if ( restoreDisplay ) { - display = restoreDisplay; - } else { - - // Get nonempty value(s) by temporarily forcing visibility - showHide( [ elem ], true ); - restoreDisplay = elem.style.display || restoreDisplay; - display = jQuery.css( elem, "display" ); - showHide( [ elem ] ); - } - } - - // Animate inline elements as inline-block - if ( display === "inline" || display === "inline-block" && restoreDisplay != null ) { - if ( jQuery.css( elem, "float" ) === "none" ) { - - // Restore the original display value at the end of pure show/hide animations - if ( !propTween ) { - anim.done( function() { - style.display = restoreDisplay; - } ); - if ( restoreDisplay == null ) { - display = style.display; - restoreDisplay = display === "none" ? "" : display; - } - } - style.display = "inline-block"; - } - } - } - - if ( opts.overflow ) { - style.overflow = "hidden"; - anim.always( function() { - style.overflow = opts.overflow[ 0 ]; - style.overflowX = opts.overflow[ 1 ]; - style.overflowY = opts.overflow[ 2 ]; - } ); - } - - // Implement show/hide animations - propTween = false; - for ( prop in orig ) { - - // General show/hide setup for this element animation - if ( !propTween ) { - if ( dataShow ) { - if ( "hidden" in dataShow ) { - hidden = dataShow.hidden; - } - } else { - dataShow = dataPriv.access( elem, "fxshow", { display: restoreDisplay } ); - } - - // Store hidden/visible for toggle so `.stop().toggle()` "reverses" - if ( toggle ) { - dataShow.hidden = !hidden; - } - - // Show elements before animating them - if ( hidden ) { - showHide( [ elem ], true ); - } - - /* eslint-disable no-loop-func */ - - anim.done( function() { - - /* eslint-enable no-loop-func */ - - // The final step of a "hide" animation is actually hiding the element - if ( !hidden ) { - showHide( [ elem ] ); - } - dataPriv.remove( elem, "fxshow" ); - for ( prop in orig ) { - jQuery.style( elem, prop, orig[ prop ] ); - } - } ); - } - - // Per-property setup - propTween = createTween( hidden ? dataShow[ prop ] : 0, prop, anim ); - if ( !( prop in dataShow ) ) { - dataShow[ prop ] = propTween.start; - if ( hidden ) { - propTween.end = propTween.start; - propTween.start = 0; - } - } - } -} - -function propFilter( props, specialEasing ) { - var index, name, easing, value, hooks; - - // camelCase, specialEasing and expand cssHook pass - for ( index in props ) { - name = camelCase( index ); - easing = specialEasing[ name ]; - value = props[ index ]; - if ( Array.isArray( value ) ) { - easing = value[ 1 ]; - value = props[ index ] = value[ 0 ]; - } - - if ( index !== name ) { - props[ name ] = value; - delete props[ index ]; - } - - hooks = jQuery.cssHooks[ name ]; - if ( hooks && "expand" in hooks ) { - value = hooks.expand( value ); - delete props[ name ]; - - // Not quite $.extend, this won't overwrite existing keys. - // Reusing 'index' because we have the correct "name" - for ( index in value ) { - if ( !( index in props ) ) { - props[ index ] = value[ index ]; - specialEasing[ index ] = easing; - } - } - } else { - specialEasing[ name ] = easing; - } - } -} - -function Animation( elem, properties, options ) { - var result, - stopped, - index = 0, - length = Animation.prefilters.length, - deferred = jQuery.Deferred().always( function() { - - // Don't match elem in the :animated selector - delete tick.elem; - } ), - tick = function() { - if ( stopped ) { - return false; - } - var currentTime = fxNow || createFxNow(), - remaining = Math.max( 0, animation.startTime + animation.duration - currentTime ), - - // Support: Android 2.3 only - // Archaic crash bug won't allow us to use `1 - ( 0.5 || 0 )` (#12497) - temp = remaining / animation.duration || 0, - percent = 1 - temp, - index = 0, - length = animation.tweens.length; - - for ( ; index < length; index++ ) { - animation.tweens[ index ].run( percent ); - } - - deferred.notifyWith( elem, [ animation, percent, remaining ] ); - - // If there's more to do, yield - if ( percent < 1 && length ) { - return remaining; - } - - // If this was an empty animation, synthesize a final progress notification - if ( !length ) { - deferred.notifyWith( elem, [ animation, 1, 0 ] ); - } - - // Resolve the animation and report its conclusion - deferred.resolveWith( elem, [ animation ] ); - return false; - }, - animation = deferred.promise( { - elem: elem, - props: jQuery.extend( {}, properties ), - opts: jQuery.extend( true, { - specialEasing: {}, - easing: jQuery.easing._default - }, options ), - originalProperties: properties, - originalOptions: options, - startTime: fxNow || createFxNow(), - duration: options.duration, - tweens: [], - createTween: function( prop, end ) { - var tween = jQuery.Tween( elem, animation.opts, prop, end, - animation.opts.specialEasing[ prop ] || animation.opts.easing ); - animation.tweens.push( tween ); - return tween; - }, - stop: function( gotoEnd ) { - var index = 0, - - // If we are going to the end, we want to run all the tweens - // otherwise we skip this part - length = gotoEnd ? animation.tweens.length : 0; - if ( stopped ) { - return this; - } - stopped = true; - for ( ; index < length; index++ ) { - animation.tweens[ index ].run( 1 ); - } - - // Resolve when we played the last frame; otherwise, reject - if ( gotoEnd ) { - deferred.notifyWith( elem, [ animation, 1, 0 ] ); - deferred.resolveWith( elem, [ animation, gotoEnd ] ); - } else { - deferred.rejectWith( elem, [ animation, gotoEnd ] ); - } - return this; - } - } ), - props = animation.props; - - propFilter( props, animation.opts.specialEasing ); - - for ( ; index < length; index++ ) { - result = Animation.prefilters[ index ].call( animation, elem, props, animation.opts ); - if ( result ) { - if ( isFunction( result.stop ) ) { - jQuery._queueHooks( animation.elem, animation.opts.queue ).stop = - result.stop.bind( result ); - } - return result; - } - } - - jQuery.map( props, createTween, animation ); - - if ( isFunction( animation.opts.start ) ) { - animation.opts.start.call( elem, animation ); - } - - // Attach callbacks from options - animation - .progress( animation.opts.progress ) - .done( animation.opts.done, animation.opts.complete ) - .fail( animation.opts.fail ) - .always( animation.opts.always ); - - jQuery.fx.timer( - jQuery.extend( tick, { - elem: elem, - anim: animation, - queue: animation.opts.queue - } ) - ); - - return animation; -} - -jQuery.Animation = jQuery.extend( Animation, { - - tweeners: { - "*": [ function( prop, value ) { - var tween = this.createTween( prop, value ); - adjustCSS( tween.elem, prop, rcssNum.exec( value ), tween ); - return tween; - } ] - }, - - tweener: function( props, callback ) { - if ( isFunction( props ) ) { - callback = props; - props = [ "*" ]; - } else { - props = props.match( rnothtmlwhite ); - } - - var prop, - index = 0, - length = props.length; - - for ( ; index < length; index++ ) { - prop = props[ index ]; - Animation.tweeners[ prop ] = Animation.tweeners[ prop ] || []; - Animation.tweeners[ prop ].unshift( callback ); - } - }, - - prefilters: [ defaultPrefilter ], - - prefilter: function( callback, prepend ) { - if ( prepend ) { - Animation.prefilters.unshift( callback ); - } else { - Animation.prefilters.push( callback ); - } - } -} ); - -jQuery.speed = function( speed, easing, fn ) { - var opt = speed && typeof speed === "object" ? jQuery.extend( {}, speed ) : { - complete: fn || !fn && easing || - isFunction( speed ) && speed, - duration: speed, - easing: fn && easing || easing && !isFunction( easing ) && easing - }; - - // Go to the end state if fx are off - if ( jQuery.fx.off ) { - opt.duration = 0; - - } else { - if ( typeof opt.duration !== "number" ) { - if ( opt.duration in jQuery.fx.speeds ) { - opt.duration = jQuery.fx.speeds[ opt.duration ]; - - } else { - opt.duration = jQuery.fx.speeds._default; - } - } - } - - // Normalize opt.queue - true/undefined/null -> "fx" - if ( opt.queue == null || opt.queue === true ) { - opt.queue = "fx"; - } - - // Queueing - opt.old = opt.complete; - - opt.complete = function() { - if ( isFunction( opt.old ) ) { - opt.old.call( this ); - } - - if ( opt.queue ) { - jQuery.dequeue( this, opt.queue ); - } - }; - - return opt; -}; - -jQuery.fn.extend( { - fadeTo: function( speed, to, easing, callback ) { - - // Show any hidden elements after setting opacity to 0 - return this.filter( isHiddenWithinTree ).css( "opacity", 0 ).show() - - // Animate to the value specified - .end().animate( { opacity: to }, speed, easing, callback ); - }, - animate: function( prop, speed, easing, callback ) { - var empty = jQuery.isEmptyObject( prop ), - optall = jQuery.speed( speed, easing, callback ), - doAnimation = function() { - - // Operate on a copy of prop so per-property easing won't be lost - var anim = Animation( this, jQuery.extend( {}, prop ), optall ); - - // Empty animations, or finishing resolves immediately - if ( empty || dataPriv.get( this, "finish" ) ) { - anim.stop( true ); - } - }; - doAnimation.finish = doAnimation; - - return empty || optall.queue === false ? - this.each( doAnimation ) : - this.queue( optall.queue, doAnimation ); - }, - stop: function( type, clearQueue, gotoEnd ) { - var stopQueue = function( hooks ) { - var stop = hooks.stop; - delete hooks.stop; - stop( gotoEnd ); - }; - - if ( typeof type !== "string" ) { - gotoEnd = clearQueue; - clearQueue = type; - type = undefined; - } - if ( clearQueue ) { - this.queue( type || "fx", [] ); - } - - return this.each( function() { - var dequeue = true, - index = type != null && type + "queueHooks", - timers = jQuery.timers, - data = dataPriv.get( this ); - - if ( index ) { - if ( data[ index ] && data[ index ].stop ) { - stopQueue( data[ index ] ); - } - } else { - for ( index in data ) { - if ( data[ index ] && data[ index ].stop && rrun.test( index ) ) { - stopQueue( data[ index ] ); - } - } - } - - for ( index = timers.length; index--; ) { - if ( timers[ index ].elem === this && - ( type == null || timers[ index ].queue === type ) ) { - - timers[ index ].anim.stop( gotoEnd ); - dequeue = false; - timers.splice( index, 1 ); - } - } - - // Start the next in the queue if the last step wasn't forced. - // Timers currently will call their complete callbacks, which - // will dequeue but only if they were gotoEnd. - if ( dequeue || !gotoEnd ) { - jQuery.dequeue( this, type ); - } - } ); - }, - finish: function( type ) { - if ( type !== false ) { - type = type || "fx"; - } - return this.each( function() { - var index, - data = dataPriv.get( this ), - queue = data[ type + "queue" ], - hooks = data[ type + "queueHooks" ], - timers = jQuery.timers, - length = queue ? queue.length : 0; - - // Enable finishing flag on private data - data.finish = true; - - // Empty the queue first - jQuery.queue( this, type, [] ); - - if ( hooks && hooks.stop ) { - hooks.stop.call( this, true ); - } - - // Look for any active animations, and finish them - for ( index = timers.length; index--; ) { - if ( timers[ index ].elem === this && timers[ index ].queue === type ) { - timers[ index ].anim.stop( true ); - timers.splice( index, 1 ); - } - } - - // Look for any animations in the old queue and finish them - for ( index = 0; index < length; index++ ) { - if ( queue[ index ] && queue[ index ].finish ) { - queue[ index ].finish.call( this ); - } - } - - // Turn off finishing flag - delete data.finish; - } ); - } -} ); - -jQuery.each( [ "toggle", "show", "hide" ], function( _i, name ) { - var cssFn = jQuery.fn[ name ]; - jQuery.fn[ name ] = function( speed, easing, callback ) { - return speed == null || typeof speed === "boolean" ? - cssFn.apply( this, arguments ) : - this.animate( genFx( name, true ), speed, easing, callback ); - }; -} ); - -// Generate shortcuts for custom animations -jQuery.each( { - slideDown: genFx( "show" ), - slideUp: genFx( "hide" ), - slideToggle: genFx( "toggle" ), - fadeIn: { opacity: "show" }, - fadeOut: { opacity: "hide" }, - fadeToggle: { opacity: "toggle" } -}, function( name, props ) { - jQuery.fn[ name ] = function( speed, easing, callback ) { - return this.animate( props, speed, easing, callback ); - }; -} ); - -jQuery.timers = []; -jQuery.fx.tick = function() { - var timer, - i = 0, - timers = jQuery.timers; - - fxNow = Date.now(); - - for ( ; i < timers.length; i++ ) { - timer = timers[ i ]; - - // Run the timer and safely remove it when done (allowing for external removal) - if ( !timer() && timers[ i ] === timer ) { - timers.splice( i--, 1 ); - } - } - - if ( !timers.length ) { - jQuery.fx.stop(); - } - fxNow = undefined; -}; - -jQuery.fx.timer = function( timer ) { - jQuery.timers.push( timer ); - jQuery.fx.start(); -}; - -jQuery.fx.interval = 13; -jQuery.fx.start = function() { - if ( inProgress ) { - return; - } - - inProgress = true; - schedule(); -}; - -jQuery.fx.stop = function() { - inProgress = null; -}; - -jQuery.fx.speeds = { - slow: 600, - fast: 200, - - // Default speed - _default: 400 -}; - - -// Based off of the plugin by Clint Helfers, with permission. -// https://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/ -jQuery.fn.delay = function( time, type ) { - time = jQuery.fx ? jQuery.fx.speeds[ time ] || time : time; - type = type || "fx"; - - return this.queue( type, function( next, hooks ) { - var timeout = window.setTimeout( next, time ); - hooks.stop = function() { - window.clearTimeout( timeout ); - }; - } ); -}; - - -( function() { - var input = document.createElement( "input" ), - select = document.createElement( "select" ), - opt = select.appendChild( document.createElement( "option" ) ); - - input.type = "checkbox"; - - // Support: Android <=4.3 only - // Default value for a checkbox should be "on" - support.checkOn = input.value !== ""; - - // Support: IE <=11 only - // Must access selectedIndex to make default options select - support.optSelected = opt.selected; - - // Support: IE <=11 only - // An input loses its value after becoming a radio - input = document.createElement( "input" ); - input.value = "t"; - input.type = "radio"; - support.radioValue = input.value === "t"; -} )(); - - -var boolHook, - attrHandle = jQuery.expr.attrHandle; - -jQuery.fn.extend( { - attr: function( name, value ) { - return access( this, jQuery.attr, name, value, arguments.length > 1 ); - }, - - removeAttr: function( name ) { - return this.each( function() { - jQuery.removeAttr( this, name ); - } ); - } -} ); - -jQuery.extend( { - attr: function( elem, name, value ) { - var ret, hooks, - nType = elem.nodeType; - - // Don't get/set attributes on text, comment and attribute nodes - if ( nType === 3 || nType === 8 || nType === 2 ) { - return; - } - - // Fallback to prop when attributes are not supported - if ( typeof elem.getAttribute === "undefined" ) { - return jQuery.prop( elem, name, value ); - } - - // Attribute hooks are determined by the lowercase version - // Grab necessary hook if one is defined - if ( nType !== 1 || !jQuery.isXMLDoc( elem ) ) { - hooks = jQuery.attrHooks[ name.toLowerCase() ] || - ( jQuery.expr.match.bool.test( name ) ? boolHook : undefined ); - } - - if ( value !== undefined ) { - if ( value === null ) { - jQuery.removeAttr( elem, name ); - return; - } - - if ( hooks && "set" in hooks && - ( ret = hooks.set( elem, value, name ) ) !== undefined ) { - return ret; - } - - elem.setAttribute( name, value + "" ); - return value; - } - - if ( hooks && "get" in hooks && ( ret = hooks.get( elem, name ) ) !== null ) { - return ret; - } - - ret = jQuery.find.attr( elem, name ); - - // Non-existent attributes return null, we normalize to undefined - return ret == null ? undefined : ret; - }, - - attrHooks: { - type: { - set: function( elem, value ) { - if ( !support.radioValue && value === "radio" && - nodeName( elem, "input" ) ) { - var val = elem.value; - elem.setAttribute( "type", value ); - if ( val ) { - elem.value = val; - } - return value; - } - } - } - }, - - removeAttr: function( elem, value ) { - var name, - i = 0, - - // Attribute names can contain non-HTML whitespace characters - // https://html.spec.whatwg.org/multipage/syntax.html#attributes-2 - attrNames = value && value.match( rnothtmlwhite ); - - if ( attrNames && elem.nodeType === 1 ) { - while ( ( name = attrNames[ i++ ] ) ) { - elem.removeAttribute( name ); - } - } - } -} ); - -// Hooks for boolean attributes -boolHook = { - set: function( elem, value, name ) { - if ( value === false ) { - - // Remove boolean attributes when set to false - jQuery.removeAttr( elem, name ); - } else { - elem.setAttribute( name, name ); - } - return name; - } -}; - -jQuery.each( jQuery.expr.match.bool.source.match( /\w+/g ), function( _i, name ) { - var getter = attrHandle[ name ] || jQuery.find.attr; - - attrHandle[ name ] = function( elem, name, isXML ) { - var ret, handle, - lowercaseName = name.toLowerCase(); - - if ( !isXML ) { - - // Avoid an infinite loop by temporarily removing this function from the getter - handle = attrHandle[ lowercaseName ]; - attrHandle[ lowercaseName ] = ret; - ret = getter( elem, name, isXML ) != null ? - lowercaseName : - null; - attrHandle[ lowercaseName ] = handle; - } - return ret; - }; -} ); - - - - -var rfocusable = /^(?:input|select|textarea|button)$/i, - rclickable = /^(?:a|area)$/i; - -jQuery.fn.extend( { - prop: function( name, value ) { - return access( this, jQuery.prop, name, value, arguments.length > 1 ); - }, - - removeProp: function( name ) { - return this.each( function() { - delete this[ jQuery.propFix[ name ] || name ]; - } ); - } -} ); - -jQuery.extend( { - prop: function( elem, name, value ) { - var ret, hooks, - nType = elem.nodeType; - - // Don't get/set properties on text, comment and attribute nodes - if ( nType === 3 || nType === 8 || nType === 2 ) { - return; - } - - if ( nType !== 1 || !jQuery.isXMLDoc( elem ) ) { - - // Fix name and attach hooks - name = jQuery.propFix[ name ] || name; - hooks = jQuery.propHooks[ name ]; - } - - if ( value !== undefined ) { - if ( hooks && "set" in hooks && - ( ret = hooks.set( elem, value, name ) ) !== undefined ) { - return ret; - } - - return ( elem[ name ] = value ); - } - - if ( hooks && "get" in hooks && ( ret = hooks.get( elem, name ) ) !== null ) { - return ret; - } - - return elem[ name ]; - }, - - propHooks: { - tabIndex: { - get: function( elem ) { - - // Support: IE <=9 - 11 only - // elem.tabIndex doesn't always return the - // correct value when it hasn't been explicitly set - // https://web.archive.org/web/20141116233347/http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ - // Use proper attribute retrieval(#12072) - var tabindex = jQuery.find.attr( elem, "tabindex" ); - - if ( tabindex ) { - return parseInt( tabindex, 10 ); - } - - if ( - rfocusable.test( elem.nodeName ) || - rclickable.test( elem.nodeName ) && - elem.href - ) { - return 0; - } - - return -1; - } - } - }, - - propFix: { - "for": "htmlFor", - "class": "className" - } -} ); - -// Support: IE <=11 only -// Accessing the selectedIndex property -// forces the browser to respect setting selected -// on the option -// The getter ensures a default option is selected -// when in an optgroup -// eslint rule "no-unused-expressions" is disabled for this code -// since it considers such accessions noop -if ( !support.optSelected ) { - jQuery.propHooks.selected = { - get: function( elem ) { - - /* eslint no-unused-expressions: "off" */ - - var parent = elem.parentNode; - if ( parent && parent.parentNode ) { - parent.parentNode.selectedIndex; - } - return null; - }, - set: function( elem ) { - - /* eslint no-unused-expressions: "off" */ - - var parent = elem.parentNode; - if ( parent ) { - parent.selectedIndex; - - if ( parent.parentNode ) { - parent.parentNode.selectedIndex; - } - } - } - }; -} - -jQuery.each( [ - "tabIndex", - "readOnly", - "maxLength", - "cellSpacing", - "cellPadding", - "rowSpan", - "colSpan", - "useMap", - "frameBorder", - "contentEditable" -], function() { - jQuery.propFix[ this.toLowerCase() ] = this; -} ); - - - - - // Strip and collapse whitespace according to HTML spec - // https://infra.spec.whatwg.org/#strip-and-collapse-ascii-whitespace - function stripAndCollapse( value ) { - var tokens = value.match( rnothtmlwhite ) || []; - return tokens.join( " " ); - } - - -function getClass( elem ) { - return elem.getAttribute && elem.getAttribute( "class" ) || ""; -} - -function classesToArray( value ) { - if ( Array.isArray( value ) ) { - return value; - } - if ( typeof value === "string" ) { - return value.match( rnothtmlwhite ) || []; - } - return []; -} - -jQuery.fn.extend( { - addClass: function( value ) { - var classes, elem, cur, curValue, clazz, j, finalValue, - i = 0; - - if ( isFunction( value ) ) { - return this.each( function( j ) { - jQuery( this ).addClass( value.call( this, j, getClass( this ) ) ); - } ); - } - - classes = classesToArray( value ); - - if ( classes.length ) { - while ( ( elem = this[ i++ ] ) ) { - curValue = getClass( elem ); - cur = elem.nodeType === 1 && ( " " + stripAndCollapse( curValue ) + " " ); - - if ( cur ) { - j = 0; - while ( ( clazz = classes[ j++ ] ) ) { - if ( cur.indexOf( " " + clazz + " " ) < 0 ) { - cur += clazz + " "; - } - } - - // Only assign if different to avoid unneeded rendering. - finalValue = stripAndCollapse( cur ); - if ( curValue !== finalValue ) { - elem.setAttribute( "class", finalValue ); - } - } - } - } - - return this; - }, - - removeClass: function( value ) { - var classes, elem, cur, curValue, clazz, j, finalValue, - i = 0; - - if ( isFunction( value ) ) { - return this.each( function( j ) { - jQuery( this ).removeClass( value.call( this, j, getClass( this ) ) ); - } ); - } - - if ( !arguments.length ) { - return this.attr( "class", "" ); - } - - classes = classesToArray( value ); - - if ( classes.length ) { - while ( ( elem = this[ i++ ] ) ) { - curValue = getClass( elem ); - - // This expression is here for better compressibility (see addClass) - cur = elem.nodeType === 1 && ( " " + stripAndCollapse( curValue ) + " " ); - - if ( cur ) { - j = 0; - while ( ( clazz = classes[ j++ ] ) ) { - - // Remove *all* instances - while ( cur.indexOf( " " + clazz + " " ) > -1 ) { - cur = cur.replace( " " + clazz + " ", " " ); - } - } - - // Only assign if different to avoid unneeded rendering. - finalValue = stripAndCollapse( cur ); - if ( curValue !== finalValue ) { - elem.setAttribute( "class", finalValue ); - } - } - } - } - - return this; - }, - - toggleClass: function( value, stateVal ) { - var type = typeof value, - isValidValue = type === "string" || Array.isArray( value ); - - if ( typeof stateVal === "boolean" && isValidValue ) { - return stateVal ? this.addClass( value ) : this.removeClass( value ); - } - - if ( isFunction( value ) ) { - return this.each( function( i ) { - jQuery( this ).toggleClass( - value.call( this, i, getClass( this ), stateVal ), - stateVal - ); - } ); - } - - return this.each( function() { - var className, i, self, classNames; - - if ( isValidValue ) { - - // Toggle individual class names - i = 0; - self = jQuery( this ); - classNames = classesToArray( value ); - - while ( ( className = classNames[ i++ ] ) ) { - - // Check each className given, space separated list - if ( self.hasClass( className ) ) { - self.removeClass( className ); - } else { - self.addClass( className ); - } - } - - // Toggle whole class name - } else if ( value === undefined || type === "boolean" ) { - className = getClass( this ); - if ( className ) { - - // Store className if set - dataPriv.set( this, "__className__", className ); - } - - // If the element has a class name or if we're passed `false`, - // then remove the whole classname (if there was one, the above saved it). - // Otherwise bring back whatever was previously saved (if anything), - // falling back to the empty string if nothing was stored. - if ( this.setAttribute ) { - this.setAttribute( "class", - className || value === false ? - "" : - dataPriv.get( this, "__className__" ) || "" - ); - } - } - } ); - }, - - hasClass: function( selector ) { - var className, elem, - i = 0; - - className = " " + selector + " "; - while ( ( elem = this[ i++ ] ) ) { - if ( elem.nodeType === 1 && - ( " " + stripAndCollapse( getClass( elem ) ) + " " ).indexOf( className ) > -1 ) { - return true; - } - } - - return false; - } -} ); - - - - -var rreturn = /\r/g; - -jQuery.fn.extend( { - val: function( value ) { - var hooks, ret, valueIsFunction, - elem = this[ 0 ]; - - if ( !arguments.length ) { - if ( elem ) { - hooks = jQuery.valHooks[ elem.type ] || - jQuery.valHooks[ elem.nodeName.toLowerCase() ]; - - if ( hooks && - "get" in hooks && - ( ret = hooks.get( elem, "value" ) ) !== undefined - ) { - return ret; - } - - ret = elem.value; - - // Handle most common string cases - if ( typeof ret === "string" ) { - return ret.replace( rreturn, "" ); - } - - // Handle cases where value is null/undef or number - return ret == null ? "" : ret; - } - - return; - } - - valueIsFunction = isFunction( value ); - - return this.each( function( i ) { - var val; - - if ( this.nodeType !== 1 ) { - return; - } - - if ( valueIsFunction ) { - val = value.call( this, i, jQuery( this ).val() ); - } else { - val = value; - } - - // Treat null/undefined as ""; convert numbers to string - if ( val == null ) { - val = ""; - - } else if ( typeof val === "number" ) { - val += ""; - - } else if ( Array.isArray( val ) ) { - val = jQuery.map( val, function( value ) { - return value == null ? "" : value + ""; - } ); - } - - hooks = jQuery.valHooks[ this.type ] || jQuery.valHooks[ this.nodeName.toLowerCase() ]; - - // If set returns undefined, fall back to normal setting - if ( !hooks || !( "set" in hooks ) || hooks.set( this, val, "value" ) === undefined ) { - this.value = val; - } - } ); - } -} ); - -jQuery.extend( { - valHooks: { - option: { - get: function( elem ) { - - var val = jQuery.find.attr( elem, "value" ); - return val != null ? - val : - - // Support: IE <=10 - 11 only - // option.text throws exceptions (#14686, #14858) - // Strip and collapse whitespace - // https://html.spec.whatwg.org/#strip-and-collapse-whitespace - stripAndCollapse( jQuery.text( elem ) ); - } - }, - select: { - get: function( elem ) { - var value, option, i, - options = elem.options, - index = elem.selectedIndex, - one = elem.type === "select-one", - values = one ? null : [], - max = one ? index + 1 : options.length; - - if ( index < 0 ) { - i = max; - - } else { - i = one ? index : 0; - } - - // Loop through all the selected options - for ( ; i < max; i++ ) { - option = options[ i ]; - - // Support: IE <=9 only - // IE8-9 doesn't update selected after form reset (#2551) - if ( ( option.selected || i === index ) && - - // Don't return options that are disabled or in a disabled optgroup - !option.disabled && - ( !option.parentNode.disabled || - !nodeName( option.parentNode, "optgroup" ) ) ) { - - // Get the specific value for the option - value = jQuery( option ).val(); - - // We don't need an array for one selects - if ( one ) { - return value; - } - - // Multi-Selects return an array - values.push( value ); - } - } - - return values; - }, - - set: function( elem, value ) { - var optionSet, option, - options = elem.options, - values = jQuery.makeArray( value ), - i = options.length; - - while ( i-- ) { - option = options[ i ]; - - /* eslint-disable no-cond-assign */ - - if ( option.selected = - jQuery.inArray( jQuery.valHooks.option.get( option ), values ) > -1 - ) { - optionSet = true; - } - - /* eslint-enable no-cond-assign */ - } - - // Force browsers to behave consistently when non-matching value is set - if ( !optionSet ) { - elem.selectedIndex = -1; - } - return values; - } - } - } -} ); - -// Radios and checkboxes getter/setter -jQuery.each( [ "radio", "checkbox" ], function() { - jQuery.valHooks[ this ] = { - set: function( elem, value ) { - if ( Array.isArray( value ) ) { - return ( elem.checked = jQuery.inArray( jQuery( elem ).val(), value ) > -1 ); - } - } - }; - if ( !support.checkOn ) { - jQuery.valHooks[ this ].get = function( elem ) { - return elem.getAttribute( "value" ) === null ? "on" : elem.value; - }; - } -} ); - - - - -// Return jQuery for attributes-only inclusion - - -support.focusin = "onfocusin" in window; - - -var rfocusMorph = /^(?:focusinfocus|focusoutblur)$/, - stopPropagationCallback = function( e ) { - e.stopPropagation(); - }; - -jQuery.extend( jQuery.event, { - - trigger: function( event, data, elem, onlyHandlers ) { - - var i, cur, tmp, bubbleType, ontype, handle, special, lastElement, - eventPath = [ elem || document ], - type = hasOwn.call( event, "type" ) ? event.type : event, - namespaces = hasOwn.call( event, "namespace" ) ? event.namespace.split( "." ) : []; - - cur = lastElement = tmp = elem = elem || document; - - // Don't do events on text and comment nodes - if ( elem.nodeType === 3 || elem.nodeType === 8 ) { - return; - } - - // focus/blur morphs to focusin/out; ensure we're not firing them right now - if ( rfocusMorph.test( type + jQuery.event.triggered ) ) { - return; - } - - if ( type.indexOf( "." ) > -1 ) { - - // Namespaced trigger; create a regexp to match event type in handle() - namespaces = type.split( "." ); - type = namespaces.shift(); - namespaces.sort(); - } - ontype = type.indexOf( ":" ) < 0 && "on" + type; - - // Caller can pass in a jQuery.Event object, Object, or just an event type string - event = event[ jQuery.expando ] ? - event : - new jQuery.Event( type, typeof event === "object" && event ); - - // Trigger bitmask: & 1 for native handlers; & 2 for jQuery (always true) - event.isTrigger = onlyHandlers ? 2 : 3; - event.namespace = namespaces.join( "." ); - event.rnamespace = event.namespace ? - new RegExp( "(^|\\.)" + namespaces.join( "\\.(?:.*\\.|)" ) + "(\\.|$)" ) : - null; - - // Clean up the event in case it is being reused - event.result = undefined; - if ( !event.target ) { - event.target = elem; - } - - // Clone any incoming data and prepend the event, creating the handler arg list - data = data == null ? - [ event ] : - jQuery.makeArray( data, [ event ] ); - - // Allow special events to draw outside the lines - special = jQuery.event.special[ type ] || {}; - if ( !onlyHandlers && special.trigger && special.trigger.apply( elem, data ) === false ) { - return; - } - - // Determine event propagation path in advance, per W3C events spec (#9951) - // Bubble up to document, then to window; watch for a global ownerDocument var (#9724) - if ( !onlyHandlers && !special.noBubble && !isWindow( elem ) ) { - - bubbleType = special.delegateType || type; - if ( !rfocusMorph.test( bubbleType + type ) ) { - cur = cur.parentNode; - } - for ( ; cur; cur = cur.parentNode ) { - eventPath.push( cur ); - tmp = cur; - } - - // Only add window if we got to document (e.g., not plain obj or detached DOM) - if ( tmp === ( elem.ownerDocument || document ) ) { - eventPath.push( tmp.defaultView || tmp.parentWindow || window ); - } - } - - // Fire handlers on the event path - i = 0; - while ( ( cur = eventPath[ i++ ] ) && !event.isPropagationStopped() ) { - lastElement = cur; - event.type = i > 1 ? - bubbleType : - special.bindType || type; - - // jQuery handler - handle = ( - dataPriv.get( cur, "events" ) || Object.create( null ) - )[ event.type ] && - dataPriv.get( cur, "handle" ); - if ( handle ) { - handle.apply( cur, data ); - } - - // Native handler - handle = ontype && cur[ ontype ]; - if ( handle && handle.apply && acceptData( cur ) ) { - event.result = handle.apply( cur, data ); - if ( event.result === false ) { - event.preventDefault(); - } - } - } - event.type = type; - - // If nobody prevented the default action, do it now - if ( !onlyHandlers && !event.isDefaultPrevented() ) { - - if ( ( !special._default || - special._default.apply( eventPath.pop(), data ) === false ) && - acceptData( elem ) ) { - - // Call a native DOM method on the target with the same name as the event. - // Don't do default actions on window, that's where global variables be (#6170) - if ( ontype && isFunction( elem[ type ] ) && !isWindow( elem ) ) { - - // Don't re-trigger an onFOO event when we call its FOO() method - tmp = elem[ ontype ]; - - if ( tmp ) { - elem[ ontype ] = null; - } - - // Prevent re-triggering of the same event, since we already bubbled it above - jQuery.event.triggered = type; - - if ( event.isPropagationStopped() ) { - lastElement.addEventListener( type, stopPropagationCallback ); - } - - elem[ type ](); - - if ( event.isPropagationStopped() ) { - lastElement.removeEventListener( type, stopPropagationCallback ); - } - - jQuery.event.triggered = undefined; - - if ( tmp ) { - elem[ ontype ] = tmp; - } - } - } - } - - return event.result; - }, - - // Piggyback on a donor event to simulate a different one - // Used only for `focus(in | out)` events - simulate: function( type, elem, event ) { - var e = jQuery.extend( - new jQuery.Event(), - event, - { - type: type, - isSimulated: true - } - ); - - jQuery.event.trigger( e, null, elem ); - } - -} ); - -jQuery.fn.extend( { - - trigger: function( type, data ) { - return this.each( function() { - jQuery.event.trigger( type, data, this ); - } ); - }, - triggerHandler: function( type, data ) { - var elem = this[ 0 ]; - if ( elem ) { - return jQuery.event.trigger( type, data, elem, true ); - } - } -} ); - - -// Support: Firefox <=44 -// Firefox doesn't have focus(in | out) events -// Related ticket - https://bugzilla.mozilla.org/show_bug.cgi?id=687787 -// -// Support: Chrome <=48 - 49, Safari <=9.0 - 9.1 -// focus(in | out) events fire after focus & blur events, -// which is spec violation - http://www.w3.org/TR/DOM-Level-3-Events/#events-focusevent-event-order -// Related ticket - https://bugs.chromium.org/p/chromium/issues/detail?id=449857 -if ( !support.focusin ) { - jQuery.each( { focus: "focusin", blur: "focusout" }, function( orig, fix ) { - - // Attach a single capturing handler on the document while someone wants focusin/focusout - var handler = function( event ) { - jQuery.event.simulate( fix, event.target, jQuery.event.fix( event ) ); - }; - - jQuery.event.special[ fix ] = { - setup: function() { - - // Handle: regular nodes (via `this.ownerDocument`), window - // (via `this.document`) & document (via `this`). - var doc = this.ownerDocument || this.document || this, - attaches = dataPriv.access( doc, fix ); - - if ( !attaches ) { - doc.addEventListener( orig, handler, true ); - } - dataPriv.access( doc, fix, ( attaches || 0 ) + 1 ); - }, - teardown: function() { - var doc = this.ownerDocument || this.document || this, - attaches = dataPriv.access( doc, fix ) - 1; - - if ( !attaches ) { - doc.removeEventListener( orig, handler, true ); - dataPriv.remove( doc, fix ); - - } else { - dataPriv.access( doc, fix, attaches ); - } - } - }; - } ); -} -var location = window.location; - -var nonce = { guid: Date.now() }; - -var rquery = ( /\?/ ); - - - -// Cross-browser xml parsing -jQuery.parseXML = function( data ) { - var xml; - if ( !data || typeof data !== "string" ) { - return null; - } - - // Support: IE 9 - 11 only - // IE throws on parseFromString with invalid input. - try { - xml = ( new window.DOMParser() ).parseFromString( data, "text/xml" ); - } catch ( e ) { - xml = undefined; - } - - if ( !xml || xml.getElementsByTagName( "parsererror" ).length ) { - jQuery.error( "Invalid XML: " + data ); - } - return xml; -}; - - -var - rbracket = /\[\]$/, - rCRLF = /\r?\n/g, - rsubmitterTypes = /^(?:submit|button|image|reset|file)$/i, - rsubmittable = /^(?:input|select|textarea|keygen)/i; - -function buildParams( prefix, obj, traditional, add ) { - var name; - - if ( Array.isArray( obj ) ) { - - // Serialize array item. - jQuery.each( obj, function( i, v ) { - if ( traditional || rbracket.test( prefix ) ) { - - // Treat each array item as a scalar. - add( prefix, v ); - - } else { - - // Item is non-scalar (array or object), encode its numeric index. - buildParams( - prefix + "[" + ( typeof v === "object" && v != null ? i : "" ) + "]", - v, - traditional, - add - ); - } - } ); - - } else if ( !traditional && toType( obj ) === "object" ) { - - // Serialize object item. - for ( name in obj ) { - buildParams( prefix + "[" + name + "]", obj[ name ], traditional, add ); - } - - } else { - - // Serialize scalar item. - add( prefix, obj ); - } -} - -// Serialize an array of form elements or a set of -// key/values into a query string -jQuery.param = function( a, traditional ) { - var prefix, - s = [], - add = function( key, valueOrFunction ) { - - // If value is a function, invoke it and use its return value - var value = isFunction( valueOrFunction ) ? - valueOrFunction() : - valueOrFunction; - - s[ s.length ] = encodeURIComponent( key ) + "=" + - encodeURIComponent( value == null ? "" : value ); - }; - - if ( a == null ) { - return ""; - } - - // If an array was passed in, assume that it is an array of form elements. - if ( Array.isArray( a ) || ( a.jquery && !jQuery.isPlainObject( a ) ) ) { - - // Serialize the form elements - jQuery.each( a, function() { - add( this.name, this.value ); - } ); - - } else { - - // If traditional, encode the "old" way (the way 1.3.2 or older - // did it), otherwise encode params recursively. - for ( prefix in a ) { - buildParams( prefix, a[ prefix ], traditional, add ); - } - } - - // Return the resulting serialization - return s.join( "&" ); -}; - -jQuery.fn.extend( { - serialize: function() { - return jQuery.param( this.serializeArray() ); - }, - serializeArray: function() { - return this.map( function() { - - // Can add propHook for "elements" to filter or add form elements - var elements = jQuery.prop( this, "elements" ); - return elements ? jQuery.makeArray( elements ) : this; - } ) - .filter( function() { - var type = this.type; - - // Use .is( ":disabled" ) so that fieldset[disabled] works - return this.name && !jQuery( this ).is( ":disabled" ) && - rsubmittable.test( this.nodeName ) && !rsubmitterTypes.test( type ) && - ( this.checked || !rcheckableType.test( type ) ); - } ) - .map( function( _i, elem ) { - var val = jQuery( this ).val(); - - if ( val == null ) { - return null; - } - - if ( Array.isArray( val ) ) { - return jQuery.map( val, function( val ) { - return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) }; - } ); - } - - return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) }; - } ).get(); - } -} ); - - -var - r20 = /%20/g, - rhash = /#.*$/, - rantiCache = /([?&])_=[^&]*/, - rheaders = /^(.*?):[ \t]*([^\r\n]*)$/mg, - - // #7653, #8125, #8152: local protocol detection - rlocalProtocol = /^(?:about|app|app-storage|.+-extension|file|res|widget):$/, - rnoContent = /^(?:GET|HEAD)$/, - rprotocol = /^\/\//, - - /* Prefilters - * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example) - * 2) These are called: - * - BEFORE asking for a transport - * - AFTER param serialization (s.data is a string if s.processData is true) - * 3) key is the dataType - * 4) the catchall symbol "*" can be used - * 5) execution will start with transport dataType and THEN continue down to "*" if needed - */ - prefilters = {}, - - /* Transports bindings - * 1) key is the dataType - * 2) the catchall symbol "*" can be used - * 3) selection will start with transport dataType and THEN go to "*" if needed - */ - transports = {}, - - // Avoid comment-prolog char sequence (#10098); must appease lint and evade compression - allTypes = "*/".concat( "*" ), - - // Anchor tag for parsing the document origin - originAnchor = document.createElement( "a" ); - originAnchor.href = location.href; - -// Base "constructor" for jQuery.ajaxPrefilter and jQuery.ajaxTransport -function addToPrefiltersOrTransports( structure ) { - - // dataTypeExpression is optional and defaults to "*" - return function( dataTypeExpression, func ) { - - if ( typeof dataTypeExpression !== "string" ) { - func = dataTypeExpression; - dataTypeExpression = "*"; - } - - var dataType, - i = 0, - dataTypes = dataTypeExpression.toLowerCase().match( rnothtmlwhite ) || []; - - if ( isFunction( func ) ) { - - // For each dataType in the dataTypeExpression - while ( ( dataType = dataTypes[ i++ ] ) ) { - - // Prepend if requested - if ( dataType[ 0 ] === "+" ) { - dataType = dataType.slice( 1 ) || "*"; - ( structure[ dataType ] = structure[ dataType ] || [] ).unshift( func ); - - // Otherwise append - } else { - ( structure[ dataType ] = structure[ dataType ] || [] ).push( func ); - } - } - } - }; -} - -// Base inspection function for prefilters and transports -function inspectPrefiltersOrTransports( structure, options, originalOptions, jqXHR ) { - - var inspected = {}, - seekingTransport = ( structure === transports ); - - function inspect( dataType ) { - var selected; - inspected[ dataType ] = true; - jQuery.each( structure[ dataType ] || [], function( _, prefilterOrFactory ) { - var dataTypeOrTransport = prefilterOrFactory( options, originalOptions, jqXHR ); - if ( typeof dataTypeOrTransport === "string" && - !seekingTransport && !inspected[ dataTypeOrTransport ] ) { - - options.dataTypes.unshift( dataTypeOrTransport ); - inspect( dataTypeOrTransport ); - return false; - } else if ( seekingTransport ) { - return !( selected = dataTypeOrTransport ); - } - } ); - return selected; - } - - return inspect( options.dataTypes[ 0 ] ) || !inspected[ "*" ] && inspect( "*" ); -} - -// A special extend for ajax options -// that takes "flat" options (not to be deep extended) -// Fixes #9887 -function ajaxExtend( target, src ) { - var key, deep, - flatOptions = jQuery.ajaxSettings.flatOptions || {}; - - for ( key in src ) { - if ( src[ key ] !== undefined ) { - ( flatOptions[ key ] ? target : ( deep || ( deep = {} ) ) )[ key ] = src[ key ]; - } - } - if ( deep ) { - jQuery.extend( true, target, deep ); - } - - return target; -} - -/* Handles responses to an ajax request: - * - finds the right dataType (mediates between content-type and expected dataType) - * - returns the corresponding response - */ -function ajaxHandleResponses( s, jqXHR, responses ) { - - var ct, type, finalDataType, firstDataType, - contents = s.contents, - dataTypes = s.dataTypes; - - // Remove auto dataType and get content-type in the process - while ( dataTypes[ 0 ] === "*" ) { - dataTypes.shift(); - if ( ct === undefined ) { - ct = s.mimeType || jqXHR.getResponseHeader( "Content-Type" ); - } - } - - // Check if we're dealing with a known content-type - if ( ct ) { - for ( type in contents ) { - if ( contents[ type ] && contents[ type ].test( ct ) ) { - dataTypes.unshift( type ); - break; - } - } - } - - // Check to see if we have a response for the expected dataType - if ( dataTypes[ 0 ] in responses ) { - finalDataType = dataTypes[ 0 ]; - } else { - - // Try convertible dataTypes - for ( type in responses ) { - if ( !dataTypes[ 0 ] || s.converters[ type + " " + dataTypes[ 0 ] ] ) { - finalDataType = type; - break; - } - if ( !firstDataType ) { - firstDataType = type; - } - } - - // Or just use first one - finalDataType = finalDataType || firstDataType; - } - - // If we found a dataType - // We add the dataType to the list if needed - // and return the corresponding response - if ( finalDataType ) { - if ( finalDataType !== dataTypes[ 0 ] ) { - dataTypes.unshift( finalDataType ); - } - return responses[ finalDataType ]; - } -} - -/* Chain conversions given the request and the original response - * Also sets the responseXXX fields on the jqXHR instance - */ -function ajaxConvert( s, response, jqXHR, isSuccess ) { - var conv2, current, conv, tmp, prev, - converters = {}, - - // Work with a copy of dataTypes in case we need to modify it for conversion - dataTypes = s.dataTypes.slice(); - - // Create converters map with lowercased keys - if ( dataTypes[ 1 ] ) { - for ( conv in s.converters ) { - converters[ conv.toLowerCase() ] = s.converters[ conv ]; - } - } - - current = dataTypes.shift(); - - // Convert to each sequential dataType - while ( current ) { - - if ( s.responseFields[ current ] ) { - jqXHR[ s.responseFields[ current ] ] = response; - } - - // Apply the dataFilter if provided - if ( !prev && isSuccess && s.dataFilter ) { - response = s.dataFilter( response, s.dataType ); - } - - prev = current; - current = dataTypes.shift(); - - if ( current ) { - - // There's only work to do if current dataType is non-auto - if ( current === "*" ) { - - current = prev; - - // Convert response if prev dataType is non-auto and differs from current - } else if ( prev !== "*" && prev !== current ) { - - // Seek a direct converter - conv = converters[ prev + " " + current ] || converters[ "* " + current ]; - - // If none found, seek a pair - if ( !conv ) { - for ( conv2 in converters ) { - - // If conv2 outputs current - tmp = conv2.split( " " ); - if ( tmp[ 1 ] === current ) { - - // If prev can be converted to accepted input - conv = converters[ prev + " " + tmp[ 0 ] ] || - converters[ "* " + tmp[ 0 ] ]; - if ( conv ) { - - // Condense equivalence converters - if ( conv === true ) { - conv = converters[ conv2 ]; - - // Otherwise, insert the intermediate dataType - } else if ( converters[ conv2 ] !== true ) { - current = tmp[ 0 ]; - dataTypes.unshift( tmp[ 1 ] ); - } - break; - } - } - } - } - - // Apply converter (if not an equivalence) - if ( conv !== true ) { - - // Unless errors are allowed to bubble, catch and return them - if ( conv && s.throws ) { - response = conv( response ); - } else { - try { - response = conv( response ); - } catch ( e ) { - return { - state: "parsererror", - error: conv ? e : "No conversion from " + prev + " to " + current - }; - } - } - } - } - } - } - - return { state: "success", data: response }; -} - -jQuery.extend( { - - // Counter for holding the number of active queries - active: 0, - - // Last-Modified header cache for next request - lastModified: {}, - etag: {}, - - ajaxSettings: { - url: location.href, - type: "GET", - isLocal: rlocalProtocol.test( location.protocol ), - global: true, - processData: true, - async: true, - contentType: "application/x-www-form-urlencoded; charset=UTF-8", - - /* - timeout: 0, - data: null, - dataType: null, - username: null, - password: null, - cache: null, - throws: false, - traditional: false, - headers: {}, - */ - - accepts: { - "*": allTypes, - text: "text/plain", - html: "text/html", - xml: "application/xml, text/xml", - json: "application/json, text/javascript" - }, - - contents: { - xml: /\bxml\b/, - html: /\bhtml/, - json: /\bjson\b/ - }, - - responseFields: { - xml: "responseXML", - text: "responseText", - json: "responseJSON" - }, - - // Data converters - // Keys separate source (or catchall "*") and destination types with a single space - converters: { - - // Convert anything to text - "* text": String, - - // Text to html (true = no transformation) - "text html": true, - - // Evaluate text as a json expression - "text json": JSON.parse, - - // Parse text as xml - "text xml": jQuery.parseXML - }, - - // For options that shouldn't be deep extended: - // you can add your own custom options here if - // and when you create one that shouldn't be - // deep extended (see ajaxExtend) - flatOptions: { - url: true, - context: true - } - }, - - // Creates a full fledged settings object into target - // with both ajaxSettings and settings fields. - // If target is omitted, writes into ajaxSettings. - ajaxSetup: function( target, settings ) { - return settings ? - - // Building a settings object - ajaxExtend( ajaxExtend( target, jQuery.ajaxSettings ), settings ) : - - // Extending ajaxSettings - ajaxExtend( jQuery.ajaxSettings, target ); - }, - - ajaxPrefilter: addToPrefiltersOrTransports( prefilters ), - ajaxTransport: addToPrefiltersOrTransports( transports ), - - // Main method - ajax: function( url, options ) { - - // If url is an object, simulate pre-1.5 signature - if ( typeof url === "object" ) { - options = url; - url = undefined; - } - - // Force options to be an object - options = options || {}; - - var transport, - - // URL without anti-cache param - cacheURL, - - // Response headers - responseHeadersString, - responseHeaders, - - // timeout handle - timeoutTimer, - - // Url cleanup var - urlAnchor, - - // Request state (becomes false upon send and true upon completion) - completed, - - // To know if global events are to be dispatched - fireGlobals, - - // Loop variable - i, - - // uncached part of the url - uncached, - - // Create the final options object - s = jQuery.ajaxSetup( {}, options ), - - // Callbacks context - callbackContext = s.context || s, - - // Context for global events is callbackContext if it is a DOM node or jQuery collection - globalEventContext = s.context && - ( callbackContext.nodeType || callbackContext.jquery ) ? - jQuery( callbackContext ) : - jQuery.event, - - // Deferreds - deferred = jQuery.Deferred(), - completeDeferred = jQuery.Callbacks( "once memory" ), - - // Status-dependent callbacks - statusCode = s.statusCode || {}, - - // Headers (they are sent all at once) - requestHeaders = {}, - requestHeadersNames = {}, - - // Default abort message - strAbort = "canceled", - - // Fake xhr - jqXHR = { - readyState: 0, - - // Builds headers hashtable if needed - getResponseHeader: function( key ) { - var match; - if ( completed ) { - if ( !responseHeaders ) { - responseHeaders = {}; - while ( ( match = rheaders.exec( responseHeadersString ) ) ) { - responseHeaders[ match[ 1 ].toLowerCase() + " " ] = - ( responseHeaders[ match[ 1 ].toLowerCase() + " " ] || [] ) - .concat( match[ 2 ] ); - } - } - match = responseHeaders[ key.toLowerCase() + " " ]; - } - return match == null ? null : match.join( ", " ); - }, - - // Raw string - getAllResponseHeaders: function() { - return completed ? responseHeadersString : null; - }, - - // Caches the header - setRequestHeader: function( name, value ) { - if ( completed == null ) { - name = requestHeadersNames[ name.toLowerCase() ] = - requestHeadersNames[ name.toLowerCase() ] || name; - requestHeaders[ name ] = value; - } - return this; - }, - - // Overrides response content-type header - overrideMimeType: function( type ) { - if ( completed == null ) { - s.mimeType = type; - } - return this; - }, - - // Status-dependent callbacks - statusCode: function( map ) { - var code; - if ( map ) { - if ( completed ) { - - // Execute the appropriate callbacks - jqXHR.always( map[ jqXHR.status ] ); - } else { - - // Lazy-add the new callbacks in a way that preserves old ones - for ( code in map ) { - statusCode[ code ] = [ statusCode[ code ], map[ code ] ]; - } - } - } - return this; - }, - - // Cancel the request - abort: function( statusText ) { - var finalText = statusText || strAbort; - if ( transport ) { - transport.abort( finalText ); - } - done( 0, finalText ); - return this; - } - }; - - // Attach deferreds - deferred.promise( jqXHR ); - - // Add protocol if not provided (prefilters might expect it) - // Handle falsy url in the settings object (#10093: consistency with old signature) - // We also use the url parameter if available - s.url = ( ( url || s.url || location.href ) + "" ) - .replace( rprotocol, location.protocol + "//" ); - - // Alias method option to type as per ticket #12004 - s.type = options.method || options.type || s.method || s.type; - - // Extract dataTypes list - s.dataTypes = ( s.dataType || "*" ).toLowerCase().match( rnothtmlwhite ) || [ "" ]; - - // A cross-domain request is in order when the origin doesn't match the current origin. - if ( s.crossDomain == null ) { - urlAnchor = document.createElement( "a" ); - - // Support: IE <=8 - 11, Edge 12 - 15 - // IE throws exception on accessing the href property if url is malformed, - // e.g. http://example.com:80x/ - try { - urlAnchor.href = s.url; - - // Support: IE <=8 - 11 only - // Anchor's host property isn't correctly set when s.url is relative - urlAnchor.href = urlAnchor.href; - s.crossDomain = originAnchor.protocol + "//" + originAnchor.host !== - urlAnchor.protocol + "//" + urlAnchor.host; - } catch ( e ) { - - // If there is an error parsing the URL, assume it is crossDomain, - // it can be rejected by the transport if it is invalid - s.crossDomain = true; - } - } - - // Convert data if not already a string - if ( s.data && s.processData && typeof s.data !== "string" ) { - s.data = jQuery.param( s.data, s.traditional ); - } - - // Apply prefilters - inspectPrefiltersOrTransports( prefilters, s, options, jqXHR ); - - // If request was aborted inside a prefilter, stop there - if ( completed ) { - return jqXHR; - } - - // We can fire global events as of now if asked to - // Don't fire events if jQuery.event is undefined in an AMD-usage scenario (#15118) - fireGlobals = jQuery.event && s.global; - - // Watch for a new set of requests - if ( fireGlobals && jQuery.active++ === 0 ) { - jQuery.event.trigger( "ajaxStart" ); - } - - // Uppercase the type - s.type = s.type.toUpperCase(); - - // Determine if request has content - s.hasContent = !rnoContent.test( s.type ); - - // Save the URL in case we're toying with the If-Modified-Since - // and/or If-None-Match header later on - // Remove hash to simplify url manipulation - cacheURL = s.url.replace( rhash, "" ); - - // More options handling for requests with no content - if ( !s.hasContent ) { - - // Remember the hash so we can put it back - uncached = s.url.slice( cacheURL.length ); - - // If data is available and should be processed, append data to url - if ( s.data && ( s.processData || typeof s.data === "string" ) ) { - cacheURL += ( rquery.test( cacheURL ) ? "&" : "?" ) + s.data; - - // #9682: remove data so that it's not used in an eventual retry - delete s.data; - } - - // Add or update anti-cache param if needed - if ( s.cache === false ) { - cacheURL = cacheURL.replace( rantiCache, "$1" ); - uncached = ( rquery.test( cacheURL ) ? "&" : "?" ) + "_=" + ( nonce.guid++ ) + - uncached; - } - - // Put hash and anti-cache on the URL that will be requested (gh-1732) - s.url = cacheURL + uncached; - - // Change '%20' to '+' if this is encoded form body content (gh-2658) - } else if ( s.data && s.processData && - ( s.contentType || "" ).indexOf( "application/x-www-form-urlencoded" ) === 0 ) { - s.data = s.data.replace( r20, "+" ); - } - - // Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode. - if ( s.ifModified ) { - if ( jQuery.lastModified[ cacheURL ] ) { - jqXHR.setRequestHeader( "If-Modified-Since", jQuery.lastModified[ cacheURL ] ); - } - if ( jQuery.etag[ cacheURL ] ) { - jqXHR.setRequestHeader( "If-None-Match", jQuery.etag[ cacheURL ] ); - } - } - - // Set the correct header, if data is being sent - if ( s.data && s.hasContent && s.contentType !== false || options.contentType ) { - jqXHR.setRequestHeader( "Content-Type", s.contentType ); - } - - // Set the Accepts header for the server, depending on the dataType - jqXHR.setRequestHeader( - "Accept", - s.dataTypes[ 0 ] && s.accepts[ s.dataTypes[ 0 ] ] ? - s.accepts[ s.dataTypes[ 0 ] ] + - ( s.dataTypes[ 0 ] !== "*" ? ", " + allTypes + "; q=0.01" : "" ) : - s.accepts[ "*" ] - ); - - // Check for headers option - for ( i in s.headers ) { - jqXHR.setRequestHeader( i, s.headers[ i ] ); - } - - // Allow custom headers/mimetypes and early abort - if ( s.beforeSend && - ( s.beforeSend.call( callbackContext, jqXHR, s ) === false || completed ) ) { - - // Abort if not done already and return - return jqXHR.abort(); - } - - // Aborting is no longer a cancellation - strAbort = "abort"; - - // Install callbacks on deferreds - completeDeferred.add( s.complete ); - jqXHR.done( s.success ); - jqXHR.fail( s.error ); - - // Get transport - transport = inspectPrefiltersOrTransports( transports, s, options, jqXHR ); - - // If no transport, we auto-abort - if ( !transport ) { - done( -1, "No Transport" ); - } else { - jqXHR.readyState = 1; - - // Send global event - if ( fireGlobals ) { - globalEventContext.trigger( "ajaxSend", [ jqXHR, s ] ); - } - - // If request was aborted inside ajaxSend, stop there - if ( completed ) { - return jqXHR; - } - - // Timeout - if ( s.async && s.timeout > 0 ) { - timeoutTimer = window.setTimeout( function() { - jqXHR.abort( "timeout" ); - }, s.timeout ); - } - - try { - completed = false; - transport.send( requestHeaders, done ); - } catch ( e ) { - - // Rethrow post-completion exceptions - if ( completed ) { - throw e; - } - - // Propagate others as results - done( -1, e ); - } - } - - // Callback for when everything is done - function done( status, nativeStatusText, responses, headers ) { - var isSuccess, success, error, response, modified, - statusText = nativeStatusText; - - // Ignore repeat invocations - if ( completed ) { - return; - } - - completed = true; - - // Clear timeout if it exists - if ( timeoutTimer ) { - window.clearTimeout( timeoutTimer ); - } - - // Dereference transport for early garbage collection - // (no matter how long the jqXHR object will be used) - transport = undefined; - - // Cache response headers - responseHeadersString = headers || ""; - - // Set readyState - jqXHR.readyState = status > 0 ? 4 : 0; - - // Determine if successful - isSuccess = status >= 200 && status < 300 || status === 304; - - // Get response data - if ( responses ) { - response = ajaxHandleResponses( s, jqXHR, responses ); - } - - // Use a noop converter for missing script - if ( !isSuccess && jQuery.inArray( "script", s.dataTypes ) > -1 ) { - s.converters[ "text script" ] = function() {}; - } - - // Convert no matter what (that way responseXXX fields are always set) - response = ajaxConvert( s, response, jqXHR, isSuccess ); - - // If successful, handle type chaining - if ( isSuccess ) { - - // Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode. - if ( s.ifModified ) { - modified = jqXHR.getResponseHeader( "Last-Modified" ); - if ( modified ) { - jQuery.lastModified[ cacheURL ] = modified; - } - modified = jqXHR.getResponseHeader( "etag" ); - if ( modified ) { - jQuery.etag[ cacheURL ] = modified; - } - } - - // if no content - if ( status === 204 || s.type === "HEAD" ) { - statusText = "nocontent"; - - // if not modified - } else if ( status === 304 ) { - statusText = "notmodified"; - - // If we have data, let's convert it - } else { - statusText = response.state; - success = response.data; - error = response.error; - isSuccess = !error; - } - } else { - - // Extract error from statusText and normalize for non-aborts - error = statusText; - if ( status || !statusText ) { - statusText = "error"; - if ( status < 0 ) { - status = 0; - } - } - } - - // Set data for the fake xhr object - jqXHR.status = status; - jqXHR.statusText = ( nativeStatusText || statusText ) + ""; - - // Success/Error - if ( isSuccess ) { - deferred.resolveWith( callbackContext, [ success, statusText, jqXHR ] ); - } else { - deferred.rejectWith( callbackContext, [ jqXHR, statusText, error ] ); - } - - // Status-dependent callbacks - jqXHR.statusCode( statusCode ); - statusCode = undefined; - - if ( fireGlobals ) { - globalEventContext.trigger( isSuccess ? "ajaxSuccess" : "ajaxError", - [ jqXHR, s, isSuccess ? success : error ] ); - } - - // Complete - completeDeferred.fireWith( callbackContext, [ jqXHR, statusText ] ); - - if ( fireGlobals ) { - globalEventContext.trigger( "ajaxComplete", [ jqXHR, s ] ); - - // Handle the global AJAX counter - if ( !( --jQuery.active ) ) { - jQuery.event.trigger( "ajaxStop" ); - } - } - } - - return jqXHR; - }, - - getJSON: function( url, data, callback ) { - return jQuery.get( url, data, callback, "json" ); - }, - - getScript: function( url, callback ) { - return jQuery.get( url, undefined, callback, "script" ); - } -} ); - -jQuery.each( [ "get", "post" ], function( _i, method ) { - jQuery[ method ] = function( url, data, callback, type ) { - - // Shift arguments if data argument was omitted - if ( isFunction( data ) ) { - type = type || callback; - callback = data; - data = undefined; - } - - // The url can be an options object (which then must have .url) - return jQuery.ajax( jQuery.extend( { - url: url, - type: method, - dataType: type, - data: data, - success: callback - }, jQuery.isPlainObject( url ) && url ) ); - }; -} ); - -jQuery.ajaxPrefilter( function( s ) { - var i; - for ( i in s.headers ) { - if ( i.toLowerCase() === "content-type" ) { - s.contentType = s.headers[ i ] || ""; - } - } -} ); - - -jQuery._evalUrl = function( url, options, doc ) { - return jQuery.ajax( { - url: url, - - // Make this explicit, since user can override this through ajaxSetup (#11264) - type: "GET", - dataType: "script", - cache: true, - async: false, - global: false, - - // Only evaluate the response if it is successful (gh-4126) - // dataFilter is not invoked for failure responses, so using it instead - // of the default converter is kludgy but it works. - converters: { - "text script": function() {} - }, - dataFilter: function( response ) { - jQuery.globalEval( response, options, doc ); - } - } ); -}; - - -jQuery.fn.extend( { - wrapAll: function( html ) { - var wrap; - - if ( this[ 0 ] ) { - if ( isFunction( html ) ) { - html = html.call( this[ 0 ] ); - } - - // The elements to wrap the target around - wrap = jQuery( html, this[ 0 ].ownerDocument ).eq( 0 ).clone( true ); - - if ( this[ 0 ].parentNode ) { - wrap.insertBefore( this[ 0 ] ); - } - - wrap.map( function() { - var elem = this; - - while ( elem.firstElementChild ) { - elem = elem.firstElementChild; - } - - return elem; - } ).append( this ); - } - - return this; - }, - - wrapInner: function( html ) { - if ( isFunction( html ) ) { - return this.each( function( i ) { - jQuery( this ).wrapInner( html.call( this, i ) ); - } ); - } - - return this.each( function() { - var self = jQuery( this ), - contents = self.contents(); - - if ( contents.length ) { - contents.wrapAll( html ); - - } else { - self.append( html ); - } - } ); - }, - - wrap: function( html ) { - var htmlIsFunction = isFunction( html ); - - return this.each( function( i ) { - jQuery( this ).wrapAll( htmlIsFunction ? html.call( this, i ) : html ); - } ); - }, - - unwrap: function( selector ) { - this.parent( selector ).not( "body" ).each( function() { - jQuery( this ).replaceWith( this.childNodes ); - } ); - return this; - } -} ); - - -jQuery.expr.pseudos.hidden = function( elem ) { - return !jQuery.expr.pseudos.visible( elem ); -}; -jQuery.expr.pseudos.visible = function( elem ) { - return !!( elem.offsetWidth || elem.offsetHeight || elem.getClientRects().length ); -}; - - - - -jQuery.ajaxSettings.xhr = function() { - try { - return new window.XMLHttpRequest(); - } catch ( e ) {} -}; - -var xhrSuccessStatus = { - - // File protocol always yields status code 0, assume 200 - 0: 200, - - // Support: IE <=9 only - // #1450: sometimes IE returns 1223 when it should be 204 - 1223: 204 - }, - xhrSupported = jQuery.ajaxSettings.xhr(); - -support.cors = !!xhrSupported && ( "withCredentials" in xhrSupported ); -support.ajax = xhrSupported = !!xhrSupported; - -jQuery.ajaxTransport( function( options ) { - var callback, errorCallback; - - // Cross domain only allowed if supported through XMLHttpRequest - if ( support.cors || xhrSupported && !options.crossDomain ) { - return { - send: function( headers, complete ) { - var i, - xhr = options.xhr(); - - xhr.open( - options.type, - options.url, - options.async, - options.username, - options.password - ); - - // Apply custom fields if provided - if ( options.xhrFields ) { - for ( i in options.xhrFields ) { - xhr[ i ] = options.xhrFields[ i ]; - } - } - - // Override mime type if needed - if ( options.mimeType && xhr.overrideMimeType ) { - xhr.overrideMimeType( options.mimeType ); - } - - // X-Requested-With header - // For cross-domain requests, seeing as conditions for a preflight are - // akin to a jigsaw puzzle, we simply never set it to be sure. - // (it can always be set on a per-request basis or even using ajaxSetup) - // For same-domain requests, won't change header if already provided. - if ( !options.crossDomain && !headers[ "X-Requested-With" ] ) { - headers[ "X-Requested-With" ] = "XMLHttpRequest"; - } - - // Set headers - for ( i in headers ) { - xhr.setRequestHeader( i, headers[ i ] ); - } - - // Callback - callback = function( type ) { - return function() { - if ( callback ) { - callback = errorCallback = xhr.onload = - xhr.onerror = xhr.onabort = xhr.ontimeout = - xhr.onreadystatechange = null; - - if ( type === "abort" ) { - xhr.abort(); - } else if ( type === "error" ) { - - // Support: IE <=9 only - // On a manual native abort, IE9 throws - // errors on any property access that is not readyState - if ( typeof xhr.status !== "number" ) { - complete( 0, "error" ); - } else { - complete( - - // File: protocol always yields status 0; see #8605, #14207 - xhr.status, - xhr.statusText - ); - } - } else { - complete( - xhrSuccessStatus[ xhr.status ] || xhr.status, - xhr.statusText, - - // Support: IE <=9 only - // IE9 has no XHR2 but throws on binary (trac-11426) - // For XHR2 non-text, let the caller handle it (gh-2498) - ( xhr.responseType || "text" ) !== "text" || - typeof xhr.responseText !== "string" ? - { binary: xhr.response } : - { text: xhr.responseText }, - xhr.getAllResponseHeaders() - ); - } - } - }; - }; - - // Listen to events - xhr.onload = callback(); - errorCallback = xhr.onerror = xhr.ontimeout = callback( "error" ); - - // Support: IE 9 only - // Use onreadystatechange to replace onabort - // to handle uncaught aborts - if ( xhr.onabort !== undefined ) { - xhr.onabort = errorCallback; - } else { - xhr.onreadystatechange = function() { - - // Check readyState before timeout as it changes - if ( xhr.readyState === 4 ) { - - // Allow onerror to be called first, - // but that will not handle a native abort - // Also, save errorCallback to a variable - // as xhr.onerror cannot be accessed - window.setTimeout( function() { - if ( callback ) { - errorCallback(); - } - } ); - } - }; - } - - // Create the abort callback - callback = callback( "abort" ); - - try { - - // Do send the request (this may raise an exception) - xhr.send( options.hasContent && options.data || null ); - } catch ( e ) { - - // #14683: Only rethrow if this hasn't been notified as an error yet - if ( callback ) { - throw e; - } - } - }, - - abort: function() { - if ( callback ) { - callback(); - } - } - }; - } -} ); - - - - -// Prevent auto-execution of scripts when no explicit dataType was provided (See gh-2432) -jQuery.ajaxPrefilter( function( s ) { - if ( s.crossDomain ) { - s.contents.script = false; - } -} ); - -// Install script dataType -jQuery.ajaxSetup( { - accepts: { - script: "text/javascript, application/javascript, " + - "application/ecmascript, application/x-ecmascript" - }, - contents: { - script: /\b(?:java|ecma)script\b/ - }, - converters: { - "text script": function( text ) { - jQuery.globalEval( text ); - return text; - } - } -} ); - -// Handle cache's special case and crossDomain -jQuery.ajaxPrefilter( "script", function( s ) { - if ( s.cache === undefined ) { - s.cache = false; - } - if ( s.crossDomain ) { - s.type = "GET"; - } -} ); - -// Bind script tag hack transport -jQuery.ajaxTransport( "script", function( s ) { - - // This transport only deals with cross domain or forced-by-attrs requests - if ( s.crossDomain || s.scriptAttrs ) { - var script, callback; - return { - send: function( _, complete ) { - script = jQuery( " - - - - About — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

