From b07bab40027725cd2cb02a0ebf5c454fa809f5b7 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Fri, 10 Feb 2023 13:34:25 -0500 Subject: [PATCH 01/22] saving progress --- scripts/nm-upgrade.sh | 51 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 43 insertions(+), 8 deletions(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 4344f1d1..83a8e843 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -185,9 +185,9 @@ collect_server_settings() { esac done - STUN_NAME="stun.$SERVER_NAME" + STUN_DOMAIN="stun.$SERVER_NAME" echo "-----------------------------------------------------" - echo "Netmaker v0.18.0 requires a new DNS entry for $STUN_NAME." + echo "Netmaker v0.18.0 requires a new DNS entry for $STUN_DOMAIN." echo "Please confirm this is added to your DNS provider before continuing" echo "(note: this is not required if using an nip.io address)" echo "-----------------------------------------------------" @@ -241,16 +241,52 @@ collect_node_settings() { # set_compose - set compose file with proper values set_compose() { - # DEV_TEMP - Temporary instructions for testing - sed -i "s/v0.17.1/testing/g" /root/docker-compose.yml + echo "generating random password for mq" + MQ_PASSWORD=$(tr -dc A-Za-z0-9 Date: Tue, 21 Feb 2023 18:36:37 -0500 Subject: [PATCH 02/22] upgrade script functional --- scripts/nm-upgrade.sh | 235 +++++++++++++++++++++++++++++------------- 1 file changed, 161 insertions(+), 74 deletions(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 83a8e843..d09d721e 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -103,6 +103,21 @@ install_dependencies() { echo "-----------------------------------------------------" } +get_email() { + + unset GET_EMAIL + unset RAND_EMAIL + RAND_EMAIL="$(echo $RANDOM | md5sum | head -c 16)@email.com" + read -p "Email Address for Domain Registration (click 'enter' to use $RAND_EMAIL): " GET_EMAIL + if [ -z "$GET_EMAIL" ]; then + echo "using rand email" + EMAIL="$RAND_EMAIL" + else + EMAIL="$GET_EMAIL" + fi + +} + # collect_server_settings - retrieve server settings from existing compose file collect_server_settings() { MASTER_KEY=$(yq -r .services.netmaker.environment.MASTER_KEY docker-compose.yml) @@ -199,6 +214,7 @@ collect_node_settings() { curl -s -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://$SERVER_HTTP_HOST/api/nodes | jq -c '[ .[] | select(.isserver=="yes") ]' > nodejson.tmp NODE_LEN=$(jq length nodejson.tmp) HAS_INGRESS="no" + HAS_RELAY="no" if [ "$NODE_LEN" -gt 0 ]; then echo "===SERVER NODES===" for i in $(seq 1 $NODE_LEN); do @@ -236,37 +252,107 @@ collect_node_settings() { echo "WARNING: Your server contains an Ingress Gateway. After upgrading, existing Ext Clients will be lost and must be recreated. Please confirm that you would like to continue." confirm fi + if [[ $HAS_RELAY == "yes" ]]; then + echo "WARNING: Your server contains a Relay. After upgrading, relay will be unset. Relay functionality has been moved to the 'host' level, and must be reconfigured once all machines are upgraded." + confirm + fi + +} + +setup_caddy() { + + echo "backing up Caddyfile to /root/Caddyfile.backup" + cp /root/Caddyfile /root/Caddyfile.backup + + if grep -wq "acme.zerossl.com/v2/DV90" Caddyfile; then + echo "zerossl already set, continuing" + else + echo "editing Caddyfile" + sed -i '0,/email/{s~email~acme_ca https://acme.zerossl.com/v2/DV90\n\t&~}' /root/Caddyfile + fi + +cat <> /root/Caddyfile + +# STUN +https://$STUN_DOMAIN { + reverse_proxy netmaker:3478 +} +EOT + +} + +set_mq_credentials() { + + unset GET_MQ_USERNAME + unset GET_MQ_PASSWORD + unset CONFIRM_MQ_PASSWORD + echo "Enter Credentials For MQ..." + read -p "MQ Username (click 'enter' to use 'netmaker'): " GET_MQ_USERNAME + if [ -z "$GET_MQ_USERNAME" ]; then + echo "using default username for mq" + MQ_USERNAME="netmaker" + else + MQ_USERNAME="$GET_MQ_USERNAME" + fi + + select domain_option in "Auto Generated Password" "Input Your Own Password"; do + case $REPLY in + 1) + echo "generating random password for mq" + MQ_PASSWORD=$(tr -dc A-Za-z0-9 Date: Tue, 21 Feb 2023 18:42:56 -0500 Subject: [PATCH 03/22] add function comments --- scripts/nm-upgrade.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index d09d721e..264f1386 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -103,6 +103,7 @@ install_dependencies() { echo "-----------------------------------------------------" } +# get_email- gets upgrader's email address get_email() { unset GET_EMAIL @@ -259,6 +260,7 @@ collect_node_settings() { } +# setup_caddy - updates Caddy with new info setup_caddy() { echo "backing up Caddyfile to /root/Caddyfile.backup" @@ -281,6 +283,7 @@ EOT } +# set_mq_credentials - sets mq credentials set_mq_credentials() { unset GET_MQ_USERNAME From f6d3ba9eb97d3c88e6de8538723a287ed1b505b6 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Wed, 1 Mar 2023 08:08:58 -0500 Subject: [PATCH 04/22] moving back to host install --- scripts/nm-upgrade.sh | 44 ++++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 15 deletions(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 264f1386..e2b9b34c 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -1,5 +1,7 @@ #!/bin/bash +$LATEST="v0.18.1" + # check_version - make sure current version is 0.17.1 before continuing check_version() { IMG_TAG=$(yq -r '.services.netmaker.image' docker-compose.yml) @@ -203,7 +205,7 @@ collect_server_settings() { STUN_DOMAIN="stun.$SERVER_NAME" echo "-----------------------------------------------------" - echo "Netmaker v0.18.0 requires a new DNS entry for $STUN_DOMAIN." + echo "Netmaker v0.18 requires a new DNS entry for $STUN_DOMAIN." echo "Please confirm this is added to your DNS provider before continuing" echo "(note: this is not required if using an nip.io address)" echo "-----------------------------------------------------" @@ -351,7 +353,7 @@ set_compose() { chmod +x /root/mosquitto.conf # DEV_TEMP - sed -i "s/v0.17.1/testing/g" /root/docker-compose.yml + sed -i "s/v0.17.1/$LATEST/g" /root/docker-compose.yml # RELEASE_REPLACE - Use this once release is ready # sed -i "s/v0.17.1/v0.18.0/g" /root/docker-compose.yml @@ -420,19 +422,31 @@ test_caddy() { # setup_netclient - adds netclient to docker-compose setup_netclient() { - yq ".services.netclient += {\"container_name\": \"netclient\"}" -i /root/docker-compose.yml - yq ".services.netclient += {\"image\": \"gravitl/netclient:testing\"}" -i /root/docker-compose.yml - yq ".services.netclient += {\"hostname\": \"netmaker-1\"}" -i /root/docker-compose.yml - yq ".services.netclient += {\"network_mode\": \"host\"}" -i /root/docker-compose.yml - yq ".services.netclient.depends_on += [\"netmaker\"]" -i /root/docker-compose.yml - yq ".services.netclient += {\"restart\": \"always\"}" -i /root/docker-compose.yml - yq ".services.netclient.environment += {\"TOKEN\": \"$KEY\"}" -i /root/docker-compose.yml - yq ".services.netclient.volumes += [\"/etc/netclient:/etc/netclient\"]" -i /root/docker-compose.yml - yq ".services.netclient.cap_add += [\"NET_ADMIN\"]" -i /root/docker-compose.yml - yq ".services.netclient.cap_add += [\"NET_RAW\"]" -i /root/docker-compose.yml - yq ".services.netclient.cap_add += [\"SYS_MODULE\"]" -i /root/docker-compose.yml + # yq ".services.netclient += {\"container_name\": \"netclient\"}" -i /root/docker-compose.yml + # yq ".services.netclient += {\"image\": \"gravitl/netclient:testing\"}" -i /root/docker-compose.yml + # yq ".services.netclient += {\"hostname\": \"netmaker-1\"}" -i /root/docker-compose.yml + # yq ".services.netclient += {\"network_mode\": \"host\"}" -i /root/docker-compose.yml + # yq ".services.netclient.depends_on += [\"netmaker\"]" -i /root/docker-compose.yml + # yq ".services.netclient += {\"restart\": \"always\"}" -i /root/docker-compose.yml + # yq ".services.netclient.environment += {\"TOKEN\": \"$KEY\"}" -i /root/docker-compose.yml + # yq ".services.netclient.volumes += [\"/etc/netclient:/etc/netclient\"]" -i /root/docker-compose.yml + # yq ".services.netclient.cap_add += [\"NET_ADMIN\"]" -i /root/docker-compose.yml + # yq ".services.netclient.cap_add += [\"NET_RAW\"]" -i /root/docker-compose.yml + # yq ".services.netclient.cap_add += [\"SYS_MODULE\"]" -i /root/docker-compose.yml - docker-compose up -d + # docker-compose up -d + + set +e + netclient uninstall + set -e + + wget -O netclient https://github.com/gravitl/netclient/releases/download/$LATEST/netclient_linux_amd64 + chmod +x netclient + ./netclient install + netclient join -t $TOKEN + + echo "waiting for client to become available" + wait_seconds 10 } @@ -568,7 +582,7 @@ join_networks() { cat << "EOF" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -The Netmaker Upgrade Script: Upgrading to v0.18.0 so you don't have to! +The Netmaker Upgrade Script: Upgrading to v0.18 so you don't have to! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - EOF From 3f79f95a2dc7c64be1a49c7fadb4f97bc4ba4765 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Wed, 1 Mar 2023 08:11:46 -0500 Subject: [PATCH 05/22] version --- scripts/nm-upgrade.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 3e281ade..34d70c40 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -1,6 +1,6 @@ #!/bin/bash -$LATEST="v0.18.1" +LATEST="v0.18.1" # check_version - make sure current version is 0.17.1 before continuing check_version() { From 9c1ed00f1769d7688a9c77f25000629afc93bc65 Mon Sep 17 00:00:00 2001 From: Matthew R Kasun Date: Thu, 16 Feb 2023 13:37:02 -0500 Subject: [PATCH 06/22] delete legacy node after creating new node during migration --- controllers/migrate.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/controllers/migrate.go b/controllers/migrate.go index 72a03084..253ae3b6 100644 --- a/controllers/migrate.go +++ b/controllers/migrate.go @@ -75,4 +75,7 @@ func migrate(w http.ResponseWriter, r *http.Request) { r.Body = io.NopCloser(strings.NewReader(string(payload))) r.ContentLength = int64(len(string(payload))) createNode(w, r) + if err := database.DeleteRecord(database.NODES_TABLE_NAME, data.LegacyNodeID); err != nil { + logger.Log(0, "error deleting legacy node", legacyNode.Name, err.Error()) + } } From a1f0315847a108aa1f18739194987dc2e3a27f62 Mon Sep 17 00:00:00 2001 From: Matthew R Kasun Date: Thu, 16 Feb 2023 13:56:19 -0500 Subject: [PATCH 07/22] create gateways durring migration --- controllers/migrate.go | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/controllers/migrate.go b/controllers/migrate.go index 253ae3b6..bfde004c 100644 --- a/controllers/migrate.go +++ b/controllers/migrate.go @@ -74,8 +74,28 @@ func migrate(w http.ResponseWriter, r *http.Request) { } r.Body = io.NopCloser(strings.NewReader(string(payload))) r.ContentLength = int64(len(string(payload))) - createNode(w, r) if err := database.DeleteRecord(database.NODES_TABLE_NAME, data.LegacyNodeID); err != nil { logger.Log(0, "error deleting legacy node", legacyNode.Name, err.Error()) } + createNode(w, r) + //newly created node has same node id as legacy node allowing using legacyNode.ID in gateway creation + if legacyNode.IsIngressGateway == "yes" { + if _, err := logic.CreateIngressGateway(legacyNode.Network, legacyNode.ID, false); err != nil { + logger.Log(0, "error creating ingress gateway during migration", err.Error()) + } + } + if legacyNode.IsEgressGateway == "yes" { + if _, err := logic.CreateEgressGateway(legacyNode.EgressGatewayRequest); err != nil { + logger.Log(0, "error creating egress gateway during migration", err.Error()) + } + } + if legacyNode.IsRelay == "yes" { + if _, _, err := logic.CreateRelay(models.RelayRequest{ + NodeID: legacyNode.ID, + NetID: legacyNode.Network, + RelayAddrs: legacyNode.RelayAddrs, + }); err != nil { + logger.Log(0, "error creating relay during migration", err.Error()) + } + } } From 62dd970d3343c9d74baac323b4b57a42a60bc24a Mon Sep 17 00:00:00 2001 From: Matthew R Kasun Date: Wed, 1 Mar 2023 10:36:57 -0500 Subject: [PATCH 08/22] merge develop --- Dockerfile | 3 ++- controllers/migrate.go | 4 ++++ controllers/node.go | 2 +- go.mod | 5 ++++- go.sum | 9 ++++++++- 5 files changed, 19 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 382755c6..26009c3a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,10 +4,11 @@ ARG tags WORKDIR /app COPY . . -RUN GOOS=linux CGO_ENABLED=1 go build -ldflags="-s -w" -tags ${tags} . +RUN GOOS=linux CGO_ENABLED=1 go build -ldflags="-s -w " -tags ${tags} . # RUN go build -tags=ee . -o netmaker main.go FROM alpine:3.16.2 +# add a c lib # set the working directory WORKDIR /root/ RUN mkdir -p /etc/netclient/config diff --git a/controllers/migrate.go b/controllers/migrate.go index bfde004c..4427eafb 100644 --- a/controllers/migrate.go +++ b/controllers/migrate.go @@ -11,6 +11,7 @@ import ( "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" + "github.com/kr/pretty" "golang.org/x/crypto/bcrypt" ) @@ -74,11 +75,14 @@ func migrate(w http.ResponseWriter, r *http.Request) { } r.Body = io.NopCloser(strings.NewReader(string(payload))) r.ContentLength = int64(len(string(payload))) + pretty.Println(data.JoinData) + logger.Log(3, "deleteing legacy node", data.LegacyNodeID, legacyNode.ID, legacyNode.Name) if err := database.DeleteRecord(database.NODES_TABLE_NAME, data.LegacyNodeID); err != nil { logger.Log(0, "error deleting legacy node", legacyNode.Name, err.Error()) } createNode(w, r) //newly created node has same node id as legacy node allowing using legacyNode.ID in gateway creation + logger.Log(3, "re-creating legacy gateways") if legacyNode.IsIngressGateway == "yes" { if _, err := logic.CreateIngressGateway(legacyNode.Network, legacyNode.ID, false); err != nil { logger.Log(0, "error creating ingress gateway during migration", err.Error()) diff --git a/controllers/node.go b/controllers/node.go index e9b56b08..0c2d6ab3 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -637,7 +637,7 @@ func createNode(w http.ResponseWriter, r *http.Request) { Host: data.Host, Peers: hostPeerUpdate.Peers, } - logger.Log(1, r.Header.Get("user"), "created new node", data.Host.Name, "on network", networkName) + logger.Log(1, r.Header.Get("user"), "created new node", data.Host.Name, data.Node.ID.String(), "on network", networkName) w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(response) diff --git a/go.mod b/go.mod index 1a039c41..9c4b3d30 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,8 @@ require ( require ( github.com/guumaster/tablewriter v0.0.10 - github.com/matryer/is v1.4.1 + github.com/kr/pretty v0.3.0 + github.com/matryer/is v1.4.0 github.com/olekukonko/tablewriter v0.0.5 github.com/spf13/cobra v1.6.1 ) @@ -51,7 +52,9 @@ require ( cloud.google.com/go/compute/metadata v0.2.1 // indirect github.com/go-jose/go-jose/v3 v3.0.0 // indirect github.com/inconshreveable/mousetrap v1.0.1 // indirect + github.com/kr/text v0.2.0 // indirect github.com/rivo/uniseg v0.2.0 // indirect + github.com/rogpeppe/go-internal v1.8.0 // indirect github.com/spf13/pflag v1.0.5 // indirect ) diff --git a/go.sum b/go.sum index b40f9c73..c4f92a34 100644 --- a/go.sum +++ b/go.sum @@ -17,6 +17,7 @@ github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3Ee github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -69,9 +70,11 @@ github.com/josharian/native v1.0.0 h1:Ts/E8zCSEsG17dUqv7joXJFybuMLjQfWE04tsBODTx github.com/josharian/native v1.0.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw= @@ -98,6 +101,7 @@ github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -107,7 +111,9 @@ github.com/posthog/posthog-go v0.0.0-20211028072449-93c17c49e2b0/go.mod h1:oa2sA github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= +github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rqlite/gorqlite v0.0.0-20210514125552-08ff1e76b22f h1:BSnJgAfHzEp7o8PYJ7YfwAVHhqu7BYUTggcn/LGlUWY= github.com/rqlite/gorqlite v0.0.0-20210514125552-08ff1e76b22f/go.mod h1:UW/gxgQwSePTvL1KA8QEHsXeYHP4xkoXgbDdN781p34= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= @@ -229,6 +235,7 @@ google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= From d7a005cca58c146eb8daf8f2832bfbcabd0a1f4a Mon Sep 17 00:00:00 2001 From: Matthew R Kasun Date: Sat, 4 Mar 2023 14:04:07 -0500 Subject: [PATCH 09/22] fix test fails --- go.sum | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index c4f92a34..e6847f76 100644 --- a/go.sum +++ b/go.sum @@ -80,8 +80,8 @@ github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ic github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw= github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/matryer/is v1.4.1 h1:55ehd8zaGABKLXQUe2awZ99BD/PTc2ls+KV/dXphgEQ= -github.com/matryer/is v1.4.1/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= +github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= +github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.10/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= From 55b24c5eeba1b942d83e658265c870b0b3610746 Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Mon, 6 Mar 2023 15:54:50 -0500 Subject: [PATCH 10/22] allowed public key input for ext clients --- controllers/ext_client.go | 25 ++++++++++++++----------- controllers/regex.go | 5 ++++- logic/extpeers.go | 6 +++--- models/structs.go | 11 ++++++++--- 4 files changed, 29 insertions(+), 18 deletions(-) diff --git a/controllers/ext_client.go b/controllers/ext_client.go index 96ab1e7c..a0b9ac35 100644 --- a/controllers/ext_client.go +++ b/controllers/ext_client.go @@ -17,6 +17,7 @@ import ( "github.com/gravitl/netmaker/models/promodels" "github.com/gravitl/netmaker/mq" "github.com/skip2/go-qrcode" + "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) func extClientHandlers(r *mux.Router) { @@ -317,16 +318,22 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { } var extclient models.ExtClient - var CustomExtClient models.CustomExtClient - - err := json.NewDecoder(r.Body).Decode(&CustomExtClient) + var customExtClient models.CustomExtClient + err := json.NewDecoder(r.Body).Decode(&customExtClient) if err == nil { - if CustomExtClient.ClientID != "" && !validName(CustomExtClient.ClientID) { + if customExtClient.ClientID != "" && !validName(customExtClient.ClientID) { logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidExtClientID, "badrequest")) return } - extclient.ClientID = CustomExtClient.ClientID + extclient.ClientID = customExtClient.ClientID + if len(customExtClient.PublicKey) > 0 { + if _, err := wgtypes.ParseKey(customExtClient.PublicKey); err != nil { + logic.ReturnErrorResponse(w, r, logic.FormatError(errInvalidExtClientPubKey, "badrequest")) + return + } + extclient.PublicKey = customExtClient.PublicKey + } } extclient.Network = networkName @@ -350,16 +357,13 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { listenPort = host.ProxyListenPort } extclient.IngressGatewayEndpoint = host.EndpointIP.String() + ":" + strconv.FormatInt(int64(listenPort), 10) - extclient.Enabled = true parentNetwork, err := logic.GetNetwork(networkName) if err == nil { // check if parent network default ACL is enabled (yes) or not (no) extclient.Enabled = parentNetwork.DefaultACL == "yes" } - // check pro settings - err = logic.CreateExtClient(&extclient) - if err != nil { + if err = logic.CreateExtClient(&extclient); err != nil { logger.Log(0, r.Header.Get("user"), fmt.Sprintf("failed to create new ext client on network [%s]: %v", networkName, err)) logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal")) @@ -389,8 +393,7 