diff --git a/config/config.go b/config/config.go index a9637c50..5fc99133 100644 --- a/config/config.go +++ b/config/config.go @@ -36,10 +36,13 @@ type EnvironmentConfig struct { // ServerConfig : type ServerConfig struct { + APIConnString string `yaml:"apiconn"` APIHost string `yaml:"apihost"` APIPort string `yaml:"apiport"` + GRPCConnString string `yaml:"grpcconn"` GRPCHost string `yaml:"grpchost"` GRPCPort string `yaml:"grpcport"` + GRPCSecure string `yaml:"grpcsecure"` DefaultNodeLimit int32 `yaml:"defaultnodelimit"` MasterKey string `yaml:"masterkey"` AllowedOrigin string `yaml:"allowedorigin"` @@ -48,6 +51,8 @@ type ServerConfig struct { ClientMode string `yaml:"clientmode"` DNSMode string `yaml:"dnsmode"` DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` + DisableDefaultNet string `yaml:"disabledefaultnet"` + GRPCSSL string `yaml:"grpcssl"` } type WG struct { diff --git a/controllers/authGrpc.go b/controllers/authGrpc.go index 0686c4f4..b7344675 100644 --- a/controllers/authGrpc.go +++ b/controllers/authGrpc.go @@ -84,7 +84,7 @@ func grpcAuthorize(ctx context.Context) error { } emptynode := models.Node{} node, err := functions.GetNodeByMacAddress(network, mac) - if err != nil || node == emptynode { + if err != nil || node.MacAddress == emptynode.MacAddress { return status.Errorf(codes.Unauthenticated, "Node does not exist.") } diff --git a/controllers/networkHttpController.go b/controllers/networkHttpController.go index 69a60f3e..3516806d 100644 --- a/controllers/networkHttpController.go +++ b/controllers/networkHttpController.go @@ -6,11 +6,10 @@ import ( "encoding/json" "errors" "fmt" - "net" "net/http" "strings" "time" - + "github.com/jinzhu/copier" "github.com/go-playground/validator/v10" "github.com/gorilla/mux" "github.com/gravitl/netmaker/functions" @@ -194,13 +193,14 @@ func ValidateNetworkCreate(network models.Network) error { // _ = v.RegisterValidation("netid_valid", func(fl validator.FieldLevel) bool { isFieldUnique, _ := functions.IsNetworkNameUnique(fl.Field().String()) - // inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) - return isFieldUnique + inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) + return isFieldUnique && inCharSet }) // - _ = v.RegisterValidation("displayname_unique", func(fl validator.FieldLevel) bool { + _ = v.RegisterValidation("displayname_valid", func(fl validator.FieldLevel) bool { isFieldUnique, _ := functions.IsNetworkDisplayNameUnique(fl.Field().String()) - return isFieldUnique + inCharSet := functions.NameInNetworkCharSet(fl.Field().String()) + return isFieldUnique && inCharSet }) err := v.Struct(network) @@ -677,12 +677,28 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models } netID := network.NetID - grpcaddress := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort()) - apiaddress := net.JoinHostPort(servercfg.GetAPIHost(), servercfg.GetAPIPort()) - wgport := servercfg.GetGRPCWGPort() - accessstringdec := wgport + "|" +grpcaddress + "|" + apiaddress + "|" + netID + "|" + accesskey.Value + "|" + privAddr - accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec)) + var accessToken models.AccessToken + var tokensrvcfg models.ServerConfig + var tokenwgcfg models.WG + srvcfg := servercfg.GetServerConfig() + wgcfg := servercfg.GetWGConfig() + copier.Copy(tokensrvcfg, srvcfg) + copier.Copy(tokenwgcfg, wgcfg) + + accessToken.ServerConfig = tokensrvcfg + accessToken.WG = tokenwgcfg + accessToken.ClientConfig.Network = netID + accessToken.ClientConfig.Key = accesskey.Value + accessToken.ClientConfig.LocalRange = privAddr + + tokenjson, err := json.Marshal(accessToken) + if err != nil { + return accesskey, err + } + + accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson)) + //validate