Commit graph

6912 commits

Author SHA1 Message Date
Abhishek K
0f228be3b4
Merge pull request #3505 from gravitl/v0.99_fixes
V0.99 fixes
2025-06-13 07:24:02 +05:30
abhishek9686
9804366f6e remove mac addr check 2025-06-13 07:22:36 +05:30
abhishek9686
0244852288 Merge branch 'release-v0.99.0' of https://github.com/gravitl/netmaker into v0.99_fixes 2025-06-13 00:49:44 +05:30
abhishek9686
cffc1d35ff reduce log retention rate to 7 days 2025-06-10 22:36:40 +05:30
Abhishek K
a6ad2524d3
Merge pull request #3498 from gravitl/fix/db-conn-pool
Fix: Skip setting open connections;
2025-06-10 15:59:02 +05:30
Vishal Dalwadi
67baa75f45 feat(go): skip setting open connections; 2025-06-10 15:26:42 +05:30
Abhishek K
deb3be363b
Merge pull request #3488 from gravitl/patch/db-conn-pool
Patch: Use single db handle and use connection pool
2025-06-10 11:53:00 +05:30
Vishal Dalwadi
d9f910c29e feat(go): close the db; 2025-06-10 11:06:39 +05:30
Vishal Dalwadi
1c42ad3b39 Merge remote-tracking branch 'origin/patch/db-conn-pool' into patch/db-conn-pool 2025-06-10 10:18:56 +05:30
Vishal Dalwadi
6358069546 feat(go): use the same schema; 2025-06-10 10:18:30 +05:30
Abhishek K
81d8e61eca
Merge branch 'release-v0.99.0' into patch/db-conn-pool 2025-06-10 09:51:13 +05:30
Abhishek K
b86aea9d09
Merge pull request #3497 from gravitl/v0.99_fixes
v0.99: egress policy fix
2025-06-10 09:27:44 +05:30
abhishek9686
b1672267d2 fix all resources tag on egress 2025-06-10 09:27:24 +05:30
abhishek9686
f82b9e861d fix egress ranges on peer via policies 2025-06-10 08:36:04 +05:30
abhishek9686
fcbb524b82 check if node is egress gw 2025-06-09 18:00:38 +05:30
Abhishek K
8a2c1d603b
Merge pull request #3495 from gravitl/v0.99_fixes
update dns settigns on migration
2025-06-09 17:56:22 +05:30
abhishek9686
087b7393d6 update dns settigns on migration 2025-06-09 17:49:10 +05:30
Abhishek K
31d485bdaa
Merge pull request #3494 from gravitl/v0.99_fixes
v0.99: fix host dns setting
2025-06-09 17:42:22 +05:30
abhishek9686
ba869d7369 change DNS config to yes or no 2025-06-09 17:19:55 +05:30
abhishek9686
6be6304a64 fix host dns setting 2025-06-09 17:17:26 +05:30
Abhishek K
e3de513b92
Merge pull request #3493 from gravitl/v0.99_fixes
V0.99 fixes
2025-06-09 17:03:14 +05:30
abhishek9686
161a5107eb allow switching on internet gws from gateway page 2025-06-09 15:22:08 +05:30
abhishek9686
370426c7d1 fix all resources check for egress 2025-06-09 14:32:11 +05:30
abhishek9686
6bec2164a0 fix masterkey auth 2025-06-07 07:11:38 +05:30
abhishek9686
968ffe4db2 update release tag in install script 2025-06-06 18:57:40 +05:30
abhishek9686
63829466fd Merge branch 'develop' of https://github.com/gravitl/netmaker into develop 2025-06-06 17:42:05 +05:30
abhishek9686
494cc7f367 Merge branch 'master' of https://github.com/gravitl/netmaker into develop 2025-06-06 17:40:54 +05:30
abhishek9686
cd639ae969 add version tag on install script 2025-06-06 17:40:32 +05:30
Abhishek K
238c68eb2f
v0.99.0 Release Notes (#3489)
* add v0.99 release notes

