gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-07 05:34:38 +08:00
Code Issues Projects Releases Packages Wiki Activity

netclient working for ingress controller

Browse source
This commit is contained in:
afeiszli 2021-05-27 15:00:56 -04:00
commit a842f4a32b
22 changed files with 410 additions and 793 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
compose/docker-compose.localserver.yml Normal file
View file

@ -0,0 +1,26 @@
version: "3.4"
volumes:
dnsconfig:
driver: local
services:
mongodb:
image: mongo:4.2
ports:
- "27017:27017"
container_name: mongodb
volumes:
- mongovol:/data/db
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: mongoadmin
MONGO_INITDB_ROOT_PASSWORD: mongopass
netmaker-ui:
container_name: netmaker-ui
image: gravitl/netmaker-ui:v0.3
ports:
- "80:80"
environment:
BACKEND_URL: "http://34.228.52.243:8081"
volumes:
mongovol: {}

54
compose/docker-compose.noclient.yml Normal file
View file

@ -0,0 +1,54 @@
version: "3.4"
volumes:
dnsconfig:
driver: local
services:
mongodb:
image: mongo:4.2
ports:
- "27017:27017"
container_name: mongodb
volumes:
- mongovol:/data/db
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: mongoadmin
MONGO_INITDB_ROOT_PASSWORD: mongopass
netmaker:
container_name: netmaker
ports:
- "8081:8081"
- "50051:50051"
depends_on:
- mongodb
image: gravitl/netmaker:v0.3
restart: always
environment:
SERVER_HOST: "HOST_IP"
CLIENT_MODE: "off"
netmaker-ui:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.3
links:
- "netmaker:api"
ports:
- "80:80"
environment:
BACKEND_URL: "http://HOST_IP:8081"
coredns:
depends_on:
- netmaker
image: coredns/coredns
command: -conf /root/dnsconfig/Corefile
container_name: coredns
restart: always
ports:
- "53:53/udp"
volumes:
- dnsconfig:/root/dnsconfig
volumes:
mongovol: {}
dnsconfig: {}

3
docker-compose.nodns.yml → compose/docker-compose.nodns.yml
View file

@ -36,7 +36,6 @@ services:
restart: always
network_mode: host
environment:
CLIENT_MODE: "off"
DNS_MODE: "off"
netmaker-ui:
container_name: netmaker-ui
@ -48,7 +47,7 @@ services:
ports:
- "80:80"
environment:
BACKEND_URL: "http://your-backend:8081"
BACKEND_URL: "http://HOST_IP:8081"
volumes:
mongovol: {}
dnsconfig: {}

78
compose/docker-compose.reference.yml Normal file
View file

@ -0,0 +1,78 @@
version: "3.4"
services:
mongodb: # The MongoDB Instance that backs up Netmaker
image: mongo:4.2
ports:
- "27017:27017" # Port Mapping for MongoDB. Can be modified, but be sure to change the MONGO_PORT env var in netmaker
container_name: mongodb
volumes:
- mongovol:/data/db
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: mongoadmin # Default username. Recommend changing for production installs. You will need to set MONGO_ADMIN netmaker env var.
MONGO_INITDB_ROOT_PASSWORD: mongopass # Default password. Recommend changing for production installs. You will need to set MONGO_PASS netmaker env var.
netmaker: # The Primary Server for running Netmaker
privileged: true # Necessary to run sudo/root level commands on host system. Take out if not running with CLIENT_MODE=on
container_name: netmaker
depends_on:
- mongodb
image: gravitl/netmaker:v0.3
volumes: # Volume mounts necessary for CLIENT_MODE to control netclient, wireguard, and networking on host (except dnsconfig, which is where dns config files are stored for use by CoreDNS)
- ./:/local
- /etc/netclient:/etc/netclient
- dnsconfig:/root/config/dnsconfig # Netmaker writes Corefile to this location, which gets mounted by CoreDNS for DNS configuration.
- /usr/bin/wg:/usr/bin/wg
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /run/systemd/system:/run/systemd/system
- /etc/systemd/system:/etc/systemd/system
- /sys/fs/cgroup:/sys/fs/cgroup
cap_add: # Necessary for CLIENT_MODE. Should be removed if turned off.
- NET_ADMIN
- SYS_MODULE
restart: always
network_mode: host # Necessary for CLIENT_MODE. Should be removed if turned off, but then need to add port mappings
environment:
SERVER_HOST: "" # All the Docker Compose files pre-populate this with HOST_IP, which you replace as part of the install instructions. This will set both HTTP and GRPC host.
SERVER_HTTP_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
SERVER_GRPC_HOST: "127.0.0.1" # Overrides SERVER_HOST if set. Useful for making HTTP and GRPC available via different interfaces/networks.
API_PORT: 8081 # The HTTP API port for Netmaker. Used for API calls / communication from front end. If changed, need to change port of BACKEND_URL for netmaker-ui.
GRPC_PORT: 50051 # The GRPC port for Netmaker. Used for communications from nodes.
MASTER_KEY: "secretkey" # The admin master key for accessing the API. Change this in any production installation.
CORS_ALLOWED_ORIGIN: "*" # The "allowed origin" for API requests. Change to restrict where API requests can come from.
REST_BACKEND: "on" # Enables the REST backend (API running on API_PORT at SERVER_HTTP_HOST). Change to "off" to turn off.
AGENT_BACKEND: "on" # Enables the AGENT backend (GRPC running on GRPC_PORT at SERVER_GRPC_HOST). Change to "off" to turn off.
CLIENT_MODE: "on" # Enables Client Mode, meaning netclient will be deployed on server and will be manageable from UI. Change to "off" to turn off.
DNS_MODE: "on" # Enables DNS Mode, meaning config files will be generated for CoreDNS. Note, turning "off" does not remove CoreDNS. You still need to remove CoreDNS from compose file.
DISABLE_REMOTE_IP_CHECK: "off" # If turned "on", Server will not set Host based on remote IP check. This is already overridden if SERVER_HOST is set. Turned "off" by default.
MONGO_ADMIN: "mongoadmin" # Admin user for MongoDB. Change to match above MongoDB instance
MONGO_PASS: "mongopass" # Admin password for MongoDB. Change to match above MongoDB instance
MONGO_HOST: "127.0.0.1" # Address of MongoDB. Change if necessary.
MONGO_PORT: "27017" # Port of MongoDB. Change if necessary.
MONGO_OPTS: "/?authSource=admin" # Opts to enable admin login for Mongo.
netmaker-ui: # The Netmaker UI Component
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.3
links:
- "netmaker:api"
ports:
- "80:80"
environment:
BACKEND_URL: "http://HOST_IP:8081" # URL where UI will send API requests. Change based on SERVER_HOST, SERVER_HTTP_HOST, and API_PORT
MASTER_KEY: "secretkey" # Master Key for API calls. Will be removed in v0.3.5
coredns: # The DNS Server. Remove this section if DNS_MODE="off"
depends_on:
- netmaker
image: coredns/coredns
command: -conf /root/dnsconfig/Corefile # Config location for Corefile. This is the path of file which is also mounted to Netmaker for modification.
container_name: coredns
restart: always
ports:
- "53:53/udp" # Likely needs to run at port 53 for adequate nameserver usage.
volumes:
- dnsconfig:/root/dnsconfig
volumes:
mongovol: {}
dnsconfig: {}

