mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 15:26:04 +08:00
compiling with changes pushed for json token. Have NOT TESTED. Will probably run into issues. Need to test multiple egress ranges, AllowedIPs, and overriding connection strings.
This commit is contained in:
parent
e11a15dfff
commit
977da6b129
|
@ -36,10 +36,13 @@ type EnvironmentConfig struct {
|
|||
|
||||
// ServerConfig :
|
||||
type ServerConfig struct {
|
||||
APIConnString string `yaml:"apiconn"`
|
||||
APIHost string `yaml:"apihost"`
|
||||
APIPort string `yaml:"apiport"`
|
||||
GRPCConnString string `yaml:"grpcconn"`
|
||||
GRPCHost string `yaml:"grpchost"`
|
||||
GRPCPort string `yaml:"grpcport"`
|
||||
GRPCSecure string `yaml:"grpcsecure"`
|
||||
DefaultNodeLimit int32 `yaml:"defaultnodelimit"`
|
||||
MasterKey string `yaml:"masterkey"`
|
||||
AllowedOrigin string `yaml:"allowedorigin"`
|
||||
|
@ -48,6 +51,8 @@ type ServerConfig struct {
|
|||
ClientMode string `yaml:"clientmode"`
|
||||
DNSMode string `yaml:"dnsmode"`
|
||||
DisableRemoteIPCheck string `yaml:"disableremoteipcheck"`
|
||||
DisableDefaultNet string `yaml:"disabledefaultnet"`
|
||||
GRPCSSL string `yaml:"grpcssl"`
|
||||
}
|
||||
|
||||
type WG struct {
|
||||
|
|
|
@ -84,7 +84,7 @@ func grpcAuthorize(ctx context.Context) error {
|
|||
}
|
||||
emptynode := models.Node{}
|
||||
node, err := functions.GetNodeByMacAddress(network, mac)
|
||||
if err != nil || node == emptynode {
|
||||
if err != nil || node.MacAddress == emptynode.MacAddress {
|
||||
return status.Errorf(codes.Unauthenticated, "Node does not exist.")
|
||||
}
|
||||
|
||||
|
|
|
@ -6,11 +6,10 @@ import (
|
|||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/jinzhu/copier"
|
||||
"github.com/go-playground/validator/v10"
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/gravitl/netmaker/functions"
|
||||
|
@ -194,13 +193,14 @@ func ValidateNetworkCreate(network models.Network) error {
|
|||
//
|
||||
_ = v.RegisterValidation("netid_valid", func(fl validator.FieldLevel) bool {
|
||||
isFieldUnique, _ := functions.IsNetworkNameUnique(fl.Field().String())
|
||||
// inCharSet := functions.NameInNetworkCharSet(fl.Field().String())
|
||||
return isFieldUnique
|
||||
inCharSet := functions.NameInNetworkCharSet(fl.Field().String())
|
||||
return isFieldUnique && inCharSet
|
||||
})
|
||||
//
|
||||
_ = v.RegisterValidation("displayname_unique", func(fl validator.FieldLevel) bool {
|
||||
_ = v.RegisterValidation("displayname_valid", func(fl validator.FieldLevel) bool {
|
||||
isFieldUnique, _ := functions.IsNetworkDisplayNameUnique(fl.Field().String())
|
||||
return isFieldUnique
|
||||
inCharSet := functions.NameInNetworkCharSet(fl.Field().String())
|
||||
return isFieldUnique && inCharSet
|
||||
})
|
||||
|
||||
err := v.Struct(network)
|
||||
|
@ -677,12 +677,28 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
|
|||
}
|
||||
|
||||
netID := network.NetID
|
||||
grpcaddress := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort())
|
||||
apiaddress := net.JoinHostPort(servercfg.GetAPIHost(), servercfg.GetAPIPort())
|
||||
wgport := servercfg.GetGRPCWGPort()
|
||||
|
||||
accessstringdec := wgport + "|" +grpcaddress + "|" + apiaddress + "|" + netID + "|" + accesskey.Value + "|" + privAddr
|
||||
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec))
|
||||
var accessToken models.AccessToken
|
||||
var tokensrvcfg models.ServerConfig
|
||||
var tokenwgcfg models.WG
|
||||
srvcfg := servercfg.GetServerConfig()
|
||||
wgcfg := servercfg.GetWGConfig()
