* reset failover if endpoint changed
* add peerUpdate in pull when resetfailover
* remove go routine for peerUpdate in pull
* update peerUpdate in pull
* user mgmt models
* define user roles
* define models for new user mgmt and groups
* oauth debug log
* initialize user role after db conn
* print oauth token in debug log
* user roles CRUD apis
* user groups CRUD Apis
* additional api checks
* add additional scopes
* add additional scopes url
* add additional scopes url
* rm additional scopes url
* setup middlleware permission checks
* integrate permission check into middleware
* integrate permission check into middleware
* check for headers for subjects
* refactor user role models
* refactor user groups models
* add new user to pending user via RAC login
* untracked
* allow multiple groups for an user
* change json tag
* add debug headers
* refer network controls form roles, add debug headers
* refer network controls form roles, add debug headers
* replace auth checks, add network id to role model
* nodes handler
* migration funcs
* invoke sync users migration func
* add debug logs
* comment middleware
* fix get all nodes api
* add debug logs
* fix middleware error nil check
* add new func to get username from jwt
* fix jwt parsing
* abort on error
* allow multiple network roles
* allow multiple network roles
* add migration func
* return err if jwt parsing fails
* set global check to true when accessing user apis
* set netid for acls api calls
* set netid for acls api calls
* update role and groups routes
* add validation checks
* add invite flow apis and magic links
* add invited user via oauth signup automatically
* create invited user on oauth signup, with groups in the invite
* add group validation for user invite
* update create user handler with new role mgmt
* add validation checks
* create user invites tables
* add error logging for email invite
* fix invite singup url
* debug log
* get query params from url
* get query params from url
* add query escape
* debug log
* debug log
* fix user signup via invite api
* set admin field for backward compatbility
* use new role id for user apis
* deprecate use of old admin fields
* deprecate usage of old user fields
* add user role as service user if empty
* setup email sender
* delete invite after user singup
* add plaform user role
* redirect on invite verification link
* fix invite redirect
* temporary redirect
* fix invite redirect
* point invite link to frontend
* fix query params lookup
* add resend support, configure email interface types
* fix groups and user creation
* validate user groups, add check for metrics api in middleware
* add invite url to invite model
* migrate rac apis to new user mgmt
* handle network nodes
* add platform user to default role
* fix user role migration
* add default on rag creation and cleanup after deletion
* fix rac apis
* change to invite code param
* filter nodes and hosts based on user network access
* extend create user group req to accomodate users
* filter network based on user access
* format oauth error
* move user roles and groups
* fix get user v1 api
* move user mgmt func to pro
* add user auth type to user model
* fix roles init
* remove platform role from group object
* list only platform roles
* add network roles to invite req
* create default groups and roles
* fix middleware for global access
* create default role
* fix nodes filter with global network roles
* block selfupdate of groups and network roles
* delete netID if net roles are empty
* validate user roles nd groups on update
* set extclient permission scope when rag vpn access is set
* allow deletion of roles and groups
* replace _ with - in role naming convention
* fix failover middleware mgmt
* format oauth templates
* fetch route temaplate
* return err if user wrong login type
* check user groups on rac apis
* fix rac apis
* fix resp msg
* add validation checks for admin invite
* return oauth type
* format group err msg
* fix html tag
* clean up default groups
* create default rag role
* add UI name to roles
* remove default net group from user when deleted
* reorder migration funcs
* fix duplicacy of hosts
* check old field for migration
* from pro to ce make all secondary users admins
* from pro to ce make all secondary users admins
* revert: from pro to ce make all secondary users admins
* make sure downgrades work
* fix pending users approval
* fix duplicate hosts
* fix duplicate hosts entries
* fix cache reference issue
* feat: configure FRONTEND_URL during installation
* disable user vpn access when network roles are modified
* rm vpn acces when roles or groups are deleted
