2e8d95e80e
* user mgmt models * define user roles * define models for new user mgmt and groups * oauth debug log * initialize user role after db conn * print oauth token in debug log * user roles CRUD apis * user groups CRUD Apis * additional api checks * add additional scopes * add additional scopes url * add additional scopes url * rm additional scopes url * setup middlleware permission checks * integrate permission check into middleware * integrate permission check into middleware * check for headers for subjects * refactor user role models * refactor user groups models * add new user to pending user via RAC login * untracked * allow multiple groups for an user * change json tag * add debug headers * refer network controls form roles, add debug headers * refer network controls form roles, add debug headers * replace auth checks, add network id to role model * nodes handler * migration funcs * invoke sync users migration func * add debug logs * comment middleware * fix get all nodes api * add debug logs * fix middleware error nil check * add new func to get username from jwt * fix jwt parsing * abort on error * allow multiple network roles * allow multiple network roles * add migration func * return err if jwt parsing fails * set global check to true when accessing user apis * set netid for acls api calls * set netid for acls api calls * update role and groups routes * add validation checks * add invite flow apis and magic links * add invited user via oauth signup automatically * create invited user on oauth signup, with groups in the invite * add group validation for user invite * update create user handler with new role mgmt * add validation checks * create user invites tables * add error logging for email invite * fix invite singup url * debug log * get query params from url * get query params from url * add query escape * debug log * debug log * fix user signup via invite api * set admin field for backward compatbility * use new role id for user apis * deprecate use of old admin fields * deprecate usage of old user fields * add user role as service user if empty * setup email sender * delete invite after user singup * add plaform user role * redirect on invite verification link * fix invite redirect * temporary redirect * fix invite redirect * point invite link to frontend * fix query params lookup * add resend support, configure email interface types * fix groups and user creation * validate user groups, add check for metrics api in middleware * add invite url to invite model * migrate rac apis to new user mgmt * handle network nodes * add platform user to default role * fix user role migration * add default on rag creation and cleanup after deletion * fix rac apis * change to invite code param * filter nodes and hosts based on user network access * extend create user group req to accomodate users * filter network based on user access * format oauth error * move user roles and groups * fix get user v1 api * move user mgmt func to pro * add user auth type to user model * fix roles init * remove platform role from group object * list only platform roles * add network roles to invite req * create default groups and roles * fix middleware for global access * create default role * fix nodes filter with global network roles * block selfupdate of groups and network roles * delete netID if net roles are empty * validate user roles nd groups on update * set extclient permission scope when rag vpn access is set * allow deletion of roles and groups * replace _ with - in role naming convention * fix failover middleware mgmt * format oauth templates * fetch route temaplate * return err if user wrong login type * check user groups on rac apis * fix rac apis * fix resp msg * add validation checks for admin invite * return oauth type * format group err msg * fix html tag * clean up default groups * create default rag role * add UI name to roles * remove default net group from user when deleted * reorder migration funcs * fix duplicacy of hosts * check old field for migration * from pro to ce make all secondary users admins * from pro to ce make all secondary users admins * revert: from pro to ce make all secondary users admins * make sure downgrades work * fix pending users approval * fix duplicate hosts * fix duplicate hosts entries * fix cache reference issue * feat: configure FRONTEND_URL during installation * disable user vpn access when network roles are modified * rm vpn acces when roles or groups are deleted * add http to frontend url * revert crypto version * downgrade crytpo version * add platform id check on user invites --------- Co-authored-by: the_aceix <aceixsmartx@gmail.com> |
||
---|---|---|
.github | ||
auth | ||
cli | ||
compose | ||
config | ||
controllers | ||
database | ||
docker | ||
docs | ||
functions | ||
k8s | ||
logger | ||
logic | ||
migrate | ||
models | ||
mq | ||
netclient/ncutils | ||
nginx | ||
pro | ||
scripts | ||
servercfg | ||
serverctl | ||
test | ||
tls | ||
validation | ||
.dockerignore | ||
.fpm | ||
.gitignore | ||
.goreleaser.prerelease.yaml | ||
.goreleaser.update.yaml | ||
.goreleaser.yaml | ||
CONTRIBUTING.md | ||
dev.yaml | ||
Dockerfile | ||
Dockerfile-quick | ||
go.mod | ||
go.sum | ||
LICENSE.md | ||
main.go | ||
main_ee.go | ||
README.md | ||
release.md | ||
SECURITY.md | ||
swagger.yaml |
WireGuard® automation from homelab to enterprise
Create | Manage | Automate |
---|---|---|
✔️ WireGuard Networks | ✔️ Admin UI | ✔️ Linux |
✔️ Remote Access Gateways | ✔️ OAuth | ✔️ Docker |
✔️ Mesh VPNs | ✔️ Private DNS | ✔️ Mac |
✔️ Site-to-Site | ✔️ Access Control Lists | ✔️ Windows |
Try Netmaker SaaS
If you're looking for a managed service, you can get started with just few clicks, visit netmaker.io to create your netmaker server.
Self-Hosted Quick Start
These are the instructions for deploying a Netmaker server on your own cloud VM as quickly as possible. For more detailed instructions, visit the Install Docs.
- Get a cloud VM with Ubuntu 22.04 and a public IP.
- Open ports 443, 80, 3479, 8089 and 51821-51830/udp on the VM firewall and in cloud security settings.
- (recommended) Prepare DNS - Set a wildcard subdomain in your DNS settings for Netmaker, e.g. *.netmaker.example.com, which points to your VM's public IP.
- Run the script:
sudo wget -qO /root/nm-quick.sh https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/nm-quick.sh && sudo chmod +x /root/nm-quick.sh && sudo /root/nm-quick.sh
This script by default installs PRO version with 14-day trial, check out these instructions for post trial period https://docs.netmaker.io/install.html#after-trial-period-ends. It also gives you the option to use your own domain (recommended) or an auto-generated domain.
After installing Netmaker, check out the Walkthrough and Getting Started guides to learn more about configuring networks. Or, check out some of our other Tutorials for different use cases, including Kubernetes.
Get Support
Why Netmaker + WireGuard?
-
Netmaker automates virtual networks between data centers, clouds, and edge devices, so you don't have to.
-
Kernel WireGuard offers maximum speed, performance, and security.
-
Netmaker is built to scale from the small business to the enterprise.
-
Netmaker with WireGuard can be highly customized for peer-to-peer, site-to-site, Kubernetes, and more.
Community Projects
Disclaimer
WireGuard is a registered trademark of Jason A. Donenfeld.
License
Netmaker's source code and all artifacts in this repository are freely available. All content that resides under the "pro/" directory of this repository, if that directory exists, is licensed under the license defined in "pro/LICENSE". All third party components incorporated into the Netmaker Software are licensed under the original license provided by the owner of the applicable component. Content outside of the above mentioned directories or restrictions above is available under the "Apache Version 2.0" license as defined below. All details for the licenses used can be found here: LICENSE.md.