diff --git a/compose/docker-compose-emqx.yml b/compose/docker-compose-emqx.yml index c9e8c4dc..fe892205 100644 --- a/compose/docker-compose-emqx.yml +++ b/compose/docker-compose-emqx.yml @@ -30,6 +30,7 @@ services: VERBOSITY: "1" MQ_PASSWORD: "REPLACE_MQ_PASSWORD" MQ_USERNAME: "REPLACE_MQ_USERNAME" + DEFAULT_PROXY_MODE: "auto" ports: - "3478:3478/udp" netmaker-ui: diff --git a/compose/docker-compose.ee.yml b/compose/docker-compose.ee.yml index 524f8266..9c5cc3fb 100644 --- a/compose/docker-compose.ee.yml +++ b/compose/docker-compose.ee.yml @@ -33,6 +33,7 @@ services: METRICS_EXPORTER: "on" LICENSE_KEY: "YOUR_LICENSE_KEY" NETMAKER_ACCOUNT_ID: "YOUR_ACCOUNT_ID" + DEFAULT_PROXY_MODE: "auto" ports: - "3478:3478/udp" netmaker-ui: diff --git a/compose/docker-compose.reference.yml b/compose/docker-compose.reference.yml index a67c2335..77cab1ce 100644 --- a/compose/docker-compose.reference.yml +++ b/compose/docker-compose.reference.yml @@ -38,6 +38,7 @@ services: FRONTEND_URL: "" # "https://dashboard." AZURE_TENANT: "" # "" OIDC_ISSUER: "" # https://oidc.yourprovider.com - URL of oidc provider + DEFAULT_PROXY_MODE: "auto" # if ON, all new clients will enable proxy by default if OFF, all new clients will disable proxy by default, if AUTO, stick with the existing logic for NAT detection ports: - "3478:3478/udp" # the stun port netmaker-ui: # The Netmaker UI Component diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index 7d52404a..9b1d7b49 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -28,6 +28,7 @@ services: MQ_PASSWORD: "REPLACE_MQ_PASSWORD" MQ_USERNAME: "REPLACE_MQ_USERNAME" STUN_PORT: "3478" + DEFAULT_PROXY_MODE: "auto" ports: - "3478:3478/udp" netmaker-ui: diff --git a/config/config.go b/config/config.go index da3c52ca..89979410 100644 --- a/config/config.go +++ b/config/config.go @@ -32,48 +32,55 @@ type EnvironmentConfig struct { // ServerConfig - server conf struct type ServerConfig struct { - CoreDNSAddr string `yaml:"corednsaddr"` - APIConnString string `yaml:"apiconn"` - APIHost string `yaml:"apihost"` - APIPort string `yaml:"apiport"` - Broker string `yam:"broker"` - ServerBrokerEndpoint string `yaml:"serverbrokerendpoint"` - BrokerType string `yaml:"brokertype"` - EmqxRestEndpoint string `yaml:"emqxrestendpoint"` - MasterKey string `yaml:"masterkey"` - DNSKey string `yaml:"dnskey"` - AllowedOrigin string `yaml:"allowedorigin"` - NodeID string `yaml:"nodeid"` - RestBackend string `yaml:"restbackend"` - MessageQueueBackend string `yaml:"messagequeuebackend"` - DNSMode string `yaml:"dnsmode"` - DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` - Version string `yaml:"version"` - SQLConn string `yaml:"sqlconn"` - Platform string `yaml:"platform"` - Database string `yaml:"database"` - Verbosity int32 `yaml:"verbosity"` - AuthProvider string `yaml:"authprovider"` - OIDCIssuer string `yaml:"oidcissuer"` - ClientID string `yaml:"clientid"` - ClientSecret string `yaml:"clientsecret"` - FrontendURL string `yaml:"frontendurl"` - DisplayKeys string `yaml:"displaykeys"` - AzureTenant string `yaml:"azuretenant"` - Telemetry string `yaml:"telemetry"` - HostNetwork string `yaml:"hostnetwork"` - Server string `yaml:"server"` - PublicIPService string `yaml:"publicipservice"` - MQPassword string `yaml:"mqpassword"` - MQUserName string `yaml:"mqusername"` - MetricsExporter string `yaml:"metrics_exporter"` - BasicAuth string `yaml:"basic_auth"` - LicenseValue string `yaml:"license_value"` - NetmakerAccountID string `yaml:"netmaker_account_id"` - IsEE string `yaml:"is_ee"` - StunPort int `yaml:"stun_port"` - StunList string `yaml:"stun_list"` - Proxy string `yaml:"proxy"` + CoreDNSAddr string `yaml:"corednsaddr"` + APIConnString string `yaml:"apiconn"` + APIHost string `yaml:"apihost"` + APIPort string `yaml:"apiport"` + Broker string `yam:"broker"` + ServerBrokerEndpoint string `yaml:"serverbrokerendpoint"` + BrokerType string `yaml:"brokertype"` + EmqxRestEndpoint string `yaml:"emqxrestendpoint"` + MasterKey