|
||||
copier.Copy(tokensrvcfg, srvcfg)
|
||||
copier.Copy(tokenwgcfg, wgcfg)
|
||||
|
||||
accessToken.ServerConfig = tokensrvcfg
|
||||
accessToken.WG = tokenwgcfg
|
||||
accessToken.ClientConfig.Network = netID
|
||||
accessToken.ClientConfig.Key = accesskey.Value
|
||||
accessToken.ClientConfig.LocalRange = privAddr
|
||||
|
||||
tokenjson, err := json.Marshal(accessToken)
|
||||
if err != nil {
|
||||
return accesskey, err
|
||||
}
|
||||
|
||||
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson))
|
||||
|
||||
//validate accesskey
|
||||
v := validator.New()
|
||||
err = v.Struct(accesskey)
|
||||
|
@ -716,10 +732,23 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models
|
|||
func GetSignupToken(netID string) (models.AccessKey, error) {
|
||||
|
||||
var accesskey models.AccessKey
|
||||
address := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort())
|
||||
var accessToken models.AccessToken
|
||||
var tokensrvcfg models.ServerConfig
|
||||
var tokenwgcfg models.WG
|
||||
srvcfg := servercfg.GetServerConfig()
|
||||
wgcfg := servercfg.GetWGConfig()
|
||||
copier.Copy(tokensrvcfg, srvcfg)
|
||||
copier.Copy(tokenwgcfg, wgcfg)
|
||||
|
||||
accessstringdec := address + "|" + netID + "|" + "" + "|"
|
||||
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec))
|
||||
accessToken.ServerConfig = tokensrvcfg
|
||||
accessToken.WG = tokenwgcfg
|
||||
|
||||
tokenjson, err := json.Marshal(accessToken)
|
||||
if err != nil {
|
||||
return accesskey, err
|
||||
}
|
||||
|
||||
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson))
|
||||
return accesskey, nil
|
||||
}
|
||||
func getSignupToken(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
|
@ -612,7 +612,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro
|
|||
{"postup", nodechange.PostUp},
|
||||
{"postdown", nodechange.PostDown},
|
||||
{"isegressgateway", nodechange.IsEgressGateway},
|
||||
{"egressgatewayrange", nodechange.EgressGatewayRange},
|
||||
{"egressgatewayranges", nodechange.EgressGatewayRanges},
|
||||
{"lastmodified", nodechange.LastModified},
|
||||
}},
|
||||
}
|
||||
|
@ -636,10 +636,10 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro
|
|||
|
||||
func ValidateEgressGateway(gateway models.EgressGatewayRequest) error {
|
||||
var err error
|
||||
isIp := functions.IsIpCIDR(gateway.RangeString)
|
||||
empty := gateway.RangeString == ""
|
||||
if empty || !isIp {
|
||||
err = errors.New("IP Range Not Valid")
|
||||
//isIp := functions.IsIpCIDR(gateway.RangeString)
|
||||
empty := len(gateway.Ranges)==0
|
||||
if empty {
|
||||
err = errors.New("IP Ranges Cannot Be Empty")
|
||||
}
|
||||
empty = gateway.Interface == ""
|
||||
if empty {
|
||||
|
@ -670,7 +670,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) {
|
|||
}
|
||||
|
||||
nodechange.IsEgressGateway = false
|
||||
nodechange.EgressGatewayRange = ""
|
||||
nodechange.EgressGatewayRanges = []string{}
|
||||
nodechange.PostUp = ""
|
||||
nodechange.PostDown = ""
|
||||
|
||||
|
@ -685,7 +685,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) {
|
|||
{"postup", nodechange.PostUp},
|
||||
{"postdown", nodechange.PostDown},
|
||||
{"isegressgateway", nodechange.IsEgressGateway},
|
||||
{"egressgatewayrange", nodechange.EgressGatewayRange},
|
||||
{"egressgatewayranges", nodechange.EgressGatewayRanges},
|
||||
{"lastmodified", nodechange.LastModified},
|
||||
}},
|
||||
}
|
||||
|
|
|
@ -555,7 +555,7 @@ func GetNodeObj(id primitive.ObjectID) models.Node {
|
|||
//Switch to REGEX?
