gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-11-09 16:21:01 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' of github.com:gravitl/netmaker

Browse source
This commit is contained in:
Matthew R Kasun 2022-01-06 15:54:08 -05:00
commit a3678f36f3
57 changed files with 436 additions and 421 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
.github/workflows/buildandrelease.yml vendored
View file

@ -7,7 +7,7 @@ on:
description: 'Netmaker version'
required: false
release:
types: [created]
types: [published]
jobs:
build:
@ -29,7 +29,7 @@ jobs:
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: 1.16
go-version: 1.17
- name: Build
run: |
@ -40,7 +40,13 @@ jobs:
env GOOS=linux GOARCH=arm GOARM=7 go build -o build/netclient-arm7/netclient main.go
env GOOS=linux GOARCH=arm64 go build -o build/netclient-arm64/netclient main.go
env GOOS=linux GOARCH=mipsle go build -ldflags "-s -w" -o build/netclient-mipsle/netclient main.go && upx build/netclient-mipsle/netclient
env CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o build/netclient-freebsd/netclient main.go
env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=5 go build -o build/netclient-freebsd-arm5/netclient main.go
env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=6 go build -o build/netclient-freebsd-arm6/netclient main.go
env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=7 go build -o build/netclient-freebsd-arm7/netclient main.go
env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o build/netclient-freebsd-arm64/netclient main.go
env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o build/netclient-darwin/netclient main.go
- name: Upload x86 to Release
uses: svenstaro/upload-release-action@v2
with:
@ -112,3 +118,63 @@ jobs:
overwrite: true
prerelease: true
asset_name: netclient-mipsle
- name: Upload freebsd to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-freebsd/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-freebsd
- name: Upload freebsd-arm5 to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-freebsd-arm5/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-freebsd-arm5
- name: Upload freebsd-arm6 to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-freebsd-arm6/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-freebsd-arm6
- name: Upload freebsd-arm7 to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-freebsd-arm7/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-freebsd-arm7
- name: Upload freebsd-arm64 to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-freebsd-arm64/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-freebsd-arm64
- name: Upload darwin to Release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: netclient/build/netclient-darwin/netclient
tag: ${{ env.NETMAKER_VERSION }}
overwrite: true
prerelease: true
asset_name: netclient-darwin

4
.github/workflows/test-artifacts.yml vendored
View file

@ -12,6 +12,10 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx

4
.github/workflows/test.yml vendored
View file

@ -11,6 +11,10 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: run tests
run: |
go test -p 1 ./... -v

2
.gitignore vendored
View file

@ -15,3 +15,5 @@ netclient/netclient32
netclient/netclient.exe
config/dnsconfig/
data/
.vscode/
.idea/

4
README.md
View file

@ -8,7 +8,7 @@
<p align="center">
<a href="https://github.com/gravitl/netmaker/releases">
<img src="https://img.shields.io/badge/Version-0.9.2-informational?style=flat-square" />
<img src="https://img.shields.io/badge/Version-0.9.3-informational?style=flat-square" />
</a>
<a href="https://hub.docker.com/r/gravitl/netmaker/tags">
<img src="https://img.shields.io/docker/pulls/gravitl/netmaker" />
@ -47,7 +47,7 @@
<img src="./docs/images/install-server.gif" width="50%" /><img src="./docs/images/visit-website.gif" width="50%" />
Upon completion, the logs will display the instructions to connect various devices. These can also be retrived from the UI under "Access Keys."
Upon completion, the logs will display the instructions to connect various devices. These can also be retrieved from the UI under "Access Keys."
After installing Netmaker, check out the [Walkthrough](https://itnext.io/getting-started-with-netmaker-a-wireguard-virtual-networking-platform-3d563fbd87f0) and [Getting Started](https://netmaker.readthedocs.io/en/master/getting-started.html) guides to learn more about configuring networks. Or, check out some of our other [Tutorials](https://gravitl.com/resources) for different use cases, including Kubernetes.

7
auth/azure-ad.go
View file

@ -3,9 +3,8 @@ package auth
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"net/http"
"os"
"github.com/gravitl/netmaker/logger"
"github.com/gravitl/netmaker/logic"
@ -36,7 +35,7 @@ func initAzureAD(redirectURL string, clientID string, clientSecret string) {
ClientID: clientID,
ClientSecret: clientSecret,
Scopes: []string{"User.Read"},
Endpoint: microsoft.AzureADEndpoint(os.Getenv("AZURE_TENANT")),
Endpoint: microsoft.AzureADEndpoint(servercfg.GetAzureTenant()),
}
}
@ -110,7 +109,7 @@ func getAzureUserInfo(state string, code string) (*azureOauthUser, error) {
return nil, fmt.Errorf("failed getting user info: %s", err.Error())
}
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
contents, err := io.ReadAll(response.Body)
if err != nil {
return nil, fmt.Errorf("failed reading response body: %s", err.Error())
}

4
auth/github.go
View file

@ -3,7 +3,7 @@ package auth
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"net/http"
"github.com/gravitl/netmaker/logger"
@ -113,7 +113,7 @@ func getGithubUserInfo(state string, code string) (*githubOauthUser, error) {
return nil, fmt.Errorf("failed getting user info: %s", err.Error())
}
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
contents, err := io.ReadAll(response.Body)
if err != nil {
return nil, fmt.Errorf("failed reading response body: %s", err.Error())
}

4
auth/google.go
View file

@ -3,7 +3,7 @@ package auth
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"net/http"
"github.com/gravitl/netmaker/logger"
@ -104,7 +104,7 @@ func getGoogleUserInfo(state string, code string) (*googleOauthUser, error) {
return nil, fmt.Errorf("failed getting user info: %s", err.Error())
}
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
contents, err := io.ReadAll(response.Body)
if err != nil {
return nil, fmt.Errorf("failed reading response body: %s", err.Error())
}

4
compose/docker-compose.caddy.yml
View file

@ -3,7 +3,7 @@ version: "3.4"
services:
netmaker:
container_name: netmaker
image: gravitl/netmaker:v0.9.2
image: gravitl/netmaker:v0.9.3
volumes:
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /run/systemd/system:/run/systemd/system
@ -40,7 +40,7 @@ services:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.9.2
image: gravitl/netmaker-ui:v0.9.3
links:
- "netmaker:api"
ports:

4
compose/docker-compose.contained.yml
View file

@ -3,7 +3,7 @@ version: "3.4"
services:
netmaker:
container_name: netmaker
image: gravitl/netmaker:v0.9.2
image: gravitl/netmaker:v0.9.3
volumes:
- dnsconfig:/root/config/dnsconfig
- /usr/bin/wg:/usr/bin/wg
@ -38,7 +38,7 @@ services:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.9.2
image: gravitl/netmaker-ui:v0.9.3
links:
- "netmaker:api"
ports:

4
compose/docker-compose.nodns.yml
View file

@ -3,7 +3,7 @@ version: "3.4"
services:
netmaker:
container_name: netmaker
image: gravitl/netmaker:v0.9.2
image: gravitl/netmaker:v0.9.3
volumes:
- /usr/bin/wg:/usr/bin/wg
- sqldata:/root/data
@ -36,7 +36,7 @@ services:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.9.2
image: gravitl/netmaker-ui:v0.9.3
links:
- "netmaker:api"
ports:

4
compose/docker-compose.reference.yml
View file

@ -11,7 +11,7 @@ services:
container_name: netmaker
depends_on:
- rqlite
image: gravitl/netmaker:v0.9.2
image: gravitl/netmaker:v0.9.3
volumes: # Volume mounts necessary for CLIENT_MODE to control wireguard networking on host (except dnsconfig, which is where dns config files are stored for use by CoreDNS)
- dnsconfig:/root/config/dnsconfig # Netmaker writes Corefile to this location, which gets mounted by CoreDNS for DNS configuration.
- /usr/bin/wg:/usr/bin/wg
@ -41,7 +41,7 @@ services:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.9.2
image: gravitl/netmaker-ui:v0.9.3
links:
- "netmaker:api"
ports:

