gravitl/netmaker
1
1
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-09-13 00:24:31 +08:00
Code Issues Projects Releases Packages Wiki Activity
7098 commits 1591 branches 85 tags 295 MiB
Commit graph

20 commits

Author SHA1 Message Date
Abhishek K
307a3d1e4b
NET-1932: Merge egress and internet gateways (#3436) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* add server settings apis, add db table for settigs

* handle server settings updates

* switch to using settings from DB

* fix sever settings migration

* revet force migration for settings

* fix server settings database write

* egress model

* fix revoked tokens to be unauthorized

* update egress model

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* fix merge conflicts

* fix server settings types

* bypass basic auth setting for super admin

* add TODO comment

* setup api handlers for egress revamp

* use single DB, fix update nat boolean field

* extend validaiton checks for egress ranges

* add migration to convert to new egress model

* fix panic interface conversion

* publish peer update on settings update

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* chore(go): import style changes from migration branch;

1. Singular file names for table schema.
2. No table name method.
3. Use .Model instead of .Table.
4. No unnecessary tagging.

* remove nat check on egress gateway request

* Revert "remove nat check on egress gateway request"

This reverts commit 0aff12a189.

* remove nat check on egress gateway request

* feat(go): add db middleware;

* feat(go): restore method;

* feat(go): add user access token schema;

* add inet gw status to egress model

* fetch node ids in the tag, add inet gw info clients

* add inet gw info to node from egress list

* add migration logic internet gws

* create default acl policies

* add egress info

* add egress TODO

* add egress TODO

* fix user auth api:

* add reference id to acl policy

* add egress response from DB

* publish peer update on egress changes

* re initalise oauth and email config

* set verbosity

* normalise cidr on egress req

* add egress id to acl group

* change acls to use egress id

* resolve merge conflicts

* fix egress reference errors

* move egress model to schema

* add api context to DB

* sync auto update settings with hosts

* sync auto update settings with hosts

* check acl for egress node

* check for egress policy in the acl dst groups

* fix acl rules for egress policies with new models

* add status to egress model

* fix inet node func

* mask secret and convert jwt duration to minutes

* enable egress policies on creation

* convert jwt duration to minutes

* add relevant ranges to inet egress

* skip non active egress routes

* resolve merge conflicts

* fix static check

* update gorm tag for primary key on egress model

* create user policies for egress resources

* resolve merge conflicts

* get egress info on failover apis, add egress src validation for inet gws

* add additional validation checks on egress req

* add additional validation checks on egress req

* skip all resources for inet policy

* delete associated egress acl policies

* fix failover of inetclient

* avoid setting inet client asd inet gw

* fix all resource egress policy

* fix inet gw egress rule

* check for node egress on relay req

* fix egress acl rules comms

* add new field for egress info on node

* check acl policy in failover ctx

* avoid default host to be set as inet client

* fix relayed egress node

* add valid error messaging for egress validate func

* return if inet default host

* jump port detection to 51821

* check host ports on pull

* check user access gws via acls

* add validation check for default host and failover for inet clients

* add error messaging for acl policy check

* fix inet gw status

* ignore failover req for peer using inet gw

* check for allowed egress ranges for a peer

* add egress routes to static nodes by access

* avoid setting failvoer as inet client

* fix egress error messaging

* fix extclients egress comms

* fix inet gw acting as inet client

* return formatted error on update acl validation

* add default route for static nodes on inetclient

* check relay node acting as inetclient

* move inet node info to separate field, fix all resouces policy

* remove debug logs

---------

Co-authored-by: Vishal Dalwadi <dalwadivishal26@gmail.com>
 2025-05-21 12:50:21 +05:30
Abhishek K
119ef4e17e
move api tokens models to schema pkg (#3434) 2025-04-29 00:11:56 +04:00
Abhishek K
ca95954fb5
NET-2000: Api access tokens (#3418) 
* feat: api access tokens

* revoke all user tokens

* redefine access token api routes, add auto egress option to enrollment keys

* fix revoked tokens to be unauthorized

* remove unused functions

* convert access token to sql schema

* switch access token to sql schema

* revoke token generated by an user

* add user token creation restriction by user role

* add forbidden check for access token creation

* revoke user token when group or role is changed

* add default group to admin users on update

* fix token removal on user update

* fix token removal on user update
 2025-04-23 20:21:42 +04:00
Matthew R Kasun
9edb541388 remove localrange 2023-01-20 05:42:05 -05:00
afeiszli
4157ddb73a fix staticcheck 2022-09-19 13:27:30 -04:00
afeiszli
8d422526b3 refactoring servercfg 2022-05-31 12:07:56 -04:00
afeiszli
0865a535c7 changing broker retrieval/setting logic 2022-05-30 12:39:33 -04:00
Matthew R. Kasun
7152f6ccd4 remove references to grpc/comms net 2022-04-21 15:53:44 -04:00
Matthew R. Kasun
6aa1a68a6f register command - client 2022-04-13 15:25:35 -04:00
Matthew R. Kasun
935567761b mq direct to server public ip 2022-04-12 10:43:02 -04:00
afeiszli
c6a7238453 adding random comms network name logic 2022-02-18 15:18:50 -05:00
Matthew R. Kasun
7e9f65ad1b remove corednsAddrr from token 2022-02-15 11:25:50 -05:00
Matthew R. Kasun
5e3654faa9 remove commented out code 2022-02-15 08:10:51 -05:00
Matthew R. Kasun
950ce4b4da removed APIConnString from accessToken 2022-02-15 07:13:02 -05:00
Matthew R. Kasun
f3c5800912 removed unnecessary data elements 2022-02-14 17:57:28 -05:00
0xdcarns
d7cafbbc4c code linting 2021-10-08 15:07:12 -04:00
afeiszli
21ba362eca allowing IsServer to be modified, configurable checkin time, single checkin for linux, moved cfg files 2021-10-02 12:28:17 -04:00
afeiszli
68607ae8ca fixing netclient 2021-07-15 15:14:48 -04:00
afeiszli
9860082b7c token configs and secure grpc working 2021-07-11 10:18:31 -04:00
afeiszli
977da6b129 compiling with changes pushed for json token. Have NOT TESTED. Will probably run into issues. Need to test multiple egress ranges, AllowedIPs, and overriding connection strings. 2021-07-11 00:49:31 -04:00