gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-06 05:04:27 +08:00
Code Issues Projects Releases Packages Wiki Activity
6848 commits 1586 branches 84 tags 295 MiB
Commit graph

73 commits

Author SHA1 Message Date
Abhishek K
307a3d1e4b
NET-1932: Merge egress and internet gateways (#3436) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* egress model

* fix revoked tokens to be unauthorized

* update egress model

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* setup api handlers for egress revamp

* use single DB, fix update nat boolean field

* extend validaiton checks for egress ranges

* add migration to convert to new egress model

* fix panic interface conversion

* publish peer update on settings update

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* remove nat check on egress gateway request

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* add inet gw status to egress model

* fetch node ids in the tag, add inet gw info clients

* add inet gw info to node from egress list

* add migration logic internet gws

* create default acl policies

* add egress info

* add egress TODO

* add egress TODO

* fix user auth api:

* add reference id to acl policy

* add egress response from DB

* publish peer update on egress changes

* re initalise oauth and email config

* set verbosity

* normalise cidr on egress req

* add egress id to acl group

* change acls to use egress id

* resolve merge conflicts

* fix egress reference errors

* move egress model to schema

* add api context to DB

* sync auto update settings with hosts

* sync auto update settings with hosts

* check acl for egress node

* check for egress policy in the acl dst groups

* fix acl rules for egress policies with new models

* add status to egress model

* fix inet node func

* mask secret and convert jwt duration to minutes

* enable egress policies on creation

* convert jwt duration to minutes

* add relevant ranges to inet egress

* skip non active egress routes

* resolve merge conflicts

* fix static check

* update gorm tag for primary key on egress model

* create user policies for egress resources

* resolve merge conflicts

* get egress info on failover apis, add egress src validation for inet gws

* add additional validation checks on egress req

* add additional validation checks on egress req

* skip all resources for inet policy

* delete associated egress acl policies

* fix failover of inetclient

* avoid setting inet client asd inet gw

* fix all resource egress policy

* fix inet gw egress rule

* check for node egress on relay req

* fix egress acl rules comms

* add new field for egress info on node

* check acl policy in failover ctx

* avoid default host to be set as inet client

* fix relayed egress node

* add valid error messaging for egress validate func

* return if inet default host

* jump port detection to 51821

* check host ports on pull

* check user access gws via acls

* add validation check for default host and failover for inet clients

* add error messaging for acl policy check

* fix inet gw status

* ignore failover req for peer using inet gw

* check for allowed egress ranges for a peer

* add egress routes to static nodes by access

* avoid setting failvoer as inet client

* fix egress error messaging

* fix extclients egress comms

* fix inet gw acting as inet client

* return formatted error on update acl validation

* add default route for static nodes on inetclient

* check relay node acting as inetclient

* move inet node info to separate field, fix all resouces policy

* remove debug logs

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-05-21 12:50:21 +05:30
Gabriel de Souza Seibel
cb4b99ffcb
[NET-562] Persistent Keep Alive from node to host (#2604) 
* Move PKA field from models node to host level

* Move PKA field from api models node to host level

* Adapt logic package to node->host PKA

* Adapt migration-related code to node->host PKA

* Adapt cli code to node->host PKA

* Change host PKA default to 20s

* On IfaceDelta, check for PKA on host

* On handleHostRegister, set default PKA

* Use a default PKA

* Use int64 for api host pka

* Reorder imports

* Don't use host pka in iface delta

* Fix ConvertAPIHostToNMHost

* Add swagger doc for host PKA field

* Fix swagger.yml

* Set default PKA only for new hosts

* Remove TODO comment

* Remove redundant check

* Have api-host pka be specified in seconds
 2023-10-06 10:09:19 +04:00
Abhishek K
6c2582651c
Net-137: Node relays (#2401) 
* revert relays