4
compose/docker-compose.yml
View file

@ -3,7 +3,7 @@ version: "3.4"
services:
netmaker:
container_name: netmaker
image: gravitl/netmaker:v0.9.0
image: gravitl/netmaker:v0.9.3
volumes:
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /run/systemd/system:/run/systemd/system
@ -40,7 +40,7 @@ services:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.9.2
image: gravitl/netmaker-ui:v0.9.3
links:
- "netmaker:api"
ports:

16
config/config.go
View file

@ -12,7 +12,7 @@ import (
"gopkg.in/yaml.v3"
)
//setting dev by default
// setting dev by default
func getEnv() string {
env := os.Getenv("NETMAKER_ENV")
@ -27,13 +27,13 @@ func getEnv() string {
// Config : application config stored as global variable
var Config *EnvironmentConfig
// EnvironmentConfig :
// EnvironmentConfig - environment conf struct
type EnvironmentConfig struct {
Server ServerConfig `yaml:"server"`
SQL SQLConfig `yaml:"sql"`
}
// ServerConfig :
// ServerConfig - server conf struct
type ServerConfig struct {
CoreDNSAddr string `yaml:"corednsaddr"`
APIConnString string `yaml:"apiconn"`
@ -58,8 +58,8 @@ type ServerConfig struct {
Version string `yaml:"version"`
SQLConn string `yaml:"sqlconn"`
Platform string `yaml:"platform"`
Database string `yaml:database`
CheckinInterval string `yaml:checkininterval`
Database string `yaml:"database"`
CheckinInterval string `yaml:"checkininterval"`
DefaultNodeLimit int32 `yaml:"defaultnodelimit"`
Verbosity int32 `yaml:"verbosity"`
ServerCheckinInterval int64 `yaml:"servercheckininterval"`
@ -68,9 +68,11 @@ type ServerConfig struct {
ClientSecret string `yaml:"clientsecret"`
FrontendURL string `yaml:"frontendurl"`
DisplayKeys string `yaml:"displaykeys"`
AzureTenant string `yaml:"azuretenant"`
RCE string `yaml:"rce"`
}
// Generic SQL Config
// SQLConfig - Generic SQL Config
type SQLConfig struct {
Host string `yaml:"host"`
Port int32 `yaml:"port"`
@ -80,7 +82,7 @@ type SQLConfig struct {
SSLMode string `yaml:"sslmode"`
}
//reading in the env file
// reading in the env file
func readConfig() *EnvironmentConfig {
file := fmt.Sprintf("config/environments/%s.yaml", getEnv())
f, err := os.Open(file)

7
controllers/controller.go
View file

@ -52,20 +52,19 @@ func HandleRESTRequests(wg *sync.WaitGroup) {
}
}()
logger.Log(0, "REST Server successfully started on port ", port, " (REST)")
c := make(chan os.Signal)
// Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
// Ignore other incoming signals
signal.Notify(c, os.Interrupt)
ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
defer stop()
// Block main routine until a signal is received
// As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
<-c
<-ctx.Done()
// After receiving CTRL+C Properly stop the server
logger.Log(0, "Stopping the REST server...")
srv.Shutdown(context.TODO())
logger.Log(0, "REST Server closed.")
logger.DumpFile(fmt.Sprintf("data/netmaker.log.%s", time.Now().Format(logger.TimeFormatDay)))
}

5
controllers/dns_test.go
View file

@ -1,7 +1,6 @@
package controller
import (
"io/ioutil"
"os"
"testing"
@ -200,7 +199,7 @@ func TestSetDNS(t *testing.T) {
info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
assert.Nil(t, err)
assert.False(t, info.IsDir())
content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
content, err := os.ReadFile("./config/dnsconfig/netmaker.hosts")
assert.Nil(t, err)
assert.Contains(t, string(content), "testnode.skynet")
})
@ -212,7 +211,7 @@ func TestSetDNS(t *testing.T) {
info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
assert.Nil(t, err)
assert.False(t, info.IsDir())
content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
content, err := os.ReadFile("./config/dnsconfig/netmaker.hosts")
assert.Nil(t, err)
assert.Contains(t, string(content), "newhost.skynet")
})

9
controllers/network.go
View file

@ -68,7 +68,7 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
json.NewEncoder(w).Encode(allnetworks)
}
//Simple get network function
// Simple get network function
func getNetwork(w http.ResponseWriter, r *http.Request) {
// set header.
w.Header().Set("Content-Type", "application/json")
@ -101,7 +101,7 @@ func keyUpdate(w http.ResponseWriter, r *http.Request) {
json.NewEncoder(w).Encode(network)
}
//Update a network
// Update a network
func updateNetwork(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
var params = mux.Vars(r)
@ -119,6 +119,11 @@ func updateNetwork(w http.ResponseWriter, r *http.Request) {
return
}
if !servercfg.GetRce() {
newNetwork.DefaultPostDown = network.DefaultPostDown
newNetwork.DefaultPostUp = network.DefaultPostUp
}
rangeupdate, localrangeupdate, err := logic.UpdateNetwork(&network, &newNetwork)
if err != nil {
returnErrorResponse(w, r, formatError(err, "badrequest"))

6
controllers/node.go
View file

@ -524,6 +524,12 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
}
}
}
if !servercfg.GetRce() {
newNode.PostDown = node.PostDown
newNode.PostUp = node.PostUp
}
err = logic.UpdateNode(&node, &newNode)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))

7
controllers/node_grpc.go
View file

@ -10,6 +10,7 @@ import (
"github.com/gravitl/netmaker/logger"
"github.com/gravitl/netmaker/logic"
"github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/servercfg"
)
// NodeServiceServer - represents the service server for gRPC
@ -107,6 +108,12 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.Object)
if err != nil {
return nil, err
}
if !servercfg.GetRce() {
newnode.PostDown = node.PostDown
newnode.PostUp = node.PostUp
}
err = logic.UpdateNode(&node, &newnode)
if err != nil {
return nil, err

2
controllers/user.go
View file

@ -23,7 +23,7 @@ func userHandlers(r *mux.Router) {
r.HandleFunc("/api/users/networks/{username}", securityCheck(true, http.HandlerFunc(updateUserNetworks))).Methods("PUT")
r.HandleFunc("/api/users/{username}/adm", securityCheck(true, http.HandlerFunc(updateUserAdm))).Methods("PUT")
r.HandleFunc("/api/users/{username}", securityCheck(true, http.HandlerFunc(createUser))).Methods("POST")
r.HandleFunc("/api/users/{username}", securityCheck(false, continueIfUserMatch(http.HandlerFunc(deleteUser)))).Methods("DELETE")
r.HandleFunc("/api/users/{username}", securityCheck(true, http.HandlerFunc(deleteUser))).Methods("DELETE")
r.HandleFunc("/api/users/{username}", securityCheck(false, continueIfUserMatch(http.HandlerFunc(getUser)))).Methods("GET")
r.HandleFunc("/api/users", securityCheck(true, http.HandlerFunc(getUsers))).Methods("GET")
r.HandleFunc("/api/oauth/login", auth.HandleAuthLogin).Methods("GET")

2
docs/api.rst
View file

@ -12,7 +12,7 @@ Authentication
==============
API calls must be authenticated via a header of the format `-H "Authorization: Bearer <YOUR_SECRET_KEY>"` There are two methods to obtain YOUR_SECRET_KEY:
1. Using the masterkey. By default, this value is "secret key," but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details.
2. Using a JWT recieved for a node. This can be retrieved by calling the `/api/nodes/<network>/authenticate` endpoint, as documented below.
2. Using a JWT received for a node. This can be retrieved by calling the `/api/nodes/<network>/authenticate` endpoint, as documented below.
Format of Calls for Curl

6
docs/architecture.rst
View file

@ -21,7 +21,7 @@ WireGuard
WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the `WireGuard <https://www.wireguard.com/>`_ website, "it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry."
Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunnelling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no signigifant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.
Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunneling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no significant performance impact. With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.
Mesh Network
-------------
@ -56,7 +56,7 @@ Netmaker does a lot of work to set configurations for you, so that you don't hav
Node
------
A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and recieve traffic from all of the other nodes.
A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and receive traffic from all of the other nodes.
SystemD
-------
@ -153,7 +153,7 @@ Below is a high level, step-by-step overview of the flow of communications withi
9. Netmaker server verifies information and creates the node, setting default values for any missing information.
10. Timestamp is set for the network (see #16).
11. Netmaker returns settings as response to netclient. Some settings may be added or modified based on the network.
12. Netclient recieves response. If successful, it takes any additional info returned from Netmaker and configures the local system/WireGuard
12. Netclient receives response. If successful, it takes any additional info returned from Netmaker and configures the local system/WireGuard
13. Netclient sends another request to Netmaker's GRPC server, this time to retrieve the peers list (all other clients in the network).
14. Netmaker sends back peers list, including current known configurations of all nodes in network.
15. Netclient configures WireGuard with this information. At this point, the node is fully configured as a part of the network and should be able to reach the other nodes via private address.