* version bump

* add formating on release notes

* add formating on release notes

* Update release.md
2025-06-06 17:29:11 +05:30
Vishal Dalwadi
da5115221f fix(go): workflow errors fixes; 2025-06-06 15:42:30 +05:30
Vishal Dalwadi
48957c02fa feat(go): use single db handle; use connection pool; 2025-06-06 15:26:23 +05:30
abhishek9686
0b03b2cdbf egress vaslidation fix 2025-06-06 14:47:29 +05:30
abhishek9686
39d35c160c change dns default domain 2025-06-06 13:36:48 +05:30
Abhishek K
251213d3aa
Net 2014 v1 (#3487)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* add timestamp params to activity apis

* Add default dns domain
2025-06-06 13:27:03 +05:30
Abhishek K
810ff21165
NET-2014: add audit log retention period, add timestamp for events (#3486)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* add timestamp params to activity apis
2025-06-06 13:19:56 +05:30
Abhishek K
adc4d7f3dd
NET-2061: fix egress policies (#3485)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* fix extclient comms with users

* remove TODO comments

* add backwards compatibility to egress ranges

* remove all resources check

* remove device policy check on pro

* fix egress policies for users groups

* add default forwarding rule for inet gw
2025-06-06 13:10:36 +05:30
Abhishek K
fdc8ea4320
NET-2061: Fix egress user policies (#3484)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* fix extclient comms with users

* remove TODO comments

* add backwards compatibility to egress ranges

* remove all resources check

* remove device policy check on pro
2025-06-06 07:36:49 +05:30
Abhishek K
fcc558e792
Net 2061 (#3483)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* fix extclient comms with users

* remove TODO comments

* add backwards compatibility to egress ranges
2025-06-05 22:55:46 +05:30
Abhishek K
0f884d4f36
NET-2061: revert Inet gws, fix extclient comms with user policies (#3482)
* revert inet gws from acl policies

* add egress range with metric for inet gw

* link pro inet funcs

* fix extclient comms with users

* remove TODO comments
2025-06-05 22:42:16 +05:30
Abhishek K
0ff216dabd
NET-1932: Fix static node comms on CE (#3481)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

* fix egress on inet gw

* remove addtional checks on inet policy

* add acl policy for static nodes on CE

* remove chained inet gws

* fix multi-inet issue

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-05 13:28:23 +05:30
Abhishek K
44300590f8
NET-1932: remove addtional checks on Inet policy, optimise acl calls (#3480)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

* fix egress on inet gw

* remove addtional checks on inet policy

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-04 12:45:46 +05:30
Abhishek K
599a9c6f4a
NET-1932: handle non-inet egress ranges on inet gw (#3479)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

* fix egress on inet gw

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-04 08:04:40 +05:30
Abhishek K
3bae08797f
NET-1932: add failover inet gw check (#3478)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

* add failover inet gw check

* optiomise egress calls

* auto create gw on inet egress node

* optimise egress calls

* add global user role check

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-03 22:54:55 +05:30
Abhishek K
c1304aea5e
NET-1932: Migration Fix (#3470)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

* fix egress migration

* fix egress migration

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-03 08:24:05 +05:30
Abhishek K
08080121b9
NET-1932: fix default network user policy (#3469)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

* fix default network user policy

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-02 14:46:02 +05:30
Abhishek K
5849e0e2e1
NET-1932: sort out acls into CE and PRO (#3460)
* move relevant acl and tag code to CE and Pro pkgs

* intialise pro acl funcs

* list gateways by user access

* check user gw access by policies

* filter out user policies on CE

* filter out tagged policies on CE

* fix ce acl comms

* allow gateways tag

* allow gateway tag  on CE, remove failover and gw check on acl policy

* add gw rules func to pro

* add inet gw support on CE

* add egress acl API

* add egress acl API

* fix(go): set is_gw when converting api node to server node;