|
||||
func NameInNetworkCharSet(name string) bool {
|
||||
|
||||
charset := "abcdefghijklmnopqrstuvwxyz1234567890-_"
|
||||
charset := "abcdefghijklmnopqrstuvwxyz1234567890-_."
|
||||
|
||||
for _, char := range name {
|
||||
if !strings.Contains(charset, strings.ToLower(string(char))) {
|
||||
|
|
1
go.mod
1
go.mod
|
@ -9,6 +9,7 @@ require (
|
|||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/gorilla/handlers v1.5.1
|
||||
github.com/gorilla/mux v1.8.0
|
||||
github.com/jinzhu/copier v0.3.2 // indirect
|
||||
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect
|
||||
github.com/stretchr/testify v1.6.1
|
||||
github.com/txn2/txeh v1.3.0
|
||||
|
|
2
go.sum
2
go.sum
|
@ -93,6 +93,8 @@ github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
|
|||
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
|
||||
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
|
||||
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
|
||||
github.com/jinzhu/copier v0.3.2 h1:QdBOCbaouLDYaIPFfi1bKv5F5tPpeTwXe4sD0jqtz5w=
|
||||
github.com/jinzhu/copier v0.3.2/go.mod h1:24xnZezI2Yqac9J61UC6/dG/k76ttpq0DdJI3QmUvro=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||
|
|
9
main.go
9
main.go
|
@ -146,9 +146,12 @@ func runGRPC(wg *sync.WaitGroup, installserver bool) {
|
|||
log.Println("Agent Server succesfully started on port " + grpcport + " (gRPC)")
|
||||
|
||||
if installserver {
|
||||
log.Println("Adding server to default network")
|
||||
success, err := serverctl.AddNetwork("default")
|
||||
if err != nil {
|
||||
success := true
|
||||
if !servercfg.DisableDefaultNet() {
|
||||
log.Println("Adding server to default network")
|
||||
success, err = serverctl.AddNetwork("default")
|
||||
}
|
||||
if err != nil {
|
||||
log.Printf("Error adding to default network: %v", err)
|
||||
log.Println("Unable to add server to network. Continuing.")
|
||||
log.Println("Please investigate client installation on server.")
|
||||
|
|
31
models/accessToken.go
Normal file
31
models/accessToken.go
Normal file
|
@ -0,0 +1,31 @@
|
|||
package models
|
||||
|
||||
type AccessToken struct {
|
||||
ServerConfig
|
||||
ClientConfig
|
||||
WG
|
||||
}
|
||||
|
||||
type ClientConfig struct {
|
||||
Network string `json:"network"`
|
||||
Key string `json:"key"`
|
||||
LocalRange string `json:"localrange"`
|
||||
}
|
||||
|
||||
type ServerConfig struct {
|
||||
APIConnString string `json:"apiconn"`
|
||||
APIHost string `json:"apihost"`
|
||||
APIPort string `json:"apiport"`
|
||||
GRPCConnString string `json:"grpcconn"`
|
||||
GRPCHost string `json:"grpchost"`
|
||||
GRPCPort string `json:"grpcport"`
|
||||
GRPCSSL string `json:"grpcssl"`
|
||||
}
|
||||
|
||||
type WG struct {
|
||||
GRPCWireGuard string `json:"grpcwg"`
|
||||
GRPCWGAddress string `json:"grpcaddr"`
|
||||
GRPCWGPort string `json:"grpcport"`
|
||||
GRPCWGPubKey string `json:"pubkey"`
|
||||
GRPCWGEndpoint string `json:"endpoint"`
|
||||
}
|
|
@ -16,8 +16,8 @@ type Network struct {
|
|||
// AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"`
|
||||
AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"addressrange6_valid"`
|
||||
//can't have min=1 with omitempty
|
||||
DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20,displayname_unique"`
|
||||
NetID string `json:"netid" bson:"netid" validate:"required,alphanum,min=1,max=12,netid_valid"`
|
||||
DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,min=1,max=20,displayname_valid"`
|
||||