42
compose/docker-compose.server-only.yml Normal file
View file

@ -0,0 +1,42 @@
version: "3.4"
volumes:
dnsconfig:
driver: local
services:
mongodb:
image: mongo:4.2
ports:
- "27017:27017"
container_name: mongodb
volumes:
- mongovol:/data/db
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: mongoadmin
MONGO_INITDB_ROOT_PASSWORD: mongopass
netmaker:
container_name: netmaker
depends_on:
- mongodb
image: gravitl/netmaker:v0.3
ports:
- "8081:8081"
- "50051:50051"
volumes:
- ./:/local
- /etc/netclient:/etc/netclient
- dnsconfig:/root/config/dnsconfig
- /usr/bin/wg:/usr/bin/wg:ro
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /run/systemd/system:/run/systemd/system
- /etc/systemd/system:/etc/systemd/system
- /sys/fs/cgroup:/sys/fs/cgroup
restart: always
environment:
CLIENT_MODE: "off"
DNS_MODE: "off"
SERVER_HOST: "localhost"
volumes:
mongovol: {}
dnsconfig: {}

43
compose/docker-compose.slim.yml Normal file
View file

@ -0,0 +1,43 @@
version: "3.4"
volumes:
dnsconfig:
driver: local
services:
mongodb:
image: mongo:4.2
ports:
- "27017:27017"
container_name: mongodb
volumes:
- mongovol:/data/db
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: mongoadmin
MONGO_INITDB_ROOT_PASSWORD: mongopass
netmaker:
container_name: netmaker
ports:
- "8081:8081"
- "50051:50051"
depends_on:
- mongodb
image: gravitl/netmaker:v0.3
restart: always
environment:
SERVER_HOST: "HOST_IP"
DNS_MODE: "off"
CLIENT_MODE: "off"
netmaker-ui:
container_name: netmaker-ui
depends_on:
- netmaker
image: gravitl/netmaker-ui:v0.3
links:
- "netmaker:api"
ports:
- "80:80"
environment:
BACKEND_URL: "http://HOST_IP:8081"
volumes:
mongovol: {}

8
docker-compose.yml → compose/docker-compose.yml
View file

@ -22,16 +22,18 @@ services:
- ./:/local
- /etc/netclient:/etc/netclient
- dnsconfig:/root/config/dnsconfig
- /usr/bin/wg:/usr/bin/wg:ro
- /usr/bin/wg:/usr/bin/wg
- /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
- /run/systemd/system:/run/systemd/system
- /etc/systemd/system:/etc/systemd/system
- /sys/fs/cgroup:/sys/fs/cgroup
cap_add:
cap_add:
- NET_ADMIN
- SYS_MODULE
restart: always
network_mode: host
environment:
SERVER_HOST: "HOST_IP"
netmaker-ui:
container_name: netmaker-ui
depends_on:
@ -42,7 +44,7 @@ services:
ports:
- "80:80"
environment:
BACKEND_URL: "http://your-ip:8081"
BACKEND_URL: "http://HOST_IP:8081"
coredns:
depends_on:
- netmaker

13
controllers/extClientHttpController.go
View file

@ -282,6 +282,12 @@ func CreateExtClient(extclient models.ExtClient) error {
extclient.ClientID = clientname
}
if extclient.ClientID == "" {
cid := StringWithCharset(7, charset)
clientid := "client-" + cid
extclient.ClientID = clientid
}
extclient.LastModified = time.Now().Unix()
collection := mongoconn.Client.Database("netmaker").Collection("extclients")
@ -289,6 +295,12 @@ func CreateExtClient(extclient models.ExtClient) error {
// insert our network into the network table
_, err := collection.InsertOne(ctx, extclient)
defer cancel()
if err != nil {
return err
}
err = SetNetworkNodesLastModified(extclient.Network)
return err
}
@ -441,4 +453,3 @@ const charset = "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ012345
var seededRand *rand.Rand = rand.New(
rand.NewSource(time.Now().UnixNano()))