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { logger.Log(0, r.Header.Get("user"), "created new ext client on network", networkName) w.WriteHeader(http.StatusOK) go func() { - err = mq.PublishPeerUpdate() - if err != nil { + if err := mq.PublishPeerUpdate(); err != nil { logger.Log(1, "error setting ext peers on "+nodeid+": "+err.Error()) } if err := mq.PublishExtCLientDNS(&extclient); err != nil { diff --git a/controllers/regex.go b/controllers/regex.go index 532a262e..d0637c4b 100644 --- a/controllers/regex.go +++ b/controllers/regex.go @@ -5,7 +5,10 @@ import ( "regexp" ) -var errInvalidExtClientID = errors.New("ext client ID must be alphanumderic and/or dashes") +var ( + errInvalidExtClientPubKey = errors.New("incorrect ext client public key") + errInvalidExtClientID = errors.New("ext client ID must be alphanumderic and/or dashes") +) // allow only dashes and alphaneumeric for ext client and node names func validName(name string) bool { diff --git a/logic/extpeers.go b/logic/extpeers.go index 5364c3a4..20bc4793 100644 --- a/logic/extpeers.go +++ b/logic/extpeers.go @@ -117,14 +117,15 @@ func GetExtClient(clientid string, network string) (models.ExtClient, error) { // CreateExtClient - creates an extclient func CreateExtClient(extclient *models.ExtClient) error { - if extclient.PrivateKey == "" { + if len(extclient.PublicKey) == 0 { privateKey, err := wgtypes.GeneratePrivateKey() if err != nil { return err } - extclient.PrivateKey = privateKey.String() extclient.PublicKey = privateKey.PublicKey().String() + } else { + extclient.PrivateKey = "[ENTER PRIVATE KEY]" } parentNetwork, err := GetNetwork(extclient.Network) @@ -156,7 +157,6 @@ func CreateExtClient(extclient *models.ExtClient) error { } extclient.LastModified = time.Now().Unix() - key, err := GetRecordKey(extclient.ClientID, extclient.Network) if err != nil { return err diff --git a/models/structs.go b/models/structs.go index d3594171..d8b60cd1 100644 --- a/models/structs.go +++ b/models/structs.go @@ -8,12 +8,17 @@ import ( "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) -const PLACEHOLDER_KEY_TEXT = "ACCESS_KEY" -const PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN" +const ( + // PLACEHOLDER_KEY_TEXT - access key placeholder text if option turned off + PLACEHOLDER_KEY_TEXT = "ACCESS_KEY" + // PLACEHOLDER_TOKEN_TEXT - access key token placeholder text if option turned off + PLACEHOLDER_TOKEN_TEXT = "ACCESS_TOKEN" +) // CustomExtClient - struct for CustomExtClient params type CustomExtClient struct { - ClientID string `json:"clientid"` + ClientID string `json:"clientid"` + PublicKey string `json:"publickey,omitempty"` } // AuthParams - struct for auth params From 692441279b887387bf3deafc9ff3d6a500382920 Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Tue, 7 Mar 2023 09:58:48 -0500 Subject: [PATCH 11/22] added ability to remove legacy nodes --- controllers/controller.go | 1 + controllers/legacy.go | 35 +++++++++++++++++++++++++++++ controllers/node.go | 9 ++++++-- logic/legacy.go | 46 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 89 insertions(+), 2 deletions(-) create mode 100644 controllers/legacy.go create mode 100644 logic/legacy.go diff --git a/controllers/controller.go b/controllers/controller.go index 7fa39889..7abef20b 100644 --- a/controllers/controller.go +++ b/controllers/controller.go @@ -27,6 +27,7 @@ var HttpHandlers = []interface{}{ loggerHandlers, hostHandlers, enrollmentKeyHandlers, + legacyHandlers, } // HandleRESTRequests - handles the rest requests diff --git a/controllers/legacy.go b/controllers/legacy.go new file mode 100644 index 00000000..d47db645 --- /dev/null +++ b/controllers/legacy.go @@ -0,0 +1,35 @@ +package controller + +import ( + "net/http" + + "github.com/gorilla/mux" + "github.com/gravitl/netmaker/logger" + "github.com/gravitl/netmaker/logic" +) + +func legacyHandlers(r *mux.Router) { + r.HandleFunc("/api/v1/legacy/nodes", logic.SecurityCheck(true, http.HandlerFunc(wipeLegacyNodes))).Methods(http.MethodDelete) +} + +// swagger:route DELETE /api/v1/legacy/nodes nodes wipeLegacyNodes +// +// Delete all legacy nodes from DB. +// +// Schemes: https +// +// Security: +// oauth +// +// Responses: +// 200: wipeLegacyNodesResponse +func wipeLegacyNodes(w http.ResponseWriter, r *http.Request) { + // Set header + w.Header().Set("Content-Type", "application/json") + if err := logic.RemoveAllLegacyNodes(); err != nil { + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + logger.Log(0, "error occurred when removing legacy nodes", err.Error()) + } + logger.Log(0, r.Header.Get("user"), "wiped legacy nodes") + logic.ReturnSuccessResponse(w, r, "wiped all legacy nodes") +} diff --git a/controllers/node.go b/controllers/node.go index e9b56b08..85efb6a1 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -975,8 +975,13 @@ func deleteNode(w http.ResponseWriter, r *http.Request) { fromNode := r.Header.Get("requestfrom") == "node" node, err := logic.GetNodeByID(nodeid) if err != nil { - logger.Log(0, "error retrieving node to delete", err.Error()) - logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + if logic.CheckAndRemoveLegacyNode(nodeid) { + logger.Log(0, "removed legacy node", nodeid) + logic.ReturnSuccessResponse(w, r, nodeid+" deleted.") + } else { + logger.Log(0, "error retrieving node to delete", err.Error()) + logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) + } return } if r.Header.Get("ismaster") != "yes" { diff --git a/logic/legacy.go b/logic/legacy.go new file mode 100644 index 00000000..5f858a3d --- /dev/null +++ b/logic/legacy.go @@ -0,0 +1,46 @@ +package logic + +import ( + "encoding/json" + + "github.com/gravitl/netmaker/database" + "github.com/gravitl/netmaker/logger" + "github.com/gravitl/netmaker/models" +) + +// IsLegacyNode - checks if a node is legacy or not +func IsLegacyNode(nodeID string) bool { + record, err := database.FetchRecord(database.NODES_TABLE_NAME, nodeID) + if err != nil { + return false + } + var currentNode models.Node + var legacyNode models.LegacyNode + currentNodeErr := json.Unmarshal([]byte(record), ¤tNode) + legacyNodeErr := json.Unmarshal([]byte(record), &legacyNode) + return currentNodeErr != nil && legacyNodeErr == nil +} + +// CheckAndRemoveLegacyNode - checks for legacy node and removes +func CheckAndRemoveLegacyNode(nodeID string) bool { + if IsLegacyNode(nodeID) { + if err := database.DeleteRecord(database.NODES_TABLE_NAME, nodeID); err == nil { + return true + } + } + return