7
go.mod
View file

@ -3,13 +3,13 @@ module github.com/gravitl/netmaker
go 1.17
require (
github.com/go-playground/validator/v10 v10.9.0
github.com/go-playground/validator/v10 v10.10.0
github.com/golang-jwt/jwt/v4 v4.2.0
github.com/golang/protobuf v1.5.2 // indirect
github.com/gorilla/handlers v1.5.1
github.com/gorilla/mux v1.8.0
github.com/lib/pq v1.10.4
github.com/mattn/go-sqlite3 v1.14.9
github.com/mattn/go-sqlite3 v1.14.10
github.com/rqlite/gorqlite v0.0.0-20210514125552-08ff1e76b22f
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
github.com/stretchr/testify v1.7.0
@ -23,7 +23,7 @@ require (
golang.zx2c4.com/wireguard v0.0.0-20210805125648-3957e9b9dd19 // indirect
golang.zx2c4.com/wireguard/wgctrl v0.0.0-20210913210325-91d1988e44de
google.golang.org/genproto v0.0.0-20210201151548-94839c025ad4 // indirect
google.golang.org/grpc v1.42.0
google.golang.org/grpc v1.43.0
google.golang.org/protobuf v1.27.1
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
)
@ -31,6 +31,7 @@ require (
require (
cloud.google.com/go v0.34.0 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/felixge/httpsnoop v1.0.1 // indirect
github.com/go-playground/locales v0.14.0 // indirect
github.com/go-playground/universal-translator v0.18.0 // indirect

12
go.sum
View file

@ -40,8 +40,8 @@ github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb
github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
github.com/go-playground/validator/v10 v10.9.0 h1:NgTtmN58D0m8+UuxtYmGztBJB7VnPgjj221I1QHci2A=
github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
github.com/go-playground/validator/v10 v10.10.0 h1:I7mrTYv78z8k8VXa/qJlOlEXn/nBh+BF8dHX5nt/dr0=
github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
@ -100,8 +100,8 @@ github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ic
github.com/lib/pq v1.10.4 h1:SO9z7FRPzA03QhHKJrH5BXA6HU1rS4V2nIVrrNC1iYk=
github.com/lib/pq v1.10.4/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/mattn/go-sqlite3 v1.14.9 h1:10HX2Td0ocZpYEjhilsuo6WWtUqttj2Kb0KtD86/KYA=
github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
github.com/mattn/go-sqlite3 v1.14.10 h1:MLn+5bFRlWMGoSRmJour3CL1w/qL96mvipqpwQW/Sfk=
github.com/mattn/go-sqlite3 v1.14.10/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
github.com/mdlayher/ethtool v0.0.0-20210210192532-2b88debcdd43 h1:WgyLFv10Ov49JAQI/ZLUkCZ7VJS3r74hwFIGXJsgZlY=
github.com/mdlayher/ethtool v0.0.0-20210210192532-2b88debcdd43/go.mod h1:+t7E0lkKfbBsebllff1xdTmyJt8lH37niI6kwFk9OTo=
github.com/mdlayher/genetlink v1.0.0 h1:OoHN1OdyEIkScEmRgxLEe2M9U8ClMytqA5niynLtfj0=
@ -258,8 +258,8 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A=
google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM=
google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=

3
logger/logger.go
View file

@ -2,7 +2,6 @@ package logger
import (
"fmt"
"io/ioutil"
"os"
"sort"
"strconv"
@ -90,7 +89,7 @@ func DumpFile(filePath string) {
// Retrieve - retrieves logs from given file
func Retrieve(filePath string) string {
contents, err := ioutil.ReadFile(filePath)
contents, err := os.ReadFile(filePath)
if err != nil {
panic(err)
}

3
logic/dns.go
View file

@ -2,7 +2,6 @@ package logic
import (
"encoding/json"
"io/ioutil"
"os"
"github.com/go-playground/validator/v10"
@ -135,7 +134,7 @@ func SetCorefile(domains string) error {
`
corebytes := []byte(corefile)
err = ioutil.WriteFile(dir+"/config/dnsconfig/Corefile", corebytes, 0644)
err = os.WriteFile(dir+"/config/dnsconfig/Corefile", corebytes, 0644)
if err != nil {
return err
}

4
logic/nodes.go
View file

@ -253,6 +253,10 @@ func SetNodeDefaults(node *models.Node) {
postup := parentNetwork.DefaultPostUp
node.PostUp = postup
}
if node.PostDown == "" {
postdown := parentNetwork.DefaultPostDown
node.PostDown = postdown
}
if node.IsStatic == "" {
node.IsStatic = "no"
}

71
logic/util.go
View file

@ -184,26 +184,18 @@ func GetNode(macaddress string, network string) (models.Node, error) {
// GetNodePeers - fetches peers for a given node
func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error) {
var peers []models.Node
collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
var networkNodes, egressNetworkNodes, err = getNetworkEgressAndNodes(networkName)
if err != nil {
if database.IsEmptyRecord(err) {
return peers, nil
}
logger.Log(2, err.Error())
return nil, err
return peers, nil
}
udppeers, errN := database.GetPeers(networkName)
if errN != nil {
logger.Log(2, errN.Error())
}
for _, value := range collection {
var node = &models.Node{}
for _, node := range networkNodes {
var peer = models.Node{}
err := json.Unmarshal([]byte(value), node)
if err != nil {
logger.Log(2, err.Error())
continue
}
if node.IsEgressGateway == "yes" { // handle egress stuff
peer.EgressGatewayRanges = node.EgressGatewayRanges
peer.IsEgressGateway = node.IsEgressGateway
@ -211,7 +203,7 @@ func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error
allow := node.IsRelayed != "yes" || !excludeRelayed
if node.Network == networkName && node.IsPending != "yes" && allow {
peer = setPeerInfo(node)
peer = setPeerInfo(&node)
if node.UDPHolePunch == "yes" && errN == nil && CheckEndpoint(udppeers[node.PublicKey]) {
endpointstring := udppeers[node.PublicKey]
endpointarr := strings.Split(endpointstring, ":")
@ -230,6 +222,11 @@ func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error
} else {
peer.AllowedIPs = append(peer.AllowedIPs, node.RelayAddrs...)
}
for _, egressNode := range egressNetworkNodes {
if egressNode.IsRelayed == "yes" && StringSliceContains(node.RelayAddrs, egressNode.Address) {
peer.AllowedIPs = append(peer.AllowedIPs, egressNode.EgressGatewayRanges...)
}
}
}
peers = append(peers, peer)
}
@ -252,6 +249,14 @@ func GetPeersList(networkName string, excludeRelayed bool, relayedNodeAddr strin
network, err := GetNetwork(networkName)
if err == nil {
peerNode.AllowedIPs = append(peerNode.AllowedIPs, network.AddressRange)
var _, egressNetworkNodes, err = getNetworkEgressAndNodes(networkName)
if err == nil {
for _, egress := range egressNetworkNodes {
if egress.Address != relayedNodeAddr {
peerNode.AllowedIPs = append(peerNode.AllowedIPs, egress.EgressGatewayRanges...)
}
}
}
} else {
peerNode.AllowedIPs = append(peerNode.AllowedIPs, peerNode.RelayAddrs...)
}
@ -286,6 +291,34 @@ func RandomString(length int) string {
// == Private Methods ==
func getNetworkEgressAndNodes(networkName string) ([]models.Node, []models.Node, error) {
var networkNodes, egressNetworkNodes []models.Node
collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
if err != nil {
if database.IsEmptyRecord(err) {
return networkNodes, egressNetworkNodes, nil
}
logger.Log(2, err.Error())
return nil, nil, err
}
for _, value := range collection {
var node = models.Node{}
err := json.Unmarshal([]byte(value), &node)
if err != nil {
logger.Log(2, err.Error())
continue
}
if node.Network == networkName {
networkNodes = append(networkNodes, node)
if node.IsEgressGateway == "yes" {
egressNetworkNodes = append(egressNetworkNodes, node)
}
}
}
return networkNodes, egressNetworkNodes, nil
}
func setPeerInfo(node *models.Node) models.Node {
var peer models.Node
peer.RelayAddrs = node.RelayAddrs
@ -326,3 +359,13 @@ func setIPForwardingLinux() error {
}
return nil
}
// StringSliceContains - sees if a string slice contains a string element
func StringSliceContains(slice []string, item string) bool {
for _, s := range slice {
if s == item {
return true
}
}
return false
}