NetID string `json:"netid" bson:"netid" validate:"required,min=1,max=12,netid_valid"`
|
||||
NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"`
|
||||
NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"`
|
||||
DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"`
|
||||
|
@ -47,8 +47,8 @@ type NetworkUpdate struct {
|
|||
// AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"`
|
||||
AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"omitempty,cidr"`
|
||||
//can't have min=1 with omitempty
|
||||
DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20"`
|
||||
NetID string `json:"netid" bson:"netid" validate:"omitempty,alphanum,min=1,max=12"`
|
||||
DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,validnetid,min=1,max=20"`
|
||||
NetID string `json:"netid" bson:"netid" validate:"omitempty,validnetid,min=1,max=15"`
|
||||
NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"`
|
||||
NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"`
|
||||
DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"`
|
||||
|
@ -86,7 +86,11 @@ func (network *Network) SetDefaults() {
|
|||
network.DisplayName = network.NetID
|
||||
}
|
||||
if network.DefaultInterface == "" {
|
||||
network.DefaultInterface = "nm-" + network.NetID
|
||||
if len(network.NetID) < 13 {
|
||||
network.DefaultInterface = "nm-" + network.NetID
|
||||
} else {
|
||||
network.DefaultInterface = network.NetID
|
||||
}
|
||||
}
|
||||
if network.DefaultListenPort == 0 {
|
||||
network.DefaultListenPort = 51821
|
||||
|
|
|
@ -28,7 +28,7 @@ type Node struct {
|
|||
Endpoint string `json:"endpoint" bson:"endpoint" validate:"required,ip"`
|
||||
PostUp string `json:"postup" bson:"postup"`
|
||||
PostDown string `json:"postdown" bson:"postdown"`
|
||||
AllowedIPs string `json:"allowedips" bson:"allowedips"`
|
||||
AllowedIPs []string `json:"allowedips" bson:"allowedips"`
|
||||
PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"`
|
||||
SaveConfig *bool `json:"saveconfig" bson:"saveconfig"`
|
||||
AccessKey string `json:"accesskey" bson:"accesskey"`
|
||||
|
@ -48,6 +48,8 @@ type Node struct {
|
|||
EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"`
|
||||
IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"`
|
||||
PostChanges string `json:"postchanges" bson:"postchanges"`
|
||||
StaticIP string `json:"staticip" bson:"staticip"`
|
||||
StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"`
|
||||
}
|
||||
|
||||
//node update struct --- only validations are different
|
||||
|
@ -62,7 +64,7 @@ type NodeUpdate struct {
|
|||
Endpoint string `json:"endpoint" bson:"endpoint" validate:"omitempty,ip"`
|
||||
PostUp string `json:"postup" bson:"postup"`
|
||||
PostDown string `json:"postdown" bson:"postdown"`
|
||||
AllowedIPs string `json:"allowedips" bson:"allowedips"`
|
||||
AllowedIPs []string `json:"allowedips" bson:"allowedips"`
|
||||
PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"`
|
||||
SaveConfig *bool `json:"saveconfig" bson:"saveconfig"`
|
||||
AccessKey string `json:"accesskey" bson:"accesskey"`
|
||||
|
@ -80,8 +82,10 @@ type NodeUpdate struct {
|
|||
IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"`
|
||||
IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"`
|
||||
IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"`
|
||||
EgressGatewayRange string `json:"gatewayrange" bson:"gatewayrange"`
|
||||
EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"`
|
||||