* fix(go): set is_gw when converting api node to server node;

* fix policy validity checker for inet gws

* move dns option to host model

* fix node removal from egress policy on delete

* add migration logic for ManageDNS

* fix dns json field

* fix nil error on node tags

* add egress info to relayed nodes

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
2025-06-02 13:05:10 +05:30
Vishal Dalwadi
f0affca56b
NET-1991 Fixes (#3467)
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* fix revoked tokens to be unauthorized

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* feat(go): add types for idp package;

* feat(go): import azure sdk;

* feat(go): add stub for google workspace client;

* feat(go): implement azure ad client;

* feat(go): sync users and groups using idp client;

* publish peer update on settings update

* feat(go): read creds from env vars;

* feat(go): add api endpoint to trigger idp sync;

* fix(go): sync member changes;

* fix(go): handle error;

* fix(go): set correct response type;

* feat(go): support disabling user accounts;

1. Add api endpoints to enable and disable user accounts.
2. Add checks in authenticators to prevent disabled users from logging in.
3. Add checks in middleware to prevent api usage by disabled users.

* feat(go): use string slice for group members;

* feat(go): sync user account status from idp;

* feat(go): import google admin sdk;

* feat(go): add support for google workspace idp;

* feat(go): initialize idp client on sync;

* feat(go): sync from idp periodically;

* feat(go): improvements for google idp;

1. Use the impersonate package to authenticate.
2. Use Pages method to get all data.

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* fix user auth api:

* re initalise oauth and email config

* feat(go): fetch idp creds from server settings;

* feat(go): add filters for users and groups;

* feat(go): skip sync from idp if disabled;

* feat(go): add endpoint to remove idp integration;

* feat(go): import all users if no filters;

* feat(go): assign service-user role on sync;

* feat(go): remove microsoft-go-sdk;

* feat(go): add display name field for user;

* fix(go): set account disabled correctly;

* fix(go): update user if display name changes;

* fix(go): remove auth provider when removing idp integration;

* fix(go): ignore display name if empty;

* feat(go): add idp sync interval setting;

* fix(go): error on invalid auth provider;

* fix(go): no error if no user on group delete;

* fix(go): check superadmin using platform role id;

* feat(go): add display name and account disabled to return user as well;

* feat(go): tidy go mod after merge;

* feat(go): reinitialize auth provider and idp sync hook;

* fix(go): merge error;

* fix(go): merge error;

* feat(go): use id as the external provider id;

* fix(go): comments;

* feat(go): add function to return pending users;

* feat(go): prevent external id erasure;

* fix(go): user and group sync errors;

* chore(go): cleanup;

* fix(go): delete only oauth users;

* feat(go): use uuid group id;

* export ipd id to in rest api

* feat(go): don't use uuid for default groups;

* feat(go): migrate group only if id not uuid;

* chore(go): go mod tidy;

* fix(go): empty id user groups membership;

* fix(go): set user groups only if nil;

* fix(go): use reset to start only if required;

* fix(go): use context for better control;

* fix(go): allow id to be string or int;

* fix(go): roles and groups migration;

---------

Co-authored-by: abhishek9686 <abhi281342@gmail.com>
Co-authored-by: Abhishek K <abhishek@netmaker.io>
Co-authored-by: the_aceix <aceixsmartx@gmail.com>
2025-05-29 12:32:12 +05:30
abhishek9686
84573787f8 add user info to events 2025-05-27 23:00:18 +05:30
abhishek9686
f538e80f76 fix enrollment key join on existing networks 2025-05-27 22:55:16 +05:30
dependabot[bot]
6879d1d676
Bump gorm.io/gorm from 1.26.1 to 1.30.0 (#3463)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.26.1 to 1.30.0.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.26.1...v1.30.0)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-version: 1.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-27 15:19:50 +05:30