195
controllers/serverClient.go
View file

@ -1,195 +0,0 @@
package controller
import (
"context"
"encoding/json"
"fmt"
// "fmt"
"net/http"
"time"
"strconv"
"github.com/gorilla/mux"
"github.com/gravitl/netmaker/functions"
"github.com/gravitl/netmaker/serverctl"
"github.com/gravitl/netmaker/servercfg"
"github.com/gravitl/netmaker/models"
"github.com/gravitl/netmaker/mongoconn"
"go.mongodb.org/mongo-driver/bson"
"go.mongodb.org/mongo-driver/mongo/options"
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
"github.com/skip2/go-qrcode"
)
func intClientHandlers(r *mux.Router) {
r.HandleFunc("/api/wgconf/{macaddress}", securityCheck(http.HandlerFunc(getWGClientConf))).Methods("GET")
r.HandleFunc("/api/register", securityCheck(http.HandlerFunc(registerClient))).Methods("POST")
}
//Get an individual extclient. Nothin fancy here folks.
func getWGClientConf(w http.ResponseWriter, r *http.Request) {
// set header.
w.Header().Set("Content-Type", "application/json")
var params = mux.Vars(r)
var extclient models.ExtClient
collection := mongoconn.Client.Database("netmaker").Collection("extclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
filter := bson.M{"network": "grpc", "clientid": params["clientid"]}
err := collection.FindOne(ctx, filter, options.FindOne().SetProjection(bson.M{"_id": 0})).Decode(&extclient)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
gwnode, err := functions.GetNodeByMacAddress(extclient.Network, extclient.IngressGatewayID)
if err != nil {
fmt.Println("Could not retrieve Ingress Gateway Node " + extclient.IngressGatewayID)
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
network, err := functions.GetParentNetwork(extclient.Network)
if err != nil {
fmt.Println("Could not retrieve Ingress Gateway Network " + extclient.Network)
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
keepalive := ""
if network.DefaultKeepalive != 0 {
keepalive = "PersistentKeepalive = " + strconv.Itoa(int(network.DefaultKeepalive))
}
gwendpoint := gwnode.Endpoint + ":" + strconv.Itoa(int(gwnode.ListenPort))
config := fmt.Sprintf(`[Interface]
Address = %s
PrivateKey = %s
[Peer]
PublicKey = %s
AllowedIPs = %s
Endpoint = %s
%s
`, extclient.Address + "/32",
extclient.PrivateKey,
gwnode.PublicKey,
network.AddressRange,
gwendpoint,
keepalive)
if params["type"] == "qr" {
bytes, err := qrcode.Encode(config, qrcode.Medium, 220)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
w.Header().Set("Content-Type", "image/png")
w.WriteHeader(http.StatusOK)
_, err = w.Write(bytes)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
return
}
if params["type"] == "file" {
name := extclient.ClientID + ".conf"
w.Header().Set("Content-Type", "application/config")
w.Header().Set("Content-Disposition", "attachment; filename=\"" + name + "\"")
w.WriteHeader(http.StatusOK)
_, err := fmt.Fprint(w, config)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
}
return
}
defer cancel()
w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(extclient)
}
func RegisterClient(client models.IntClient) (models.IntClient, error) {
if client.PrivateKey == "" {
privateKey, err := wgtypes.GeneratePrivateKey()
if err != nil {
return client, err
}
client.PrivateKey = privateKey.String()
client.PublicKey = privateKey.PublicKey().String()
}
if client.Address == "" {
newAddress, err := functions.UniqueAddress6(client.Network)
if err != nil {
return client, err
}
client.Address6 = newAddress
}
if client.Network == "" { client.Network = "comms" }
server, err := serverctl.GetServerWGConf()
if err != nil {
return client, err
}
client.ServerEndpoint = server.ServerEndpoint
client.ServerAddress = server.ServerAddress
client.ServerPort = server.ServerPort
client.ServerKey = server.ServerKey
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
// insert our network into the network table
_, err = collection.InsertOne(ctx, client)
defer cancel()
if err != nil {
return client, err
}
err = serverctl.ReconfigureServerWireGuard()
return client, err
}
func registerClient(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
var errorResponse = models.ErrorResponse{
Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
}
var clientreq models.IntClient
//get node from body of request
err := json.NewDecoder(r.Body).Decode(&clientreq)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
if servercfg.IsRegisterKeyRequired() {
validKey := functions.IsKeyValidGlobal(clientreq.AccessKey)
if !validKey {
errorResponse = models.ErrorResponse{
Code: http.StatusUnauthorized, Message: "W1R3: Key invalid, or none provided.",
}
returnErrorResponse(w, r, errorResponse)
return
}
}
client, err := RegisterClient(clientreq)
if err != nil {
returnErrorResponse(w, r, formatError(err, "internal"))
return
}
w.WriteHeader(http.StatusOK)
json.NewEncoder(w).Encode(client)
}