* add http to frontend url
* revert crypto version
* downgrade crytpo version
* add platform id check on user invites
---------
Co-authored-by: the_aceix <aceixsmartx@gmail.com>
* deprecate setting etc host dns entries, set coredns entries at neccessary places
* remove dns mq topics
* only set dns when set on
* add extcleints dns entries to coredns
* fix static checks
* run coredns with host network mode
* add bind address to coredns container
* cache enabled option, cache hosts data if only enabled
* cache nodes only when enabled
* cache extclients only when enabled
* cache acls only when enabled
* api to to get host relayed from client
* add auto relay to api host
* add peer nat type
* set pro field on signal
* rm net check on relay me handler
* return success response
* re-establish failover logic
* set failOver ctx
* failOver with peer pub key
* failovered peer updates
* failover handlers, reset failovered peer on deletion
* rm unused funcs
* initialize failover handler on EE
* ignore failover node on signal
* failover changes
* set host id on signal
* extend signal model to include node ids
* add backwards compatibility
* add failover as node api
* set json response on failover handers
* add failover field to api node
* fix signal data check
* initialize failover peer map
* reset failovered status when relayed or deleted
* add failover info to api node
* reset network failover
* only proceed furtuer if failover exists in the network
* set failOver node defaults
* cannot set failover node as relayed
* debug log
* debug log
* debug changes
* debug changes
* debug changes
* revert debug changes
* don't add peers to idmap when removed
* reset failed Over
* fix static checks
* rm debug log
* add check for linux host
* Move PKA field from models node to host level
* Move PKA field from api models node to host level
* Adapt logic package to node->host PKA
* Adapt migration-related code to node->host PKA
* Adapt cli code to node->host PKA
* Change host PKA default to 20s
* On IfaceDelta, check for PKA on host
* On handleHostRegister, set default PKA
* Use a default PKA
* Use int64 for api host pka
* Reorder imports
* Don't use host pka in iface delta
* Fix ConvertAPIHostToNMHost
* Add swagger doc for host PKA field
* Fix swagger.yml
* Set default PKA only for new hosts
* Remove TODO comment
* Remove redundant check
* Have api-host pka be specified in seconds
* Move ee code to ee package and unify ee status to IsPro
* Consolidate naming for paid/professional/enterprise version as "pro". Notes:
- Changes image tags
- Changes build tags
- Changes package names
- Doesn't change links to docs that mention "ee"
- Doesn't change parameters sent to PostHog that mention "ee"
* Revert docker image tag being -pro, back to -ee
* Revert go build tag being pro, back to ee
* Add build tags for some ee content
* [2] Revert go build tag being pro, back to ee
* Fix test workflow
* Add a json tag to be backwards compatible with frontend "IsEE" check
* Add a json tag for the serverconfig struct for IsEE
* Ammend json tag to Is_EE
* fix ee tags
---------
Co-authored-by: Abhishek Kondur <abhi281342@gmail.com>
* Rename var
* Rename consts and use iota
* Use switch instead of repeated else if
* Rename limits related vars
* Introduce new free tier limits
* Measure new limits and report on license validation
* Separate usage and limits, have new ones
* Don't check for hosts and clients limits, but for machines instead
* Error on egress creation @ free tier w/ internet gateways
* Remove clients and hosts limit from code
* Rename var
* Rename consts and use iota
* Use switch instead of repeated else if
* Rename limits related vars
* Introduce new free tier limits
* Measure new limits and report on license validation
* Separate usage and limits, have new ones
* Don't check for hosts and clients limits, but for machines instead
* Error on egress creation @ free tier w/ internet gateways
* Remove clients and hosts limit from code
* remove related fields and code
* remover metrics collection from server code
* fw update struct
* add ext client flag to metrics data
* simply nat types
* rm proxy update from cli
* adding serverconfig logic and variable to hosts
* - sync EndpointDetection on peerupdate
- add EndpointDetection to env config
* - endpoint detection always comes from the server
- fixed ENDPOINT_DETECTION -> NETCLIENT_ENDPOINT_DETECTION
---------
Co-authored-by: afeiszli <alex.feiszli@gmail.com>
* fetch public listen of wg if present
* check if wg pub listen port has been changed on host update
* wg public port to host api model for visibility
* rm comment