About

-Netmaker Architecture Diagram - -

What is Netmaker?

-

Netmaker is a tool for creating and managing virtual overlay networks. If you have at least two machines with internet access which you need to connect with a secure tunnel, Netmaker is for you. If you have thousands of servers spread across multiple locations, data centers, or clouds, Netmaker is also for you. Netmaker connects machines securely, wherever they are.

-WireGuard Mesh -

Netmaker takes those machines and creates a flat network so that they can all talk to each other easily and securely. -If you’re familiar with AWS, it’s like a VPC but made up of arbitrary computers. From the machine’s perspective, all these other machines are in the same neighborhood, even if they’re spread all over the world.

-

Netmaker has many similarities to Tailscale, ZeroTier, and Nebula. What makes Netmaker different is its speed and flexibility. Netmaker is faster because it uses kernel WireGuard. It is more dynamic because the server and agents are fully configurable, which lets you handle all sorts of different use cases.

- - -

How Does Netmaker Work?

-

Netmaker relies on WireGuard to create tunnels between machines. At its core, Netmaker is managing WireGuard across machines to create sensible networks. Technically, Netmaker is two things:

-
    -

  • the admin server, called Netmaker

    • -

  • the agent, called Netclient

    • -
-

As the network manager, you interact with the server to create and manage networks and devices. The server holds configurations for these networks and devices, which are retrieved by the netclients (agent). The server runs an MQTT (message queue) broker for client-server communication.

-

The netclient is installed on any machine you would like to add to a given network, whether that machine is a VM, Server, or IoT device. The netclient subscribes to the server’s MQ broker, and the server tells it how it should configure WireGuard. The client will let the server know when any local changes should be pushed out to the other clients. By doing this across many machines simultaneously, we create a dynamic, fully configurable virtual networks.

-

The Netmaker server does not typically route traffic. Otherwise, this would be a hub-and-spoke model, which is very slow. Instead, Netmaker just tells the machines on the network how they can reach each other directly. This is called a full mesh network and is much faster. Even if the server goes down, as long as none of the existing machines change substantially, your network will still run just fine.

- - -

Use Cases for Netmaker

-

There are many use cases for Netmaker. In fact, you could probably be using it right now. This list is not all-encompassing, but provides a sample of how you might want to use Netmaker. Guided setup for many of these use cases can be found in the Using Netmaker documentation.

-
-
    -

  1. Automate creation of a WireGuard mesh network

    2. -

  2. Create a flat, secure network between cloud environments and data centers

    3. -

  3. Provide secure access to IoT devices, remote servers, and client sites.

    4. -

  4. Secure a home or office network

    5. -

  5. Add a layer of encryption to an existing network

    6. -

  6. Secure site-to-site connections

    7. -

  7. Manage cryptocurrency proof-of-stake machines

    8. -

  8. Create a dynamic and secure Kubernetes underlay network

    9. -
-
- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/api.html b/docs/_build/html/api.html deleted file mode 100644 index 1f56a202..00000000 --- a/docs/_build/html/api.html +++ /dev/null @@ -1,681 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - API Reference — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

API Reference

- -

API Usage

-

Most actions that can be performed via API can be performed via UI. We recommend managing your networks using the official netmaker-ui project. However, Netmaker can also be run without the UI, and all functions can be achieved via API calls. If your use case requires using Netmaker without the UI or you need to do some troubleshooting/advanced configuration, using the API directly may help.

- - -

Authentication

-

API calls must be authenticated via a header of the format -H “Authorization: Bearer <YOUR_SECRET_KEY>” There are two methods to obtain YOUR_SECRET_KEY: -1. Using the masterkey. By default, this value is “secret key,” but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details. -2. Using a JWT received for a node. This can be retrieved by calling the /api/nodes/<network>/authenticate endpoint, as documented below.

- - -

Format of Calls for Curl

-

Requests take the format of

-
curl -H "Authorization: Bearer <YOUR_SECRET_KEY>" -H 'Content-Type: application/json' localhost:8081/api/path/to/endpoint
-
-
- - -

API Documentation

- -

Networks API

-

Get All Networks: /api/networks, GET

-

Create Network: /api/network, POST

-

Get Network: /api/networks/{network id}, GET

-

Update Network: /api/networks/{network id}, PUT

-

Delete Network: /api/networks/{network id}, DELETE

-

Cycle PublicKeys on all Nodes: /api/networks/{network id}/keyupdate, POST

- - -

Networks API Call Examples

-
Get All Networks: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks | jq
-
-Create Network: curl -d '{"addressrange":"10.70.0.0/16","netid":"skynet"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks
-
-Get Network: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet | jq
-
-Update Network: curl -X PUT -d '{"displayname":"my-house"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet
-
-Delete Network: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet
-
-Cycle PublicKeys on all Nodes: curl -X POST -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keyupdate
-
-
- - -

Access Keys API

-

Get All Keys: /api/networks/{network id}/keys, GET

-

Create Key: /api/networks/{network id}/keys, GET

-

Delete Key: /api/networks/{network id}/keys/{keyname}, DELETE

- - -

Access Keys API Call Examples

-
Get All Keys: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys | jq
-
-Create Key: curl -d '{"uses":10,"name":"mykey"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet/keys
-
-Delete Key: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys/mykey
-
-
- - -

Nodes API

-

Get All Nodes: /api/nodes, GET

-

Get Network Nodes: /api/nodes/{network id}, GET

-

Create Node: /api/nodes/{network id}, POST

-

Get Node: /api/nodes/{network id}/{macaddress}, GET

-

Update Node: /api/nodes/{network id}/{macaddress}, PUT

-

Delete Node: /api/nodes/{network id}/{macaddress}, DELETE

-

Check In Node: /api/nodes/{network id}/{macaddress}/checkin, POST

-

Create a Gateway: /api/nodes/{network id}/{macaddress}/creategateway, POST

-

Delete a Gateway: /api/nodes/{network id}/{macaddress}/deletegateway, DELETE

-

Uncordon (Approve) a Pending Node: /api/nodes/{network id}/{macaddress}/uncordon, POST

-

Get Last Modified Date (Last Modified Node in Network): /api/nodes/adm/{network id}/lastmodified, GET

-

Authenticate: /api/nodes/adm/{network id}/authenticate, POST

- - -

Nodes API Call Examples

-
Get All Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes | jq
-
-Get Network Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet | jq
-
-Create Node: curl  -d  '{ "endpoint": 100.200.100.200, "publickey": aorijqalrik3ajflaqrdajhkr,"macaddress": "8c:90:b5:06:f1:d9","password": "reallysecret","localaddress": "172.16.16.1","accesskey": "aA3bVG0rnItIRXDx","listenport": 6400}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet
-
-Get Node: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet/{macaddress} | jq
-
-Update Node: curl -X PUT -d '{"name":"laptop1"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9
-
-Delete Node: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/skynet/nodes/8c:90:b5:06:f1:d9
-
-Create a Gateway: curl  -d  '{ "rangestring": "172.31.0.0/16", "interface": "eth0"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/creategateway
-
-Delete a Gateway: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/deletegateway
-
-Approve a Pending Node: curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/approve
-
-Get Last Modified Date (Last Modified Node in Network): curl -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/adm/skynet/lastmodified
-
-Authenticate: curl -d  '{"macaddress": "8c:90:b5:06:f1:d9", "password": "YOUR_PASSWORD"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate
-
-
- - -

Users API

-

Note: Only able to create Admin user at this time. The “user” is only used by the user interface to authenticate the single admin user.

-

Get User: /api/users/{username}, GET

-

Update User: /api/users/{username}, PUT

-

Delete User: /api/users/{username}, DELETE

-

Check for Admin User: /api/users/adm/hasadmin, GET

-

Create Admin User: /api/users/adm/createadmin, POST

-

Authenticate: /api/users/adm/authenticate, POST

- - -

Users API Calls Examples

-
Get User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/{username} | jq
-
-Update User: curl -X PUT -d '{"password":"noonewillguessthis"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username}
-
-Delete User: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username}
-
-Check for Admin User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/adm/hasadmin
-
-Create Admin User: curl -d '{ "username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/adm/createadmin
-
-Authenticate: curl -d  '{"username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate
-
-
- - -

Server Management API

-

The Server Mgmt. API allows you to add and remove the server from networks.

-

Add to Network: /api/server/addnetwork/{network id}, POST

-

Remove from Network: /api/server/removenetwork/{network id}, DELETE

-

Add to Network: curl -X POST -H “authorization: Bearer YOUR_SECRET_KEY” localhost:8081/api/server/addnetwork/{network id}

-

Remove from Network: curl -X DELETE -H “authorization: Bearer YOUR_SECRET_KEY” localhost:8081/api/server/removenetwork/{network id}

- - -

File Server API

-

Get File: /meshclient/files/{filename}, GET

-

Example: curl localhost:8081/meshclient/files/meshclient

- - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/architecture.html b/docs/_build/html/architecture.html deleted file mode 100644 index 2b89c49d..00000000 --- a/docs/_build/html/architecture.html +++ /dev/null @@ -1,712 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Architecture — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Architecture

-Netmaker Architecture Diagram -

Pictured Above: A detailed diagram of Netmaker’s Architecture.

- -

Core Concepts

-

Familiarity with several core concepts will help when you encounter them later on in the documentation.

- -

WireGuard

-

WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the WireGuard website, “it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.”

-

Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunneling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no significant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.

- - -

Mesh Network

-

When we refer to a mesh network in these documents we are typically referring to a “full mesh.”

-Full Mesh Network Diagram -

A full mesh network exists where each machine is able to directly talk to every other machine on the network. For example, on your home network, behind your router, all the computers are likely given private addresses and can reach each other directly.

-

This is in contrast to a hub-and-spoke network, where each machine must first pass its traffic through a relay server before it can reach other machines.

-

In certain situations you may either want or need a partial mesh network, where only some devices can reach each other directly, and other devices must route their traffic through a relay/gateway. Netmaker can use this model in some use cases where it makes sense. In the diagram at the top of this page, the setup is a partial mesh, because the servers (nodes A-D) are meshed, but then external clients come in via a gateway, and are not meshed.

-

Mesh networks are generally faster than other topologies, but are also more complicated to set up. WireGuard on its own gives you the means to create encrypted tunnels between devices, but it does not provide a method for setting up a full network. This is where Netmaker comes in.

- - -

Netmaker

-

Netmaker is a platform built off of WireGuard which enables users to create mesh networks between their devices. Netmaker can create both full and partial mesh networks depending on the use case.

-

When we refer to Netmaker in aggregate, we are typically referring to Netmaker and the netclient, as well as other supporting services such as CoreDNS, rqlite, and UI webserver. There is also almost always a proxy server / LB, which is typically Caddy.

-

From an end user perspective, they typically interact with the Netmaker UI, or even just run the install script for the netclient on their devices. The other components run in the background invisibly.

-

Netmaker does a lot of work to set configurations for you, so that you don’t have to. This includes things like WireGuard ports, endpoints, public IPs, keys, and peers. Netmaker works to abstract away as much of the network management as possible, so that you can just click to create a network, and click to add a machine to a network. That said, every machine (node) is different, and may require special configuration. That is why, while Netmaker sets practical default settings, everything within Netmaker is fully configurable.

- - -

Node

-

A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and receive traffic from all of the other nodes.

- - -

SystemD

-

SystemD is a system service manager for a wide array of Linux operating systems. Not all Linux distributions have adopted systemd, but, for better or worse, it has become a fairly common standard in the Linux world. That said, any non-Linux operating system will not have systemd, and many Linux/Unix distributionshave alternative system service managers.

-

Netmaker’s netclient, the agent which controls networking on all nodes, can be run as a CLI or as a system daemon. On Linux, it runs as a daemon by default, and this requires systemd. As Netmaker evolves, systemd will become just one of the possible service management options, allowing the netclient to be run on a wider array of devices. However, for the time being, the netclient should be run “unmanaged” (netclient join -daemon=off) on systems that do not run systemd, and some other method can be used like a cron job or custom script.

-

As of 0.8, Mac and Windows are supported. On these operating systems, netclient launches the daemon using LaunchD and Windows Service, respectively, as opposed to SystemD.

- - - -

Components

-

Netmaker consists of several core components, which are explained in high-level technical detail below.

- -

Netmaker Server

-

The Netmaker server is, at its core, a golang binary. Source code can be found on GitHub. The binary, by itself can be compiled for most systems. If you need to run the Netmaker server on a particular system, it likely can be made to work. In typical deployments, it is run as a Docker container. It can also be run as a systemd service as outlined in the non-docker install guide.

-

The Netmaker server acts as an API to the front end, and as a GRPC server to the machines in the network. GRPC is much faster and more efficient than standard API calls, which increases the speed of transactions. For this reason, the Netmaker server exposes two ports: The default for the API is 8081, and the default for GRPC is 50051. Either the API or the GRPC server can be disabled on any given Netmaker instance, allowing you to deploy two different servers for managing the API (which is largely for the admin’s use) and GRPC (which is largely for the nodes’ use).

-

Most server settings are configurable via a config file, or by environment variables (which take precedence). If the server finds neither of these, it sets sensible defaults, including things like the server’s reachable IP, ports, and which “modes” to run in.

-

These modes include client mode and dns mode. Either of these can be disabled but are enabled by default. Client mode allows you to treat the Netmaker host machine (operating system) as a network Node, installing the netclient and controlling the host network. DNS mode has the server write config settings for CoreDNS, a separate component and nameserver, which picks up the config settings to manage node DNS.

-

The Netmaker server interacts with either sqlite (default), postgres, or rqlite, a distributed version of sqlite, as its database. This DB holds information about nodes, networks, users, and other important data. This data is configuration data. For the most part, Netmaker serves configuration data to Nodes, telling them how they should configure themselves. The Netclient is the agent that actually does that configuration.

-

The components of the server are usually proxied via Caddy, or an alternative like Nginx and Traefik. The proxy handles SSL certificates to secure traffic, and routes to the UI, API, and gRPC server.

- - -

Netclient

-

The netclient is, at its core, a golang binary. Source code can be found in the netclient folder of the Netmaker GitHub Repository. The binary, by itself, can be compiled for most systems. However, this binary is designed to manage a certain number of Operating Systems. As of version 0.8, the netclient can be run as a system daemon on linux distributions with systemd, or as an “unmanaged” client on distributions without systemd. The netclient for Windows and Mac will run as a Windows Service or LaunchDaemon, respectively.

-

The netclient is installed via a simple bash script, which pulls the latest binary and runs ‘register’ and ‘join’ commands.

-

The ‘register’ command adds a WireGuard tunnel directly to the netmaker server, for all subsequent communication.

-

The ‘join’ command attempts to add the machine to the Netmaker network using sensible defaults, which can be overridden with a config file or environment variables. Assuming the netclient has a valid key (or the network allows manual node signup), it will be registered into the Netmaker network, and will be returned necessary configuration details for how to set up its local network.

-

The netclient then sets up the system daemon (if running in daemon mode), and configures WireGuard. At this point it should be part of the network.

-

If running in daemon mode, the node subscribes to the MQTT server running with Netmaker, which will send it periodic updates when the network changes. The node will also detect local changes and send them to the server. Any change in configuration will lead to a network update to keep everything in sync. If the node is not running with the in daemon on, it is up to the operator to keep the netclient up-to-date by running regular “pulls” (netclient pull).

-

This pub-sub system allows Netmaker to create dynamic mesh networks. As nodes are added to, removed from, and modified on the network, other nodes are notified, and make appropriate changes.

- - -

Database (sqlite, rqlite, postgres)

-

As of v0.8, Netmaker uses sqlite by default as a database. It can also use PostgreSQL, or rqlite, a distributed (RAFT consensus) database. Netmaker interacts with this database to store and retrieve information about nodes, networks, and users.

-

Additional database support (besides sqlite and rqlite) is very easy to implement for special use cases. Netmaker uses simple key value lookups to run the networks, and the database was designed to be extensible, so support for key-value stores and other SQL-based databases can be achieved by changing a single file.

- - -

Netmaker UI

-

The Netmaker UI is a ReactJS-based static website which can be run on top of standard webservers such as Apache and Nginx. Source code can be found here. In a typical configuration, the Netmaker UI is run on Nginx as a Docker container.

-

Netmaker can be used in its entirety without the UI, but the UI makes things a lot easier for most users. It has a sensible flow and layout for managing Networks, Nodes, Access Keys, and DNS.

- - -

CoreDNS

-

Netmaker allows users to provide and manage Private DNS for their nodes. This requires a nameserver, and CoreDNS is the chosen nameserver. CoreDNS is lightweight and extensible. CoreDNS loads dns settings from a simple file, managed by Netmaker, and serves out DNS info for managed nodes. DNS can be tricky, and DNS management is currently only supported on a small set of devices, specifically those running systemd-resolved. However, the Netmaker CoreDNS instance can be added manually as a nameserver to other devices. DNS mode can also be turned off.

- - -

Caddy

-

Caddy is the default proxy for Netmaker if you set it up via Quick Start. Caddy is an extremely simple and docker-friendly proxy, which can be compared to Nginx, Traefik, or HAProxy. We use Caddy by default because of the ease of management, and integration with gRPC. A typical setup for Nginx might take dozens of lines of code, and we need to request and manage SSL certificates separately.

-

Caddy handles all these things automatically in very few lines of code. You can see our default “Caddyfile” here, which is fed to the container and has all the configuration necessary to configure the proxy for our app:

-

https://github.com/gravitl/netmaker/blob/master/docker/Caddyfile

- - -

Mosquitto Broker (MQTT)

-

The Moquitto broker is the default MQTT broker that ships with Netmaker, though technically, any MQTT broker should work so long as the correct configuration is applied. The broker enables the establishment of a pub-sub messaging system, whereby clients subscribe to recieve updates. When the server recieves a change (via API/UI/gRPC), it will publish that change to the broker that pushes out the change to the appropriate nodes. In Netmaker, the messages are double encrypted. Once by Golang, and again by sending all messages over a WireGuard tunnel.

- - -

External Client

-

The external client is simply a manually configured WireGuard connection to your network, which Netmaker helps to manage.

-

Most machines can run WireGuard. It is fairly simple to set up a WireGuard connection to a single endpoint. It is setting up mesh networks and other topologies like site-to-site which becomes complicated.

-

Mac, Windows, and Linux are handled natively by the Netclient.

-

Netmaker can issue “external clients” to handle any devices which are not currently compatible with the netclient, including iPhone, Android, and some Unix distributions. Over time, this list will be eliminated and there may not even be a need for the external client.

-

External clients hook into a Netmaker network via an “Ingress Gateway,” which is configured for a given node and allows traffic to flow into the network.

- - - -

Technical Process

-

Below is a high level, step-by-step overview of the flow of communications within Netmaker (assuming Netmaker has already been installed):

-
    -

  1. Admin creates a new network with a subnet, for instance 10.10.10.0/24

    2. -

  2. Admin creates an access key for signing up new nodes

    3. -

  3. Both of the above requests are routed to the server via an API call from the front end

    4. -

  4. Admin runs the netclient install script on any given node (machine).

    5. -

  5. Netclient decodes key, which contains the server location

    6. -

  6. Netclient gathers and sets appropriate information to configure itself as a node: it generates key pairs, gets public and local addresses, and sets a port.

    7. -

  7. Netclient sends this information to the server, authenticating with its access key

    8. -

  8. Netmaker server verifies information and creates the node, setting default values for any missing information, and returns a response.

    9. -

  9. Upon successful registration, Netclient pulls the latest peers list from the server and set up a WireGuard interface

    10. -

  10. Netclient configures itself as a daemon (if joining for the first time) and subscribes to MQ using the server’s WireGuard address.

    11. -

  11. Netclient regularly retrieves local information, checking for changes in things like IP and keys. If there is a change, it pushes them to the server.

    12. -

  12. If a change occurs in any other peer, or peers are added/removed, an update will be sent to the Netclient via MQ, and it will re-configure WireGuard.

    13. -
- - -

Compatible Systems for Netclient

-

To manage a node manually, the Netclient can be compiled and run for most linux distibutions, with a prerequisite of WireGuard with kernel headers. If the netclient from the release pages does not run natively on your system, you may need to compile the netclient binary directly on the machine from the source code. This may be true for some installations of SUSE, Fedora, and some Debian-based systems. However, if the dependencies are installed on the machine, the netclient should run correctly after being compiled.

-

Simply clone the repo, cd to netmaker/netclient and run “go build” (Golang must be installed).

-
-
The following systems should be operable natively with Netclient in daemon mode:
    -

  • Windows

    • -

  • Mac

    • -

  • FreeBSD

    • -

  • OpenWRT

    • -

  • Fedora

    • -

  • Ubuntu

    • -

  • Debian

    • -

  • Mint

    • -

  • SUSE

    • -

  • RHEL

    • -

  • Raspian.

    • -

  • Arch

    • -

  • CentOS

    • -

  • Fedora CoreOS

    • -
-
-
To manage DNS (optional), the node must have systemd-resolved. Systems that have this enabled include:
    -

  • Arch

    • -

  • Debian

    • -

  • Ubuntu

    • -

  • SUSE

    • -
-
-
- - -

Limitations

-

Install limitations mostly include platform-specific dependencies. A failed netclient install should display information about which command is failing, or which libraries are missing. This can often be solved via machine upgrade, installing missing dependencies, or setting kernel headers on the machine for WireGuard (e.x.: Installing Kernel Headers on Debian)

- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/client-installation.html b/docs/_build/html/client-installation.html deleted file mode 100644 index f1a76474..00000000 --- a/docs/_build/html/client-installation.html +++ /dev/null @@ -1,852 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Advanced Client Installation — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Advanced Client Installation

-

This document tells you how to install the netclient on machines that will be a part of your Netmaker network, as well as non-compatible systems.