167
docs/API.md
View file

@ -1,167 +0,0 @@
# API Reference Doc
## GENERAL
Most actions that can be performed via API can be performed via UI. We recommend managing your networks using our official netmaker-ui project. That said, Netmaker is API based, and all functions can also be achieved via API calls. If you feel the need to work with Netmaker via API, we've provided some documentation below to help guide you.
#### Authentication
In general, API calls must be authenticated via a header of the format `-H "Authorization: Bearer <YOUR_SECRET_KEY>"` There are two methods of obtaining YOUR_SECRET_KEY:
1. Using the masterkey. By default, this value is "secret key," but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details.
2. Using a JWT recieved for a node. This can be retrieved by calling the `/api/nodes/<network>/authenticate` endpoint, as documented below.
#### Format
In general, requests will take the format of `curl -H "Authorization: Bearer <YOUR_SECRET_KEY>" -H 'Content-Type: application/json' localhost:8081/api/path/to/endpoint`
## NETWORKS
**Get All Networks:** `/api/networks`, `GET`
**Create Network:** `/api/network`, `POST`
**Get Network:** `/api/networks/{network id}`, `GET`
**Update Network:** `/api/networks/{network id}`, `PUT`
**Delete Network:** `/api/networks/{network id}`, `DELETE`
**Cycle PublicKeys on all Nodes:** `/api/networks/{network id}/keyupdate`, `POST`
### Network API Call Examples
**Get All Networks:** `curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks | jq`
**Create Network:** `curl -d '{"addressrange":"10.70.0.0/16","netid":"skynet"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks`
**Get Network:** `curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet | jq`
**Update Network:** `curl -X PUT -d '{"displayname":"my-house"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet`
**Delete Network:** `curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet`
**Cycle PublicKeys on all Nodes:** `curl -X POST -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keyupdate`
## ACCESS KEYS
**Get All Keys:** `/api/networks/{network id}/keys`, `GET`
**Create Key:** `/api/networks/{network id}/keys`, `GET`
**Delete Key:** `/api/networks/{network id}/keys/{keyname}`, `DELETE`
### Access Key API Call Examples
**Get All Keys:** `curl -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys | jq`
**Create Key:** `curl -d '{"uses":10,"name":"mykey"}' -H "Authorization: Bearer YOUR_SECRET_KEY" -H 'Content-Type: application/json' localhost:8081/api/networks/skynet/keys`
**Delete Key:** `curl -X DELETE -H "Authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/networks/skynet/keys/mykey`
## NODES (COMPUTERS)
**Get All Nodes:** `/api/nodes`, `GET`
**Get Network Nodes:** `/api/nodes/{network id}`, `GET`
**Create Node:** `/api/nodes/{network id}`, `POST`
**Get Node:** `/api/nodes/{network id}/{macaddress}`, `GET`
**Update Node:** `/api/nodes/{network id}/{macaddress}`, `PUT`
**Delete Node:** `/api/nodes/{network id}/{macaddress}`, `DELETE`
**Check In Node:** `/api/nodes/{network id}/{macaddress}/checkin`, `POST`
**Create a Gateway:** `/api/nodes/{network id}/{macaddress}/creategateway`, `POST`
**Delete a Gateway:** `/api/nodes/{network id}/{macaddress}/deletegateway`, `DELETE`
**Uncordon (Approve) a Pending Node:** `/api/nodes/{network id}/{macaddress}/uncordon`, `POST`
**Get Last Modified Date (Last Modified Node in Network):** `/api/nodes/adm/{network id}/lastmodified`, `GET`
**Authenticate:** `/api/nodes/adm/{network id}/authenticate`, `POST`
### Example Node API Calls
**Get All Nodes:**`curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes | jq`
**Get Network Nodes:** `curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet | jq`
**Create Node:** `curl -d '{ "endpoint": 100.200.100.200, "publickey": aorijqalrik3ajflaqrdajhkr,"macaddress": "8c:90:b5:06:f1:d9","password": "reallysecret","localaddress": "172.16.16.1","accesskey": "aA3bVG0rnItIRXDx","listenport": 6400}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet`
**Get Node:** `curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/nodes/skynet/{macaddress} | jq`
**Update Node:** `curl -X PUT -d '{"name":"laptop1"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9`
**Delete Node:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/skynet/nodes/8c:90:b5:06:f1:d9`
**Create a Gateway:** `curl -d '{ "rangestring": "172.31.0.0/16", "interface": "eth0"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/creategateway`
**Delete a Gateway:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/deletegateway`
**Approve a Pending Node:** `curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/skynet/8c:90:b5:06:f1:d9/approve`
**Get Last Modified Date (Last Modified Node in Network):** `curl -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/nodes/adm/skynet/lastmodified`
**Authenticate:** `curl -d '{"macaddress": "8c:90:b5:06:f1:d9", "password": "YOUR_PASSWORD"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate`
## USERS
**Note:** Only able to create Admin user at this time. The "user" is only used by the [user interface](https://github.com/gravitl/netmaker-ui) to authenticate the single admin user.
**Get User:** `/api/users/{username}`, `GET`
**Update User:** `/api/users/{username}`, `PUT`
**Delete User:** `/api/users/{username}`, `DELETE`
**Check for Admin User:** `/api/users/adm/hasadmin`, `GET`
**Create Admin User:** `/api/users/adm/createadmin`, `POST`
**Authenticate:** `/api/users/adm/authenticate`, `POST`
### Example User API Calls
**Get User:**`curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/{username} | jq`
**Update User:** `curl -X PUT -d '{"password":"noonewillguessthis"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username}`
**Delete User:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/{username}`
**Check for Admin User:**`curl -H "Authorization: Bearer YOUR_SECRET_KEY" http://localhost:8081/api/users/adm/hasadmin`
**Create Admin User:** `curl -d '{ "username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/users/adm/createadmin`
**Authenticate:** `curl -d '{"username": "smartguy", "password": "YOUR_PASS"}' -H 'Content-Type: application/json' localhost:8081/api/nodes/adm/skynet/authenticate`
## SERVER MGMT
The Server Mgmt. API allows you to add and remove the server from networks.
**Add to Network:** `/api/server/addnetwork/{network id}`, `POST`
**Remove from Network:** `/api/server/removenetwork/{network id}`, `DELETE`
**Add to Network:** `curl -X POST -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/addnetwork/{network id}`
**Remove from Network:** `curl -X DELETE -H "authorization: Bearer YOUR_SECRET_KEY" localhost:8081/api/server/removenetwork/{network id}`
## FILE SERVER
**Get File:** `/meshclient/files/{filename}`, `GET`
**Example:** `curl localhost:8081/meshclient/files/meshclient`