accesskey v := validator.New() err = v.Struct(accesskey) @@ -716,10 +732,23 @@ func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models func GetSignupToken(netID string) (models.AccessKey, error) { var accesskey models.AccessKey - address := net.JoinHostPort(servercfg.GetGRPCHost(), servercfg.GetGRPCPort()) + var accessToken models.AccessToken + var tokensrvcfg models.ServerConfig + var tokenwgcfg models.WG + srvcfg := servercfg.GetServerConfig() + wgcfg := servercfg.GetWGConfig() + copier.Copy(tokensrvcfg, srvcfg) + copier.Copy(tokenwgcfg, wgcfg) - accessstringdec := address + "|" + netID + "|" + "" + "|" - accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(accessstringdec)) + accessToken.ServerConfig = tokensrvcfg + accessToken.WG = tokenwgcfg + + tokenjson, err := json.Marshal(accessToken) + if err != nil { + return accesskey, err + } + + accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson)) return accesskey, nil } func getSignupToken(w http.ResponseWriter, r *http.Request) { diff --git a/controllers/nodeHttpController.go b/controllers/nodeHttpController.go index 149f5299..d2e7defa 100644 --- a/controllers/nodeHttpController.go +++ b/controllers/nodeHttpController.go @@ -612,7 +612,7 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro {"postup", nodechange.PostUp}, {"postdown", nodechange.PostDown}, {"isegressgateway", nodechange.IsEgressGateway}, - {"egressgatewayrange", nodechange.EgressGatewayRange}, + {"egressgatewayranges", nodechange.EgressGatewayRanges}, {"lastmodified", nodechange.LastModified}, }}, } @@ -636,10 +636,10 @@ func CreateEgressGateway(gateway models.EgressGatewayRequest) (models.Node, erro func ValidateEgressGateway(gateway models.EgressGatewayRequest) error { var err error - isIp := functions.IsIpCIDR(gateway.RangeString) - empty := gateway.RangeString == "" - if empty || !isIp { - err = errors.New("IP Range Not Valid") + //isIp := functions.IsIpCIDR(gateway.RangeString) + empty := len(gateway.Ranges)==0 + if empty { + err = errors.New("IP Ranges Cannot Be Empty") } empty = gateway.Interface == "" if empty { @@ -670,7 +670,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) { } nodechange.IsEgressGateway = false - nodechange.EgressGatewayRange = "" + nodechange.EgressGatewayRanges = []string{} nodechange.PostUp = "" nodechange.PostDown = "" @@ -685,7 +685,7 @@ func DeleteEgressGateway(network, macaddress string) (models.Node, error) { {"postup", nodechange.PostUp}, {"postdown", nodechange.PostDown}, {"isegressgateway", nodechange.IsEgressGateway}, - {"egressgatewayrange", nodechange.EgressGatewayRange}, + {"egressgatewayranges", nodechange.EgressGatewayRanges}, {"lastmodified", nodechange.LastModified}, }}, } diff --git a/functions/helpers.go b/functions/helpers.go index b2c9215f..989e2734 100644 --- a/functions/helpers.go +++ b/functions/helpers.go @@ -555,7 +555,7 @@ func GetNodeObj(id primitive.ObjectID) models.Node { //Switch to REGEX? func NameInNetworkCharSet(name string) bool { - charset := "abcdefghijklmnopqrstuvwxyz1234567890-_" + charset := "abcdefghijklmnopqrstuvwxyz1234567890-_." for _, char := range name { if !strings.Contains(charset, strings.ToLower(string(char))) { diff --git a/go.mod b/go.mod index 491144b0..ac53d081 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/gorilla/handlers v1.5.1 github.com/gorilla/mux v1.8.0 + github.com/jinzhu/copier v0.3.2 // indirect github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect github.com/stretchr/testify v1.6.1 github.com/txn2/txeh v1.3.0 diff --git a/go.sum b/go.sum index bdf66065..abe0fb5d 100644 --- a/go.sum +++ b/go.sum @@ -93,6 +93,8 @@ github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jinzhu/copier