-

These steps should be run after the Netmaker server has been created and a network has been designated within Netmaker.

- -

Introduction to Netclient

-

At its heart, the netclient is a simple CLI for managing access to various WireGuard-based networks. It manages WireGuard on the host system, so that you don’t have to. Why is this necessary?

-

If you are setting up a WireGuard-based virtual network, you must configure each machine with very specific settings, so that every machine can reach it, and it can reach every machine. Any changes to the settings of any one of these machines can break those connections. Any machine that is added, removed, or modified on the network requires reconfiguring every peer in the network. This can be very time consuming.

-

The netmaker server holds configuration details about every machine in your network and how other machines should connect to it.

-

The netclient agent connects to the server, pushing and pulling information when the network (or its local configuration) changes.

-

The netclient agent then configures WireGuard (and other network properties) locally, so that the network stays intact.

- - -

Notes on Windows

-

If running the netclient on windows, you must download the netclient.exe binary and run it from Powershell as an Administrator.

-

Windows will by default have firewall rules that prevent inbound connections. If you wish to allow inbound connections from particular peers, use the following command:

-

netsh advfirewall firewall add rule name="Allow from <peer private addr>" dir=in action=allow protocol=ANY remoteip=<peer private addr>

-

If you want to allow all peers access, but do not want to configure firewall rules for all peers, you can configure access for one peer, and set it as a Relay Server.

- -

Running the install script

-

Some file locations have issues running the install script, such as running from the root C:/ folder. Users have noted the following locations work well for running the install powershell script:

-
    -

  • C:/Program Files/wireguard

    • -

  • C:/Windows/System32

    • -
- - -

Running netclient commands

-

If running the netclient manually (“netclient join”, “netclient checkin”, “netclient pull”) it should be run from outside of the installed directory, which will be either:

-
    -

  • C:/Program Files/netclient

    • -

  • C:/ProgramData/netclient

    • -
-

It is better to call it from a different directory.

- - -

High CPU Utilization

-

With some versions of WireGuard on Windows, high CPU utilization has been found with the netclient. This is typically due to interaction with the WireGuard GUI component (app). If you’re experiencing high CPU utilization, close the WireGuard app. WireGuard will still be running, but the CPU usage should go back down to normal.

- - - -

Notes on OpenWRT

-

Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try:

-
    -

  1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt

    2. -

  2. Manual installation:

    3. -
- -
    -

  1. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a “netclient join” command:

    2. -
-
    -

  • wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh

    • -

  • ./token-convert <token value>

    • -

  • Run the output on your OpenWRT machine

    • -
- - -

Modes and System Compatibility

-

Note: If you would like to connect non-Linux/Unix machines to your network such as phones and Windows desktops, please see the documentation on External Clients

-

The netclient can be run in a few “modes”. System compatibility depends on which modes you intend to use. These modes can be mixed and matched across a network, meaning all machines do not have to run with the same “mode.”

- -

CLI

-

In its simplest form, the netclient can be treated as just a simple, manual, CLI tool, which a user can call to configure the machine. The cli can be compiled from source code to run on most systems, and has already been compiled for x86 and ARM devices.

-

As a CLI, the netclient should function on any Linux or Unix based system that has the wireguard utility (callable with wg) installed.

- - -

Daemon

-

The netclient is intended to be run as a system daemon. This allows it to automatically retrieve and send updates. To do this, the netclient can install itself as a systemd service, or launchd/windows service for Mac or Windows.

-

If running the netclient on non-systemd linux, it is recommended to manually configure the netclient as a daemon using whatever method is acceptable on the chosen operating system.

- - -

Private DNS Management

-

To manage private DNS, the netclient relies on systemd-resolved (resolvectl). Absent this, it cannot set private DNS for the machine.

-

A user may choose to manually set a private DNS nameserver of <netmaker server>:53. However, beware, as netmaker sets split dns, and the system must be configured properly. Otherwise, this nameserver may break your local DNS.

- - - -

Prerequisites

-

To obtain the netclient, go to the GitHub releases: https://github.com/gravitl/netmaker/releases

-

For netclient cli: Linux/Unix with WireGuard installed (wg command available)

-

For netclient daemon: Systemd Linux + WireGuard

-

For Private DNS management: Resolvectl (systemd-resolved)

- - -

Configuration

-

The CLI has information about all commands and variables. This section shows the “help” output for these commands as well as some additional reference.

- -

CLI Reference

-

sudo netclient --help

-
NAME:
-   Netclient CLI - Netmaker's netclient agent and CLI. Used to perform interactions with Netmaker server and set local WireGuard config.
-
-USAGE:
-   netclient [global options] command [command options] [arguments...]
-
-COMMANDS:
-   register    Register with Netmaker Server for secure GRPC communications.
-   join        Join a Netmaker network.
-   leave       Leave a Netmaker network.
-   checkin     Checks for local changes and then checks into the specified Netmaker network to ask about remote changes.
-   push        Push configuration changes to server.
-   pull        Pull latest configuration and peers from server.
-   list        Get list of networks.
-   uninstall   Uninstall the netclient system service.
-   unregister  Unregister the netclient from secure server GRPC.
-   help, h     Shows a list of commands or help for one command
-
-GLOBAL OPTIONS:
-   --help, -h  show help (default: false)
-
-
-

sudo netclient join --help

-
alex@workstation:~$ sudo netclient join --help
-NAME:
-   netclient join - Join a Netmaker network.
-
-USAGE:
-   netclient join [command options] [arguments...]
-
-OPTIONS:
-   --network value, -n value            Network to perform specified action against. (default: "all") [$NETCLIENT_NETWORK]
-   --password value, -p value           Password for authenticating with netmaker. [$NETCLIENT_PASSWORD]
-   --endpoint value, -e value           Reachable (usually public) address for WireGuard (not the private WG address). [$NETCLIENT_ENDPOINT]
-   --macaddress value, -m value         Mac Address for this machine. Used as a unique identifier within Netmaker network. [$NETCLIENT_MACADDRESS]
-   --publickey value, --pubkey value    Public Key for WireGuard Interface. [$NETCLIENT_PUBLICKEY]
-   --privatekey value, --privkey value  Private Key for WireGuard Interface. [$NETCLIENT_PRIVATEKEY]
-   --port value                         Port for WireGuard Interface. [$NETCLIENT_PORT]
-   --keepalive value                    Default PersistentKeepAlive for Peers in WireGuard Interface. (default: 0) [$NETCLIENT_KEEPALIVE]
-   --operatingsystem value, --os value  Identifiable name for machine within Netmaker network. [$NETCLIENT_OS]
-   --name value                         Identifiable name for machine within Netmaker network. [$NETCLIENT_NAME]
-   --localaddress value                 Local address for machine. Can be used in place of Endpoint for machines on the same LAN. [$NETCLIENT_LOCALADDRESS]
-   --address value, -a value            WireGuard address for machine within Netmaker network. [$NETCLIENT_ADDRESS]
-   --addressIPv6 value, --a6 value      WireGuard address for machine within Netmaker network. [$NETCLIENT_ADDRESSIPV6]
-   --interface value, -i value          WireGuard local network interface name. [$NETCLIENT_INTERFACE]
-   --apiserver value                    Address + GRPC Port (e.g. 1.2.3.4:50051) of Netmaker server. [$NETCLIENT_API_SERVER]
-   --grpcserver value                   Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server. [$NETCLIENT_GRPC_SERVER]
-   --key value, -k value                Access Key for signing up machine with Netmaker server during initial 'add'. [$NETCLIENT_ACCESSKEY]
-   --token value, -t value              Access Token for signing up machine with Netmaker server during initial 'add'. [$NETCLIENT_ACCESSTOKEN]
-   --localrange value                   Local Range if network is local, for instance 192.168.1.0/24. [$NETCLIENT_LOCALRANGE]
-   --dns value                          Sets private dns if 'on'. Ignores if 'off'. Will retrieve from network if unset. (default: "on") [$NETCLIENT_DNS]
-   --islocal value                      Sets endpoint to local address if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_IS_LOCAL]
-   --isdualstack value                  Sets ipv6 address if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_IS_DUALSTACK]
-   --udpholepunch value                 Turns on udp holepunching if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_UDP_HOLEPUNCH]
-   --ipforwarding value                 Sets ip forwarding on if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_IPFORWARDING]
-   --postup value                       Sets PostUp command for WireGuard. [$NETCLIENT_POSTUP]
-   --postdown value                     Sets PostDown command for WireGuard. [$NETCLIENT_POSTDOWN]
-   --daemon value                       Installs daemon if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_DAEMON]
-   --roaming value                      Checks for IP changes if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_ROAMING]
-   --help, -h                           show help (default: false)
-
-
- - -

Config File Reference

-

There is a config file for each node under /etc/netconfig-<network name>. You can change these values and then set “postchanges” to “true”, or go to the CLI and run netclient push -n <network>

-
server:
-    corednsaddr: 147.182.251.203 # Address of CoreDNS Server (set locally with resolvectl)
-    grpcaddress: 10.101.0.1:50051 # Address of GRPC Server (used for all interaction with server after registration)
-    apiaddress: 1.2.3.4:8081 # Address of API Server (used only for registration/unregistration)
-    accesskey: 5qKTbTgsvb45y3qyRmWft # Key used to sign up with server. Used only during registration
-node:
-    name: my-computer # name of this node
-    interface: nm-example # name of interface to create/use for WG
-    network: example # name of network this ode is a part of
-    password: $2a$0afehuytviN/thMpVlCYkonxy.Ws2.rNCJjBSAa3HZuhrK5hpYxme # encrypted node password, used to retrieve JWT. Can be changed to new pass in plaintext and CLI will update/replace with encrypted pass
-    macaddress: 6c:4b:91:0g:68:7b # MAC of node. Used as a Unique ID
-    localaddress: 192.168.1.32 # Address on local network, used as endpoint for other local nodes for faster comms
-    wgaddress: 10.7.11.2 # Private WG addres on network
-    wgaddress6: "f8:34:41:77:5c:15" # Private ipv6 address if network is dual stack
-    roaming: "yes" # Whether or not to grab new endpoint value automatically
-    dnson: "no" # Whether or not to set local DNS based on Netmaker's Private DNS server
-    islocal: "no" # Based on network. If yes, will use local IP as endpoint.
-    isdualstack: "yes" # Use IPv6 in addition to IPv4
-    isingressgateway: "no" # whether or not node is an ingress gateway (will set iptables forwarding rules)
-    allowedips: "" # additional IP's to add to client
-    localrange: "" # local range if it's a local network. For instance, 192.168.1.0/24
-    postup: "" # postup command, used by ingress/egress gateways to set iptables
-    postdown: "" # postdown command, used by ingress/egress gateways to set iptables
-    port: 51821 # WG port to use
-    keepalive: 20 # default keepalive with nodes
-    publickey: 8/q9cOg7c9QjnoXygVrY/VNE197VMRadJodkb1ZsujA= # public key of node to show to other nodes
-    privatekey: "" # private key, set only for changing and then will revert to blank in config
-    endpoint: 78.170.22.168 # public endpoint for reaching node 
-    postchanges: "false" # if true, will post and config file changes on next checkin and then revert to false
-    ipforwarding: "yes" # set ip forwarding; highly recommended to leave on
-    isstatic: "no" # if yes, daemon will not change pubkey, endpoint, or address
-    udpholepunch: "yes" # run UDP hole punching (will ignore port above, e.g. 51821)
-    network: home # the network (duplicate of node.network)
-daemon: "yes" # whether or not to manage systemd
-operatingsystem: "" # not currently in use
-
-
- - - -

Installation

-

To install netmaker, you need a server token for a particular network, unless you’re joining a network that allows manual signup, in which case you can join without a token, but the server will quarantine the machine until the admin approves it.

-

An admin creates a token in the ACCESS KEYS section of the UI. Upon creating a token, it generates 3 values:

-

Access Key: The secret key to authenticate as a node in the network

-

Access Token: The secret key plus information about how to access the server (addresses, ports), all decoded by the netclient to register with the server

-

Install Command: A short script that will obtain the netclient binary, register with the server, and join the network, all in one

-

For first time installations, you can run the Install Command. For additional networks, simply run netclient join -t <access token>. The raw access key will not be needed unless there are special circumstances, mostly troubleshooting incorrect information in the token (you can instead manually specify the server location).

- - -

Managing Netclient

- -

Viewing Logs

-
-
to view current networks

netclient list

-
-
to tail logs

journalctl -u netclient

-
-
to get most recent log run

systemctl status netclient

-
-
- - -

Re-syncing netclient (basic troubleshooting)

-

If the daemon is not running correctly run, try restarting the daemon, or pulling changes directly (don’t do both at once)

-
-

systemctl restart netclient

-

sudo netclient pull

-
- - -

Making Updates

-

vim /etc/netclient/netconfig-<network>

-

Change any of the variables in this file, and changes will be pushed to the server and processed locally on the next checkin.

-

For instance, change the private address, endpoint, or name. See above example config file for details

- - -

Adding/Removing Networks

-

netclient join -t <token>

-

Set any of the above flags (netclient join –help) to override settings for joining the network. -If a key is provided (-k), then a token is unnecessary, but grpc, server, ports, and network must all be provided via flags.

- - -

Uninstalling

-

netclient uninstall

- - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/conduct.html b/docs/_build/html/conduct.html deleted file mode 100644 index e9469348..00000000 --- a/docs/_build/html/conduct.html +++ /dev/null @@ -1,584 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Code of Conduct — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Code of Conduct

- -

Our Pledge

-

In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation.

- - -

Our Standards

-

Examples of behavior that contributes to creating a positive environment -include:

-
    -

  • Using welcoming and inclusive language

    • -

  • Being respectful of differing viewpoints and experiences

    • -

  • Gracefully accepting constructive criticism

    • -

  • Focusing on what is best for the community

    • -

  • Showing empathy towards other community members

    • -
-

Examples of unacceptable behavior by participants include:

-
    -

  • The use of sexualized language or imagery and unwelcome sexual attention or advances

    • -

  • Trolling, insulting/derogatory comments, and personal or political attacks

    • -

  • Public or private harassment

    • -

  • Publishing others’ private information, such as a physical or electronic address, without explicit permission

    • -

  • Other conduct which could reasonably be considered inappropriate in a professional setting

    • -
- - -

Our Responsibilities

-

Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior.

-

Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful.

- - -

Scope

-

This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers.

- - -

Enforcement

-

Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at info@gravitl.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately.

-

Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project’s leadership.

- - -

Attribution

-

This Code of Conduct is adapted from the Contributor Covenant, version 1.4, -available here.

- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/egress-gateway.html b/docs/_build/html/egress-gateway.html deleted file mode 100644 index eebb7f83..00000000 --- a/docs/_build/html/egress-gateway.html +++ /dev/null @@ -1,548 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Egress Gateway — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Egress Gateway

- -

Introduction

-Gateway -

Netmaker allows your clients to reach external networks via an Egress Gateway. The Egress Gateway is a netclient which has been deployed to a server or router with access to a given subnet.

-

In the netmaker UI, that node is set as an “egress gateway.” Range(s) are specified which this node has access to. Once created, all clients (and all new ext clients) in the network will be able to reach those ranges via the gateway.

- - -

Configuring an Egress Gateway

-

Configuring an Egress Gateway is very straight forward. As a prerequisite, you must know what you are trying to access remotely. For instance:

-
    -

  • a VPC

    • -

  • a Kubernetes network

    • -

  • a home network

    • -

  • an office network

    • -

  • a data center

    • -
-

After you have determined this, you must next deploy a netclient in a compatible location where the network is accessible. For instance, a Linux server or router in the office, or a Kubernetes worker node. This machine should be stable and relatively static (not expected to change its IP frequently or shut down unexpectedly).

-

Next, you must determine which interface to use in order to reach the internal network. As an example, lets say there is a machine in the network at 10.10.10.2, and you have deployed the netclient on a different machine. You can run

-
ip route get 10.10.10.2
-
-
-

This should return the interface used to reach that address (e.x. “eth2”)

-

Finally, once you have determined the interface, the subnet, and deployed your netclient, you can go to your Netmaker UI and set the node as a gateway.

-Gateway -

At this point simply insert the range(s) into the first field, and the interface name into the second field, and click “create”.

-Gateway -

Netmaker will set iptables rules on the node, which will then implement these rules, allowing it to route traffic from the network to the specified range(s).

- - -

Use Cases

- -

1) Remote Access

-

A common scenario would be to combine this with an “Ingress Gateway” to create a simple method for accessing a home or office network. Such a setup would typically have only two nodes: the ingress and egress gateways. The Ingress Gateway should usually be globally accessible, which makes the Netmaker server itself a good candidate. This means you need only the netmaker server as the Ingress, and one additional machine (in the private network you wish to reach), as the Egress.

-Gateway -

In some scenarios, a single node will act as both ingress and egress! For instance, you can enable acess to a VPC using your Netmaker server, deployed with a public IP. Traffic comes in over the public IP (encrypted of course) and then routes to the VPC subnet via the egress gateway.

-Gateway - - -

2) VPN / NAT Gateway

-

Most people think of a VPN as a remote server that keeps your internet traffic secure while you browse the web, or as a tool for accessing internet services in another country,using a VPN server based in that country.

-

These are not typical use cases for Netmaker, but can be easily enabled.

-

The most important note is this: Do not use 0.0.0.0/0 as your egress gateway. This is how you typically set up a “standard” VPN with WireGuard, however, it will not work with Netmaker. The Netclient specifically ignores gateways that overlap with local ranges (for efficiency ranges). 0.0.0.0 overlaps with everything, so it is always ignored.

-

Instead, use the following list of ranges:

-
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
-
-
-

This list encompasses the standard “public” network ranges, and ignores the standard “private” network ranges.

-

Simply paste this list into your “egress gateway ranges” and your clients should begin routing public-facing traffic over the gateway.

-Gateway - - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/external-clients.html b/docs/_build/html/external-clients.html deleted file mode 100644 index 9b6f135c..00000000 --- a/docs/_build/html/external-clients.html +++ /dev/null @@ -1,547 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Ingress + External Clients — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Ingress + External Clients

- -

Introduction

-Gateway -
-
Netmaker allows for “external clients” to reach into a network and access services via an Ingress Gateway. So what is an “external client”? An external client is any machine which cannot or should not be meshed. This can include:
    -

  • Phones

    • -

  • Laptops

    • -

  • Desktops

    • -
-
-
-

An external client is not “managed,” meaning it does not automatically pull the latest network configuration, or push changes to its configuration. Instead, it uses a generated WireGuard config file to access the designated Ingress Gateway, which is a managed server (running netclient). This server then forwards traffic to the appropriate endpoint, acting as a middle-man/relay.

-

By using this method, you can hook any machine into a netmaker network that can run WireGuard.

-

It is recommended to run the netclient where compatible, but for all other cases, a machine can be configured as an external client.

-

Important to note, an external client is not reachable by the network, meaning the client can establish connections to other machines, but those machines cannot independently establish a connection back. The External Client method should only be used in use cases where one wishes to access resource running on the virtual network, and not for use cases where one wishes to make a resource accessible on the network. For that, use netclient.

- - -

Configuring an Ingress Gateway

-

External Clients must attach to an Ingress Gateway. By default, your network will not have an ingress gateway. To configure an ingress gateway, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be an ingress gateway and makes for a good default choice if you are unsure of which node to select.

-Gateway - - -

Adding Clients to a Gateway

-

Once you have configured a node as a gateway, you can then add clients to that gateway. Clients will be able to access other nodes in the network just as the gateway node does.

-Gateway -

After creating a client, you can edit the name to something more logical.

-Gateway -

Then, you can either download the configuration file directly, or scan the QR code from your phone (assuming you have the WireGuard app installed). It will accept the configuration just as it would accept a typical WireGuard configuration file.

-Gateway -

Example config file:

-
[Interface]
-Address = 10.7.11.5/32
-PrivateKey = EJf6Yy51M/YDaZgedRpuxMmrqul35WfjmHvRZR1rQ0U=
-
-[Peer]
-PublicKey = m/RPuMVsbpgQ+RkxlgK2mG+dDFlzqn+ua2zJt8Wn7GA=
-AllowedIPs = 10.7.11.0/24
-Endpoint = 3.236.60.247:51822
-PersistentKeepalive = 20
-
-
-
-

Your client should now be able to access the network! A client can be invalidated at any time by simply deleting it from the UI.

- - -

Configuring DNS for Ext Clients (OPTIONAL)

-

If you wish to have a DNS field on your ext clients conf, simply edit the network field as shown below to 1.1.1.1 or 8.8.8.8 for example. -If you do not want DNS on your ext client conf files, simply leave it blank.

-Gateway -

Important to note, your client automatically adds egress gateway ranges (if any on the same network) to it’s allowed IPs.

- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/genindex.html b/docs/_build/html/genindex.html deleted file mode 100644 index 2af1e7df..00000000 --- a/docs/_build/html/genindex.html +++ /dev/null @@ -1,410 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Index — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Index

- -
- -
- - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/getting-started.html b/docs/_build/html/getting-started.html deleted file mode 100644 index 27f48f73..00000000 --- a/docs/_build/html/getting-started.html +++ /dev/null @@ -1,622 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Getting Started — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Getting Started

-

Once you have Netmaker installed via the Quick Install guide, you can use this Getting Started guide to help create and manage your first network.

- -

Setup

-
    -

  1. Create your admin user, with a username and password.

    2. -

  2. Login with your new user

    3. -

  3. Create your first network by clicking on Create Network

    4. -
- - -

Create a Network

-Create Network Screen -

This network should have a sensible name (nodes will use it to set their interfaces).

-

More importantly, it should have a non-overlapping, private address range.

-

If you are running a small (less than 254 machines) network, and are unsure of which CIDR’s to use, you could consider:

-
    -

  • 10.11.12.0/24

    • -

  • 10.20.30.0/24

    • -

  • 100.99.98.0/24

    • -
- -

Network Settings Description

-

The Network creation form has a few fields which may seem unfamiliar. Here is a brief description:

-

UDP Hole Punching: UDP Hole Punching enables the server to perform STUN. This means, when nodes check in, the server will record return addresses and ports. It will then communicate this information to the other nodes when they check in, allowing them to reach their peers more easily. This has two benefits. For one, it%. It also means, you dont usually have to worry about opening up the local firewall for ports (for instance, 51821). This setting is usually good to turn on, with some noteable exceptions. This setting cannot be enabled if “client mode” is turned off. This setting can also break peer-to-peer functionality if, for whatever reason, nodes are unable to reach the server.

-

Is Local Network: This is almost always best to leave this turned off and is left for very special circumstances. If you are running a data center or a private WAN, you may want to enable this setting. It defines the range that nodes will set for Endpoints. Usually, Endpoints are just the public IP. But in some cases, you don’t want any nodes to be reachable via a public IP, and instead want to use a private range.

-

Is Dual Stack: This setting adds ipv6 private addresses to nodes, in addition to ipv4 addresses. Usually, this is unnecessary, but in some cases, you may have a requirement for ipv6 and can enable this setting.

-

Once your network is created, you should see that the netmaker server has added itself to the network. From here, you can move on to adding additional nodes to the network.

-Node Screen - - - -

Create a Key

-

Adding nodes to the network typically requires a key.

-
    -

  1. Click on the ACCESS KEYS tab and select the network you created.

    2. -

  2. Click ADD NEW ACCESS KEY

    3. -

  3. Give it a name (ex: “mykey”) and a number of uses (ex: 25)

    4. -

  4. Click CREATE KEY (Important: Do not click out of the following screen until you have saved your key details. It will appear only once.)

    5. -

  5. Copy the bottom command under “Your agent install command with access token” and save it somewhere locally. E.x: curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -.

    6. -
-Access Key Screen -

You will use this command to install the netclient on your nodes. There are three different values for three different scenarios:

-
    -

  • The Access Key value is the secret string that will allow your node to authenticate with the Netmaker network. This can be used with existing netclient installations where additional configurations (such as setting the server IP manually) may be required. This is not typical. E.g. netclient join -k <access key> -s grpc.myserver.com -p 50051

    • -

  • The Access Token value is a base64 encoded string that contains the server IP and grpc port, as well as the access key. This is decoded by the netclient and can be used with existing netclient installations like this: netclient join -t <access token>. You should use this method for adding a network to a node that is already on a network. For instance, Node A is in the mynet network and now you are adding it to default.

    • -

  • The install command value is a curl command that can be run on Linux systems. It is a simple script that downloads the netclient binary and runs the install command all in one.

    • -
-

Networks can also be enabled to allow nodes to sign up without keys at all. In this scenario, nodes enter a “pending state” and are not permitted to join the network until an admin approves them.

- - -

Deploy Nodes

-
    -

  1. Prereqisite: Every machine on which you install should have wireguard and systemd already installed.

    2. -

  2. SSH to each machine

    3. -

  3. sudo su -

    4. -

  4. Prerequisite Check: Every Linux machine on which you run the netclient must have WireGuard and systemd installed

    5. -

  5. For linux machines with SystemD and WireGuard installed, Run the install command, Ex: curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -

    6. -

  6. For Mac, Windows, and arch-specific linux distributions (e.g. ARM), download the appropriate netclient for your system . Then, run “netclient join -t <your token>”.

    7. -
-

You should get output similar to the below. The netclient retrieves local settings, submits them to the server for processing, and retrieves updated settings. Then it sets the local network configuration. For more information about this process, see the client installation documentation. If this process failed and you do not see your node in the console (see below), then reference the troubleshooting documentation.

-Output from Netclient Install -Node Success -

Repeat the above steps for every machine you would like to add to your network. You can re-use the same install command so long as you do not run out of uses on your access key (after which it will be invalidated and deleted).

-

Once installed on all nodes, you can test the connection by pinging the private address of any node from any other node.

-Node Success - - -

Manage Nodes

-

Your machines should now be visible in the control pane.

-Node Success -

You can view/modify/delete any node by selecting it in the NODES tab. For instance, you can change the name to something more sensible like “workstation” or “api server”. You can also modify network settings here, such as keys or the WireGuard port. These settings will be picked up by the node on its next check in. For more information, see Advanced Configuration in the Using Netmaker docs.

-Node Success -

Nodes can be added/removed/modified on the network at any time. Nodes can also be added to multiple Netmaker networks. Any changes will get picked up by any nodes on a given network, and will take aboue ~30 seconds to take effect.

- - -

Uninstalling the netclient

-
    -

  1. To remove your nodes from the default network, run the following on each node: sudo netclient leave -n default

    2. -

  2. To remove the netclient entirely from each node, run sudo rm -rf /etc/netclient (after running the first step)

    3. -
- - -

Uninstalling Netmaker

-

To uninstall Netmaker from the server, simply run docker-compose down or docker-compose down --volumes to remove the docker volumes for a future installation.

- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/index.html b/docs/_build/html/index.html deleted file mode 100644 index c999e3e4..00000000 --- a/docs/_build/html/index.html +++ /dev/null @@ -1,712 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Welcome to the Netmaker Documentation — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - Netmaker WireGuard - -

Welcome to the Netmaker Documentation

-

Netmaker is a platform for creating and managing fast, secure, and dynamic virtual overlay networks using WireGuard.

-

This documentation covers Netmaker’s installation, usage, troubleshooting, and customization, as well as reference documents for the API, UI and Agent configuration. All of the source code for Netmaker is on GitHub.

-

For Kubernetes-specific guidance, please see the Netmaker Kubernetes Documentation.

- -

About

-

High-level information about what Netmaker is and how it works.

-
- -
- - -

Getting Started

-

How to install Netmaker and set up your first network.

-
- -
- - -

Ingress, Egress, and Relays

-

How to give machines outside of the Netmaker network access to network resources via an Ingress Gateway:

-
- -
-

How to give machines inside the Netmaker network access to external network resources via an Egress Gateway:

-
- -
-

How to make machines inside the network reachable if they are blocked by NAT/Firewall:

-
- -
- - -

Kubernetes Documentation

-
- -
-

Netmaker Kubernetes Documentation

- - -

Advanced Server Installation

-

A detailed guide to installing the Netmaker server (API, DB, UI, DNS), and configuration options.

-
- -
- - -

Advanced Client Installation

-

A detailed guide to installing the Netmaker agent (netclient) on devices and configuration options.

-
- -
- - -

Oauth Configuration

-

A simple guide to configuring OAuth for Netmaker.

-
- -
- - -

External Guides

-

A handful of guides for use cases including site-to-site, Kubernetes, private DNS, and more.

-
- -
- - -

UI Reference

-

A reference document for the Netmaker Server UI, with annotated screenshot detailing each field.

-
- -
- - -

API Reference

-

A reference document for the Netmaker Server API, and example API calls for various use cases.

-
- -
- - -

Upgrades

-

Upgrading the Netmaker server and clients.

-
- -
- - -

Troubleshooting

-

Help with common Netmaker/netclient issues.

-
- -
- - -

Support

-

Where to go for help, and a FAQ.

-
- -
- - -

Code of Conduct

-

A statement on our expectations and pledge to the community.

-
- -
- - -

Licensing

-

A link to the Netmaker license.

-
- -
- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/install.html b/docs/_build/html/install.html deleted file mode 100644 index dde14d05..00000000 --- a/docs/_build/html/install.html +++ /dev/null @@ -1,450 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Install — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
- -
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/license.html b/docs/_build/html/license.html deleted file mode 100644 index b3cefcb1..00000000 --- a/docs/_build/html/license.html +++ /dev/null @@ -1,431 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - License — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

License

-

Netmaker’s source code and all artifacts in this repository are freely available. All versions are published under the Server Side Public License (SSPL), version 1, which can be found here.

- - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/oauth.html b/docs/_build/html/oauth.html deleted file mode 100644 index 86bf75b8..00000000 --- a/docs/_build/html/oauth.html +++ /dev/null @@ -1,545 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Integrating OAuth — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Integrating OAuth

- -

Introduction

-

As of v0.8.5, Netmaker offers integration with the following OAuth providers:

-
    -

  • GitHub

    • -

  • Google

    • -

  • Microsoft Azure AD

    • -
-

By integrating with an OAuth provider, your Netmaker users can log in via the provider, rather than the default simple auth.

- - -

Configuring your provider

-

In order to use OAuth, configure your OAuth provider (GitHub, Google, Azure AD).

-

You must configure your provider (except for Azure AD) to use the Netmaker Dashboard URI dashboard.<netmaker.base.domain> as the origin URL.

-

For example: https://dashboard.netmaker.mydomain.com

-

You must configure your provider to use the Netmaker API URI redirect route with the following format: https://api.<netmaker base domain>/api/oauth/callback.

-

For example: https://api.netmaker.mydomain.com/api/oauth/callback

-

General provider instructions can be found with the following links:

-

Instructions for GitHub: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#github-auth-provider -Instructions for Google: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#google-auth-provider -Instructions for Microsoft Azure AD: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#microsoft-azure-ad-provider

- - -

Configuring Netmaker

-

After you have configured your OAuth provider, take note of the CLIENT_ID and CLIENT_SECRET. If you are using Azure for oauth, you may also want to note down the Azure tenant ID you wish to use.

-

Next, Configure Netmaker with the following environment variables. If any are left blank, OAuth will fail.

-
AUTH_PROVIDER: "<azure-ad|github|google>"
-CLIENT_ID: "<client id of your oauth provider>"
-CLIENT_SECRET: "<client secret of your oauth provider>"
-SERVER_HTTP_HOST: "api.<netmaker base domain>"
-FRONTEND_URL: "https://dashboard.<netmaker base domain>"
-AZURE_TENANT: "<only for azure, you may optionally specify the tenant for the OAuth>"
-
-
-

After restarting your server, the Netmaker logs will indicate if the OAuth provider was successfully initialized:

-
sudo docker logs netmaker
-
-
-

Once successful, users can click the key symbol on the login page to sign-in with your configured OAuth provider.

-Login Oauth - - -

Configuring User Permissions

-

All users logging in will have zero permissions on first sign-in. An admin must configure all user permissions.

-

Admins must navigate to the “Users” screen to configure permissions.

-

For each user, an admin must specify which networks that user has access to configure. Additionally, an Admin can elevate a user to Admin permissions.

-Edit User 2 -Edit User - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/objects.inv b/docs/_build/html/objects.inv deleted file mode 100644 index 35f2ddb7..00000000 Binary files a/docs/_build/html/objects.inv and /dev/null differ diff --git a/docs/_build/html/quick-start.html b/docs/_build/html/quick-start.html deleted file mode 100644 index c0558112..00000000 --- a/docs/_build/html/quick-start.html +++ /dev/null @@ -1,659 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Quick Install — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Quick Install

-

This quick start guide is an opinionated guide for getting up and running with Netmaker as quickly as possible.

-

If just trialing netmaker, you may also want to check out the 3-minute PoC install of Netmaker in the README on GitHub. The following is just a guided version of that script, plus a custom domain (instead of nip.io): https://github.com/gravitl/netmaker .

- -

Introduction

-

We assume for this installation that you want all of the Netmaker features enabled, you want your server to be secure, and you want your server to be accessible from anywhere.

-

This instance will not be HA. However, it should comfortably handle around one hundred concurrent clients and support the most common use cases.

-

If you are deploying for a business or enterprise use case and this setup will not fit your needs, please contact info@gravitl.com, or check out the business subscription plans at https://gravitl.com/plans/business.

-

By the end of this guide, you will have Netmaker installed on a public VM linked to your custom domain, secured behind a Caddy reverse proxy.

-

For information about deploying more advanced configurations, see the Advanced Installation docs.

- - -

0. Prerequisites

-
    -

  • Virtual Machine

    -
      -

    • Preferably from a cloud provider (e.x: DigitalOcean, Linode, AWS, GCP, etc.)

      • -

    • (We do not recommend Oracle Cloud, as VM’s here have been known to cause network interference.)

      • -

    • Public, static IP

      • -

    • Min 1GB RAM, 1 CPU (4GB RAM, 2CPU preferred for production installs)

      • -

    • 2GB+ of storage

      • -

    • Ubuntu 20.04 Installed

      • -
    -
    • -

  • Domain

    -
      -

    • A publicly owned domain (e.x. example.com, mysite.biz)

      • -

    • Permission and access to modify DNS records via DNS service (e.x: Route53)

      • -
    -
    • -
- - -

1. Prepare DNS

-

Create a wildcard A record pointing to the public IP of your VM. As an example, *.netmaker.example.com.

-

Caddy will create 3 subdomains with this wildcard, EX:

-
    -

  • dashboard.netmaker.example.com

    • -

  • api.netmaker.example.com

    • -

  • grpc.netmaker.example.com

    • -
- - -

2. Install Dependencies

-
ssh root@your-host
-sudo apt-get update
-sudo apt-get install -y docker.io docker-compose wireguard
-
-
-

At this point you should have all the system dependencies you need.

- - -

3. Open Firewall

-

Make sure firewall settings are set for Netmaker both on the VM and with your cloud security groups (AWS, GCP, etc).

-

Make sure the following ports are open both on the VM and in the cloud security groups:

-
    -

  • 443 (tcp): for Dashboard, REST API, and gRPC

    • -

  • 80 (tcp): for LetsEncrypt

    • -

  • 53 (udp and tcp): for CoreDNS - This is no longer necessary as of 0.10.0, as by default DNS queries will run over WireGuard.

    • -

  • 51821-518XX (udp): for WireGuard - Netmaker needs one port per network, starting with 51821, so open up a range depending on the number of networks you plan on having. For instance, 51821-51830.

    • -
-
sudo ufw allow proto tcp from any to any port 443 && sudo ufw allow 53/udp && sudo ufw allow 53/tcp && sudo ufw allow 51821:51830/udp
-
-
-
-
Again, based on your cloud provider, you may additionally need to set inbound security rules for your server (for instance, on AWS). This will be dependent on your cloud provider. Be sure to check before moving on:
    -

  • allow 443/tcp from all

    • -

  • allow 80/tcp from all

    • -

  • (optional) allow 53/udp and 53/tcp from all

    • -

  • allow 51821-51830/udp from all

    • -
-
-
- - -

4. Install Netmaker

- -

Prepare Docker Compose

-

Note 1 on COREDNS_IP: As of 0.10.0, the default installation does not require COREDNS_IP to be set. Queries will run over WireGuard. -Note 2 on COREDNS_IP: Depending on your cloud provider, the public IP may not be bound directly to the VM on which you are running. In such cases, CoreDNS cannot bind to this IP, and you should use the IP of the default interface on your machine in place of COREDNS_IP. This command will get you the correct IP for CoreDNS in many cases:

-
ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p'
-
-
-

Now, insert the values for your base (wildcard) domain, public ip, and coredns ip.

-
wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/compose/docker-compose.contained.yml
-sed -i 's/NETMAKER_BASE_DOMAIN/<your base domain>/g' docker-compose.yml
-sed -i 's/SERVER_PUBLIC_IP/<your server ip>/g' docker-compose.yml
-sed -i 's/COREDNS_IP/<default interface ip>/g' docker-compose.yml
-
-
-

Generate a unique master key and insert it:

-
tr -dc A-Za-z0-9 </dev/urandom | head -c 30 ; echo ''
-sed -i 's/REPLACE_MASTER_KEY/<your generated key>/g' docker-compose.yml
-
-
-

You may want to save this key for future use with the API.

- - -

Prepare Caddy

-
wget -O /root/Caddyfile https://raw.githubusercontent.com/gravitl/netmaker/master/docker/Caddyfile
-
-sed -i 's/NETMAKER_BASE_DOMAIN/<your base domain>/g' /root/Caddyfile
-sed -i 's/YOUR_EMAIL/<your email>/g' /root/Caddyfile
-
-
- - -

Prepare MQ

-

You must retrieve the MQ configuration file for Mosquitto.

-
wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/master/docker/mosquitto.conf
-
-
- - -

Start Netmaker

-

sudo docker-compose up -d

-

navigate to dashboard.<your base domain> to begin using Netmaker.

-

To troubleshoot issues, start with:

-

docker logs netmaker

-

Or check out the troubleshoooting docs.

- - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/relay-server.html b/docs/_build/html/relay-server.html deleted file mode 100644 index 46b20f80..00000000 --- a/docs/_build/html/relay-server.html +++ /dev/null @@ -1,489 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Relay Servers — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Relay Servers

- -

Introduction

-Relay -

Sometimes nodes are in hard-to-reach places. Typically this will be due to a CGNAT, Double NAT, or restrictive firewall. In such scenarios, a direct peer-to-peer connection with all other nodes might be impossible.

-

For this reason, Netmaker has a Relay Server functionality. At any time you may designate a publicly reachable node (such as the Netmaker Server) as a Relay, and tell it which machines it should relay. Then, all traffic routing to and from that machine will go through the relay. This allows you to circumvent the above issues and ensure connectivity when direct measures do not work.

- - -

Configuring a Relay

-

To create a relay, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be a relay server and makes for a good default choice if you are unsure of which node to select.

-

Simply click the relay button in the nodes list. Then, specify the nodes which it should relay. You can either enter the IP’s directly, select from a list, or click “Select All.”

-Relay -

If you choose “select all” this essentially turns your network into a hub-and-spoke network. All traffic now routes over the relay node. This can create a bottleneck and slow down your network, but in some scenarios may simplify network operations.

-

After creation, you can change the list of relayed nodes by clicking “edit node” and editing the list (Field #12 below).

