change version of ubuntu

2025-10-05 08:47:35 +08:00 · 2021-10-19 15:53:01 -04:00
parent 8a2971bef6
commit fb4d2d1272
29 changed files with 497 additions and 1100 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -6,14 +6,8 @@ on:
 jobs:
  tests:
    env:
-      DATABASE: rqlite
+      DATABASE: sqlite
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
    services:
      rqlite:
        image: rqlite/rqlite
        ports:
            - 4001:4001
            - 4002:4002
    steps:
      - name: Checkout
        uses: actions/checkout@v2
@@ -21,5 +15,5 @@ jobs:
        run: |
            go test -p 1 ./... -v
        env:
-          DATABASE: rqlite
+          DATABASE: sqlite
          CLIENT_MODE: "off"
--- a/controllers/common_test.go
+++ b/controllers/common_test.go
@@ -124,7 +124,7 @@ func TestSetNetworkNodesLastModified(t *testing.T) {
 }
 func createTestNode() models.Node {
-	createnode := models.Node{PublicKey: "DM5qhLAE20PG9BbfBCger+Ac9D2NDOwCtY1rbYDLf34=", Endpoint: "10.0.0.1", MacAddress: "01:02:03:04:05:06", Password: "password", Network: "skynet"}
+	createnode := models.Node{PublicKey: "DM5qhLAE20PG9BbfBCger+Ac9D2NDOwCtY1rbYDLf34=", Name: "testnode", Endpoint: "10.0.0.1", MacAddress: "01:02:03:04:05:06", Password: "password", Network: "skynet"}
 	node, _ := logic.CreateNode(createnode, "skynet")
 	return node
 }
--- a/controllers/dnsHttpController_test.go
+++ b/controllers/dnsHttpController_test.go
@@ -1,100 +1,309 @@
 package controller
 import (
 	"io/ioutil"
 	"os"
 	"testing"
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/dnslogic"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
 	"github.com/stretchr/testify/assert"
 )
-func TestGetNodeDNS(t *testing.T) {
+func TestGetAllDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	t.Run("NoEntries", func(t *testing.T) {
 		entries, err := GetAllDNS()
 		assert.Nil(t, err)
 		assert.Equal(t, []models.DNSEntry(nil), entries)
 	})
 	t.Run("OneEntry", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.3", "newhost", "skynet"}
 		CreateDNS(entry)
 		entries, err := GetAllDNS()
 		assert.Nil(t, err)
 		assert.Equal(t, 1, len(entries))
 	})
 	t.Run("MultipleEntry", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.7", "anotherhost", "skynet"}
 		CreateDNS(entry)
 		entries, err := GetAllDNS()
 		assert.Nil(t, err)
 		assert.Equal(t, 2, len(entries))
 	})
 }
 func TestGetNodeDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	t.Run("NoNodes", func(t *testing.T) {
 		dns, err := GetNodeDNS("skynet")
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, []models.DNSEntry(nil), dns)
 	})
 	t.Run("NodeExists", func(t *testing.T) {
 		createTestNode()
 		dns, err := GetNodeDNS("skynet")
 		assert.Nil(t, err)
-	t.Log(dns)
+		assert.Equal(t, "10.0.0.1", dns[0].Address)
 	})
 	t.Run("MultipleNodes", func(t *testing.T) {
 		createnode := models.Node{PublicKey: "DM5qhLAE20PG9BbfBCger+Ac9D2NDOwCtY1rbYDLf34=", Endpoint: "10.100.100.3", MacAddress: "01:02:03:04:05:07", Password: "password", Network: "skynet"}
 		_, err := logic.CreateNode(createnode, "skynet")
 		assert.Nil(t, err)
 		dns, err := GetNodeDNS("skynet")
 		assert.Nil(t, err)
 		assert.Equal(t, 2, len(dns))
 	})
 }
 func TestGetCustomDNS(t *testing.T) {
 	t.Skip()
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	t.Run("NoNetworks", func(t *testing.T) {
 		dns, err := dnslogic.GetCustomDNS("skynet")
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, []models.DNSEntry(nil), dns)
 	})
 	t.Run("NoNodes", func(t *testing.T) {
 		createNet()
 		dns, err := dnslogic.GetCustomDNS("skynet")
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, []models.DNSEntry(nil), dns)
 	})
 	t.Run("NodeExists", func(t *testing.T) {
 		createTestNode()
 		dns, err := dnslogic.GetCustomDNS("skynet")