* initial relay commit

* get relayed allowed ips

* add more relay validation checks, peer logic cleanup

* rm relayed nodes from relay node when relayed node is deleted

* fix egress updates for relayed nodes

* rm unused func

* remove  debug logs

* avoid adding egress ranges on the relayed gw node

---------

Co-authored-by: Matthew R Kasun <mkasun@nusak.ca>
 2023-06-19 12:26:14 -04:00
0xdcarns
ad2934a8fc remove allowed ips and local address 2022-12-23 14:07:16 -05:00
Matthew R. Kasun
38cd4d7700 refactor join 
also removes server node
suspect there may be issues with proxy
and UI interactions with nodes
 2022-12-20 15:29:09 -05:00
Matthew R. Kasun
c086e9499d rebase 
Signed-off-by: Matthew R. Kasun <mkasun@nusak.ca>
 2022-12-19 15:15:35 -05:00
Abhishek Kondur
4b1a85a3ee proxy changes 2022-12-02 17:35:41 +05:30
Abhishek Kondur
f95306ddbd make proxy optional 2022-11-20 09:35:29 +05:30
Abhishek Kondur
a7c0abe2fc refactor proxy updates 2022-11-07 01:25:04 +05:30
Abhishek Kondur
acae6c3aed added relay functionality to proxy 2022-11-04 01:24:48 +05:30
Abhishek Kondur
17e05d430b sync peers updates with proxy 2022-11-02 15:33:42 +05:30
Abhishek Kondur
474bd14e36 configure proxy on node updates 2022-10-31 10:32:04 +05:30
Abhishek Kondur
31a7e73473 add proxy to netmaker server 2022-10-28 17:02:22 +05:30
Matthew R. Kasun
7ec8c4be2a use RunCmd for postup/postdown 2022-09-09 14:15:10 -04:00
0xdcarns
7347085e5e conflict resolution 2022-08-30 10:55:18 -04:00
0xdcarns
c05320a323 initial logic added 2022-08-30 10:52:04 -04:00
Matthew R. Kasun
abadb28a56 remove unused functions to pass staticchecks 2022-08-19 14:38:36 -04:00
Matthew R. Kasun
184e5a66d9 refactor server routing 2022-08-19 11:25:39 -04:00
Matthew R Kasun
fb60ead1a2 fix missing digit 2022-06-24 20:17:08 +00:00
Matthew R Kasun
ac37184c77 remove check as node has been already deleted from database 2022-06-23 11:37:30 +00:00
0xdcarns
2de7beb31e added nil checks, handled empty map 2022-05-11 12:07:06 -04:00
0xdcarns
e7f9310b3d added length checks as temp solution 2022-05-10 15:18:29 -04:00
afeiszli
80cc86783d fixing ipv6 2022-05-02 10:48:00 -04:00
0xdcarns
e1ab6b21fd added static server routes 2022-04-28 09:50:26 -04:00
afeiszli
894fd1f5bd making dual stack addressing work client side 2022-04-25 21:16:47 -04:00
afeiszli
b03b4cfcff adding in ipv4 2022-04-25 20:50:09 -04:00
0xdcarns
8e976d1f55 removed isdualstack references 2022-04-25 13:09:23 -04:00
0xdcarns
988c0d7629 fixed removing local servers on deletes 2022-03-22 14:29:20 -04:00
Matthew R. Kasun
f615b685c7 server routes 2022-03-20 06:25:12 -04:00
afeiszli
be1763bb74 removing old node logic 2022-02-18 10:15:21 -05:00
0xdcarns
25c4d8ff1e fixes 2022-02-17 10:33:48 -05:00
afeiszli
c2d99269c5 add MTU to ifacedelta 2022-02-16 20:26:20 -05:00
0xdcarns
5c35ca433e edited run updates 2022-02-15 10:12:39 -05:00
Matthew R. Kasun
fd6c4742de get address range from network 2022-02-09 15:21:51 -05:00
Matthew R. Kasun
e39138c184 removed hard coded netmask 2022-02-09 14:41:13 -05:00
0xdcarns
f7258bf98f refactored some client leave & cache and server join logic 2022-02-03 09:51:37 -05:00
0xdcarns
36b319c772 debug 2022-01-31 11:20:11 -05:00
0xdcarns
2a4a30f937 added debug stuff 2022-01-31 11:20:11 -05:00
Matthew R Kasun
bc54bbf167 manual rebase to develop 2022-01-25 07:31:50 -05:00
Matthew R Kasun
95dea6a4ba fix for issue #621 2022-01-21 13:15:54 -05:00
0xdcarns
916866f73c began refactor 2022-01-17 18:35:16 -05:00
0xdcarns
c033be41bb began transition 2022-01-17 14:21:40 -05:00
0xdcarns
43b9e73eaa updated ioutil refs and composes 2022-01-06 15:05:38 -05:00
Matthew R Kasun
781de684a0 remove nameserver from call to CreateWireGuardConf 2022-01-06 09:13:49 -05:00
0xdcarns
4ca0e856bc added post commands for wg quick 2022-01-04 13:13:42 -05:00
0xdcarns
83fce6226a added DNS call to server 2022-01-02 10:51:22 -05:00
0xdcarns
548997f9ef optimize further 2021-12-10 21:09:42 -05:00
0xdcarns
e45a485bce added comments, optimized memory 2021-12-10 15:01:10 -05:00
0xdcarns
85e8c0abb6 memory issue work 2021-12-08 16:52:32 -05:00
0xdcarns
6215ea2db8 adjusted values to pointers for a lot of functions 2021-12-07 15:04:00 -05:00