-Relay - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/search.html b/docs/_build/html/search.html deleted file mode 100644 index 8271e94c..00000000 --- a/docs/_build/html/search.html +++ /dev/null @@ -1,421 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Search — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- -

Search

-
- -

- Please activate JavaScript to enable the search - functionality. -

-
- -
- -
- -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/searchindex.js b/docs/_build/html/searchindex.js deleted file mode 100644 index 72ef6845..00000000 --- a/docs/_build/html/searchindex.js +++ /dev/null @@ -1 +0,0 @@ -Search.setIndex({docnames:["about","api","architecture","client-installation","conduct","egress-gateway","external-clients","getting-started","index","install","license","oauth","quick-start","relay-server","server-installation","support","troubleshoot","ui-reference","upgrades","usage"],envversion:{"sphinx.domains.c":2,"sphinx.domains.changeset":1,"sphinx.domains.citation":1,"sphinx.domains.cpp":4,"sphinx.domains.index":1,"sphinx.domains.javascript":2,"sphinx.domains.math":2,"sphinx.domains.python":3,"sphinx.domains.rst":2,"sphinx.domains.std":2,"sphinx.ext.intersphinx":1,sphinx:56},filenames:["about.rst","api.rst","architecture.rst","client-installation.rst","conduct.rst","egress-gateway.rst","external-clients.rst","getting-started.rst","index.rst","install.rst","license.rst","oauth.rst","quick-start.rst","relay-server.rst","server-installation.rst","support.rst","troubleshoot.rst","ui-reference.rst","upgrades.rst","usage.rst"],objects:{},objnames:{},objtypes:{},terms:{"0":[1,2,3,5,6,7,8,14,15,16],"04":[12,14],"06":1,"0afehuytvin":3,"0g":3,"1":[1,3,4,6,8,10,16,17],"10":[1,2,3,5,6,7,12,14,15],"100":[1,7],"101":3,"1024":17,"11":[3,5,6,7,14],"12":[5,7,13],"127":14,"128":5,"1280":17,"13":5,"14":5,"1420":17,"147":3,"15":[3,5],"16":[1,5],"160":5,"168":[3,5],"169":5,"170":[3,5],"172":[1,5],"173":5,"174":5,"176":5,"182":3,"1883":14,"192":[3,5],"193":5,"194":5,"196":5,"1gb":12,"1node":17,"2":[1,3,8,16,17],"20":[3,6,7,12,14],"200":[1,5],"203":3,"208":5,"22":[3,14],"236":6,"24":[2,3,6,7],"245":14,"247":6,"25":7,"251":3,"254":7,"2a":3,"2cpu":12,"2gb":12,"3":[3,5,6,8],"30":[7,12,14,17],"31":1,"32":[3,5,6],"34":3,"3rd":17,"4":[3,4,5,8],"4001":14,"4002":14,"41":3,"443":[12,14],"4b":3,"4gb":12,"5":[5,6,11,14,17],"50051":[2,3,7,14],"51821":[3,7,12,16],"51822":6,"51830":12,"51831":16,"51835":16,"518xx":12,"53":[3,12,14],"5432":14,"5c":3,"5qktbtgsvb45y3qyrmwft":3,"6":5,"60":6,"64":5,"6400":1,"68":3,"69":14,"6c":3,"7":[3,5,6,16],"70":1,"75":14,"77":3,"78":3,"7b":3,"8":[2,3,5,6,11,14,16],"80":[12,14],"8081":[1,2,3,14],"8082":14,"8c":1,"9":[5,12,14],"90":1,"91":3,"98":7,"99":7,"abstract":2,"break":[3,7],"case":[1,2,3,6,7,8,9,12,14,16,17,18,19],"class":14,"default":[1,2,3,6,7,11,12,13,14,16,17],"do":[0,1,2,3,4,5,6,7,12,13,14,16,17,18],"final":[5,16],"function":[1,3,7,13,14,15,16],"import":[2,5,6,7],"long":[0,2,7,15],"new":[2,3,5,7,17,18],"public":[2,3,4,5,6,7,10,12,13,14,17],"return":[2,5,7],"short":3,"static":[2,5,12,14,16,17],"super":17,"switch":[14,17],"true":[2,3,14],"try":[3,5,15,16],"var":[1,14],"while":[2,5,15],A:[2,3,5,6,7,8,12,14,16,17],And:14,As:[0,2,3,5,11,12,15,16,18],At:[0,2,3,5,12,13,18],Be:[12,14],Being:4,But:[7,14],By:[0,1,6,11,12,14,17],For:[2,3,5,6,7,8,9,11,12,13,14,16,17,18],If:[0,1,2,3,6,7,11,12,13,14,15,16,17,19],In:[0,1,2,3,4,5,7,11,12,13,14,16,18],Is:[7,16,17],It:[0,2,3,6,7,14,15,16,17,19],NOT:18,No:15,Not:[2,17],On:[2,3,14,17],One:16,Or:12,Such:5,That:2,The:[0,1,2,3,4,5,6,7,12,14,15,16,17],Their:16,Then:[6,7,13,16],There:[0,1,2,3,7,14,15,16],These:[2,3,5,7,14,16,17],To:[2,3,6,7,12,13,14,15,18],Will:[3,14],With:[2,3,14,17],_:[],a6:3,aa3bvg0rnitirxdx:1,abil:[15,16],abl:[1,2,5,6,14,16],abou:7,about:[2,3,7,12,14,16,17],abov:[2,3,7,13,14],absent:3,abus:4,accept:[3,4,6],access:[0,2,3,6,7,8,11,12,14,15,16,17,19],access_token_valu:14,accesskei:[1,3],accomplish:15,account:[4,16],acess:5,achiev:[1,2,14,15,16],across:[0,3,17],act:[2,4,5,6,14,17],action:[1,3,4],activ:16,actual:2,ad:[2,7,8,11,14,17,18],adapt:[4,14],add:[0,1,2,3,6,7,14,17,18],addit:[2,3,5,7,14,16,17],addition:[11,12],addnetwork:1,addr:[3,14],address:[2,3,4,5,6,7,13,14,16,17],addressipv6:3,addressrang:1,adequ:14,adm:1,admin:[0,1,2,3,7,11,14,16,17],administr:3,adopt:2,adv:14,advanc:[1,4,7,9,12],advfirewal:3,affect:[14,17],after:[2,3,5,6,7,11,13,17],ag:4,again:[2,12],against:3,agent:[0,2,3,7,8,14,16],agent_backend:14,agentbackend:14,aggreg:2,alex:3,algo:15,align:4,aliv:17,all:[0,1,2,3,4,5,6,7,8,10,11,12,13,14,15,16,17],allow:[1,2,3,5,6,7,12,13,14,16,17,19],allowedip:[3,6,17],allowedorigin:14,almost:[2,7,17],along:16,alongsid:14,alreadi:[2,3,7,14],also:[0,1,2,7,11,12,14,16,17],altern:[2,14],although:16,alwai:[2,5,7,14,17],am:16,an:[0,2,3,4,7,8,11,12,14,16,17,18,19],android:[2,16,17],ani:[0,2,3,4,6,7,11,12,13,14,16,17,18],annot:[8,17],anonym:14,anoth:[5,16],answer:16,anymor:16,anyth:17,anywher:12,aorijqalrik3ajflaqrdajhkr:1,apach:[2,14],api:[2,3,7,11,12,14],api_port:14,apiaddress:3,apihost:14,apiport:14,apiserv:3,app:[2,3,6,14,15,16,17],appear:[4,7,16,17],append:14,appli:[2,4,14],applic:[1,14],appoint:4,appropri:[2,4,6,7,14,17,18],approv:[1,3,7,15,17],aprov:16,apt:12,ar:[0,1,2,3,4,5,6,7,8,10,11,12,13,14,15,16,17,18],arbitrari:[0,14,17],arch:[2,7],architectur:[8,14],argument:3,arm:[3,7],around:[12,17],arrai:2,artifact:10,ask:[3,16],asset:14,assign:17,assist:16,assum:[2,6,12,14,16,17],attach:[6,16],attack:4,attempt:[2,17],attent:4,attribut:8,auth:[11,14],auth_provid:11,authent:[2,3,7],author:1,autofil:17,autom:[0,18],automat:[2,3,6,14,17],avail:[3,4,8,9,10,17],avoid:[14,17],aw:[0,12,15],awai:2,await:[],azur:11,azure_ten:11,b5:1,back:[3,6,14],backend:14,backend_url:14,background:2,ban:4,bare:[2,8],baremet:14,base64:7,base:[2,3,5,11,12,14,17,18],basedomain:14,bash:[2,3,16],basi:[],basic:19,bcrypt:14,bearer:1,becaus:[0,2,14,16,17],becom:[2,14,16,17],been:[2,3,5,12,14,17,18],befor:[2,12,16],begin:[5,12],behavior:4,behind:[2,6,12,13,16],being:[2,3,14,16,17],believ:15,bellow:14,belong:17,below:[1,2,6,7,13,14,18],benefit:7,besid:[2,15],best:[4,7,14,15,17],better:[2,3,14,17],between:[0,2,14,17],bewar:3,beyond:14,bin:14,bin_t:16,binari:[2,3,7,9,14,16,18],bind:[12,14],bit:19,biz:12,blank:[3,6,11],blob:[2,14,15],block:[8,14,16],bodi:4,boil:[],both:[2,3,4,5,12,14,15,17],bottleneck:13,bottom:7,bound:12,br:[],brief:[7,14],broad:15,broker:0,brought:17,brows:[5,15],bsherman:14,bug:15,build:2,built:2,busi:[12,16],button:[13,16,17],c:[3,12,14],caddi:14,caddyfil:[2,12],call:[0,2,3,8,14],callabl:3,callback:11,can:[0,1,2,3,5,6,7,10,11,13,14,15,16,17,18,19],candid:5,cang:14,cannot:[3,6,7,12,14,17],cap_add:14,car:15,cat:16,caus:[2,12,17],cd:2,center:[0,5,7,17],cento:2,cert:14,certain:[2,17],certif:[2,14],certmanag:14,cgnat:[13,17],chang:[0,1,2,3,5,6,7,13,14,16,17,18],charact:[16,17],chart:14,chcon:16,check:[1,2,3,7,12,14,16,17],checkin:[1,3,17,18],choic:[6,13,14],choos:[3,9,13,14],chosen:[2,3],cidr:[7,14,17],circumst:[3,4,7],circumv:13,clarifi:4,classnam:14,clear:[15,18],cli:2,click:[2,5,7,11,13,16,17],client:[0,5,7,11,12,14,15,16],client_id:11,client_max_body_s:14,client_mod:14,client_secret:11,clientmod:14,clone:2,close:[3,18],cloud:[0,12,19],cluster:[14,19],cluster_mgmt:14,clusterip:14,clusterissu:14,code:[2,3,6,10,14,15,16,17],collect:15,com:[2,3,4,7,11,12,14,15,16,18],combin:[5,14,17],come:[2,5,14],comfort:12,comm:3,comma:[14,17],command:[2,7,12,14,16,17],comment:[4,14],commit:4,common:[2,5,8,12],commonli:16,commun:[0,2,3,4,7,8,14,15,16,17],compar:[2,15],compat:[5,6,8,17],compil:[2,3],complaint:4,complet:16,complex:2,complic:2,compon:[3,8,14,17],compos:[7,8,15,16,18],comput:[0,2,3],concept:8,concurr:12,conf:[6,12,14],confidenti:4,config:[1,2,6,17,18],configur:[0,1,2,7,12,16,17],confirm:[17,18],conflict:[14,17],connect:[0,2,3,6,7,13,14,16,17,19],consensu:[2,16],consequ:14,consid:[4,7,14,15],consider:2,consist:[2,14],consol:7,construct:4,consult:[14,16],consum:[3,14,16],contact:[4,8,12,14,16],contain:[2,7,12,14,16,17],container_nam:14,content:1,context:14,continu:[14,16],contrast:2,contribut:4,contributor:4,control:[2,7,14],convert:[3,16,17],copi:[7,14],core:[0,8],coredn:[3,8,12],coredns_addr:14,coredns_address:14,coredns_ip:12,corednsaddr:3,corefil:14,coreo:2,corpor:[14,15,16],correct:[2,4,12,18],correctli:[2,3,14,17],cors_allowed_origin:14,could:[0,4,7,14,16,17],count:[14,15],countri:5,cours:5,coven:4,cover:8,cp:14,cpu:[12,16],creat:[0,1,2,3,4,5,6,8,12,13,14,16],createadmin:1,creategatewai:1,creation:[0,7,13,17],credenti:14,credit:16,critic:[4,14],cron:2,cross:19,cryptocurr:0,curl:[7,14],current:[2,3,14,16,17],custom:[2,8,12,14],customiz:14,cycl:1,d9:1,d:[1,2,12,14,17,18],daemon:2,daili:14,dashboard:[8,11,12,14],data:[0,2,5,7,14,15,16,17],databas:16,datastor:14,date:[1,2],datetim:17,db:[2,8,14],dc:12,ddflzqn:6,debian:2,debug:14,decod:[2,3,7],deem:4,defin:[4,7,17,18],delet:[1,6,7,14,16,17],deletegatewai:1,deni:16,depend:[2,3,8,16,17,18],depends_on:14,deploi:[2,3,5,8,12,14,16],deploy:[2,14],depreci:[14,17],derogatori:4,design:[2,3,6,13,14,16],desktop:[2,3,6,17],detail:[1,2,3,4,7,8,14],detect:[2,14],determin:[4,5,14,17],dev:[12,14],devic:[0,2,3,8,16,17],diagram:2,differ:[0,2,3,4,5,7,14,15],difficult:[15,17],digitalocean:12,dir:3,direct:[13,17],directli:[0,1,2,3,6,12,13,14,16],directori:[3,14],disabl:[2,4,17],disable_remote_ip_check:14,disableremoteipcheck:14,disconnect:16,discord:[15,16],discuss:[14,18],displai:[2,14,17],display_kei:14,displaynam:1,distibut:2,distribut:[2,7,14,17],distributionshav:2,dn:[2,8,16,19],dns_mode:[14,16],dnsconfig:14,dnsmode:14,dnson:3,dnsstublisten:14,doc:[7,11,12,14,17],docker:[2,7,8,9,11,15,16,18],document:[0,2,3,7,14,15,18],doe:[2,3,6,8,12,14,16,17],doesn:16,domain:[11,12,14,16],don:[2,3,7,19],done:16,dont:[7,16],doubl:[2,13],down:[0,3,5,7,11,13,14,16,17,18],download:[3,6,7,14,16,17,18],dozen:2,dual:[3,7,16,17,19],dualstack:17,due:[3,13,16],duplic:3,dure:[3,17],dynam:[0,2,8,17],e:[2,3,4,5,7,12,14,16,18],each:[0,2,3,7,8,11,14,16,17],eas:2,easi:[2,14,17],easier:2,easiest:2,easili:[0,5,7,14],echo:12,edit:[4,6,8,13,14,16],effect:[7,17],effici:[2,5],egress:[3,6,15,16],either:[2,3,6,13,18],ejf6yy51m:6,electron:4,elev:[11,14],elimin:2,els:17,email:[12,15],embed:14,empathi:4,empti:14,enabl:[2,5,7,12,14,17],encod:7,encompass:[0,5],encount:2,encrypt:[0,2,3,5,16],end:[2,12,14,16,17],endpoint:[1,2,3,6,7,17],enforc:8,enough:14,enpoint:17,ensur:[13,14,15,18],enter:[7,13,14,17],enterpris:[12,14],entir:[7,18],entireti:2,entri:[14,16,17],env:[1,14],environ:[0,1,2,4,11,14,16,17],equal:14,equival:14,error:17,essenti:13,establish:[2,6],etc:[3,7,12,14,16,18],eth0:[1,17],eth2:5,ethnic:4,evalu:15,even:[0,2],event:4,everi:[2,3,7,17],everyon:4,everyth:[2,5,14,17],evolv:2,ex:[3,7,12,14],exactli:15,exampl:[2,3,4,5,6,8,11,12,17],except:[7,11,14,17],execut:14,exist:[0,2,7,14,17],expect:[4,5,8,14,17,18],experi:[3,4,9,16],experienc:3,expir:17,explain:2,explicit:4,explicitli:14,exploit:14,expos:2,express:4,expressvpn:15,ext:[5,8,16],extend:14,extens:2,extern:[3,5,14,15,17],extrem:2,f1:1,f8:3,f:[14,16],face:[4,5],fact:0,fail:[2,7,11],fair:4,fairli:[2,16],faith:4,fallback:17,fals:[3,14],familiar:[0,2,15,16],faq:8,fast:[2,8,14],faster:[0,2,3,17],fcontext:16,featur:[12,14,17],fed:2,fedora:2,few:[2,3,7,15,17],field:[5,6,7,8,13,14,17,18],figur:19,file:[2,6,12,15,17,18],filenam:1,fill:17,filter:17,find:[2,14,17,18,19],fine:0,firewal:[3,7,8,13,14,16],first:[2,3,5,7,8,11,14,16,17,19],fit:[12,19],fix:15,flag:3,flat:0,flexibl:0,flow:2,focu:15,focus:4,folder:[2,3,14,18],follow:[2,3,4,5,7,11,12,14,15,16,18],forc:14,form:[3,7,17],format:[11,14],forum:16,forward:[3,5,6,14],foster:4,found:[0,2,3,10,11,14],framework:15,free:[4,17],freebsd:[2,15],freeli:10,frequent:[5,16,17],friend:16,friendli:2,from:[0,1,2,3,4,5,6,7,9,12,13,14,16,17,18,19],front:[2,14],frontend_url:11,full:[0,2,14,15],fulli:[0,2],further:4,furthermor:14,futur:[7,12,18],g:[3,7,12,14],gatewai:[1,2,3,8,15,16,17,19],gather:2,gb:16,gcp:12,gender:4,gener:[1,2,3,6,9,11,12,14,15,17],generate_config_j:14,get:[1,2,3,5,12,14,16,17,18],gg:15,github:[2,3,8,11,12,14,15,16,18],githubusercont:[3,7,12,14,16],give:[2,7,8,14,15,16],given:[0,2,5,7,14,16,17],global:[3,5],go:[2,3,5,8,13,14,15,16,17],goe:[0,14,17],golang:2,good:[4,5,6,7,13,15,16,17,19],googl:[11,14],grab:3,gracefulli:4,grade:14,grant:17,graph:8,gravitl:[2,3,4,7,12,14,15,16,18],group:12,grpc:[2,3,7,12],grpc_port:14,grpc_ssl:14,grpcaddress:3,grpchost:14,grpcport:14,grpcserver:3,gui:3,guid:[0,2,7,9,12,14,16],guidanc:8,guidelin:[14,15],h:[1,3],ha:[0,2,3,5,7,11,12,13,14,16,17,18,19],hand:8,handl:[0,2,12,14,17],handshak:[16,17],haproxi:[2,14],harass:4,hard:[13,16,17],harder:16,hardwar:[3,16,17],harm:4,hasadmin:1,hash:14,have:[0,2,3,4,5,6,7,11,12,13,14,16,17],haven:16,head:12,header:[1,2,14],health:17,heart:3,heavi:2,helm3:14,helm:14,help:[1,2,3,7,8,14,15,17,18],here:[2,4,7,10,12,14,15,16,17,19],hesit:15,high:[2,8,14,16],highli:[3,8,9],hit:16,hold:[0,2,3],holder:16,hole:[3,7,16,17],holepunch:3,home:[0,2,3,5,17],hook:[2,6],host:[2,3,12,14,15,16,17],host_ip:14,host_network:14,hostnam:17,hostnetwork:14,hous:1,hover:17,how:[2,3,5,8,14,16,17],howev:[1,2,3,5,12,14,16],html:14,http:[1,2,3,7,8,11,12,15,16,18],http_port:14,hub:[0,2,13,17],hundr:12,i:[3,12,14,16],id:[1,3,11,14,15,17],ideal:14,ident:4,identifi:[3,14,17],ignor:[3,5,17],imag:[14,18],imageri:4,impact:[2,15],implement:[2,5],importantli:7,imposs:13,improv:14,inappropri:4,inbound:[3,12],incid:4,includ:[2,4,6,8,14],inclus:4,incompat:18,incorrect:[3,14,16],increas:[2,17],independ:6,indic:[11,17],individu:[4,14,17],industri:2,info:[2,4,12,14,15],inform:[2,3,4,7,8,12,17],ingress:[2,3,5,16,17],ingressroutetcp:14,initi:[3,11],input:14,ins:[],insert:[5,12,14,16],insid:[8,14,17],instal:[0,2,6,7,16,18],instanc:[1,2,3,4,5,7,12,14,17],instead:[0,3,5,6,7,12,14,16,17],instruct:[11,14],insult:4,intact:3,integ:[14,15],integr:[2,8,14],intend:3,inter:17,interact:[0,2,3],interest:[4,16],interfac:[1,2,3,5,6,7,12,14,17],interfer:[12,16],intern:[5,14],internet:[0,2,5,15],intro:19,introduc:16,introduct:8,invalid:[6,7,17],investig:4,invis:[2,17],io:[11,12,14,16,17],iot:[0,2],ip:[2,3,5,6,7,12,13,14,16,17,18],ipaddress:17,ipforward:[3,17],iphon:2,ipsec:2,iptabl:[3,5,14,17],ipv4:[3,7,14,16,17],ipv6:[3,7,16,17,19],ipv6address:17,isdualstack:3,isingressgatewai:3,isloc:[3,17],isstat:3,issu:[2,3,4,8,12,13,14,17],issuer:14,issuernam:14,iter:17,its:[0,2,3,4,5,6,7,14,15,17],itself:[2,3,5,7,14],job:2,join:[2,3,7,14,16,17],journalctl:[3,14,16],jq:1,js:14,json:[1,14],just:[0,2,3,6,7,12,14,15,16,17],jwt:[1,3],k3:19,k8:[14,15],k:[3,7],keep:[1,2,5,17],keepal:[3,17],kei:[2,3,8,11,12,14,16,17],kept:17,kernel:[0,2],keynam:1,keyupd:1,kill:16,know:[0,5,14,15,16,19],known:[12,17],kube:14,kubectl:14,kubernet:[0,5,9,17,19],lan:3,languag:4,laptop1:1,laptop:[6,17],larg:[2,17],last:[1,17,18],lastmodifi:1,latenc:2,later:2,latest:[2,3,6,14],launch:2,launchd:[2,3],launchdaemon:2,layer:0,layout:2,lb:[2,14],le:14,lead:2,leadership:4,least:[0,16],leav:[3,6,7,14,16,17,18],left:[7,11,14,16],legend:17,length:[3,16,17],less:[2,7],let:[0,5,15,19],letsencrypt:[12,14],level:[2,4,8,14,17],librari:2,light:14,lightweight:2,like:[0,2,3,7,14,17],limit:[3,8,14,15,16,17],line:[2,17],link:[8,11,12,14],linod:12,linux:[2,3,5,7,8,15,17],linuxserv:14,list:[0,2,3,5,13,14,15],listen:14,listenport:1,littl:[2,15],ln:14,load:2,local:[0,2,3,5,7,14,17],localaddress:[1,3],localhost:[1,14],localrang:3,locat:[0,2,3,5,14,17],log:[11,12,14,16],logic:6,login:[7,11],longer:[12,14,17],look:[14,15,17],lookup:2,lose:17,lot:[2,3,16],lower:[16,17],lxc:14,m:[3,6,16],mac:[2,3,7,14,17],macaddress:[1,3],machin:[0,2,3,5,6,7,8,12,13,14,16,17,18],maco:15,made:[0,2,16,17],mai:[1,2,3,4,7,11,12,13,14,16,17,18],mail:4,main:14,maintain:[4,14,15,17],make:[0,2,4,5,6,8,9,12,13,14,15,16,17],man:6,manag:[0,2,6,8,14,17,19],manage_ipt:14,mani:[0,2,12,14,15,17,19],manual:[2,3,7,14,16,17,18],map:14,master:[2,3,7,12,14,15,16],master_kei:14,masterkei:[1,14],match:[3,14],maximum:14,md:[1,14],mean:[2,3,5,6,7,14,16,17],meant:[14,16],measur:13,media:4,medium:9,meet:14,member:4,memori:16,mesh:[0,6,16,17,19],meshclient:1,messag:[0,2],metal:[2,8],method:[1,2,3,5,6,7,9],mgmt:1,microk8:[14,19],microsoft:11,middl:6,might:[0,2,13,14],min:12,minim:14,minimum:16,minor:18,mint:2,minu:14,minut:[12,14,16,17],mismatch:18,miss:[2,18],mix:3,mode:[2,7,8],model:[0,2],modif:14,modifi:[1,2,3,7,12,14,15,17],moment:17,mongo:14,mongodb:[],moquitto:2,more:[0,1,2,6,7,8,12,14,15,17],mosquitto:12,most:[1,2,3,5,9,12,14,15,16,17],mostli:[2,3],mount:14,move:[7,12,18],mq:[0,2,14],mq_host:14,mqtt:0,mtu:[16,17],much:[0,2],mullvad:15,mullvadvpn:15,multipl:[0,7,14,16,17],must:[1,2,3,5,6,7,11,12,14,16,17,18],mv:18,my:[1,3,16,18],mydomain:11,mykei:[1,7],mynet:7,myserv:7,mysit:12,myvers:18,n:[3,7,12,14,16],name:[1,3,5,6,7,14,16,17],nameserv:[2,3,14],namespac:14,nat:[6,8,13,16,17],nation:4,nativ:2,navig:[11,12,16],nebula:[0,15],necessari:[2,3,4,12,14,17],need:[0,1,2,3,5,12,14,15,16,17,18],neg:15,neighborhood:0,neither:2,net:[],net_admin:14,netclient:[0,5,6,8,17,18],netclient_accesskei:3,netclient_accesstoken:3,netclient_address:3,netclient_addressipv6:3,netclient_api_serv:3,netclient_daemon:3,netclient_dn:3,netclient_endpoint:3,netclient_grpc_serv:3,netclient_interfac:3,netclient_ipforward:3,netclient_is_dualstack:3,netclient_is_loc:3,netclient_keepal:3,netclient_localaddress:3,netclient_localrang:3,netclient_macaddress:3,netclient_nam:3,netclient_network:3,netclient_o:3,netclient_password:3,netclient_port:3,netclient_postdown:3,netclient_postup:3,netclient_privatekei:3,netclient_publickei:3,netclient_roam:3,netclient_udp_holepunch:3,netconfig:[3,16,18],netid:1,netmak:[1,3,5,6,10,13,16,17,18,19],netmaker_base_domain:[12,14],netmaker_env:14,netsh:3,network:[0,5,6,8,11,12,13,14,15,16,18,19],network_mod:14,newli:18,next:[3,5,7,11],nextcloud:19,nf:14,nginx:[2,8,16],nip:12,nm:[3,14,17],nocaddi:14,node:[3,5,6,8,13,14,16],node_id:14,nodn:14,non:[2,3,7,9,14,15,17],none:0,noonewillguessthi:1,nopass:14,nordvpn:15,normal:[3,14],notabl:14,note:[1,5,6,8,11,12,14,16,17],noteabl:7,notifi:2,now:[0,6,7,12,13,14,15,16,18],ns:14,number:[2,7,12,14,17],o:[12,14],oauth2:11,oauth_provid:11,object:14,oblig:4,obscur:17,obtain:[1,3],occur:2,od:3,off:[2,3,7,14,15,16,17],offens:4,offer:11,offic:[0,5,19],offici:[1,4,16],offlin:4,often:[2,15,17],old:18,omit:14,onc:[2,3,5,6,7,11,14],one:[2,3,5,6,7,12,14,16,17],onli:[1,2,3,5,6,7,11,14,16,17,18],onlin:4,onto:17,open:[4,7,8,15,17],openvpn:[2,15],openwrt:[2,8,16],oper:[2,3,13,14,17],operatingsystem:3,opinion:12,oppos:[2,14],opt:[14,15],option:[2,3,8,11,12,17],oracl:12,order:[5,11,14,16],org:14,orient:4,origin:[11,14],os:[3,17],osi:15,other:[0,2,3,4,6,7,13,16,17],otherwis:[0,3,4,14,16,17],our:[2,8,14,16],out:[0,2,7,12,14,15,16,17,19],outlin:[2,14],output:[3,7,16],outsid:[3,8,14,16],over:[0,2,5,12,13,14,16,17],overlai:[0,8],overlap:[5,7],overrid:[3,14],overridden:[2,14],overview:[2,19],overwhelm:19,own:[2,12,14],p2p:17,p:[3,7,12,14],packag:[3,16],packet:17,page:[2,11,17],pair:[2,14],pane:[7,17],panic:18,part:[2,3,14],parti:[16,17],partial:2,particip:[4,15],particular:[2,3],pass:[2,3,14],password:[1,3,7,14,17],past:5,path:[1,14,15,17],peer:[2,3,6,7,13,16,17,19],pend:[1,7,17],peopl:[5,15,17],per:12,perform:[1,2,3,7,14],period:2,perm:14,perman:[4,14],permiss:[4,8,12,14,16],permit:7,persist:17,persistentkeepal:[3,6],person:4,perspect:[0,2],phone:[3,6],physic:[4,16],pick:[2,7],pictur:2,ping:[7,16,17],pivpn:15,place:[3,12,13,14,18],placehold:14,plaintext:3,plan:[12,14,15,16],platform:[2,8,15],pleas:[3,8,12,14,15,16],pledg:8,plu:[3,12],poc:[9,12],pod:17,point:[2,5,12],polici:4,polit:4,popul:[14,17],port:[2,3,7,12,14,16,17],port_forward_servic:14,posgr:14,posit:4,possibl:[2,12],post:[1,3,4,14,17],postchang:3,postdown:[3,14,17],postgr:14,postgresql:[2,14],postgress:14,posthog:15,postup:[3,14,17],powershel:3,practic:2,pre:14,preced:2,precend:14,prefer:[12,14,16],prepar:8,prereqisit:7,prerequisit:[2,5,7,8,14],present:18,prevent:[3,17],previou:2,primari:[3,14,16,17],prior:14,privaci:15,privat:[2,4,5,7,8,14,15,16,17,19],privatekei:[3,6],privileg:14,privkei:3,probabl:[0,15],problem:[3,16],procedur:14,process:[3,7,8,14,18],prod:14,product:[12,14],profession:4,program:3,programdata:3,project:[1,4,14,15],proof:0,proper:14,properli:[3,14,16],properti:3,proto:12,protocol:[3,14],provid:[0,2,3,8,12,14,17],proxi:[2,8,11,12],proxy_pass:14,proxy_pass_request_head:14,proxy_set_head:14,pub:2,pubkei:3,publickei:[1,3,6],publicli:[12,13],publish:[2,4,10],pull:[2,3,6,14,17,18],punch:[3,7,16,17],purchas:16,pure:17,push:[0,2,3,6],put:[1,17],q9cog7c9qjnoxygvri:3,qr:[6,16,17],quarantin:3,queri:12,question:16,queue:0,quick:[2,7,8,9,14,16,17],quickli:[12,16],quickstart:16,r:16,race:[4,15],raft:[2,14,16],ram:12,random:[14,15,17],randomli:17,rang:[3,5,6,7,12,14,16,17],rangestr:1,rare:17,raspian:2,rather:[11,14,17],raw:[3,7,12,14,16],rce:[14,17],re:[0,2,7,14,15,16,18],reach:[0,2,3,5,6,7,13,14,15,16,17],reachabl:[2,3,6,7,8,13,14,17],reactj:2,read:14,readm:[12,14],reallysecret:1,reason:[2,4,7,13,14,17],reboot:16,receiv:[1,2],recent:[2,3,16,17],reciev:2,recommend:[1,3,6,9,12,16],reconfigur:[3,16],record:[7,12,16],redirect:11,redund:14,refer:[2,7,16],regard:[2,4],regardless:4,regist:[2,3],registr:[2,3],regular:2,regularli:[2,15,17],reject:4,rejoin:18,rel:[2,5,18],relai:[2,3,6,16],relat:14,releas:[2,3,14,16,18],relev:17,reli:[0,3],reliabl:17,religion:4,remain:17,remot:[0,3,14],remoteip:3,remov:[1,2,4,7,14,16,17],removenetwork:1,renam:[3,14,16,18],repeat:7,repercuss:4,replac:[3,14],replace_master_kei:12,replica:14,replicacount:14,repo:[2,14],report:4,repositori:[2,10],repres:4,represent:4,request:[1,2,14],requir:[1,2,3,7,12,16],resolv:[2,3,14],resolvectl:[3,14,17],resourc:[6,8,9,15],respect:[2,4],respons:[2,8],rest:[12,14],rest_backend:14,restart:[3,11,14,16],restbackend:14,restorecon:16,restrict:[13,14],result:4,retriev:[0,1,2,3,7,12],revers:[8,12],revert:3,review:4,rf:7,rhel:2,right:[0,4,14,17],risk:16,rkxlgk2mg:6,rm:7,rncjjbsaa3hzuhrk5hpyxm:3,roam:[3,17],rogu:16,root:[3,12,14,16,18],rout:[0,2,5,11,12,13,14,17],route53:12,router:[2,5,16],rpumvsbpgq:6,rqlite:16,rule:[3,5,12],run:[0,1,2,5,6,7,12,14,15,16,17,18],runtim:14,rv:16,rwo:14,rwx:14,s:[0,2,3,4,5,6,7,8,10,12,13,14,15,16,17,18],sai:5,said:2,same:[0,3,6,7,14,16,17],sampl:0,save:[7,12,18],saveconfig:17,sbilli:[3,16],scan:[6,17],scenario:[5,7,13,17],schedul:14,scope:8,screen:[7,11],screenshot:[8,17],script:[2,7,12,14,16],search:17,second:[5,7,17],secret:[1,3,7,11],secretkei:14,section:[3,14,17],secur:[0,1,2,3,5,8,12,16,17,19],sed:[12,14],see:[1,2,3,7,8,12,14,15,16,17],seek:18,seem:7,select:[6,7,13,16,17],selector:14,self:[14,15],selinux:16,semanag:16,send:[2,3,14,17],sens:[2,9,15],sensibl:[0,2,7,17],sent:[2,14,17],separ:[2,4,14,17,19],seper:16,serv:[2,14],server:[0,3,5,6,7,10,11,12,15,17],server_api_conn_str:14,server_api_host:14,server_grpc_conn_str:14,server_grpc_host:14,server_grpc_wireguard:14,server_host:14,server_http_host:[11,14],server_nam:14,server_public_ip:12,serverctl:15,servic:[2,3,5,6,12,14,17,19],set:[1,2,3,4,5,8,12,15,16,17,19],setup:[0,2,5,8,12],sever:[2,14],sexual:4,sf:14,sfl:[7,14],sh:[3,7,14,16],share:[14,16],shell:[3,16],ship:2,shortli:18,should:[0,1,2,3,5,6,7,12,13,14,15,16,17],show:[3,4,14,16,17],shown:[6,17],shut:5,side:[10,17],sign:[2,3,7,11,14,16],signific:2,signup:[2,3,16,17],similar:[0,7,14,15,17],simpl:[2,3,5,7,8,11,14,16],simplest:[2,3],simpli:[2,3,5,6,7,13,14,15,16],simplifi:[13,14],simultan:0,sinc:17,singl:[1,2,5,16,17],sit:17,site:[0,2,8,14,16,19],situat:[2,16,17],size:4,skip:14,skynet:1,slow:[0,13],slower:14,small:[2,7,9],smartgui:1,so:[0,2,3,5,6,7,12,14,16,17],social:4,sole:17,solut:2,solv:[2,17],some:[1,2,3,5,7,13,14,16,17],someth:[6,7,14,17],sometim:13,somewher:7,soon:16,sort:0,sourc:[2,3,8,10,15],space:[4,17],spec:16,special:[2,3,7,14],specif:[2,3,4,5,7,8,14,17],specifi:[3,5,11,13,14,17],speed:[0,2],spend:15,spin:14,split:3,spoke:[0,2,13,17],spread:0,sql:[2,14],sql_conn:14,sql_db:14,sql_host:14,sql_pass:14,sql_port:14,sql_user:14,sqlconn:14,sqldata:14,sqlite:[14,16],src:12,ssh:[7,12,14,18],ssl:[2,14],sspl:10,stabl:5,stack:[3,7,16,17,19],stai:[3,16,17],stake:0,standalon:14,standard:[2,5,8,14,16,17],start:[2,14,16,19],startup:1,state:7,statement:8,statu:[3,14,16,17],step:[2,3,7,14,18],still:[0,3,14,18],stock:15,stop:14,storag:[12,14],storageclassnam:14,store:[2,14,17],straight:5,straightforward:18,string:[7,14],stuck:16,stun:[7,16],su:7,sub:2,subdomain:[12,14],submit:7,subnet:[2,5,17],subscrib:[0,2],subscript:[12,16],subsequ:2,subspac:15,subspacecloud:15,substanti:0,success:[2,11],successfulli:11,sudo:[3,7,11,12,14,16],support:[2,12,14,16],sure:[12,15,16,17],surfshark:15,suse:2,swag:14,symbol:11,sync:2,system32:3,system:[7,8,12,17],system_u:16,systemctl:[3,14,16],systemd:[3,7,14,16],t:[2,3,7,16,19],tab:[7,16],tack:17,tail:3,tailscal:[0,15],take:[0,1,2,4,7,11,14,16,17],talk:[0,2],tcp:12,team:[4,15],technic:[0,8,15],technolog:2,ted:17,telemetri:[8,14],tell:[0,2,3,13,14,16],templat:14,temporari:[4,17],temporarili:4,tenant:11,term:15,terrain:15,test:[7,9],than:[2,7,11,14,17],thei:[0,2,4,7,8,14,15,16,17],them:[2,7,14,15,16],themselv:[2,16],therefor:16,thi:[0,1,2,3,4,5,6,7,8,10,12,13,14,15,16,17,18],thing:[0,2,3,16],think:[5,15,19],third:16,thmpvlcykonxi:3,those:[0,2,3,5,6],though:2,thousand:0,threaten:4,three:[7,14],through:[2,13,14,17],ticket:15,time:[1,2,3,6,7,13,14,16,17,18,19],timer:[],timestamp:17,tl:14,toc:14,token:[3,7,14,16],too:[16,17],tool:[0,3,5],top:[2,16],topic:19,topolog:2,touch:16,toward:4,tr:12,track:17,traefik:2,traffic:[0,2,5,6,13,14,16,17],trailofbit:15,transact:2,translat:17,travers:17,treat:[2,3,17],tree:14,trial:[9,12],tricki:2,troll:4,troubleshooot:12,troubleshoot:[1,7,12],trust:15,tune:17,tunnel:[0,2],tunnelbear:15,turn:[2,3,7,13,14,16,17],tutori:8,two:[0,1,2,3,5,7,14,16],type:[1,14],typi:17,typic:[0,2,3,5,6,7,13,14,16,17],u:[3,14,16],ua2zjt8wn7ga:6,ubuntu:[2,12,14],udp:[3,7,12,14,16,17],udpholepunch:3,ufw:12,ui:[1,3,5,6,18],un:14,unabl:[7,16],unaccept:4,unaccess:17,uncom:14,uncordon:1,under:[3,7,10,14,15,16],underlai:[0,19],underli:16,underscores_in_head:14,unedit:17,unexpectedli:5,unfamiliar:7,uninstal:[8,16,18],uniqu:[3,12,17],unix:[2,3,17],unless:[3,14],unmanag:2,unnecessari:[3,7],unregist:3,unregistr:3,unset:[3,14],unsur:[6,7,13],until:[3,7,14,16,17],unwelcom:4,unzip:14,up:[0,2,3,5,7,8,12,14,16,17,18,19],updat:[1,2,7,12,14,16,17],upgrad:[2,16],upon:[2,3],upstream_app:14,upstream_port:14,upstream_proto:14,urandom:12,uri:11,url:[11,14],us:[1,2,3,4,6,7,8,9,11,12,13,14,15,16,17,19],usag:[3,8,14,19],user:[2,3,7,8,9,14,15,16],usernam:[1,7,14,17],userspac:14,usr:14,usual:[2,3,5,7,17],util:16,v0:[2,11,14,15,16],v:16,valid:[2,14,17],valu:[1,2,3,7,12,16,17],variabl:[2,3,11,16],variou:[3,8,14],ve:16,vehicl:15,verbos:14,veri:[0,2,3,5,7,17],verifi:2,version:[2,3,4,10,12,14,15,16,18],vi:18,via:[1,2,3,4,5,6,7,8,11,12,14,16,17,19],viabil:15,video:8,view:[7,14,15,16,17],viewpoint:4,vim:[3,14],virtual:[0,3,6,8,12,15,17,19],visibl:[7,14],visit:[14,15],vist:18,vm3ow4thatogiwnsla3thsl3894th:7,vm:[0,2,8,12,16],vne197vmradjodkb1zsuja:3,volum:[7,14,16,18],vpc:[0,5,15,17],vpn:[2,16,17,19],vs:18,vulner:[14,17],vx:18,wa:[2,11,14,17],wai:[14,15,16,17],wan:7,want:[0,2,3,6,7,11,12,14,15,16,17],warn:[14,17],we:[0,1,2,4,9,12,14,15,16],web:[5,14,15],webserv:2,websit:2,weight:14,welcom:4,well:[2,3,7,8,14,16,17],were:[14,16],wg:[3,14,16,17],wgaddress6:3,wgaddress:3,wget:[3,12,14,16,18],what:[4,5,6,8,14,16],whatev:[3,7,14,17],when:[0,2,3,4,7,13,14,16,17],where:[2,5,6,7,8,14,15,17,19],wherebi:2,wherev:0,whether:[0,3,14,17],which:[0,2,3,4,5,6,7,10,11,12,13,14,15,16,17],who:4,why:[2,3,16],wide:[2,14],wider:2,wifi:17,wiki:4,wildcard:[12,14],window:[2,7,8,15],wipe:16,wireguard:[0,3,5,6,7,8,12,15,16,17],wish:[3,5,6,11,14,17],within:[2,3,4,17],without:[1,2,3,4,7,8,15,16,17],work:[2,3,5,8,13,14,15,16,17],worker:[5,14],workstat:[3,7],world:[0,2],worri:7,wors:2,would:[0,3,5,6,7,14,15,17],write:[2,14,18],written:8,wrong:16,ws2:3,www:14,x86:3,x:[1,2,5,7,12,16,18],y:12,yaml:[1,14],ydazgedrpuxmmrqul35wfjmhvrzr1rq0u:6,ye:[3,15,16,17],yet:16,yml:[12,14,16,18],you:[0,1,2,3,5,6,7,9,11,12,13,14,16,17,18,19],your:[0,1,2,3,5,6,7,8,12,13,14,15,16,17,18,19],your_db_password:14,your_email:12,your_pass:1,your_password:1,your_secret_kei:1,yournetwork:18,yourwildcard:14,z0:12,za:12,zero:11,zeroti:0,zip:14,zoom:17,zrb9vfhk8a:15},titles:["About","API Reference","Architecture","Advanced Client Installation","Code of Conduct","Egress Gateway","Ingress + External Clients","Getting Started","Welcome to the Netmaker Documentation","Install","License","Integrating OAuth","Quick Install","Relay Servers","Advanced Server Installation","Support","Troubleshooting","UI Reference","Upgrades","External Guides"],titleterms:{"0":[12,18],"1":[5,12,14],"10":18,"2":[5,12,14],"3":[12,14],"4":[12,14],"case":[0,5],"do":15,Is:15,No:14,about:[0,8],access:[1,5],ad:[3,6],advanc:[3,8,14],an:[5,6,15],ani:15,annot:14,api:[1,8],architectur:2,attribut:4,authent:1,avail:14,balanc:14,bare:14,basic:3,broker:2,busi:15,caddi:[2,12],call:1,cli:3,client:[2,3,6,8,17,18],code:[4,8],command:3,common:16,compat:[2,3,14],compon:2,compos:[12,14],concept:2,conduct:[4,8],config:[3,14],configur:[3,5,6,8,11,13,14],consider:14,contact:15,core:2,coredn:[2,14,16],cpu:3,creat:[7,17],critic:18,curl:1,daemon:3,daemonset:14,dashboard:17,databas:[2,14],depend:12,deploi:7,descript:[7,14],detail:17,disabl:14,dn:[3,6,12,14,17],docker:[12,14],document:[1,8],doe:0,edit:17,egress:[5,8,17],enforc:4,enterpris:15,exampl:[1,14],exit:15,ext:[6,17],extern:[2,6,8,19],faq:15,featur:15,file:[1,3,14],firewal:12,format:1,gatewai:[5,6],get:[7,8],graph:17,grpc:14,guid:[8,19],have:15,high:3,highli:14,how:0,http:14,ingress:[6,8,14],instal:[3,8,9,12,14],integr:11,introduct:[3,5,6,11,12,13,18],issu:16,kei:[1,7],kernel:14,kubernet:[8,14],licens:[8,10,15],like:15,limit:2,linux:14,list:17,load:14,log:3,make:3,manag:[1,3,7],mesh:2,metal:14,mode:[3,14],mosquitto:2,mq:12,mqtt:2,nat:5,netclient:[2,3,7,14,16],netmak:[0,2,7,8,11,12,14,15],network:[1,2,3,7,17],nginx:14,node:[1,2,7,15,17],nordnpn:15,note:[3,18],oauth:[8,11],offer:15,open:12,openwrt:3,option:[6,14],other:14,our:4,permiss:11,pledg:4,postgr:2,prepar:12,prerequisit:[3,12],prior:18,privat:3,process:2,provid:11,proxi:14,quick:12,re:3,recommend:14,refer:[1,3,8,14,17],relai:[8,13,17],remot:5,remov:3,requir:14,respons:4,revers:14,rqlite:[2,14],run:3,scope:4,script:3,secur:14,server:[1,2,8,13,14,16,18],set:[7,14],setup:[7,14],sqlite:2,sspl:15,standard:4,start:[7,8,12],support:[8,15],sync:3,system:[2,3,14],systemd:2,technic:2,telemetri:15,test:14,traefik:14,troubleshoot:[3,8,16],tutori:19,ui:[2,8,14,16,17],uninstal:[3,7],updat:3,upgrad:[8,18],us:[0,5],usag:1,user:[1,11,17],util:3,valu:14,variabl:14,video:19,view:3,vm:14,vpn:[5,15],welcom:8,what:0,why:15,window:3,wireguard:[2,14],without:14,work:0,written:19,you:15,your:11}}) \ No newline at end of file diff --git a/docs/_build/html/server-installation.html b/docs/_build/html/server-installation.html deleted file mode 100644 index e0cc96c5..00000000 --- a/docs/_build/html/server-installation.html +++ /dev/null @@ -1,1250 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Advanced Server Installation — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Advanced Server Installation

-

This section outlines installing the Netmaker server, including Netmaker, Netmaker UI, rqlite, and CoreDNS

- -

System Compatibility

-

Netmaker will require elevated privileges to perform network operations. Netmaker has similar limitations to netclient (client networking agent).

-

Typically, Netmaker is run inside of containers (Docker). To run a non-docker installation, you must run the Netmaker binary, CoreDNS binary, database, and a web server directly on the host. Each of these components have their own individual requirements.

-

The quick install guide is recommended for first-time installs.

-

The following documents are meant for special cases like Kubernetes and LXC, or for more advanced setups.

- - -

Server Configuration Reference

-

Netmaker sets its configuration in the following order of precendence:

-
    -

  1. Defaults

    2. -

  2. Config File

    3. -

  3. Environment Variables

    4. -
- -

Variable Description

-
-
VERBOSITY:

Default: 0

-

Description: Specify level of logging you would like on the server. Goes up to 3 for debugging.

-
-
GRPC_SSL:

Default: “off”

-

Description: Specifies if GRPC is going over secure GRPC or SSL. This is a setting for the clients and is passed through the access token. Can be set to “on” and “off”. Set to on if SSL is configured for GRPC.

-
-
SERVER_API_CONN_STRING

Default: “”

-

Description: Allows specification of the string used to connect to the server api. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified.

-
-
SERVER_GRPC_CONN_STRING

Default: “”

-

Description: Allows specification of the string used to connect to grpc. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified.

-
-
SERVER_HOST: (depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)

Default: Server will perform an IP check and set automatically unless explicitly set, or DISABLE_REMOTE_IP_CHECK is set to true, in which case it defaults to 127.0.0.1

-

Description: Sets the SERVER_HTTP_HOST and SERVER_GRPC_HOST variables if they are unset. The address where traffic comes in.

-
-
SERVER_HTTP_HOST: (depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)

Default: Equals SERVER_HOST if set, “127.0.0.1” if SERVER_HOST is unset.

-

Description: Set to make the HTTP and GRPC functions available via different interfaces/networks.

-
-
SERVER_GRPC_HOST: (depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)

Default: Equals SERVER_HOST if set, “127.0.0.1” if SERVER_HOST is unset.

-

Description: Set to make the HTTP and GRPC functions available via different interfaces/networks.

-
-
API_PORT:

Default: 8081

-

Description: The HTTP API port for Netmaker. Used for API calls / communication from front end.

-
-
GRPC_PORT:

Default: 50051

-

Description: The GRPC port for Netmaker. Used for communications from nodes.

-
-
MASTER_KEY:

Default: “secretkey”

-

Description: The admin master key for accessing the API. Change this in any production installation.

-
-
CORS_ALLOWED_ORIGIN:

Default: “*”

-

Description: The “allowed origin” for API requests. Change to restrict where API requests can come from.

-
-
REST_BACKEND:

Default: “on”

-

Description: Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to “off” to turn off.

-
-
AGENT_BACKEND:

Default: “on”

-

Description: Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to “off” to turn off.

-
-
DNS_MODE:

Default: “off”

-

Description: Enables DNS Mode, meaning config files will be generated for CoreDNS.

-
-
DATABASE:

Default: “sqlite”

-

Description: Specify db type to connect with. Currently, options include “sqlite”, “rqlite”, and “postgres”.

-
-
SQL_CONN:

Default:http://

-

Description: Specify the necessary string to connect with your local or remote sql database.

-
-
SQL_HOST:

Default: “localhost”

-

Description: Host where postgres is running.

-
-
SQL_PORT:

Default: “5432”

-

Description: port postgres is running.

-
-
SQL_DB:

Default: “netmaker”

-

Description: DB to use in postgres.

-
-
SQL_USER:

Default: “postgres”

-

Description: User for posgres.

-
-
SQL_PASS:

Default: “nopass”

-

Description: Password for postgres.

-
-
CLIENT_MODE:

Default: “on”

-

Description: Specifies if server should deploy itself as a node (client) in each network. May be turned to “off” for more restricted servers.

-
-
RCE:

Default: “off”

-

Description: The server enables you to set PostUp and PostDown commands for nodes, which is standard for WireGuard with wg-quick, but is also Remote Code Execution, which is a critical vulnerability if the server is exploited. Because of this, it’s turned off by default, but if turned on, PostUp and PostDown become editable.

-
-
SERVER_GRPC_WIREGUARD

Depreciated: no longer in use

-
-
DISPLAY_KEYS

Default: “on”

-

Description: If “on”, will allow you to always show the key values of “access keys”. This could be considered a vulnerability, so if turned “off”, will only display key values once, and it is up to the users to store the key values locally.