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, 0, len(dns))
 	})
 	t.Run("EntryExist", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.3", "newhost", "skynet"}
 		CreateDNS(entry)
 		dns, err := dnslogic.GetCustomDNS("skynet")
 		assert.Nil(t, err)
-	t.Log(dns)
+		assert.Equal(t, 1, len(dns))
 	})
 	t.Run("MultipleEntries", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.4", "host4", "skynet"}
 		CreateDNS(entry)
 		dns, err := dnslogic.GetCustomDNS("skynet")
 		assert.Nil(t, err)
 		assert.Equal(t, 2, len(dns))
 	})
 }
 func TestGetDNSEntryNum(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
-	createTestNode()
+	t.Run("NoNodes", func(t *testing.T) {
 		num, err := GetDNSEntryNum("myhost", "skynet")
 		assert.Nil(t, err)
-	t.Log(num)
+		assert.Equal(t, 0, num)
 	})
 	t.Run("NodeExists", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 		_, err := CreateDNS(entry)
 		assert.Nil(t, err)
 		num, err := GetDNSEntryNum("newhost", "skynet")
 		assert.Nil(t, err)
 		assert.Equal(t, 1, num)
 	})
 }
 func TestGetDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	t.Run("NoEntries", func(t *testing.T) {
 		dns, err := dnslogic.GetDNS("skynet")
 		assert.Nil(t, err)
 		assert.Nil(t, dns)
 	})
 	t.Run("CustomDNSExists", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 		_, err := CreateDNS(entry)
 		assert.Nil(t, err)
 		dns, err := dnslogic.GetDNS("skynet")
 		t.Log(dns)
 		assert.Nil(t, err)
 		assert.NotNil(t, dns)
 		assert.Equal(t, "skynet", dns[0].Network)
 		assert.Equal(t, 1, len(dns))
 	})
 	t.Run("NodeExists", func(t *testing.T) {
 		deleteAllDNS(t)
 		createTestNode()
 		dns, err := dnslogic.GetDNS("skynet")
 		assert.Nil(t, err)
 		assert.NotNil(t, dns)
 		assert.Equal(t, "skynet", dns[0].Network)
 		assert.Equal(t, 1, len(dns))
 	})
 	t.Run("NodeAndCustomDNS", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 		_, err := CreateDNS(entry)
 		dns, err := dnslogic.GetDNS("skynet")
 		t.Log(dns)
 		assert.Nil(t, err)
 		assert.NotNil(t, dns)
 		assert.Equal(t, "skynet", dns[0].Network)
 		assert.Equal(t, "skynet", dns[1].Network)
 		assert.Equal(t, 2, len(dns))
 	})
 }
 func TestCreateDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllNetworks()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	//dns, err := GetDNS("skynet")
 	//assert.Nil(t, err)
 	//for _, entry := range dns {
 	//	_, _ = DeleteDNS(entry.Name, "skynet")
 	//}
 	entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 	err := ValidateDNSCreate(entry)
 	assert.Nil(t, err)
 	if err != nil {
 		t.Log(err)
 	}
 	dns, err := CreateDNS(entry)
 	assert.Nil(t, err)
-	t.Log(dns)
+	assert.Equal(t, "newhost", dns.Name)
 }
 func TestSetDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	t.Run("NoNetworks", func(t *testing.T) {
 		err := dnslogic.SetDNS()
 		assert.Nil(t, err)
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
 		assert.Equal(t, int64(0), info.Size())
 	})
 	t.Run("NoEntries", func(t *testing.T) {
 		createNet()
 		err := dnslogic.SetDNS()
 		assert.Nil(t, err)
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
 		assert.Equal(t, int64(0), info.Size())
 	})
 	t.Run("NodeExists", func(t *testing.T) {
 		createTestNode()
 		err := dnslogic.SetDNS()
 		assert.Nil(t, err)
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
 		content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.Contains(t, string(content), "testnode.skynet")
 	})
 	t.Run("EntryExists", func(t *testing.T) {
 		entry := models.DNSEntry{"10.0.0.3", "newhost", "skynet"}
 		CreateDNS(entry)
 		err := dnslogic.SetDNS()
 		assert.Nil(t, err)
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
 		content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.Contains(t, string(content), "newhost.skynet")
