From 6b42cbe120ead9976e3403b6699eb9c32f6d91bd Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Sat, 3 Sep 2022 08:55:49 -0400 Subject: [PATCH 01/26] normalize cidr on network/egress gateway creation --- logic/gateway.go | 8 ++++++++ logic/networks.go | 14 ++++++++++++++ logic/util.go | 17 +++++++++++++++++ 3 files changed, 39 insertions(+) diff --git a/logic/gateway.go b/logic/gateway.go index b36589f2..944fd3e5 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -14,6 +14,14 @@ import ( // CreateEgressGateway - creates an egress gateway func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, error) { + for i, cidr := range gateway.Ranges { + normalized, err := NormalizeCIDR(cidr) + if err != nil { + return models.Node{}, nil + } + gateway.Ranges[i] = normalized + + } node, err := GetNodeByID(gateway.NodeID) if err != nil { return models.Node{}, err diff --git a/logic/networks.go b/logic/networks.go index 3802b9a3..9400e7b9 100644 --- a/logic/networks.go +++ b/logic/networks.go @@ -70,6 +70,20 @@ func DeleteNetwork(network string) error { // CreateNetwork - creates a network in database func CreateNetwork(network models.Network) (models.Network, error) { + if network.AddressRange != "" { + normalizedRange, err := NormalizeCIDR(network.AddressRange) + if err != nil { + return models.Network{}, err + } + network.AddressRange = normalizedRange + } + if network.AddressRange6 != "" { + normalizedRange, err := NormalizeCIDR(network.AddressRange6) + if err != nil { + return models.Network{}, err + } + network.AddressRange6 = normalizedRange + } network.SetDefaults() network.SetNodesLastModified() network.SetNetworkLastModified() diff --git a/logic/util.go b/logic/util.go index af68afbd..7315d39b 100644 --- a/logic/util.go +++ b/logic/util.go @@ -13,6 +13,7 @@ import ( "strings" "time" + "github.com/c-robinson/iplib" "github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/models" @@ -169,3 +170,19 @@ func ShouldPublishPeerPorts(serverNode *models.Node) bool { } return false } + +// NormalCidr - returns the first address of CIDR +func NormalizeCIDR(address string) (string, error) { + ip, IPNet, err := net.ParseCIDR(address) + if err != nil { + return "", err + } + if ip.To4() == nil { + net6 := iplib.Net6FromStr(IPNet.String()) + IPNet.IP = net6.FirstAddress() + } else { + net4 := iplib.Net4FromStr(IPNet.String()) + IPNet.IP = net4.FirstAddress() + } + return IPNet.String(), nil +} From e364423beb027298a2812bd1baecc50a3f6d1788 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Tue, 6 Sep 2022 07:03:21 -0400 Subject: [PATCH 02/26] return error --- logic/gateway.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/gateway.go b/logic/gateway.go index 944fd3e5..fa148cf4 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -17,7 +17,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro for i, cidr := range gateway.Ranges { normalized, err := NormalizeCIDR(cidr) if err != nil { - return models.Node{}, nil + return models.Node{}, err } gateway.Ranges[i] = normalized From 2d87d14da4c5cc89cd588620ac7cf70367363ab9 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Tue, 6 Sep 2022 09:17:13 -0400 Subject: [PATCH 03/26] networkaddress vice firstaddress --- logic/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/util.go b/logic/util.go index 7315d39b..86c8885b 100644 --- a/logic/util.go +++ b/logic/util.go @@ -182,7 +182,7 @@ func NormalizeCIDR(address string) (string, error) { IPNet.IP = net6.FirstAddress() } else { net4 := iplib.Net4FromStr(IPNet.String()) - IPNet.IP = net4.FirstAddress() + IPNet.IP = net4.NetworkAddress() } return IPNet.String(), nil } From ce58eed740d9de046c7b8845599ac9553d2ff981 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Wed, 7 Sep 2022 14:11:56 -0400 Subject: [PATCH 04/26] fix merge conflict --- logic/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/util.go b/logic/util.go index 28736473..3b915979 100644 --- a/logic/util.go +++ b/logic/util.go @@ -171,7 +171,6 @@ func ShouldPublishPeerPorts(serverNode *models.Node) bool { return false } - // NormalCidr - returns the first address of CIDR func NormalizeCIDR(address string) (string, error) { ip, IPNet, err := net.ParseCIDR(address) @@ -186,6 +185,7 @@ func NormalizeCIDR(address string) (string, error) { IPNet.IP = net4.NetworkAddress() } return IPNet.String(), nil +} func getNetworkProtocols(cidrs []string) (bool, bool) { ipv4 := false From 84e58d0d5a41d8ba343e90b23933a231449d314f Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Thu, 8 Sep 2022 06:19:10 -0400 Subject: [PATCH 05/26] send connected status on checkin --- models/node.go | 6 ++++++ mq/handlers.go | 10 ++++++++-- netclient/functions/connection.go | 9 --------- netclient/functions/mqpublish.go | 10 +++++++++- 4 files changed, 23 insertions(+), 12 deletions(-) diff --git a/models/node.go b/models/node.go index 59f252c6..6c8ea9c1 100644 --- a/models/node.go +++ b/models/node.go @@ -39,6 +39,12 @@ const ( var seededRand *rand.Rand = rand.New( rand.NewSource(time.Now().UnixNano())) +// NodeCheckin - struct for node checkins with server +type NodeCheckin struct { + Version string + Connected string +} + // Node - struct for node model type Node struct { ID string `json:"id,omitempty" bson:"id,omitempty" yaml:"id,omitempty" validate:"required,min=5,id_unique"` diff --git a/mq/handlers.go b/mq/handlers.go index 22bddfce..e00646b7 100644 --- a/mq/handlers.go +++ b/mq/handlers.go @@ -36,13 +36,19 @@ func Ping(client mqtt.Client, msg mqtt.Message) { logger.Log(0, record) return } - version, decryptErr := decryptMsg(&node, msg.Payload()) + decrypted, decryptErr := decryptMsg(&node, msg.Payload()) if decryptErr != nil { logger.Log(0, "error decrypting when updating node ", node.ID, decryptErr.Error()) return } + var checkin models.NodeCheckin + if err := json.Unmarshal(decrypted, &checkin); err != nil { + logger.Log(1, "error unmarshaling payload ", err.Error()) + return + } node.SetLastCheckIn() - node.Version = string(version) + node.Version = checkin.Version + node.Connected = checkin.Connected if err := logic.UpdateNode(&node, &node); err != nil { logger.Log(0, "error updating node", node.Name, node.ID, " on checkin", err.Error()) return diff --git a/netclient/functions/connection.go b/netclient/functions/connection.go index b727b0ef..eb6753d2 100644 --- a/netclient/functions/connection.go +++ b/netclient/functions/connection.go @@ -3,7 +3,6 @@ package functions import ( "fmt" - "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/netclient/config" "github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/wireguard" @@ -24,10 +23,6 @@ func Connect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } - if err := PublishNodeUpdate(cfg); err != nil { - logger.Log(0, "network:", cfg.Node.Network, "could not publish connection change, it will likely get reverted") - } - return config.ModNodeConfig(&cfg.Node) } @@ -46,9 +41,5 @@ func Disconnect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } - if err := PublishNodeUpdate(cfg); err != nil { - logger.Log(0, "network:", cfg.Node.Network, "could not publish connection change, it will likely get reverted") - } - return config.ModNodeConfig(&cfg.Node) } diff --git a/netclient/functions/mqpublish.go b/netclient/functions/mqpublish.go index df2706de..3eddfa57 100644 --- a/netclient/functions/mqpublish.go +++ b/netclient/functions/mqpublish.go @@ -123,7 +123,15 @@ func PublishNodeUpdate(nodeCfg *config.ClientConfig) error { // Hello -- ping the broker to let server know node it's alive and well func Hello(nodeCfg *config.ClientConfig) { - if err := publish(nodeCfg, fmt.Sprintf("ping/%s", nodeCfg.Node.ID), []byte(ncutils.Version), 0); err != nil { + var checkin models.NodeCheckin + checkin.Version = ncutils.Version + checkin.Connected = nodeCfg.Node.Connected + data, err := json.Marshal(checkin) + if err != nil { + logger.Log(0, "unable to marshal checkin data", err.Error()) + return + } + if err := publish(nodeCfg, fmt.Sprintf("ping/%s", nodeCfg.Node.ID), data, 0); err != nil { logger.Log(0, fmt.Sprintf("Network: %s error publishing ping, %v", nodeCfg.Node.Network, err)) logger.Log(0, "running pull on "+nodeCfg.Node.Network+" to reconnect") _, err := Pull(nodeCfg.Node.Network, true) From 70fe3d0268e91a99422742b863dfda32ed2daffd Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Thu, 8 Sep 2022 09:35:58 -0400 Subject: [PATCH 06/26] checkin on daemon start --- netclient/functions/mqpublish.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/netclient/functions/mqpublish.go b/netclient/functions/mqpublish.go index 3eddfa57..8ee1cf6e 100644 --- a/netclient/functions/mqpublish.go +++ b/netclient/functions/mqpublish.go @@ -26,13 +26,16 @@ import ( func Checkin(ctx context.Context, wg *sync.WaitGroup) { logger.Log(2, "starting checkin goroutine") defer wg.Done() + checkin() + ticker := time.NewTicker(time.Second * 60) + defer ticker.Stop() for { select { case <-ctx.Done(): logger.Log(0, "checkin routine closed") return //delay should be configuraable -> use cfg.Node.NetworkSettings.DefaultCheckInInterval ?? - case <-time.After(time.Second * 60): + case <-ticker.C: checkin() } } From c83d273f285915bc82fca363f464ff9305e9e230 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Thu, 8 Sep 2022 09:43:44 -0400 Subject: [PATCH 07/26] restart deamon on connect/disconnect --- netclient/functions/connection.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/netclient/functions/connection.go b/netclient/functions/connection.go index eb6753d2..1a0e171d 100644 --- a/netclient/functions/connection.go +++ b/netclient/functions/connection.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/gravitl/netmaker/netclient/config" + "github.com/gravitl/netmaker/netclient/daemon" "github.com/gravitl/netmaker/netclient/ncutils" "github.com/gravitl/netmaker/netclient/wireguard" ) @@ -23,6 +24,7 @@ func Connect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } + daemon.Restart() return config.ModNodeConfig(&cfg.Node) } @@ -41,5 +43,6 @@ func Disconnect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } + daemon.Restart() return config.ModNodeConfig(&cfg.Node) } From 553ab7ab83bbdd55689e21647e5c8820813a4b8b Mon Sep 17 00:00:00 2001 From: afeiszli Date: Thu, 8 Sep 2022 11:09:25 -0400 Subject: [PATCH 08/26] modifying script for vpn --- docker/Dockerfile-netclient-multiarch-kernel | 22 ++++++++++++++++++++ scripts/nm-quick.sh | 4 ++-- 2 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 docker/Dockerfile-netclient-multiarch-kernel diff --git a/docker/Dockerfile-netclient-multiarch-kernel b/docker/Dockerfile-netclient-multiarch-kernel new file mode 100644 index 00000000..f2455a2f --- /dev/null +++ b/docker/Dockerfile-netclient-multiarch-kernel @@ -0,0 +1,22 @@ +FROM gravitl/go-builder as builder +# add glib support daemon manager +WORKDIR /app +ARG version + +COPY . . + +ENV GO111MODULE=auto + +RUN GOOS=linux CGO_ENABLED=0 /usr/local/go/bin/go build -ldflags="-X 'main.version=${version}'" -o netclient-app netclient/main.go + +FROM alpine:3.15.2 + +WORKDIR /root/ + +RUN apk add --no-cache --update bash libmnl gcompat iptables openresolv iproute2 wireguard-tools +COPY --from=builder /app/netclient-app ./netclient +COPY --from=builder /app/scripts/netclient.sh . +RUN chmod 0755 netclient && chmod 0755 netclient.sh + + +ENTRYPOINT ["/bin/bash", "./netclient.sh"] diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 51897773..acecbef5 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -230,7 +230,7 @@ echo "Netmaker setup is now complete. You are ready to begin using Netmaker." setup_vpn() {( set -e echo "creating vpn network (10.201.0.0/16)" -curl -s -o /dev/null -d '{"addressrange":"10.201.0.0/16","netid":"vpn","defaultextclientdns":"8.8.8.8"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/networks +curl -s -o /dev/null -d '{"addressrange":"10.201.0.0/16","netid":"vpn","defaultextclientdns":"10.201.255.254"}' -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/networks sleep 5 @@ -257,7 +257,7 @@ SERVER_ID=$(jq -r '.[0].id' <<< ${curlresponse}) EGRESS_JSON=$( jq -n \ --arg gw "$GATEWAY_IFACE" \ - '{ranges: ["0.0.0.0/0","::/0"], interface: $gw}' ) + '{ranges: ["0.0.0.0/0"], interface: $gw}' ) echo "egress json: $EGRESS_JSON" curl -s -o /dev/null -X POST -d "$EGRESS_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn/$SERVER_ID/creategateway From 2b2b37558f182e8c31e861a8234b0c3837881454 Mon Sep 17 00:00:00 2001 From: afeiszli Date: Thu, 8 Sep 2022 11:09:40 -0400 Subject: [PATCH 09/26] removing change --- docker/Dockerfile-netclient-multiarch-kernel | 22 -------------------- 1 file changed, 22 deletions(-) delete mode 100644 docker/Dockerfile-netclient-multiarch-kernel diff --git a/docker/Dockerfile-netclient-multiarch-kernel b/docker/Dockerfile-netclient-multiarch-kernel deleted file mode 100644 index f2455a2f..00000000 --- a/docker/Dockerfile-netclient-multiarch-kernel +++ /dev/null @@ -1,22 +0,0 @@ -FROM gravitl/go-builder as builder -# add glib support daemon manager -WORKDIR /app -ARG version - -COPY . . - -ENV GO111MODULE=auto - -RUN GOOS=linux CGO_ENABLED=0 /usr/local/go/bin/go build -ldflags="-X 'main.version=${version}'" -o netclient-app netclient/main.go - -FROM alpine:3.15.2 - -WORKDIR /root/ - -RUN apk add --no-cache --update bash libmnl gcompat iptables openresolv iproute2 wireguard-tools -COPY --from=builder /app/netclient-app ./netclient -COPY --from=builder /app/scripts/netclient.sh . -RUN chmod 0755 netclient && chmod 0755 netclient.sh - - -ENTRYPOINT ["/bin/bash", "./netclient.sh"] From 4243fc89fd7e6b9befc3ea6484826503db0920cd Mon Sep 17 00:00:00 2001 From: afeiszli Date: Thu, 8 Sep 2022 16:25:19 -0400 Subject: [PATCH 10/26] fixing timing --- scripts/nm-quick.