-
-
NODE_ID

Default: <system mac addres>

-

Description: This setting is used for HA configurations of the server, to identify between different servers. Nodes are given ID’s like netmaker-1, netmaker-2, and netmaker-3. If the server is not HA, there is no reason to set this field.

-
-
TELEMETRY

Default: “on”

-

Description: If “on”, the server will send anonymous telemetry data once daily, which is used to improve the product. Data sent includes counts (integer values) for the number of nodes, types of nodes, users, and networks. It also sends the version of the server.

-
-
MQ_HOST

Default: (public IP of server)

-

Description: The address of the mq server. If running from docker compose it will be “mq”. If using “host networking”, it will find and detect the IP of the mq container. Otherwise, need to input address. If not set, it will use the public IP of the server. the port 1883 will be appended automatically. This is the expected reachable port for MQ and cannot be changed at this time.

-
-
HOST_NETWORK:

Default: “off”

-

Description: Whether or not host networking is turned on. Only turn on if configured for host networking (see docker-compose.hostnetwork.yml). Will set host-level settings like iptables and forwarding for MQ.

-
-
MANAGE_IPTABLES:

Default: “on”

-

Description: # Sets iptables on the machine being managed in order to forward properly from wireguard interface to MQ and other services listed in “port forward services.” It’s better to leave this on unless you know what you’re doing.

-
-
PORT_FORWARD_SERVICES:

Default: “”

-

Description: Comma-separated list of services for which to configure port forwarding on the machine. Options include “mq,dns,ssh”. Typically best to leave mq and dns on. ssh can be removed.’ssh’ forwards port 22 over wireguard, enabling ssh to server over wireguard. dns enables private dns over wireguard. mq enables mq.

-
-
- - -

Config File Reference

-

A config file may be placed under config/environments/<env-name>.yml. To read this file at runtime, provide the environment variable NETMAKER_ENV at runtime. For instance, dev.yml paired with ENV=dev. Netmaker will load the specified Config file. This allows you to store and manage configurations for different environments. Below is a reference Config File you may use.

-
server:
-  apihost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_API_HOST if set
-  apiport: "" # defaults to 8081 or HTTP_PORT (if set)
-  grpchost: "" # defaults to 127.0.0.1 or remote ip (SERVER_HOST) if DisableRemoteIPCheck is not set to true. SERVER_GRPC_HOST if set.
-  grpcport: "" # defaults to 50051 or GRPC_PORT (if set)
-  masterkey: "" # defaults to 'secretkey' or MASTER_KEY (if set)
-  allowedorigin: "" # defaults to '*' or CORS_ALLOWED_ORIGIN (if set)
-  restbackend: "" # defaults to "on" or REST_BACKEND (if set)
-  agentbackend: "" # defaults to "on" or AGENT_BACKEND (if set)
-  clientmode: "" # defaults to "on" or CLIENT_MODE (if set)
-  dnsmode: "" # defaults to "on" or DNS_MODE (if set)
-  sqlconn: "" # defaults to "http://" or SQL_CONN (if set)
-  disableremoteipcheck: "" # defaults to "false" or DISABLE_REMOTE_IP_CHECK (if set)
-  version: "" # version of server
-  rce: "" # defaults to "off"
-
-
- - -

Compose File - Annotated

-

All environment variables and options are enabled in this file. It is the equivalent to running the “full install” from the above section. However, all environment variables are included, and are set to the default values provided by Netmaker (if the environment variable was left unset, it would not change the installation). Comments are added to each option to show how you might use it to modify your installation.

-
services:
-  rqlite:
-    container_name: rqlite
-    image: rqlite/rqlite
-    network_mode: host
-    restart: always
-    volumes:
-      - sqldata:/rqlite/file/data
-  netmaker: # The Primary Server for running Netmaker
-    privileged: true # Necessary to run sudo/root level commands on host system. Take out if not running with CLIENT_MODE=on
-    container_name: netmaker
-    depends_on:
-      - rqlite
-    image: gravitl/netmaker:v0.9.4
-    volumes: # Volume mounts necessary for CLIENT_MODE to control wireguard networking on host (except dnsconfig, which is where dns config files are stored for use by CoreDNS)
-      - dnsconfig:/root/config/dnsconfig # Netmaker writes Corefile to this location, which gets mounted by CoreDNS for DNS configuration.
-      - /usr/bin/wg:/usr/bin/wg
-    cap_add: # Necessary for CLIENT_MODE. Should be removed if turned off. 
-      - NET_ADMIN
-    restart: always
-    network_mode: host # Necessary for CLIENT_MODE. Should be removed if turned off, but then need to add port mappings
-    environment:
-      SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host.
-      SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
-      SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
-      API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
-      GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes.
-      CLIENT_MODE: "on" # on if netmaker should run its own client, off if not.
-      MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
-      CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
-      REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
-      AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off.
-      DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
-      DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
-      GRPC_SSL: "off" # Tells clients to use SSL to connect to GRPC. Switch to on to turn on.
-      COREDNS_ADDR: "" # Address of the CoreDNS server. Defaults to SERVER_HOST
-      DISPLAY_KEYS: "on" # Show keys permanently in UI (until deleted) as opposed to 1-time display.
-      SERVER_API_CONN_STRING: "" # Changes the api connection string. IP:PORT format. By default is empty and uses SERVER_HOST:API_PORT
-      SERVER_GRPC_CONN_STRING: "" # Changes the grpc connection string. IP:PORT format. By default is empty and uses SERVER_HOST:GRPC_PORT
-      RCE: "off" # Enables setting PostUp and PostDown (arbitrary commands) on nodes from the server. Off by default.
-      NODE_ID: "" # Sets the name/id of the nodes that the server creates. Necessary for HA configurations to identify between servers (for instance, netmaker-1, netmaker-2, etc). For non-HA deployments, is not necessary.
-      TELEMETRY: "on" # Whether or not to send telemetry data to help improve Netmaker. Switch to "off" to opt out of sending telemetry.
-  netmaker-ui: # The Netmaker UI Component
-    container_name: netmaker-ui
-    depends_on:
-      - netmaker
-    image: gravitl/netmaker-ui:v0.9.3
-    links:
-      - "netmaker:api"
-    ports:
-      - "8082:80"
-    environment:
-      BACKEND_URL: "http://HOST_IP:8081" # URL where UI will send API requests. Change based on SERVER_HOST, SERVER_HTTP_HOST, and API_PORT
-  coredns: # The DNS Server. Remove this section if DNS_MODE="off"
-    depends_on:
-      - netmaker 
-    image: coredns/coredns
-    command: -conf /root/dnsconfig/Corefile # Config location for Corefile. This is the path of file which is also mounted to Netmaker for modification.
-    container_name: coredns
-    restart: always
-    ports:
-      - "53:53/udp" # Likely needs to run at port 53 for adequate nameserver usage.
-    volumes:
-      - dnsconfig:/root/dnsconfig
-volumes:
-  sqldata: {}
-  dnsconfig: {}
-
-
- - -

Available docker-compose files

-

The default options for docker-compose can be found here: https://github.com/gravitl/netmaker/tree/master/compose

-

The following is a brief description of each:

-
    -

  • docker-compose.contained.yml - This is the default docker-compose, used in the quick start and deployment script in the README on GitHub. It deploys Netmaker with all options included (Caddy and CoreDNS) and has “self-contained” netclients, meaning they do not affect host networking.

    • -

  • docker-compose.coredns.yml - This is a simple compose used to spin up a standalone CoreDNS server. Can be useful if, for instance, you are unning Netmaker on baremetal but need CoreDNS.

    • -

  • docker-compose.hostnetwork.yml - This is similar to the docker-compose.contained.yml but with a key difference: it has advanced permissions and mounts host volumes to control networking on the host level.

    • -

  • docker-compose.nocaddy.yml -= This is the same as docker-compose.contained.yml but without Caddy, in case you need to use a different proxy like Nginx, Traefik, or HAProxy.

    • -

  • docker-compose.nodns.yml - This is the same as docker-compose.contained.yml but without CoreDNS, in which case you will not have the Private DNS feature.

    • -

  • docker-compose.reference.yml - This is the same as docker-compose.contained.yml but with all variable options on display and annotated (it’s what we show right above this section). Use this to determine which variables you should add or change in your configuration.

    • -

  • docker-compose.yml - This is a renamed docker-compose.contained.yml. It is meant only to act as a placeholder for what we consider the “primary” docker-compose that users should work with.

    • -
- - - -

DNS Mode Setup

-

If you plan on running the server in DNS Mode, know that a CoreDNS Server will be installed. CoreDNS is a light-weight, fast, and easy-to-configure DNS server. It is recommended to bind CoreDNS to port 53 of the host system, and it will do so by default. The clients will expect the nameserver to be on port 53, and many systems have issues resolving a different port.

-

However, on your host system (for Netmaker), this may conflict with an existing process. On linux systems running systemd-resolved, there is likely a service consuming port 53. The below steps will disable systemd-resolved, and replace it with a generic (e.g. Google) nameserver. Be warned that this may have consequences for any existing private DNS configuration.

-

With the latest docker-compose, it is not necessary to perform these steps. But if you are running the install and find that port 53 is blocked, you can perform the following steps, which were tested on Ubuntu 20.04 (these should be run prior to deploying the docker containers).

-
systemctl stop systemd-resolved
-systemctl disable systemd-resolved
-vim /etc/systemd/resolved.conf
-  *  uncomment DNS and add 8.8.8.8 or whatever reachable nameserver is your preference  *
-  *  uncomment DNSStubListener and set to "no"  *
-ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
-
-
-

Port 53 should now be available for CoreDNS to use.

- - -

Docker Compose Install

-

The most simple (and recommended) way of installing Netmaker is to use one of the provided Docker Compose files. Below are instructions for several different options to install Netmaker via Docker Compose, followed by an annotated reference Docker Compose in case your use case requires additional customization.

- -

Test Install - No DNS, No Secure GRPC

-

This install will run Netmaker on a server without HTTPS using an IP address. This is not secure and not recommended, but can be helpful for testing.

-

It also does not run the CoreDNS server, to simplify the deployment

-
-
Prerequisites:
    -

  • server ports 80, 8081, and 50051 are not blocked by firewall

    • -
-
-
Notes:
    -

  • You can change the port mappings in the Docker Compose if the listed ports are already in use.

    • -
-
-
-

Assuming you have Docker and Docker Compose installed, you can just run the following, replacing < Insert your-host IP Address Here > with your host IP (or domain):

-
wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.test.yml
-sed -i ‘s/HOST_IP/< Insert your-host IP Address Here >/g’ docker-compose.yml
-docker-compose up -d`
-
-
- - -

Traefik Proxy

-

To install with Traefik, rather than Nginx or the default Caddy, check out this repo: https://github.com/bsherman/netmaker-traefik

- - -

No DNS - CoreDNS Disabled

-

DNS Mode is currently limited to clients that can run resolvectl (systemd-resolved, see Architecture docs for more info). You may wish to disable DNS mode for various reasons. This installation option gives you the full feature set minus CoreDNS.

-

To run without DNS, follow the Quick Install guide, omitting the steps for DNS setup. In addition, when the guide has you pull (wget) the Netmaker docker-compose template, use the following link instead:

-
    -

  1. wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.nodns.yml

    2. -
-

This template is equivalent but omits CoreDNS.

- - - -

Linux Install without Docker

-

Most systems support Docker, but some do not. In such environments, there are many options for installing Netmaker. Netmaker is available as a binary file, and there is a zip file of the Netmaker UI static HTML on GitHub. Beyond the UI and Server, you may want to optionally install a database (sqlite is embedded, rqlite or postgres are supported) and CoreDNS (also optional).

-

Once this is enabled and configured for a domain, you can continue with the below. The recommended server runs Ubuntu 20.04.

- -

Database Setup (optional)

-

You can run the netmaker binary standalone and it will run an embedded sqlite server. Data goes in the data/ directory. Optionally, you can run PostgreSQL or rqlite. Instructions for rqlite are below.

-
    -

  1. Install rqlite on your server: https://github.com/rqlite/rqlite

    2. -

  2. Run rqlite: rqlited -node-id 1 ~/node.1

    3. -
-

If using rqlite or postgres, you must change the DATABASE environment/config variable and enter connection details.

- - -

Server Setup

-
    -

  1. Run the install script:

    2. -
-

sudo curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netmaker-server.sh | sh -

-
    -

  1. Check status: sudo journalctl -u netmaker

    2. -

  2. If any settings are incorrect such as host or mongo credentials, change them under /etc/netmaker/config/environments/< your env >.yaml and then run sudo systemctl restart netmaker

    3. -
- - -

UI Setup

-

The following uses Nginx as an http server. You may alternatively use Apache or any other web server that serves static web files.

-
    -

  1. Download and Unzip UI asset files

    2. -

  2. Copy Config to Nginx

    3. -

  3. Modify Default Config Path

    4. -

  4. Change Backend URL

    5. -

  5. Start Nginx

    6. -
-
sudo wget -O /usr/share/nginx/html/netmaker-ui.zip https://github.com/gravitl/netmaker-ui/releases/download/latest/netmaker-ui.zip
-sudo unzip /usr/share/nginx/html/netmaker-ui.zip -d /usr/share/nginx/html
-sudo cp /usr/share/nginx/html/nginx.conf /etc/nginx/conf.d/default.conf
-sudo sed -i 's/root \/var\/www\/html/root \/usr\/share\/nginx\/html/g' /etc/nginx/sites-available/default
-sudo sh -c 'BACKEND_URL=http://<YOUR BACKEND API URL>:PORT /usr/share/nginx/html/generate_config_js.sh >/usr/share/nginx/html/config.js'
-sudo systemctl start nginx
-
-
- - -

CoreDNS Setup (optional)

-

CoreDNS is only required if you want private DNS features. Once installed, you must set the CoreDNS variables in the env settings of the server.

-

See https://coredns.io/manual/toc/#installation

- - -

Proxy / Load Balancer

-

You will need to proxy connections to your UI and Server. By default the ports are 8081, 8082, and 50051 (grpc). This proxy should handle SSL certificates. We recommend Caddy or Nginx (you can follow the Nginx guide in these docs). The proxy must be able to handle gRPC connections.

- - - -

Kubernetes Install

- -

Server Install

-

This template assumes your cluster uses Nginx for ingress with valid wildcard certificates. If using an ingress controller other than Nginx (ex: Traefik), you will need to manually modify the Ingress entries in this template to match your environment.

-

This template also requires RWX storage. Please change references to storageClassName in this template to your cluster’s Storage Class.

-

wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netmaker-template.yaml

-

Replace the NETMAKER_BASE_DOMAIN references to the base domain you would like for your Netmaker services (ui,api,grpc). Typically this will be something like netmaker.yourwildcard.com.

-

sed -i ‘s/NETMAKER_BASE_DOMAIN/<your base domain>/g’ netmaker-template.yaml

-

Now, assuming Ingress and Storage match correctly with your cluster configuration, you can install Netmaker.

-
kubectl create ns nm
-kubectl config set-context --current --namespace=nm
-kubectl apply -f netmaker-template.yaml -n nm
-
-
-

In about 3 minutes, everything should be up and running:

-

kubectl get ingress nm-ui-ingress-nginx

- - -

Netclient Daemonset

-

The following instructions assume you have Netmaker running and a network you would like to add your cluster into. The Netmaker server does not need to be running inside of a cluster for this.

-
wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netclient-template.yaml
-sed -i ‘s/ACCESS_TOKEN_VALUE/< your access token value>/g’ netclient-template.yaml
-kubectl apply -f netclient-template.yaml
-
-
-

For a more detailed guide on integrating Netmaker with MicroK8s, check out this guide.

- - - -

Nginx Reverse Proxy Setup with https

-

The Swag Proxy makes it easy to generate a valid ssl certificate for the config bellow. Here is the documentation for the installation.

-

The following file configures Netmaker as a subdomain. This config is an adaption from the swag proxy project.

-

./netmaker.subdomain.conf:

-
server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-
-    server_name netmaker.*; # The external URL
-    client_max_body_size 0;
-
-    # A valid https certificate is needed.
-    include /config/nginx/ssl.conf;
-
-    location / {
-        # This config file can be found at:
-        # https://github.com/linuxserver/docker-swag/blob/master/root/defaults/proxy.conf
-        include /config/nginx/proxy.conf;
-
-        # if you use a custom resolver to find your app, needed with swag proxy
-        # resolver 127.0.0.11 valid=30s;
-        set $upstream_app netmaker-ui;                             # The internal URL
-        set $upstream_port 80;                                     # The internal Port
-        set $upstream_proto http;                                  # the protocol that is being used
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above
-        }
-    }
-
-server {
-    listen 443 ssl;
-    listen [::]:443 ssl;
-
-    server_name backend-netmaker.*; # The external URL
-    client_max_body_size 0;
-    underscores_in_headers on;
-
-    # A valid https certificate is needed.
-    include /config/nginx/ssl.conf;
-
-    location / {
-        # if you use a custom resolver to find your app, needed with swag proxy
-        # resolver 127.0.0.11 valid=30s;
-
-        set $upstream_app netmaker;                                # The internal URL
-        set $upstream_port 8081;                                   # The internal Port
-        set $upstream_proto http;                                  # the protocol that is being used
-        proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above
-
-        # Forces the header to be the one that is visible from the outside
-        proxy_set_header                Host backend.netmaker.example.org; # Please cange to your URL
-
-        # Pass all headers through to the backend
-        proxy_pass_request_headers      on;
-        }
-    }
-
-
- - -

Highly Available Installation (Kubernetes)

-

Netmaker comes with a Helm chart to deploy with High Availability on Kubernetes:

-
helm repo add netmaker https://gravitl.github.io/netmaker-helm/
-helm repo update
-
-
- -

Requirements

-

To run HA Netmaker on Kubernetes, your cluster must have the following: -- RWO and RWX Storage Classes (RWX is only required if running Netmaker with DNS Management enabled). -- An Ingress Controller and valid TLS certificates -- This chart can currently generate ingress for Nginx or Traefik Ingress with LetsEncrypt + Cert Manager -- If LetsEncrypt and CertManager are not deployed, you must manually configure certificates for your ingress

-

Furthermore, the chart will by default install and use a postgresql cluster as its datastore.

- - - -

A minimal HA install of Netmaker can be run with the following command: -helm install netmaker –generate-name –set baseDomain=nm.example.com -This install has some notable exceptions: -- Ingress must be manually configured post-install (need to create valid Ingress with TLS) -- Server will use “userspace” WireGuard, which is slower than kernel WG -- DNS will be disabled

- - -

Example Installations:

-

An annotated install command:

-
helm install netmaker/netmaker --generate-name \ # generate a random id for the deploy
---set baseDomain=nm.example.com \ # the base wildcard domain to use for the netmaker api/dashboard/grpc ingress
---set replicas=3 \ # number of server replicas to deploy (3 by default)
---set ingress.enabled=true \ # deploy ingress automatically (requires nginx or traefik and cert-manager + letsencrypt)
---set ingress.className=nginx \ # ingress class to use
---set ingress.tls.issuerName=letsencrypt-prod \ # LetsEncrypt certificate issuer to use
---set dns.enabled=true \ # deploy and enable private DNS management with CoreDNS
---set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ # required fields for DNS
---set postgresql-ha.postgresql.replicaCount=2 \ # number of DB replicas to deploy (default 2)
-
-
-

The below command will install netmaker with two server replicas, a coredns server, and ingress with routes of api.nm.example.com, grpc.nm.example.com, and dashboard.nm.example.com. CoreDNS will be reachable at 10.245.75.75, and will use NFS to share a volume with Netmaker (to configure dns entries).

-
helm install netmaker/netmaker --generate-name --set baseDomain=nm.example.com \
---set replicas=2 --set ingress.enabled=true --set dns.enabled=true \
---set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \
---set ingress.className=nginx
-
-
-

The below command will install netmaker with three server replicas (the default), no coredns, and ingress with routes of api.netmaker.example.com, grpc.netmaker.example.com, and dashboard.netmaker.example.com. There will be one UI replica instead of two, and one database instance instead of two. Traefik will look for a ClusterIssuer named “le-prod-2” to get valid certificates for the ingress.

-
helm3 install netmaker/netmaker --generate-name \
---set baseDomain=netmaker.example.com --set postgresql-ha.postgresql.replicaCount=1 \
---set ui.replicas=1 --set ingress.enabled=true \
---set ingress.tls.issuerName=le-prod-2 --set ingress.className=traefik
-
-
-

Below, we discuss the considerations for Ingress, Kernel WireGuard, and DNS.

- - -

Ingress

-

To run HA Netmaker, you must have ingress installed and enabled on your cluster with valid TLS certificates (not self-signed). If you are running Nginx as your Ingress Controller and LetsEncrypt for TLS certificate management, you can run the helm install with the following settings:

-
    -

  • –set ingress.enabled=true

    • -

  • –set ingress.annotations.cert-manager.io/cluster-issuer=<your LE issuer name>

    • -
-

If you are not using Nginx or Traefik and LetsEncrypt, we recommend leaving ingress.enabled=false (default), and then manually creating the ingress objects post-install. You will need three ingress objects with TLS:

-
    -

  • dashboard.<baseDomain>

    • -

  • api.<baseDomain>

    • -

  • grpc.<baseDomain>

    • -
-

If deploying manually, the gRPC ingress object requires special considerations. Look up the proper way to route grpc with your ingress controller. For instance, on Traefik, an IngressRouteTCP object is required.

-

There are some example ingress objects in the kube/example folder.

- - -

Kernel WireGuard

-

If you have control of the Kubernetes worker node servers, we recommend first installing WireGuard on the hosts, and then installing HA Netmaker in Kernel mode. By default, Netmaker will install with userspace WireGuard (wireguard-go) for maximum compatibility, and to avoid needing permissions at the host level. If you have installed WireGuard on your hosts, you should install Netmaker’s helm chart with the following option:

-
    -

  • –set wireguard.kernel=true

    • -
- - -

DNS

-

By Default, the helm chart will deploy without DNS enabled. To enable DNS, specify with:

-
    -

  • –set dns.enabled=true

    • -
-

This will require specifying a RWX storage class, e.g.:

-
    -

  • –set dns.RWX.storageClassName=nfs

    • -
-

This will also require specifying a service address for DNS. Choose a valid ipv4 address from the service IP CIDR for your cluster, e.g.:

-
    -

  • –set dns.clusterIP=10.245.69.69

    • -
-

This address will only be reachable from hosts that have access to the cluster service CIDR. It is only designed for use cases related to k8s. If you want a more general-use Netmaker server on Kubernetes for use cases outside of k8s, you will need to do one of the following: -- bind the CoreDNS service to port 53 on one of your worker nodes and set the COREDNS_ADDRESS equal to the public IP of the worker node -- Create a private Network with Netmaker and set the COREDNS_ADDRESS equal to the private address of the host running CoreDNS. For this, CoreDNS will need a node selector and will ideally run on the same host as one of the Netmaker server instances.

- - -

Values

-

To view all options for the chart, please visit the README in the code repo here .

- - - -

Highly Available Installation (VMs/Bare Metal)

-

For an enterprise Netmaker installation, you will need a server that is highly available, to ensure redundant WireGuard routing when any server goes down. To do this, you will need:

-
    -

  1. A load balancer

    2. -

  2. 3+ Netmaker server instances

    3. -

  3. rqlite or PostgreSQL as the backing database

    4. -
-

These documents outline general HA installation guidelines. Netmaker is highly customizable to meet a wide range of enterprise environments. If you would like support with an enterprise-grade Netmaker installation, you can schedule a consultation here .

-

The main consideration for this document is how to configure rqlite. Most other settings and procedures match the standardized way of making applications HA: Load balancing to multiple instances, and sharing a DB. In our case, the DB (rqlite) is distributed, making HA data more easily achievable.

-

If using PostgreSQL, follow their documentation for installing in HA mode and skip step #2.

- -

1. Load Balancer Setup

-

Your load balancer of choice will send requests to the Netmaker servers. Setup is similar to the various guides we have created for Nginx, Caddy, and Traefik. SSL certificates must also be configured and handled by the LB.

- - -

2. RQLite Setup

-

RQLite is the included distributed datastore for an HA Netmaker installation. If you have a different corporate database you wish to integrate, Netmaker is easily extended to other DB’s. If this is a requirement, please contact us.

-

Assuming you use Rqlite, you must run it on each Netmaker server VM, or alongside that VM as a container. Setup a config.json for database credentials (password supports BCRYPT HASHING) and mount in working directory of rqlite and specify with -auth config.json :

-
[{
-    "username": "netmaker",
-    "password": "<YOUR_DB_PASSWORD>",
-    "perms": ["all"]
-}]
-
-
-

Once your servers are set up with rqlite, the first instance must be started normally, and then additional nodes must be added with the “join” command. For instance, here is the first server node:

-
sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 1 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 1.2.3.4:4001 -raft-adv-addr 1.2.3.4:4002 -auth config.json
-
-
-

And here is a joining node:

-
sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 2 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 2.3.4.5:4001  -raft-adv-addr 2.3.4.5:4002 -join https://netmaker:<YOUR_DB_PASSWORD>@1.2.3.4:4001
-
-
- -

Once rqlite instances have been configured, the Netmaker servers can be deployed.

- - -

3. Netmaker Setup

-

Netmaker will be started on each node with default settings, except with DATABASE=rqlite (or DATABASE=postgress) and SQL_CONN set appropriately to reach the local rqlite instance. Rqlite will maintain consistency with each Netmaker backend.

-

If deploying HA with PostgreSQL, you will connect with the following settings:

-
SQL_HOST = <sql host>
-SQL_PORT = <port>
-SQL_DB   = <designated sql DB>
-SQL_USER = <your user>
-SQL_PASS = <your password>
-DATABASE = postgres
-
-
- - -

4. Other Considerations

-

This is enough to get a functioning HA installation of Netmaker. However, you may also want to make the Netmaker UI or the CoreDNS server HA as well. The Netmaker UI can simply be added to the same servers and load balanced appropriately. For some load balancers, you may be able to do this with CoreDNS as well.

- - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/support.html b/docs/_build/html/support.html deleted file mode 100644 index 5863ab54..00000000 --- a/docs/_build/html/support.html +++ /dev/null @@ -1,561 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Support — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Support

- -

FAQ

- -

Is Netmaker a VPN like NordNPN?

-

No. Netmaker makes Virtual Networks, which are technically VPNs, but different. It’s more like a corporate VPN, or a VPC (if you’re familiar with AWS). Netmaker is often compared to OpenVPN, Tailscale, or Nebula.

-

If you’re looking to achieve self-hosted web browsing, with functionality similar to NordVPN, ExpressVPN, Surfshark, Tunnelbear, or Private Internet Access, this is probably not the project for you. Technically, you can accomplish this with Netmaker, but it would be a little like using a all-terrain vehicle for stock car racing.

-

There are many good projects out there that support general internet privacy using WireGuard. Here are just a few of them:

-

https://github.com/trailofbits/algo -https://github.com/pivpn/pivpn -https://github.com/subspacecloud/subspace -https://github.com/mullvad/mullvadvpn-app

- - -

Do you have an ‘Exit Nodes’ feature?

-

Please see the Egress Gateway documentation.

- - -

Do you offer any business or enterprise support?

-

Yes, please contact info@gravitl.com or visit https://gravitl.com/plans.

- - -

Why the SSPL License?

-

As of now, we think the SSPL is the best way to ensure the long-term viability of the project, but we are regularly evaluating this to see if an OSI-approved license makes more sense.

-

We believe the SSPL lets most people run the project the way they want, for both for private use and business use, while giving us a path to maintain viability. We are working to make sure the guidelines clear, and do not want the license to impact the community’s ability to use and modify the project.

-

If you believe the SSPL will negatively impact your ability to use the project, please do not hesitate to reach out.

- - - -

Telemetry

-

As of v0.10.0, Netmaker collects “opt-out” telemetry data. To opt out, simply set “TELEMETRY=off” in your docker-compose file.

-

Please consider participating in telemetry, as it helps us focus on the features and bug fixes which are most useful to users. Netmaker is a broad platform, and without this data, it is difficult to know where the team should spend its limited resources.

-

The following is the full list of telemetry data we collect. Besides “Server Version” all data is simply an integer count:

-
    -

  • Randomized server ID

    • -

  • Count of nodes

    • -

  • Count of “non-server” nodes

    • -

  • Count of external clients

    • -

  • Count of networks

    • -

  • Count of users

    • -

  • Count of linux nodes

    • -

  • Count of freebsd nodes

    • -

  • Count of macos nodes

    • -

  • Count of windows nodes

    • -

  • Count of docker nodes

    • -

  • Count of k8s nodes

    • -

  • Server version

    • -
-

We use PostHog, an open source and trusted framework for telemetry data.

-

To look at exactly we collect telemetry, you can view the source code under serverctl/telemetry.go: https://github.com/gravitl/netmaker/blob/master/serverctl/telemetry.go

- - -

Contact

-

If you need help, try the discord or open a GitHub ticket.

-

Email: info@gravitl.com

-

Discord: https://discord.gg/zRb9Vfhk8A

- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/troubleshoot.html b/docs/_build/html/troubleshoot.html deleted file mode 100644 index 1752335c..00000000 --- a/docs/_build/html/troubleshoot.html +++ /dev/null @@ -1,629 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Troubleshooting — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Troubleshooting

- -

Common Issues

-
-
How can I connect my Android or IOS device to my Netmaker VPN?

Currently meshing one of these devices is not supported, however it will be soon. -For now you can connect to your VPN by making one of the nodes an Ingress Gateway, then -create an Ext Client for each device. Finally, use the official WG app or another -WG configuration app to connect via QR or downloading the device’s WireGuard configuration.

-
-
I’ve made changes to my nodes but the nodes themselves haven’t updated yet, why?

Please allow your nodes to complete a check in or two, in order to reconfigure themselves. -In some cases, it could take up to a minute or so.

-
-
Do I have to use access keys to join a network?

Although keys are the preferred way to join a network, Netmaker does allow for manual node sign-ups. -Simply turn on “allow manual signups” on your network and nodes will not connect until you manually aprove each one.

-
-
Is there a community or forum to ask questions about Netmaker?

Yes, we have an active discord community and issues on our github are answered frequently! -You can also sign-up for updates at our gravitl site!

-
-
How can I get additional support for my business?

Check out our business support subscriptions at https://gravitl.com/plans. Subscription holders can also purchase consulting credits via the site.

-
-
- - -

Server

-
-
How do I use a private address from the Netmaker Server? How do I contact nodes using their private addresses from the server?

Default nodes appear in each network with the “netmaker” name. These nodes are created by, and attached to, the server. The server is contained in docker, meaning these clients are also contained in docker. Their networking stack is also contained in docker. The “netmaker” nodes are meant to function as network utilities. They assist with UDP Hole Punching and can run Relays, Egress, and Ingress. However, they are meant to stay contained in the server. They do not touch the host networking stack.

-

If you want to give the physical server / VM a private IP in the netmaker network, you must deploy an additional node using the standard netclient. The only note here is that the server consumes ports 51821-51831, so you will need to give it a port outside this range, e.x. ./netclient join <token> –port 51835.

-

One a netclient is deployed to the underlying server/VM, you will be able to use the private address to reach other nodes from the host, or to reach the server over the private network.

-
-
I upgraded from 0.7 to 0.8 and now I dont have any data in my server!

In 0.8, sqlite becomes the default database. If you were running with rqlite, you must set the DATABASE environment variable to rqlite in order to continue using rqlite.

-
-
Can I secure/encrypt all the traffic to my server and UI?

This can fairly simple to achieve assuming you have access to a domain and are familiar with Nginx. -Please refer to the quick-start guide to see!

-
-
Can I connect multiple nodes (mesh clients) behind a single firewall/router?

Yes! As of version 0.7 Netmaker supports UDP Hole Punching to allow this, without the use of a third party STUN server! -Is UDP hole punching a risk for you? Well you can turn it off and make static nodes/ports for the server to refer to as well.

-
-
What are the minimum specs to run the server?

We recommend at least 1 CPU and 2 GB Memory.

-
-
Does this support IPv6 addressing?

Yes, Netmaker supports IPv6 addressing. When you create a network, just make sure to turn on Dual Stack. -Nodes will be given IPv6 addresses along with their IPv4 address. It does not currently support IPv6 only.

-
-
Does Netmaker support Raft Consensus?

Netmaker does not directly support it, but it uses rqlite (which supports Raft) as the database.

-
-
How do I uninstall Netmaker?

There is no official uninstall script for the Netmaker server at this time. If you followed the quick-start guide, simply run sudo docker-compose -f docker-compose.quickstart.yml down --volumes -to completely wipe your server. Otherwise kill the running binary and it’s up to you to remove database records/volumes.

-
-
- - -

UI

-
-
I want to make a seperate network and give my friend access to only that network.

Simply navigate to the UI (as an admin account). Select users in the top left and create them an account. -Select the network(s) to give them and they should be good to go! They are an admin of that network(s) only now.

-
-
I’m done with an access key, can I delete it?

Simply navigate to the UI (as an admin account). Select your network of interest, then the select the Access Keys tab. -Then delete the rogue access key.

-
-
I can’t delete my network, why?

You MUST remove all nodes in a network before you can delete it.

-
-
Can I have multiple nodes with the same name?

Yes, nodes can share names without issue. It may just be harder on you to know which is which.

-
-
- - -

Netclient

-
-
How do I connect a node to my Netmaker network with Netclient?

First get your access token (not just access key), then run sudo netclient join -t <access token>. -NOTE: netclient may be under /etc/netclient/, i.e run sudo /etc/netclient/netclient join -t <access token>

-
-
How do I disconnect a node on a Netmaker network?

In order to leave a Netmaker network, run sudo netclient leave -n <network-name>

-
-
How do I check the logs of my agent on a node?

You will need sudo/root permissions, but you can run sudo systemctl status netclient@<insert network name> -or you may also run sudo journalctl -u netclient@<network name>. -Note for journalctl: you should hit the end key to get to view the most recent logs quickly or use journalctl -u netclient@<network name> -f instead.

-
-
Can I check the configuration of my node on the node?

A: Yes, on the node simply run sudo cat /etc/netclient/netconfig-<network name> and you should see what your current configuration is! -You can also see the current WireGuard configuration with sudo wg show

-
-
I am done with the agent on my machine, can I uninstall it?

Yes, on the node simply run sudo /etc/netclient/netclient uninstall.

-
-
I am running SELinux and when I reboot my node I get a permission denied in my netclient logs and it doesn’t connect anymore, why?

If you’re running SELinux, it will interfere with systemd’s ability to restart the client properly. Therefore, please run the following: -.. code-block:

-
sudo semanage fcontext -a -t bin_t '/etc/netclient/netclient'
-sudo chcon -Rv -u system_u -t bin_t '/etc/netclient/netclient'
-sudo restorecon -R -v /etc/netclient/netclient
-
-
-
-
I have a handshake with a peer but can’t ping it, what gives?

This is commonly due to incorrect MTU settings. Typically, it will be because MTU is too high. Try setting MTU lower on the node. This can be done via netconfig, or by editing the node in the UI.

-
-
I have a hard to reach machine behind a firewall or a corporate NAT, what can I do?

In this situation you can use the Relay Server functionality introduced in Netmaker v0.8 to designate a node as a relay to your “stuck” machine. Simply click the button to make a node into a relay and tell it to relay traffic to this hard-to-reach peer.

-
-
I am unable to run the netclient on my OpenWRT machine, what’s wrong?

Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try:

-
    -

  1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt

    2. -

  2. Manual installation:

    3. -
- -
    -

  1. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a “netclient join” command:

    2. -
-
    -

  • wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh

    • -

  • ./token-convert <token value>

    • -

  • Run the output on your OpenWRT machine

    • -
-
-
- - -

CoreDNS

-
-
Is CoreDNS required to use Netmaker?

CoreDNS is not required. Simply start your server with DNS_MODE="off".

-
-
What is the minimum DNS entry value I can use?

Netmaker supports down to two characters for DNS names for your networks domains**

-
-
- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/ui-reference.html b/docs/_build/html/ui-reference.html deleted file mode 100644 index 6086bfcc..00000000 --- a/docs/_build/html/ui-reference.html +++ /dev/null @@ -1,719 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - UI Reference — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

UI Reference

-

This page contains annotated screenshots of most UI components, detailing the configuration options of each field across Nodes, Networks, DNS, Ext Clients, Users, and more.

- -

Dashboard

-dashboard - - -

Networks

- -

Create

-create network -

-
-
-
    -

  1. Autofill: Provides sensible defaults for network details and makes up a name.

    2. -

  2. Network Name: The name of the network. Character limited, as this translates to the interface name on hosts (nm-<network name>)

    3. -

  3. Address Range: The CIDR of the network. Must be a valid IPv4 Subnet and should be a private address range.

    4. -

  4. Udp Hole Punching: Enables or disables “UDP Hole Punching” on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will “roam” frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default.

    5. -

  5. Is Local Network: Turn on if all clients in the network will be in the same “local” network. This is a very rare situation and depends on the use case. Almost always leave this off. Turn on if you are in a large data center with a large private address space over which clients should communicate. Can also enable if using a VPC and are treating a single client as “egress” for the VPC. If enabled, fill out the address range of the local network which should determine endpoints.

    6. -

  6. Is Dual Stack: Turn on to add private ipv6 addresses to all clients in addition to their ipv4 addresses. Not typically necessary. If on, enter a private ipv6 address range to pull from.

    7. -
- - -

Edit

-edit network -

NOTE: With the exception of Address Ranges (1-2) any setting that affects nodes will not take effect on existing nodes. It will only set the settings on any new node, after the setting has been changed.

-
    -

  1. Address Range (ipv4): The ipv4 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.**

    2. -

  2. Address Range (ipv6): The ipv6 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.**

    3. -

  3. Local Range: Only relevant if “Is Local” was switched on during creation. Specifies the local range that nodes will base their Endpoint off of (note: if a node cannot find an enpoint within the range it will fallback to public ip).

    4. -

  4. Display Name: The display name of the network. Network Name cannot be changed (acts as a unique ID) but display name can be changed. Only effects appearance in UI.

    5. -

  5. Default Interface: The default network interface name configured on each node. This defaults to “nm-<network name>”.

    6. -

  6. Default Port: The default WireGuard port each node will attempt to use. Nodes will iterate up from this port until they find a free port.

    7. -

  7. Default PostUp: A default post-up command to run on each node (after interface has been configured). Disabled by default to prevent RCE vulnerabilities.

    8. -

  8. Default PostDown: A default post-down command to run on each node (after interface has been removed). Disabled by default to prevent RCE vulnerabilities.

    9. -

  9. Default Keepalive: How often nodes should send packets to keep connection alive with all peers (in seconds).

    10. -

  10. Default Ext Client DNS: If set, adds a “DNS=<value>” line to each ext client config. Set this to add DNS to clients. Typically will set this to the server’s public IP.

    11. -

  11. Default MTU: Default MTU for interfaces of all clients in network. Can be useful to set lower in certain difficult environments such as Kubernetes.

    12. -

  12. Allow Node Signup Without Keys: Allows nodes to join the network without a valid Access Key. Nodes will be put in “pending” status until approved via UI by an admin. Useful if an arbitrary number of people need to join the network and there is no easy way to distribute keys to users.

    13. -

  13. Is Dual Stack: Enable the Dual Stack feature of networks and add ipv6 addresses to nodes.

    14. -

  14. Default Saveconfig: Typically ignore this. Sets the SaveConfig field on wireguard config.

    15. -

  15. UDP Hole Punching: Whether or not UDP Hole Punching is turned on (see Network Create notes). Only effects new nodes. Enables or disables “UDP Hole Punching” on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will “roam” frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default.

    16. -
- - - -

Nodes

- -

Node List

-dashboard -
    -

  1. Search Nodes: Look up a node by name.

    2. -

  2. Select Network: Filter nodes by network.

    3. -

  3. Node Name: Name of node. By default set to hostname of machine.

    4. -

  4. IP Address: Private IP of node within network.

    5. -

  5. Network: Network the node is in.

    6. -

  6. Egress: Indicates if node is an egress gateway. Click to convert into egress gateway. Egress gateways route traffic from the network into a specific subnet or subnets. Egress gateways should be servers in a static location with a reliable IP.

    7. -

  7. Ingress: Indicates if the node is an ingress. Click to convert into ingress gateway. Ingress gateways route traffic into the network over the WireGuard interface using “ext clients,” which are static WireGuard config files. Ingress gateways should be servers in a static location with a reliable IP.

    8. -

  8. Relay: Indicates if the node is a relay. Click to convert into relay. Relays route traffic to specified nodes for the network (typically hard to reach / CGNAT’ted nodes. Relays should be servers in a static location with a reliable IP.

    9. -

  9. Status: Indicates how recently the node checked into the server. Displays “Warning” after 5 minutes and “Error” after 30 minutes without a check in. Does not indicate the health of the node’s virtual network connections.

    10. -

  10. Delete: Delete the node.

    11. -
- - -

Create Egress

-dashboard -
    -

  1. Egress Gateway Ranges: A comma-separated list of the subnets for which the gateway will route traffic. For instance, with Kubernetes this could be both the Service Network and Pod Network. For a standard VPN, Netmaker can use a list of the public CIDR’s (see the docs). Typically, this will be something like a data center network, VPC, or home network.

    2. -

  2. Interface: The interface on the machine used to access the provided egress gateway ranges. For instance, on a typical linux machine, the interface for public traffic would be “eth0”. Usually you will need to check on the machine first to find the right interface. For instance, on Linux, you can find the interface by running this: ip route get <address in subnet>.

    3. -
- - -

Create Relay

-dashboard -
    -

  1. Relay Addresses: Specify which private addresses (of nodes) that this node should relay for.

    2. -

  2. Select Nodes: Rather than specify by IP, you can just select from a list of node names instead.

    3. -

  3. Select All: Rather than select a list, you can “select all”, which converts the network from “pure mesh” into “hub-and-spoke”, meaning there are no p2p connections, everything goes through this relay first.

    4. -
- - -

Edit Node / Node Details

-dashboard -
    -

  1. IP Address: The primary private IP address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR.

    2. -

  2. IPv6 Address: (Only if running dual stack) the primary private IPv6 address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR.

    3. -

  3. Local Address: The “locally reachable” address of the node. Other nodes will take note of this to see if this node is on the same network. If so, they will use this address instead of the public “Endpoint.” If running a few nodes inside of a VPC, home network, or similar, make sure the local address is populated correctly for faster and more secure inter-node communication.

    4. -

  4. Node Name: The name of the node within the network. Hostname by default but can be anything (within the character limits).

    5. -

  5. Port: The port used by the node locally. This value is ignored if UDP Hole Punching is on, because port is set dynamically every time interface is created. If UDP Hole Punching is off, the port can be set to any reasonable (and available) value you’d like for the local machine. Typi

    6. -

  6. Public Key: (Uneditable) The public key of the node, distributed to other peers in the network.

    7. -

  7. Endpoint: The (typically public) IP of the machine, which peers will use to reach it, in combination with the port. If changing this value, make sure Roaming is turned off, since otherwise, the node will check to see if there is a change in the public IP regularly and update it.

    8. -

  8. PostUp: Uneditable by default to disable RCE. Commands to run after the interface is created. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands.

    9. -

  9. PostDown: Uneditable by default to disable RCE. Commands to run after the interface is brought down. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands.

    10. -

  10. Allowed IPs: Additional private addresses given to the node (in addition to the IPAddress and IPv6Address). Useful in some scenarios where there is a known address a server should have. Any IPs added here will be tacked onto the AllowedIPs of other peers, so this node will be shown to have multiple reachable private addresses.

    11. -

  11. Persistent Keepalive: How often packets are sent to keep connections open with other peers.

    12. -

  12. Relay Addresses: If “Relay” is enabled on this node, this field can be edited to add and remove nodes from the relay. So if you are currently relaying just one node but wish to relay an additional node, just add it’s private IP here.

    13. -

  13. Node Expiration Datetime: If a node should become invalid after a length of time, you can set it in this field, after which time, it will lose access to the network and will not populate to other nodes. Useful for scenarios where temporary access is granted to 3rd parties.

    14. -

  14. Last Checkin: Unix timestamp of the last time the node checked in with the server. Used to determine generic health of node.

    15. -

  15. Mac Address: The hardware mac address of the machine. Used to be used as the unique ID, but is being depreciated.

    16. -

  16. Network: The network this 1node belongs to.

    17. -

  17. Egress Gateway Ranges: If Egress is enabled, the gateway ranges that this machine routes to.

    18. -

  18. Local Range: If IsLocal has been enabled on the network, this is the local range in which the node will look for a private address from it’s local interfaces, to use as an endpoint.

    19. -

  19. Node Operating System: The OS of the machine.

    20. -

  20. MTU: The MTU that the node will use on the interface. If “wg show” displays a valid handshake but pings are not working, many times the issue is MTU. Making this value lower can solve this issue. Some typical values are 1024, 1280, and 1420.

    21. -

  21. Saveconfig: Usually best to ignore this. Sets the “SaveConfig” value on wireguard config files.

    22. -

  22. Is Static: Ports and Endpoints can be changed automatically by the netclient. Switching on “Is Static” means the port and endpoint will stay the same until you change it. This can be good to set if the machine is a server sitting in a location that is not expected to change. It is also good to have Is Static switched on for Ingress, Egress, and Relay Servers, since they should be in a reliable location.