74
docs/CODE_OF_CONDUCT.md
View file

@ -1,74 +0,0 @@
## Code of Conduct
### Our Pledge
In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to making participation in our project and
our community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, gender identity and expression, level of experience,
nationality, personal appearance, race, religion, or sexual identity and
orientation.
### Our Standards
Examples of behavior that contributes to creating a positive environment
include:
* Using welcoming and inclusive language
* Being respectful of differing viewpoints and experiences
* Gracefully accepting constructive criticism
* Focusing on what is best for the community
* Showing empathy towards other community members
Examples of unacceptable behavior by participants include:
* The use of sexualized language or imagery and unwelcome sexual attention or
advances
* Trolling, insulting/derogatory comments, and personal or political attacks
* Public or private harassment
* Publishing others' private information, such as a physical or electronic
address, without explicit permission
* Other conduct which could reasonably be considered inappropriate in a
professional setting
### Our Responsibilities
Project maintainers are responsible for clarifying the standards of acceptable
behavior and are expected to take appropriate and fair corrective action in
response to any instances of unacceptable behavior.
Project maintainers have the right and responsibility to remove, edit, or
reject comments, commits, code, wiki edits, issues, and other contributions
that are not aligned to this Code of Conduct, or to ban temporarily or
permanently any contributor for other behaviors that they deem inappropriate,
threatening, offensive, or harmful.
### Scope
This Code of Conduct applies both within project spaces and in public spaces
when an individual is representing the project or its community. Examples of
representing a project or community include using an official project e-mail
address, posting via an official social media account, or acting as an appointed
representative at an online or offline event. Representation of a project may be
further defined and clarified by project maintainers.
### Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported by contacting the project team at info@gravitl.com. All
complaints will be reviewed and investigated and will result in a response that
is deemed necessary and appropriate to the circumstances. The project team is
obligated to maintain confidentiality with regard to the reporter of an incident.
Further details of specific enforcement policies may be posted separately.
Project maintainers who do not follow or enforce the Code of Conduct in good
faith may face temporary or permanent repercussions as determined by other
members of the project's leadership.
### Attribution
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
available at [http://contributor-covenant.org/version/1/4][version]
[homepage]: http://contributor-covenant.org
[version]: http://contributor-covenant.org/version/1/4/

28
docs/CONTRIBUTING.md
View file

@ -1,28 +0,0 @@
# Contributing to Netmaker
Welcome! If you're reading this, you might be wondering how to go about submitting some changes, whether those are features, bugfixes, or simple enhancements. You're in the right place. Please read below to learn more.
## Code of Conduct
Please read through our [code of conduct](./CODE_OF_CONDUCT.md), and when making contributions to the community, stay true to that text.
## Report bugs and requests [here](https://github.com/gravitl/netmaker/issues)
We use GitHub issues to track bugs, feature requests, and enhancements. If you think there's something missing or wrong with Netmaker, let us know! Try to add the appropriate tags and describe your issue thoroughly. If it's a feature request and we like it, we'll add it to the [roadmap](ROADMAP.md)
## Submitting a PR
We actively welcome contributions, and the way to do that is with a PR:
1. Fork the repo
2. Create a branch from `develop` based on what you are developing. In general this will be a feature or a bugfix branch, and should have the format of feature_vX.X_mynewfeature or bugfix_vX.X_mybugfix. Check the releases to see what minor version we are currently developing.
3. Do your thing
4. Document thoroughly
5. Issue a PR to `develop`
6. Sign the CLA
## Contributor License Agreement
When submitting a PR, you will be asked to sign a CLA, defined [here](https://gist.github.com/afeiszli/2f9f8133929e7d5574a9d892959d58a7). We've tried to make this as non-annoying as possible. This is adapted from the text used by the Apache Foundation in their CLA.
This project is evolving quickly and we may want to move to an MIT or GPL license at some point in the near future, which would be difficult without a CLA.
## Licensing
Any contributions you make will be under the SSPL Software License. When you submit code changes, you understand that they will be under the same license that covers this project, defined [here](../LICENSE.txt). If you have any concerns around this, feel free to contact the maintainers.

96
docs/ROADMAP.md
View file

@ -1,96 +0,0 @@
# FEATURE ROADMAP
### 0.1
**Server:**
- [x] Create Networks (virtual networks)
- [x] Allow default settings for nodes from networks
- [x] Admin/Superuser key
- [x] Create multiuse keys for node signup
- [x] JWT-based auth for post-signup
- [x] CRUD for networks
- [x] CRUD for nodes
- [x] Track all important info about node for networking (port, endpoints, pub key, etc)
- [x] Timestamps for determining if nodes need updates
**Agent:**
- [x] Self-installer
- [x] Determine default settings w/o user input
- [x] Systemd Service + timer
- [x] Check-in functionality to retrieve updates from server
- [x] Maintain list of up-to-date peers
- [x] Update WG interface
- [x] Config file for modifying node
### 0.2
- [x] Separate out README into DOCS folder with the following:
- [x] API Docs
- [x] Usage
- [ ] Advanced Usage
- [x] Contributing
- [ ] Roadmap
- [ ] Troubleshooting
**Server:**
- [x] Allow tracking multiple networks per node
- [ ] Configure Check-in thresholds
- [ ] Separate sign-up endpoint to allow VPN-only comms after joining network
- [ ] Swagger Docs
- [x] Build Out README
- [x] Encode Server, Port, and Network into Keys
- [ ] Switch to Unique ID for nodes instead of MacAddress
- [x] Public Key refresh
- [ ] Enable ipv6 addresses
- [x] Have a "default" network created at startup
**Agent:**
- [x] Test / get working on multiple linux platforms
- [ ] Set private DNS via etc hosts (node name + ip). Make it optional flag on agent.
- [x] Decode Server, Port, and Network from Key
- [ ] Service ID / unit file for SystemD Service
- [x] Allow multiple interfaces
- [ ] Use "Check in interval" from server
- [x] Pre-req check on machine (wg, port forwarding)
- [ ] Enable ipv6 addresses
### 0.3
**Server:**
- [ ] Swagger Docs
- [ ] Network/Node labels
- [ ] "Read Only" mode for nodes (can't update their settings centrally, only read)
- [ ] "No-GUI mode:" Similar to existing, just do more e2e testing and make sure flow makes sense
- [ ] Let users set prefixes (node, interface)
**Agent:**
- [ ] Do system calls instead of direct commands
- [ ] Add a prompt for easy setup
### 0.4
**Server:**
- [ ] Private DNS
- [ ] UDP Hole-Punching (via WGSD: https://github.com/jwhited/wgsd )
- [ ] "Read Only" mode for nodes (can't update their settings centrally, only read)
**Agent:**
- [ ] Do system calls instead of direct commands [this repo](https://github.com/gravitl/netmaker-ui)
- [ ] Add a prompt for easy setup
- [ ] Make it work as a sidecar container!!!
### 0.5
**Server:**
- [ ] Multi-user support
- [ ] Oauth
- [ ] public key cycling
### Future Considerations
**Server:**
- [ ] Switch to distributed protocol (RAFT, Kademlia) instead of central server
- [ ] Load balance / fault tolerant server
- [ ] Change DB / make more scaleable (SQL?)
- [ ] Redis
- [ ] Network/Node labels
**Agent:**
- [ ] userspace via Docker or Golang
- [ ] MacOS support
- [ ] Windows support
- [ ] Certificate-based authentication