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index acecbef5..d1055a8b 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -241,9 +241,9 @@ SERVER_ID=$(jq -r '.[0].id' <<< ${curlresponse}) curl -s -o /dev/null -X POST -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn/$SERVER_ID/createingress -echo "waiting 10 seconds for server to apply configuration..." +echo "waiting 5 seconds for server to apply configuration..." -sleep 10 +sleep 5 echo "configuring netmaker server vpn gateway..." @@ -262,6 +262,8 @@ EGRESS_JSON=$( jq -n \ echo "egress json: $EGRESS_JSON" curl -s -o /dev/null -X POST -d "$EGRESS_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/nodes/vpn/$SERVER_ID/creategateway +sleep 3 + echo "creating client configs..." for ((a=1; a <= $NUM_CLIENTS; a++)) @@ -271,6 +273,7 @@ do '{clientid: $clientid}' ) curl -s -o /dev/null -d "$CLIENT_JSON" -H "Authorization: Bearer $MASTER_KEY" -H 'Content-Type: application/json' https://api.${NETMAKER_BASE_DOMAIN}/api/extclients/vpn/$SERVER_ID + sleep 2 done echo "finished configuring vpn server." From c6f9b174145dbfc30209ebeeb273ee9ff43ba5be Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Fri, 9 Sep 2022 11:00:56 -0400 Subject: [PATCH 11/26] address code review comments --- netclient/functions/connection.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/netclient/functions/connection.go b/netclient/functions/connection.go index 1a0e171d..5c1dee2d 100644 --- a/netclient/functions/connection.go +++ b/netclient/functions/connection.go @@ -24,8 +24,9 @@ func Connect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } + err = config.ModNodeConfig(&cfg.Node) daemon.Restart() - return config.ModNodeConfig(&cfg.Node) + return err } // Disconnect - attempts to disconnect a node on given network @@ -43,6 +44,7 @@ func Disconnect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } + err = config.ModNodeConfig(&cfg.Node) daemon.Restart() - return config.ModNodeConfig(&cfg.Node) + return err } From b61c4d10686736e4114dcef0cafe4caeda89d802 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Fri, 9 Sep 2022 13:15:37 -0400 Subject: [PATCH 12/26] address code review comments --- logic/util.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/logic/util.go b/logic/util.go index 3b915979..c22ce818 100644 --- a/logic/util.go +++ b/logic/util.go @@ -171,7 +171,7 @@ func ShouldPublishPeerPorts(serverNode *models.Node) bool { return false } -// NormalCidr - returns the first address of CIDR +// NormalCIDR - returns the first address of CIDR func NormalizeCIDR(address string) (string, error) { ip, IPNet, err := net.ParseCIDR(address) if err != nil { From 7ec8c4be2a16b88a7b4f326d5e5559d13af58196 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Fri, 9 Sep 2022 14:15:10 -0400 Subject: [PATCH 13/26] use RunCmd for postup/postdown --- logic/networks.go | 3 +-- logic/wireguard.go | 3 +-- netclient/ncutils/netclientutils.go | 4 ++++ netclient/wireguard/common.go | 29 +++++++++++++++++++---------- netclient/wireguard/mac.go | 6 ++---- netclient/wireguard/noquick.go | 9 +++------ 6 files changed, 30 insertions(+), 24 deletions(-) diff --git a/logic/networks.go b/logic/networks.go index 3802b9a3..18cd0fd1 100644 --- a/logic/networks.go +++ b/logic/networks.go @@ -659,8 +659,7 @@ func deleteInterface(ifacename string, postdown string) error { } _, err = ncutils.RunCmd(ipExec+" link del "+ifacename, false) if postdown != "" { - runcmds := strings.Split(postdown, "; ") - err = ncutils.RunCmds(runcmds, false) + _, err = ncutils.RunCmd(postdown, false) } } return err diff --git a/logic/wireguard.go b/logic/wireguard.go index 5078b7be..e85aee61 100644 --- a/logic/wireguard.go +++ b/logic/wireguard.go @@ -191,8 +191,7 @@ func removeLocalServer(node *models.Node) error { logger.Log(1, out) } if node.PostDown != "" { - runcmds := strings.Split(node.PostDown, "; ") - _ = ncutils.RunCmds(runcmds, false) + ncutils.RunCmd(node.PostDown, false) } } } diff --git a/netclient/ncutils/netclientutils.go b/netclient/ncutils/netclientutils.go index 78ff8d49..fb64cb0f 100644 --- a/netclient/ncutils/netclientutils.go +++ b/netclient/ncutils/netclientutils.go @@ -437,6 +437,10 @@ func Copy(src, dst string) error { func RunCmds(commands []string, printerr bool) error { var err error for _, command := range commands { + //prevent panic + if command == " " { + continue + } args := strings.Fields(command) out, err := exec.Command(args[0], args[1:]...).CombinedOutput() if err != nil && printerr { diff --git a/netclient/wireguard/common.go b/netclient/wireguard/common.go index 2bd9b39a..4175c790 100644 --- a/netclient/wireguard/common.go +++ b/netclient/wireguard/common.go @@ -335,22 +335,31 @@ func WriteWgConfig(node *models.Node, privateKey string, peers []wgtypes.PeerCon // wireguard.Section(section_interface).Key("DNS").SetValue(cfg.Server.CoreDNSAddr) //} //need to split postup/postdown because ini lib adds a ` and the ` breaks freebsd + //works fine on others if node.PostUp != "" { - parts := strings.Split(node.PostUp, " ; ") - for i, part := range parts { - if i == 0 { - wireguard.Section(section_interface).Key("PostUp").SetValue(part) + if node.OS == "freebsd" { + parts := strings.Split(node.PostUp, " ; ") + for i, part := range parts { + if i == 0 { + wireguard.Section(section_interface).Key("PostUp").SetValue(part) + } + wireguard.Section(section_interface).Key("PostUp").AddShadow(part) } - wireguard.Section(section_interface).Key("PostUp").AddShadow(part) + } else { + wireguard.Section(section_interface).Key("PostUp").SetValue((node.PostUp)) } } if node.PostDown != "" { - parts := strings.Split(node.PostDown, " ; ") - for i, part := range parts { - if i == 0 { - wireguard.Section(section_interface).Key("PostDown").SetValue(part) + if node.OS == "freebsd" { + parts := strings.Split(node.PostDown, " ; ") + for i, part := range parts { + if i == 0 { + wireguard.Section(section_interface).Key("PostDown").SetValue(part) + } + wireguard.Section(section_interface).Key("PostDown").AddShadow(part) } - wireguard.Section(section_interface).Key("PostDown").AddShadow(part) + } else { + wireguard.Section(section_interface).Key("PostUp").SetValue((node.PostUp)) } } if node.MTU != 0 { diff --git a/netclient/wireguard/mac.go b/netclient/wireguard/mac.go index 11b20409..4c9f08ba 100644 --- a/netclient/wireguard/mac.go +++ b/netclient/wireguard/mac.go @@ -19,8 +19,7 @@ func WgQuickDownMac(node *models.Node, iface string) error { return err } if node.PostDown != "" { - runcmds := strings.Split(node.PostDown, "; ") - ncutils.RunCmds(runcmds, true) + ncutils.RunCmd(node.PostDown, true) } return nil } @@ -85,8 +84,7 @@ func WgQuickUpMac(node *models.Node, iface string, confPath string) error { //next, wg-quick runs monitor_daemon time.Sleep(time.Second / 2) if node.PostUp != "" { - runcmds := strings.Split(node.PostUp, "; ") - ncutils.RunCmds(runcmds, true) + ncutils.RunCmd(node.PostUp, true) } return err } diff --git a/netclient/wireguard/noquick.go b/netclient/wireguard/noquick.go index 9ffb0661..bc439196 100644 --- a/netclient/wireguard/noquick.go +++ b/netclient/wireguard/noquick.go @@ -99,8 +99,7 @@ func ApplyWithoutWGQuick(node *models.Node, ifacename, confPath string, isConnec return err } if node.PostDown != "" { - runcmds := strings.Split(node.PostDown, "; ") - _ = ncutils.RunCmds(runcmds, false) + ncutils.RunCmd(node.PostDown, false) } // set MTU of node interface if _, err := ncutils.RunCmd(ipExec+" link set mtu "+strconv.Itoa(int(node.MTU))+" up dev "+ifacename, true); err != nil { @@ -108,8 +107,7 @@ func ApplyWithoutWGQuick(node *models.Node, ifacename, confPath string, isConnec return err } if node.PostUp != "" { - runcmds := strings.Split(node.PostUp, "; ") - _ = ncutils.RunCmds(runcmds, true) + ncutils.RunCmd(node.PostUp, false) } if node.Address6 != "" { logger.Log(1, "adding address: ", node.Address6) @@ -139,8 +137,7 @@ func RemoveWithoutWGQuick(ifacename string) error { nodeconf, err := config.ReadConfig(network) if nodeconf != nil && err == nil { if nodeconf.Node.PostDown != "" { - runcmds := strings.Split(nodeconf.Node.PostDown, "; ") - _ = ncutils.RunCmds(runcmds, false) + ncutils.RunCmd(nodeconf.Node.PostDown, false) } } else if err != nil { logger.Log(1, "error retrieving config: ", err.Error()) From 661290c84d6ae99834b7aa0ea43806c28d2d2924 Mon Sep 17 00:00:00 2001 From: cameronts Date: Sat, 10 Sep 2022 21:51:59 -0700 Subject: [PATCH 14/26] Update swagger docs --- auth/auth.go | 2 +- controllers/dns.go | 38 +- controllers/docs.go | 326 +++++++- controllers/ext_client.go | 39 +- controllers/files.go | 2 +- controllers/ipservice.go | 5 +- controllers/network.go | 51 +- controllers/node.go | 41 +- controllers/relay.go | 6 + controllers/server.go | 14 +- controllers/user.go | 35 +- swagger.yaml | 1523 ++++++++++++++++++++++++++++++++++++- 12 files changed, 2012 insertions(+), 70 deletions(-) diff --git a/auth/auth.go b/auth/auth.go index a8572120..bd7bcd3d 100644 --- a/auth/auth.go +++ b/auth/auth.go @@ -99,7 +99,7 @@ func HandleAuthCallback(w http.ResponseWriter, r *http.Request) { // swagger:route GET /api/oauth/login nodes HandleAuthLogin // -// Handles OAuth login +// Handles OAuth login. // // Schemes: https // diff --git a/controllers/dns.go b/controllers/dns.go index 64e445f1..c5ae5afa 100644 --- a/controllers/dns.go +++ b/controllers/dns.go @@ -27,7 +27,7 @@ func dnsHandlers(r *mux.Router) { // swagger:route GET /api/dns/adm/{network}/nodes dns getNodeDNS // -// Gets node DNS entries associated with a network +// Gets node DNS entries associated with a network. // // Schemes: https // @@ -53,12 +53,16 @@ func getNodeDNS(w http.ResponseWriter, r *http.Request) { // swagger:route GET /api/dns dns getAllDNS // -// Gets all DNS entries +// Gets all DNS entries. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: dnsResponse +// func getAllDNS(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") dns, err := logic.GetAllDNS() @@ -73,12 +77,16 @@ func getAllDNS(w http.ResponseWriter, r *http.Request) { // swagger:route GET /api/dns/adm/{network}/custom dns getCustomDNS // -// Gets custom DNS entries associated with a network +// Gets custom DNS entries associated with a network. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: dnsResponse +// func getCustomDNS(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -99,12 +107,16 @@ func getCustomDNS(w http.ResponseWriter, r *http.Request) { // swagger:route GET /api/dns/adm/{network} dns getDNS // -// Gets all DNS entries associated with the network +// Gets all DNS entries associated with the network. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: dnsResponse +// func getDNS(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -125,12 +137,16 @@ func getDNS(w http.ResponseWriter, r *http.Request) { // swagger:route POST /api/dns/{network} dns createDNS // -// Create a DNS entry +// Create a DNS entry. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: dnsResponse +// func createDNS(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -184,12 +200,16 @@ func createDNS(w http.ResponseWriter, r *http.Request) { // swagger:route DELETE /api/dns/{network}/{domain} dns deleteDNS // -// Delete a DNS entry +// Delete a DNS entry. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: stringJSONResponse +// *: stringJSONResponse func deleteDNS(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") @@ -248,12 +268,16 @@ func GetDNSEntry(domain string, network string) (models.DNSEntry, error) { // swagger:route POST /api/dns/adm/pushdns dns pushDNS // -// Push DNS entries to nameserver +// Push DNS entries to nameserver. