mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-24 17:30:29 +08:00
fixing permissions, logging on netclient
This commit is contained in:
@@ -73,7 +73,7 @@ func AutoLogin(client nodepb.NodeServiceClient, network string) error {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
tokenstring := []byte(res.Data)
|
tokenstring := []byte(res.Data)
|
||||||
err = os.WriteFile(home+"nettoken-"+network, tokenstring, 0600) // TODO: Proper permissions?
|
err = os.WriteFile(home+"nettoken-"+network, tokenstring, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@@ -51,7 +51,7 @@ func Write(config *ClientConfig, network string) error {
|
|||||||
}
|
}
|
||||||
_, err := os.Stat(ncutils.GetNetclientPath() + "/config")
|
_, err := os.Stat(ncutils.GetNetclientPath() + "/config")
|
||||||
if os.IsNotExist(err) {
|
if os.IsNotExist(err) {
|
||||||
os.MkdirAll(ncutils.GetNetclientPath()+"/config", 0744)
|
os.MkdirAll(ncutils.GetNetclientPath()+"/config", 0700)
|
||||||
} else if err != nil {
|
} else if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@@ -79,7 +79,7 @@ func (config *ClientConfig) ReadConfig() {
|
|||||||
home := ncutils.GetNetclientPathSpecific()
|
home := ncutils.GetNetclientPathSpecific()
|
||||||
file := fmt.Sprintf(home + "netconfig-" + config.Network)
|
file := fmt.Sprintf(home + "netconfig-" + config.Network)
|
||||||
//f, err := os.Open(file)
|
//f, err := os.Open(file)
|
||||||
f, err := os.OpenFile(file, os.O_RDONLY, 0666)
|
f, err := os.OpenFile(file, os.O_RDONLY, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("trouble opening file")
|
fmt.Println("trouble opening file")
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
@@ -134,7 +134,7 @@ func SaveBackup(network string) error {
|
|||||||
ncutils.Log("failed to read " + configPath + " to make a backup")
|
ncutils.Log("failed to read " + configPath + " to make a backup")
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err = os.WriteFile(backupPath, input, 0644); err != nil {
|
if err = os.WriteFile(backupPath, input, 0600); err != nil {
|
||||||
ncutils.Log("failed to copy backup to " + backupPath)
|
ncutils.Log("failed to copy backup to " + backupPath)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@@ -152,7 +152,7 @@ func ReplaceWithBackup(network string) error {
|
|||||||
ncutils.Log("failed to read file " + backupPath + " to backup network: " + network)
|
ncutils.Log("failed to read file " + backupPath + " to backup network: " + network)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if err = os.WriteFile(configPath, input, 0644); err != nil {
|
if err = os.WriteFile(configPath, input, 0600); err != nil {
|
||||||
ncutils.Log("failed backup " + backupPath + " to " + configPath)
|
ncutils.Log("failed backup " + backupPath + " to " + configPath)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@@ -56,7 +56,7 @@ func writeServiceConfig() error {
|
|||||||
</service>
|
</service>
|
||||||
`, strings.Replace(ncutils.GetNetclientPathSpecific()+"netclient.exe", `\\`, `\`, -1))
|
`, strings.Replace(ncutils.GetNetclientPathSpecific()+"netclient.exe", `\\`, `\`, -1))
|
||||||
if !ncutils.FileExists(serviceConfigPath) {
|
if !ncutils.FileExists(serviceConfigPath) {
|
||||||
err := os.WriteFile(serviceConfigPath, []byte(scriptString), 0644)
|
err := os.WriteFile(serviceConfigPath, []byte(scriptString), 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@@ -5,6 +5,7 @@ import (
|
|||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"runtime"
|
"runtime"
|
||||||
@@ -103,14 +104,14 @@ func MessageQueue(ctx context.Context, network string) {
|
|||||||
ncutils.Log("netclient go routine started for " + network)
|
ncutils.Log("netclient go routine started for " + network)