PostChanges string `json:"postchanges" bson:"postchanges"`
|
||||
StaticIP string `json:"staticip" bson:"staticip"`
|
||||
StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"`
|
||||
}
|
||||
|
||||
//Duplicated function for NodeUpdates
|
||||
|
@ -191,6 +195,13 @@ func (node *Node) SetDefaults() {
|
|||
postup := parentNetwork.DefaultPostUp
|
||||
node.PostUp = postup
|
||||
}
|
||||
if node.StaticIP == "" {
|
||||
node.StaticIP = "no"
|
||||
}
|
||||
if node.StaticPubKey == "" {
|
||||
node.StaticPubKey = "no"
|
||||
}
|
||||
|
||||
node.CheckInInterval = parentNetwork.DefaultCheckInInterval
|
||||
|
||||
}
|
||||
|
|
|
@ -6,10 +6,9 @@ import (
|
|||
"os"
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"strings"
|
||||
"fmt"
|
||||
"net"
|
||||
"log"
|
||||
"encoding/json"
|
||||
"gopkg.in/yaml.v3"
|
||||
nodepb "github.com/gravitl/netmaker/grpc"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
|
@ -29,6 +28,8 @@ type ServerConfig struct {
|
|||
GRPCAddress string `yaml:"grpcaddress"`
|
||||
APIAddress string `yaml:"apiaddress"`
|
||||
AccessKey string `yaml:"accesskey"`
|
||||
GRPCSSL string `yaml:"grpcssl"`
|
||||
GRPCWireGuard string `yaml:"grpcwg"`
|
||||
}
|
||||
|
||||
type ListConfig struct {
|
||||
|
@ -53,16 +54,19 @@ type NodeConfig struct {
|
|||
IsLocal string `yaml:"islocal"`
|
||||
IsDualStack string `yaml:"isdualstack"`
|
||||
IsIngressGateway string `yaml:"isingressgateway"`
|
||||
AllowedIPs string `yaml:"allowedips"`
|
||||
AllowedIPs []string `yaml:"allowedips"`
|
||||
LocalRange string `yaml:"localrange"`
|
||||
PostUp string `yaml:"postup"`
|
||||
PostDown string `yaml:"postdown"`
|
||||
Port int32 `yaml:"port"`
|
||||
KeepAlive int32 `yaml:"keepalive"`
|
||||
PublicKey string `yaml:"publickey"`
|
||||
ServerPubKey string `yaml:"serverpubkey"`
|
||||
PrivateKey string `yaml:"privatekey"`
|
||||
Endpoint string `yaml:"endpoint"`
|
||||
PostChanges string `yaml:"postchanges"`
|
||||
StaticIP string `yaml:"staticip"`
|
||||
StaticPubKey string `yaml:"staticpubkey"`
|
||||
IPForwarding string `yaml:"ipforwarding"`
|
||||
}
|
||||
|
||||
|
@ -375,16 +379,34 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
|
|||
log.Println("error decoding token")
|
||||
return cfg, err
|
||||
}
|
||||
token := string(tokenbytes)
|
||||
tokenvals := strings.Split(token, "|")
|
||||
|
||||
cfg.Server.GRPCAddress = tokenvals[1]
|
||||
cfg.Network = tokenvals[3]
|
||||
cfg.Node.Network = tokenvals[3]
|
||||
cfg.Server.AccessKey = tokenvals[4]
|
||||
if len(tokenvals) > 4 {
|
||||
cfg.Node.LocalRange = tokenvals[5]
|
||||
var accesstoken models.AccessToken
|
||||
if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil {
|
||||
log.Println("error converting token json to object", tokenbytes )
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
if accesstoken.ServerConfig.APIConnString != "" {
|
||||
cfg.Server.APIAddress = accesstoken.ServerConfig.APIConnString
|
||||
} else {
|
||||
cfg.Server.APIAddress = accesstoken.ServerConfig.APIHost
|
||||
if accesstoken.ServerConfig.APIPort != "" {
|
||||
cfg.Server.APIAddress = cfg.Server.APIAddress + ":" + accesstoken.ServerConfig.APIPort
|
||||
}
|
||||
}
|
||||
if accesstoken.ServerConfig.GRPCConnString != "" {
|
||||
cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString
|
||||
} else {
|
||||
cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCHost
|
||||
if accesstoken.ServerConfig.GRPCPort != "" {
|
||||