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: dnsStringJSONResponse +// *: dnsStringJSONResponse func pushDNS(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") diff --git a/controllers/docs.go b/controllers/docs.go index 1e1f5ae7..b51cdea7 100644 --- a/controllers/docs.go +++ b/controllers/docs.go @@ -11,7 +11,7 @@ // // Schemes: https // BasePath: / -// Version: 0.15.1 +// Version: 0.15.2 // Host: netmaker.io // // Consumes: @@ -25,3 +25,327 @@ // // swagger:meta package controller + +import ( + serverconfigpkg "github.com/gravitl/netmaker/config" + "github.com/gravitl/netmaker/logic/acls" + "github.com/gravitl/netmaker/models" + "github.com/gravitl/netmaker/netclient/config" +) + +// swagger:parameters getNodeDNS getCustomDNS getDNS +type dnsPathParams struct { + // Network + // in: path + Network string `json:"network"` +} + +// swagger:parameters createDNS +type dnsParams struct { + // Network + // in: path + Network string `json:"network"` + + // DNS Entry + // in: body + Body []models.DNSEntry `json:"body"` +} + +// Success +// swagger:response dnsResponse +type dnsResponse struct { + // in: body + Body []models.DNSEntry `json:"body"` +} + +// swagger:parameters deleteDNS +type dnsDeletePathParams struct { + // Network + // in: path + Network string `json:"network"` + + // Domain + // in: path + Domain string `json:"domain"` +} + +// swagger:response stringJSONResponse +type stringJSONResponse struct { + // Response + // in: body + Response string `json:"response"` +} + +// swagger:parameters getAllExtClients +type getAllClientsRequest struct { + // Networks + // in:body + Networks []string `json:"networks"` +} + +// swagger:response extClientSliceResponse +type extClientSliceResponse struct { + // ExtClients + // in: body + ExtClients []models.ExtClient `json:"ext_clients"` +} + +// swagger:response extClientResponse +type extClientResponse struct { + // ExtClient + // in: body + ExtClient models.ExtClient `json:"ext_client"` +} + +// swagger:response successResponse +type successResponse struct { + // Success Response + // in: body + SuccessResponse models.SuccessResponse `json:"success_response"` +} + +// swagger:parameters getExtClient getExtClientConf updateExtClient deleteExtClient +type extClientPathParams struct { + // Client ID + // in: path + ClientID string `json:"clientid"` + + // Network + // in: path + Network string `json:"network"` +} + +// swagger:parameters updateExtClient +type extClientBodyParam struct { + // ExtClient + // in: body + ExtClient models.ExtClient `json:"ext_client"` +} + +// swagger:parameters getNetworkExtClients +type extClientNetworkPathParam struct { + // Network + // in: path + Network string `json:"network"` +} + +// swagger:parameters createExtClient +type createExtClientPathParams struct { + // Network + // in: path + Network string `json:"network"` + + // Node ID + // in: path + NodeID string `json:"node"` + + // Custom ExtClient + // in: body + CustomExtClient models.CustomExtClient `json:"custom_ext_client"` +} + +// swagger:parameters getNode updateNode deleteNode createRelay deleteRelay createEgressGateway deleteEgressGateway createIngressGateway deleteIngressGateway uncordonNode +type networkNodePathParams struct { + // Network + // in: path + Network string `json:"network"` + + // Node ID + // in: path + NodeID string `json:"nodeid"` +} + +// swagger:response byteArrayResponse +type byteArrayResponse struct { + // in: body + ByteArray []byte `json:"byte_array"` +} + +// swagger:parameters getNetworks +type headerNetworks struct { + // name: networks + // in: header + Networks []string `json:"networks"` +} + +// swagger:response getNetworksSliceResponse +type getNetworksSliceResponse struct { + // Networks + // in: body + Networks []models.Network `json:"networks"` +} + +// swagger:parameters createNetwork updateNetwork +type networkBodyParam struct { + // Network + // in: body + Network models.Network `json:"network"` +} + +// swagger:parameters updateNetwork getNetwork updateNetwork updateNetworkNodeLimit deleteNetwork keyUpdate createAccessKey getAccessKeys deleteAccessKey updateNetworkACL getNetworkACL +type networkPathParam struct { + // Network Name + // in: path + NetworkName string `json:"networkname"` +} + +// swagger:parameters deleteAccessKey +type networkAccessKeyNamePathParam struct { + // Access Key Name + // in: path + AccessKeyName string `json:"access_key_name"` +} + +// swagger:response networkBodyResponse +type networkBodyResponse struct { + // Network + // in: body + Network models.Network `json:"network"` +} + +// swagger:parameters createAccessKey +type accessKeyBodyParam struct { + // Access Key + // in: body + AccessKey models.AccessKey `json:"access_key"` +} + +// swagger:response accessKeyBodyResponse +type accessKeyBodyResponse struct { + // Access Key + // in: body + AccessKey models.AccessKey `json:"access_key"` +} + +// swagger:response accessKeySliceBodyResponse +type accessKeySliceBodyResponse struct { + // Access Keys + // in: body + AccessKey []models.AccessKey `json:"access_key"` +} + +// swagger:parameters updateNetworkACL getNetworkACL +type aclContainerBodyParam struct { + // ACL Container + // in: body + ACLContainer acls.ACLContainer `json:"acl_container"` +} + +// swagger:response aclContainerResponse +type aclContainerResponse struct { + // ACL Container + // in: body + ACLContainer acls.ACLContainer `json:"acl_container"` +} + +// swagger:response nodeSliceResponse +type nodeSliceResponse struct { + // Nodes + // in: body + Nodes []models.Node `json:"nodes"` +} + +// swagger:response nodeResponse +type nodeResponse struct { + // Node + // in: body + Node models.Node `json:"node"` +} + +// swagger:parameters updateNode deleteNode +type nodeBodyParam struct { + // Node + // in: body + Node models.Node `json:"node"` +} + +// swagger:parameters createRelay +type relayRequestBodyParam struct { + // Relay Request + // in: body + RelayRequest models.RelayRequest `json:"relay_request"` +} + +// swagger:parameters createEgressGateway +type egressGatewayBodyParam struct { + // Egress Gateway Request + // in: body + EgressGatewayRequest models.EgressGatewayRequest `json:"egress_gateway_request"` +} + +// swagger:parameters authenticate +type authParamBodyParam struct { + // AuthParams + // in: body + AuthParams models.AuthParams `json:"auth_params"` +} + +// swagger:response serverConfigResponse +type serverConfigResponse struct { + // Server Config + // in: body + ServerConfig serverconfigpkg.ServerConfig `json:"server_config"` +} + +// swagger:response nodeGetResponse +type nodeGetResponse struct { + // Node Get + // in: body + NodeGet models.NodeGet `json:"node_get"` +} + +// swagger:response nodeLastModifiedResponse +type nodeLastModifiedResponse struct { + // Node Last Modified + // in: body + NodesLastModified int64 `json:"nodes_last_modified"` +} + +// swagger:parameters register +type registerRequestBodyParam struct { + // Register Request + // in: body + RegisterRequest config.RegisterRequest `json:"register_request"` +} + +// swagger:response registerResponse +type registerResponse struct { + // Register Response + // in: body + RegisterResponse config.RegisterResponse `json:"register_response"` +} + +// swagger:response boolResponse +type boolResponse struct { + // Boolean Response + // in: body + BoolResponse bool `json:"bool_response"` +} + +// swagger:parameters createAdmin updateUser updateUserNetworks createUser +type userBodyParam struct { + // User + // in: body + User models.User `json:"user"` +} + +// swagger:response userBodyResponse +type userBodyResponse struct { + // User + // in: body + User models.User `json:"user"` +} + +// swagger:parameters authenticateUser +type userAuthBodyParam struct { + // User Auth Params + // in: body + UserAuthParams models.UserAuthParams `json:"user_auth_params"` +} + +// swagger:parameters updateUser updateUserNetworks updateUserAdm createUser deleteUser getUser +type usernamePathParam struct { + // Username + // in: path + Username string `json:"username"` +} diff --git a/controllers/ext_client.go b/controllers/ext_client.go index 3e5dc5c6..767a2ecb 100644 --- a/controllers/ext_client.go +++ b/controllers/ext_client.go @@ -38,13 +38,17 @@ func checkIngressExists(nodeID string) bool { // swagger:route GET /api/extclients/{network} ext_client getNetworkExtClients // -// Get all extclients associated with network -// Gets all extclients associated with network, including pending extclients +// Get all extclients associated with network. +// Gets all extclients associated with network, including pending extclients. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: extClientSliceResponse +// func getNetworkExtClients(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -75,6 +79,9 @@ func getNetworkExtClients(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: extClientSliceResponse +// // Not quite sure if this is necessary. Probably necessary based on front end but may // want to review after iteration 1 if it's being used or not func getAllExtClients(w http.ResponseWriter, r *http.Request) { @@ -113,7 +120,7 @@ func getAllExtClients(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(clients) } -// swagger:route GET /api/extclients ext_client getExtClient +// swagger:route GET /api/extclients/{network}/{clientid} ext_client getExtClient // // Get an individual extclient. // @@ -122,6 +129,9 @@ func getAllExtClients(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: extClientResponse +// func getExtClient(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -151,6 +161,9 @@ func getExtClient(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: extClientResponse +// func getExtClientConf(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -289,7 +302,7 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { var params = mux.Vars(r) networkName := params["network"] nodeid := params["nodeid"] - + ingressExists := checkIngressExists(nodeid) if !ingressExists { err := errors.New("ingress does not exist") @@ -301,11 +314,13 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { var extclient models.ExtClient var CustomExtClient models.CustomExtClient - - err := json.NewDecoder(r.Body).Decode(&CustomExtClient); - - if err == nil { extclient.ClientID = CustomExtClient.ClientID } - + + err := json.NewDecoder(r.Body).Decode(&CustomExtClient) + + if err == nil { + extclient.ClientID = CustomExtClient.ClientID + } + extclient.Network = networkName extclient.IngressGatewayID = nodeid node, err := logic.GetNodeByID(nodeid) @@ -346,6 +361,9 @@ func createExtClient(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: extClientResponse +// func updateExtClient(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -414,6 +432,9 @@ func updateExtClient(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: successResponse +// func deleteExtClient(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") diff --git a/controllers/files.go b/controllers/files.go index 536484ae..dfe7a337 100644 --- a/controllers/files.go +++ b/controllers/files.go @@ -9,7 +9,7 @@ import ( func fileHandlers(r *mux.Router) { // swagger:route GET /meshclient/files/{filename} meshclient fileServer // - // Retrieve a file from the file server + // Retrieve a file from the file server. // // Schemes: https // diff --git a/controllers/ipservice.go b/controllers/ipservice.go index d237ab37..1f9586cc 100644 --- a/controllers/ipservice.go +++ b/controllers/ipservice.go @@ -16,13 +16,16 @@ func ipHandlers(r *mux.Router) { // swagger:route GET /api/getip ipservice getPublicIP // -// Get the current public IP address +// Get the current public IP address. // // Schemes: https // // Security: // oauth // +// Responses: +// 200: byteArrayResponse +// func getPublicIP(w http.ResponseWriter, r *http.Request) { r.Header.Set("Connection", "close") ip, err := parseIP(r) diff --git a/controllers/network.go b/controllers/network.go index 9179d271..b94a230c 100644 --- a/controllers/network.go +++ b/controllers/network.go @@ -41,12 +41,15 @@ func networkHandlers(r *mux.Router) { // swagger:route GET /api/networks networks getNetworks // -// Lists all networks +// Lists all networks. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: getNetworksSliceResponse func getNetworks(w http.ResponseWriter, r *http.Request) { headerNetworks := r.Header.Get("networks") @@ -87,14 +90,17 @@ func getNetworks(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(allnetworks) } -// swagger:route GET /api/networks networks getNetwork +// swagger:route GET /api/networks/{networkname} networks getNetwork // -// Get a network +// Get a network. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: networkBodyResponse func getNetwork(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -123,6 +129,9 @@ func getNetwork(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: networkBodyResponse func keyUpdate(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -154,12 +163,15 @@ func keyUpdate(w http.ResponseWriter, r *http.Request) { // swagger:route PUT /api/networks/{networkname} networks updateNetwork // -// Update a network +// Update a network. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: networkBodyResponse func updateNetwork(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -256,12 +268,15 @@ func updateNetwork(w http.ResponseWriter, r *http.Request) { // swagger:route PUT /api/networks/{networkname}/nodelimit networks updateNetworkNodeLimit // -// Update a network's node limit +// Update a network's node limit. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: networkBodyResponse func updateNetworkNodeLimit(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -309,6 +324,9 @@ func updateNetworkNodeLimit(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: aclContainerResponse func updateNetworkACL(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -364,6 +382,9 @@ func updateNetworkACL(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: aclContainerResponse func getNetworkACL(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -389,6 +410,9 @@ func getNetworkACL(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: stringJSONResponse func deleteNetwork(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") @@ -413,12 +437,15 @@ func deleteNetwork(w http.ResponseWriter, r *http.Request) { // swagger:route POST /api/networks networks createNetwork // -// Create a network +// Create a network. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: networkBodyResponse func createNetwork(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -478,6 +505,9 @@ func createNetwork(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: accessKeyBodyResponse +// // BEGIN KEY MANAGEMENT SECTION func createAccessKey(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -519,6 +549,9 @@ func createAccessKey(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: accessKeySliceBodyResponse func getAccessKeys(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -538,7 +571,7 @@ func getAccessKeys(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(keys) } -// swagger:route GET /api/networks/{networkname}/keys/{name} networks deleteAccessKey +// swagger:route DELETE /api/networks/{networkname}/keys/{name} networks deleteAccessKey // // Delete a network access key. // @@ -547,6 +580,10 @@ func getAccessKeys(w http.ResponseWriter, r *http.Request) { // Security: // oauth // +// Responses: +// 200: +// *: stringJSONResponse +// // delete key. Has to do a little funky logic since it's not a collection item func deleteAccessKey(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") diff --git a/controllers/node.go b/controllers/node.go index 7bf40840..146f5681 100644 --- a/controllers/node.go +++ b/controllers/node.go @@ -44,6 +44,9 @@ func nodeHandlers(r *mux.Router) { // // Security: // oauth +// +// Responses: +// 200: successResponse func authenticate(response http.ResponseWriter, request *http.Request) { var authRequest models.AuthParams @@ -297,12 +300,15 @@ func authorize(nodesAllowed, networkCheck bool, authNetwork string, next http.Ha // swagger:route GET /api/nodes/{network} nodes getNetworkNodes // -// Gets all nodes associated with network including pending nodes +// Gets all nodes associated with network including pending nodes. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: nodeSliceResponse func getNetworkNodes(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -339,6 +345,9 @@ func getNetworkNodes(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeSliceResponse // Not quite sure if this is necessary. Probably necessary based on front end but may want to review after iteration 1 if it's being used or not func getAllNodes(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -393,6 +402,9 @@ func getUsersNodes(user models.User) ([]models.Node, error) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func getNode(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -438,6 +450,9 @@ func getNode(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeLastModifiedResponse // TODO: This needs to be refactored // Potential way to do this: On UpdateNode, set a new field for "LastModified" // If we go with the existing way, we need to at least set network.NodesLastModified on UpdateNode @@ -467,6 +482,9 @@ func getLastModified(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeGetResponse func createNode(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -594,6 +612,9 @@ func createNode(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse // Takes node out of pending state // TODO: May want to use cordon/uncordon terminology instead of "ispending". func uncordonNode(w http.ResponseWriter, r *http.Request) { @@ -624,6 +645,9 @@ func uncordonNode(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func createEgressGateway(w http.ResponseWriter, r *http.Request) { var gateway models.EgressGatewayRequest var params = mux.Vars(r) @@ -660,6 +684,9 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func deleteEgressGateway(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -691,6 +718,9 @@ func deleteEgressGateway(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func createIngressGateway(w http.ResponseWriter, r *http.Request) { var params = mux.Vars(r) w.Header().Set("Content-Type", "application/json") @@ -720,6 +750,9 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func deleteIngressGateway(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -749,6 +782,9 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func updateNode(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -851,6 +887,9 @@ func updateNode(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func deleteNode(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") diff --git a/controllers/relay.go b/controllers/relay.go index 6c5ad1a0..28b95506 100644 --- a/controllers/relay.go +++ b/controllers/relay.go @@ -20,6 +20,9 @@ import ( // // Security: // oauth +// +// Responses: +// 200: nodeResponse func createRelay(w http.ResponseWriter, r *http.Request) { var relay models.RelayRequest var params = mux.Vars(r) @@ -59,6 +62,9 @@ func createRelay(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: nodeResponse func deleteRelay(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) diff --git a/controllers/server.go b/controllers/server.go index 0ce49e4a..fb7541cc 100644 --- a/controllers/server.go +++ b/controllers/server.go @@ -75,6 +75,9 @@ func securityCheckServer(adminonly bool, next http.Handler) http.HandlerFunc { // // Security: // oauth +// +// Responses: +// 200: stringJSONResponse func removeNetwork(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") @@ -102,6 +105,9 @@ func removeNetwork(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: serverConfigResponse func getServerInfo(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") @@ -120,6 +126,9 @@ func getServerInfo(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: serverConfigResponse func getConfig(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") @@ -133,12 +142,15 @@ func getConfig(w http.ResponseWriter, r *http.Request) { // swagger:route POST /api/server/register nodes register // -// Registers a client with the server and return the Certificate Authority and certificate +// Registers a client with the server and return the Certificate Authority and certificate. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: registerResponse func register(w http.ResponseWriter, r *http.Request) { logger.Log(2, "processing registration request") w.Header().Set("Content-Type", "application/json") diff --git a/controllers/user.go b/controllers/user.go index 48872918..eddc7cef 100644 --- a/controllers/user.go +++ b/controllers/user.go @@ -39,6 +39,8 @@ func userHandlers(r *mux.Router) { // Security: // oauth // +// Responses: +// 200: successResponse func authenticateUser(response http.ResponseWriter, request *http.Request) { // Auth request consists of Mac Address and Password (from node that is authorizing @@ -103,6 +105,9 @@ func authenticateUser(response http.ResponseWriter, request *http.Request) { // // Security: // oauth +// +// Responses: +// 200: successResponse func hasAdmin(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -140,6 +145,9 @@ func GetUserInternal(username string) (models.User, error) { // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func getUser(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -159,12 +167,15 @@ func getUser(w http.ResponseWriter, r *http.Request) { // swagger:route GET /api/users nodes getUsers // -// Get all users +// Get all users. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func getUsers(w http.ResponseWriter, r *http.Request) { // set header. w.Header().Set("Content-Type", "application/json") @@ -189,6 +200,9 @@ func getUsers(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func createAdmin(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -222,6 +236,9 @@ func createAdmin(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func createUser(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -246,12 +263,15 @@ func createUser(w http.ResponseWriter, r *http.Request) { // swagger:route PUT /api/users/networks/{username} nodes updateUserNetworks // -// Updates the networks of the given user +// Updates the networks of the given user. // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func updateUserNetworks(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -293,6 +313,9 @@ func updateUserNetworks(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func updateUser(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -335,12 +358,15 @@ func updateUser(w http.ResponseWriter, r *http.Request) { // swagger:route PUT /api/users/{username}/adm nodes updateUserAdm // -// Updates the given admin user's info (as long as the user is an admin) +// Updates the given admin user's info (as long as the user is an admin). // // Schemes: https // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func updateUserAdm(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") var params = mux.Vars(r) @@ -390,6 +416,9 @@ func updateUserAdm(w http.ResponseWriter, r *http.Request) { // // Security: // oauth +// +// Responses: +// 200: userBodyResponse func deleteUser(w http.ResponseWriter, r *http.Request) { // Set header w.Header().Set("Content-Type", "application/json") diff --git a/swagger.yaml b/swagger.yaml index ef364aec..e061fc17 100644 --- a/swagger.yaml +++ b/swagger.yaml @@ -1,6 +1,739 @@ basePath: / consumes: - application/json +definitions: + ACL: + additionalProperties: + format: uint8 + type: integer + description: ACL - the ACL of other nodes in a NetworkACL for a single unique node + type: object + x-go-package: github.com/gravitl/netmaker/logic/acls + ACLContainer: + additionalProperties: + $ref: '#/definitions/ACL' + description: ACLContainer - the total list of all node's ACL in a given network + type: object + x-go-package: github.com/gravitl/netmaker/logic/acls + AccessKey: + description: AccessKey - access key struct + properties: + accessstring: + type: string + x-go-name: AccessString + name: + type: string + x-go-name: Name + uses: + format: int64 + type: integer + x-go-name: Uses + value: + type: string + x-go-name: Value + type: object + x-go-package: github.com/gravitl/netmaker/models + AttributeTypeAndValue: + description: |- + AttributeTypeAndValue mirrors the ASN.1 structure of the same name in + RFC 5280, Section 4.1.2.4. + properties: + Type: + $ref: '#/definitions/ObjectIdentifier' + Value: {} + type: object + x-go-package: crypto/x509/pkix + AuthParams: + description: AuthParams - struct for auth params + properties: + id: + type: string + x-go-name: ID + macaddress: + type: string + x-go-name: MacAddress + password: + type: string + x-go-name: Password + type: object + x-go-package: github.com/gravitl/netmaker/models + CustomExtClient: + description: CustomExtClient - struct for CustomExtClient params + properties: + clientid: + type: string + x-go-name: ClientID + type: object + x-go-package: github.com/gravitl/netmaker/models + DNSEntry: + description: DNSEntry - a DNS entry represented as struct + properties: + address: + type: string + x-go-name: Address + address6: + type: string + x-go-name: Address6 + name: + type: string + x-go-name: Name + network: + type: string + x-go-name: Network + type: object + x-go-package: github.com/gravitl/netmaker/models + Duration: + description: |- + A Duration represents the elapsed time between two instants + as an int64 nanosecond count. The representation limits the + largest representable duration to approximately 290 years. + format: int64 + type: integer + x-go-package: time + EgressGatewayRequest: + description: EgressGatewayRequest - egress gateway request + properties: + interface: + type: string + x-go-name: Interface + natenabled: + type: string + x-go-name: NatEnabled + netid: + type: string + x-go-name: NetID + nodeid: + type: string + x-go-name: NodeID + postdown: + type: string + x-go-name: PostDown + postup: + type: string + x-go-name: PostUp + ranges: + items: + type: string + type: array + x-go-name: Ranges + type: object + x-go-package: github.com/gravitl/netmaker/models + ExtClient: + description: ExtClient - struct for external clients + properties: + address: + type: string + x-go-name: Address + address6: + type: string + x-go-name: Address6 + clientid: + type: string + x-go-name: ClientID + description: + type: string + x-go-name: Description + enabled: + type: boolean + x-go-name: Enabled + ingressgatewayendpoint: + type: string + x-go-name: IngressGatewayEndpoint + ingressgatewayid: + type: string + x-go-name: IngressGatewayID + lastmodified: + format: int64 + type: integer + x-go-name: LastModified + network: + type: string + x-go-name: Network + privatekey: + type: string + x-go-name: PrivateKey + publickey: + type: string + x-go-name: PublicKey + type: object + x-go-package: github.com/gravitl/netmaker/models + IPMask: + description: See type IPNet and func ParseCIDR for details. + items: + format: uint8 + type: integer + title: |- + An IPMask is a bitmask