    23. -

  23. UDP Hole Punching: If on, the node’s port will be randomized. The port and endpoint distributed to other nodes are no longer determined by the settings in this file. Instead, the node will “check in” with the server regularly. The server will track the IP and port used to open a connection, and store these values. These values then get distributed to nodes. This is helpful for getting around NAT’s which may obscure the node’s location.

    24. -

  24. Is DNS On: DNS is solely handled by resolvectl at the moment, which is on many Linux distributions. For anything else, this value should remain off. If you wish to configure DNS for non-compatible systems, you must do so manually.

    25. -

  25. Dualstack: Whether or not this machine should have both a private ipv4 address and ipv6 address.

    26. -

  26. Is Local: If on, will only communicate over the local address (Assumes IsLocal tuned to ‘yes’ on the network level.)

    27. -

  27. Roaming: If on, will check regularly for changes in the Endpoint and modify the Endpoint value appropriately. This allows a client to “roam” between wifi networks and maintain a connection. Good to keep on for machines where the public address may change.

    28. -

  28. IPforwarding: If on, ipforwarding is enabled on the machine. Should almost always be kept on.

    29. -
- - - -

Ext Clients

-dashboard -
    -

  1. Gateway Name / IP Address: Information about which Node is the Ingress Gateway.

    2. -

  2. Add External Client: Button to generate a new ext client.

    3. -

  3. Client ID: The randomly-generated name of the client. Click on the ID to change the name to something sensible.

    4. -

  4. IP Address: The private ip address of the ext client.

    5. -

  5. QR Code: If joining form iOS or Android, open the WireGuard app and scan the QR code to join the network.

    6. -

  6. Download Client Configuration: If joining from a laptop/desktop, download the config file and run “wg-quick up /path/to/config”

    7. -

  7. Delete: Delete the ext client and remove its network access.

    8. -
- - -

DNS

-dashboard -
    -

  1. DNS Name: The private DNS entry. Must end in “.<network name>” (added automatically). This avoids conflicts between networks.

    2. -

  2. IP Address: The IP address of the entry. Can be anything (public addresses too!) but typically a node IP.

    3. -

  3. Select Node Address: Select a node name to populate its IP address automatically.

    4. -
- - -

Create / Edit Users

-dashboard -
    -

  1. Username: Specify Username.

    2. -

  2. Password: Specify password.

    3. -

  3. Confirm Password: Confirm password.

    4. -

  4. Make Admin: Make into a server admin or “super admin”, which has access to all networks and server-level settings.

    5. -

  5. Networks: If not made into an “admin”, select the networks which this user has access to. The user will be a “network admin” of these networks, but other networks will be invisible/unaccessible.

    6. -
- - -

Node Graph

-dashboard -

View all nodes in your network, zoom in, zoom out, and search for node names. A legend is on the side to identify each node status / configuration.

-dashboard -
    -

  1. hover: Hover over a node to see its direct connections.

    2. -

  2. Configuration Pane: Manage the node in this pane just like you would in the Nodes pane. See the “Node List” and “Edit Node” sections for more details.

    3. -
- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/upgrades.html b/docs/_build/html/upgrades.html deleted file mode 100644 index 7685bda8..00000000 --- a/docs/_build/html/upgrades.html +++ /dev/null @@ -1,536 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Upgrades — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

Upgrades

- -

Introduction

-

As of 0.10.0, upgrading Netmaker is a manual process. This is expected to be automated in the future, but for now is still a relatively straightforward process.

- - -

Critical Notes for 0.10.0

-

At the time of this writing, an upgrade process has not been defined for 0.10.0. DO NOT follow this documentation to upgrade from a prior version to 0.10.0. An upgrade process will be defined shortly. For now, if you seek to upgrade to 0.10.0, you must clear your server entirely (docker-compose down –volumes), uninstall your netclients, and re-install netmaker + netclients.

- - -

Upgrade the Server (prior to 0.10.0)

-

To upgrade the server, you only need to change the docker image versions:

-
    -

  1. ssh root@my-server-ip

    2. -

  2. docker-compose down

    3. -

  3. vi docker-compose.yml

    4. -

  4. Change gravitl/netmaker:<version> and gravitl/netmaker-ui:<version> to the new version.

    5. -

  5. Save and close the file

    6. -

  6. docker-compose up -d

    7. -
- - -

Upgrade the Clients (prior to 0.10.0)

-

To upgrade the client, you must get the new client binary and place it in /etc/netclient. Depending on the new vs. old version, there may be minor incompatibilities (discussed below).

-
    -

  1. Vists https://github.com/gravitl/netmaker/releases/

    2. -

  2. Find the appropriate binary for your machine.

    3. -

  3. Download. E.x.: wget https://github.com/gravitl/netmaker/releases/download/vX.X.X/netclient-myversion

    4. -

  4. Rename binary to netclient and move to folder. E.x.: mv netclient-myversion /etc/netclient/netclient

    5. -

  5. netclient –version (confirm it’s the correct version)

    6. -

  6. netclient pull

    7. -
-

This last step helps ensure any newly added fields are now present. You may run into a “panic” based on missing fields and your version mismatch. In such cases, you can either:

-
    -

  1. Add the missing field to /etc/netclient/config/netconfig-yournetwork and then run “netclient checkin”

    2. -
-

or

-
    -

  1. Leave and rejoin the network

    2. -
- - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/_build/html/usage.html b/docs/_build/html/usage.html deleted file mode 100644 index 0f7fbb92..00000000 --- a/docs/_build/html/usage.html +++ /dev/null @@ -1,492 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - External Guides — Netmaker 0.10.0 documentation - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Skip to content -
- -
- - -
- - - - -
-
- -
-
-
- -
-
-
-
-
-
- - -
-
-
- -
-
- - -

External Guides

-

Netmaker has many use cases, from a basic virtual network to an office gateway VPN to a Kubernetes underlay. It can be a bit overwhelming to figure out where to start. If you don’t find your use case here, but think Netmaker is a good fit, let us know!

- -

Video Tutorials

-
    -

  • Intro/Overview: Tutorial on first-time usage, setting up a mesh network.

    • -

  • Site-to-Site Gateway: Tutorial on setting up site-to-site connections, allowing peers to access external networks via gateways.

    • -

  • IPv6 and Private DNS: Tutorial on dual-stack IPv6 in Netmaker and Private DNS management (separate topics).

    • -

  • Kubernetes Networking: Tutorial on setting up cross-cloud Kubernetes clusters using Netmaker.