v0.3.2 h1:QdBOCbaouLDYaIPFfi1bKv5F5tPpeTwXe4sD0jqtz5w= +github.com/jinzhu/copier v0.3.2/go.mod h1:24xnZezI2Yqac9J61UC6/dG/k76ttpq0DdJI3QmUvro= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= diff --git a/main.go b/main.go index 9296be0b..1e2b8c19 100644 --- a/main.go +++ b/main.go @@ -146,9 +146,12 @@ func runGRPC(wg *sync.WaitGroup, installserver bool) { log.Println("Agent Server succesfully started on port " + grpcport + " (gRPC)") if installserver { - log.Println("Adding server to default network") - success, err := serverctl.AddNetwork("default") - if err != nil { + success := true + if !servercfg.DisableDefaultNet() { + log.Println("Adding server to default network") + success, err = serverctl.AddNetwork("default") + } + if err != nil { log.Printf("Error adding to default network: %v", err) log.Println("Unable to add server to network. Continuing.") log.Println("Please investigate client installation on server.") diff --git a/models/accessToken.go b/models/accessToken.go new file mode 100644 index 00000000..04ca5baf --- /dev/null +++ b/models/accessToken.go @@ -0,0 +1,31 @@ +package models + +type AccessToken struct { + ServerConfig + ClientConfig + WG +} + +type ClientConfig struct { + Network string `json:"network"` + Key string `json:"key"` + LocalRange string `json:"localrange"` +} + +type ServerConfig struct { + APIConnString string `json:"apiconn"` + APIHost string `json:"apihost"` + APIPort string `json:"apiport"` + GRPCConnString string `json:"grpcconn"` + GRPCHost string `json:"grpchost"` + GRPCPort string `json:"grpcport"` + GRPCSSL string `json:"grpcssl"` +} + +type WG struct { + GRPCWireGuard string `json:"grpcwg"` + GRPCWGAddress string `json:"grpcaddr"` + GRPCWGPort string `json:"grpcport"` + GRPCWGPubKey string `json:"pubkey"` + GRPCWGEndpoint string `json:"endpoint"` +} diff --git a/models/network.go b/models/network.go index 9158a234..7f5a9c3a 100644 --- a/models/network.go +++ b/models/network.go @@ -16,8 +16,8 @@ type Network struct { // AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"` AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"addressrange6_valid"` //can't have min=1 with omitempty - DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20,displayname_unique"` - NetID string `json:"netid" bson:"netid" validate:"required,alphanum,min=1,max=12,netid_valid"` + DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,min=1,max=20,displayname_valid"` + NetID string `json:"netid" bson:"netid" validate:"required,min=1,max=12,netid_valid"` NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"` NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"` DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"` @@ -47,8 +47,8 @@ type NetworkUpdate struct { // AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"required_with=isdualstack true,cidrv6"` AddressRange6 string `json:"addressrange6" bson:"addressrange6" validate:"omitempty,cidr"` //can't have min=1 with omitempty - DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,alphanum,min=2,max=20"` - NetID string `json:"netid" bson:"netid" validate:"omitempty,alphanum,min=1,max=12"` + DisplayName string `json:"displayname,omitempty" bson:"displayname,omitempty" validate:"omitempty,validnetid,min=1,max=20"` + NetID string `json:"netid" bson:"netid" validate:"omitempty,validnetid,min=1,max=15"` NodesLastModified int64 `json:"nodeslastmodified" bson:"nodeslastmodified"` NetworkLastModified int64 `json:"networklastmodified" bson:"networklastmodified"` DefaultInterface string `json:"defaultinterface" bson:"defaultinterface"` @@ -86,7 +86,11 @@ func (network *Network) SetDefaults() { network.DisplayName = network.NetID } if network.DefaultInterface == "" { - network.DefaultInterface = "nm-" + network.NetID + if len(network.NetID) < 13 { + network.DefaultInterface = "nm-" + network.NetID + } else { + network.DefaultInterface = network.NetID + } } if network.DefaultListenPort == 0 { network.DefaultListenPort = 51821 diff --git a/models/node.go b/models/node.go index 14dff64a..14180be7 100644 --- a/models/node.go +++ b/models/node.go @@ -28,7 +28,7 @@ type Node struct { Endpoint string `json:"endpoint" bson:"endpoint" validate:"required,ip"` PostUp string `json:"postup" bson:"postup"` PostDown string `json:"postdown" bson:"postdown"` - AllowedIPs string `json:"allowedips" bson:"allowedips"` + AllowedIPs []string `json:"allowedips" bson:"allowedips"` PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"` SaveConfig *bool `json:"saveconfig" bson:"saveconfig"` AccessKey string `json:"accesskey" bson:"accesskey"` @@ -48,6 +48,8 @@ type Node struct { EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"` PostChanges string `json:"postchanges" bson:"postchanges"` + StaticIP string `json:"staticip" bson:"staticip"` + StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"` } //node update struct --- only validations are different @@ -62,7 +64,7 @@ type NodeUpdate struct { Endpoint string `json:"endpoint" bson:"endpoint" validate:"omitempty,ip"` PostUp string `json:"postup" bson:"postup"` PostDown string `json:"postdown" bson:"postdown"` - AllowedIPs string `json:"allowedips" bson:"allowedips"` + AllowedIPs []string `json:"allowedips" bson:"allowedips"` PersistentKeepalive int32 `json:"persistentkeepalive" bson:"persistentkeepalive" validate:"omitempty,numeric,max=1000"` SaveConfig *bool `json:"saveconfig" bson:"saveconfig"` AccessKey string `json:"accesskey" bson:"accesskey"` @@ -80,8 +82,10 @@ type NodeUpdate struct { IsIngressGateway bool `json:"isingressgateway" bson:"isingressgateway"` IsEgressGateway bool `json:"isegressgateway" bson:"isegressgateway"` IngressGatewayRange string `json:"ingressgatewayrange" bson:"ingressgatewayrange"` - EgressGatewayRange string `json:"gatewayrange" bson:"gatewayrange"` + EgressGatewayRanges []string `json:"egressgatewayranges" bson:"egressgatewayranges"` PostChanges string `json:"postchanges" bson:"postchanges"` + StaticIP string `json:"staticip" bson:"staticip"` + StaticPubKey string `json:"staticpubkey" bson:"staticpubkey"` } //Duplicated function for NodeUpdates @@ -191,6 +195,13 @@ func (node *Node) SetDefaults() { postup := parentNetwork.DefaultPostUp node.PostUp = postup } + if node.StaticIP == "" { + node.StaticIP = "no" + } + if node.StaticPubKey == "" { + node.StaticPubKey = "no" + } + node.CheckInInterval = parentNetwork.DefaultCheckInInterval } diff --git a/netclient/config/config.go b/netclient/config/config.go index 37c20790..386565ca 100644 --- a/netclient/config/config.go +++ b/netclient/config/config.go @@ -6,10 +6,9 @@ import ( "os" "encoding/base64" "errors" - "strings" "fmt" - "net" "log" + "encoding/json" "gopkg.in/yaml.v3" nodepb "github.com/gravitl/netmaker/grpc" "github.com/gravitl/netmaker/models" @@ -29,6 +28,8 @@ type ServerConfig struct { GRPCAddress string `yaml:"grpcaddress"` APIAddress string `yaml:"apiaddress"` AccessKey string `yaml:"accesskey"` + GRPCSSL string `yaml:"grpcssl"` + GRPCWireGuard string `yaml:"grpcwg"` } type ListConfig struct { @@ -53,16 +54,19 @@ type NodeConfig struct { IsLocal string `yaml:"islocal"` IsDualStack string `yaml:"isdualstack"` IsIngressGateway string `yaml:"isingressgateway"` - AllowedIPs string `yaml:"allowedips"` + AllowedIPs []string `yaml:"allowedips"` LocalRange string `yaml:"localrange"` PostUp string `yaml:"postup"` PostDown string `yaml:"postdown"` Port int32 `yaml:"port"` KeepAlive int32 `yaml:"keepalive"` PublicKey string `yaml:"publickey"` + ServerPubKey string `yaml:"serverpubkey"` PrivateKey string `yaml:"privatekey"` Endpoint string `yaml:"endpoint"` PostChanges string `yaml:"postchanges"` + StaticIP string `yaml:"staticip"` + StaticPubKey string `yaml:"staticpubkey"` IPForwarding string `yaml:"ipforwarding"` } @@ -375,16 +379,34 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ log.Println("error decoding token") return cfg, err } - token := string(tokenbytes) - tokenvals := strings.Split(token, "|") - - cfg.Server.GRPCAddress = tokenvals[1] - cfg.Network = tokenvals[3] - cfg.Node.Network = tokenvals[3] - cfg.Server.AccessKey = tokenvals[4] - if len(tokenvals) > 4 { - cfg.Node.LocalRange = tokenvals[5] + var accesstoken models.AccessToken + if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { + log.Println("error converting token json to object", tokenbytes ) + return cfg, err } + + if accesstoken.ServerConfig.APIConnString != "" { + cfg.Server.APIAddress = accesstoken.ServerConfig.APIConnString + } else { + cfg.Server.APIAddress = accesstoken.ServerConfig.APIHost + if accesstoken.ServerConfig.APIPort != "" { + cfg.Server.APIAddress = cfg.Server.APIAddress + ":" + accesstoken.ServerConfig.APIPort + } + } + if accesstoken.ServerConfig.GRPCConnString != "" { + cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCConnString + } else { + cfg.Server.GRPCAddress = accesstoken.ServerConfig.GRPCHost + if accesstoken.ServerConfig.GRPCPort != "" { + cfg.Server.GRPCAddress = cfg.Server.GRPCAddress + ":" + accesstoken.ServerConfig.GRPCPort + } + } + cfg.Network = accesstoken.ClientConfig.Network + cfg.Node.Network = accesstoken.ClientConfig.Network + cfg.Server.AccessKey = accesstoken.ClientConfig.Key + cfg.Node.LocalRange = accesstoken.ClientConfig.LocalRange + cfg.Server.GRPCSSL = accesstoken.ServerConfig.GRPCSSL + cfg.Server.GRPCWireGuard = accesstoken.WG.GRPCWireGuard if c.String("grpcserver") != "" { cfg.Server.GRPCAddress = c.String("grpcserver") } @@ -401,6 +423,13 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ if c.String("localrange") != "" { cfg.Node.LocalRange = c.String("localrange") } + if c.String("grpcssl") != "" { + cfg.Server.GRPCSSL = c.String("grpcssl") + } + if c.String("grpcwg") != "" { + cfg.Server.GRPCWireGuard = c.String("grpcwg") + } + } else { cfg.Server.GRPCAddress = c.String("grpcserver") cfg.Server.APIAddress = c.String("apiserver") @@ -408,6 +437,8 @@ func GetCLIConfig(c *cli.Context) (ClientConfig, error){ cfg.Network = c.String("network") cfg.Node.Network = c.String("network") cfg.Node.LocalRange = c.String("localrange") + cfg.Server.GRPCWireGuard = c.String("grpcwg") + cfg.Server.GRPCSSL = c.String("grpcssl") } cfg.Node.Name = c.String("name") cfg.Node.Interface = c.String("interface") @@ -442,22 +473,32 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){ log.Println("error decoding token") return cfg, err } - token := string(tokenbytes) - tokenvals := strings.Split(token, "|") - - cfg.Client.ServerPrivateAddress, cfg.Client.ServerGRPCPort, err = net.SplitHostPort(tokenvals[1]) + var accesstoken models.AccessToken + if err := json.Unmarshal(tokenbytes, &accesstoken); err != nil { + log.Println("error converting token json to object", tokenbytes ) + return cfg, err + } + cfg.Client.ServerPrivateAddress = accesstoken.WG.GRPCWGAddress + cfg.Client.ServerGRPCPort = accesstoken.WG.GRPCWGPort if err != nil { log.Println("error decoding token grpcserver") return cfg, err } - cfg.Client.ServerPublicEndpoint, cfg.Client.ServerAPIPort, err = net.SplitHostPort(tokenvals[2]) - if err != nil { - log.Println("error decoding token apiserver") - return cfg, err - } - - cfg.Client.ServerWGPort = tokenvals[0] - cfg.Client.ServerKey = tokenvals[4] + if err != nil { + log.Println("error decoding token apiserver") + return cfg, err + } + if accesstoken.ServerConfig.APIConnString != "" { + cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIConnString + } else { + cfg.Client.ServerPublicEndpoint = accesstoken.ServerConfig.APIHost + if accesstoken.ServerConfig.APIPort != "" { + cfg.Client.ServerAPIPort = accesstoken.ServerConfig.APIPort + } + } + cfg.Client.ServerWGPort = accesstoken.WG.GRPCWGPort + cfg.Client.ServerKey = accesstoken.ClientConfig.Key + cfg.Client.ServerKey = accesstoken.WG.GRPCWGPubKey if c.String("grpcserver") != "" { cfg.Client.ServerPrivateAddress = c.String("grpcserver") @@ -465,8 +506,8 @@ func GetCLIConfigRegister(c *cli.Context) (GlobalConfig, error){ if c.String("apiserver") != "" { cfg.Client.ServerPublicEndpoint = c.String("apiserver") } - if c.String("key") != "" { - cfg.Client.ServerKey = c.String("key") + if c.String("pubkey") != "" { + cfg.Client.ServerKey = c.String("pubkey") } if c.String("network") != "all" { cfg.Client.Network = c.String("network") diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index 5d780058..a587000c 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -19,8 +19,10 @@ func SetHost() error { } func GetServerConfig() config.ServerConfig { var cfg config.ServerConfig + cfg.APIConnString = GetAPIConnString() cfg.APIHost = GetAPIHost() cfg.APIPort = GetAPIPort() + cfg.GRPCConnString = GetGRPCConnString() cfg.GRPCHost = GetGRPCHost() cfg.GRPCPort = GetGRPCPort() cfg.MasterKey = "(hidden)" @@ -41,10 +43,18 @@ func GetServerConfig() config.ServerConfig { if IsDNSMode() { cfg.DNSMode = "on" } + cfg.GRPCSSL = "off" + if IsGRPCSSL() { + cfg.GRPCSSL = "on" + } cfg.DisableRemoteIPCheck = "off" if DisableRemoteIPCheck() { cfg.DisableRemoteIPCheck = "on" } + cfg.DisableDefaultNet = "off" + if DisableDefaultNet() { + cfg.DisableRemoteIPCheck = "on" + } return cfg } @@ -63,7 +73,15 @@ func GetWGConfig() config.WG{ cfg.GRPCWGPrivKey = GetGRPCWGPrivKey() return cfg } - +func GetAPIConnString() string { + conn := "" + if os.Getenv("SERVER_API_CONN_STRING") != "" { + conn = os.Getenv("SERVER_API_CONN_STRING") + } else if config.Config.Server.APIConnString != "" { + conn = config.Config.Server.APIConnString + } + return conn +} func GetAPIHost() string { serverhost := "127.0.0.1" if os.Getenv("SERVER_HTTP_HOST") != "" { @@ -101,6 +119,15 @@ func GetDefaultNodeLimit() int32 { } return limit } +func GetGRPCConnString() string { + conn := "" + if os.Getenv("SERVER_GRPC_CONN_STRING") != "" { + conn = os.Getenv("SERVER_GRPC_CONN_STRING") + } else if config.Config.Server.GRPCConnString != "" { + conn = config.Config.Server.GRPCConnString + } + return conn +} func GetGRPCHost() string { serverhost := "127.0.0.1" @@ -201,6 +228,21 @@ func IsDNSMode() bool { } return isdns } + +func IsGRPCSSL() bool { + isssl := false + if os.Getenv("GRPC_SSL") != "" { + if os.Getenv("GRPC_SSL") == "on" { + isssl = true + } + } else if config.Config.Server.DNSMode != "" { + if config.Config.Server.DNSMode == "on" { + isssl = true + } + } + return isssl +} + func DisableRemoteIPCheck() bool { disabled := false if os.Getenv("DISABLE_REMOTE_IP_CHECK") != "" { @@ -214,6 +256,19 @@ func DisableRemoteIPCheck() bool { } return disabled } +func DisableDefaultNet() bool { + disabled := false + if os.Getenv("DISABLE_DEFAULT_NET") != "" { + if os.Getenv("DISABLE_DEFAULT_NET") == "on" { + disabled = true + } + } else if config.Config.Server.DisableDefaultNet != "" { + if config.Config.Server.DisableDefaultNet == "on" { + disabled= true + } + } + return disabled +} func GetPublicIP() (string, error) { endpoint := ""