false +} + +// RemoveAllLegacyNodes - fetches all legacy nodes from DB and removes +func RemoveAllLegacyNodes() error { + records, err := database.FetchRecords(database.NODES_TABLE_NAME) + if err != nil { + return err + } + for k := range records { + if CheckAndRemoveLegacyNode(k) { + logger.Log(0, "removed legacy node", k) + } + } + return nil +} From c11ba7c44bef9343f09b66380766da4f7201bac2 Mon Sep 17 00:00:00 2001 From: Anish Mukherjee Date: Wed, 8 Mar 2023 19:17:09 +0530 Subject: [PATCH 12/22] append local addresses --- logic/peers.go | 36 ++++++++++++++++++++---------------- models/metrics.go | 11 ++++++----- 2 files changed, 26 insertions(+), 21 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index 2af7cee9..ce835cd7 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -274,10 +274,11 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig) peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1 hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + LocalAddress: peer.LocalAddress.String(), + Name: peerHost.Name, + Network: peer.Network, } nodePeer = peerConfig } else { @@ -285,20 +286,22 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host peerAllowedIPs = append(peerAllowedIPs, allowedips...) hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs = peerAllowedIPs hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + LocalAddress: peer.LocalAddress.String(), + Name: peerHost.Name, + Network: peer.Network, } nodePeer = hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]] } if node.Network == network { // add to peers map for metrics hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + LocalAddress: peer.LocalAddress.String(), + Name: peerHost.Name, + Network: peer.Network, } hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, nodePeer) } @@ -324,10 +327,11 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host extPeerIdAndAddr := extPeerIdAndAddr hostPeerUpdate.HostPeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.HostPeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ - ID: extPeerIdAndAddr.ID, - Address: extPeerIdAndAddr.Address, - Name: extPeerIdAndAddr.Name, - Network: node.Network, + ID: extPeerIdAndAddr.ID, + Address: extPeerIdAndAddr.Address, + LocalAddress: extPeerIdAndAddr.LocalAddress, + Name: extPeerIdAndAddr.Name, + Network: node.Network, } hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{ Masquerade: true, diff --git a/models/metrics.go b/models/metrics.go index b633a69b..bebc0819 100644 --- a/models/metrics.go +++ b/models/metrics.go @@ -28,11 +28,12 @@ type Metric struct { // IDandAddr - struct to hold ID and primary Address type IDandAddr struct { - ID string `json:"id" bson:"id" yaml:"id"` - Address string `json:"address" bson:"address" yaml:"address"` - Name string `json:"name" bson:"name" yaml:"name"` - IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` - Network string `json:"network" bson:"network" yaml:"network" validate:"network"` + ID string `json:"id" bson:"id" yaml:"id"` + Address string `json:"address" bson:"address" yaml:"address"` + LocalAddress string `json:"localaddress" bson:"localaddress" yaml:"localaddress"` + Name string `json:"name" bson:"name" yaml:"name"` + IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` + Network string `json:"network" bson:"network" yaml:"network" validate:"network"` } // PeerMap - peer map for ids and addresses in metrics From b7f8a623877d8d114267247f10755b506098f3b0 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Wed, 8 Mar 2023 19:04:38 +0400 Subject: [PATCH 13/22] add stun port to compose file --- compose/docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index a6b803eb..7d52404a 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -27,6 +27,7 @@ services: VERBOSITY: "1" MQ_PASSWORD: "REPLACE_MQ_PASSWORD" MQ_USERNAME: "REPLACE_MQ_USERNAME" + STUN_PORT: "3478" ports: - "3478:3478/udp" netmaker-ui: From ea6623ba3ed6c535989e102082970dd9ae4c4b4d Mon Sep 17 00:00:00 2001 From: Anish Mukherjee Date: Thu, 9 Mar 2023 18:40:40 +0530 Subject: [PATCH 14/22] append host interfaces to hostPeerUpdate --- logic/peers.go | 37 +++++++++++++++++-------------------- models/metrics.go | 11 +++++------ models/mqtt.go | 1 + 3 files changed, 23 insertions(+), 26 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index ce835cd7..e0272e44 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -156,6 +156,7 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host PeerIDs: make(models.PeerMap, 0), Peers: []wgtypes.PeerConfig{}, NodePeers: []wgtypes.PeerConfig{}, + Interfaces: host.Interfaces, } logger.Log(1, "peer update for host", host.ID.String()) @@ -274,11 +275,10 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host hostPeerUpdate.Peers = append(hostPeerUpdate.Peers, peerConfig) peerIndexMap[peerHost.PublicKey.String()] = len(hostPeerUpdate.Peers) - 1 hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - LocalAddress: peer.LocalAddress.String(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + Name: peerHost.Name, + Network: peer.Network, } nodePeer = peerConfig } else { @@ -286,22 +286,20 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host peerAllowedIPs = append(peerAllowedIPs, allowedips...) hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]].AllowedIPs = peerAllowedIPs hostPeerUpdate.HostPeerIDs[peerHost.PublicKey.String()][peer.ID.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - LocalAddress: peer.LocalAddress.String(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + Name: peerHost.Name, + Network: peer.Network, } nodePeer = hostPeerUpdate.Peers[peerIndexMap[peerHost.PublicKey.String()]] } if node.Network == network { // add to peers map for metrics hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - LocalAddress: peer.LocalAddress.String(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + Name: peerHost.Name, + Network: peer.Network, } hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, nodePeer) } @@ -327,11 +325,10 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host extPeerIdAndAddr := extPeerIdAndAddr hostPeerUpdate.HostPeerIDs[extPeerIdAndAddr.ID] = make(map[string]models.IDandAddr) hostPeerUpdate.HostPeerIDs[extPeerIdAndAddr.ID][extPeerIdAndAddr.ID] = models.IDandAddr{ - ID: extPeerIdAndAddr.ID, - Address: extPeerIdAndAddr.Address, - LocalAddress: extPeerIdAndAddr.LocalAddress, - Name: extPeerIdAndAddr.Name, - Network: node.Network, + ID: extPeerIdAndAddr.ID, + Address: extPeerIdAndAddr.Address, + Name: extPeerIdAndAddr.Name, + Network: node.Network, } hostPeerUpdate.IngressInfo.ExtPeers[extPeerIdAndAddr.ID] = models.ExtClientInfo{ Masquerade: true, diff --git a/models/metrics.go b/models/metrics.go index bebc0819..b633a69b 100644 --- a/models/metrics.go +++ b/models/metrics.go @@ -28,12 +28,11 @@ type Metric struct { // IDandAddr - struct to hold ID and primary Address type IDandAddr struct { - ID string `json:"id" bson:"id" yaml:"id"` - Address string `json:"address" bson:"address" yaml:"address"` - LocalAddress string `json:"localaddress" bson:"localaddress" yaml:"localaddress"` - Name string `json:"name" bson:"name" yaml:"name"` - IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` - Network string `json:"network" bson:"network" yaml:"network" validate:"network"` + ID string `json:"id" bson:"id" yaml:"id"` + Address string `json:"address" bson:"address" yaml:"address"` + Name string `json:"name" bson:"name" yaml:"name"` + IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` + Network string `json:"network" bson:"network" yaml:"network" validate:"network"` } // PeerMap - peer map for ids and addresses in metrics diff --git a/models/mqtt.go b/models/mqtt.go index 316d3fe8..c70c370e 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -19,6 +19,7 @@ type HostPeerUpdate struct { EgressInfo map[string]EgressInfo `json:"egress_info" bson:"egress_info" yaml:"egress_info"` // map key is node ID IngressInfo IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` PeerIDs PeerMap `json:"peerids" bson:"peerids" yaml:"peerids"` + Interfaces []Iface `json:"interfaces" yaml:"interfaces"` } // IngressInfo - struct for ingress info From a9fe301ee174cf1ad2641439db52c578e3e4717c Mon Sep 17 00:00:00 2001 From: Matthew R Kasun Date: Thu, 9 Mar 2023 10:27:25 -0500 Subject: [PATCH 15/22] remove debug log --- controllers/migrate.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/controllers/migrate.go b/controllers/migrate.go index 4427eafb..736a2a35 100644 --- a/controllers/migrate.go +++ b/controllers/migrate.go @@ -11,7 +11,6 @@ import ( "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/logic" "github.com/gravitl/netmaker/models" - "github.com/kr/pretty" "golang.org/x/crypto/bcrypt" ) @@ -75,7 +74,6 @@ func migrate(w http.ResponseWriter, r *http.Request) { } r.Body = io.NopCloser(strings.NewReader(string(payload))) r.ContentLength = int64(len(string(payload))) - pretty.Println(data.JoinData) logger.Log(3, "deleteing legacy node", data.LegacyNodeID, legacyNode.ID, legacyNode.Name) if err := database.DeleteRecord(database.NODES_TABLE_NAME, data.LegacyNodeID); err != nil { logger.Log(0, "error deleting legacy node", legacyNode.Name, err.Error()) From e9f8ab78f20e919cc5da456a8cf8124b7ea2a9b0 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Thu, 9 Mar 2023 15:33:26 -0500 Subject: [PATCH 16/22] fixing issue with keys, bad env vars --- scripts/nm-upgrade.sh | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 9af1235b..38765a47 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -1,6 +1,6 @@ #!/bin/bash -LATEST="v0.18.1" +LATEST="testing" # check_version - make sure current version is 0.17.1 before continuing check_version() { @@ -355,14 +355,17 @@ set_compose() { # DEV_TEMP sed -i "s/v0.17.1/$LATEST/g" /root/docker-compose.yml + STUN_PORT=3478 + # RELEASE_REPLACE - Use this once release is ready #sed -i "s/v0.17.1/v0.18.3/g" /root/docker-compose.yml yq ".services.netmaker.environment.SERVER_NAME = \"$SERVER_NAME\"" -i /root/docker-compose.yml - yq ".services.netmaker.environment += {\"BROKER_NAME\": \"$BROKER_NAME\"}" -i /root/docker-compose.yml - yq ".services.netmaker.environment += {\"STUN_DOMAIN\": \"$STUN_DOMAIN\"}" -i /root/docker-compose.yml + yq ".services.netmaker.environment += {\"BROKER_ENDPOINT\": \"wss://$BROKER_NAME\"}" -i /root/docker-compose.yml + yq ".services.netmaker.environment += {\"SERVER_BROKER_ENDPOINT\": \"wss://mq:1883\"}" -i /root/docker-compose.yml + yq ".services.netmaker.environment += {\"STUN_LIST\": \"$STUN_DOMAIN:$STUN_PORT,stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302\"}" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"MQ_PASSWORD\": \"$MQ_PASSWORD\"}" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"MQ_USERNAME\": \"$MQ_USERNAME\"}" -i /root/docker-compose.yml - yq ".services.netmaker.environment += {\"STUN_PORT\": \"3478\"}" -i /root/docker-compose.yml + yq ".services.netmaker.environment += {\"STUN_PORT\": \"$STUN_PORT\"}" -i /root/docker-compose.yml yq ".services.netmaker.ports += \"3478:3478/udp\"" -i /root/docker-compose.yml yq ".services.mq.environment += {\"MQ_PASSWORD\": \"$MQ_PASSWORD\"}" -i /root/docker-compose.yml @@ -379,6 +382,10 @@ set_compose() { yq eval 'del(.services.netmaker.cap_add)' -i /root/docker-compose.yml yq eval 'del(.services.netmaker.sysctls)' -i /root/docker-compose.yml yq eval 'del(.services.netmaker.environment.MQ_ADMIN_PASSWORD)' -i /root/docker-compose.yml + yq eval 'del(.services.netmaker.environment.MQ_HOST)' -i /root/docker-compose.yml + yq eval 'del(.services.netmaker.environment.MQ_PORT)' -i /root/docker-compose.yml + yq eval 'del(.services.netmaker.environment.MQ_SERVER_PORT)' -i /root/docker-compose.yml + yq eval 'del(.services.netmaker.environment.PORT_FORWARD_SERVICES)' -i /root/docker-compose.yml yq eval 'del(.services.netmaker.environment.CLIENT_MODE)' -i /root/docker-compose.yml yq eval 'del(.services.netmaker.environment.HOST_NETWORK)' -i /root/docker-compose.yml yq eval 'del(.services.mq.environment.NETMAKER_SERVER_HOST)' -i /root/docker-compose.yml @@ -439,10 +446,11 @@ setup_netclient() { netclient uninstall set -e - wget -O netclient https://github.com/gravitl/netclient/releases/download/$LATEST/netclient_linux_amd64 - chmod +x netclient - ./netclient install - netclient join -t $TOKEN + wget -O /tmp/netclient https://fileserver.netmaker.org/$LATEST/netclient + + chmod +x /tmp/netclient + /tmp/netclient install + netclient join -t $KEY echo "waiting for client to become available" wait_seconds 10 @@ -538,8 +546,10 @@ join_networks() { echo "For first join, making host a default" echo "Host ID: $HOST_ID" # set as a default host + set +e ./nmctl host update $HOST_ID --default sleep 2 + set -e fi # create an egress if necessary From bec7b8f4bcc8bd261b963227e942077915abe67b Mon Sep 17 00:00:00 2001 From: afeiszli Date: Thu, 9 Mar 2023 16:54:26 -0500 Subject: [PATCH 17/22] change wss to ws --- scripts/nm-upgrade.