    • -
- - -

Written Tutorials

- - - - - -
-
-
-
-
- - - - - \ No newline at end of file diff --git a/docs/about.rst b/docs/about.rst deleted file mode 100644 index d2337f9f..00000000 --- a/docs/about.rst +++ /dev/null @@ -1,52 +0,0 @@ -========== -About -========== - -.. image:: images/netmaker-simple.png - :width: 60% - :alt: Netmaker Architecture Diagram - :align: center - - -What is Netmaker? -================== - -Netmaker is a tool for creating and managing virtual overlay networks. If you have at least two machines with internet access which you need to connect with a secure tunnel, Netmaker is for you. If you have thousands of servers spread across multiple locations, data centers, or clouds, Netmaker is also for you. Netmaker connects machines securely, wherever they are. - -.. image:: images/mesh-diagram.png - :width: 50% - :alt: WireGuard Mesh - :align: center - -Netmaker takes those machines and creates a flat network so that they can all talk to each other easily and securely. -If you're familiar with AWS, it's like a VPC but made up of arbitrary computers. From the machine's perspective, all these other machines are in the same neighborhood, even if they're spread all over the world. - -Netmaker has many similarities to Tailscale, ZeroTier, and Nebula. What makes Netmaker different is its speed and flexibility. Netmaker is faster because it uses kernel WireGuard. It is more dynamic because the server and agents are fully configurable, which lets you handle all sorts of different use cases. - -How Does Netmaker Work? -======================= - -Netmaker relies on WireGuard to create tunnels between machines. At its core, Netmaker is managing WireGuard across machines to create sensible networks. Technically, Netmaker is two things: - -- the admin server, called Netmaker -- the agent, called Netclient - -As the network manager, you interact with the server to create and manage networks and devices. The server holds configurations for these networks and devices, which are retrieved by the netclients (agent). The server runs an MQTT (message queue) broker for client-server communication. - -The netclient is installed on any machine you would like to add to a given network, whether that machine is a VM, Server, or IoT device. The netclient subscribes to the server's MQ broker, and the server tells it how it should configure WireGuard. The client will let the server know when any local changes should be pushed out to the other clients. By doing this across many machines simultaneously, we create a dynamic, fully configurable virtual networks. - -The Netmaker server does not typically route traffic. Otherwise, this would be a hub-and-spoke model, which is very slow. Instead, Netmaker just tells the machines on the network how they can reach each other directly. This is called a *full mesh* network and is much faster. Even if the server goes down, as long as none of the existing machines change substantially, your network will still run just fine. - -Use Cases for Netmaker -============================= - -There are many use cases for Netmaker. In fact, you could probably be using it right now. This list is not all-encompassing, but provides a sample of how you might want to use Netmaker. Guided setup for many of these use cases can be found in the :doc:`Using Netmaker <./usage>` documentation. - - 0. Automate creation of a WireGuard mesh network - 1. Create a flat, secure network between cloud environments and data centers - 2. Provide secure access to IoT devices, remote servers, and client sites. - 3. Secure a home or office network - 4. Add a layer of encryption to an existing network - 5. Secure site-to-site connections - 6. Manage cryptocurrency proof-of-stake machines - 7. Create a dynamic and secure Kubernetes underlay network diff --git a/docs/api.rst b/docs/api.rst deleted file mode 100644 index c3e59488..00000000 --- a/docs/api.rst +++ /dev/null @@ -1,196 +0,0 @@ -============================================= -API Reference -============================================= - -API Usage -========================== - -Most actions that can be performed via API can be performed via UI. We recommend managing your networks using the official netmaker-ui project. However, Netmaker can also be run without the UI, and all functions can be achieved via API calls. If your use case requires using Netmaker without the UI or you need to do some troubleshooting/advanced configuration, using the API directly may help. - - -Authentication -============== -API calls must be authenticated via a header of the format `-H "Authorization: Bearer "` There are two methods to obtain YOUR_SECRET_KEY: -1. Using the masterkey. By default, this value is "secret key," but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details. -2. Using a JWT received for a node. This can be retrieved by calling the `/api/nodes//authenticate` endpoint, as documented below. - - -Format of Calls for Curl -======================== -Requests take the format of - -.. code-block:: - - curl -H "Authorization: Bearer " -H 'Content-Type: application/json' localhost:8081/api/path/to/endpoint - -API Documentation -================= - -Networks API ------------- - -**Get All Networks:** `/api/networks`, `GET` - -**Create Network:** `/api/network`, `POST` - -**Get Network:** `/api/networks/{network id}`, `GET` - -**Update Network:** `/api/networks/{network id}`, `PUT` - -**Delete Network:** `/api/networks/{network id}`, `DELETE` - -**Cycle PublicKeys on all Nodes:** `/api/networks/{network id}/keyupdate`, `POST` - - -Networks API Call Examples --------------------------- - -.. code-block:: - - Get All Networks: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks | jq - - Create Network: curl -d '{"addressrange":"10.70.0.0/16","netid":"skynet"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks - - Get Network: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet | jq - - Update Network: curl -X PUT -d '{"displayname":"my-house"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet - - Delete Network: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet - - Cycle PublicKeys on all Nodes: curl -X POST -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keyupdate - - -Access Keys API ---------------- - -**Get All Keys:** `/api/networks/{network id}/keys`, `GET` - -**Create Key:** `/api/networks/{network id}/keys`, `GET` - -**Delete Key:** `/api/networks/{network id}/keys/{keyname}`, `DELETE` - - -Access Keys API Call Examples ------------------------------ - -.. code-block:: - - Get All Keys: curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys | jq - - Create Key: curl -d '{"uses":10,"name":"mykey"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet/keys - - Delete Key: curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys/mykey - - -Nodes API ---------- - -**Get All Nodes:** `/api/nodes`, `GET` - -**Get Network Nodes:** `/api/nodes/{network id}`, `GET` - -**Create Node:** `/api/nodes/{network id}`, `POST` - -**Get Node:** `/api/nodes/{network id}/{macaddress}`, `GET` - -**Update Node:** `/api/nodes/{network id}/{macaddress}`, `PUT` - -**Delete Node:** `/api/nodes/{network id}/{macaddress}`, `DELETE` - -**Check In Node:** `/api/nodes/{network id}/{macaddress}/checkin`, `POST` - -**Create a Gateway:** `/api/nodes/{network id}/{macaddress}/creategateway`, `POST` - -**Delete a Gateway:** `/api/nodes/{network id}/{macaddress}/deletegateway`, `DELETE` - -**Uncordon (Approve) a Pending Node:** `/api/nodes/{network id}/{macaddress}/uncordon`, `POST` - -**Get Last Modified Date (Last Modified Node in Network):** `/api/nodes/adm/{network id}/lastmodified`, `GET` - -**Authenticate:** `/api/nodes/adm/{network id}/authenticate`, `POST` - - -Nodes API Call Examples ------------------------ - -.. code-block:: - - Get All Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes | jq - - Get Network Nodes: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet | jq - - Create Node: curl -d '{ "endpoint": 100.200.100.200, "publickey": aorijqalrik3ajflaqrdajhkr,"macaddress": "8c:90:b5:06:f1:d9","password": "reallysecret","localaddress": "172.16.16.1","accesskey": "aA3bVG0rnItIRXDx","listenport": 6400}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet - - Get Node: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet/{macaddress} | jq - - Update Node: curl -X PUT -d '{"name":"laptop1"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9 - - Delete Node: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/skynet/nodes/8c:90:b5:06:f1:d9 - - Create a Gateway: curl -d '{ "rangestring": "172.31.0.0/16", "interface": "eth0"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/creategateway - - Delete a Gateway: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/deletegateway - - Approve a Pending Node: curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/approve - - Get Last Modified Date (Last Modified Node in Network): curl -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/adm/skynet/lastmodified - - Authenticate: curl -d '{"macaddress": "8c:90:b5:06:f1:d9", "password": "YOUR_PASSWORD"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate - - -Users API ------------------------ - -**Note:** Only able to create Admin user at this time. The "user" is only used by the `user interface `_ to authenticate the single admin user. - -**Get User:** `/api/users/{username}`, `GET` - -**Update User:** `/api/users/{username}`, `PUT` - -**Delete User:** `/api/users/{username}`, `DELETE` - -**Check for Admin User:** `/api/users/adm/hasadmin`, `GET` - -**Create Admin User:** `/api/users/adm/createadmin`, `POST` - -**Authenticate:** `/api/users/adm/authenticate`, `POST` - - -Users API Calls Examples ------------------------- - -.. code-block:: - - Get User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/{username} | jq - - Update User: curl -X PUT -d '{"password":"noonewillguessthis"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username} - - Delete User: curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username} - - Check for Admin User: curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/adm/hasadmin - - Create Admin User: curl -d '{ "username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/adm/createadmin - - Authenticate: curl -d '{"username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate - - -Server Management API ---------------------- - -The Server Mgmt. API allows you to add and remove the server from networks. - -**Add to Network:** `/api/server/addnetwork/{network id}`, `POST` - -**Remove from Network:** `/api/server/removenetwork/{network id}`, `DELETE` - -**Add to Network:** `curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/addnetwork/{network id}` - -**Remove from Network:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/removenetwork/{network id}` - - -File Server API ---------------- - -**Get File:** `/meshclient/files/{filename}`, `GET` - -**Example:** `curl localhost:8081/meshclient/files/meshclient` diff --git a/docs/architecture.rst b/docs/architecture.rst deleted file mode 100644 index ae176a6b..00000000 --- a/docs/architecture.rst +++ /dev/null @@ -1,205 +0,0 @@ -=============== -Architecture -=============== - -.. image:: images/nm-diagram-3.png - :width: 100% - :alt: Netmaker Architecture Diagram - :align: center - - -*Pictured Above: A detailed diagram of Netmaker's Architecture.* - - -Core Concepts -============== - -Familiarity with several core concepts will help when you encounter them later on in the documentation. - -WireGuard ----------- - -WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the `WireGuard `_ website, "it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry." - -Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunneling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no significant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology. - -Mesh Network -------------- - -When we refer to a mesh network in these documents we are typically referring to a "full mesh." - -.. image:: images/mesh.png - :width: 33% - :alt: Full Mesh Network Diagram - :align: center - - -A full `mesh network `_ exists where each machine is able to directly talk to every other machine on the network. For example, on your home network, behind your router, all the computers are likely given private addresses and can reach each other directly. - -This is in contrast to a hub-and-spoke network, where each machine must first pass its traffic through a relay server before it can reach other machines. - -In certain situations you may either want or need a *partial mesh* network, where only some devices can reach each other directly, and other devices must route their traffic through a relay/gateway. Netmaker can use this model in some use cases where it makes sense. In the diagram at the top of this page, the setup is a partial mesh, because the servers (nodes A-D) are meshed, but then external clients come in via a gateway, and are not meshed. - -Mesh networks are generally faster than other topologies, but are also more complicated to set up. WireGuard on its own gives you the means to create encrypted tunnels between devices, but it does not provide a method for setting up a full network. This is where Netmaker comes in. - -Netmaker ---------- - -Netmaker is a platform built off of WireGuard which enables users to create mesh networks between their devices. Netmaker can create both full and partial mesh networks depending on the use case. - -When we refer to Netmaker in aggregate, we are typically referring to Netmaker and the netclient, as well as other supporting services such as CoreDNS, rqlite, and UI webserver. There is also almost always a proxy server / LB, which is typically Caddy. - -From an end user perspective, they typically interact with the Netmaker UI, or even just run the install script for the netclient on their devices. The other components run in the background invisibly. - -Netmaker does a lot of work to set configurations for you, so that you don't have to. This includes things like WireGuard ports, endpoints, public IPs, keys, and peers. Netmaker works to abstract away as much of the network management as possible, so that you can just click to create a network, and click to add a machine to a network. That said, every machine (node) is different, and may require special configuration. That is why, while Netmaker sets practical default settings, everything within Netmaker is fully configurable. - -Node ------- - -A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and receive traffic from all of the other nodes. - -SystemD -------- - -SystemD is a system service manager for a wide array of Linux operating systems. Not all Linux distributions have adopted systemd, but, for better or worse, it has become a fairly common standard in the Linux world. That said, any non-Linux operating system will not have systemd, and many Linux/Unix distributionshave alternative system service managers. - -Netmaker's netclient, the agent which controls networking on all nodes, can be run as a CLI or as a system daemon. On Linux, it runs as a daemon by default, and this requires systemd. As Netmaker evolves, systemd will become just one of the possible service management options, allowing the netclient to be run on a wider array of devices. However, for the time being, the netclient should be run "unmanaged" (netclient join -daemon=off) on systems that do not run systemd, and some other method can be used like a cron job or custom script. - -As of 0.8, Mac and Windows are supported. On these operating systems, netclient launches the daemon using LaunchD and Windows Service, respectively, as opposed to SystemD. - -Components -=========== - -Netmaker consists of several core components, which are explained in high-level technical detail below. - -Netmaker Server ------------------- - -The Netmaker server is, at its core, a golang binary. Source code can be found `on GitHub `_. The binary, by itself can be compiled for most systems. If you need to run the Netmaker server on a particular system, it likely can be made to work. In typical deployments, it is run as a Docker container. It can also be run as a systemd service as outlined in the non-docker install guide. - -The Netmaker server acts as an API to the front end, and as a GRPC server to the machines in the network. GRPC is much faster and more efficient than standard API calls, which increases the speed of transactions. For this reason, the Netmaker server exposes two ports: The default for the API is 8081, and the default for GRPC is 50051. Either the API or the GRPC server can be disabled on any given Netmaker instance, allowing you to deploy two different servers for managing the API (which is largely for the admin's use) and GRPC (which is largely for the nodes' use). - -Most server settings are configurable via a config file, or by environment variables (which take precedence). If the server finds neither of these, it sets sensible defaults, including things like the server's reachable IP, ports, and which "modes" to run in. - -These modes include client mode and dns mode. Either of these can be disabled but are enabled by default. Client mode allows you to treat the Netmaker host machine (operating system) as a network Node, installing the netclient and controlling the host network. DNS mode has the server write config settings for CoreDNS, a separate component and nameserver, which picks up the config settings to manage node DNS. - -The Netmaker server interacts with either sqlite (default), postgres, or rqlite, a distributed version of sqlite, as its database. This DB holds information about nodes, networks, users, and other important data. This data is configuration data. For the most part, Netmaker serves configuration data to Nodes, telling them how they should configure themselves. The Netclient is the agent that actually does that configuration. - -The components of the server are usually proxied via Caddy, or an alternative like Nginx and Traefik. The proxy handles SSL certificates to secure traffic, and routes to the UI, API, and gRPC server. - -Netclient ----------------- - -The netclient is, at its core, a golang binary. Source code can be found in the netclient folder of the Netmaker `GitHub Repository `_. The binary, by itself, can be compiled for most systems. However, this binary is designed to manage a certain number of Operating Systems. As of version 0.8, the netclient can be run as a system daemon on linux distributions with systemd, or as an "unmanaged" client on distributions without systemd. The netclient for Windows and Mac will run as a Windows Service or LaunchDaemon, respectively. - -The netclient is installed via a simple bash script, which pulls the latest binary and runs 'register' and 'join' commands. - -The 'register' command adds a WireGuard tunnel directly to the netmaker server, for all subsequent communication. - -The 'join' command attempts to add the machine to the Netmaker network using sensible defaults, which can be overridden with a config file or environment variables. Assuming the netclient has a valid key (or the network allows manual node signup), it will be registered into the Netmaker network, and will be returned necessary configuration details for how to set up its local network. - -The netclient then sets up the system daemon (if running in daemon mode), and configures WireGuard. At this point it should be part of the network. - -If running in daemon mode, the node subscribes to the MQTT server running with Netmaker, which will send it periodic updates when the network changes. The node will also detect local changes and send them to the server. Any change in configuration will lead to a network update to keep everything in sync. If the node is not running with the in daemon on, it is up to the operator to keep the netclient up-to-date by running regular "pulls" (netclient pull). - -This pub-sub system allows Netmaker to create dynamic mesh networks. As nodes are added to, removed from, and modified on the network, other nodes are notified, and make appropriate changes. - - -Database (sqlite, rqlite, postgres) -------------------------------------- - -As of v0.8, Netmaker uses sqlite by default as a database. It can also use PostgreSQL, or rqlite, a distributed (RAFT consensus) database. Netmaker interacts with this database to store and retrieve information about nodes, networks, and users. - -Additional database support (besides sqlite and rqlite) is very easy to implement for special use cases. Netmaker uses simple key value lookups to run the networks, and the database was designed to be extensible, so support for key-value stores and other SQL-based databases can be achieved by changing a single file. - -Netmaker UI ---------------- - -The Netmaker UI is a ReactJS-based static website which can be run on top of standard webservers such as Apache and Nginx. Source code can be found `here `_. In a typical configuration, the Netmaker UI is run on Nginx as a Docker container. - -Netmaker can be used in its entirety without the UI, but the UI makes things a lot easier for most users. It has a sensible flow and layout for managing Networks, Nodes, Access Keys, and DNS. - - -CoreDNS --------- - -Netmaker allows users to provide and manage Private DNS for their nodes. This requires a nameserver, and CoreDNS is the chosen nameserver. CoreDNS is lightweight and extensible. CoreDNS loads dns settings from a simple file, managed by Netmaker, and serves out DNS info for managed nodes. DNS can be tricky, and DNS management is currently only supported on a small set of devices, specifically those running systemd-resolved. However, the Netmaker CoreDNS instance can be added manually as a nameserver to other devices. DNS mode can also be turned off. - -Caddy -------- - -Caddy is the default proxy for Netmaker if you set it up via Quick Start. Caddy is an extremely simple and docker-friendly proxy, which can be compared to Nginx, Traefik, or HAProxy. We use Caddy by default because of the ease of management, and integration with gRPC. A typical setup for Nginx might take dozens of lines of code, and we need to request and manage SSL certificates separately. - -Caddy handles all these things automatically in very few lines of code. You can see our default "Caddyfile" here, which is fed to the container and has all the configuration necessary to configure the proxy for our app: - -https://github.com/gravitl/netmaker/blob/master/docker/Caddyfile - -Mosquitto Broker (MQTT) -------------------------- - -The Moquitto broker is the default MQTT broker that ships with Netmaker, though technically, any MQTT broker should work so long as the correct configuration is applied. The broker enables the establishment of a pub-sub messaging system, whereby clients subscribe to recieve updates. When the server recieves a change (via API/UI/gRPC), it will publish that change to the broker that pushes out the change to the appropriate nodes. In Netmaker, the messages are double encrypted. Once by Golang, and again by sending all messages over a WireGuard tunnel. - -External Client ----------------- - -The external client is simply a manually configured WireGuard connection to your network, which Netmaker helps to manage. - -Most machines can run WireGuard. It is fairly simple to set up a WireGuard connection to a single endpoint. It is setting up mesh networks and other topologies like site-to-site which becomes complicated. - -Mac, Windows, and Linux are handled natively by the Netclient. - -Netmaker can issue "external clients" to handle any devices which are not currently compatible with the netclient, including iPhone, Android, and some Unix distributions. Over time, this list will be eliminated and there may not even be a need for the external client. - -External clients hook into a Netmaker network via an "Ingress Gateway," which is configured for a given node and allows traffic to flow into the network. - -Technical Process -==================== - -Below is a high level, step-by-step overview of the flow of communications within Netmaker (assuming Netmaker has already been installed): - -1. Admin creates a new network with a subnet, for instance 10.10.10.0/24 -2. Admin creates an access key for signing up new nodes -3. Both of the above requests are routed to the server via an API call from the front end -4. Admin runs the netclient install script on any given node (machine). -5. Netclient decodes key, which contains the server location -6. Netclient gathers and sets appropriate information to configure itself as a node: it generates key pairs, gets public and local addresses, and sets a port. -7. Netclient sends this information to the server, authenticating with its access key -8. Netmaker server verifies information and creates the node, setting default values for any missing information, and returns a response. -9. Upon successful registration, Netclient pulls the latest peers list from the server and set up a WireGuard interface -10. Netclient configures itself as a daemon (if joining for the first time) and subscribes to MQ using the server's WireGuard address. -11. Netclient regularly retrieves local information, checking for changes in things like IP and keys. If there is a change, it pushes them to the server. -12. If a change occurs in any other peer, or peers are added/removed, an update will be sent to the Netclient via MQ, and it will re-configure WireGuard. - -Compatible Systems for Netclient -================================== - -To manage a node manually, the Netclient can be compiled and run for most linux distibutions, with a prerequisite of WireGuard with kernel headers. If the netclient from the release pages does not run natively on your system, you may need to compile the netclient binary directly on the machine from the source code. This may be true for some installations of SUSE, Fedora, and some Debian-based systems. However, if the dependencies are installed on the machine, the netclient should run correctly after being compiled. - -Simply clone the repo, cd to netmaker/netclient and run "go build" (Golang must be installed). - -The following systems should be operable natively with Netclient in daemon mode: - - Windows - - Mac - - FreeBSD - - OpenWRT - - Fedora - - Ubuntu - - Debian - - Mint - - SUSE - - RHEL - - Raspian. - - Arch - - CentOS - - Fedora CoreOS - -To manage DNS (optional), the node must have systemd-resolved. Systems that have this enabled include: - - Arch - - Debian - - Ubuntu - - SUSE - -Limitations -============= - -Install limitations mostly include platform-specific dependencies. A failed netclient install should display information about which command is failing, or which libraries are missing. This can often be solved via machine upgrade, installing missing dependencies, or setting kernel headers on the machine for WireGuard (e.x.: `Installing Kernel Headers on Debian `_) diff --git a/docs/client-installation.rst b/docs/client-installation.rst deleted file mode 100644 index 033ecdb4..00000000 --- a/docs/client-installation.rst +++ /dev/null @@ -1,209 +0,0 @@ -================================ -Advanced Client Installation -================================ - -This document tells you how to install the netclient on machines that will be a part of your Netmaker network, as well as non-compatible systems. - -These steps should be run after the Netmaker server has been created and a network has been designated within Netmaker. - -Introduction to Netclient -=============================== - -At its heart, the netclient is a simple CLI for managing access to various WireGuard-based networks. It manages WireGuard on the host system, so that you don't have to. Why is this necessary? - -If you are setting up a WireGuard-based virtual network, you must configure each machine with very specific settings, so that every machine can reach it, and it can reach every machine. Any changes to the settings of any one of these machines can break those connections. Any machine that is added, removed, or modified on the network requires reconfiguring every peer in the network. This can be very time consuming. - -The netmaker server holds configuration details about every machine in your network and how other machines should connect to it. - -The netclient agent connects to the server, pushing and pulling information when the network (or its local configuration) changes. - -The netclient agent then configures WireGuard (and other network properties) locally, so that the network stays intact. - -Notes on Windows -================================== - -If running the netclient on windows, you must download the netclient.exe binary and run it from Powershell as an Administrator. - -Windows will by default have firewall rules that prevent inbound connections. If you wish to allow inbound connections from particular peers, use the following command: - -``netsh advfirewall firewall add rule name="Allow from " dir=in action=allow protocol=ANY remoteip=`` - -If you want to allow all peers access, but do not want to configure firewall rules for all peers, you can configure access for one peer, and set it as a Relay Server. - -Running the install script ----------------------------- - -Some file locations have issues running the install script, such as running from the root C:/ folder. Users have noted the following locations work well for running the install powershell script: - -- `C:/Program Files/wireguard` -- `C:/Windows/System32` - -Running netclient commands ----------------------------- - -If running the netclient manually ("netclient join", "netclient checkin", "netclient pull") it should be run from outside of the installed directory, which will be either: - -- `C:/Program Files/netclient` -- `C:/ProgramData/netclient` - -It is better to call it from a different directory. - -High CPU Utilization --------------------------- - -With some versions of WireGuard on Windows, high CPU utilization has been found with the netclient. This is typically due to interaction with the WireGuard GUI component (app). If you're experiencing high CPU utilization, close the WireGuard app. WireGuard will still be running, but the CPU usage should go back down to normal. - -Notes on OpenWRT -=========================== - -Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try: - -1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt - -2. Manual installation: - -- download (wget) the netclient package for your hardware from the netclient releases: https://github.com/gravitl/netmaker/releases -- rename to "netclient" -- Run as root from a bash shell on OpenWRT - -3. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a "netclient join" command: - -- `wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh` -- ./token-convert -- Run the output on your OpenWRT machine - -Modes and System Compatibility -================================== - -**Note: If you would like to connect non-Linux/Unix machines to your network such as phones and Windows desktops, please see the documentation on External Clients** - -The netclient can be run in a few "modes". System compatibility depends on which modes you intend to use. These modes can be mixed and matched across a network, meaning all machines do not have to run with the same "mode." - -CLI ------------- - -In its simplest form, the netclient can be treated as just a simple, manual, CLI tool, which a user can call to configure the machine. The cli can be compiled from source code to run on most systems, and has already been compiled for x86 and ARM devices. - -As a CLI, the netclient should function on any Linux or Unix based system that has the wireguard utility (callable with **wg**) installed. - -Daemon ----------- - -The netclient is intended to be run as a system daemon. This allows it to automatically retrieve and send updates. To do this, the netclient can install itself as a systemd service, or launchd/windows service for Mac or Windows. - -If running the netclient on non-systemd linux, it is recommended to manually configure the netclient as a daemon using whatever method is acceptable on the chosen operating system. - -Private DNS Management ------------------------ - -To manage private DNS, the netclient relies on systemd-resolved (resolvectl). Absent this, it cannot set private DNS for the machine. - -A user may choose to manually set a private DNS nameserver of :53. However, beware, as netmaker sets split dns, and the system must be configured properly. Otherwise, this nameserver may break your local DNS. - -Prerequisites -============= - -To obtain the netclient, go to the GitHub releases: https://github.com/gravitl/netmaker/releases - -**For netclient cli:** Linux/Unix with WireGuard installed (wg command available) - -**For netclient daemon:** Systemd Linux + WireGuard - -**For Private DNS management:** Resolvectl (systemd-resolved) - -Configuration -=============== - -The CLI has information about all commands and variables. This section shows the "help" output for these commands as well as some additional reference. - -CLI Reference --------------------- -``sudo netclient --help`` - -.. literalinclude:: ./examplecode/netclient-help.txt - :language: YAML - - -``sudo netclient join --help`` - -.. literalinclude:: ./examplecode/netclient-join.txt - :language: YAML - - -Config File Reference ------------------------- - -There is a config file for each node under /etc/netconfig-. You can change these values and then set "postchanges" to "true", or go to the CLI and run ``netclient push -n `` - - -.. literalinclude:: ./examplecode/netconfig-example.yml - :language: YAML - - -Installation -====================== - - -To install netmaker, you need a server token for a particular network, unless you're joining a network that allows manual signup, in which case you can join without a token, but the server will quarantine the machine until the admin approves it. - -An admin creates a token in the ACCESS KEYS section of the UI. Upon creating a token, it generates 3 values: - -**Access Key:** The secret key to authenticate as a node in the network - -**Access Token:** The secret key plus information about how to access the server (addresses, ports), all decoded by the netclient to register with the server - -**Install Command:** A short script that will obtain the netclient binary, register with the server, and join the network, all in one - -For first time installations, you can run the Install Command. For additional networks, simply run ``netclient join -t ``. The raw access key will not be needed unless there are special circumstances, mostly troubleshooting incorrect information in the token (you can instead manually specify the server location). - - -Managing Netclient -===================== - -Viewing Logs ---------------- - -**to view current networks** - ``netclient list`` - -**to tail logs** - ``journalctl -u netclient`` - -**to get most recent log run** - ``systemctl status netclient`` - -Re-syncing netclient (basic troubleshooting) ------------------------------------------------ - -If the daemon is not running correctly run, try restarting the daemon, or pulling changes directly (don't do both at once) - - ``systemctl restart netclient`` - - ``sudo netclient pull`` - - -Making Updates ----------------- - -``vim /etc/netclient/config/netconfig-`` - -Change any of the variables in this file, and changes will be pushed to the server and processed locally on the next checkin. - -For instance, change the private address, endpoint, or name. See above example config file for details - - -Adding/Removing Networks ---------------------------- - -``netclient join -t `` - -Set any of the above flags (netclient join --help) to override settings for joining the network. -If a key is provided (-k), then a token is unnecessary, but grpc, server, ports, and network must all be provided via flags. - - -Uninstalling ---------------- - -``netclient uninstall`` - - diff --git a/docs/conduct.rst b/docs/conduct.rst deleted file mode 100644 index 2230df72..00000000 --- a/docs/conduct.rst +++ /dev/null @@ -1,77 +0,0 @@ -=============== -Code of Conduct -=============== - -Our Pledge -========== - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, gender identity and expression, level of experience, -nationality, personal appearance, race, religion, or sexual identity and -orientation. - -Our Standards -============= - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a professional setting - -Our Responsibilities -==================== - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -Scope -===== - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -Enforcement -=========== - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at info@gravitl.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -Attribution -=========== - -This Code of Conduct is adapted from the `Contributor Covenant `_, version 1.4, -available `here `_. - diff --git a/docs/conf.py b/docs/conf.py deleted file mode 100644 index eab7e5cf..00000000 --- a/docs/conf.py +++ /dev/null @@ -1,73 +0,0 @@ -# Configuration file for the Sphinx documentation builder. -# -# This file only contains a selection of the most common options. For a full -# list see the documentation: -# https://www.sphinx-doc.org/en/master/usage/configuration.html - -# -- Path setup -------------------------------------------------------------- - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -# -# import os -# import sys -# sys.path.insert(0, os.path.abspath('.')) - - -# -- Project information ----------------------------------------------------- - -project = 'Netmaker' -copyright = '2021, Alex Feiszli' -author = 'Alex Feiszli' - -# The full version, including alpha/beta/rc tags -release = '0.10.0' - - -# -- General configuration --------------------------------------------------- - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = ['sphinx.ext.intersphinx'] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -# This pattern also affects html_static_path and html_extra_path. -exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] - - -# -- Options for HTML output ------------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -# -html_theme = 'sphinx_material' - -html_show_sourcelink = False - -html_theme_options = { - 'nav_title': 'Netmaker Docs', - 'repo_url': 'https://github.com/gravitl/netmaker/', - "repo_name": "Netmaker", - 'nosidebar': True, - "repo_type": "github", - 'color_primary': 'indigo', - 'color_accent': 'light-blue', - 'logo_icon': '', - 'globaltoc_depth': 2, - 'globaltoc_collapse': True, -} - -html_sidebars = { - "**": ["logo-text.html", "globaltoc.html", "localtoc.html", "searchbox.html"] -} - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -# html_static_path = ['_static'] diff --git a/docs/egress-gateway.rst b/docs/egress-gateway.rst deleted file mode 100644 index 3df2aa20..00000000 --- a/docs/egress-gateway.rst +++ /dev/null @@ -1,96 +0,0 @@ -===================================== -Egress Gateway -===================================== - -Introduction -=============== - -.. image:: images/egress1.png - :width: 80% - :alt: Gateway - :align: center - -Netmaker allows your clients to reach external networks via an Egress Gateway. The Egress Gateway is a netclient which has been deployed to a server or router with access to a given subnet. - -In the netmaker UI, that node is set as an "egress gateway." Range(s) are specified which this node has access to. Once created, all clients (and all new ext clients) in the network will be able to reach those ranges via the gateway. - -Configuring an Egress Gateway -================================== - -Configuring an Egress Gateway is very straight forward. As a prerequisite, you must know what you are trying to access remotely. For instance: - -- a VPC -- a Kubernetes network -- a home network -- an office network -- a data center - -After you have determined this, you must next deploy a netclient in a compatible location where the network is accessible. For instance, a Linux server or router in the office, or a Kubernetes worker node. This machine should be stable and relatively static (not expected to change its IP frequently or shut down unexpectedly). - -Next, you must determine which interface to use in order to reach the internal network. As an example, lets say there is a machine in the network at 10.10.10.2, and you have deployed the netclient on a different machine. You can run - -.. code-block:: - - ip route get 10.10.10.2 - -This should return the interface used to reach that address (e.x. "eth2") - -Finally, once you have determined the interface, the subnet, and deployed your netclient, you can go to your Netmaker UI and set the node as a gateway. - -.. image:: images/egress7.png - :width: 80% - :alt: Gateway - :align: center - -At this point simply insert the range(s) into the first field, and the interface name into the second field, and click "create". - -.. image:: images/ui-6.jpg - :width: 80% - :alt: Gateway - :align: center - -Netmaker will set iptables rules on the node, which will then implement these rules, allowing it to route traffic from the network to the specified range(s). - -Use Cases -============ - -1) Remote Access -------------------- - -A common scenario would be to combine this with an "Ingress Gateway" to create a simple method for accessing a home or office network. Such a setup would typically have only two nodes: the ingress and egress gateways. The Ingress Gateway should usually be globally accessible, which makes the Netmaker server itself a good candidate. This means you need only the netmaker server as the Ingress, and one additional machine (in the private network you wish to reach), as the Egress. - -.. image:: images/egress2.png - :width: 80% - :alt: Gateway - :align: center - -In some scenarios, a single node will act as both ingress and egress! For instance, you can enable acess to a VPC using your Netmaker server, deployed with a public IP. Traffic comes in over the public IP (encrypted of course) and then routes to the VPC subnet via the egress gateway. - -.. image:: images/egress3.png - :width: 50% - :alt: Gateway - :align: center - -2) VPN / NAT Gateway ------------------------ - -Most people think of a VPN as a remote server that keeps your internet traffic secure while you browse the web, or as a tool for accessing internet services in another country,using a VPN server based in that country. - -These are not typical use cases for Netmaker, but can be easily enabled. - -**The most important note is this: Do not use 0.0.0.0/0 as your egress gateway.** This is how you typically set up a "standard" VPN with WireGuard, however, it will not work with Netmaker. The Netclient specifically ignores gateways that overlap with local ranges (for efficiency ranges). 0.0.0.0 overlaps with everything, so it is always ignored. - -Instead, use the following list of ranges: - -.. code-block:: - - 0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4 - -This list encompasses the standard "public" network ranges, and ignores the standard "private" network ranges. - -Simply paste this list into your "egress gateway ranges" and your clients should begin routing public-facing traffic over the gateway. - -.. image:: images/egress5.png - :width: 50% - :alt: Gateway - :align: center diff --git a/docs/examplecode/myclient.conf b/docs/examplecode/myclient.conf deleted file mode 100644 index 614e94f8..00000000 --- a/docs/examplecode/myclient.conf +++ /dev/null @@ -1,10 +0,0 @@ -[Interface] -Address = 10.7.11.5/32 -PrivateKey = EJf6Yy51M/YDaZgedRpuxMmrqul35WfjmHvRZR1rQ0U= - -[Peer] -PublicKey = m/RPuMVsbpgQ+RkxlgK2mG+dDFlzqn+ua2zJt8Wn7GA= -AllowedIPs = 10.7.11.0/24 -Endpoint = 3.236.60.247:51822 -PersistentKeepalive = 20 - diff --git a/docs/examplecode/netclient-help.txt b/docs/examplecode/netclient-help.txt deleted file mode 100644 index 37d1d770..00000000 --- a/docs/examplecode/netclient-help.txt +++ /dev/null @@ -1,20 +0,0 @@ -NAME: - Netclient CLI - Netmaker's netclient agent and CLI. Used to perform interactions with Netmaker server and set local WireGuard config. - -USAGE: - netclient [global options] command [command options] [arguments...] - -COMMANDS: - register Register with Netmaker Server for secure GRPC communications. - join Join a Netmaker network. - leave Leave a Netmaker network. - checkin Checks for local changes and then checks into the specified Netmaker network to ask about remote changes. - push Push configuration changes to server. - pull Pull latest configuration and peers from server. - list Get list of networks. - uninstall Uninstall the netclient system service. - unregister Unregister the netclient from secure server GRPC. - help, h Shows a list of commands or help for one command - -GLOBAL OPTIONS: - --help, -h show help (default: false) diff --git a/docs/examplecode/netclient-join.txt b/docs/examplecode/netclient-join.txt deleted file mode 100644 index 2e514eed..00000000 --- a/docs/examplecode/netclient-join.txt +++ /dev/null @@ -1,37 +0,0 @@ -alex@workstation:~$ sudo netclient join --help -NAME: - netclient join - Join a Netmaker network. - -USAGE: - netclient join [command options] [arguments...] - -OPTIONS: - --network value, -n value Network to perform specified action against. (default: "all") [$NETCLIENT_NETWORK] - --password value, -p value Password for authenticating with netmaker. [$NETCLIENT_PASSWORD] - --endpoint value, -e value Reachable (usually public) address for WireGuard (not the private WG address). [$NETCLIENT_ENDPOINT] - --macaddress value, -m value Mac Address for this machine. Used as a unique identifier within Netmaker network. [$NETCLIENT_MACADDRESS] - --publickey value, --pubkey value Public Key for WireGuard Interface. [$NETCLIENT_PUBLICKEY] - --privatekey value, --privkey value Private Key for WireGuard Interface. [$NETCLIENT_PRIVATEKEY] - --port value Port for WireGuard Interface. [$NETCLIENT_PORT] - --keepalive value Default PersistentKeepAlive for Peers in WireGuard Interface. (default: 0) [$NETCLIENT_KEEPALIVE] - --operatingsystem value, --os value Identifiable name for machine within Netmaker network. [$NETCLIENT_OS] - --name value Identifiable name for machine within Netmaker network. [$NETCLIENT_NAME] - --localaddress value Local address for machine. Can be used in place of Endpoint for machines on the same LAN. [$NETCLIENT_LOCALADDRESS] - --address value, -a value WireGuard address for machine within Netmaker network. [$NETCLIENT_ADDRESS] - --addressIPv6 value, --a6 value WireGuard address for machine within Netmaker network. [$NETCLIENT_ADDRESSIPV6] - --interface value, -i value WireGuard local network interface name. [$NETCLIENT_INTERFACE] - --apiserver value Address + GRPC Port (e.g. 1.2.3.4:50051) of Netmaker server. [$NETCLIENT_API_SERVER] - --grpcserver value Address + API Port (e.g. 1.2.3.4:8081) of Netmaker server. [$NETCLIENT_GRPC_SERVER] - --key value, -k value Access Key for signing up machine with Netmaker server during initial 'add'. [$NETCLIENT_ACCESSKEY] - --token value, -t value Access Token for signing up machine with Netmaker server during initial 'add'. [$NETCLIENT_ACCESSTOKEN] - --localrange value Local Range if network is local, for instance 192.168.1.0/24. [$NETCLIENT_LOCALRANGE] - --dns value Sets private dns if 'on'. Ignores if 'off'. Will retrieve from network if unset. (default: "on") [$NETCLIENT_DNS] - --islocal value Sets endpoint to local address if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_IS_LOCAL] - --isdualstack value Sets ipv6 address if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_IS_DUALSTACK] - --udpholepunch value Turns on udp holepunching if 'yes'. Ignores if 'no'. Will retrieve from network if unset. [$NETCLIENT_UDP_HOLEPUNCH] - --ipforwarding value Sets ip forwarding on if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_IPFORWARDING] - --postup value Sets PostUp command for WireGuard. [$NETCLIENT_POSTUP] - --postdown value Sets PostDown command for WireGuard. [$NETCLIENT_POSTDOWN] - --daemon value Installs daemon if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_DAEMON] - --roaming value Checks for IP changes if 'on'. Ignores if 'off'. On by default. (default: "on") [$NETCLIENT_ROAMING] - --help, -h show help (default: false) \ No newline at end of file diff --git a/docs/examplecode/netconfig-example.yml b/docs/examplecode/netconfig-example.yml deleted file mode 100644 index 737c8c48..00000000 --- a/docs/examplecode/netconfig-example.yml +++ /dev/null @@ -1,35 +0,0 @@ -server: - corednsaddr: 147.182.251.203 # Address of CoreDNS Server (set locally with resolvectl) - grpcaddress: 10.101.0.1:50051 # Address of GRPC Server (used for all interaction with server after registration) - apiaddress: 1.2.3.4:8081 # Address of API Server (used only for registration/unregistration) - accesskey: 5qKTbTgsvb45y3qyRmWft # Key used to sign up with server. Used only during registration -node: - name: my-computer # name of this node - interface: nm-example # name of interface to create/use for WG - network: example # name of network this ode is a part of - password: $2a$0afehuytviN/thMpVlCYkonxy.Ws2.rNCJjBSAa3HZuhrK5hpYxme # encrypted node password, used to retrieve JWT. Can be changed to new pass in plaintext and CLI will update/replace with encrypted pass - macaddress: 6c:4b:91:0g:68:7b # MAC of node. Used as a Unique ID - localaddress: 192.168.1.32 # Address on local network, used as endpoint for other local nodes for faster comms - wgaddress: 10.7.11.2 # Private WG addres on network - wgaddress6: "f8:34:41:77:5c:15" # Private ipv6 address if network is dual stack - roaming: "yes" # Whether or not to grab new endpoint value automatically - dnson: "no" # Whether or not to set local DNS based on Netmaker's Private DNS server - islocal: "no" # Based on network. If yes, will use local IP as endpoint. - isdualstack: "yes" # Use IPv6 in addition to IPv4 - isingressgateway: "no" # whether or not node is an ingress gateway (will set iptables forwarding rules) - allowedips: "" # additional IP's to add to client - localrange: "" # local range if it's a local network. For instance, 192.168.1.0/24 - postup: "" # postup command, used by ingress/egress gateways to set iptables - postdown: "" # postdown command, used by ingress/egress gateways to set iptables - port: 51821 # WG port to use - keepalive: 20 # default keepalive with nodes - publickey: 8/q9cOg7c9QjnoXygVrY/VNE197VMRadJodkb1ZsujA= # public key of node to show to other nodes - privatekey: "" # private key, set only for changing and then will revert to blank in config - endpoint: 78.170.22.168 # public endpoint for reaching node - postchanges: "false" # if true, will post and config file changes on next checkin and then revert to false - ipforwarding: "yes" # set ip forwarding; highly recommended to leave on - isstatic: "no" # if yes, daemon will not change pubkey, endpoint, or address - udpholepunch: "yes" # run UDP hole punching (will ignore port above, e.g. 51821) - network: home # the network (duplicate of node.network) -daemon: "yes" # whether or not to manage systemd -operatingsystem: "" # not currently in use \ No newline at end of file diff --git a/docs/external-clients.rst b/docs/external-clients.rst deleted file mode 100644 index aad6d456..00000000 --- a/docs/external-clients.rst +++ /dev/null @@ -1,77 +0,0 @@ -===================================== -Ingress + External Clients -===================================== - -Introduction -=============== - -.. image:: images/ingress1.png - :width: 50% - :alt: Gateway - :align: center - -Netmaker allows for "external clients" to reach into a network and access services via an Ingress Gateway. So what is an "external client"? An external client is any machine which cannot or should not be meshed. This can include: - - Phones - - Laptops - - Desktops - -An external client is not "managed," meaning it does not automatically pull the latest network configuration, or push changes to its configuration. Instead, it uses a generated WireGuard config file to access the designated **Ingress Gateway**, which **is** a managed server (running netclient). This server then forwards traffic to the appropriate endpoint, acting as a middle-man/relay. - -By using this method, you can hook any machine into a netmaker network that can run WireGuard. - -It is recommended to run the netclient where compatible, but for all other cases, a machine can be configured as an external client. - -Important to note, an external client is not **reachable** by the network, meaning the client can establish connections to other machines, but those machines cannot independently establish a connection back. The External Client method should only be used in use cases where one wishes to access resource running on the virtual network, and **not** for use cases where one wishes to make a resource accessible on the network. For that, use netclient. - -Configuring an Ingress Gateway -================================== - -External Clients must attach to an Ingress Gateway. By default, your network will not have an ingress gateway. To configure an ingress gateway, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be an ingress gateway and makes for a good default choice if you are unsure of which node to select. - -.. image:: images/exclient1.png - :width: 80% - :alt: Gateway - :align: center - -Adding Clients to a Gateway -============================= - -Once you have configured a node as a gateway, you can then add clients to that gateway. Clients will be able to access other nodes in the network just as the gateway node does. - -.. image:: images/exclient2.png - :width: 80% - :alt: Gateway - :align: center - -After creating a client, you can edit the name to something more logical. - -.. image:: images/exclient3.png - :width: 80% - :alt: Gateway - :align: center - -Then, you can either download the configuration file directly, or scan the QR code from your phone (assuming you have the WireGuard app installed). It will accept the configuration just as it would accept a typical WireGuard configuration file. - -.. image:: images/exclient4.png - :width: 80% - :alt: Gateway - :align: center - -Example config file: - -.. literalinclude:: ./examplecode/myclient.conf - -Your client should now be able to access the network! A client can be invalidated at any time by simply deleting it from the UI. - -Configuring DNS for Ext Clients (OPTIONAL) -============================================ - -If you wish to have a DNS field on your ext clients conf, simply edit the network field as shown below to 1.1.1.1 or 8.8.8.8 for example. -If you do not want DNS on your ext client conf files, simply leave it blank. - -.. image:: images/extclient5.png - :width: 80% - :alt: Gateway - :align: center - -Important to note, your client automatically adds egress gateway ranges (if any on the same network) to it's allowed IPs. diff --git a/docs/getting-started.rst b/docs/getting-started.rst deleted file mode 100644 index fea57bc7..00000000 --- a/docs/getting-started.rst +++ /dev/null @@ -1,142 +0,0 @@ -================= -Getting Started -================= - -Once you have Netmaker installed via the :doc:`Quick Install <./quick-start>` guide, you can use this Getting Started guide to help create and manage your first network. - -Setup -================= - -#. Create your admin user, with a username and password. -#. Login with your new user -#. Create your first network by clicking on Create Network - -Create a Network -================= - - -.. image:: images/create-net.png - :width: 80% - :alt: Create Network Screen - :align: center - -This network should have a sensible name (nodes will use it to set their interfaces). - -More importantly, it should have a non-overlapping, private address range. - -If you are running a small (less than 254 machines) network, and are unsure of which CIDR's to use, you could consider: - -- 10.11.12.0/24 -- 10.20.30.0/24 -- 100.99.98.0/24 - -Network Settings Description -------------------------------- - -The Network creation form has a few fields which may seem unfamiliar. Here is a brief description: - -**UDP Hole Punching:** UDP Hole Punching enables the server to perform STUN. This means, when nodes check in, the server will record return addresses and ports. It will then communicate this information to the other nodes when they check in, allowing them to reach their peers more easily. This has two benefits. For one, it%. It also means, you dont usually have to worry about opening up the local firewall for ports (for instance, 51821). **This setting is usually good to turn on, with some noteable exceptions.** This setting cannot be enabled if "client mode" is turned off. This setting can also break peer-to-peer functionality if, for whatever reason, nodes are unable to reach the server. - -**Is Local Network:** This is almost always best to leave this turned off and is left for very special circumstances. If you are running a data center or a private WAN, you may want to enable this setting. It defines the range that nodes will set for Endpoints. Usually, Endpoints are just the public IP. But in some cases, you don't want any nodes to be reachable via a public IP, and instead want to use a private range. - -**Is Dual Stack:** This setting adds ipv6 private addresses to nodes, in addition to ipv4 addresses. Usually, this is unnecessary, but in some cases, you may have a requirement for ipv6 and can enable this setting. - -Once your network is created, you should see that the netmaker server has added itself to the network. From here, you can move on to adding additional nodes to the network. - -.. image:: images/netmaker-node.png - :width: 80% - :alt: Node Screen - :align: center - - -Create a Key -=============== - -Adding nodes to the network typically requires a key. - -#. Click on the ACCESS KEYS tab and select the network you created. -#. Click ADD NEW ACCESS KEY -#. Give it a name (ex: "mykey") and a number of uses (ex: 25) -#. Click CREATE KEY (**Important:** Do not click out of the following screen until you have saved your key details. It will appear only once.) -#. Copy the bottom command under "Your agent install command with access token" and save it somewhere locally. E.x: ``curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -``. - -.. image:: images/access-key.png - :width: 80% - :alt: Access Key Screen - :align: center - -You will use this command to install the netclient on your nodes. There are three different values for three different scenarios: - -* The **Access Key** value is the secret string that will allow your node to authenticate with the Netmaker network. This can be used with existing netclient installations where additional configurations (such as setting the server IP manually) may be required. This is not typical. E.g. ``netclient join -k -s grpc.myserver.com -p 50051`` -* The **Access Token** value is a base64 encoded string that contains the server IP and grpc port, as well as the access key. This is decoded by the netclient and can be used with existing netclient installations like this: ``netclient join -t ``. You should use this method for adding a network to a node that is already on a network. For instance, Node A is in the **mynet** network and now you are adding it to **default**. -* The **install command** value is a curl command that can be run on Linux systems. It is a simple script that downloads the netclient binary and runs the install command all in one. - -Networks can also be enabled to allow nodes to sign up without keys at all. In this scenario, nodes enter a "pending state" and are not permitted to join the network until an admin approves them. - -Deploy Nodes -================= - -0. Prereqisite: Every machine on which you install should have wireguard and systemd already installed. - -1. SSH to each machine -2. ``sudo su -`` -3. **Prerequisite Check:** Every Linux machine on which you run the netclient must have WireGuard and systemd installed -4. For linux machines with SystemD and WireGuard installed, Run the install command, Ex: ``curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netclient-install.sh | KEY=vm3ow4thatogiwnsla3thsl3894ths sh -`` -5. For Mac, Windows, and arch-specific linux distributions (e.g. ARM), `download the appropriate netclient for your system `_ . Then, run "netclient join -t ". - -You should get output similar to the below. The netclient retrieves local settings, submits them to the server for processing, and retrieves updated settings. Then it sets the local network configuration. For more information about this process, see the :doc:`client installation <./client-installation>` documentation. If this process failed and you do not see your node in the console (see below), then reference the :doc:`troubleshooting <./troubleshoot>` documentation. - -.. image:: images/nc-install-output.png - :width: 80% - :alt: Output from Netclient Install - :align: center - - -.. image:: images/nm-node-success.png - :width: 80% - :alt: Node Success - :align: center - - -Repeat the above steps for every machine you would like to add to your network. You can re-use the same install command so long as you do not run out of uses on your access key (after which it will be invalidated and deleted). - -Once installed on all nodes, you can test the connection by pinging the private address of any node from any other node. - - -.. image:: images/ping-node.png - :width: 80% - :alt: Node Success - :align: center - -Manage Nodes -=============== - -Your machines should now be visible in the control pane. - -.. image:: images/nodes.png - :width: 80% - :alt: Node Success - :align: center - -You can view/modify/delete any node by selecting it in the NODES tab. For instance, you can change the name to something more sensible like "workstation" or "api server". You can also modify network settings here, such as keys or the WireGuard port. These settings will be picked up by the node on its next check in. For more information, see Advanced Configuration in the :doc:`Using Netmaker <./usage>` docs. - -.. image:: images/node-details.png - :width: 80% - :alt: Node Success - :align: center - - - -Nodes can be added/removed/modified on the network at any time. Nodes can also be added to multiple Netmaker networks. Any changes will get picked up by any nodes on a given network, and will take aboue ~30 seconds to take effect. - -Uninstalling the netclient -============================= - -1. To remove your nodes from the default network, run the following on each node: ``sudo netclient leave -n default`` -2. To remove the netclient entirely from each node, run ``sudo rm -rf /etc/netclient`` (after running the first step) - -Uninstalling Netmaker -=========================== - -To uninstall Netmaker from the server, simply run ``docker-compose down`` or ``docker-compose down --volumes`` to remove the docker volumes for a future installation. - diff --git a/docs/images/access-key.png b/docs/images/access-key.png deleted file mode 100644 index 8514ef42..00000000 Binary files a/docs/images/access-key.png and /dev/null differ diff --git a/docs/images/create-net.png b/docs/images/create-net.png deleted file mode 100644 index 11a577ff..00000000 Binary files a/docs/images/create-net.png and /dev/null differ diff --git a/docs/images/create-user.png b/docs/images/create-user.png deleted file mode 100644 index 35a12ce7..00000000 Binary files a/docs/images/create-user.png and /dev/null differ diff --git a/docs/images/default-net.png b/docs/images/default-net.png deleted file mode 100644 index 6686320b..00000000 Binary files a/docs/images/default-net.png and /dev/null differ diff --git a/docs/images/egress1.png b/docs/images/egress1.png deleted file mode 100644 index e639629d..00000000 Binary files a/docs/images/egress1.png and /dev/null differ diff --git a/docs/images/egress2.png b/docs/images/egress2.png deleted file mode 100644 index 74fb8ae0..00000000 Binary files a/docs/images/egress2.png and /dev/null differ diff --git a/docs/images/egress3.png b/docs/images/egress3.png deleted file mode 100644 index b5e67d59..00000000 Binary files a/docs/images/egress3.png and /dev/null differ diff --git a/docs/images/egress5.png b/docs/images/egress5.png deleted file mode 100644 index 3f8b4e60..00000000 Binary files a/docs/images/egress5.png and /dev/null differ diff --git a/docs/images/egress7.png b/docs/images/egress7.png deleted file mode 100644 index f0f97c76..00000000 Binary files a/docs/images/egress7.png and /dev/null differ diff --git a/docs/images/exclient1.png b/docs/images/exclient1.png deleted file mode 100644 index 76aa0859..00000000 Binary files a/docs/images/exclient1.png and /dev/null differ diff --git a/docs/images/exclient2.png b/docs/images/exclient2.png deleted file mode 100644 index b9972be5..00000000 Binary files a/docs/images/exclient2.png and /dev/null differ diff --git a/docs/images/exclient3.png b/docs/images/exclient3.png deleted file mode 100644 index b00766aa..00000000 Binary files a/docs/images/exclient3.png and /dev/null differ diff --git a/docs/images/exclient4.png b/docs/images/exclient4.png deleted file mode 100644 index 720215f8..00000000 Binary files a/docs/images/exclient4.png and /dev/null differ diff --git a/docs/images/extclient5.png b/docs/images/extclient5.png deleted file mode 100644 index 3bcbd70f..00000000 Binary files a/docs/images/extclient5.png and /dev/null differ diff --git a/docs/images/ingress1.png b/docs/images/ingress1.png deleted file mode 100644 index 25b8919a..00000000 Binary files a/docs/images/ingress1.png and /dev/null differ diff --git a/docs/images/install-server.gif b/docs/images/install-server.gif deleted file mode 100644 index 95f355e5..00000000 Binary files a/docs/images/install-server.gif and /dev/null differ diff --git a/docs/images/mesh-diagram.png b/docs/images/mesh-diagram.png deleted file mode 100644 index dd63f578..00000000 Binary files a/docs/images/mesh-diagram.png and /dev/null differ diff --git a/docs/images/mesh.png b/docs/images/mesh.png deleted file mode 100644 index 8adbf214..00000000 Binary files a/docs/images/mesh.png and /dev/null differ diff --git a/docs/images/nc-install-output.png b/docs/images/nc-install-output.png deleted file mode 100644 index 303c7e9e..00000000 Binary files a/docs/images/nc-install-output.png and /dev/null differ diff --git a/docs/images/netcreate.png b/docs/images/netcreate.png deleted file mode 100644 index 11a577ff..00000000 Binary files a/docs/images/netcreate.png and /dev/null differ diff --git a/docs/images/netmaker-node.png b/docs/images/netmaker-node.png deleted file mode 100644 index 18d10213..00000000 Binary files a/docs/images/netmaker-node.png and /dev/null differ diff --git a/docs/images/netmaker-simple.png b/docs/images/netmaker-simple.png deleted file mode 100644 index 39377ba2..00000000 Binary files a/docs/images/netmaker-simple.png and /dev/null differ diff --git a/docs/images/netmaker.png b/docs/images/netmaker.png deleted file mode 100644 index 29890534..00000000 Binary files a/docs/images/netmaker.png and /dev/null differ diff --git a/docs/images/nm-diagram-2.jpg b/docs/images/nm-diagram-2.jpg deleted file mode 100644 index 64fad123..00000000 Binary files a/docs/images/nm-diagram-2.jpg and /dev/null differ diff --git a/docs/images/nm-diagram-3.png b/docs/images/nm-diagram-3.png deleted file mode 100644 index 398bb970..00000000 Binary files a/docs/images/nm-diagram-3.png and /dev/null differ diff --git a/docs/images/nm-diagram.jpg b/docs/images/nm-diagram.jpg deleted file mode 100644 index 11f0aaaa..00000000 Binary files a/docs/images/nm-diagram.jpg and /dev/null differ diff --git a/docs/images/nm-node-success.png b/docs/images/nm-node-success.png deleted file mode 100644 index 18d10213..00000000 Binary files a/docs/images/nm-node-success.png and /dev/null differ diff --git a/docs/images/node-details.png b/docs/images/node-details.png deleted file mode 100644 index e7cbb776..00000000 Binary files a/docs/images/node-details.png and /dev/null differ diff --git a/docs/images/node-graph-1.png b/docs/images/node-graph-1.png deleted file mode 100644 index ce802ec7..00000000 Binary files a/docs/images/node-graph-1.png and /dev/null differ diff --git a/docs/images/node-graph-2.png b/docs/images/node-graph-2.png deleted file mode 100644 index b4e370bf..00000000 Binary files a/docs/images/node-graph-2.png and /dev/null differ diff --git a/docs/images/nodes.png b/docs/images/nodes.png deleted file mode 100644 index 79f0d0fa..00000000 Binary files a/docs/images/nodes.png and /dev/null differ diff --git a/docs/images/oauth1.png b/docs/images/oauth1.png deleted file mode 100644 index aa6fbfeb..00000000 Binary files a/docs/images/oauth1.png and /dev/null differ diff --git a/docs/images/oauth2.png b/docs/images/oauth2.png deleted file mode 100644 index 83baae2c..00000000 Binary files a/docs/images/oauth2.png and /dev/null differ diff --git a/docs/images/oauth3.png b/docs/images/oauth3.png deleted file mode 100644 index 35a12ce7..00000000 Binary files a/docs/images/oauth3.png and /dev/null differ diff --git a/docs/images/ping-node.png b/docs/images/ping-node.png deleted file mode 100644 index 0638740f..00000000 Binary files a/docs/images/ping-node.png and /dev/null differ diff --git a/docs/images/relay1.png b/docs/images/relay1.png deleted file mode 100644 index 3810cdba..00000000 Binary files a/docs/images/relay1.png and /dev/null differ diff --git a/docs/images/ui-1.jpg b/docs/images/ui-1.jpg deleted file mode 100644 index 1b599981..00000000 Binary files a/docs/images/ui-1.jpg and /dev/null differ diff --git a/docs/images/ui-10.jpg b/docs/images/ui-10.jpg deleted file mode 100644 index 6222d0a9..00000000 Binary files a/docs/images/ui-10.jpg and /dev/null differ diff --git a/docs/images/ui-11.jpg b/docs/images/ui-11.jpg deleted file mode 100644 index 994fc856..00000000 Binary files a/docs/images/ui-11.jpg and /dev/null differ diff --git a/docs/images/ui-2.jpg b/docs/images/ui-2.jpg deleted file mode 100644 index 9f8c5bfa..00000000 Binary files a/docs/images/ui-2.jpg and /dev/null differ diff --git a/docs/images/ui-3.jpg b/docs/images/ui-3.jpg deleted file mode 100644 index 6f52dd0d..00000000 Binary files a/docs/images/ui-3.jpg and /dev/null differ diff --git a/docs/images/ui-4.jpg b/docs/images/ui-4.jpg deleted file mode 100644 index 47d532bb..00000000 Binary files a/docs/images/ui-4.jpg and /dev/null differ diff --git a/docs/images/ui-5.jpg b/docs/images/ui-5.jpg deleted file mode 100644 index cfdc82e9..00000000 Binary files a/docs/images/ui-5.jpg and /dev/null differ diff --git a/docs/images/ui-6.jpg b/docs/images/ui-6.jpg deleted file mode 100644 index 850e525e..00000000 Binary files a/docs/images/ui-6.jpg and /dev/null differ diff --git a/docs/images/ui-7.jpg b/docs/images/ui-7.jpg deleted file mode 100644 index 8f4ef726..00000000 Binary files a/docs/images/ui-7.jpg and /dev/null differ diff --git a/docs/images/ui-8.jpg b/docs/images/ui-8.jpg deleted file mode 100644 index 52487c9d..00000000 Binary files a/docs/images/ui-8.jpg and /dev/null differ diff --git a/docs/index.rst b/docs/index.rst deleted file mode 100644 index b8edc1d7..00000000 --- a/docs/index.rst +++ /dev/null @@ -1,194 +0,0 @@ -.. Netmaker documentation master file, created by - sphinx-quickstart on Fri May 14 08:51:40 2021. - You can adapt this file completely to your liking, but it should at least - contain the root `toctree` directive. - - -.. image:: images/netmaker.png - :width: 100% - :alt: Netmaker WireGuard - :align: center - -======================================= -Welcome to the Netmaker Documentation -======================================= - - -Netmaker is a platform for creating and managing fast, secure, and dynamic virtual overlay networks using WireGuard. - -This documentation covers Netmaker's :doc:`installation <./server-installation>`, :doc:`usage <./usage>`, :doc:`troubleshooting <./support>`, and customization, as well as reference documents for the :doc:`API <./api>`, UI and Agent configuration. All of the `source code `_ for Netmaker is on GitHub. - -**For Kubernetes-specific guidance, please see the** `Netmaker Kubernetes Documentation. `_ - -About --------- - -High-level information about what Netmaker is and how it works. - -.. toctree:: - :maxdepth: 2 - - about - - architecture - -Getting Started ------------------------------------- - -How to install Netmaker and set up your first network. - -.. toctree:: - :maxdepth: 2 - - install - - quick-start - - getting-started - -Ingress, Egress, and Relays ------------------------------- - -How to give machines outside of the Netmaker network access to network resources via an Ingress Gateway: - -.. toctree:: - :maxdepth: 2 - - external-clients - -How to give machines inside the Netmaker network access to external network resources via an Egress Gateway: - - -.. toctree:: - :maxdepth: 2 - - egress-gateway - -How to make machines inside the network reachable if they are blocked by NAT/Firewall: - -.. toctree:: - :maxdepth: 2 - - relay-server - -Kubernetes Documentation ---------------------------- - -.. toctree:: - - Kubernetes - -`Netmaker Kubernetes Documentation `_ - - -Advanced Server Installation -------------------------------- - -A detailed guide to installing the Netmaker server (API, DB, UI, DNS), and configuration options. - -.. toctree:: - :maxdepth: 2 - - server-installation - -Advanced Client Installation --------------------------------- - -A detailed guide to installing the Netmaker agent (netclient) on devices and configuration options. - -.. toctree:: - :maxdepth: 2 - - client-installation - - -Oauth Configuration --------------------- - -A simple guide to configuring OAuth for Netmaker. - -.. toctree:: - :maxdepth: 2 - - oauth - - -External Guides ----------------- - -A handful of guides for use cases including site-to-site, Kubernetes, private DNS, and more. - -.. toctree:: - :maxdepth: 2 - - usage - -UI Reference ---------------- - -A reference document for the Netmaker Server UI, with annotated screenshot detailing each field. - -.. toctree:: - :maxdepth: 2 - - ui-reference - -API Reference ---------------- - -A reference document for the Netmaker Server API, and example API calls for various use cases. - -.. toctree:: - :maxdepth: 1 - - api - -Upgrades ----------------- - -Upgrading the Netmaker server and clients. - -.. toctree:: - :maxdepth: 1 - - upgrades - - -Troubleshooting ----------------- - -Help with common Netmaker/netclient issues. - -.. toctree:: - :maxdepth: 2 - - troubleshoot - - -Support ----------------- - -Where to go for help, and a FAQ. - -.. toctree:: - :maxdepth: 2 - - support - -Code of Conduct ------------------ - -A statement on our expectations and pledge to the community. - -.. toctree:: - - conduct.rst - -Licensing ---------------- - -A link to the Netmaker license. - -.. toctree:: - - license.rst diff --git a/docs/install.rst b/docs/install.rst deleted file mode 100644 index ea7d3d4f..00000000 --- a/docs/install.rst +++ /dev/null @@ -1,20 +0,0 @@ -========= -Install -========= - -Choose the install method that makes sense for you. - -**For most users, we recommend the** :doc:`Quick Install<./quick-start>` **guide.