that can be used to manipulate + IP addresses for IP addressing and routing. + type: array + x-go-package: net + IPNet: + properties: + IP: + type: string + Mask: + $ref: '#/definitions/IPMask' + title: An IPNet represents an IP network. + type: object + x-go-package: net + Key: + description: |- + A Key is a public, private, or pre-shared secret key. The Key constructor + functions in this package can be used to create Keys suitable for each of + these applications. + items: + format: uint8 + type: integer + type: array + x-go-package: golang.zx2c4.com/wireguard/wgctrl/wgtypes + Name: + description: |- + Name represents an X.509 distinguished name. This only includes the common + elements of a DN. Note that Name is only an approximation of the X.509 + structure. If an accurate representation is needed, asn1.Unmarshal the raw + subject or issuer as an RDNSequence. + properties: + Country: + items: + type: string + type: array + x-go-name: OrganizationalUnit + ExtraNames: + description: |- + ExtraNames contains attributes to be copied, raw, into any marshaled + distinguished names. Values override any attributes with the same OID. + The ExtraNames field is not populated when parsing, see Names. + items: + $ref: '#/definitions/AttributeTypeAndValue' + type: array + Locality: + items: + type: string + type: array + x-go-name: Province + Names: + description: |- + Names contains all parsed attributes. When parsing distinguished names, + this can be used to extract non-standard attributes that are not parsed + by this package. When marshaling to RDNSequences, the Names field is + ignored, see ExtraNames. + items: + $ref: '#/definitions/AttributeTypeAndValue' + type: array + SerialNumber: + type: string + x-go-name: CommonName + StreetAddress: + items: + type: string + type: array + x-go-name: PostalCode + type: object + x-go-package: crypto/x509/pkix + Network: + description: |- + Network Struct - contains info for a given unique network + At some point, need to replace all instances of Name with something else like Identifier + properties: + accesskeys: + items: + $ref: '#/definitions/AccessKey' + type: array + x-go-name: AccessKeys + addressrange: + type: string + x-go-name: AddressRange + addressrange6: + type: string + x-go-name: AddressRange6 + allowmanualsignup: + type: string + x-go-name: AllowManualSignUp + defaultacl: + type: string + x-go-name: DefaultACL + defaultextclientdns: + type: string + x-go-name: DefaultExtClientDNS + defaultinterface: + type: string + x-go-name: DefaultInterface + defaultkeepalive: + format: int32 + type: integer + x-go-name: DefaultKeepalive + defaultlistenport: + format: int32 + type: integer + x-go-name: DefaultListenPort + defaultmtu: + format: int32 + type: integer + x-go-name: DefaultMTU + defaultpostdown: + type: string + x-go-name: DefaultPostDown + defaultpostup: + type: string + x-go-name: DefaultPostUp + defaultudpholepunch: + type: string + x-go-name: DefaultUDPHolePunch + isipv4: + type: string + x-go-name: IsIPv4 + isipv6: + type: string + x-go-name: IsIPv6 + islocal: + type: string + x-go-name: IsLocal + ispointtosite: + type: string + x-go-name: IsPointToSite + localrange: + type: string + x-go-name: LocalRange + netid: + type: string + x-go-name: NetID + networklastmodified: + format: int64 + type: integer + x-go-name: NetworkLastModified + nodelimit: + format: int32 + type: integer + x-go-name: NodeLimit + nodeslastmodified: + format: int64 + type: integer + x-go-name: NodesLastModified + type: object + x-go-package: github.com/gravitl/netmaker/models + Node: + description: Node - struct for node model + properties: + accesskey: + type: string + x-go-name: AccessKey + action: + type: string + x-go-name: Action + address: + type: string + x-go-name: Address + address6: + type: string + x-go-name: Address6 + allowedips: + items: + type: string + type: array + x-go-name: AllowedIPs + connected: + type: string + x-go-name: Connected + dnson: + type: string + x-go-name: DNSOn + egressgatewaynatenabled: + type: string + x-go-name: EgressGatewayNatEnabled + egressgatewayranges: + items: + type: string + type: array + x-go-name: EgressGatewayRanges + egressgatewayrequest: + $ref: '#/definitions/EgressGatewayRequest' + endpoint: + type: string + x-go-name: Endpoint + expdatetime: + format: int64 + type: integer + x-go-name: ExpirationDateTime + firewallinuse: + type: string + x-go-name: FirewallInUse + id: + type: string + x-go-name: ID + ingressgatewayrange: + type: string + x-go-name: IngressGatewayRange + ingressgatewayrange6: + type: string + x-go-name: IngressGatewayRange6 + interface: + type: string + x-go-name: Interface + internetgateway: + type: string + x-go-name: InternetGateway + ipforwarding: + type: string + x-go-name: IPForwarding + isdocker: + type: string + x-go-name: IsDocker + isegressgateway: + type: string + x-go-name: IsEgressGateway + ishub: + type: string + x-go-name: IsHub + isingressgateway: + type: string + x-go-name: IsIngressGateway + isk8s: + type: string + x-go-name: IsK8S + islocal: + type: string + x-go-name: IsLocal + ispending: + type: string + x-go-name: IsPending + isrelay: + type: string + x-go-name: IsRelay + isrelayed: + type: string + x-go-name: IsRelayed + isserver: + type: string + x-go-name: IsServer + isstatic: + description: IsStatic - refers to if the Endpoint is set manually or dynamically + type: string + x-go-name: IsStatic + lastcheckin: + format: int64 + type: integer + x-go-name: LastCheckIn + lastmodified: + format: int64 + type: integer + x-go-name: LastModified + lastpeerupdate: + format: int64 + type: integer + x-go-name: LastPeerUpdate + listenport: + format: int32 + type: integer + x-go-name: ListenPort + localaddress: + type: string + x-go-name: LocalAddress + locallistenport: + format: int32 + type: integer + x-go-name: LocalListenPort + localrange: + type: string + x-go-name: LocalRange + macaddress: + type: string + x-go-name: MacAddress + mtu: + format: int32 + type: integer + x-go-name: MTU + name: + type: string + x-go-name: Name + network: + type: string + x-go-name: Network + networksettings: + $ref: '#/definitions/Network' + os: + type: string + x-go-name: OS + password: + type: string + x-go-name: Password + persistentkeepalive: + format: int32 + type: integer + x-go-name: PersistentKeepalive + postdown: + type: string + x-go-name: PostDown + postup: + type: string + x-go-name: PostUp + publickey: + type: string + x-go-name: PublicKey + relayaddrs: + items: + type: string + type: array + x-go-name: RelayAddrs + server: + type: string + x-go-name: Server + traffickeys: + $ref: '#/definitions/TrafficKeys' + udpholepunch: + type: string + x-go-name: UDPHolePunch + version: + type: string + x-go-name: Version + type: object + x-go-package: github.com/gravitl/netmaker/models + NodeGet: + description: NodeGet - struct for a single node get response + properties: + node: + $ref: '#/definitions/Node' + peers: + items: + $ref: '#/definitions/PeerConfig' + type: array + x-go-name: Peers + serverconfig: + $ref: '#/definitions/ServerConfig' + type: object + x-go-package: github.com/gravitl/netmaker/models + ObjectIdentifier: + items: + format: int64 + type: integer + title: An ObjectIdentifier represents an ASN.1 OBJECT IDENTIFIER. + type: array + x-go-package: encoding/asn1 + PeerConfig: + description: |- + Because the zero value of some Go types may be significant to WireGuard for + PeerConfig fields, pointer types are used for some of these fields. Only + pointer fields which are not nil will be applied when configuring a peer. + properties: + AllowedIPs: + description: |- + AllowedIPs specifies a list of allowed IP addresses in CIDR notation + for this peer. + items: + $ref: '#/definitions/IPNet' + type: array + Endpoint: + $ref: '#/definitions/UDPAddr' + PersistentKeepaliveInterval: + $ref: '#/definitions/Duration' + PresharedKey: + $ref: '#/definitions/Key' + PublicKey: + $ref: '#/definitions/Key' + Remove: + description: |- + Remove specifies if the peer with this public key should be removed + from a device's peer list. + type: boolean + ReplaceAllowedIPs: + description: |- + ReplaceAllowedIPs specifies if the allowed IPs specified in this peer + configuration should replace any existing ones, instead of appending them + to the allowed IPs list. + type: boolean + UpdateOnly: + description: |- + UpdateOnly specifies that an operation will only occur on this peer + if the peer already exists as part of the interface. + type: boolean + title: A PeerConfig is a WireGuard device peer configuration. + type: object + x-go-package: golang.zx2c4.com/wireguard/wgctrl/wgtypes + PrivateKey: + items: + format: uint8 + type: integer + title: PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer. + type: array + x-go-package: crypto/ed25519 + RegisterRequest: + description: RegisterRequest - struct for registation with netmaker server + properties: + CommonName: + $ref: '#/definitions/Name' + Key: + $ref: '#/definitions/PrivateKey' + type: object + x-go-package: github.com/gravitl/netmaker/netclient/config + RelayRequest: + description: RelayRequest - relay request struct + properties: + netid: + type: string + x-go-name: NetID + nodeid: + type: string + x-go-name: NodeID + relayaddrs: + items: + type: string + type: array + x-go-name: RelayAddrs + type: object + x-go-package: github.com/gravitl/netmaker/models + ServerConfig: + description: ServerConfig - server conf struct + properties: + APIConnString: + type: string + APIHost: + type: string + APIPort: + type: string + AgentBackend: + type: string + AllowedOrigin: + type: string + AuthProvider: + type: string + AzureTenant: + type: string + ClientID: + type: string + ClientMode: + type: string + ClientSecret: + type: string + CoreDNSAddr: + type: string + DNSKey: + type: string + DNSMode: + type: string + Database: + type: string + DefaultNodeLimit: + format: int32 + type: integer + DisableRemoteIPCheck: + type: string + DisplayKeys: + type: string + FrontendURL: + type: string + HostNetwork: + type: string + MQHOST: + type: string + MQPort: + type: string + MQServerPort: + type: string + ManageIPTables: + type: string + MasterKey: + type: string + MessageQueueBackend: + type: string + NodeID: + type: string + OIDCIssuer: + type: string + Platform: + type: string + PortForwardServices: + type: string + PublicIPService: + type: string + RCE: + type: string + RestBackend: + type: string + SQLConn: + type: string + Server: + type: string + ServerCheckinInterval: + format: int64 + type: integer + Telemetry: + type: string + Verbosity: + format: int32 + type: integer + Version: + type: string + type: object + x-go-package: github.com/gravitl/netmaker/config + SuccessResponse: + properties: + Code: + format: int64 + type: integer + Message: + type: string + Response: {} + title: SuccessResponse is struct for sending error message with code. + type: object + x-go-package: github.com/gravitl/netmaker/models + TrafficKeys: + description: TrafficKeys - struct to hold public keys + properties: + mine: + items: + format: uint8 + type: integer + type: array + x-go-name: Mine + server: + items: + format: uint8 + type: integer + type: array + x-go-name: Server + type: object + x-go-package: github.com/gravitl/netmaker/models + UDPAddr: + properties: + IP: + type: string + Port: + format: int64 + type: integer + Zone: + type: string + title: UDPAddr represents the address of a UDP end point. + type: object + x-go-package: net + User: + description: User struct - struct for Users + properties: + isadmin: + type: boolean + x-go-name: IsAdmin + networks: + items: + type: string + type: array + x-go-name: Networks + password: + type: string + x-go-name: Password + username: + type: string + x-go-name: UserName + type: object + x-go-package: github.com/gravitl/netmaker/models + UserAuthParams: + description: UserAuthParams - user auth params struct + properties: + password: + type: string + x-go-name: Password + username: + type: string + x-go-name: UserName + type: object + x-go-package: github.com/gravitl/netmaker/models host: netmaker.io info: description: |- @@ -13,92 +746,241 @@ info: API calls must be authenticated via a header of the format -H “Authorization: Bearer ” There are two methods to obtain YOUR_SECRET_KEY: 1. Using the masterkey. By default, this value is “secret key,” but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [Netmaker](https://docs.netmaker.org/index.html) documentation for more details. 