mirror of
https://github.com/gravitl/netmaker.git
synced 2025-10-05 16:57:51 +08:00
New Docs (#3034)
* New Docs CSS update and Dockerfile to include docs folder flash of unrendered text fix markdown docs ignore docs/docs.go improving the docs generation github actions for docs generation go runner version fix updated docs.yml update repo action updated updated actions and dns docs dns complete More docs update Complete docs and updated workflow Update documentation Tue Aug 6 11:17:42 UTC 2024 Update documentation Thu Aug 8 12:26:57 UTC 2024 clean up clean up Dockerfile clean up Updated workflow Updated workflow Update docs.yml Update docs.yml * requested changes * changed ingress gateway to remote access gateway
This commit is contained in:
Sayan Mallick
@@ -21,30 +21,28 @@ var hostIDHeader = "host-id"
|
||||
|
||||
func nodeHandlers(r *mux.Router) {
|
||||
|
||||
r.HandleFunc("/api/nodes", Authorize(false, false, "user", http.HandlerFunc(getAllNodes))).Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}", Authorize(false, true, "network", http.HandlerFunc(getNetworkNodes))).Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", Authorize(true, true, "node", http.HandlerFunc(getNode))).Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", logic.SecurityCheck(true, http.HandlerFunc(updateNode))).Methods(http.MethodPut)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", Authorize(true, true, "node", http.HandlerFunc(deleteNode))).Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/creategateway", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceEgress, http.HandlerFunc(createEgressGateway)))).Methods(http.MethodPost)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deletegateway", logic.SecurityCheck(true, http.HandlerFunc(deleteEgressGateway))).Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/createingress", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceIngress, http.HandlerFunc(createIngressGateway)))).Methods(http.MethodPost)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deleteingress", logic.SecurityCheck(true, http.HandlerFunc(deleteIngressGateway))).Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes", Authorize(false, false, "user", http.HandlerFunc(getAllNodes))).
|
||||
Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}", Authorize(false, true, "network", http.HandlerFunc(getNetworkNodes))).
|
||||
Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", Authorize(true, true, "node", http.HandlerFunc(getNode))).
|
||||
Methods(http.MethodGet)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", logic.SecurityCheck(true, http.HandlerFunc(updateNode))).
|
||||
Methods(http.MethodPut)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}", Authorize(true, true, "node", http.HandlerFunc(deleteNode))).
|
||||
Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/creategateway", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceEgress, http.HandlerFunc(createEgressGateway)))).
|
||||
Methods(http.MethodPost)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deletegateway", logic.SecurityCheck(true, http.HandlerFunc(deleteEgressGateway))).
|
||||
Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/createingress", logic.SecurityCheck(true, checkFreeTierLimits(limitChoiceIngress, http.HandlerFunc(createIngressGateway)))).
|
||||
Methods(http.MethodPost)
|
||||
r.HandleFunc("/api/nodes/{network}/{nodeid}/deleteingress", logic.SecurityCheck(true, http.HandlerFunc(deleteIngressGateway))).
|
||||
Methods(http.MethodDelete)
|
||||
r.HandleFunc("/api/nodes/adm/{network}/authenticate", authenticate).Methods(http.MethodPost)
|
||||
r.HandleFunc("/api/v1/nodes/migrate", migrate).Methods(http.MethodPost)
|
||||
}
|
||||
|
||||
// swagger:route POST /api/nodes/adm/{network}/authenticate authenticate authenticate
|
||||
//
|
||||
// Authenticate to make further API calls related to a network.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: successResponse
|
||||
func authenticate(response http.ResponseWriter, request *http.Request) {
|
||||
|
||||
var authRequest models.AuthParams
|
||||
@@ -149,7 +147,11 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
|
||||
// even if it's technically ok
|
||||
// This is kind of a poor man's RBAC. There's probably a better/smarter way.