1
docs/SITE_2_SITE.md
View file

@ -1 +0,0 @@
# This document will cover how to set up site to site connections using netmaker

29
docs/TROUBLESHOOTING.md
View file

@ -1,29 +0,0 @@
# Netmaker Troubleshooting Help
## Client (netclient)
### Problem: netclient-install script not working
### Problem: Hanging artifacts from previous install
### Problem: Need to change access token settings
### Client fails to install
### Cannot run install script
### Issue with accesstoken created by UI
## Server
### Server not added to default network
### Global config not found
## MongoDB
## UI
### Incorrect backend detected. Please specify correct URL and refresh. Given: http://localhost:8081
Solution: Front end expects a reachable address for the backend. Localhost is default. Check if server is up. If server is up, make sure you've got the right endpoint (endpoint of server. Will not be 'localhost' unless doing local testing). If server is up and endpoint is correct, check for port blockings.

140
docs/USAGE.md
View file

@ -1,140 +0,0 @@
# Usage
This guide covers advanced usage of Netmaker. If you are just looking to get started quickly, check out the Quick Start in the [README](../README.md).
## Server Config
Netmaker settings can be set via Environment Variables or Config file. There are also a couple of runtime arguments that can optionally be set.
### Environment Variables
**APP_ENV**: default=dev. Determines which environment file to use. Will look under config/environments/APP_ENV.yaml. For instance, you can have different environments for dev, test, and prod, and store different settinggs accordingly.
**GRPC_PORT**: default=50051. The port for GRPC (node/client) communications
**API_PORT**: default=8081. The port for API and UI communications
**MASTER_KEY**: default=secretkey. The skeleton key used for authenticating with server as administrator.
MongoDB Connection Env Vars:
**MONGO_USER**:default=admin
**MONGO_HOST**:default=password
**MONGO_PASS**:default=localhost
**MONGO_PORTS**:default=27017
**MONGO_OPTS**:default=/?authSource=admin
**BACKEND_URL**: default=nil. The address of the server. Used for setting token values for client/nodes. If not set, will run a command to retrieve the server URL.
### Config File
Stored as config/environments/*.yaml. Default used is dev.yaml
**server**:
- **host:** "localhost" (reachable address of this server, overriden by BACKEND_URL)
- **apiport:** "8081" (api port, overriden by API_PORT)
- **grpcport**: "50051" (grpc port, overridden by GRPC_PORT)
- **masterkey**: "secretkey" (administrator server API key, overridden by MASTER_KEY)
- **allowedorigin**: "*" (CORS policy for requests)
- **restbackend**: true (Runs the REST server)
- **agentbackend**: true (Runs the GRPC server)
- **defaultnetname**: "default" (name for the default network)
- **defaultnetrange**: "10.10.10.0/24" (range for the default network)
- **createdefault**: true (Flag for creating the default network)
**mongoconn**: (see ENV values above for explanation. ENV values override.)
- **user**: "mongoadmin"
- **pass**: "mongopass"
- **host**: "localhost"
- **port**: "27017"
- **opts**: '/?authSource=admin'
### Runtime Args
**clientmode**: (default=on) E.x.: `sudo netmaker --clientmode=off` Run the Server as a client (node) as well.
**defaultnet**: (default=on) E.x.: `sudo netmaker --defaultnet=off` Create a default network on startup.
## Client Config
Client config files are stored under /etc/netclient per network as /etc/netclient/netconfig-< network name >
**server:**
address: The address:port of the server
accesskey: The acceess key used to sign up with the server
**node:**
name: a displayname for the node, e.g. "mycomputer"
interface: the network interface name, by default something like "nm-"
network: the netmaker network being attached to
password: the node's hashed password. Can be changed by putting a value in here and setting "postchanges" to "true"
macaddress: the mac address of the node
localaddress: the local network address
wgaddress: the wireguard private address
roamingoff: flag to update the IP address automatically based on network changes
islocal: whether or not this is a local or public network
allowedips: the allowedips addresses that other nodes will recieve
localrange: the local address range if it's a local network
postup: post up rules for gateway nodes
postdown: post down rules for gateway nodes
port: the wiregard port
keepalive: the default keepalive value between this and all other nodes
publickey: the public key other nodes will use to access this node
privatekey: the private key of the nodes (this field does nothing)
endpoint: the reachable endpoint of the node for routing, either local or public.
postchanges: either "true" or "false" (with quotes). If true, will post any changes you make to the remote server.
## Non-Docker Installation
### MongoDB Setup
1. Install MongoDB on your server. For Ubuntu: `sudo apt install -y mongodb`. For more advanced installation or other operating systems, see the [MongoDB documentation](https://docs.mongodb.com/manual/administration/install-community/).
2. Create a user:
`mongo admin`
> `db.createUser({ user: "mongoadmin" , pwd: "mongopass", roles: ["userAdminAnyDatabase", "dbAdminAnyDatabase", "readWriteAnyDatabase"]})`
### Server Setup
1. **Run the install script:** sudo curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/v0.2/netmaker-server.sh | sh -
2. Check status: `sudo journalctl -u netmaker`
2. If any settings are incorrect such as host or mongo credentials, change them under /etc/netmaker/config/environments/ENV.yaml and then run `sudo systemctl restart netmaker`
### UI Setup
1. **Download UI asset files:** `sudo wget -O /usr/share/nginx/html/netmaker-ui.zip https://github.com/gravitl/netmaker-ui/releases/download/latest/netmaker-ui.zip`
2. **Unzip:** `sudo unzip /usr/share/nginx/html/netmaker-ui.zip -d /usr/share/nginx/html`
3. **Copy Config to Nginx:** `sudo cp /usr/share/nginx/html/nginx.conf /etc/nginx/conf.d/default.conf`
4. **Modify Default Config Path:** `sudo sed -i 's/root \/var\/www\/html/root \/usr\/share\/nginx\/html/g' /etc/nginx/sites-available/default`
5. **Change Backend URL:** `sudo sh -c 'BACKEND_URL=http://<YOUR BACKEND API URL>:PORT /usr/share/nginx/html/generate_config_js.sh >/usr/share/nginx/html/config.js'`
6. **Start Nginx:** `sudo systemctl start nginx`
### Agent Setup
On each machine you would like to add to the network, do the following:
1. Confirm wireguard is installed: `sudo apt install wireguard-tools`
2. Confirm ipv4 forwarding is enabled: `sysctl -w net.ipv4.ip_forward=1`
3. Create a key or enable manual node signup at the network level
4. Run the install command generated by key create: `sudo curl -sfL https://raw.githubusercontent.com/gravitl/netmaker/v0.2/netclient-install.sh | KEY=YOUR_TOKEN sh -`
4.a. For additional networks on the same machine, you can just run `sudo netclient -c install -t YOUR_TOKEN`
4.b. For offline installs (no access to github), you can self-host a netclient file server on netmaker
This will install netclient@.service and netclient-YOUR_NET.timer in systemd, which will run periodically to call the netclient binary, which will check to see if there are any updates that it needs and update WireGuard appropriately.
## BUILDING
**Back End Compilation**
The backend can be compiled by running "go build" from the root of the repository, which will create an executable named "netmaker."
**Client Compilation**
Similarly, "go build" can be run from the netclient directory to produce a netclient executable.
**Protoc command for GRPC Compilation:**
Whenever making changes to grpc/node.proto, you will need to recompile the grpc. This can be achieved by running the following command from the root of the repository.
protoc --go_out=. --go_opt=paths=source_relative --go-grpc_out=. --go-grpc_opt=paths=source_relative grpc/node.proto
**Build binary:** `go build ./`
## TESTING
**Unit Testing**
When making changes to Netmaker, you may wish to create nodes, networks, or keys for testing. Bash scripts have been created under the "test" directory (*.sh) which run curl commands that generate sample nodes, networks, and keys that can be used for testing purposes.
**Integration Testing**
Similarly, several go scripts have been created under the test directory (*.go) to test out changes to the code base. These will be run automatically when PR's are submitted but can also be run manually using "go test."