2. Using a JWT received for a node. This can be retrieved by calling the /api/nodes//authenticate endpoint, as documented below. title: Netmaker - version: 0.15.1 + version: 0.15.2 paths: /api/dns: get: - description: Gets all DNS entries operationId: getAllDNS + responses: + "200": + $ref: '#/responses/dnsResponse' schemes: - https + summary: Gets all DNS entries. tags: - dns /api/dns/{network}: post: - description: Create a DNS entry operationId: createDNS + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: DNS Entry + in: body + name: body + schema: + items: + $ref: '#/definitions/DNSEntry' + type: array + x-go-name: Body + responses: + "200": + $ref: '#/responses/dnsResponse' schemes: - https + summary: Create a DNS entry. tags: - dns /api/dns/{network}/{domain}: delete: - description: Delete a DNS entry operationId: deleteDNS + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Domain + in: path + name: domain + required: true + type: string + x-go-name: Domain + responses: + "200": + $ref: '#/responses/stringJSONResponse' schemes: - https + summary: Delete a DNS entry. tags: - dns /api/dns/adm/{network}: get: - description: Gets all DNS entries associated with the network operationId: getDNS + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/dnsResponse' schemes: - https + summary: Gets all DNS entries associated with the network. tags: - dns /api/dns/adm/{network}/custom: get: - description: Gets custom DNS entries associated with a network operationId: getCustomDNS + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/dnsResponse' schemes: - https + summary: Gets custom DNS entries associated with a network. tags: - dns /api/dns/adm/{network}/nodes: get: - description: Gets node DNS entries associated with a network operationId: getNodeDNS + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network schemes: - https + summary: Gets node DNS entries associated with a network. tags: - dns /api/dns/adm/pushdns: post: - description: Push DNS entries to nameserver operationId: pushDNS + responses: + "200": + $ref: '#/responses/dnsStringJSONResponse' schemes: - https + summary: Push DNS entries to nameserver. tags: - dns /api/extclients: get: - operationId: getExtClient + operationId: getAllExtClients + parameters: + - description: Networks + in: body + name: networks + schema: + items: + type: string + type: array + x-go-name: Networks + responses: + "200": + $ref: '#/responses/extClientSliceResponse' schemes: - https - summary: Get an individual extclient. + summary: A separate function to get all extclients, not just extclients for a particular network. tags: - ext_client /api/extclients/{network}: get: - description: |- - Get all extclients associated with network - Gets all extclients associated with network, including pending extclients + description: Gets all extclients associated with network, including pending extclients. operationId: getNetworkExtClients + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/extClientSliceResponse' schemes: - https + summary: Get all extclients associated with network. tags: - ext_client /api/extclients/{network}/{clientid}: delete: operationId: deleteExtClient + parameters: + - description: Client ID + in: path + name: clientid + required: true + type: string + x-go-name: ClientID + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/successResponse' schemes: - https summary: Delete an individual extclient. tags: - ext_client + get: + operationId: getExtClient + parameters: + - description: Client ID + in: path + name: clientid + required: true + type: string + x-go-name: ClientID + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/extClientResponse' + schemes: + - https + summary: Get an individual extclient. + tags: + - ext_client put: operationId: updateExtClient + parameters: + - description: Client ID + in: path + name: clientid + required: true + type: string + x-go-name: ClientID + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: ExtClient + in: body + name: ext_client + schema: + $ref: '#/definitions/ExtClient' + x-go-name: ExtClient + responses: + "200": + $ref: '#/responses/extClientResponse' schemes: - https summary: Update an individual extclient. @@ -107,6 +989,22 @@ paths: /api/extclients/{network}/{clientid}/{type}: get: operationId: getExtClientConf + parameters: + - description: Client ID + in: path + name: clientid + required: true + type: string + x-go-name: ClientID + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/extClientResponse' schemes: - https summary: Get an individual extclient. @@ -115,6 +1013,25 @@ paths: /api/extclients/{network}/{nodeid}: post: operationId: createExtClient + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: node + required: true + type: string + x-go-name: NodeID + - description: Custom ExtClient + in: body + name: custom_ext_client + schema: + $ref: '#/definitions/CustomExtClient' + x-go-name: CustomExtClient schemes: - https summary: Create an individual extclient. Must have valid key and be unique. @@ -122,45 +1039,102 @@ paths: - ext_client /api/getip: get: - description: Get the current public IP address operationId: getPublicIP + responses: + "200": + $ref: '#/responses/byteArrayResponse' schemes: - https + summary: Get the current public IP address. tags: - ipservice /api/networks: get: - description: Get a network - operationId: getNetwork + operationId: getNetworks + parameters: + - description: 'name: networks' + in: header + items: + type: string + name: networks + type: array + x-go-name: Networks + responses: + "200": + $ref: '#/responses/getNetworksSliceResponse' schemes: - https + summary: Lists all networks. tags: - networks post: - description: Create a network operationId: createNetwork + parameters: + - description: Network + in: body + name: network + schema: + $ref: '#/definitions/Network' + x-go-name: Network + responses: + "200": + $ref: '#/responses/networkBodyResponse' schemes: - https + summary: Create a network. tags: - networks /api/networks/{networkname}: delete: operationId: deleteNetwork + responses: + "200": + $ref: '#/responses/stringJSONResponse' schemes: - https summary: Delete a network. Will not delete if there are any nodes that belong to the network. tags: - networks - put: - description: Update a network - operationId: updateNetwork + get: + operationId: getNetwork + responses: + "200": + $ref: '#/responses/networkBodyResponse' schemes: - https + summary: Get a network. + tags: + - networks + put: + operationId: updateNetwork + parameters: + - description: Network + in: body + name: network + schema: + $ref: '#/definitions/Network' + x-go-name: Network + responses: + "200": + $ref: '#/responses/networkBodyResponse' + schemes: + - https + summary: Update a network. tags: - networks /api/networks/{networkname}/acls: get: operationId: getNetworkACL + parameters: + - description: ACL Container + in: body + name: acl_container + schema: + $ref: '#/definitions/ACLContainer' + x-go-name: ACLContainer + responses: + "200": + $ref: '#/responses/aclContainerResponse' schemes: - https summary: Get a network ACL (Access Control List). @@ -168,6 +1142,16 @@ paths: - networks put: operationId: updateNetworkACL + parameters: + - description: ACL Container + in: body + name: acl_container + schema: + $ref: '#/definitions/ACLContainer' + x-go-name: ACLContainer + responses: + "200": + $ref: '#/responses/aclContainerResponse' schemes: - https summary: Update a network ACL (Access Control List). @@ -176,6 +1160,9 @@ paths: /api/networks/{networkname}/keys: get: operationId: getAccessKeys + responses: + "200": + $ref: '#/responses/accessKeySliceBodyResponse' schemes: - https summary: Get network access keys for a network. @@ -183,14 +1170,34 @@ paths: - networks post: operationId: createAccessKey + parameters: + - description: Access Key + in: body + name: access_key + schema: + $ref: '#/definitions/AccessKey' + x-go-name: AccessKey + responses: + "200": + $ref: '#/responses/accessKeyBodyResponse' schemes: - https summary: Create a network access key. tags: - networks /api/networks/{networkname}/keys/{name}: - get: + delete: operationId: deleteAccessKey + parameters: + - description: Access Key Name + in: path + name: access_key_name + required: true + type: string + x-go-name: AccessKeyName + responses: + "200": + description: "" schemes: - https summary: Delete a network access key. @@ -199,6 +1206,9 @@ paths: /api/networks/{networkname}/keyupdate: post: operationId: keyUpdate + responses: + "200": + $ref: '#/responses/networkBodyResponse' schemes: - https summary: Update keys for a network. @@ -206,15 +1216,21 @@ paths: - networks /api/networks/{networkname}/nodelimit: put: - description: Update a network's node limit operationId: updateNetworkNodeLimit + responses: + "200": + $ref: '#/responses/networkBodyResponse' schemes: - https + summary: Update a network's node limit. tags: - networks /api/nodes: get: operationId: getAllNodes + responses: + "200": + $ref: '#/responses/nodeSliceResponse' schemes: - https summary: Get all nodes across all networks. @@ -222,14 +1238,34 @@ paths: - nodes /api/nodes/{network}: get: - description: Gets all nodes associated with network including pending nodes operationId: getNetworkNodes + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/nodeSliceResponse' schemes: - https + summary: Gets all nodes associated with network including pending nodes. tags: - nodes post: operationId: createNode + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/nodeGetResponse' schemes: - https summary: Create a node on a network. @@ -238,6 +1274,28 @@ paths: /api/nodes/{network}/{nodeid}: delete: operationId: deleteNode + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + - description: Node + in: body + name: node + schema: + $ref: '#/definitions/Node' + x-go-name: Node + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Delete an individual node. @@ -245,6 +1303,22 @@ paths: - nodes get: operationId: getNode + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Get an individual node. @@ -252,6 +1326,28 @@ paths: - nodes put: operationId: updateNode + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + - description: Node + in: body + name: node + schema: + $ref: '#/definitions/Node' + x-go-name: Node + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Update an individual node. @@ -260,17 +1356,52 @@ paths: /api/nodes/{network}/{nodeid}/approve: post: operationId: uncordonNode + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https - security: - - TODO: - - May summary: Takes a node out of pending state. tags: - nodes /api/nodes/{network}/{nodeid}/creategateway: post: operationId: createEgressGateway + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + - description: Egress Gateway Request + in: body + name: egress_gateway_request + schema: + $ref: '#/definitions/EgressGatewayRequest' + x-go-name: EgressGatewayRequest + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Create an egress gateway. @@ -279,6 +1410,22 @@ paths: /api/nodes/{network}/{nodeid}/createingress: post: operationId: createIngressGateway + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Create an ingress gateway. @@ -287,6 +1434,28 @@ paths: /api/nodes/{network}/{nodeid}/createrelay: post: operationId: createRelay + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + - description: Relay Request + in: body + name: relay_request + schema: + $ref: '#/definitions/RelayRequest' + x-go-name: RelayRequest + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Create a relay. @@ -295,6 +1464,22 @@ paths: /api/nodes/{network}/{nodeid}/deletegateway: delete: operationId: deleteEgressGateway + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Delete an egress gateway. @@ -303,6 +1488,22 @@ paths: /api/nodes/{network}/{nodeid}/deleteingress: delete: operationId: deleteIngressGateway + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Delete an ingress gateway. @@ -311,6 +1512,22 @@ paths: /api/nodes/{network}/{nodeid}/deleterelay: delete: operationId: deleteRelay + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: Node ID + in: path + name: nodeid + required: true + type: string + x-go-name: NodeID + responses: + "200": + $ref: '#/responses/nodeResponse' schemes: - https summary: Remove a relay. @@ -319,6 +1536,22 @@ paths: /api/nodes/adm/{network}/authenticate: post: operationId: authenticate + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + - description: AuthParams + in: body + name: auth_params + schema: + $ref: '#/definitions/AuthParams' + x-go-name: AuthParams + responses: + "200": + $ref: '#/responses/successResponse' schemes: - https summary: Authenticate to make further API calls related to a network. @@ -327,28 +1560,35 @@ paths: /api/nodes/adm/{network}/lastmodified: get: operationId: getLastModified + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/nodeLastModifiedResponse' schemes: - https - security: - - TODO: - - This - - Potential way to do this: - - "On" - - set summary: Get the time that a network of nodes was last modified. tags: - nodes /api/oauth/login: get: - description: Handles OAuth login operationId: HandleAuthLogin schemes: - https + summary: Handles OAuth login. tags: - nodes /api/server/getconfig: get: operationId: getConfig + responses: + "200": + $ref: '#/responses/serverConfigResponse' schemes: - https summary: Get the server configuration. @@ -357,6 +1597,9 @@ paths: /api/server/getserverinfo: get: operationId: getServerInfo + responses: + "200": + $ref: '#/responses/serverConfigResponse' schemes: - https summary: Get the server configuration. @@ -364,15 +1607,35 @@ paths: - nodes /api/server/register: post: - description: Registers a client with the server and return the Certificate Authority and certificate operationId: register + parameters: + - description: Register Request + in: body + name: register_request + schema: + $ref: '#/definitions/RegisterRequest' + x-go-name: RegisterRequest + responses: + "200": + $ref: '#/responses/registerResponse' schemes: - https + summary: Registers a client with the server and return the Certificate Authority and certificate. tags: - nodes /api/server/removenetwork/{network}: delete: operationId: removeNetwork + parameters: + - description: Network + in: path + name: network + required: true + type: string + x-go-name: Network + responses: + "200": + $ref: '#/responses/stringJSONResponse' schemes: - https summary: Remove a network from the server. @@ -380,15 +1643,28 @@ paths: - nodes /api/users: get: - description: Get all users operationId: getUsers + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https + summary: Get all users. tags: - nodes /api/users/{username}: delete: operationId: deleteUser + parameters: + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https summary: Delete a user. @@ -396,6 +1672,16 @@ paths: - nodes get: operationId: getUser + parameters: + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https summary: Get an individual user. @@ -403,6 +1689,22 @@ paths: - nodes post: operationId: createUser + parameters: + - description: User + in: body + name: user + schema: + $ref: '#/definitions/User' + x-go-name: User + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https summary: Create a user. @@ -410,6 +1712,22 @@ paths: - nodes put: operationId: updateUser + parameters: + - description: User + in: body + name: user + schema: + $ref: '#/definitions/User' + x-go-name: User + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https summary: Update a user. @@ -417,15 +1735,35 @@ paths: - nodes /api/users/{username}/adm: put: - description: Updates the given admin user's info (as long as the user is an admin) operationId: updateUserAdm + parameters: + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https + summary: Updates the given admin user's info (as long as the user is an admin). tags: - nodes /api/users/adm/authenticate: post: operationId: authenticateUser + parameters: + - description: User Auth Params + in: body + name: user_auth_params + schema: + $ref: '#/definitions/UserAuthParams' + x-go-name: UserAuthParams + responses: + "200": + $ref: '#/responses/successResponse' schemes: - https summary: Node authenticates using its password and retrieves a JWT for authorization. @@ -434,6 +1772,16 @@ paths: /api/users/adm/createadmin: post: operationId: createAdmin + parameters: + - description: User + in: body + name: user + schema: + $ref: '#/definitions/User' + x-go-name: User + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https summary: Make a user an admin. @@ -442,6 +1790,9 @@ paths: /api/users/adm/hasadmin: get: operationId: hasAdmin + responses: + "200": + $ref: '#/responses/successResponse' schemes: - https summary: Checks whether the server has an admin. @@ -449,22 +1800,118 @@ paths: - nodes /api/users/networks/{username}: put: - description: Updates the networks of the given user operationId: updateUserNetworks + parameters: + - description: User + in: body + name: user + schema: + $ref: '#/definitions/User' + x-go-name: User + - description: Username + in: path + name: username + required: true + type: string + x-go-name: Username + responses: + "200": + $ref: '#/responses/userBodyResponse' schemes: - https + summary: Updates the networks of the given user. tags: - nodes /meshclient/files/{filename}: get: - description: Retrieve a file from the file server operationId: fileServer schemes: - https + summary: Retrieve a file from the file server. tags: - meshclient produces: - application/json +responses: + accessKeyBodyResponse: + description: "" + schema: + $ref: '#/definitions/AccessKey' + accessKeySliceBodyResponse: + description: "" + schema: + items: + $ref: '#/definitions/AccessKey' + type: array + aclContainerResponse: + description: "" + schema: + $ref: '#/definitions/ACLContainer' + boolResponse: + description: "" + byteArrayResponse: + description: "" + schema: + items: + format: uint8 + type: integer + type: array + dnsResponse: + description: Success + schema: + items: + $ref: '#/definitions/DNSEntry' + type: array + extClientResponse: + description: "" + schema: + $ref: '#/definitions/ExtClient' + extClientSliceResponse: + description: "" + schema: + items: + $ref: '#/definitions/ExtClient' + type: array + getNetworksSliceResponse: + description: "" + schema: + items: + $ref: '#/definitions/Network' + type: array + networkBodyResponse: + description: "" + schema: + $ref: '#/definitions/Network' + nodeGetResponse: + description: "" + schema: + $ref: '#/definitions/NodeGet' + nodeLastModifiedResponse: + description: "" + nodeResponse: + description: "" + schema: + $ref: '#/definitions/Node' + nodeSliceResponse: + description: "" + schema: + items: + $ref: '#/definitions/Node' + type: array + serverConfigResponse: + description: "" + schema: + $ref: '#/definitions/ServerConfig' + stringJSONResponse: + description: "" + successResponse: + description: "" + schema: + $ref: '#/definitions/SuccessResponse' + userBodyResponse: + description: "" + schema: + $ref: '#/definitions/User' schemes: - https swagger: "2.0" From 9ff936e748b91df8928a15d0b3acad07d01f5012 Mon Sep 17 00:00:00 2001 From: cameronts Date: Sun, 11 Sep 2022 06:14:36 -0700 Subject: [PATCH 15/26] Fix integration tests issue due to types only used by go-swagger --- controllers/docs.go | 49 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/controllers/docs.go b/controllers/docs.go index b51cdea7..25464d7d 100644 --- a/controllers/docs.go +++ b/controllers/docs.go @@ -33,6 +33,8 @@ import ( "github.com/gravitl/netmaker/netclient/config" ) +var _ = useUnused() // "use" the function to prevent "unused function" errors + // swagger:parameters getNodeDNS getCustomDNS getDNS type dnsPathParams struct { // Network @@ -349,3 +351,50 @@ type usernamePathParam struct { // in: path Username string `json:"username"` } + +// prevent issues with integration tests for types just used by Swagger docs. +func useUnused() bool { + _ = dnsPathParams{} + _ = dnsParams{} + _ = dnsResponse{} + _ = dnsDeletePathParams{} + _ = stringJSONResponse{} + _ = getAllClientsRequest{} + _ = extClientSliceResponse{} + _ = extClientResponse{} + _ = successResponse{} + _ = extClientPathParams{} + _ = extClientBodyParam{} + _ = extClientNetworkPathParam{} + _ = createExtClientPathParams{} + _ = networkNodePathParams{} + _ = byteArrayResponse{} + _ = headerNetworks{} + _ = getNetworksSliceResponse{} + _ = networkBodyParam{} + _ = networkPathParam{} + _ = networkAccessKeyNamePathParam{} + _ = networkBodyResponse{} + _ = accessKeyBodyParam{} + _ = accessKeyBodyResponse{} + _ = accessKeySliceBodyResponse{} + _ = aclContainerBodyParam{} + _ = aclContainerResponse{} + _ = nodeSliceResponse{} + _ = nodeResponse{} + _ = nodeBodyParam{} + _ = relayRequestBodyParam{} + _ = egressGatewayBodyParam{} + _ = authParamBodyParam{} + _ = serverConfigResponse{} + _ = nodeGetResponse{} + _ = nodeLastModifiedResponse{} + _ = registerRequestBodyParam{} + _ = registerResponse{} + _ = boolResponse{} + _ = userBodyParam{} + _ = userBodyResponse{} + _ = userAuthBodyParam{} + _ = usernamePathParam{} + return false +} From 0ba3f6feaf5d934ecaea180f764a792eda5fcab5 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 06:42:01 -0400 Subject: [PATCH 16/26] address code review comment --- netclient/functions/daemon.go | 4 ++-- netclient/ncutils/netclientutils.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/netclient/functions/daemon.go b/netclient/functions/daemon.go index c00a91ba..d29c4fdf 100644 --- a/netclient/functions/daemon.go +++ b/netclient/functions/daemon.go @@ -87,8 +87,6 @@ func Daemon() error { func startGoRoutines(wg *sync.WaitGroup) context.CancelFunc { ctx, cancel := context.WithCancel(context.Background()) - wg.Add(1) - go Checkin(ctx, wg) serverSet := make(map[string]bool) networks, _ := ncutils.GetSystemNetworks() for _, network := range networks { @@ -116,6 +114,8 @@ func startGoRoutines(wg *sync.WaitGroup) context.CancelFunc { go messageQueue(ctx, wg, &cfg) } } + wg.Add(1) + go Checkin(ctx, wg) return cancel } diff --git a/netclient/ncutils/netclientutils.go b/netclient/ncutils/netclientutils.go index fb64cb0f..6b1192e7 100644 --- a/netclient/ncutils/netclientutils.go +++ b/netclient/ncutils/netclientutils.go @@ -438,7 +438,7 @@ func RunCmds(commands []string, printerr bool) error { var err error for _, command := range commands { //prevent panic - if command == " " { + if len(strings.Trim(command, " ")) == 0 { continue } args := strings.Fields(command) From 8cbe79674874d7f55340e838a21c951398ad456a Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Mon, 12 Sep 2022 18:06:17 +0530 Subject: [PATCH 17/26] add servers to telemetry data --- logic/server.go | 38 ++++++++++++++++++++++++++++++++++++++ logic/serverconf.go | 2 ++ logic/telemetry.go | 2 ++ main.go | 4 +++- models/structs.go | 4 ++++ 5 files changed, 49 insertions(+), 1 deletion(-) diff --git a/logic/server.go b/logic/server.go index 0a7933fd..aec10b2e 100644 --- a/logic/server.go +++ b/logic/server.go @@ -1,6 +1,7 @@ package logic import ( + "encoding/json" "errors" "fmt" "net" @@ -8,6 +9,7 @@ import ( "runtime" "strings" + "github.com/gravitl/netmaker/database" "github.com/gravitl/netmaker/logger" "github.com/gravitl/netmaker/models" "github.com/gravitl/netmaker/netclient/ncutils" @@ -285,3 +287,39 @@ func serverPush(serverNode *models.Node) error { serverNode.SetLastCheckIn() return UpdateNode(serverNode, serverNode) } + +// AddServerIDIfNotPresent - add's current server ID to DB if not present +func AddServerIDIfNotPresent() error { + currentNodeID := servercfg.GetNodeID() + currentServerIDs := models.ServerIDs{} + + record, err := database.FetchRecord(database.SERVERCONF_TABLE_NAME, server_id_key) + if err != nil && !database.IsEmptyRecord(err) { + return err + } else if err == nil { + if err = json.Unmarshal([]byte(record), ¤tServerIDs); err != nil { + return err + } + } + + if !StringSliceContains(currentServerIDs.ServerIDs, currentNodeID) { + currentServerIDs.ServerIDs = append(currentServerIDs.ServerIDs, currentNodeID) + data, err := json.Marshal(¤tServerIDs) + if err != nil { + return err + } + return database.Insert(server_id_key, string(data), database.SERVERCONF_TABLE_NAME) + } + + return nil +} + +func GetServerCount() int { + if record, err := database.FetchRecord(database.SERVERCONF_TABLE_NAME, server_id_key); err == nil { + currentServerIDs := models.ServerIDs{} + if err = json.Unmarshal([]byte(record), ¤tServerIDs); err == nil { + return len(currentServerIDs.ServerIDs) + } + } + return 1 +} diff --git a/logic/serverconf.go b/logic/serverconf.go index 0ba1e258..cc022f13 100644 --- a/logic/serverconf.go +++ b/logic/serverconf.go @@ -6,6 +6,8 @@ import ( "github.com/gravitl/netmaker/database" ) +const server_id_key = "nm-server-id" + type serverData struct { PrivateKey string `json:"privatekey,omitempty" bson:"privatekey,omitempty"` } diff --git a/logic/telemetry.go b/logic/telemetry.go index 5b91095b..fd6bfea1 100644 --- a/logic/telemetry.go +++ b/logic/telemetry.go @@ -65,6 +65,7 @@ func fetchTelemetryData() (telemetryData, error) { data.Users = getDBLength(database.USERS_TABLE_NAME) data.Networks = getDBLength(database.NETWORKS_TABLE_NAME) data.Version = servercfg.GetVersion() + data.Servers = GetServerCount() nodes, err := GetAllNodes() if err == nil { data.Nodes = len(nodes) @@ -140,6 +141,7 @@ type telemetryData struct { Users int Count clientCount Networks int + Servers int Version string } diff --git a/main.go b/main.go index 5b19dfed..e0fea725 100644 --- a/main.go +++ b/main.go @@ -74,7 +74,9 @@ func initialize() { // Client Mode Prereq Check } logger.Log(0, "database successfully connected") logic.SetJWTSecret() - + if err = logic.AddServerIDIfNotPresent(); err != nil { + logger.Log(1, "failed to save server ID") + } err = logic.TimerCheckpoint() if err != nil { logger.Log(1, "Timer error occurred: ", err.Error()) diff --git a/models/structs.go b/models/structs.go index 04b6fe9e..5aac862a 100644 --- a/models/structs.go +++ b/models/structs.go @@ -224,3 +224,7 @@ func (user *User) NameInCharSet() bool { } return true } + +type ServerIDs struct { + ServerIDs []string `json:"server_ids"` +} From 91cc77ee5b2a668f790a0e5bed8cf820e76dd7c8 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Mon, 12 Sep 2022 18:11:21 +0530 Subject: [PATCH 18/26] added comments --- logic/server.go | 1 + logic/serverconf.go | 1 + models/structs.go | 1 + 3 files changed, 3 insertions(+) diff --git a/logic/server.go b/logic/server.go index aec10b2e..56897351 100644 --- a/logic/server.go +++ b/logic/server.go @@ -314,6 +314,7 @@ func AddServerIDIfNotPresent() error { return nil } +// GetServerCount - fetches server count from DB func GetServerCount() int { if record, err := database.FetchRecord(database.SERVERCONF_TABLE_NAME, server_id_key); err == nil { currentServerIDs := models.ServerIDs{} diff --git a/logic/serverconf.go b/logic/serverconf.go index cc022f13..68469663 100644 --- a/logic/serverconf.go +++ b/logic/serverconf.go @@ -6,6 +6,7 @@ import ( "github.com/gravitl/netmaker/database" ) +// constant for database key for storing server ids const server_id_key = "nm-server-id" type serverData struct { diff --git a/models/structs.go b/models/structs.go index 5aac862a..79f72a93 100644 --- a/models/structs.go +++ b/models/structs.go @@ -225,6 +225,7 @@ func (user *User) NameInCharSet() bool { return true } +// ServerIDs - struct to hold server ids. type ServerIDs struct { ServerIDs []string `json:"server_ids"` } From f9873020a51dbb58cb28771ac19d059b07479407 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 08:53:06 -0400 Subject: [PATCH 19/26] add brackets to local address string if ipv6 --- netclient/functions/common.