zishuo/netmaker
1
0
Fork 0
mirror of https://github.com/gravitl/netmaker.git synced 2025-10-13 04:24:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

send peer updates on user updates and ingress gw

Browse Source
This commit is contained in:
abhishek9686
2024-10-23 22:30:36 +04:00
parent 541bec71de
commit f51f655f00
3 changed files with 41 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
controllers/node.go
View File

@@ -590,6 +590,7 @@ func createIngressGateway(w http.ResponseWriter, r *http.Request) {
if err := mq.NodeUpdate(&node); err != nil { if err := mq.NodeUpdate(&node); err != nil {
slog.Error("error publishing node update to node", "node", node.ID, "error", err) slog.Error("error publishing node update to node", "node", node.ID, "error", err)
} }
mq.PublishPeerUpdate(false)
}() }()
} }
@@ -634,6 +635,7 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
if err := mq.PublishSingleHostPeerUpdate(host, allNodes, nil, removedClients[:], false, nil); err != nil { if err := mq.PublishSingleHostPeerUpdate(host, allNodes, nil, removedClients[:], false, nil); err != nil {
slog.Error("publishSingleHostUpdate", "host", host.Name, "error", err) slog.Error("publishSingleHostUpdate", "host", host.Name, "error", err)
} }
mq.PublishPeerUpdate(false)
if err := mq.NodeUpdate(&node); err != nil { if err := mq.NodeUpdate(&node); err != nil {
slog.Error( slog.Error(
"error publishing node update to node", "error publishing node update to node",

3
controllers/user.go
View File

@@ -451,6 +451,7 @@ func createUser(w http.ResponseWriter, r *http.Request) {
} }
logic.DeleteUserInvite(user.UserName) logic.DeleteUserInvite(user.UserName)
logic.DeletePendingUser(user.UserName) logic.DeletePendingUser(user.UserName)
go mq.PublishPeerUpdate(false)
slog.Info("user was created", "username", user.UserName) slog.Info("user was created", "username", user.UserName)
json.NewEncoder(w).Encode(logic.ToReturnUser(user)) json.NewEncoder(w).Encode(logic.ToReturnUser(user))
} }
@@ -590,6 +591,7 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest")) logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
return return
} }
go mq.PublishPeerUpdate(false)
logger.Log(1, username, "was updated") logger.Log(1, username, "was updated")
json.NewEncoder(w).Encode(logic.ToReturnUser(*user)) json.NewEncoder(w).Encode(logic.ToReturnUser(*user))
} }
@@ -692,6 +694,7 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
} }
} }
} }
mq.PublishPeerUpdate(false)
if servercfg.IsDNSMode() { if servercfg.IsDNSMode() {
logic.SetDNS() logic.SetDNS()
} }

60
logic/extpeers.go
View File

@@ -459,11 +459,6 @@ func GetFwRulesOnIngressGateway(node models.Node) (rules []models.FwRule) {
DstIP: peer.Address.IP, DstIP: peer.Address.IP,
Allow: true, Allow: true,
}) })
// rules = append(rules, models.FwRule{
// SrcIp: peer.Address.IP,
// DstIP: userNodeI.StaticNode.AddressIPNet4().IP,
// Allow: true,
// })
} }
if userNodeI.StaticNode.Address6 != "" { if userNodeI.StaticNode.Address6 != "" {
rules = append(rules, models.FwRule{ rules = append(rules, models.FwRule{
@@ -471,11 +466,6 @@ func GetFwRulesOnIngressGateway(node models.Node) (rules []models.FwRule) {
DstIP: peer.Address6.IP, DstIP: peer.Address6.IP,
Allow: true, Allow: true,
}) })
// rules = append(rules, models.FwRule{
// SrcIp: peer.Address6.IP,
// DstIP: userNodeI.StaticNode.AddressIPNet6().IP,
// Allow: true,
// })
} }
} }
@@ -483,39 +473,47 @@ func GetFwRulesOnIngressGateway(node models.Node) (rules []models.FwRule) {
} }
} }
for _, extclientI := range nodes { for _, nodeI := range nodes {
if !extclientI.IsStatic || extclientI.IsUserNode { if !nodeI.IsStatic || nodeI.IsUserNode {
continue continue
} }
for _, extclient := range nodes { for _, peer := range nodes {
if extclient.StaticNode.ClientID == extclientI.StaticNode.ClientID || extclient.IsUserNode { if peer.StaticNode.ClientID == nodeI.StaticNode.ClientID || peer.IsUserNode {
continue continue
} }
if IsNodeAllowedToCommunicate(extclientI, extclient) { if IsNodeAllowedToCommunicate(nodeI, peer) {
if extclientI.StaticNode.Address != "" { if peer.IsStatic {
if nodeI.StaticNode.Address != "" {
rules = append(rules, models.FwRule{ rules = append(rules, models.FwRule{
SrcIp: extclientI.StaticNode.AddressIPNet4().IP, SrcIp: nodeI.StaticNode.AddressIPNet4().IP,
DstIP: extclient.StaticNode.AddressIPNet4().IP, DstIP: peer.StaticNode.AddressIPNet4().IP,
Allow: true, Allow: true,
}) })
// rules = append(rules, models.FwRule{
// SrcIp: extclient.StaticNode.AddressIPNet4().IP,
// DstIP: extclientI.StaticNode.AddressIPNet4().IP,
// Allow: true,
// })
} }
if extclientI.StaticNode.Address6 != "" { if nodeI.StaticNode.Address6 != "" {
rules = append(rules, models.FwRule{ rules = append(rules, models.FwRule{
SrcIp: extclientI.StaticNode.AddressIPNet6().IP, SrcIp: nodeI.StaticNode.AddressIPNet6().IP,
DstIP: extclient.StaticNode.AddressIPNet6().IP, DstIP: peer.StaticNode.AddressIPNet6().IP,
Allow: true, Allow: true,
}) })
// rules = append(rules, models.FwRule{
// SrcIp: extclient.StaticNode.AddressIPNet6().IP,
// DstIP: extclientI.StaticNode.AddressIPNet6().IP,
// Allow: true,
// })
} }
} else {
if nodeI.StaticNode.Address != "" {
rules = append(rules, models.FwRule{
SrcIp: nodeI.StaticNode.AddressIPNet4().IP,
DstIP: peer.Address.IP,
Allow: true,
})
}
if nodeI.StaticNode.Address6 != "" {
rules = append(rules, models.FwRule{
SrcIp: nodeI.StaticNode.AddressIPNet6().IP,
DstIP: peer.Address6.IP,
Allow: true,
})
}
}
} }
} }
} }