154
functions/helpers.go
View file

@ -123,6 +123,47 @@ func GetPeersList(networkName string) ([]models.PeersResponse, error) {
return peers, err
}
func GetIntPeersList() ([]models.PeersResponse, error) {
var peers []models.PeersResponse
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
filter := bson.M{"isserver": ""}
cur, err := collection.Find(ctx, filter)
if err != nil {
return peers, err
}
// Close the cursor once finished and cancel if it takes too long
defer cancel()
for cur.Next(context.TODO()) {
var peer models.PeersResponse
err := cur.Decode(&peer)
if err != nil {
log.Fatal(err)
}
// add the node to our node array
//maybe better to just return this? But then that's just GetNodes...
peers = append(peers, peer)
}
//Uh oh, fatal error! This needs some better error handling
//TODO: needs appropriate error handling so the server doesnt shut down.
if err := cur.Err(); err != nil {
log.Fatal(err)
}
return peers, err
}
func IsFieldUnique(network string, field string, value string) bool {
var node models.Node
@ -148,6 +189,27 @@ func IsFieldUnique(network string, field string, value string) bool {
return isunique
}
func ServerIntClientExists() (bool, error) {
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
filter := bson.M{"isserver": "yes"}
var result bson.M
err := collection.FindOne(ctx, filter).Decode(&result)
defer cancel()
if err != nil {
if err == mongo.ErrNoDocuments {
return false, nil
}
}
return true, err
}
func NetworkExists(name string) (bool, error) {
collection := mongoconn.Client.Database("netmaker").Collection("networks")
@ -548,6 +610,45 @@ func GetNodeByMacAddress(network string, macaddress string) (models.Node, error)
return node, nil
}
func DeleteAllIntClients() error {
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
// Filter out them ID's again
err := collection.Drop(ctx)
if err != nil {
return err
}
defer cancel()
return nil
}
func GetAllIntClients() ([]models.IntClient, error) {
var client models.IntClient
var clients []models.IntClient
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
// Filter out them ID's again
cur, err := collection.Find(ctx, bson.M{}, options.Find().SetProjection(bson.M{"_id": 0}))
if err != nil {
return []models.IntClient{}, err
}
defer cancel()
for cur.Next(context.TODO()) {
err := cur.Decode(&client)
if err != nil {
return []models.IntClient{}, err
}
// add node to our array
clients = append(clients, client)
}
//TODO: Fatal error
if err := cur.Err(); err != nil {
return []models.IntClient{}, err
}
return clients, nil
}
func GetAllExtClients() ([]models.ExtClient, error) {
var extclient models.ExtClient
var extclients []models.ExtClient
@ -620,7 +721,9 @@ func UniqueAddress6(networkName string) (string, error) {
return "", err
}
if network.IsDualStack == nil || *network.IsDualStack == false {
return "", nil
if networkName != "comms" {
return "", nil
}
}
offset := true
@ -634,8 +737,14 @@ func UniqueAddress6(networkName string) (string, error) {
offset = false
continue
}
if IsIP6Unique(networkName, ip.String()) {
return ip.String(), err
if networkName == "comms" {
if IsIP6UniqueClients(networkName, ip.String()) {
return ip.String(), err
}
} else {
if IsIP6Unique(networkName, ip.String()) {
return ip.String(), err
}
}
}
//TODO
@ -758,6 +867,33 @@ func IsIP6Unique(network string, ip string) bool {
return isunique
}
//checks if IP is unique in the address range
//used by UniqueAddress
func IsIP6UniqueClients(network string, ip string) bool {
var client models.IntClient
isunique := true
collection := mongoconn.Client.Database("netmaker").Collection("intclients")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
filter := bson.M{"address6": ip, "network": network}
err := collection.FindOne(ctx, filter).Decode(&client)
defer cancel()
if err != nil {
return isunique
}
if client.Address6 == ip {
isunique = false
}
return isunique
}
//called once key has been used by createNode
//reduces value by one and deletes if necessary
func DecrimentKey(networkName string, keyvalue string) {
@ -842,21 +978,21 @@ func Inc(ip net.IP) {
}
}
func GetAllNodes() ([]models.ReturnNode, error) {
var node models.ReturnNode
var nodes []models.ReturnNode
func GetAllNodes() ([]models.Node, error) {
var node models.Node
var nodes []models.Node
collection := mongoconn.Client.Database("netmaker").Collection("nodes")
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
// Filter out them ID's again
cur, err := collection.Find(ctx, bson.M{}, options.Find().SetProjection(bson.M{"_id": 0}))
if err != nil {
return []models.ReturnNode{}, err
return []models.Node{}, err
}
defer cancel()
for cur.Next(context.TODO()) {
err := cur.Decode(&node)
if err != nil {
return []models.ReturnNode{}, err
return []models.Node{}, err
}
// add node to our array
nodes = append(nodes, node)
@ -864,7 +1000,7 @@ func GetAllNodes() ([]models.ReturnNode, error) {
//TODO: Fatal error
if err := cur.Err(); err != nil {
return []models.ReturnNode{}, err
return []models.Node{}, err
}
return nodes, nil
}