7
logic/wireguard.go
View file

@ -3,7 +3,6 @@ package logic
import (
"errors"
"fmt"
"io/ioutil"
"os"
"os/exec"
"strconv"
@ -86,10 +85,10 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
if !ncutils.IsKernel() {
var newConf string
newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, node.PersistentKeepalive, peers)
newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), peers)
confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
logger.Log(1, "writing wg conf file to:", confPath)
err = ioutil.WriteFile(confPath, []byte(newConf), 0644)
err = os.WriteFile(confPath, []byte(newConf), 0644)
if err != nil {
logger.Log(1, "error writing wg conf file to", confPath, ":", err.Error())
return err
@ -97,7 +96,7 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
if ncutils.IsWindows() {
wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
logger.Log(1, "writing wg conf file to:", confPath)
err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
err = os.WriteFile(wgConfPath, []byte(newConf), 0644)
if err != nil {
logger.Log(1, "error writing wg conf file to", wgConfPath, ":", err.Error())
return err

14
main.go
View file

@ -1,6 +1,7 @@
package main
import (
"context"
"fmt"
"net"
"os"
@ -43,7 +44,7 @@ func initialize() { // Client Mode Prereq Check
var authProvider = auth.InitializeAuthProvider()
if authProvider != "" {
logger.Log(0, "OAuth provider, ", authProvider, ", initialized")
logger.Log(0, "OAuth provider,", authProvider+",", "initialized")
} else {
logger.Log(0, "no OAuth provider found or not configured, continuing without OAuth")
}
@ -157,21 +158,18 @@ func runGRPC(wg *sync.WaitGroup) {
}()
logger.Log(0, "Agent Server successfully started on port ", grpcport, "(gRPC)")
// Right way to stop the server using a SHUTDOWN HOOK
// Create a channel to receive OS signals
c := make(chan os.Signal, 1)
// Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
// Ignore other incoming signals
signal.Notify(c, os.Interrupt)
ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
defer stop()
// Block main routine until a signal is received
// As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
<-c
<-ctx.Done()
// After receiving CTRL+C Properly stop the server
logger.Log(0, "Stopping the Agent server...")
s.Stop()
s.GracefulStop()
listener.Close()
logger.Log(0, "Agent server closed..")
logger.Log(0, "Closed DB connection.")

12
netclient/auth/auth.go
View file

@ -3,6 +3,7 @@ package auth
import (
"encoding/json"
"fmt"
"os"
"github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/netclient/config"
@ -10,7 +11,6 @@ import (
// "os"
"context"
"io/ioutil"
nodepb "github.com/gravitl/netmaker/grpc"
"google.golang.org/grpc/codes"
@ -21,13 +21,13 @@ import (
// SetJWT func will used to create the JWT while signing in and signing out
func SetJWT(client nodepb.NodeServiceClient, network string) (context.Context, error) {
home := ncutils.GetNetclientPathSpecific()
tokentext, err := ioutil.ReadFile(home + "nettoken-" + network)
tokentext, err := os.ReadFile(home + "nettoken-" + network)
if err != nil {
err = AutoLogin(client, network)
if err != nil {
return nil, status.Errorf(codes.Unauthenticated, fmt.Sprintf("Something went wrong with Auto Login: %v", err))
}
tokentext, err = ioutil.ReadFile(home + "nettoken-" + network)
tokentext, err = os.ReadFile(home + "nettoken-" + network)
if err != nil {
return nil, status.Errorf(codes.Unauthenticated, fmt.Sprintf("Something went wrong: %v", err))
}
@ -71,7 +71,7 @@ func AutoLogin(client nodepb.NodeServiceClient, network string) error {
return err
}
tokenstring := []byte(res.Data)
err = ioutil.WriteFile(home+"nettoken-"+network, tokenstring, 0644)
err = os.WriteFile(home+"nettoken-"+network, tokenstring, 0644)
if err != nil {
return err
}
@ -81,13 +81,13 @@ func AutoLogin(client nodepb.NodeServiceClient, network string) error {
// StoreSecret - stores auth secret locally
func StoreSecret(key string, network string) error {
d1 := []byte(key)
err := ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"secret-"+network, d1, 0644)
err := os.WriteFile(ncutils.GetNetclientPathSpecific()+"secret-"+network, d1, 0644)
return err
}
// RetrieveSecret - fetches secret locally
func RetrieveSecret(network string) (string, error) {
dat, err := ioutil.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + network)
dat, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + network)
return string(dat), err
}

4
netclient/cli_options/cmds.go
View file

@ -21,11 +21,11 @@ func GetCommands(cliFlags []cli.Flag) []*cli.Command {
return err
}
if cfg.Network == "all" {
err = errors.New("No network provided.")
err = errors.New("no network provided")
return err
}
if cfg.Server.GRPCAddress == "" {
err = errors.New("No server address provided.")
err = errors.New("no server address provided")
return err
}
err = command.Join(cfg, pvtKey)

27
netclient/command/commands.go
View file

@ -7,22 +7,13 @@ import (
"strings"
"time"
nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/netclient/config"
"github.com/gravitl/netmaker/netclient/daemon"
"github.com/gravitl/netmaker/netclient/functions"
"github.com/gravitl/netmaker/netclient/ncutils"
"golang.zx2c4.com/wireguard/wgctrl"
)
var (
wgclient *wgctrl.Client
)
var (
wcclient nodepb.NodeServiceClient
)
// Join - join command to run from cli
func Join(cfg config.ClientConfig, privateKey string) error {
var err error
@ -83,6 +74,7 @@ func getWindowsInterval() int {
return interval
}
// RunUserspaceDaemon - runs continual checkins
func RunUserspaceDaemon() {
cfg := config.ClientConfig{
@ -91,14 +83,15 @@ func RunUserspaceDaemon() {
interval := getWindowsInterval()
dur := time.Duration(interval) * time.Second
for {
if err := CheckIn(cfg); err != nil {
// pass
}
CheckIn(cfg)
time.Sleep(dur)
}
}
// CheckIn - runs checkin command from cli
func CheckIn(cfg config.ClientConfig) error {
//log.Println("checkin --- diabled for now")
//return nil
var err error
var errN error
if cfg.Network == "" {
@ -139,6 +132,7 @@ func CheckIn(cfg config.ClientConfig) error {
return err
}
// Leave - runs the leave command from cli
func Leave(cfg config.ClientConfig) error {
err := functions.LeaveNetwork(cfg.Network)
if err != nil {
@ -149,6 +143,7 @@ func Leave(cfg config.ClientConfig) error {
return err
}
// Push - runs push command
func Push(cfg config.ClientConfig) error {
var err error
if cfg.Network == "all" || ncutils.IsWindows() {
@ -175,6 +170,7 @@ func Push(cfg config.ClientConfig) error {
return err
}
// Pull - runs pull command from cli
func Pull(cfg config.ClientConfig) error {
var err error
if cfg.Network == "all" {
@ -201,13 +197,16 @@ func Pull(cfg config.ClientConfig) error {
return err
}
// List - runs list command from cli
func List(cfg config.ClientConfig) error {
err := functions.List(cfg.Network)
return err
}
// Uninstall - runs uninstall command from cli
func Uninstall() error {
ncutils.PrintLog("uninstalling netclient", 0)
ncutils.PrintLog("uninstalling netclient...", 0)
err := functions.Uninstall()
ncutils.PrintLog("uninstalled netclient", 0)
return err
}