|
||||||
var cfg config.ClientConfig
|
var cfg config.ClientConfig
|
||||||
cfg.Network = network
|
cfg.Network = network
|
||||||
cfg.ReadConfig()
|
|
||||||
ncutils.Log("pulling latest config for " + cfg.Network)
|
ncutils.Log("pulling latest config for " + cfg.Network)
|
||||||
_, err := Pull(cfg.Network, true)
|
_, err := Pull(network, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ncutils.Log(err.Error())
|
ncutils.Log(err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
time.Sleep(2 * time.Second)
|
time.Sleep(time.Second << 1)
|
||||||
|
cfg.ReadConfig()
|
||||||
ncutils.Log("daemon started for network: " + network)
|
ncutils.Log("daemon started for network: " + network)
|
||||||
client := SetupMQTT(&cfg)
|
client := SetupMQTT(&cfg)
|
||||||
if cfg.DebugOn {
|
if cfg.DebugOn {
|
||||||
@@ -135,6 +136,7 @@ func MessageQueue(ctx context.Context, network string) {
|
|||||||
ncutils.Log(fmt.Sprintf("subscribed to peer updates for node %s peers/%s/%s", cfg.Node.Name, cfg.Node.Network, cfg.Node.ID))
|
ncutils.Log(fmt.Sprintf("subscribed to peer updates for node %s peers/%s/%s", cfg.Node.Name, cfg.Node.Network, cfg.Node.ID))
|
||||||
}
|
}
|
||||||
var id string
|
var id string
|
||||||
|
var found bool
|
||||||
for _, server := range cfg.NetworkSettings.DefaultServerAddrs {
|
for _, server := range cfg.NetworkSettings.DefaultServerAddrs {
|
||||||
if server.IsLeader {
|
if server.IsLeader {
|
||||||
id = server.ID
|
id = server.ID
|
||||||
@@ -144,13 +146,15 @@ func MessageQueue(ctx context.Context, network string) {
|
|||||||
ncutils.Log(token.Error().Error())
|
ncutils.Log(token.Error().Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
found = true
|
||||||
if cfg.DebugOn {
|
if cfg.DebugOn {
|
||||||
ncutils.Log("subscribed to server keepalives for server " + id)
|
ncutils.Log("subscribed to server keepalives for server " + id)
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
ncutils.Log("leader not defined for network" + cfg.Network)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if !found {
|
||||||
|
ncutils.Log("leader not defined for network " + cfg.Network)
|
||||||
|
}
|
||||||
defer client.Disconnect(250)
|
defer client.Disconnect(250)
|
||||||
go MonitorKeepalive(ctx, client, &cfg)
|
go MonitorKeepalive(ctx, client, &cfg)
|
||||||
go Checkin(ctx, &cfg, network)
|
go Checkin(ctx, &cfg, network)
|
||||||
@@ -239,7 +243,7 @@ func NodeUpdate(client mqtt.Client, msg mqtt.Message) {
|
|||||||
}
|
}
|
||||||
if ifaceDelta {
|
if ifaceDelta {
|
||||||
ncutils.Log("applying WG conf to " + file)
|
ncutils.Log("applying WG conf to " + file)
|
||||||
err = wireguard.ApplyWGQuickConf(file)
|
err = wireguard.ApplyWGQuickConf(file, cfg.Node.Interface)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ncutils.Log("error restarting wg after node update " + err.Error())
|
ncutils.Log("error restarting wg after node update " + err.Error())
|
||||||
return
|
return
|
||||||
@@ -334,10 +338,12 @@ func MonitorKeepalive(ctx context.Context, client mqtt.Client, cfg *config.Clien
|
|||||||
if time.Since(keepalive[id]) > time.Second*200 { // more than 3+ minutes
|
if time.Since(keepalive[id]) > time.Second*200 { // more than 3+ minutes
|
||||||
ncutils.Log("server keepalive not recieved in more than minutes, resubscribe to message queue")
|
ncutils.Log("server keepalive not recieved in more than minutes, resubscribe to message queue")
|
||||||
err := Resubscribe(client, cfg)
|
err := Resubscribe(client, cfg)
|
||||||
|
if err != nil {
|
||||||
ncutils.Log("closing " + err.Error())
|
ncutils.Log("closing " + err.Error())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServerKeepAlive -- handler to react to keepalive messages published by server