2
models/node.go
View file

@ -45,7 +45,7 @@ type Node struct {
IsPending bool `json:"ispending" bson:"ispending"`
IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"`
IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"`
EgressGatewayRange string `json:"gatewayrange" bson:"gatewayrange"`
EgressGatewayRange string `json:"egressgatewayrange" bson:"egressgatewayrange"`
IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"`
PostChanges string `json:"postchanges" bson:"postchanges"`
}

27
models/returnNode.go
View file

@ -1,27 +0,0 @@
//TODO: Either add a returnNetwork and returnKey, or delete this
package models
type ReturnNode struct {
Address string `json:"address" bson:"address"`
Address6 string `json:"address6" bson:"address6"`
Name string `json:"name" bson:"name"`
MacAddress string `json:"macaddress" bson:"macaddress"`
LastCheckIn int64 `json:"lastcheckin" bson:"lastcheckin"`
LastModified int64 `json:"lastmodified" bson:"lastmodified"`
LastPeerUpdate int64 `json:"lastpeerupdate" bson:"lastpeerupdate"`
ListenPort int32 `json:"listenport" bson:"listenport"`
PublicKey string `json:"publickey" bson:"publickey" validate:"base64"`
Endpoint string `json:"endpoint" bson:"endpoint" validate:"required,ipv4"`
PostUp string `json:"postup" bson:"postup"`
PostDown string `json:"postdown" bson:"postdown"`
PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive"`
SaveConfig *bool `json:"saveconfig" bson:"saveconfig"`
Interface string `json:"interface" bson:"interface"`
Network string `json:"network" bson:"network"`
IsPending bool `json:"ispending" bson:"ispending"`
IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"`
IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"`
EgressGatewayRange string `json:"egressgatewayrange" bson:"egressgatewayrange"`
LocalAddress string `json:"localaddress" bson:"localaddress" validate:"localaddress_check"`
ExpirationDateTime int64 `json:"expdatetime" bson:"expdatetime"`
}

17
models/serverclient.go
View file

@ -1,17 +0,0 @@
package models
import (
)
type ServerClient struct {
PrivateKey string `json:"privatekey" bson:"privatekey"`
PublicKey string `json:"publickey" bson:"publickey"`
AccessKey string `json:"publickey" bson:"accesskey"`
Address string `json:"address" bson:"address"`
Address6 string `json:"address6" bson:"address6"`
Network string `json:"network" bson:"network"`
ServerEndpoint string `json:"serverendpoint" bson:"serverendpoint"`
ServerAddress string `json:"serveraddress" bson:"serveraddress"`
ServerPort string `json:"serverport" bson:"serverport"`
ServerKey string `json:"serverkey" bson:"serverkey"`
IsServer string `json:"isserver" bson:"isserver"`
}

4
netclient/functions/register.go
View file

@ -15,7 +15,7 @@ import (
func Register(cfg config.GlobalConfig) error {
postclient := &models.ServerClient{
postclient := &models.IntClient{
AccessKey: cfg.Client.AccessKey,
PublicKey: cfg.Client.PublicKey,
PrivateKey: cfg.Client.PublicKey,
@ -42,7 +42,7 @@ func Register(cfg config.GlobalConfig) error {
if err != nil {
return err
}
var wgclient models.ServerClient
var wgclient models.IntClient
json.Unmarshal(bodyBytes, &wgclient)
spew.Dump(wgclient)
err = config.ModGlobalConfig(wgclient)

2
netclient/wireguard/kernel.go
View file

@ -23,7 +23,7 @@ import (
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
//homedir "github.com/mitchellh/go-homedir"
)
func InitGRPCWireguard(client models.ServerClient) error {
func InitGRPCWireguard(client models.IntClient) error {
key, err := wgtypes.ParseKey(client.PrivateKey)
if err != nil {
return err