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/netclient/functions/common.go b/netclient/functions/common.go index 2c4b40ec..a8b23c80 100644 --- a/netclient/functions/common.go +++ b/netclient/functions/common.go @@ -77,6 +77,9 @@ func getPrivateAddr() (string, error) { if local == "" { err = errors.New("could not find local ip") } + if net.ParseIP(local).To16() != nil { + local = "[" + local + "]" + } return local, err } From db532fd03a8103e8e188fce6e355b65a2471bc99 Mon Sep 17 00:00:00 2001 From: Abhishek Kondur Date: Mon, 12 Sep 2022 18:27:47 +0530 Subject: [PATCH 20/26] add servers --- logic/telemetry.go | 1 + 1 file changed, 1 insertion(+) diff --git a/logic/telemetry.go b/logic/telemetry.go index fd6bfea1..2eeef79e 100644 --- a/logic/telemetry.go +++ b/logic/telemetry.go @@ -43,6 +43,7 @@ func sendTelemetry() error { Event: "daily checkin", Properties: posthog.NewProperties(). Set("nodes", d.Nodes). + Set("servers", d.Servers). Set("non-server nodes", d.Count.NonServer). Set("extclients", d.ExtClients). Set("users", d.Users). From bec93a61273b9dfa6f5675167fcaee7fc77ddb37 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 09:28:02 -0400 Subject: [PATCH 21/26] remove wants - systemd-networkd-wait-online --- netclient/build/netclient.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netclient/build/netclient.service b/netclient/build/netclient.service index 97d25efd..e10f38e2 100644 --- a/netclient/build/netclient.service +++ b/netclient/build/netclient.service @@ -2,7 +2,7 @@ Description=Netclient Daemon Documentation=https://docs.netmaker.org https://k8s.netmaker.org After=network-online.target -Wants=network-online.target systemd-networkd-wait-online.service +Wants=network-online.target [Service] User=root From e4761ef21b951856b27fe158ca8649f24ae82faa Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 15:11:19 -0400 Subject: [PATCH 22/26] add check in nft rules for dual stack internet gateway --- logic/gateway.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/logic/gateway.go b/logic/gateway.go index 446bb34f..83148b95 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "fmt" + "net" "strings" "time" @@ -334,6 +335,9 @@ func firewallNFTCommandsCreateEgress(networkInterface string, gatewayInterface s postUp += "nft 'add chain ip nat prerouting { type nat hook prerouting priority 0 ;}' ; " postUp += "nft 'add chain ip nat postrouting { type nat hook postrouting priority 0 ;}' ; " for _, networkCIDR := range gatewayranges { + if net.ParseIP(networkCIDR).To16() != nil { + continue + } postUp += "nft add rule nat postrouting iifname " + networkInterface + " oifname " + gatewayInterface + " ip saddr " + networkCIDR + " masquerade ; " } From 8eb568e25a7e266822ed71dd6d14f0b0580965f5 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 15:38:01 -0400 Subject: [PATCH 23/26] remove model validation for node.LocalAddress --- models/node.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/models/node.go b/models/node.go index 6c8ea9c1..c4a477ca 100644 --- a/models/node.go +++ b/models/node.go @@ -50,7 +50,7 @@ type Node struct { ID string `json:"id,omitempty" bson:"id,omitempty" yaml:"id,omitempty" validate:"required,min=5,id_unique"` Address string `json:"address" bson:"address" yaml:"address" validate:"omitempty,ipv4"` Address6 string `json:"address6" bson:"address6" yaml:"address6" validate:"omitempty,ipv6"` - LocalAddress string `json:"localaddress" bson:"localaddress" yaml:"localaddress" validate:"omitempty,ip"` + LocalAddress string `json:"localaddress" bson:"localaddress" yaml:"localaddress" validate:"omitempty"` Name string `json:"name" bson:"name" yaml:"name" validate:"omitempty,max=62,in_charset"` NetworkSettings Network `json:"networksettings" bson:"networksettings" yaml:"networksettings" validate:"-"` ListenPort int32 `json:"listenport" bson:"listenport" yaml:"listenport" validate:"omitempty,numeric,min=1024,max=65535"` From ae9a8f50770ea4c055c28e3f24865db08c787f7f Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Mon, 12 Sep 2022 15:58:49 -0400 Subject: [PATCH 24/26] publish message after node connect/disconnect --- netclient/functions/connection.go | 18 ++++++++++++++---- netclient/functions/daemon.go | 27 +++++++++++++++++++++++++++ 2 files changed, 41 insertions(+), 4 deletions(-) diff --git a/netclient/functions/connection.go b/netclient/functions/connection.go index 5c1dee2d..f151a923 100644 --- a/netclient/functions/connection.go +++ b/netclient/functions/connection.go @@ -24,9 +24,14 @@ func Connect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } - err = config.ModNodeConfig(&cfg.Node) + if err := setupMQTTSingleton(cfg); err != nil { + return err + } + if err := PublishNodeUpdate(cfg); err != nil { + return err + } daemon.Restart() - return err + return nil } // Disconnect - attempts to disconnect a node on given network @@ -44,7 +49,12 @@ func Disconnect(network string) error { if err = wireguard.ApplyConf(&cfg.Node, cfg.Node.Interface, filePath); err != nil { return err } - err = config.ModNodeConfig(&cfg.Node) + if err := setupMQTTSingleton(cfg); err != nil { + return err + } + if err := PublishNodeUpdate(cfg); err != nil { + return err + } daemon.Restart() - return err + return nil } diff --git a/netclient/functions/daemon.go b/netclient/functions/daemon.go index d29c4fdf..993059be 100644 --- a/netclient/functions/daemon.go +++ b/netclient/functions/daemon.go @@ -232,6 +232,33 @@ func NewTLSConfig(server string) (*tls.Config, error) { } +// func setMQTTSingenton creates a connection to broker for single use (ie to publish a message) +// only to be called from cli (eg. connect/disconnect, join, leave) and not from daemon --- +func setupMQTTSingleton(cfg *config.ClientConfig) error { + opts := mqtt.NewClientOptions() + server := cfg.Server.Server + port := cfg.Server.MQPort + opts.AddBroker("ssl://" + server + ":" + port) + tlsConfig, err := NewTLSConfig(server) + if err != nil { + logger.Log(0, "failed to get TLS config for", server, err.Error()) + return err + } + opts.SetTLSConfig(tlsConfig) + mqclient = mqtt.NewClient(opts) + var connecterr error + opts.SetClientID(ncutils.MakeRandomString(23)) + if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil { + logger.Log(0, "unable to connect to broker, retrying ...") + if token.Error() == nil { + connecterr = errors.New("connect timeout") + } else { + connecterr = token.Error() + } + } + return connecterr +} + // setupMQTT creates a connection to broker and returns client // this function is primarily used to create a connection to publish to the broker func setupMQTT(cfg *config.ClientConfig) error { From f47d89ef629361a3a422891aa7d0df6b63a34556 Mon Sep 17 00:00:00 2001 From: "Matthew R. Kasun" Date: Tue, 13 Sep 2022 13:56:47 -0400 Subject: [PATCH 25/26] remove unnecessary nft rule --- logic/gateway.go | 7 ------- 1 file changed, 7 deletions(-) diff --git a/logic/gateway.go b/logic/gateway.go index 83148b95..25945f3c 100644 --- a/logic/gateway.go +++ b/logic/gateway.go @@ -4,7 +4,6 @@ import ( "encoding/json" "errors" "fmt" - "net" "strings" "time" @@ -334,12 +333,6 @@ func firewallNFTCommandsCreateEgress(networkInterface string, gatewayInterface s postUp += "nft add table nat ; " postUp += "nft 'add chain ip nat prerouting { type nat hook prerouting priority 0 ;}' ; " postUp += "nft 'add chain ip nat postrouting { type nat hook postrouting priority 0 ;}' ; " - for _, networkCIDR := range gatewayranges { - if net.ParseIP(networkCIDR).To16() != nil { - continue - } - postUp += "nft add rule nat postrouting iifname " + networkInterface + " oifname " + gatewayInterface + " ip saddr " + networkCIDR + " masquerade ; " - } postDown += "nft flush table filter ; " From a8f35e4980dca06c014b35f4792c32af70a0c3f6 Mon Sep 17 00:00:00 2001 From: cameronts Date: Tue, 13 Sep 2022 11:11:04 -0700 Subject: [PATCH 26/26] Versions for v0.15.2 --- .github/ISSUE_TEMPLATE/bug-report.yml | 3 ++- README.md | 2 +- compose/docker-compose.reference.yml | 6 +++--- compose/docker-compose.yml | 4 ++-- k8s/client/netclient-daemonset.yaml | 2 +- k8s/client/netclient.yaml | 4 ++-- k8s/server/netmaker-server.yaml | 4 ++-- k8s/server/netmaker-ui.yaml | 4 ++-- netclient/netclient.exe.manifest.xml | 2 +- netclient/versioninfo.json | 8 ++++---- 10 files changed, 20 insertions(+), 19 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml index d41f694d..acfb1090 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.yml +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -31,7 +31,8 @@ body: label: Version description: What version are you running? options: - - v0.15.1 + - v0.15.2 + - v0.15.1 - v0.15.0 - v0.14.6 - v0.14.5 diff --git a/README.md b/README.md index c037c69f..3b409658 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@

- + diff --git a/compose/docker-compose.reference.yml b/compose/docker-compose.reference.yml index 9ec7f103..3091d18f 100644 --- a/compose/docker-compose.reference.yml +++ b/compose/docker-compose.reference.yml @@ -3,7 +3,7 @@ version: "3.4" services: netmaker: # The Primary Server for running Netmaker container_name: netmaker - image: gravitl/netmaker:v0.15.1 + image: gravitl/netmaker:v0.15.2 cap_add: - NET_ADMIN - NET_RAW @@ -62,7 +62,7 @@ services: - traefik.http.services.netmaker-api.loadbalancer.server.port=8081 netmaker-ui: # The Netmaker UI Component container_name: netmaker-ui - image: gravitl/netmaker-ui:v0.15.1 + image: gravitl/netmaker-ui:v0.15.2 depends_on: - netmaker links: @@ -140,4 +140,4 @@ volumes: sqldata: {} # storage for embedded sqlite dnsconfig: {} # storage for coredns mosquitto_data: {} # storage for mqtt data - mosquitto_logs: {} # storage for mqtt logs \ No newline at end of file + mosquitto_logs: {} # storage for mqtt logs diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index d9d1c47e..a78aed34 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -3,7 +3,7 @@ version: "3.4" services: netmaker: container_name: netmaker - image: gravitl/netmaker:v0.15.1 + image: gravitl/netmaker:v0.15.2 cap_add: - NET_ADMIN - NET_RAW @@ -51,7 +51,7 @@ services: - traefik.http.services.netmaker-api.loadbalancer.server.port=8081 netmaker-ui: container_name: netmaker-ui - image: gravitl/netmaker-ui:v0.15.1 + image: gravitl/netmaker-ui:v0.15.2 depends_on: - netmaker links: diff --git a/k8s/client/netclient-daemonset.yaml b/k8s/client/netclient-daemonset.yaml index 1f1ab484..c4c20ce5 100644 --- a/k8s/client/netclient-daemonset.yaml +++ b/k8s/client/netclient-daemonset.yaml @@ -16,7 +16,7 @@ spec: hostNetwork: true containers: - name: netclient - image: gravitl/netclient-go:v0.15.1 + image: gravitl/netclient-go:v0.15.2 env: - name: TOKEN value: "TOKEN_VALUE" diff --git a/k8s/client/netclient.yaml b/k8s/client/netclient.yaml index 4b47aa77..fa8307ff 100644 --- a/k8s/client/netclient.yaml +++ b/k8s/client/netclient.yaml @@ -28,7 +28,7 @@ spec: # - "" containers: - name: netclient - image: gravitl/netclient:v0.15.1 + image: gravitl/netclient:v0.15.2 env: - name: TOKEN value: "TOKEN_VALUE" @@ -41,4 +41,4 @@ spec: - hostPath: path: /etc/netclient type: DirectoryOrCreate - name: etc-netclient \ No newline at end of file + name: etc-netclient diff --git a/k8s/server/netmaker-server.yaml b/k8s/server/netmaker-server.yaml index e2c6070b..ed2530b5 100644 --- a/k8s/server/netmaker-server.yaml +++ b/k8s/server/netmaker-server.yaml @@ -83,7 +83,7 @@ spec: value: "Kubernetes" - name: VERBOSITY value: "3" - image: gravitl/netmaker:v0.15.1 + image: gravitl/netmaker:v0.15.2 imagePullPolicy: Always name: netmaker ports: @@ -225,4 +225,4 @@ spec: # service: # name: netmaker-rest # port: -# number: 8081 \ No newline at end of file +# number: 8081 diff --git a/k8s/server/netmaker-ui.yaml b/k8s/server/netmaker-ui.yaml index 87727e0d..326d94a0 100644 --- a/k8s/server/netmaker-ui.yaml +++ b/k8s/server/netmaker-ui.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: netmaker-ui - image: gravitl/netmaker-ui:v0.15.1 + image: gravitl/netmaker-ui:v0.15.2 ports: - containerPort: 443 env: @@ -61,4 +61,4 @@ spec: # service: # name: netmaker-ui # port: -# number: 80 \ No newline at end of file +# number: 80 diff --git a/netclient/netclient.exe.manifest.xml b/netclient/netclient.exe.manifest.xml index 1f332fef..285f21be 100644 --- a/netclient/netclient.exe.manifest.xml +++ b/netclient/netclient.exe.manifest.xml @@ -1,7 +1,7 @@