cfg.Server.GRPCAddress = cfg.Server.GRPCAddress + ":" + accesstoken.ServerConfig.GRPCPort
|
||||
}
|
||||
}
|
||||
cfg.Network = accesstoken.ClientConfig.Network
|
||||
cfg.Node.Network = accesstoken.ClientConfig.Network
|
||||
cfg.Server.AccessKey = accesstoken.ClientConfig.Key
|
||||
cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange
|
||||
cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL
|
||||
cfg.Server.GRPCWireGuard = accesstoken.WG.GRPCWireGuard
|
||||
if c.String("grpcserver") != "" {
|
||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
||||
}
|
||||
|
@ -401,6 +423,13 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
|
|||
if c.String("localrange") != "" {
|
||||
cfg.Node.LocalRange = c.String("localrange")
|
||||
}
|
||||
if c.String("grpcssl") != "" {
|
||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
||||
}
|
||||
if c.String("grpcwg") != "" {
|
||||
cfg.Server.GRPCWireGuard = c.String("grpcwg")
|
||||
}
|
||||
|
||||
} else {
|
||||
cfg.Server.GRPCAddress = c.String("grpcserver")
|
||||
cfg.Server.APIAddress = c.String("apiserver")
|
||||
|
@ -408,6 +437,8 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){
|
|||
cfg.Network = c.String("network")
|
||||
cfg.Node.Network = c.String("network")
|
||||
cfg.Node.LocalRange = c.String("localrange")
|
||||
cfg.Server.GRPCWireGuard = c.String("grpcwg")
|
||||
cfg.Server.GRPCSSL = c.String("grpcssl")
|
||||
}
|
||||
cfg.Node.Name = c.String("name")
|
||||
cfg.Node.Interface = c.String("interface")
|
||||
|
@ -442,22 +473,32 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){
|
|||
log.Println("error decoding token")
|
||||
return cfg, err
|
||||
}
|
||||
token := string(tokenbytes)
|
||||
tokenvals := strings.Split(token, "|")
|
||||
|
||||
cfg.Client.ServerPrivateAddress, cfg.Client.ServerGRPCPort, err = net.SplitHostPort(tokenvals[1])
|
||||
var accesstoken models.AccessToken
|
||||
if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil {
|
||||
log.Println("error converting token json to object", tokenbytes )
|
||||
return cfg, err
|
||||
}
|
||||
cfg.Client.ServerPrivateAddress = accesstoken.WG.GRPCWGAddress
|
||||
cfg.Client.ServerGRPCPort = accesstoken.WG.GRPCWGPort
|
||||
if err != nil {
|
||||
log.Println("error decoding token grpcserver")
|
||||
return cfg, err
|
||||
}
|
||||
cfg.Client.ServerPublicEndpoint, cfg.Client.ServerAPIPort, err = net.SplitHostPort(tokenvals[2])
|
||||
if err != nil {
|
||||
log.Println("error decoding token apiserver")
|
||||
return cfg, err
|
||||
}
|
||||
|
||||
cfg.Client.ServerWGPort = tokenvals[0]
|
||||
cfg.Client.ServerKey = tokenvals[4]
|
||||
if err != nil {
|
||||
log.Println("error decoding token apiserver")
|
||||
return cfg, err
|
||||
}
|
||||
if accesstoken.ServerConfig.APIConnString != "" {
|
||||
cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIConnString
|
||||
} else {
|
||||
cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIHost
|
||||
if accesstoken.ServerConfig.APIPort != "" {
|
||||
cfg.Client.ServerAPIPort = accesstoken.ServerConfig.APIPort
|
||||
}
|
||||
}
|
||||
cfg.Client.ServerWGPort = accesstoken.WG.GRPCWGPort
|
||||
cfg.Client.ServerKey = accesstoken.ClientConfig.Key
|
||||
cfg.Client.ServerKey = accesstoken.WG.GRPCWGPubKey
|
||||
|
||||
if c.String("grpcserver") != "" {
|
||||
cfg.Client.ServerPrivateAddress = c.String("grpcserver")
|
||||
|
@ -465,8 +506,8 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){
|
|||
if c.String("apiserver") != "" {
|
||||