string `yaml:"masterkey"` + DNSKey string `yaml:"dnskey"` + AllowedOrigin string `yaml:"allowedorigin"` + NodeID string `yaml:"nodeid"` + RestBackend string `yaml:"restbackend"` + MessageQueueBackend string `yaml:"messagequeuebackend"` + DNSMode string `yaml:"dnsmode"` + DisableRemoteIPCheck string `yaml:"disableremoteipcheck"` + Version string `yaml:"version"` + SQLConn string `yaml:"sqlconn"` + Platform string `yaml:"platform"` + Database string `yaml:"database"` + Verbosity int32 `yaml:"verbosity"` + AuthProvider string `yaml:"authprovider"` + OIDCIssuer string `yaml:"oidcissuer"` + ClientID string `yaml:"clientid"` + ClientSecret string `yaml:"clientsecret"` + FrontendURL string `yaml:"frontendurl"` + DisplayKeys string `yaml:"displaykeys"` + AzureTenant string `yaml:"azuretenant"` + Telemetry string `yaml:"telemetry"` + HostNetwork string `yaml:"hostnetwork"` + Server string `yaml:"server"` + PublicIPService string `yaml:"publicipservice"` + MQPassword string `yaml:"mqpassword"` + MQUserName string `yaml:"mqusername"` + MetricsExporter string `yaml:"metrics_exporter"` + BasicAuth string `yaml:"basic_auth"` + LicenseValue string `yaml:"license_value"` + NetmakerAccountID string `yaml:"netmaker_account_id"` + IsEE string `yaml:"is_ee"` + StunPort int `yaml:"stun_port"` + StunList string `yaml:"stun_list"` + Proxy string `yaml:"proxy"` + DefaultProxyMode ProxyMode `yaml:"defaultproxymode"` +} + +// ProxyMode - default proxy mode for server +type ProxyMode struct { + Set bool + Value bool } // SQLConfig - Generic SQL Config diff --git a/logic/hosts.go b/logic/hosts.go index d220d445..19feda1a 100644 --- a/logic/hosts.go +++ b/logic/hosts.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "fmt" + "log" "github.com/google/uuid" "github.com/gravitl/netmaker/database" @@ -96,6 +97,15 @@ func CreateHost(h *models.Host) error { return err } h.HostPass = string(hash) + // if another server has already updated proxyenabled, leave it alone + if !h.ProxyEnabledSet { + log.Println("checking default proxy", servercfg.GetServerConfig().DefaultProxyMode) + if servercfg.GetServerConfig().DefaultProxyMode.Set { + h.ProxyEnabledSet = true + h.ProxyEnabled = servercfg.GetServerConfig().DefaultProxyMode.Value + log.Println("set proxy enabled to ", h.ProxyEnabled) + } + } checkForZombieHosts(h) return UpsertHost(h) } diff --git a/models/host.go b/models/host.go index 86991198..35783440 100644 --- a/models/host.go +++ b/models/host.go @@ -40,6 +40,7 @@ type Host struct { DefaultInterface string `json:"defaultinterface" yaml:"defautlinterface"` EndpointIP net.IP `json:"endpointip" yaml:"endpointip"` ProxyEnabled bool `json:"proxy_enabled" yaml:"proxy_enabled"` + ProxyEnabledSet bool `json:"proxy_enabled_updated" yaml:"proxy_enabled_updated"` IsDocker bool `json:"isdocker" yaml:"isdocker"` IsK8S bool `json:"isk8s" yaml:"isk8s"` IsStatic bool `json:"isstatic" yaml:"isstatic"` diff --git a/servercfg/serverconf.go b/servercfg/serverconf.go index 5f06a9f4..c59253d9 100644 --- a/servercfg/serverconf.go +++ b/servercfg/serverconf.go @@ -79,6 +79,7 @@ func GetServerConfig() config.ServerConfig { if Is_EE { cfg.IsEE = "yes" } + cfg.DefaultProxyMode = GetDefaultProxyMode() return cfg } @@ -636,6 +637,32 @@ func IsProxyEnabled() bool { return enabled } +// GetDefaultProxyMode - default proxy mode for a server +func GetDefaultProxyMode() config.ProxyMode { + var ( + mode config.ProxyMode + def string + ) + if os.Getenv("DEFAULT_PROXY_MODE") != "" { + def = os.Getenv("DEFAULT_PROXY_MODE") + } else if config.Config.Server.DefaultProxyMode.Set { + return config.Config.Server.DefaultProxyMode + } + switch strings.ToUpper(def) { + case "ON": + mode.Set = true + mode.Value = true + case "OFF": + mode.Set = true + mode.Value = false + // AUTO or any other value + default: + mode.Set = false + } + return mode + +} + // parseStunList - turn string into slice of StunServers func parseStunList(stunString string) ([]models.StunServer, error) { var err error