9
netclient/config/config.go
View file

@ -6,7 +6,6 @@ import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"log"
"os"
@ -133,12 +132,12 @@ func SaveBackup(network string) error {
var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
if FileExists(configPath) {
input, err := ioutil.ReadFile(configPath)
input, err := os.ReadFile(configPath)
if err != nil {
ncutils.Log("failed to read " + configPath + " to make a backup")
return err
}
if err = ioutil.WriteFile(backupPath, input, 0644); err != nil {
if err = os.WriteFile(backupPath, input, 0644); err != nil {
ncutils.Log("failed to copy backup to " + backupPath)
return err
}
@ -151,12 +150,12 @@ func ReplaceWithBackup(network string) error {
var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
if FileExists(backupPath) {
input, err := ioutil.ReadFile(backupPath)
input, err := os.ReadFile(backupPath)
if err != nil {
ncutils.Log("failed to read file " + backupPath + " to backup network: " + network)
return err
}
if err = ioutil.WriteFile(configPath, input, 0644); err != nil {
if err = os.WriteFile(configPath, input, 0644); err != nil {
ncutils.Log("failed backup " + backupPath + " to " + configPath)
return err
}

3
netclient/daemon/macos.go
View file

@ -2,7 +2,6 @@ package daemon
import (
"fmt"
"io/ioutil"
"log"
"os"
"path/filepath"
@ -64,7 +63,7 @@ func CreateMacService(servicename string, interval string) error {
daemonbytes := []byte(daemonstring)
if !ncutils.FileExists("/Library/LaunchDaemons/com.gravitl.netclient.plist") {
err = ioutil.WriteFile("/Library/LaunchDaemons/com.gravitl.netclient.plist", daemonbytes, 0644)
err = os.WriteFile("/Library/LaunchDaemons/com.gravitl.netclient.plist", daemonbytes, 0644)
}
return err
}

5
netclient/daemon/systemd.go
View file

@ -3,7 +3,6 @@ package daemon
import (
//"github.com/davecgh/go-spew/spew"
"io/ioutil"
"log"
"os"
"path/filepath"
@ -75,7 +74,7 @@ WantedBy=timers.target
timerbytes := []byte(systemtimer)
if !ncutils.FileExists("/etc/systemd/system/netclient.service") {
err = ioutil.WriteFile("/etc/systemd/system/netclient.service", servicebytes, 0644)
err = os.WriteFile("/etc/systemd/system/netclient.service", servicebytes, 0644)
if err != nil {
log.Println(err)
return err
@ -83,7 +82,7 @@ WantedBy=timers.target
}
if !ncutils.FileExists("/etc/systemd/system/netclient.timer") {
err = ioutil.WriteFile("/etc/systemd/system/netclient.timer", timerbytes, 0644)
err = os.WriteFile("/etc/systemd/system/netclient.timer", timerbytes, 0644)
if err != nil {
log.Println(err)
return err

3
netclient/daemon/windows.go
View file

@ -2,7 +2,6 @@ package daemon
import (
"fmt"
"io/ioutil"
"log"
"os"
"strings"
@ -57,7 +56,7 @@ func writeServiceConfig() error {
</service>
`, strings.Replace(ncutils.GetNetclientPathSpecific()+"netclient.exe", `\\`, `\`, -1))
if !ncutils.FileExists(serviceConfigPath) {
err := ioutil.WriteFile(serviceConfigPath, []byte(scriptString), 0644)
err := os.WriteFile(serviceConfigPath, []byte(scriptString), 0644)
if err != nil {
return err
}

25
netclient/functions/checkin.go
View file

@ -82,14 +82,15 @@ func checkIP(node *models.Node, servercfg config.ServerConfig, cliconf config.Cl
return ipchange && err == nil
}
func setDNS(node *models.Node, servercfg config.ServerConfig, nodecfg *models.Node) {
if nodecfg.DNSOn == "yes" {
ifacename := node.Interface
nameserver := servercfg.CoreDNSAddr
network := node.Network
local.UpdateDNS(ifacename, network, nameserver)
}
}
// DEPRECATED
// func setDNS(node *models.Node, servercfg config.ServerConfig, nodecfg *models.Node) {
// if nodecfg.DNSOn == "yes" {
// ifacename := node.Interface
// nameserver := servercfg.CoreDNSAddr
// network := node.Network
// local.UpdateDNS(ifacename, network, nameserver)
// }
// }
func checkNodeActions(node *models.Node, networkName string, servercfg config.ServerConfig, localNode *models.Node, cfg *config.ClientConfig) string {
if (node.Action == models.NODE_UPDATE_KEY || localNode.Action == models.NODE_UPDATE_KEY) &&
@ -156,7 +157,7 @@ func Pull(network string, manual bool) (*models.Node, error) {
}
node := cfg.Node
servercfg := cfg.Server
//servercfg := cfg.Server
if cfg.Node.IPForwarding == "yes" && !ncutils.IsWindows() {
if err = local.SetIPForwarding(); err != nil {
@ -241,9 +242,9 @@ func Pull(network string, manual bool) (*models.Node, error) {
}
}
}
if ncutils.IsLinux() {
setDNS(&resNode, servercfg, &cfg.Node)
}
//if ncutils.IsLinux() {
// setDNS(&resNode, servercfg, &cfg.Node)
//}
var bkupErr = config.SaveBackup(network)
if bkupErr != nil {
ncutils.Log("unable to update backup file")