|
||||
// TODO: Consider better RBAC implementations
|
||||
func Authorize(hostAllowed, networkCheck bool, authNetwork string, next http.Handler) http.HandlerFunc {
|
||||
func Authorize(
|
||||
hostAllowed, networkCheck bool,
|
||||
authNetwork string,
|
||||
next http.Handler,
|
||||
) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
var errorResponse = models.ErrorResponse{
|
||||
Code: http.StatusForbidden, Message: logic.Forbidden_Msg,
|
||||
@@ -258,17 +260,12 @@ func Authorize(hostAllowed, networkCheck bool, authNetwork string, next http.Han
|
||||
}
|
||||
}
|
||||
|
||||
// swagger:route GET /api/nodes/{network} nodes getNetworkNodes
|
||||
//
|
||||
// Gets all nodes associated with network including pending nodes.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeSliceResponse
|
||||
// @Summary Gets all nodes associated with network including pending nodes
|
||||
// @Router /api/nodes/adm/{network} [get]
|
||||
// @Securitydefinitions.oauth2.application OAuth2Application
|
||||
// @Tags Nodes
|
||||
// @Success 200 {array} models.Node
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func getNetworkNodes(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
var params = mux.Vars(r)
|
||||
@@ -288,18 +285,12 @@ func getNetworkNodes(w http.ResponseWriter, r *http.Request) {
|
||||
json.NewEncoder(w).Encode(apiNodes)
|
||||
}
|
||||
|
||||
// swagger:route GET /api/nodes nodes getAllNodes
|
||||
//
|
||||
// Get all nodes across all networks.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeSliceResponse
|
||||
//
|
||||
// @Summary Get all nodes across all networks
|
||||
// @Router /api/nodes [get]
|
||||
// @Tags Nodes
|
||||
// @Securitydefinitions.oauth2.application OAuth2Application
|
||||
// @Success 200 {array} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
// Not quite sure if this is necessary. Probably necessary based on front end but may want to review after iteration 1 if it's being used or not
|
||||
func getAllNodes(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
@@ -327,17 +318,12 @@ func getAllNodes(w http.ResponseWriter, r *http.Request) {
|
||||
json.NewEncoder(w).Encode(apiNodes)
|
||||
}
|
||||
|
||||
// swagger:route GET /api/nodes/{network}/{nodeid} nodes getNode
|
||||
//
|
||||
// Get an individual node.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Get an individual node
|
||||
// @Router /api/nodes/{network}/{nodeid} [get]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.NodeGet
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func getNode(w http.ResponseWriter, r *http.Request) {
|
||||
// set header.
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
@@ -359,15 +345,29 @@ func getNode(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
allNodes, err := logic.GetAllNodes()
|
||||
if err != nil {
|
||||
logger.Log(0, r.Header.Get("user"),
|
||||
fmt.Sprintf("error fetching wg peers config for host [ %s ]: %v", host.ID.String(), err))
|
||||
logger.Log(
|
||||
0,
|
||||
r.Header.Get("user"),
|
||||
fmt.Sprintf(
|
||||
"error fetching wg peers config for host [ %s ]: %v",
|
||||
host.ID.String(),
|
||||
err,
|
||||
),
|
||||
)
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
hostPeerUpdate, err := logic.GetPeerUpdateForHost(node.Network, host, allNodes, nil, nil)
|
||||
if err != nil && !database.IsEmptyRecord(err) {
|
||||
logger.Log(0, r.Header.Get("user"),
|
||||
fmt.Sprintf("error fetching wg peers config for host [ %s ]: %v", host.ID.String(), err))
|
||||
logger.Log(
|
||||
0,
|
||||
r.Header.Get("user"),
|
||||
fmt.Sprintf(
|
||||
"error fetching wg peers config for host [ %s ]: %v",
|
||||
host.ID.String(),
|
||||
err,
|
||||
),
|
||||
)
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
|
||||
return
|
||||
}
|
||||
@@ -388,17 +388,12 @@ func getNode(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
// == EGRESS ==
|
||||
|
||||
// swagger:route POST /api/nodes/{network}/{nodeid}/creategateway nodes createEgressGateway
|
||||
//
|
||||
// Create an egress gateway.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Create an egress gateway
|
||||
// @Router /api/nodes/{network}/{nodeid}/creategateway [post]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func createEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
var gateway models.EgressGatewayRequest
|
||||
var params = mux.Vars(r)
|
||||
@@ -431,7 +426,14 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
apiNode := node.ConvertToAPINode()
|
||||
logger.Log(1, r.Header.Get("user"), "created egress gateway on node", gateway.NodeID, "on network", gateway.NetID)
|
||||
logger.Log(
|
||||
1,
|
||||
r.Header.Get("user"),
|
||||
"created egress gateway on node",
|
||||
gateway.NodeID,
|
||||
"on network",
|
||||
gateway.NetID,
|
||||
)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(apiNode)
|
||||
go func() {
|
||||
@@ -442,17 +444,12 @@ func createEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}()
|
||||
}
|
||||
|
||||
// swagger:route DELETE /api/nodes/{network}/{nodeid}/deletegateway nodes deleteEgressGateway
|
||||
//
|
||||
// Delete an egress gateway.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Delete an egress gateway
|
||||
// @Router /api/nodes/{network}/{nodeid}/deletegateway [delete]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