|
// ServerKeepAlive -- handler to react to keepalive messages published by server
|
||||||
@@ -384,7 +390,8 @@ func Resubscribe(client mqtt.Client, cfg *config.ClientConfig) error {
|
|||||||
ncutils.Log("subscribed to server keepalives for server " + id)
|
ncutils.Log("subscribed to server keepalives for server " + id)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
ncutils.Log("leader not defined for network" + cfg.Network)
|
log.Println(cfg.NetworkSettings.DefaultServerAddrs)
|
||||||
|
ncutils.Log("leader not defined for network " + cfg.Network)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
ncutils.Log("finished re subbing")
|
ncutils.Log("finished re subbing")
|
||||||
@@ -469,11 +476,11 @@ func Checkin(ctx context.Context, cfg *config.ClientConfig, network string) {
|
|||||||
// PublishNodeUpdates -- saves node and pushes changes to broker
|
// PublishNodeUpdates -- saves node and pushes changes to broker
|
||||||
func PublishNodeUpdate(cfg *config.ClientConfig) {
|
func PublishNodeUpdate(cfg *config.ClientConfig) {
|
||||||
if err := config.Write(cfg, cfg.Network); err != nil {
|
if err := config.Write(cfg, cfg.Network); err != nil {
|
||||||
ncutils.Log("error saving configuration" + err.Error())
|
ncutils.Log("error saving configuration: " + err.Error())
|
||||||
}
|
}
|
||||||
data, err := json.Marshal(cfg.Node)
|
data, err := json.Marshal(cfg.Node)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ncutils.Log("error marshling node update " + err.Error())
|
ncutils.Log("error marshling node update: " + err.Error())
|
||||||
}
|
}
|
||||||
if err = publish(cfg, fmt.Sprintf("update/%s", cfg.Node.ID), data); err != nil {
|
if err = publish(cfg, fmt.Sprintf("update/%s", cfg.Node.ID), data); err != nil {
|
||||||
ncutils.Log(fmt.Sprintf("error publishing endpoint update, %v", err))
|
ncutils.Log(fmt.Sprintf("error publishing endpoint update, %v", err))
|
||||||
|
@@ -1,6 +1,8 @@
|
|||||||
package ncutils
|
package ncutils
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"net"
|
||||||
|
|
||||||
"github.com/gravitl/netmaker/models"
|
"github.com/gravitl/netmaker/models"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -67,3 +69,17 @@ func StringSliceContains(slice []string, item string) bool {
|
|||||||
}
|
}
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IfaceExists - return true if you can find the iface
|
||||||
|
func IfaceExists(ifacename string) bool {
|
||||||
|
localnets, err := net.Interfaces()
|
||||||
|
if err != nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
for _, localnet := range localnets {
|
||||||
|
if ifacename == localnet.Name {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
@@ -28,7 +28,7 @@ func InitWindows() {
|
|||||||
log.Println("failed to find netclient.exe")
|
log.Println("failed to find netclient.exe")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0644); err != nil {
|
if err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0600); err != nil {
|
||||||
log.Println("failed to copy netclient.exe to", ncutils.GetNetclientPath())
|
log.Println("failed to copy netclient.exe to", ncutils.GetNetclientPath())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@@ -277,7 +277,7 @@ func ApplyConf(node models.Node, ifacename string, confPath string) error {
|
|||||||
case "darwin":
|
case "darwin":
|
||||||
_ = ApplyMacOSConf(node, ifacename, confPath)
|
_ = ApplyMacOSConf(node, ifacename, confPath)
|
||||||
default:
|
default:
|
||||||
err = ApplyWGQuickConf(confPath)
|
err = ApplyWGQuickConf(confPath, ifacename)
|
||||||
}
|
}
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@@ -99,7 +99,7 @@ func addInterface(iface string) (string, error) {
|
|||||||