** - -`Trial, PoC, Testing, and Experimenting `_ - -:doc:`Quick Install: for general small-to-medium use cases <./quick-start>` - -:ref:`Kubernetes Installation ` - -:ref:`Non-Docker (from binary) Install ` - -:ref:`Highly Available Installation ` - -:doc:`Advanced Install Resources <./server-installation>` - diff --git a/docs/license.rst b/docs/license.rst deleted file mode 100644 index 3e81c466..00000000 --- a/docs/license.rst +++ /dev/null @@ -1,6 +0,0 @@ -======= -License -======= - -Netmaker's source code and all artifacts in this repository are freely available. All versions are published under the Server Side Public License (SSPL), version 1, which can be found `here `_. - diff --git a/docs/make.bat b/docs/make.bat deleted file mode 100644 index 2119f510..00000000 --- a/docs/make.bat +++ /dev/null @@ -1,35 +0,0 @@ -@ECHO OFF - -pushd %~dp0 - -REM Command file for Sphinx documentation - -if "%SPHINXBUILD%" == "" ( - set SPHINXBUILD=sphinx-build -) -set SOURCEDIR=. -set BUILDDIR=_build - -if "%1" == "" goto help - -%SPHINXBUILD% >NUL 2>NUL -if errorlevel 9009 ( - echo. - echo.The 'sphinx-build' command was not found. Make sure you have Sphinx - echo.installed, then set the SPHINXBUILD environment variable to point - echo.to the full path of the 'sphinx-build' executable. Alternatively you - echo.may add the Sphinx directory to PATH. - echo. - echo.If you don't have Sphinx installed, grab it from - echo.http://sphinx-doc.org/ - exit /b 1 -) - -%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% -goto end - -:help -%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% - -:end -popd diff --git a/docs/oauth.rst b/docs/oauth.rst deleted file mode 100644 index 2af20f55..00000000 --- a/docs/oauth.rst +++ /dev/null @@ -1,81 +0,0 @@ -==================== -Integrating OAuth -==================== - -Introduction -============== - -As of v0.8.5, Netmaker offers integration with the following OAuth providers: - -- GitHub -- Google -- Microsoft Azure AD - -By integrating with an OAuth provider, your Netmaker users can log in via the provider, rather than the default simple auth. - -Configuring your provider -=========================== - -In order to use OAuth, configure your OAuth provider (GitHub, Google, Azure AD). - -You must configure your provider (except for Azure AD) to use the Netmaker Dashboard URI dashboard. as the origin URL. - -For example: `https://dashboard.netmaker.mydomain.com` - -You must configure your provider to use the Netmaker API URI redirect route with the following format: https://api./api/oauth/callback. - -For example: `https://api.netmaker.mydomain.com/api/oauth/callback` - -General provider instructions can be found with the following links: - -Instructions for GitHub: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#github-auth-provider -Instructions for Google: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#google-auth-provider -Instructions for Microsoft Azure AD: https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/oauth_provider/#microsoft-azure-ad-provider - -Configuring Netmaker -====================== - -After you have configured your OAuth provider, take note of the CLIENT_ID and CLIENT_SECRET. If you are using Azure for oauth, you may also want to note down the Azure tenant ID you wish to use. - -Next, Configure Netmaker with the following environment variables. If any are left blank, OAuth will fail. - -.. code-block:: - - AUTH_PROVIDER: "" - CLIENT_ID: "" - CLIENT_SECRET: "" - SERVER_HTTP_HOST: "api." - FRONTEND_URL: "https://dashboard." - AZURE_TENANT: "" - -After restarting your server, the Netmaker logs will indicate if the OAuth provider was successfully initialized: - -.. code-block:: - - sudo docker logs netmaker - -Once successful, users can click the key symbol on the login page to sign-in with your configured OAuth provider. - -.. image:: images/oauth1.png - :width: 80% - :alt: Login Oauth - :align: center - -Configuring User Permissions -=============================== - -All users logging in will have zero permissions on first sign-in. An admin must configure all user permissions. - -Admins must navigate to the "Users" screen to configure permissions. - -For each user, an admin must specify which networks that user has access to configure. Additionally, an Admin can elevate a user to Admin permissions. - -.. image:: images/oauth3.png - :width: 80% - :alt: Edit User 2 - :align: center - -.. image:: images/oauth2.png - :width: 80% - :alt: Edit User - :align: center diff --git a/docs/quick-start.rst b/docs/quick-start.rst deleted file mode 100644 index 7dec586f..00000000 --- a/docs/quick-start.rst +++ /dev/null @@ -1,155 +0,0 @@ -=============== -Quick Install -=============== - -This quick start guide is an **opinionated** guide for getting up and running with Netmaker as quickly as possible. - -If just trialing netmaker, you may also want to check out the 3-minute PoC install of Netmaker in the README on GitHub. The following is just a guided version of that script, plus a custom domain (instead of nip.io): https://github.com/gravitl/netmaker . - -Introduction -================== - -We assume for this installation that you want all of the Netmaker features enabled, you want your server to be secure, and you want your server to be accessible from anywhere. - -This instance will not be HA. However, it should comfortably handle around one hundred concurrent clients and support the most common use cases. - -If you are deploying for a business or enterprise use case and this setup will not fit your needs, please contact info@gravitl.com, or check out the business subscription plans at https://gravitl.com/plans/business. - -By the end of this guide, you will have Netmaker installed on a public VM linked to your custom domain, secured behind a Caddy reverse proxy. - -For information about deploying more advanced configurations, see the :doc:`Advanced Installation <./server-installation>` docs. - - -0. Prerequisites -================== -- **Virtual Machine** - - - Preferably from a cloud provider (e.x: DigitalOcean, Linode, AWS, GCP, etc.) - - - (We do not recommend Oracle Cloud, as VM's here have been known to cause network interference.) - - - Public, static IP - - - Min 1GB RAM, 1 CPU (4GB RAM, 2CPU preferred for production installs) - - - 2GB+ of storage - - - Ubuntu 20.04 Installed - -- **Domain** - - - A publicly owned domain (e.x. example.com, mysite.biz) - - Permission and access to modify DNS records via DNS service (e.x: Route53) - -1. Prepare DNS -================ - -Create a wildcard A record pointing to the public IP of your VM. As an example, \*.netmaker.example.com. - -Caddy will create 3 subdomains with this wildcard, EX: - -- dashboard.netmaker.example.com - -- api.netmaker.example.com - -- grpc.netmaker.example.com - - -2. Install Dependencies -======================== - -.. code-block:: - - ssh root@your-host - sudo apt-get update - sudo apt-get install -y docker.io docker-compose wireguard - -At this point you should have all the system dependencies you need. - -3. Open Firewall -=============================== - -Make sure firewall settings are set for Netmaker both on the VM and with your cloud security groups (AWS, GCP, etc). - -Make sure the following ports are open both on the VM and in the cloud security groups: - -- **443 (tcp):** for Dashboard, REST API, and gRPC -- **80 (tcp):** for LetsEncrypt -- **53 (udp and tcp):** for CoreDNS - This is no longer necessary as of 0.10.0, as by default DNS queries will run over WireGuard. -- **51821-518XX (udp):** for WireGuard - Netmaker needs one port per network, starting with 51821, so open up a range depending on the number of networks you plan on having. For instance, 51821-51830. - -.. code-block:: - - sudo ufw allow proto tcp from any to any port 443 && sudo ufw allow 53/udp && sudo ufw allow 53/tcp && sudo ufw allow 51821:51830/udp - -**Again, based on your cloud provider, you may additionally need to set inbound security rules for your server (for instance, on AWS). This will be dependent on your cloud provider. Be sure to check before moving on:** - - allow 443/tcp from all - - allow 80/tcp from all - - (optional) allow 53/udp and 53/tcp from all - - allow 51821-51830/udp from all - - -4. Install Netmaker -======================== - -Prepare Docker Compose ------------------------- - -**Note 1 on COREDNS_IP:** As of 0.10.0, the default installation does not require COREDNS_IP to be set. Queries will run over WireGuard. -**Note 2 on COREDNS_IP:** Depending on your cloud provider, the public IP may not be bound directly to the VM on which you are running. In such cases, CoreDNS cannot bind to this IP, and you should use the IP of the default interface on your machine in place of COREDNS_IP. This command will get you the correct IP for CoreDNS in many cases: - -.. code-block:: - - ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p' - -Now, insert the values for your base (wildcard) domain, public ip, and coredns ip. - -.. code-block:: - - wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/compose/docker-compose.contained.yml - sed -i 's/NETMAKER_BASE_DOMAIN//g' docker-compose.yml - sed -i 's/SERVER_PUBLIC_IP//g' docker-compose.yml - sed -i 's/COREDNS_IP//g' docker-compose.yml - -Generate a unique master key and insert it: - -.. code-block:: - - tr -dc A-Za-z0-9 /g' docker-compose.yml - -You may want to save this key for future use with the API. - -Prepare Caddy ------------------------- - -.. code-block:: - - wget -O /root/Caddyfile https://raw.githubusercontent.com/gravitl/netmaker/master/docker/Caddyfile - - sed -i 's/NETMAKER_BASE_DOMAIN//g' /root/Caddyfile - sed -i 's/YOUR_EMAIL//g' /root/Caddyfile - -Prepare MQ ------------------------- - - -You must retrieve the MQ configuration file for Mosquitto. - -.. code-block:: - - wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/master/docker/mosquitto.conf - - -Start Netmaker ----------------- - -``sudo docker-compose up -d`` - -navigate to dashboard. to begin using Netmaker. - -To troubleshoot issues, start with: - -``docker logs netmaker`` - -Or check out the :doc:`troubleshoooting docs <./troubleshoot>`. diff --git a/docs/relay-server.rst b/docs/relay-server.rst deleted file mode 100644 index 1364fa64..00000000 --- a/docs/relay-server.rst +++ /dev/null @@ -1,36 +0,0 @@ -===================================== -Relay Servers -===================================== - -Introduction -=============== - -.. image:: images/relay1.png - :width: 80% - :alt: Relay - :align: center - -Sometimes nodes are in hard-to-reach places. Typically this will be due to a CGNAT, Double NAT, or restrictive firewall. In such scenarios, a direct peer-to-peer connection with all other nodes might be impossible. - -For this reason, Netmaker has a Relay Server functionality. At any time you may designate a publicly reachable node (such as the Netmaker Server) as a Relay, and tell it which machines it should relay. Then, all traffic routing to and from that machine will go through the relay. This allows you to circumvent the above issues and ensure connectivity when direct measures do not work. - -Configuring a Relay -================================== - -To create a relay, you can use any node in your network, but it should have a public IP address (not behind a NAT). Your Netmaker server can be a relay server and makes for a good default choice if you are unsure of which node to select. - -Simply click the relay button in the nodes list. Then, specify the nodes which it should relay. You can either enter the IP's directly, select from a list, or click "Select All." - -.. image:: images/ui-7.jpg - :width: 80% - :alt: Relay - :align: center - -If you choose "select all" this essentially turns your network into a hub-and-spoke network. All traffic now routes over the relay node. This can create a bottleneck and slow down your network, but in some scenarios may simplify network operations. - -After creation, you can change the list of relayed nodes by clicking "edit node" and editing the list (Field #12 below). - -.. image:: images/ui-5.jpg - :width: 40% - :alt: Relay - :align: center diff --git a/docs/requirements.txt b/docs/requirements.txt deleted file mode 100644 index e1eac84f..00000000 --- a/docs/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -sphinx-material diff --git a/docs/server-installation.rst b/docs/server-installation.rst deleted file mode 100644 index 19629d9d..00000000 --- a/docs/server-installation.rst +++ /dev/null @@ -1,641 +0,0 @@ -================================= -Advanced Server Installation -================================= - -This section outlines installing the Netmaker server, including Netmaker, Netmaker UI, rqlite, and CoreDNS - -System Compatibility -==================== - -Netmaker will require elevated privileges to perform network operations. Netmaker has similar limitations to :doc:`netclient <./client-installation>` (client networking agent). - -Typically, Netmaker is run inside of containers (Docker). To run a non-docker installation, you must run the Netmaker binary, CoreDNS binary, database, and a web server directly on the host. Each of these components have their own individual requirements. - -The quick install guide is recommended for first-time installs. - -The following documents are meant for special cases like Kubernetes and LXC, or for more advanced setups. - - -Server Configuration Reference -========================================== - -Netmaker sets its configuration in the following order of precendence: - -1. Defaults -2. Config File -3. Environment Variables - -Variable Description ----------------------- -VERBOSITY: - **Default:** 0 - - **Description:** Specify level of logging you would like on the server. Goes up to 3 for debugging. - - -GRPC_SSL: - **Default:** "off" - - **Description:** Specifies if GRPC is going over secure GRPC or SSL. This is a setting for the clients and is passed through the access token. Can be set to "on" and "off". Set to on if SSL is configured for GRPC. - -SERVER_API_CONN_STRING - **Default:** "" - - **Description:** Allows specification of the string used to connect to the server api. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified. - -SERVER_GRPC_CONN_STRING - **Default:** "" - - **Description:** Allows specification of the string used to connect to grpc. Format: IP:PORT or DOMAIN:PORT. Defaults to SERVER_HOST if not specified. - -SERVER_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Server will perform an IP check and set automatically unless explicitly set, or DISABLE_REMOTE_IP_CHECK is set to true, in which case it defaults to 127.0.0.1 - - **Description:** Sets the SERVER_HTTP_HOST and SERVER_GRPC_HOST variables if they are unset. The address where traffic comes in. - -SERVER_HTTP_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Equals SERVER_HOST if set, "127.0.0.1" if SERVER_HOST is unset. - - **Description:** Set to make the HTTP and GRPC functions available via different interfaces/networks. - -SERVER_GRPC_HOST: *(depreciated, use SERVER_API_CONN_STRING and SERVER_GRPC_CONN_STRING)* - **Default:** Equals SERVER_HOST if set, "127.0.0.1" if SERVER_HOST is unset. - - **Description:** Set to make the HTTP and GRPC functions available via different interfaces/networks. - -API_PORT: - **Default:** 8081 - - **Description:** The HTTP API port for Netmaker. Used for API calls / communication from front end. - -GRPC_PORT: - **Default:** 50051 - - **Description:** The GRPC port for Netmaker. Used for communications from nodes. - -MASTER_KEY: - **Default:** "secretkey" - - **Description:** The admin master key for accessing the API. Change this in any production installation. - -CORS_ALLOWED_ORIGIN: - **Default:** "*" - - **Description:** The "allowed origin" for API requests. Change to restrict where API requests can come from. - -REST_BACKEND: - **Default:** "on" - - **Description:** Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off. - -AGENT_BACKEND: - **Default:** "on" - - **Description:** Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off. - -DNS_MODE: - **Default:** "off" - - **Description:** Enables DNS Mode, meaning config files will be generated for CoreDNS. - -DATABASE: - **Default:** "sqlite" - - **Description:** Specify db type to connect with. Currently, options include "sqlite", "rqlite", and "postgres". - -SQL_CONN: - **Default:** "http://" - - **Description:** Specify the necessary string to connect with your local or remote sql database. - -SQL_HOST: - **Default:** "localhost" - - **Description:** Host where postgres is running. - -SQL_PORT: - **Default:** "5432" - - **Description:** port postgres is running. - -SQL_DB: - **Default:** "netmaker" - - **Description:** DB to use in postgres. - -SQL_USER: - **Default:** "postgres" - - **Description:** User for posgres. - -SQL_PASS: - **Default:** "nopass" - - **Description:** Password for postgres. - -CLIENT_MODE: - **Default:** "on" - - **Description:** Specifies if server should deploy itself as a node (client) in each network. May be turned to "off" for more restricted servers. - -RCE: - **Default:** "off" - - **Description:** The server enables you to set PostUp and PostDown commands for nodes, which is standard for WireGuard with wg-quick, but is also **Remote Code Execution**, which is a critical vulnerability if the server is exploited. Because of this, it's turned off by default, but if turned on, PostUp and PostDown become editable. - -SERVER_GRPC_WIREGUARD - **Depreciated:** no longer in use - -DISPLAY_KEYS - **Default:** "on" - - **Description:** If "on", will allow you to always show the key values of "access keys". This could be considered a vulnerability, so if turned "off", will only display key values once, and it is up to the users to store the key values locally. - -NODE_ID - **Default:** - - **Description:** This setting is used for HA configurations of the server, to identify between different servers. Nodes are given ID's like netmaker-1, netmaker-2, and netmaker-3. If the server is not HA, there is no reason to set this field. - -TELEMETRY - **Default:** "on" - - **Description:** If "on", the server will send anonymous telemetry data once daily, which is used to improve the product. Data sent includes counts (integer values) for the number of nodes, types of nodes, users, and networks. It also sends the version of the server. - -MQ_HOST - **Default:** (public IP of server) - - **Description:** The address of the mq server. If running from docker compose it will be "mq". If using "host networking", it will find and detect the IP of the mq container. Otherwise, need to input address. If not set, it will use the public IP of the server. the port 1883 will be appended automatically. This is the expected reachable port for MQ and cannot be changed at this time. - -HOST_NETWORK: - **Default:** "off" - - **Description:** Whether or not host networking is turned on. Only turn on if configured for host networking (see docker-compose.hostnetwork.yml). Will set host-level settings like iptables and forwarding for MQ. - -MANAGE_IPTABLES: - **Default:** "on" - - **Description:** # Sets iptables on the machine being managed in order to forward properly from wireguard interface to MQ and other services listed in "port forward services." It's better to leave this on unless you know what you're doing. - -PORT_FORWARD_SERVICES: - **Default:** "" - - **Description:** Comma-separated list of services for which to configure port forwarding on the machine. Options include "mq,dns,ssh". Typically best to leave mq and dns on. ssh can be removed.'ssh' forwards port 22 over wireguard, enabling ssh to server over wireguard. dns enables private dns over wireguard. mq enables mq. - -Config File Reference ------------------------ -A config file may be placed under config/environments/.yml. To read this file at runtime, provide the environment variable NETMAKER_ENV at runtime. For instance, dev.yml paired with ENV=dev. Netmaker will load the specified Config file. This allows you to store and manage configurations for different environments. Below is a reference Config File you may use. - -.. literalinclude:: ../config/environments/dev.yaml - :language: YAML - -Compose File - Annotated --------------------------------------- - -All environment variables and options are enabled in this file. It is the equivalent to running the "full install" from the above section. However, all environment variables are included, and are set to the default values provided by Netmaker (if the environment variable was left unset, it would not change the installation). Comments are added to each option to show how you might use it to modify your installation. - -.. literalinclude:: ../compose/docker-compose.reference.yml - :language: YAML - -Available docker-compose files ---------------------------------- - -The default options for docker-compose can be found here: https://github.com/gravitl/netmaker/tree/master/compose - -The following is a brief description of each: - -- `docker-compose.contained.yml `_ - This is the default docker-compose, used in the quick start and deployment script in the README on GitHub. It deploys Netmaker with all options included (Caddy and CoreDNS) and has "self-contained" netclients, meaning they do not affect host networking. -- `docker-compose.coredns.yml `_ - This is a simple compose used to spin up a standalone CoreDNS server. Can be useful if, for instance, you are unning Netmaker on baremetal but need CoreDNS. -- `docker-compose.hostnetwork.yml `_ - This is similar to the docker-compose.contained.yml but with a key difference: it has advanced permissions and mounts host volumes to control networking on the host level. -- `docker-compose.nocaddy.yml `_ -= This is the same as docker-compose.contained.yml but without Caddy, in case you need to use a different proxy like Nginx, Traefik, or HAProxy. -- `docker-compose.nodns.yml `_ - This is the same as docker-compose.contained.yml but without CoreDNS, in which case you will not have the Private DNS feature. -- `docker-compose.reference.yml `_ - This is the same as docker-compose.contained.yml but with all variable options on display and annotated (it's what we show right above this section). Use this to determine which variables you should add or change in your configuration. -- `docker-compose.yml `_ - This is a renamed docker-compose.contained.yml. It is meant only to act as a placeholder for what we consider the "primary" docker-compose that users should work with. - -DNS Mode Setup -==================================== - -If you plan on running the server in DNS Mode, know that a `CoreDNS Server `_ will be installed. CoreDNS is a light-weight, fast, and easy-to-configure DNS server. It is recommended to bind CoreDNS to port 53 of the host system, and it will do so by default. The clients will expect the nameserver to be on port 53, and many systems have issues resolving a different port. - -However, on your host system (for Netmaker), this may conflict with an existing process. On linux systems running systemd-resolved, there is likely a service consuming port 53. The below steps will disable systemd-resolved, and replace it with a generic (e.g. Google) nameserver. Be warned that this may have consequences for any existing private DNS configuration. - -With the latest docker-compose, it is not necessary to perform these steps. But if you are running the install and find that port 53 is blocked, you can perform the following steps, which were tested on Ubuntu 20.04 (these should be run prior to deploying the docker containers). - -.. code-block:: - - systemctl stop systemd-resolved - systemctl disable systemd-resolved - vim /etc/systemd/resolved.conf - * uncomment DNS and add 8.8.8.8 or whatever reachable nameserver is your preference * - * uncomment DNSStubListener and set to "no" * - ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf - -Port 53 should now be available for CoreDNS to use. - - -Docker Compose Install -======================= - -The most simple (and recommended) way of installing Netmaker is to use one of the provided `Docker Compose files `_. Below are instructions for several different options to install Netmaker via Docker Compose, followed by an annotated reference Docker Compose in case your use case requires additional customization. - -Test Install - No DNS, No Secure GRPC --------------------------------------------------------- - -This install will run Netmaker on a server without HTTPS using an IP address. This is not secure and not recommended, but can be helpful for testing. - -It also does not run the CoreDNS server, to simplify the deployment - -**Prerequisites:** - * server ports 80, 8081, and 50051 are not blocked by firewall - -**Notes:** - * You can change the port mappings in the Docker Compose if the listed ports are already in use. - -Assuming you have Docker and Docker Compose installed, you can just run the following, replacing **< Insert your-host IP Address Here >** with your host IP (or domain): - -.. code-block:: - - wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.test.yml - sed -i ‘s/HOST_IP/< Insert your-host IP Address Here >/g’ docker-compose.yml - docker-compose up -d` - -Traefik Proxy ------------------------- - -To install with Traefik, rather than Nginx or the default Caddy, check out this repo: https://github.com/bsherman/netmaker-traefik - - -No DNS - CoreDNS Disabled ----------------------------------------------- - -DNS Mode is currently limited to clients that can run resolvectl (systemd-resolved, see :doc:`Architecture docs <./architecture>` for more info). You may wish to disable DNS mode for various reasons. This installation option gives you the full feature set minus CoreDNS. - -To run without DNS, follow the :doc:`Quick Install <./quick-start>` guide, omitting the steps for DNS setup. In addition, when the guide has you pull (wget) the Netmaker docker-compose template, use the following link instead: - -#. ``wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/docker-compose.nodns.yml`` - -This template is equivalent but omits CoreDNS. - - -.. _NoDocker: - -Linux Install without Docker -============================= - -Most systems support Docker, but some do not. In such environments, there are many options for installing Netmaker. Netmaker is available as a binary file, and there is a zip file of the Netmaker UI static HTML on GitHub. Beyond the UI and Server, you may want to optionally install a database (sqlite is embedded, rqlite or postgres are supported) and CoreDNS (also optional). - -Once this is enabled and configured for a domain, you can continue with the below. The recommended server runs Ubuntu 20.04. - -Database Setup (optional) --------------------------- - -You can run the netmaker binary standalone and it will run an embedded sqlite server. Data goes in the data/ directory. Optionally, you can run PostgreSQL or rqlite. Instructions for rqlite are below. - -1. Install rqlite on your server: https://github.com/rqlite/rqlite - -2. Run rqlite: rqlited -node-id 1 ~/node.1 - -If using rqlite or postgres, you must change the DATABASE environment/config variable and enter connection details. - -Server Setup -------------- -1. **Run the install script:** - -``sudo curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/netmaker-server.sh | sh -`` - -2. Check status: ``sudo journalctl -u netmaker`` -3. If any settings are incorrect such as host or mongo credentials, change them under /etc/netmaker/config/environments/< your env >.yaml and then run ``sudo systemctl restart netmaker`` - -UI Setup ------------ - -The following uses Nginx as an http server. You may alternatively use Apache or any other web server that serves static web files. - -1. Download and Unzip UI asset files -2. Copy Config to Nginx -3. Modify Default Config Path -4. Change Backend URL -5. Start Nginx - -.. code-block:: - - sudo wget -O /usr/share/nginx/html/netmaker-ui.zip https://github.com/gravitl/netmaker-ui/releases/download/latest/netmaker-ui.zip - sudo unzip /usr/share/nginx/html/netmaker-ui.zip -d /usr/share/nginx/html - sudo cp /usr/share/nginx/html/nginx.conf /etc/nginx/conf.d/default.conf - sudo sed -i 's/root \/var\/www\/html/root \/usr\/share\/nginx\/html/g' /etc/nginx/sites-available/default - sudo sh -c 'BACKEND_URL=http://:PORT /usr/share/nginx/html/generate_config_js.sh >/usr/share/nginx/html/config.js' - sudo systemctl start nginx - -CoreDNS Setup (optional) ----------------------------- - -CoreDNS is only required if you want private DNS features. Once installed, you must set the CoreDNS variables in the env settings of the server. - -See https://coredns.io/manual/toc/#installation - -Proxy / Load Balancer ------------------------- - -You will need to proxy connections to your UI and Server. By default the ports are 8081, 8082, and 50051 (grpc). This proxy should handle SSL certificates. We recommend Caddy or Nginx (you can follow the Nginx guide in these docs). The proxy must be able to handle gRPC connections. - - -.. _KubeInstall: - -Kubernetes Install -======================= - -Server Install --------------------------- - -This template assumes your cluster uses Nginx for ingress with valid wildcard certificates. If using an ingress controller other than Nginx (ex: Traefik), you will need to manually modify the Ingress entries in this template to match your environment. - -This template also requires RWX storage. Please change references to storageClassName in this template to your cluster's Storage Class. - -``wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netmaker-template.yaml`` - -Replace the NETMAKER_BASE_DOMAIN references to the base domain you would like for your Netmaker services (ui,api,grpc). Typically this will be something like **netmaker.yourwildcard.com**. - -``sed -i ‘s/NETMAKER_BASE_DOMAIN//g’ netmaker-template.yaml`` - -Now, assuming Ingress and Storage match correctly with your cluster configuration, you can install Netmaker. - -.. code-block:: - - kubectl create ns nm - kubectl config set-context --current --namespace=nm - kubectl apply -f netmaker-template.yaml -n nm - -In about 3 minutes, everything should be up and running: - -``kubectl get ingress nm-ui-ingress-nginx`` - -Netclient Daemonset --------------------------- - -The following instructions assume you have Netmaker running and a network you would like to add your cluster into. The Netmaker server does not need to be running inside of a cluster for this. - -.. code-block:: - - wget https://raw.githubusercontent.com/gravitl/netmaker/master/kube/netclient-template.yaml - sed -i ‘s/ACCESS_TOKEN_VALUE/< your access token value>/g’ netclient-template.yaml - kubectl apply -f netclient-template.yaml - -For a more detailed guide on integrating Netmaker with MicroK8s, `check out this guide `_. - -Nginx Reverse Proxy Setup with https -====================================== - -The `Swag Proxy `_ makes it easy to generate a valid ssl certificate for the config bellow. Here is the `documentation `_ for the installation. - -The following file configures Netmaker as a subdomain. This config is an adaption from the swag proxy project. - -./netmaker.subdomain.conf: - -.. code-block:: nginx - - server { - listen 443 ssl; - listen [::]:443 ssl; - - server_name netmaker.*; # The external URL - client_max_body_size 0; - - # A valid https certificate is needed. - include /config/nginx/ssl.conf; - - location / { - # This config file can be found at: - # https://github.com/linuxserver/docker-swag/blob/master/root/defaults/proxy.conf - include /config/nginx/proxy.conf; - - # if you use a custom resolver to find your app, needed with swag proxy - # resolver 127.0.0.11 valid=30s; - set $upstream_app netmaker-ui; # The internal URL - set $upstream_port 80; # The internal Port - set $upstream_proto http; # the protocol that is being used - proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above - } - } - - server { - listen 443 ssl; - listen [::]:443 ssl; - - server_name backend-netmaker.*; # The external URL - client_max_body_size 0; - underscores_in_headers on; - - # A valid https certificate is needed. - include /config/nginx/ssl.conf; - - location / { - # if you use a custom resolver to find your app, needed with swag proxy - # resolver 127.0.0.11 valid=30s; - - set $upstream_app netmaker; # The internal URL - set $upstream_port 8081; # The internal Port - set $upstream_proto http; # the protocol that is being used - proxy_pass $upstream_proto://$upstream_app:$upstream_port; # combine the set variables from above - - # Forces the header to be the one that is visible from the outside - proxy_set_header Host backend.netmaker.example.org; # Please cange to your URL - - # Pass all headers through to the backend - proxy_pass_request_headers on; - } - } - -.. _HAInstall: - - - -Highly Available Installation (Kubernetes) -================================================== - -Netmaker comes with a Helm chart to deploy with High Availability on Kubernetes: - -.. code-block:: - - helm repo add netmaker https://gravitl.github.io/netmaker-helm/ - helm repo update - -Requirements ---------------- - -To run HA Netmaker on Kubernetes, your cluster must have the following: -- RWO and RWX Storage Classes (RWX is only required if running Netmaker with DNS Management enabled). -- An Ingress Controller and valid TLS certificates -- This chart can currently generate ingress for Nginx or Traefik Ingress with LetsEncrypt + Cert Manager -- If LetsEncrypt and CertManager are not deployed, you must manually configure certificates for your ingress - -Furthermore, the chart will by default install and use a postgresql cluster as its datastore. - -Recommended Settings: ----------------------- -A minimal HA install of Netmaker can be run with the following command: -`helm install netmaker --generate-name --set baseDomain=nm.example.com` -This install has some notable exceptions: -- Ingress **must** be manually configured post-install (need to create valid Ingress with TLS) -- Server will use "userspace" WireGuard, which is slower than kernel WG -- DNS will be disabled - -Example Installations: ------------------------- -An annotated install command: - -.. code-block:: - - helm install netmaker/netmaker --generate-name \ # generate a random id for the deploy - --set baseDomain=nm.example.com \ # the base wildcard domain to use for the netmaker api/dashboard/grpc ingress - --set replicas=3 \ # number of server replicas to deploy (3 by default) - --set ingress.enabled=true \ # deploy ingress automatically (requires nginx or traefik and cert-manager + letsencrypt) - --set ingress.className=nginx \ # ingress class to use - --set ingress.tls.issuerName=letsencrypt-prod \ # LetsEncrypt certificate issuer to use - --set dns.enabled=true \ # deploy and enable private DNS management with CoreDNS - --set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ # required fields for DNS - --set postgresql-ha.postgresql.replicaCount=2 \ # number of DB replicas to deploy (default 2) - - -The below command will install netmaker with two server replicas, a coredns server, and ingress with routes of api.nm.example.com, grpc.nm.example.com, and dashboard.nm.example.com. CoreDNS will be reachable at 10.245.75.75, and will use NFS to share a volume with Netmaker (to configure dns entries). - -.. code-block:: - - helm install netmaker/netmaker --generate-name --set baseDomain=nm.example.com \ - --set replicas=2 --set ingress.enabled=true --set dns.enabled=true \ - --set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ - --set ingress.className=nginx - -The below command will install netmaker with three server replicas (the default), **no coredns**, and ingress with routes of api.netmaker.example.com, grpc.netmaker.example.com, and dashboard.netmaker.example.com. There will be one UI replica instead of two, and one database instance instead of two. Traefik will look for a ClusterIssuer named "le-prod-2" to get valid certificates for the ingress. - -.. code-block:: - - helm3 install netmaker/netmaker --generate-name \ - --set baseDomain=netmaker.example.com --set postgresql-ha.postgresql.replicaCount=1 \ - --set ui.replicas=1 --set ingress.enabled=true \ - --set ingress.tls.issuerName=le-prod-2 --set ingress.className=traefik - -Below, we discuss the considerations for Ingress, Kernel WireGuard, and DNS. - -Ingress ----------- -To run HA Netmaker, you must have ingress installed and enabled on your cluster with valid TLS certificates (not self-signed). If you are running Nginx as your Ingress Controller and LetsEncrypt for TLS certificate management, you can run the helm install with the following settings: - -- `--set ingress.enabled=true` -- `--set ingress.annotations.cert-manager.io/cluster-issuer=` - -If you are not using Nginx or Traefik and LetsEncrypt, we recommend leaving ingress.enabled=false (default), and then manually creating the ingress objects post-install. You will need three ingress objects with TLS: - -- `dashboard.` -- `api.` -- `grpc.` - -If deploying manually, the gRPC ingress object requires special considerations. Look up the proper way to route grpc with your ingress controller. For instance, on Traefik, an IngressRouteTCP object is required. - -There are some example ingress objects in the kube/example folder. - -Kernel WireGuard ------------------- -If you have control of the Kubernetes worker node servers, we recommend **first** installing WireGuard on the hosts, and then installing HA Netmaker in Kernel mode. By default, Netmaker will install with userspace WireGuard (wireguard-go) for maximum compatibility, and to avoid needing permissions at the host level. If you have installed WireGuard on your hosts, you should install Netmaker's helm chart with the following option: - -- `--set wireguard.kernel=true` - -DNS ----------- -By Default, the helm chart will deploy without DNS enabled. To enable DNS, specify with: - -- `--set dns.enabled=true` - -This will require specifying a RWX storage class, e.g.: - -- `--set dns.RWX.storageClassName=nfs` - -This will also require specifying a service address for DNS. Choose a valid ipv4 address from the service IP CIDR for your cluster, e.g.: - -- `--set dns.clusterIP=10.245.69.69` - -**This address will only be reachable from hosts that have access to the cluster service CIDR.** It is only designed for use cases related to k8s. If you want a more general-use Netmaker server on Kubernetes for use cases outside of k8s, you will need to do one of the following: -- bind the CoreDNS service to port 53 on one of your worker nodes and set the COREDNS_ADDRESS equal to the public IP of the worker node -- Create a private Network with Netmaker and set the COREDNS_ADDRESS equal to the private address of the host running CoreDNS. For this, CoreDNS will need a node selector and will ideally run on the same host as one of the Netmaker server instances. - -Values ---------- - -To view all options for the chart, please visit the README in the code repo `here `_ . - -Highly Available Installation (VMs/Bare Metal) -================================================== - -For an enterprise Netmaker installation, you will need a server that is highly available, to ensure redundant WireGuard routing when any server goes down. To do this, you will need: - -1. A load balancer -2. 3+ Netmaker server instances -3. rqlite or PostgreSQL as the backing database - -These documents outline general HA installation guidelines. Netmaker is highly customizable to meet a wide range of enterprise environments. If you would like support with an enterprise-grade Netmaker installation, you can `schedule a consultation here `_ . - -The main consideration for this document is how to configure rqlite. Most other settings and procedures match the standardized way of making applications HA: Load balancing to multiple instances, and sharing a DB. In our case, the DB (rqlite) is distributed, making HA data more easily achievable. - -If using PostgreSQL, follow their documentation for `installing in HA mode `_ and skip step #2. - -1. Load Balancer Setup ------------------------- - -Your load balancer of choice will send requests to the Netmaker servers. Setup is similar to the various guides we have created for Nginx, Caddy, and Traefik. SSL certificates must also be configured and handled by the LB. - -2. RQLite Setup ------------------- - -RQLite is the included distributed datastore for an HA Netmaker installation. If you have a different corporate database you wish to integrate, Netmaker is easily extended to other DB's. If this is a requirement, please contact us. - -Assuming you use Rqlite, you must run it on each Netmaker server VM, or alongside that VM as a container. Setup a config.json for database credentials (password supports BCRYPT HASHING) and mount in working directory of rqlite and specify with `-auth config.json` : - -.. code-block:: - - [{ - "username": "netmaker", - "password": "", - "perms": ["all"] - }] - - -Once your servers are set up with rqlite, the first instance must be started normally, and then additional nodes must be added with the "join" command. For instance, here is the first server node: - -.. code-block:: - - sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 1 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 1.2.3.4:4001 -raft-adv-addr 1.2.3.4:4002 -auth config.json - -And here is a joining node: - -.. code-block:: - - sudo docker run -d -p 4001:4001 -p 4002:4002 rqlite/rqlite -node-id 2 -http-addr 0.0.0.0:4001 -raft-addr 0.0.0.0:4002 -http-adv-addr 2.3.4.5:4001 -raft-adv-addr 2.3.4.5:4002 -join https://netmaker:@1.2.3.4:4001 - -- reference for rqlite setup: https://github.com/rqlite/rqlite/blob/master/DOC/CLUSTER_MGMT.md#creating-a-cluster -- reference for rqlite security: https://github.com/rqlite/rqlite/blob/master/DOC/SECURITY.md - -Once rqlite instances have been configured, the Netmaker servers can be deployed. - -3. Netmaker Setup ------------------- - -Netmaker will be started on each node with default settings, except with DATABASE=rqlite (or DATABASE=postgress) and SQL_CONN set appropriately to reach the local rqlite instance. Rqlite will maintain consistency with each Netmaker backend. - -If deploying HA with PostgreSQL, you will connect with the following settings: - -.. code-block:: - - SQL_HOST = - SQL_PORT = - SQL_DB = - SQL_USER = - SQL_PASS = - DATABASE = postgres - - -4. Other Considerations ------------------------- - -This is enough to get a functioning HA installation of Netmaker. However, you may also want to make the Netmaker UI or the CoreDNS server HA as well. The Netmaker UI can simply be added to the same servers and load balanced appropriately. For some load balancers, you may be able to do this with CoreDNS as well. - - - - diff --git a/docs/support.rst b/docs/support.rst deleted file mode 100644 index 206f46fc..00000000 --- a/docs/support.rst +++ /dev/null @@ -1,75 +0,0 @@ -========= -Support -========= - -FAQ -====== - -Is Netmaker a VPN like NordNPN? --------------------------------- - -No. Netmaker makes Virtual Networks, which are technically VPNs, but different. It's more like a corporate VPN, or a VPC (if you're familiar with AWS). Netmaker is often compared to OpenVPN, Tailscale, or Nebula. - -If you're looking to achieve self-hosted web browsing, with functionality similar to NordVPN, ExpressVPN, Surfshark, Tunnelbear, or Private Internet Access, this is probably not the project for you. Technically, you can accomplish this with Netmaker, but it would be a little like using a all-terrain vehicle for stock car racing. - -There are many good projects out there that support general internet privacy using WireGuard. Here are just a few of them: - -https://github.com/trailofbits/algo -https://github.com/pivpn/pivpn -https://github.com/subspacecloud/subspace -https://github.com/mullvad/mullvadvpn-app - -Do you have an 'Exit Nodes' feature? ---------------------------------------- - -Please see the :doc:`Egress Gateway <./egress-gateway>` documentation. - -Do you offer any business or enterprise support? ---------------------------------------------------- - -Yes, please contact info@gravitl.com or visit https://gravitl.com/plans. - - -Why the SSPL License? ----------------------- - -As of now, we think the SSPL is the best way to ensure the long-term viability of the project, but we are regularly evaluating this to see if an OSI-approved license makes more sense. - -We believe the SSPL lets most people run the project the way they want, for both for private use and business use, while giving us a path to maintain viability. We are working to make sure the guidelines clear, and do not want the license to impact the community's ability to use and modify the project. - -If you believe the SSPL will negatively impact your ability to use the project, please do not hesitate to reach out. - -Telemetry -============== - -As of v0.10.0, Netmaker collects "opt-out" telemetry data. To opt out, simply set "TELEMETRY=off" in your docker-compose file. - -Please consider participating in telemetry, as it helps us focus on the features and bug fixes which are most useful to users. Netmaker is a broad platform, and without this data, it is difficult to know where the team should spend its limited resources. - -The following is the full list of telemetry data we collect. Besides "Server Version" all data is simply an integer count: - -- Randomized server ID -- Count of nodes -- Count of "non-server" nodes -- Count of external clients -- Count of networks -- Count of users -- Count of linux nodes -- Count of freebsd nodes -- Count of macos nodes -- Count of windows nodes -- Count of docker nodes -- Count of k8s nodes -- Server version - -We use `PostHog `_, an open source and trusted framework for telemetry data. - -To look at exactly we collect telemetry, you can view the source code under serverctl/telemetry.go: https://github.com/gravitl/netmaker/blob/master/serverctl/telemetry.go - -Contact -=========== -If you need help, try the discord or open a GitHub ticket. - -Email: info@gravitl.com - -Discord: https://discord.gg/zRb9Vfhk8A diff --git a/docs/troubleshoot.rst b/docs/troubleshoot.rst deleted file mode 100644 index 6acc9fb7..00000000 --- a/docs/troubleshoot.rst +++ /dev/null @@ -1,139 +0,0 @@ -================= -Troubleshooting -================= - -Common Issues --------------- -**How can I connect my Android or IOS device to my Netmaker VPN?** - Currently meshing one of these devices is not supported, however it will be soon. - For now you can connect to your VPN by making one of the nodes an Ingress Gateway, then - create an Ext Client for each device. Finally, use the official WG app or another - WG configuration app to connect via QR or downloading the device's WireGuard configuration. - -**I've made changes to my nodes but the nodes themselves haven't updated yet, why?** - Please allow your nodes to complete a check in or two, in order to reconfigure themselves. - In some cases, it could take up to a minute or so. - -**Do I have to use access keys to join a network?** - Although keys are the preferred way to join a network, Netmaker does allow for manual node sign-ups. - Simply turn on "allow manual signups" on your network and nodes will not connect until you manually aprove each one. - -**Is there a community or forum to ask questions about Netmaker?** - Yes, we have an active `discord `_ community and issues on our `github `_ are answered frequently! - You can also sign-up for updates at our `gravitl site `_! - -**How can I get additional support for my business?** - Check out our business support subscriptions at https://gravitl.com/plans. Subscription holders can also purchase consulting credits via the site. - - -Server -------- - -**How do I use a private address from the Netmaker Server? How do I contact nodes using their private addresses from the server?** - Default nodes appear in each network with the "netmaker" name. These nodes are created by, and attached to, the server. The server is contained in docker, meaning these clients are also contained in docker. Their networking stack is also contained in docker. The "netmaker" nodes are meant to function as network utilities. They assist with UDP Hole Punching and can run Relays, Egress, and Ingress. However, they are meant to stay contained in the server. They do not touch the host networking stack. - - If you want to give the physical server / VM a private IP in the netmaker network, you must deploy an **additional** node using the standard netclient. The only note here is that the server consumes ports 51821-51831, so you will need to give it a port outside this range, e.x. `./netclient join --port 51835`. - - One a netclient is deployed to the underlying server/VM, you will be able to use the private address to reach other nodes from the host, or to reach the server over the private network. - -**I upgraded from 0.7 to 0.8 and now I dont have any data in my server!** - In 0.8, sqlite becomes the default database. If you were running with rqlite, you must set the DATABASE environment variable to rqlite in order to continue using rqlite. - -**Can I secure/encrypt all the traffic to my server and UI?** - This can fairly simple to achieve assuming you have access to a domain and are familiar with Nginx. - Please refer to the quick-start guide to see! - -**Can I connect multiple nodes (mesh clients) behind a single firewall/router?** - Yes! As of version 0.7 Netmaker supports UDP Hole Punching to allow this, without the use of a third party STUN server! - Is UDP hole punching a risk for you? Well you can turn it off and make static nodes/ports for the server to refer to as well. - -**What are the minimum specs to run the server?** - We recommend at least 1 CPU and 2 GB Memory. - -**Does this support IPv6 addressing?** - Yes, Netmaker supports IPv6 addressing. When you create a network, just make sure to turn on Dual Stack. - Nodes will be given IPv6 addresses along with their IPv4 address. It does not currently support IPv6 only. - -**Does Netmaker support Raft Consensus?** - Netmaker does not directly support it, but it uses `rqlite `_ (which supports Raft) as the database. - -**How do I uninstall Netmaker?** - There is no official uninstall script for the Netmaker server at this time. If you followed the quick-start guide, simply run ``sudo docker-compose -f docker-compose.quickstart.yml down --volumes`` - to completely wipe your server. Otherwise kill the running binary and it's up to you to remove database records/volumes. - -UI ----- -**I want to make a seperate network and give my friend access to only that network.** - Simply navigate to the UI (as an admin account). Select users in the top left and create them an account. - Select the network(s) to give them and they should be good to go! They are an admin of that network(s) only now. - -**I'm done with an access key, can I delete it?** - Simply navigate to the UI (as an admin account). Select your network of interest, then the select the ``Access Keys`` tab. - Then delete the rogue access key. - -**I can't delete my network, why?** - You **MUST** remove all nodes in a network before you can delete it. - -**Can I have multiple nodes with the same name?** - Yes, nodes can share names without issue. It may just be harder on you to know which is which. - -Netclient ------------ -**How do I connect a node to my Netmaker network with Netclient?** - First get your access token (not just access key), then run ``sudo netclient join -t ``. - **NOTE:** netclient may be under /etc/netclient/, i.e run ``sudo /etc/netclient/netclient join -t `` - -**How do I disconnect a node on a Netmaker network?** - In order to leave a Netmaker network, run ``sudo netclient leave -n `` - -**How do I check the logs of my agent on a node?** - You will need sudo/root permissions, but you can run ``sudo systemctl status netclient@`` - or you may also run ``sudo journalctl -u netclient@``. - Note for journalctl: you should hit the ``end`` key to get to view the most recent logs quickly or use ``journalctl -u netclient@ -f`` instead. - -**Can I check the configuration of my node on the node?** - **A:** Yes, on the node simply run ``sudo cat /etc/netclient/netconfig-`` and you should see what your current configuration is! - You can also see the current WireGuard configuration with ``sudo wg show`` - -**I am done with the agent on my machine, can I uninstall it?** - Yes, on the node simply run ``sudo /etc/netclient/netclient uninstall``. - -**I am running SELinux and when I reboot my node I get a permission denied in my netclient logs and it doesn't connect anymore, why?** - If you're running SELinux, it will interfere with systemd's ability to restart the client properly. Therefore, please run the following: - .. code-block:: - - sudo semanage fcontext -a -t bin_t '/etc/netclient/netclient' - sudo chcon -Rv -u system_u -t bin_t '/etc/netclient/netclient' - sudo restorecon -R -v /etc/netclient/netclient - -**I have a handshake with a peer but can't ping it, what gives?** - This is commonly due to incorrect MTU settings. Typically, it will be because MTU is too high. Try setting MTU lower on the node. This can be done via netconfig, or by editing the node in the UI. - -**I have a hard to reach machine behind a firewall or a corporate NAT, what can I do?** - In this situation you can use the Relay Server functionality introduced in Netmaker v0.8 to designate a node as a relay to your "stuck" machine. Simply click the button to make a node into a relay and tell it to relay traffic to this hard-to-reach peer. - -**I am unable to run the netclient on my OpenWRT machine, what's wrong?** - Deploying on OpenWRT depends a lot on the version of OpenWRT and the hardware being used. If the primary installer does not work, there are two things you can try: - - 1. This community-run package for OpenWRT: https://github.com/sbilly/netmaker-openwrt - - 2. Manual installation: - - - download (wget) the netclient package for your hardware from the netclient releases: https://github.com/gravitl/netmaker/releases - - rename to "netclient" - - Run as root from a bash shell on OpenWRT - - 3. You may experience an issue with the length of the token, which has limits on some OpenWRT shells. If you run into this problem, you can use the following script to convert your token into a "netclient join" command: - - - `wget https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/token-convert.sh` - - ./token-convert - - Run the output on your OpenWRT machine - - -CoreDNS --------- -**Is CoreDNS required to use Netmaker?** - CoreDNS is not required. Simply start your server with ``DNS_MODE="off"``. - -**What is the minimum DNS entry value I can use?** - Netmaker supports down to two characters for DNS names for your networks domains** diff --git a/docs/ui-reference.rst b/docs/ui-reference.rst deleted file mode 100644 index 84045beb..00000000 --- a/docs/ui-reference.rst +++ /dev/null @@ -1,203 +0,0 @@ -================= -UI Reference -================= - -This page contains annotated screenshots of most UI components, detailing the configuration options of each field across Nodes, Networks, DNS, Ext Clients, Users, and more. - -Dashboard -================= - -.. image:: images/ui-1.jpg - :width: 80% - :alt: dashboard - :align: center - -Networks -================= - -Create --------- - -.. image:: images/ui-2.jpg - :width: 80% - :alt: create network - :align: center - -.. code-block:: - -(1) **Autofill:** Provides sensible defaults for network details and makes up a name. -(2) **Network Name:** The name of the network. Character limited, as this translates to the interface name on hosts (nm-) -(3) **Address Range:** The CIDR of the network. Must be a valid IPv4 Subnet and should be a private address range. -(4) **Udp Hole Punching:** Enables or disables "UDP Hole Punching" on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will "roam" frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default. -(5) **Is Local Network:** Turn on if all clients in the network will be in the same "local" network. This is a very rare situation and depends on the use case. Almost always leave this off. Turn on if you are in a large data center with a large private address space over which clients should communicate. Can also enable if using a VPC and are treating a single client as "egress" for the VPC. If enabled, fill out the address range of the local network which should determine endpoints. -(6) **Is Dual Stack:** Turn on to add private ipv6 addresses to all clients in addition to their ipv4 addresses. Not typically necessary. If on, enter a private ipv6 address range to pull from. - -Edit --------- - -.. image:: images/ui-3.jpg - :width: 80% - :alt: edit network - :align: center - -**NOTE:** With the exception of Address Ranges (1-2) any setting that affects nodes will not take effect on existing nodes. It will only set the settings on any **new** node, after the setting has been changed. - -(1) **Address Range (ipv4):** The ipv4 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.** -(2) **Address Range (ipv6):** The ipv6 private network CIDR. If edited, Netmaker will go through all nodes and update private addresses based on the new range.** -(3) **Local Range:** Only relevant if "Is Local" was switched on during creation. Specifies the local range that nodes will base their Endpoint off of (note: if a node cannot find an enpoint within the range it will fallback to public ip). -(4) **Display Name:** The display name of the network. Network Name cannot be changed (acts as a unique ID) but display name can be changed. Only effects appearance in UI. -(5) **Default Interface:** The default network interface name configured on each node. This defaults to "nm-". -(6) **Default Port:** The default WireGuard port each node will attempt to use. Nodes will iterate up from this port until they find a free port. -(7) **Default PostUp:** A default post-up command to run on each node (after interface has been configured). Disabled by default to prevent RCE vulnerabilities. -(8) **Default PostDown:** A default post-down command to run on each node (after interface has been removed). Disabled by default to prevent RCE vulnerabilities. -(9) **Default Keepalive:** How often nodes should send packets to keep connection alive with all peers (in seconds). -(10) **Default Ext Client DNS:** If set, adds a "DNS=" line to each ext client config. Set this to add DNS to clients. Typically will set this to the server's public IP. -(11) **Default MTU:** Default MTU for interfaces of all clients in network. Can be useful to set lower in certain difficult environments such as Kubernetes. -(12) **Allow Node Signup Without Keys:** Allows nodes to join the network without a valid Access Key. Nodes will be put in "pending" status until approved via UI by an admin. Useful if an arbitrary number of people need to join the network and there is no easy way to distribute keys to users. -(13) **Is Dual Stack:** Enable the Dual Stack feature of networks and add ipv6 addresses to nodes. -(14) **Default Saveconfig:** Typically ignore this. Sets the SaveConfig field on wireguard config. -(15) **UDP Hole Punching:** Whether or not UDP Hole Punching is turned on (see Network Create notes). Only effects new nodes. Enables or disables "UDP Hole Punching" on the network. When on, clients will first reach out to the server. The server will keep track of public addresses / ports and send these to all other clients in the network. This increases NAT traversibility, but can also cause issues depending on the server environment (if server is in a private network, for example). Typically good to enable if clients will "roam" frequently or are user devices. Typically better to disable if most clients will be servers with well-defined endpoints / ports. If enabled, you can also disable UDP Hole Punching on any individual machine via the UI (see Node section) but it will be enabled by default. - -Nodes -======== - -Node List -------------- - -.. image:: images/ui-4.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Search Nodes:** Look up a node by name. -(2) **Select Network:** Filter nodes by network. -(3) **Node Name:** Name of node. By default set to hostname of machine. -(4) **IP Address:** Private IP of node within network. -(5) **Network:** Network the node is in. -(6) **Egress:** Indicates if node is an egress gateway. Click to convert into egress gateway. Egress gateways route traffic from the network into a specific subnet or subnets. Egress gateways should be servers in a static location with a reliable IP. -(7) **Ingress:** Indicates if the node is an ingress. Click to convert into ingress gateway. Ingress gateways route traffic into the network over the WireGuard interface using "ext clients," which are static WireGuard config files. Ingress gateways should be servers in a static location with a reliable IP. -(8) **Relay:** Indicates if the node is a relay. Click to convert into relay. Relays route traffic to specified nodes for the network (typically hard to reach / CGNAT'ted nodes. Relays should be servers in a static location with a reliable IP. -(9) **Status:** Indicates how recently the node checked into the server. Displays "Warning" after 5 minutes and "Error" after 30 minutes without a check in. Does **not** indicate the health of the node's virtual network connections. -(10) **Delete:** Delete the node. - -Create Egress ---------------- - -.. image:: images/ui-6.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Egress Gateway Ranges:** A comma-separated list of the subnets for which the gateway will route traffic. For instance, with Kubernetes this could be both the Service Network and Pod Network. For a standard VPN, Netmaker can use a list of the public CIDR's (see the docs). Typically, this will be something like a data center network, VPC, or home network. -(2) **Interface:** The interface on the machine used to access the provided egress gateway ranges. For instance, on a typical linux machine, the interface for public traffic would be "eth0". Usually you will need to check on the machine first to find the right interface. For instance, on Linux, you can find the interface by running this: ip route get
. - - -Create Relay -------------- - -.. image:: images/ui-7.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Relay Addresses:** Specify which private addresses (of nodes) that this node should relay for. -(2) **Select Nodes:** Rather than specify by IP, you can just select from a list of node names instead. -(3) **Select All:** Rather than select a list, you can "select all", which converts the network from "pure mesh" into "hub-and-spoke", meaning there are no p2p connections, everything goes through this relay first. - -Edit Node / Node Details --------------------------- - -.. image:: images/ui-5.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **IP Address:** The primary private IP address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR. -(2) **IPv6 Address:** (Only if running dual stack) the primary private IPv6 address of the node. Assigned automatically by Netmaker but can be changed to whatever you want within the Network CIDR. -(3) **Local Address:** The "locally reachable" address of the node. Other nodes will take note of this to see if this node is on the same network. If so, they will use this address instead of the public "Endpoint." If running a few nodes inside of a VPC, home network, or similar, make sure the local address is populated correctly for faster and more secure inter-node communication. -(4) **Node Name:** The name of the node within the network. Hostname by default but can be anything (within the character limits). -(5) **Port:** The port used by the node locally. **This value is ignored if UDP Hole Punching is on,** because port is set dynamically every time interface is created. If UDP Hole Punching is off, the port can be set to any reasonable (and available) value you'd like for the local machine. Typi -(6) **Public Key:** (Uneditable) The public key of the node, distributed to other peers in the network. -(7) **Endpoint:** The (typically public) IP of the machine, which peers will use to reach it, in combination with the port. If changing this value, make sure Roaming is turned off, since otherwise, the node will check to see if there is a change in the public IP regularly and update it. -(8) **PostUp:** Uneditable by default to disable RCE. Commands to run after the interface is created. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands. -(9) **PostDown:** Uneditable by default to disable RCE. Commands to run after the interface is brought down. If an ingress or egress gateway are created, this field will populate automatically with appropriate iptables commands. -(10) **Allowed IPs:** Additional private addresses given to the node (in addition to the IPAddress and IPv6Address). Useful in some scenarios where there is a known address a server should have. Any IPs added here will be tacked onto the AllowedIPs of other peers, so this node will be shown to have multiple reachable private addresses. -(11) **Persistent Keepalive:** How often packets are sent to keep connections open with other peers. -(12) **Relay Addresses:** If "Relay" is enabled on this node, this field can be edited to add and remove nodes from the relay. So if you are currently relaying just one node but wish to relay an additional node, just add it's private IP here. -(13) **Node Expiration Datetime:** If a node should become invalid after a length of time, you can set it in this field, after which time, it will lose access to the network and will not populate to other nodes. Useful for scenarios where temporary access is granted to 3rd parties. -(14) **Last Checkin:** Unix timestamp of the last time the node checked in with the server. Used to determine generic health of node. -(15) **Mac Address:** The hardware mac address of the machine. Used to be used as the unique ID, but is being depreciated. -(16) **Network:** The network this 1node belongs to. -(17) **Egress Gateway Ranges:** If Egress is enabled, the gateway ranges that this machine routes to. -(18) **Local Range:** If IsLocal has been enabled on the network, this is the local range in which the node will look for a private address from it's local interfaces, to use as an endpoint. -(19) **Node Operating System:** The OS of the machine. -(20) **MTU:** The MTU that the node will use on the interface. If "wg show" displays a valid handshake but pings are not working, many times the issue is MTU. Making this value lower can solve this issue. Some typical values are 1024, 1280, and 1420. -(21) **Saveconfig:** Usually best to ignore this. Sets the "SaveConfig" value on wireguard config files. -(22) **Is Static:** Ports and Endpoints can be changed automatically by the netclient. Switching on "Is Static" means the port and endpoint will stay the same until you change it. This can be good to set if the machine is a server sitting in a location that is not expected to change. It is also good to have Is Static switched on for Ingress, Egress, and Relay Servers, since they should be in a reliable location. -(23) **UDP Hole Punching:** If on, the node's port will be randomized. The port and endpoint distributed to other nodes are no longer determined by the settings in this file. Instead, the node will "check in" with the server regularly. The server will track the IP and port used to open a connection, and store these values. These values then get distributed to nodes. This is helpful for getting around NAT's which may obscure the node's location. -(24) **Is DNS On:** DNS is solely handled by resolvectl at the moment, which is on many Linux distributions. For anything else, this value should remain off. If you wish to configure DNS for non-compatible systems, you must do so manually. -(25) **Dualstack:** Whether or not this machine should have both a private ipv4 address and ipv6 address. -(26) **Is Local:** If on, will only communicate over the local address (Assumes IsLocal tuned to 'yes' on the network level.) -(27) **Roaming:** If on, will check regularly for changes in the Endpoint and modify the Endpoint value appropriately. This allows a client to "roam" between wifi networks and maintain a connection. Good to keep on for machines where the public address may change. -(28) **IPforwarding:** If on, ipforwarding is enabled on the machine. Should almost always be kept on. - -Ext Clients -================ - -.. image:: images/ui-8.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Gateway Name / IP Address:** Information about which Node is the Ingress Gateway. -(2) **Add External Client:** Button to generate a new ext client. -(3) **Client ID:** The randomly-generated name of the client. Click on the ID to change the name to something sensible. -(4) **IP Address:** The private ip address of the ext client. -(5) **QR Code:** If joining form iOS or Android, open the WireGuard app and scan the QR code to join the network. -(6) **Download Client Configuration:** If joining from a laptop/desktop, download the config file and run "wg-quick up /path/to/config" -(7) **Delete:** Delete the ext client and remove its network access. - -DNS -=========== - -.. image:: images/ui-10.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **DNS Name:** The private DNS entry. Must end in "." (added automatically). This avoids conflicts between networks. -(2) **IP Address:** The IP address of the entry. Can be anything (public addresses too!) but typically a node IP. -(3) **Select Node Address:** Select a node name to populate its IP address automatically. - -Create / Edit Users -===================== - -.. image:: images/ui-11.jpg - :width: 80% - :alt: dashboard - :align: center - -(1) **Username:** Specify Username. -(2) **Password:** Specify password. -(3) **Confirm Password:** Confirm password. -(4) **Make Admin:** Make into a server admin or "super admin", which has access to all networks and server-level settings. -(5) **Networks:** If not made into an "admin", select the networks which this user has access to. The user will be a "network admin" of these networks, but other networks will be invisible/unaccessible. - - -Node Graph -===================== - -.. image:: images/node-graph-1.png - :width: 80% - :alt: dashboard - :align: center - -View all nodes in your network, zoom in, zoom out, and search for node names. A legend is on the side to identify each node status / configuration. - -.. image:: images/node-graph-2.png - :width: 80% - :alt: dashboard - :align: center - -(1) **hover:** Hover over a node to see its direct connections. -(2) **Configuration Pane:** Manage the node in this pane just like you would in the Nodes pane. See the "Node List" and "Edit Node" sections for more details. diff --git a/docs/upgrades.rst b/docs/upgrades.rst deleted file mode 100644 index 1eed7977..00000000 --- a/docs/upgrades.rst +++ /dev/null @@ -1,45 +0,0 @@ -===================================== -Upgrades -===================================== - -Introduction -=============== - -As of 0.10.0, upgrading Netmaker is a manual process. This is expected to be automated in the future, but for now is still a relatively straightforward process. - -Critical Notes for 0.10.0 -============================================= - -At the time of this writing, an upgrade process has not been defined for 0.10.0. DO NOT follow this documentation to upgrade from a prior version to 0.10.0. An upgrade process will be defined shortly. For now, if you seek to upgrade to 0.10.0, you must clear your server entirely (docker-compose down --volumes), uninstall your netclients, and re-install netmaker + netclients. - -Upgrade the Server (prior to 0.10.0) -====================================== - -To upgrade the server, you only need to change the docker image versions: - -1. `ssh root@my-server-ip` -2. `docker-compose down` -3. `vi docker-compose.yml` -4. Change gravitl/netmaker: and gravitl/netmaker-ui: to the new version. -5. Save and close the file -6. `docker-compose up -d` - -Upgrade the Clients (prior to 0.10.0) -====================================== - -To upgrade the client, you must get the new client binary and place it in /etc/netclient. Depending on the new vs. old version, there may be minor incompatibilities (discussed below). - -1. Vists https://github.com/gravitl/netmaker/releases/ -2. Find the appropriate binary for your machine. -3. Download. E.x.: `wget https://github.com/gravitl/netmaker/releases/download/vX.X.X/netclient-myversion` -4. Rename binary to `netclient` and move to folder. E.x.: `mv netclient-myversion /etc/netclient/netclient` -5. `netclient --version` (confirm it's the correct version) -6. `netclient pull` - -This last step helps ensure any newly added fields are now present. You may run into a "panic" based on missing fields and your version mismatch. In such cases, you can either: - -1. Add the missing field to /etc/netclient/config/netconfig-yournetwork and then run "netclient checkin" - -or - -2. Leave and rejoin the network \ No newline at end of file diff --git a/docs/usage.rst b/docs/usage.rst deleted file mode 100644 index a81e4e0c..00000000 --- a/docs/usage.rst +++ /dev/null @@ -1,21 +0,0 @@ -================= -External Guides -================= - -Netmaker has many use cases, from a basic virtual network to an office gateway VPN to a Kubernetes underlay. It can be a bit overwhelming to figure out where to start. If you don't find your use case here, but think Netmaker is a good fit, let us know! - -Video Tutorials -================== - -* `Intro/Overview `_: Tutorial on first-time usage, setting up a mesh network. -* `Site-to-Site Gateway `_: Tutorial on setting up site-to-site connections, allowing peers to access external networks via gateways. -* `IPv6 and Private DNS `_: Tutorial on dual-stack IPv6 in Netmaker and Private DNS management (separate topics). -* `Kubernetes Networking `_: Tutorial on setting up cross-cloud Kubernetes clusters using Netmaker. - - -Written Tutorials -================== - -* `K3s Cross-cloud cluster `_: Tutorial on setting up cross-cloud K3s clusters using Netmaker. -* `MicroK8s Cross-cloud cluster `_: Tutorial on setting up cross-cloud MicroK8s clusters using Netmaker. -* `Secure access to private services `_: Tutorial on setting up secure Nextcloud with Netmaker. \ No newline at end of file diff --git a/docs/images/graph-readme.gif b/img/graph-readme.gif similarity index 100% rename from docs/images/graph-readme.gif rename to img/graph-readme.gif diff --git a/docs/_build/html/_images/mesh-diagram.png b/img/mesh-diagram.png similarity index 100% rename from docs/_build/html/_images/mesh-diagram.png rename to img/mesh-diagram.png diff --git a/netmaker.png b/img/netmaker.png similarity index 100% rename from netmaker.png rename to img/netmaker.png diff --git a/docs/images/visit-website.gif b/img/visit-website.gif similarity index 100% rename from docs/images/visit-website.gif rename to img/visit-website.gif diff --git a/mesh-diagram.png b/mesh-diagram.png deleted file mode 100644 index dd63f578..00000000 Binary files a/mesh-diagram.png and /dev/null differ