84
netclient/functions/common.go
View file

@ -1,15 +1,11 @@
package functions
import (
"context"
"encoding/json"
"errors"
"fmt"
"log"
"net"
"os"
"os/exec"
"strings"
nodepb "github.com/gravitl/netmaker/grpc"
"github.com/gravitl/netmaker/models"
@ -23,10 +19,6 @@ import (
"google.golang.org/grpc/metadata"
)
var (
wcclient nodepb.NodeServiceClient
)
// ListPorts - lists ports of WireGuard devices
func ListPorts() error {
wgclient, err := wgctrl.New()
@ -103,30 +95,31 @@ func getPrivateAddrBackup() (string, error) {
}
}
if !found {
err := errors.New("Local Address Not Found.")
err := errors.New("local ip address not found")
return "", err
}
return local, err
}
func needInterfaceUpdate(ctx context.Context, mac string, network string, iface string) (bool, string, error) {
var header metadata.MD
req := &nodepb.Object{
Data: mac + "###" + network,
Type: nodepb.STRING_TYPE,
}
readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
if err != nil {
return false, "", err
}
var resNode models.Node
if err := json.Unmarshal([]byte(readres.Data), &resNode); err != nil {
return false, iface, err
}
oldiface := resNode.Interface
// DEPRECATED
// func needInterfaceUpdate(ctx context.Context, mac string, network string, iface string) (bool, string, error) {
// var header metadata.MD
// req := &nodepb.Object{
// Data: mac + "###" + network,
// Type: nodepb.STRING_TYPE,
// }
// readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
// if err != nil {
// return false, "", err
// }
// var resNode models.Node
// if err := json.Unmarshal([]byte(readres.Data), &resNode); err != nil {
// return false, iface, err
// }
// oldiface := resNode.Interface
return iface != oldiface, oldiface, err
}
// return iface != oldiface, oldiface, err
// }
// GetNode - gets node locally
func GetNode(network string) models.Node {
@ -244,22 +237,7 @@ func RemoveLocalInstance(cfg *config.ClientConfig, networkName string) error {
// DeleteInterface - delete an interface of a network
func DeleteInterface(ifacename string, postdown string) error {
var err error
if !ncutils.IsKernel() {
err = wireguard.RemoveConf(ifacename, true)
} else {
ipExec, errN := exec.LookPath("ip")
err = errN
if err != nil {
ncutils.PrintLog(err.Error(), 1)
}
_, err = ncutils.RunCmd(ipExec+" link del "+ifacename, false)
if postdown != "" {
runcmds := strings.Split(postdown, "; ")
err = ncutils.RunCmds(runcmds, true)
}
}
return err
return wireguard.RemoveConf(ifacename, true)
}
// WipeLocal - wipes local instance
@ -271,27 +249,11 @@ func WipeLocal(network string) error {
nodecfg := cfg.Node
ifacename := nodecfg.Interface
if ifacename != "" {
if !ncutils.IsKernel() {
if err = wireguard.RemoveConf(ifacename, true); err == nil {
ncutils.PrintLog("removed WireGuard interface: "+ifacename, 1)
}
} else {
ipExec, err := exec.LookPath("ip")
if err != nil {
return err
}
out, err := ncutils.RunCmd(ipExec+" link del "+ifacename, false)
dontprint := strings.Contains(out, "does not exist") || strings.Contains(out, "Cannot find device")
if err != nil && !dontprint {
ncutils.PrintLog("error running command: "+ipExec+" link del "+ifacename, 1)
ncutils.PrintLog(out, 1)
}
if nodecfg.PostDown != "" {
runcmds := strings.Split(nodecfg.PostDown, "; ")
_ = ncutils.RunCmds(runcmds, false)
}
if err = wireguard.RemoveConf(ifacename, true); err == nil {
ncutils.PrintLog("removed WireGuard interface: "+ifacename, 1)
}
}
home := ncutils.GetNetclientPathSpecific()
if ncutils.FileExists(home + "netconfig-" + network) {
_ = os.Remove(home + "netconfig-" + network)

4
netclient/functions/join.go
View file

@ -83,9 +83,9 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
}
}
if ncutils.IsLinux() {
_, err := exec.LookPath("resolvectl")
_, err := exec.LookPath("resolvconf")
if err != nil {
ncutils.PrintLog("resolvectl not present", 2)
ncutils.PrintLog("resolvconf not present", 2)
ncutils.PrintLog("unable to configure DNS automatically, disabling automated DNS management", 2)
cfg.Node.DNSOn = "no"
}

3
netclient/local/dns.go
View file

@ -1,7 +1,6 @@
package local
import (
"io/ioutil"
"os"
"strings"
@ -14,7 +13,7 @@ import (
// SetDNS - sets the DNS of a local machine
func SetDNS(nameserver string) error {
bytes, err := ioutil.ReadFile("/etc/resolv.conf")
bytes, err := os.ReadFile("/etc/resolv.conf")
if err != nil {
return err
}

2
netclient/local/local.go
View file

@ -25,7 +25,7 @@ func SetIPForwarding() error {
case "darwin":
err = SetIPForwardingMac()
default:
err = errors.New("This OS is not supported")
err = errors.New("this OS is not currently supported")
}
return err
}

2
netclient/main.go
View file

@ -18,7 +18,7 @@ func main() {
app := cli.NewApp()
app.Name = "Netclient CLI"
app.Usage = "Netmaker's netclient agent and CLI. Used to perform interactions with Netmaker server and set local WireGuard config."
app.Version = "v0.9.2"
app.Version = "v0.9.3"
cliFlags := cli_options.GetFlags(ncutils.GetHostname())
app.Commands = cli_options.GetCommands(cliFlags[:])

5
netclient/ncutils/netclientutils.go
View file

@ -5,7 +5,6 @@ import (
"errors"
"fmt"
"io"
"io/ioutil"
"log"
"math/rand"
"net"
@ -132,7 +131,7 @@ func GetPublicIP() (string, error) {
}
defer resp.Body.Close()
if resp.StatusCode == http.StatusOK {
bodyBytes, err := ioutil.ReadAll(resp.Body)
bodyBytes, err := io.ReadAll(resp.Body)
if err != nil {
continue
}
@ -409,7 +408,7 @@ func PrintLog(message string, loglevel int) {
// GetSystemNetworks - get networks locally
func GetSystemNetworks() ([]string, error) {
var networks []string
files, err := ioutil.ReadDir(GetNetclientPathSpecific())
files, err := os.ReadDir(GetNetclientPathSpecific())
if err != nil {
return networks, err
}

15
netclient/ncutils/netclientutils_darwin.go
View file

@ -7,6 +7,7 @@ import (
"strconv"
"strings"
"github.com/gravitl/netmaker/models"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)
@ -33,12 +34,12 @@ func GetEmbedded() error {
return nil
}
// CreateUserSpaceConf - creates a user space WireGuard conf
func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(perskeepalive, peers)
// CreateWireGuardConf - creates a WireGuard conf string
func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(node.PersistentKeepalive, peers)
var listenPortString string
if mtu <= 0 {
mtu = 1280
if node.MTU <= 0 {
node.MTU = 1280
}
if listenPort != "" {
listenPortString += "ListenPort = " + listenPort
@ -55,9 +56,9 @@ MTU = %s
%s
`,
address+"/32",
node.Address+"/32",
privatekey,
strconv.Itoa(int(mtu)),
strconv.Itoa(int(node.MTU)),
listenPortString,
peersString)
return config, nil

18
netclient/ncutils/netclientutils_freebsd.go
View file

@ -3,13 +3,15 @@ package ncutils
import (
"context"
"fmt"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"log"
"os/exec"
"strconv"
"strings"
"syscall"
"time"
"github.com/gravitl/netmaker/models"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)
// RunCmdFormatted - run a command formatted for freebsd
@ -41,12 +43,12 @@ func RunCmd(command string, printerr bool) (string, error) {
return string(out), err
}
// CreateUserSpaceConf - creates a user space WireGuard conf
func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(perskeepalive, peers)
// CreateWireGuardConf - creates a WireGuard conf string
func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(node.PersistentKeepalive, peers)
var listenPortString string
if mtu <= 0 {
mtu = 1280
if node.MTU <= 0 {
node.MTU = 1280
}
if listenPort != "" {
listenPortString += "ListenPort = " + listenPort
@ -63,9 +65,9 @@ MTU = %s
%s
`,
address+"/32",
node.Address+"/32",
privatekey,
strconv.Itoa(int(mtu)),
strconv.Itoa(int(node.MTU)),
listenPortString,
peersString)
return config, nil