@@ -474,7 +471,14 @@ func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
apiNode := node.ConvertToAPINode()
|
||||
logger.Log(1, r.Header.Get("user"), "deleted egress gateway on node", nodeid, "on network", netid)
|
||||
logger.Log(
|
||||
1,
|
||||
r.Header.Get("user"),
|
||||
"deleted egress gateway on node",
|
||||
nodeid,
|
||||
"on network",
|
||||
netid,
|
||||
)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(apiNode)
|
||||
go func() {
|
||||
@@ -487,17 +491,12 @@ func deleteEgressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
// == INGRESS ==
|
||||
|
||||
// swagger:route POST /api/nodes/{network}/{nodeid}/createingress nodes createIngressGateway
|
||||
//
|
||||
// Create an ingress gateway.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Create an remote access gateway
|
||||
// @Router /api/nodes/{network}/{nodeid}/createingress [post]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
var params = mux.Vars(r)
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
@@ -520,7 +519,14 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
apiNode := node.ConvertToAPINode()
|
||||
logger.Log(1, r.Header.Get("user"), "created ingress gateway on node", nodeid, "on network", netid)
|
||||
logger.Log(
|
||||
1,
|
||||
r.Header.Get("user"),
|
||||
"created ingress gateway on node",
|
||||
nodeid,
|
||||
"on network",
|
||||
netid,
|
||||
)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(apiNode)
|
||||
go func() {
|
||||
@@ -530,17 +536,12 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}()
|
||||
}
|
||||
|
||||
// swagger:route DELETE /api/nodes/{network}/{nodeid}/deleteingress nodes deleteIngressGateway
|
||||
//
|
||||
// Delete an ingress gateway.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Delete an remote access gateway
|
||||
// @Router /api/nodes/{network}/{nodeid}/deleteingress [delete]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
var params = mux.Vars(r)
|
||||
@@ -596,7 +597,13 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
slog.Error("publishSingleHostUpdate", "host", host.Name, "error", err)
|
||||
}
|
||||
if err := mq.NodeUpdate(&node); err != nil {
|
||||
slog.Error("error publishing node update to node", "node", node.ID, "error", err)
|
||||
slog.Error(
|
||||
"error publishing node update to node",
|
||||
"node",
|
||||
node.ID,
|
||||
"error",
|
||||
err,
|
||||
)
|
||||
}
|
||||
if servercfg.IsDNSMode() {
|
||||
logic.SetDNS()
|
||||
@@ -606,17 +613,12 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
}
|
||||
|
||||
// swagger:route PUT /api/nodes/{network}/{nodeid} nodes updateNode
|
||||
//
|
||||
// Update an individual node.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Update an individual node
|
||||
// @Router /api/nodes/{network}/{nodeid} [put]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {object} models.ApiNode
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func updateNode(w http.ResponseWriter, r *http.Request) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
|
||||
@@ -642,7 +644,11 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
newNode := newData.ConvertToServerNode(¤tNode)
|
||||
if newNode == nil {
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("error converting node"), "badrequest"))
|
||||
logic.ReturnErrorResponse(
|
||||
w,
|
||||
r,
|
||||
logic.FormatError(fmt.Errorf("error converting node"), "badrequest"),
|
||||
)
|
||||
return
|
||||
}
|
||||
if newNode.IsInternetGateway != currentNode.IsInternetGateway {
|
||||
@@ -686,7 +692,14 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
apiNode := newNode.ConvertToAPINode()
|
||||
logger.Log(1, r.Header.Get("user"), "updated node", currentNode.ID.String(), "on network", currentNode.Network)
|
||||
logger.Log(
|
||||
1,
|
||||
r.Header.Get("user"),
|
||||
"updated node",
|
||||
currentNode.ID.String(),
|
||||
"on network",
|
||||
currentNode.Network,
|
||||
)
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(apiNode)
|
||||
go func(aclUpdate, relayupdate bool, newNode *models.Node) {
|
||||
@@ -704,17 +717,12 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
|
||||
}(aclUpdate, relayUpdate, newNode)
|
||||
}
|
||||
|
||||
// swagger:route DELETE /api/nodes/{network}/{nodeid} nodes deleteNode
|
||||
//
|
||||
// Delete an individual node.
|
||||
//
|
||||
// Schemes: https
|
||||
//
|
||||
// Security:
|
||||
// oauth
|
||||
//
|
||||
// Responses:
|
||||
// 200: nodeResponse
|
||||
// @Summary Delete an individual node
|
||||
// @Router /api/nodes/{network}/{nodeid} [delete]
|
||||
// @Tags Nodes
|
||||
// @Security oauth2
|
||||
// @Success 200 {string} string "Node deleted."
|
||||
// @Failure 500 {object} models.ErrorResponse
|
||||
func deleteNode(w http.ResponseWriter, r *http.Request) {
|
||||
// Set header
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
@@ -735,7 +743,11 @@ func deleteNode(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
purge := forceDelete || fromNode
|
||||
if err := logic.DeleteNode(&node, purge); err != nil {
|
||||
logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("failed to delete node"), "internal"))
|
||||
logic.ReturnErrorResponse(
|
||||
w,
|
||||
r,
|
||||
logic.FormatError(fmt.Errorf("failed to delete node"), "internal"),
|
||||
)
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user