realIface, err := ncutils.GetNewIface("/var/run/wireguard/")
|
realIface, err := ncutils.GetNewIface("/var/run/wireguard/")
|
||||||
if iface != "" && err == nil {
|
if iface != "" && err == nil {
|
||||||
ifacePath := "/var/run/wireguard/" + iface + ".name"
|
ifacePath := "/var/run/wireguard/" + iface + ".name"
|
||||||
err = os.WriteFile(ifacePath, []byte(realIface), 0644)
|
err = os.WriteFile(ifacePath, []byte(realIface), 0600)
|
||||||
}
|
}
|
||||||
return realIface, err
|
return realIface, err
|
||||||
}
|
}
|
||||||
@@ -210,7 +210,7 @@ func addRoute(addr string, iface string) error {
|
|||||||
// setConfig - sets configuration of the wireguard interface from the config file
|
// setConfig - sets configuration of the wireguard interface from the config file
|
||||||
func setConfig(realIface string, confPath string) error {
|
func setConfig(realIface string, confPath string) error {
|
||||||
confString := getConfig(confPath)
|
confString := getConfig(confPath)
|
||||||
err := os.WriteFile(confPath+".tmp", []byte(confString), 0644)
|
err := os.WriteFile(confPath+".tmp", []byte(confString), 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@@ -52,20 +52,17 @@ func SetWGKeyConfig(network string, serveraddr string) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// ApplyWGQuickConf - applies wg-quick commands if os supports
|
// ApplyWGQuickConf - applies wg-quick commands if os supports
|
||||||
func ApplyWGQuickConf(confPath string) error {
|
func ApplyWGQuickConf(confPath string, ifacename string) error {
|
||||||
_, err := os.Stat(confPath)
|
_, err := os.Stat(confPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ncutils.Log(confPath + " does not exist " + err.Error())
|
ncutils.Log(confPath + " does not exist " + err.Error())
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
_, err = ncutils.RunCmd("wg-quick down "+confPath, true)
|
if ncutils.IfaceExists(ifacename) {
|
||||||
if err != nil {
|
ncutils.RunCmd("wg-quick down "+confPath, true)
|
||||||
ncutils.Log("err running wg-quick down " + confPath + ": " + err.Error())
|
|
||||||
}
|
}
|
||||||
_, err = ncutils.RunCmd("wg-quick up "+confPath, true)
|
_, err = ncutils.RunCmd("wg-quick up "+confPath, true)
|
||||||
if err != nil {
|
|
||||||
ncutils.Log("err runinng wg-quick up " + confPath + ": " + err.Error())
|
|
||||||
}
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -90,7 +87,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
|
|||||||
}
|
}
|
||||||
regex := regexp.MustCompile(".*Warning.*\n")
|
regex := regexp.MustCompile(".*Warning.*\n")
|
||||||
conf := regex.ReplaceAllString(confRaw, "")
|
conf := regex.ReplaceAllString(confRaw, "")
|
||||||
err = os.WriteFile(tmpConf, []byte(conf), 0644)
|
err = os.WriteFile(tmpConf, []byte(conf), 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@@ -98,7 +95,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
log.Println(err.Error())
|
log.Println(err.Error())
|
||||||
ncutils.Log("error syncing conf, resetting")
|
ncutils.Log("error syncing conf, resetting")
|
||||||
err = ApplyWGQuickConf(confPath)
|
err = ApplyWGQuickConf(confPath, iface)
|
||||||
}
|
}
|
||||||
errN := os.Remove(tmpConf)
|
errN := os.Remove(tmpConf)
|
||||||
if errN != nil {
|
if errN != nil {
|
||||||
@@ -117,7 +114,7 @@ func RemoveWGQuickConf(confPath string, printlog bool) error {
|
|||||||
func StorePrivKey(key string, network string) error {
|
func StorePrivKey(key string, network string) error {
|
||||||
var err error
|
var err error
|
||||||
d1 := []byte(key)
|
d1 := []byte(key)
|
||||||
err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0644)
|
err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0600)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user