36
netclient/ncutils/netclientutils_linux.go
View file

@ -2,11 +2,11 @@ package ncutils
import (
"fmt"
"log"
"os/exec"
"strconv"
"strings"
"github.com/gravitl/netmaker/models"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)
@ -17,8 +17,8 @@ func RunCmd(command string, printerr bool) (string, error) {
cmd.Wait()
out, err := cmd.CombinedOutput()
if err != nil && printerr {
log.Println("error running command:", command)
log.Println(strings.TrimSuffix(string(out), "\n"))
Log(fmt.Sprintf("error running command: %s", command))
Log(strings.TrimSuffix(string(out), "\n"))
}
return string(out), err
}
@ -33,16 +33,24 @@ func GetEmbedded() error {
return nil
}
// CreateUserSpaceConf - creates a user space WireGuard conf
func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(perskeepalive, peers)
var listenPortString string
if mtu <= 0 {
mtu = 1280
// CreateWireGuardConf - creates a user space WireGuard conf
func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(node.PersistentKeepalive, peers)
var listenPortString, postDownString, postUpString string
if node.MTU <= 0 {
node.MTU = 1280
}
if node.PostDown != "" {
postDownString = fmt.Sprintf("PostDown = %s", node.PostDown)
}
if node.PostUp != "" {
postUpString = fmt.Sprintf("PostUp = %s", node.PostUp)
}
if listenPort != "" {
listenPortString += "ListenPort = " + listenPort
listenPortString = fmt.Sprintf("ListenPort = %s", listenPort)
}
if err != nil {
return "", err
}
@ -51,13 +59,17 @@ Address = %s
PrivateKey = %s
MTU = %s
%s
%s
%s
%s
`,
address+"/32",
node.Address+"/32",
privatekey,
strconv.Itoa(int(mtu)),
strconv.Itoa(int(node.MTU)),
postDownString,
postUpString,
listenPortString,
peersString)
return config, nil

15
netclient/ncutils/netclientutils_windows.go
View file

@ -10,6 +10,7 @@ import (
"strings"
"syscall"
"github.com/gravitl/netmaker/models"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)
@ -47,12 +48,12 @@ func RunCmdFormatted(command string, printerr bool) (string, error) {
return string(out), err
}
// CreateUserSpaceConf - creates a user space WireGuard conf
func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(perskeepalive, peers)
// CreateWireGuardConf - creates a WireGuard conf string
func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
peersString, err := parsePeers(node.PersistentKeepalive, peers)
var listenPortString string
if mtu <= 0 {
mtu = 1280
if node.MTU <= 0 {
node.MTU = 1280
}
if listenPort != "" {
listenPortString += "ListenPort = " + listenPort
@ -69,9 +70,9 @@ MTU = %s
%s
`,
address+"/32",
node.Address+"/32",
privatekey,
strconv.Itoa(int(mtu)),
strconv.Itoa(int(node.MTU)),
listenPortString,
peersString)
return config, nil

5
netclient/ncwindows/windows.go
View file

@ -1,7 +1,6 @@
package ncwindows
import (
"io/ioutil"
"log"
"os"
@ -24,12 +23,12 @@ func InitWindows() {
if os.IsNotExist(dataNetclientErr) { // check and see if netclient.exe is in appdata
if currentNetclientErr == nil { // copy it if it exists locally
input, err := ioutil.ReadFile(wdPath + "\\netclient.exe")
input, err := os.ReadFile(wdPath + "\\netclient.exe")
if err != nil {
log.Println("failed to find netclient.exe")
return
}
if err = ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0644); err != nil {
if err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0644); err != nil {
log.Println("failed to copy netclient.exe to", ncutils.GetNetclientPath())
return
}

2
netclient/netclient.exe.manifest.xml
View file

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<assemblyIdentity
version="0.9.2.0"
version="0.9.3.0"
processorArchitecture="*"
name="netclient.exe"
type="win32"

5
netclient/server/grpc.go
View file

@ -50,6 +50,9 @@ func CheckIn(network string) (*models.Node, error) {
// == run client action ==
var header metadata.MD
ctx, err := auth.SetJWT(wcclient, network)
if err != nil {
return nil, err
}
nodeData, err := json.Marshal(&node)
if err != nil {
return nil, err
@ -123,7 +126,7 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
}
keepalive := nodecfg.PersistentKeepalive
keepalivedur, err := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
keepalivedur, _ := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
keepaliveserver, err := time.ParseDuration(strconv.FormatInt(int64(5), 10) + "s")
if err != nil {
log.Fatalf("Issue with format of keepalive value. Please update netconfig: %v", err)

2
netclient/versioninfo.json
View file

@ -29,7 +29,7 @@
"OriginalFilename": "",
"PrivateBuild": "",
"ProductName": "Netclient",
"ProductVersion": "v0.9.2.0",
"ProductVersion": "v0.9.3.0",
"SpecialBuild": ""
},
"VarFileInfo": {

209
netclient/wireguard/common.go
View file

@ -2,11 +2,8 @@ package wireguard
import (
"errors"
"fmt"
"io/ioutil"
"log"
"os"
"os/exec"
"runtime"
"strconv"
"strings"
@ -121,7 +118,6 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
return err
}
nodecfg := modcfg.Node
servercfg := modcfg.Server
if err != nil {
log.Fatalf("failed to open client: %v", err)
@ -138,167 +134,73 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
if node.Address == "" {
log.Fatal("no address to configure")
}
nameserver := servercfg.CoreDNSAddr
network := node.Network
if nodecfg.Network != "" {
network = nodecfg.Network
} else if node.Network != "" {
network = node.Network
}
if ncutils.IsKernel() {
setKernelDevice(ifacename, node.Address)
}
nodeport := int(node.ListenPort)
conf := wgtypes.Config{}
if nodecfg.UDPHolePunch == "yes" &&
nodecfg.IsServer == "no" &&
nodecfg.IsIngressGateway != "yes" &&
nodecfg.IsStatic != "yes" {
conf = wgtypes.Config{
PrivateKey: &key,
ReplacePeers: true,
Peers: peers,
}
var newConf string
if node.UDPHolePunch != "yes" {
newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), peers)
} else {
conf = wgtypes.Config{
PrivateKey: &key,
ListenPort: &nodeport,
ReplacePeers: true,
Peers: peers,
}
newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), "", peers)
}
if !ncutils.IsKernel() {
var newConf string
if node.UDPHolePunch != "yes" {
newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, node.PersistentKeepalive, peers)
} else {
newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), "", node.MTU, node.PersistentKeepalive, peers)
}
confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
ncutils.PrintLog("writing wg conf file to: "+confPath, 1)
err = ioutil.WriteFile(confPath, []byte(newConf), 0644)
confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
ncutils.PrintLog("writing wg conf file to: "+confPath, 1)
err = os.WriteFile(confPath, []byte(newConf), 0644)
if err != nil {
ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
return err
}
if ncutils.IsWindows() {
wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
err = os.WriteFile(wgConfPath, []byte(newConf), 0644)
if err != nil {
ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
ncutils.PrintLog("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
return err
}
if ncutils.IsWindows() {
wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
confPath = wgConfPath
}
// spin up userspace / windows interface + apply the conf file
var deviceiface string
if ncutils.IsMac() {
deviceiface, err = local.GetMacIface(node.Address)
if err != nil || deviceiface == "" {
deviceiface = ifacename
}
}
if syncconf {
err = SyncWGQuickConf(ifacename, confPath)
} else {
d, _ := wgclient.Device(deviceiface)
for d != nil && d.Name == deviceiface {
RemoveConf(ifacename, false) // remove interface first
time.Sleep(time.Second >> 2)
d, _ = wgclient.Device(deviceiface)
}
if !ncutils.IsWindows() {
err = ApplyConf(confPath)
if err != nil {
ncutils.PrintLog("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
ncutils.PrintLog("failed to create wireguard interface", 1)
return err
}
confPath = wgConfPath
}
// spin up userspace / windows interface + apply the conf file
var deviceiface string
if ncutils.IsMac() {
deviceiface, err = local.GetMacIface(node.Address)
if err != nil || deviceiface == "" {
deviceiface = ifacename
}
}
if syncconf {
log.Println("syncing conf")
err = SyncWGQuickConf(ifacename, confPath)
} else {
d, _ := wgclient.Device(deviceiface)
for d != nil && d.Name == deviceiface {
_ = RemoveConf(ifacename, false) // remove interface first
time.Sleep(time.Second >> 2)
d, _ = wgclient.Device(deviceiface)
}
if !ncutils.IsWindows() {
var output string
starttime := time.Now()
RemoveConf(ifacename, false)
time.Sleep(time.Second >> 2)
ncutils.PrintLog("waiting for interface...", 1)
for !strings.Contains(output, ifacename) && !(time.Now().After(starttime.Add(time.Duration(10) * time.Second))) {
output, _ = ncutils.RunCmd("wg", false)
err = ApplyConf(confPath)
if err != nil {
ncutils.PrintLog("failed to create wireguard interface", 1)
return err
}
} else {
var output string
starttime := time.Now()
RemoveConf(ifacename, false)
time.Sleep(time.Second >> 2)
ncutils.PrintLog("waiting for interface...", 1)
for !strings.Contains(output, ifacename) && !(time.Now().After(starttime.Add(time.Duration(10) * time.Second))) {
output, _ = ncutils.RunCmd("wg", false)
err = ApplyConf(confPath)
time.Sleep(time.Second)
}
if !strings.Contains(output, ifacename) {
return errors.New("could not create wg interface for " + ifacename)
}
ip, mask, err := ncutils.GetNetworkIPMask(nodecfg.NetworkSettings.AddressRange)
if err != nil {
log.Println(err.Error())
return err
}
ncutils.RunCmd("route add "+ip+" mask "+mask+" "+node.Address, true)
time.Sleep(time.Second >> 2)
ncutils.RunCmd("route change "+ip+" mask "+mask+" "+node.Address, true)
time.Sleep(time.Second)
}
}
} else {
ipExec, err := exec.LookPath("ip")
if err != nil {
return err
}
_, err = wgclient.Device(ifacename)
if err != nil {
if os.IsNotExist(err) {
fmt.Println("Device does not exist: ")
fmt.Println(err)
} else {
log.Fatalf("Unknown config error: %v", err)
if !strings.Contains(output, ifacename) {
return errors.New("could not create wg interface for " + ifacename)
}
}
err = wgclient.ConfigureDevice(ifacename, conf)
if err != nil {
if os.IsNotExist(err) {
fmt.Println("Device does not exist: ")
fmt.Println(err)
} else {
fmt.Printf("This is inconvenient: %v", err)
ip, mask, err := ncutils.GetNetworkIPMask(nodecfg.NetworkSettings.AddressRange)
if err != nil {
log.Println(err.Error())
return err
}
}
//=========DNS Setup==========\\
if nodecfg.DNSOn == "yes" {
_ = local.UpdateDNS(ifacename, network, nameserver)
}
//=========End DNS Setup=======\\
if _, err := ncutils.RunCmd(ipExec+" link set down dev "+ifacename, false); err != nil {
ncutils.Log("attempted to remove interface before editing")
return err
}
if nodecfg.PostDown != "" {
runcmds := strings.Split(nodecfg.PostDown, "; ")
_ = ncutils.RunCmds(runcmds, true)
}
// set MTU of node interface
if _, err := ncutils.RunCmd(ipExec+" link set mtu "+strconv.Itoa(int(nodecfg.MTU))+" up dev "+ifacename, true); err != nil {
ncutils.Log("failed to create interface with mtu " + ifacename)
return err
}
if nodecfg.PostUp != "" {
runcmds := strings.Split(nodecfg.PostUp, "; ")
_ = ncutils.RunCmds(runcmds, true)
}
if hasGateway {
for _, gateway := range gateways {
_, _ = ncutils.RunCmd(ipExec+" -4 route add "+gateway+" dev "+ifacename, true)
}
}
if node.Address6 != "" && node.IsDualStack == "yes" {
log.Println("[netclient] adding address: "+node.Address6, 1)
_, _ = ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+node.Address6+"/64", true)
ncutils.RunCmd("route add "+ip+" mask "+mask+" "+node.Address, true)
time.Sleep(time.Second >> 2)
ncutils.RunCmd("route change "+ip+" mask "+mask+" "+node.Address, true)
}
}
@ -345,6 +247,9 @@ func SetWGConfig(network string, peerupdate bool) error {
} else {
err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways, false)
}
if nodecfg.DNSOn == "yes" {
_ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr)
}
return err
}