cfg.Client.ServerPublicEndpoint = c.String("apiserver")
|
||||
}
|
||||
if c.String("key") != "" {
|
||||
cfg.Client.ServerKey = c.String("key")
|
||||
if c.String("pubkey") != "" {
|
||||
cfg.Client.ServerKey = c.String("pubkey")
|
||||
}
|
||||
if c.String("network") != "all" {
|
||||
cfg.Client.Network = c.String("network")
|
||||
|
|
|
@ -19,8 +19,10 @@ func SetHost() error {
|
|||
}
|
||||
func GetServerConfig() config.ServerConfig {
|
||||
var cfg config.ServerConfig
|
||||
cfg.APIConnString = GetAPIConnString()
|
||||
cfg.APIHost = GetAPIHost()
|
||||
cfg.APIPort = GetAPIPort()
|
||||
cfg.GRPCConnString = GetGRPCConnString()
|
||||
cfg.GRPCHost = GetGRPCHost()
|
||||
cfg.GRPCPort = GetGRPCPort()
|
||||
cfg.MasterKey = "(hidden)"
|
||||
|
@ -41,10 +43,18 @@ func GetServerConfig() config.ServerConfig {
|
|||
if IsDNSMode() {
|
||||
cfg.DNSMode = "on"
|
||||
}
|
||||
cfg.GRPCSSL = "off"
|
||||
if IsGRPCSSL() {
|
||||
cfg.GRPCSSL = "on"
|
||||
}
|
||||
cfg.DisableRemoteIPCheck = "off"
|
||||
if DisableRemoteIPCheck() {
|
||||
cfg.DisableRemoteIPCheck = "on"
|
||||
}
|
||||
cfg.DisableDefaultNet = "off"
|
||||
if DisableDefaultNet() {
|
||||
cfg.DisableRemoteIPCheck = "on"
|
||||
}
|
||||
return cfg
|
||||
}
|
||||
|
||||
|
@ -63,7 +73,15 @@ func GetWGConfig() config.WG{
|
|||
cfg.GRPCWGPrivKey = GetGRPCWGPrivKey()
|
||||
return cfg
|
||||
}
|
||||
|
||||
func GetAPIConnString() string {
|
||||
conn := ""
|
||||
if os.Getenv("SERVER_API_CONN_STRING") != "" {
|
||||
conn = os.Getenv("SERVER_API_CONN_STRING")
|
||||
} else if config.Config.Server.APIConnString != "" {
|
||||
conn = config.Config.Server.APIConnString
|
||||
}
|
||||
return conn
|
||||
}
|
||||
func GetAPIHost() string {
|
||||
serverhost := "127.0.0.1"
|
||||
if os.Getenv("SERVER_HTTP_HOST") != "" {
|
||||
|
@ -101,6 +119,15 @@ func GetDefaultNodeLimit() int32 {
|
|||
}
|
||||
return limit
|
||||
}
|
||||
func GetGRPCConnString() string {
|
||||
conn := ""
|
||||
if os.Getenv("SERVER_GRPC_CONN_STRING") != "" {
|
||||
conn = os.Getenv("SERVER_GRPC_CONN_STRING")
|
||||
} else if config.Config.Server.GRPCConnString != "" {
|
||||
conn = config.Config.Server.GRPCConnString
|
||||
}
|
||||
return conn
|
||||
}
|
||||
|
||||
func GetGRPCHost() string {
|
||||
serverhost := "127.0.0.1"
|
||||
|
@ -201,6 +228,21 @@ func IsDNSMode() bool {
|
|||
}
|
||||
return isdns
|
||||
}
|
||||
|
||||
func IsGRPCSSL() bool {
|
||||
isssl := false
|
||||
if os.Getenv("GRPC_SSL") != "" {
|
||||
if os.Getenv("GRPC_SSL") == "on" {
|
||||
isssl = true
|
||||
}
|
||||
} else if config.Config.Server.DNSMode != "" {
|
||||
if config.Config.Server.DNSMode == "on" {
|
||||
isssl = true
|
||||
}
|
||||
}
|
||||
return isssl
|
||||
}
|
||||
|
||||
func DisableRemoteIPCheck() bool {
|
||||
disabled := false
|
||||
if os.Getenv("DISABLE_REMOTE_IP_CHECK") != "" {
|
||||
|
@ -214,6 +256,19 @@ func DisableRemoteIPCheck() bool {
|
|||
}
|
||||
return disabled
|
||||
}
|
||||
func DisableDefaultNet() bool {
|
||||
disabled := false
|
||||
if os.Getenv("DISABLE_DEFAULT_NET") != "" {
|
||||
if os.Getenv("DISABLE_DEFAULT_NET") == "on" {
|
||||
disabled = true
|
||||
}
|
||||
} else if config.Config.Server.DisableDefaultNet != "" {
|
||||
if config.Config.Server.DisableDefaultNet == "on" {
|
||||
disabled= true
|
||||
}
|
||||
}
|
||||
return disabled
|
||||
}
|
||||
func GetPublicIP() (string, error) {
|
||||
|
||||
endpoint := ""
|
||||
|
|
Loading…
Reference in a new issue