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/nm-upgrade.sh b/scripts/nm-upgrade.sh index 38765a47..dd87a692 100644 --- a/scripts/nm-upgrade.sh +++ b/scripts/nm-upgrade.sh @@ -361,7 +361,7 @@ set_compose() { #sed -i "s/v0.17.1/v0.18.3/g" /root/docker-compose.yml yq ".services.netmaker.environment.SERVER_NAME = \"$SERVER_NAME\"" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"BROKER_ENDPOINT\": \"wss://$BROKER_NAME\"}" -i /root/docker-compose.yml - yq ".services.netmaker.environment += {\"SERVER_BROKER_ENDPOINT\": \"wss://mq:1883\"}" -i /root/docker-compose.yml + yq ".services.netmaker.environment += {\"SERVER_BROKER_ENDPOINT\": \"ws://mq:1883\"}" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"STUN_LIST\": \"$STUN_DOMAIN:$STUN_PORT,stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302\"}" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"MQ_PASSWORD\": \"$MQ_PASSWORD\"}" -i /root/docker-compose.yml yq ".services.netmaker.environment += {\"MQ_USERNAME\": \"$MQ_USERNAME\"}" -i /root/docker-compose.yml From 0891dcb8547e0c97ae5f31b259d454a969a8e0da Mon Sep 17 00:00:00 2001 From: Anish Mukherjee Date: Fri, 10 Mar 2023 19:01:30 +0530 Subject: [PATCH 18/22] append proxy listen port and peer host interfaces to peerID map --- logic/peers.go | 10 ++++++---- models/metrics.go | 12 +++++++----- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index e0272e44..a233aa1d 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -296,10 +296,12 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host if node.Network == network { // add to peers map for metrics hostPeerUpdate.PeerIDs[peerHost.PublicKey.String()] = models.IDandAddr{ - ID: peer.ID.String(), - Address: peer.PrimaryAddress(), - Name: peerHost.Name, - Network: peer.Network, + ID: peer.ID.String(), + Address: peer.PrimaryAddress(), + Name: peerHost.Name, + Network: peer.Network, + Interfaces: peerHost.Interfaces, + ProxyListenPort: peerHost.ProxyListenPort, } hostPeerUpdate.NodePeers = append(hostPeerUpdate.NodePeers, nodePeer) } diff --git a/models/metrics.go b/models/metrics.go index b633a69b..a7834a28 100644 --- a/models/metrics.go +++ b/models/metrics.go @@ -28,11 +28,13 @@ type Metric struct { // IDandAddr - struct to hold ID and primary Address type IDandAddr struct { - ID string `json:"id" bson:"id" yaml:"id"` - Address string `json:"address" bson:"address" yaml:"address"` - Name string `json:"name" bson:"name" yaml:"name"` - IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` - Network string `json:"network" bson:"network" yaml:"network" validate:"network"` + ID string `json:"id" bson:"id" yaml:"id"` + Address string `json:"address" bson:"address" yaml:"address"` + Name string `json:"name" bson:"name" yaml:"name"` + IsServer string `json:"isserver" bson:"isserver" yaml:"isserver" validate:"checkyesorno"` + Network string `json:"network" bson:"network" yaml:"network" validate:"network"` + Interfaces []Iface `json:"interfaces" yaml:"interfaces"` + ProxyListenPort int `json:"proxy_listen_port" yaml:"proxy_listen_port"` } // PeerMap - peer map for ids and addresses in metrics From 83f3262a8739055af10f23477a63a0cee16f5b24 Mon Sep 17 00:00:00 2001 From: Anish Mukherjee Date: Fri, 10 Mar 2023 19:07:33 +0530 Subject: [PATCH 19/22] remove redundant interface --- logic/peers.go | 1 - models/mqtt.go | 1 - 2 files changed, 2 deletions(-) diff --git a/logic/peers.go b/logic/peers.go index a233aa1d..e92f805c 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -156,7 +156,6 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host PeerIDs: make(models.PeerMap, 0), Peers: []wgtypes.PeerConfig{}, NodePeers: []wgtypes.PeerConfig{}, - Interfaces: host.Interfaces, } logger.Log(1, "peer update for host", host.ID.String()) diff --git a/models/mqtt.go b/models/mqtt.go index c70c370e..316d3fe8 100644 --- a/models/mqtt.go +++ b/models/mqtt.go @@ -19,7 +19,6 @@ type HostPeerUpdate struct { EgressInfo map[string]EgressInfo `json:"egress_info" bson:"egress_info" yaml:"egress_info"` // map key is node ID IngressInfo IngressInfo `json:"ingress_info" bson:"ext_peers" yaml:"ext_peers"` PeerIDs PeerMap `json:"peerids" bson:"peerids" yaml:"peerids"` - Interfaces []Iface `json:"interfaces" yaml:"interfaces"` } // IngressInfo - struct for ingress info From ee9df20b0562fe5f5f664cef6e369a257822ed54 Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Fri, 10 Mar 2023 11:18:29 -0500 Subject: [PATCH 20/22] changed register response, simplified host port check dereference --- controllers/enrollmentkeys.go | 6 +++++- logic/hosts.go | 22 ++++++++++------------ logic/peers.go | 2 +- models/enrollment_key.go | 6 ++++++ 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/controllers/enrollmentkeys.go b/controllers/enrollmentkeys.go index 73966187..56546d76 100644 --- a/controllers/enrollmentkeys.go +++ b/controllers/enrollmentkeys.go @@ -200,9 +200,13 @@ func handleHostRegister(w http.ResponseWriter, r *http.Request) { // ready the response server := servercfg.GetServerInfo() server.TrafficKey = key + response := models.RegisterResponse{ + ServerConf: server, + RequestedHost: newHost, + } logger.Log(0, newHost.Name, newHost.ID.String(), "registered with Netmaker") w.WriteHeader(http.StatusOK) - json.NewEncoder(w).Encode(&server) + json.NewEncoder(w).Encode(&response) // notify host of changes, peer and node updates go checkNetRegAndHostUpdate(enrollmentKey.Networks, &newHost) } diff --git a/logic/hosts.go b/logic/hosts.go index addb8dc0..d220d445 100644 --- a/logic/hosts.go +++ b/logic/hosts.go @@ -208,7 +208,6 @@ func UpdateHostNetwork(h *models.Host, network string, add bool) (*models.Node, } else { return nil, errors.New("host already part of network " + network) } - } } if !add { @@ -362,13 +361,13 @@ func GetRelatedHosts(hostID string) []models.Host { // with the same endpoint have different listen ports // in the case of 64535 hosts or more with same endpoint, ports will not be changed func CheckHostPorts(h *models.Host) { - portsInUse := make(map[int]bool) + portsInUse := make(map[int]bool, 0) hosts, err := GetAllHosts() if err != nil { return } for _, host := range hosts { - if host.ID == h.ID { + if host.ID.String() == h.ID.String() { //skip self continue } @@ -380,12 +379,18 @@ func CheckHostPorts(h *models.Host) { } // iterate until port is not found or max iteration is reached for i := 0; portsInUse[h.ListenPort] && i < maxPort-minPort+1; i++ { - updatePort(&h.ListenPort) + h.ListenPort++ + if h.ListenPort > maxPort { + h.ListenPort = minPort + } } // allocate h.ListenPort so it is unavailable to h.ProxyListenPort portsInUse[h.ListenPort] = true for i := 0; portsInUse[h.ProxyListenPort] && i < maxPort-minPort+1; i++ { - updatePort(&h.ProxyListenPort) + h.ProxyListenPort++ + if h.ProxyListenPort > maxPort { + h.ProxyListenPort = minPort + } } } @@ -409,10 +414,3 @@ func GetHostByNodeID(id string) *models.Host { } return nil } - -func updatePort(p *int) { - *p++ - if *p > maxPort { - *p = minPort - } -} diff --git a/logic/peers.go b/logic/peers.go index 2af7cee9..5d945df6 100644 --- a/logic/peers.go +++ b/logic/peers.go @@ -198,7 +198,7 @@ func GetPeerUpdateForHost(ctx context.Context, network string, host *models.Host peerConfig.ReplaceAllowedIPs = true uselocal := false if host.EndpointIP.String() == peerHost.EndpointIP.String() { - //peer is on same network + // peer is on same network // set to localaddress uselocal = true if node.LocalAddress.IP == nil { diff --git a/models/enrollment_key.go b/models/enrollment_key.go index 1cba2ec3..63d1b6dd 100644 --- a/models/enrollment_key.go +++ b/models/enrollment_key.go @@ -34,6 +34,12 @@ type APIEnrollmentKey struct { Tags []string `json:"tags"` } +// RegisterResponse - the response to a successful enrollment register +type RegisterResponse struct { + ServerConf ServerConfig `json:"server_config"` + RequestedHost Host `json:"requested_host"` +} + // EnrollmentKey.IsValid - checks if the key is still valid to use func (k *EnrollmentKey) IsValid() bool { if k == nil { From 9d6fd5d4d8f92278282401d9fae9afb34400d23f Mon Sep 17 00:00:00 2001 From: dcarns <75687250+0xdcarns@users.noreply.github.com> Date: Fri, 10 Mar 2023 13:36:16 -0500 Subject: [PATCH 21/22] v0.18.3 release.md --- release.md | 41 ++++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/release.md b/release.md index 1776a413..864a32ac 100644 --- a/release.md +++ b/release.md @@ -1,27 +1,38 @@ # Netmaker v0.18.3 -## **Do not attempt upgrade from 0.17.x quite yet** +## **Wait till out of pre-release to fully upgrade** ## whats new -- Enrollment Keys, give the ability for an admin to enroll clients into multiple networks, can be unlimited, time, or usage based -- EMQX broker support and better MQTT support in general - - Now you must specify BROKER_ENDPOINT - - Also specify SERVER_BROKER_ENDPOINT, if not provided server will connect to broker over BROKER_ENDPOINT - - Thsi gives ability for user to specify any broker endpoint and use any protocal on clients desired, such as, `mqtts://mybroker.com:8083` - (we will still default to wss) +- Forced node deletions, if a host doesn't not receive message to delete a node, you can forcefully remove it by deleting it twice from UI/CLI + - Allows user to remove orpahned Nodes + Hosts easier +- EMQX ACLs, if using EMQX as broker, ACLs per host will be created, enhancing security around messages +- You can now create ext clients with your own public key, but this feature will not be represented on current UI (new UI on the horizon) +- STUN is now represented as a list including your NM server + 2 we are hosting + 2 of googles (clients will only use 2) for better NAT detection + - you specify which STUN servers to use with STUN_LIST env variable ## whats fixed -- Fixed default ACL behavior, should work as expected -- Peer calculations enhancement -- main routines share a context and docker stop/ctrl+c give expected results now -- Github workflow edits -- Removed Deprecated Local Network Range from client + server +- More Peer calculation improvements +- JSON output on list commands for `nmctl` +- Upgrade script +- Ports set from server for Hosts on register/join are actually used +- **CLients** + - More efficient Windows daemon handling + - Better peer route setting on clients + - Some commands involving the message queue on client have been fixed + - NFTables masquerading issue + - Some logging has been adjusted + - Migrations on Linux work for 0.17.x - 0.18.3 + - EnrollmentKEys in an HA setup should function fine now + - Registration by enrollment key on client GUI ## known issues -- EnrollmentKeys may not function as intended in an HA setup -- If a host does not receive a message to delete a node, it could become orphaned and un-deletable - Network interface routes may be removed after sometime/unintended network update -- Upgrade script does not handle clients - Caddy does not handle netmaker exporter well for EE - Incorrect latency on metrics (EE) - Swagger docs not up to date +- Lengthy delay when you create an ext client +- issues connecting over IPv6 on Macs +- Nodes on same local network may not always connect +- Netclient GUI shows egress range(s) twice +- DNS entries are not sent after registration with EnrollmentKeys +- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client From 11daff3f1c2d37ec43943c0a93693e7436fe4f50 Mon Sep 17 00:00:00 2001 From: 0xdcarns Date: Tue, 14 Mar 2023 10:46:12 -0400 Subject: [PATCH 22/22] added iot check in mq message handlers --- models/host.go | 15 +++++++++++++++ mq/util.go | 8 ++++++++ 2 files changed, 23 insertions(+) diff --git a/models/host.go b/models/host.go index 86991198..b27b75da 100644 --- a/models/host.go +++ b/models/host.go @@ -7,6 +7,21 @@ import ( "golang.zx2c4.com/wireguard/wgctrl/wgtypes" ) +// OS_Types - list of OS types Netmaker cares about +var OS_Types = struct { + Linux string + Windows string + Mac string + FreeBSD string + IoT string +}{ + Linux: "linux", + Windows: "windows", + Mac: "darwin", + FreeBSD: "freebsd", + IoT: "iot", +} + // WIREGUARD_INTERFACE name of wireguard interface const WIREGUARD_INTERFACE = "netmaker" diff --git a/mq/util.go b/mq/util.go index 0ab59ee9..fb7688de 100644 --- a/mq/util.go +++ b/mq/util.go @@ -12,6 +12,10 @@ import ( ) func decryptMsgWithHost(host *models.Host, msg []byte) ([]byte, error) { + if host.OS == models.OS_Types.IoT { // just pass along IoT messages + return msg, nil + } + trafficKey, trafficErr := logic.RetrievePrivateTrafficKey() // get server private key if trafficErr != nil { return nil, trafficErr @@ -41,6 +45,10 @@ func decryptMsg(node *models.Node, msg []byte) ([]byte, error) { } func encryptMsg(host *models.Host, msg []byte) ([]byte, error) { + if host.OS == models.OS_Types.IoT { + return msg, nil + } + // fetch server public key to be certain hasn't changed in transit trafficKey, trafficErr := logic.RetrievePrivateTrafficKey() if trafficErr != nil {