21
netclient/wireguard/kernel.go
View file

@ -1,21 +0,0 @@
package wireguard
import (
"os/exec"
"github.com/gravitl/netmaker/netclient/ncutils"
//homedir "github.com/mitchellh/go-homedir"
)
func setKernelDevice(ifacename string, address string) error {
ipExec, err := exec.LookPath("ip")
if err != nil {
return err
}
_, _ = ncutils.RunCmd("ip link delete dev "+ifacename, false)
_, _ = ncutils.RunCmd(ipExec+" link add dev "+ifacename+" type wireguard", true)
_, _ = ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address+"/24", true)
return nil
}

10
netclient/wireguard/unix.go
View file

@ -1,7 +1,7 @@
package wireguard
import (
"io/ioutil"
"fmt"
"log"
"os"
"regexp"
@ -67,7 +67,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
}
regex := regexp.MustCompile(".*Warning.*\n")
conf := regex.ReplaceAllString(confRaw, "")
err = ioutil.WriteFile(tmpConf, []byte(conf), 0644)
err = os.WriteFile(tmpConf, []byte(conf), 0644)
if err != nil {
return err
}
@ -86,7 +86,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
// RemoveWGQuickConf - calls wg-quick down
func RemoveWGQuickConf(confPath string, printlog bool) error {
_, err := ncutils.RunCmd("wg-quick down "+confPath, printlog)
_, err := ncutils.RunCmd(fmt.Sprintf("wg-quick down %s", confPath), printlog)
return err
}
@ -94,12 +94,12 @@ func RemoveWGQuickConf(confPath string, printlog bool) error {
func StorePrivKey(key string, network string) error {
var err error
d1 := []byte(key)
err = ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0644)
err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0644)
return err
}
// RetrievePrivKey - reads wg priv key from local disk
func RetrievePrivKey(network string) (string, error) {
dat, err := ioutil.ReadFile(ncutils.GetNetclientPathSpecific() + "wgkey-" + network)
dat, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "wgkey-" + network)
return string(dat), err
}

2
scripts/nm-quick.sh
View file

@ -50,7 +50,7 @@ elif [ -f /etc/fedora-release ]; then
dnf update
fi
dependencies=("docker.io" "docker-compose" "wireguard" "jq")
dependencies=("docker.io" "docker-compose" "wireguard" "jq" "resolvconf")

27
servercfg/serverconf.go
View file

@ -2,7 +2,7 @@ package servercfg
import (
"errors"
"io/ioutil"
"io"
"net"
"net/http"
"os"
@ -80,6 +80,11 @@ func GetServerConfig() config.ServerConfig {
cfg.ClientID = authInfo[1]
cfg.ClientSecret = authInfo[2]
cfg.FrontendURL = GetFrontendURL()
if GetRce() {
cfg.RCE = "on"
} else {
cfg.RCE = "off"
}
return cfg
}
@ -108,7 +113,7 @@ func GetAPIConnString() string {
// GetVersion - version of netmaker
func GetVersion() string {
version := "0.9.2"
version := "0.9.3"
if config.Config.Server.Version != "" {
version = config.Config.Server.Version
}
@ -412,7 +417,7 @@ func GetPublicIP() (string, error) {
}
defer resp.Body.Close()
if resp.StatusCode == http.StatusOK {
bodyBytes, err := ioutil.ReadAll(resp.Body)
bodyBytes, err := io.ReadAll(resp.Body)
if err != nil {
continue
}
@ -502,6 +507,17 @@ func GetAuthProviderInfo() []string {
return []string{"", "", ""}
}
// GetAzureTenant - retrieve the azure tenant ID from env variable or config file
func GetAzureTenant() string {
var azureTenant = ""
if os.Getenv("AZURE_TENANT") != "" {
azureTenant = os.Getenv("AZURE_TENANT")
} else if config.Config.Server.AzureTenant != "" {
azureTenant = config.Config.Server.AzureTenant
}
return azureTenant
}
// GetMacAddr - get's mac address
func getMacAddr() string {
ifas, err := net.Interfaces()
@ -517,3 +533,8 @@ func getMacAddr() string {
}
return as[0]
}
// GetRce - sees if Rce is enabled, off by default
func GetRce() bool {
return os.Getenv("RCE") == "on" || config.Config.Server.RCE == "on"
}