 	})
 }
 func TestGetDNSEntry(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	createTestNode()
 	entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 	CreateDNS(entry)
 	t.Run("wrong net", func(t *testing.T) {
 		entry, err := GetDNSEntry("newhost", "w286 Toronto Street South, Uxbridge, ONirecat")
 		assert.EqualError(t, err, "no result found")
 		assert.Equal(t, models.DNSEntry{}, entry)
 	})
 	t.Run("wrong host", func(t *testing.T) {
 		entry, err := GetDNSEntry("badhost", "skynet")
 		assert.EqualError(t, err, "no result found")
 		assert.Equal(t, models.DNSEntry{}, entry)
 	})
 	t.Run("good host", func(t *testing.T) {
 		entry, err := GetDNSEntry("newhost", "skynet")
 		assert.Nil(t, err)
-	t.Log(entry)
+		assert.Equal(t, "newhost", entry.Name)
 	})
 	t.Run("node", func(t *testing.T) {
 		entry, err := GetDNSEntry("testnode", "skynet")
 		assert.EqualError(t, err, "no result found")
 		assert.Equal(t, models.DNSEntry{}, entry)
 	})
 }
 func TestUpdateDNS(t *testing.T) {
 	var newentry models.DNSEntry
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 	CreateDNS(entry)
 	t.Run("change address", func(t *testing.T) {
 		newentry.Address = "10.0.0.75"
 		updated, err := UpdateDNS(newentry, entry)
 		assert.Nil(t, err)
 		assert.Equal(t, newentry.Address, updated.Address)
 	})
 	t.Run("change name", func(t *testing.T) {
 		newentry.Name = "newname"
 		updated, err := UpdateDNS(newentry, entry)
 		assert.Nil(t, err)
 		assert.Equal(t, newentry.Name, updated.Name)
 	})
 	t.Run("change network", func(t *testing.T) {
 		newentry.Network = "wirecat"
 		updated, err := UpdateDNS(newentry, entry)
 		assert.Nil(t, err)
 		assert.NotEqual(t, newentry.Network, updated.Network)
 	})
 }
 func TestDeleteDNS(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	entry := models.DNSEntry{"10.0.0.2", "newhost", "skynet"}
 	CreateDNS(entry)
 	t.Run("EntryExists", func(t *testing.T) {
-		err := DeleteDNS("myhost", "skynet")
+		err := DeleteDNS("newhost", "skynet")
 		assert.Nil(t, err)
 	})
-	t.Run("NoEntry", func(t *testing.T) {
+	t.Run("NodeExists", func(t *testing.T) {
 		err := DeleteDNS("myhost", "skynet")
 		assert.Nil(t, err)
 	})
 	t.Run("NoEntries", func(t *testing.T) {
 		err := DeleteDNS("myhost", "skynet")
 		assert.Nil(t, err)
 	})
 }
 func TestValidateDNSUpdate(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllDNS(t)
 	deleteAllNetworks()
 	createNet()
 	entry := models.DNSEntry{"10.0.0.2", "myhost", "skynet"}
 	_ = DeleteDNS("mynode", "skynet")
 	t.Run("BadNetwork", func(t *testing.T) {
 		change := models.DNSEntry{"10.0.0.2", "myhost", "badnet"}
 		err := ValidateDNSUpdate(change, entry)
@@ -140,11 +349,14 @@ func TestValidateDNSUpdate(t *testing.T) {
 	})
 	t.Run("NameUnique", func(t *testing.T) {
 		change := models.DNSEntry{"10.0.0.2", "myhost", "wirecat"}
-		_, _ = CreateDNS(entry)
+		CreateDNS(entry)
-		_, _ = CreateDNS(change)
+		CreateDNS(change)
 		err := ValidateDNSUpdate(change, entry)
 		assert.NotNil(t, err)
 		assert.Contains(t, err.Error(), "Field validation for 'Name' failed on the 'name_unique' tag")
 		//cleanup
 		err = DeleteDNS("myhost", "wirecat")
 		assert.Nil(t, err)
 	})
 }
@@ -196,11 +408,9 @@ func TestValidateDNSCreate(t *testing.T) {
 func deleteAllDNS(t *testing.T) {
 	dns, err := GetAllDNS()
-	t.Log(err)
+	assert.Nil(t, err)
 	t.Log(dns)
 	for _, record := range dns {
 		t.Log(dns)
 		err := DeleteDNS(record.Name, record.Network)
-		t.Log(err)
+		assert.Nil(t, err)
 	}
 }
--- a/controllers/userHttpController.go
+++ b/controllers/userHttpController.go
@@ -348,8 +348,8 @@ func createAdmin(w http.ResponseWriter, r *http.Request) {
 	var admin models.User
 	// get node from body of request
 	_ = json.NewDecoder(r.Body).Decode(&admin)
-	admin.IsAdmin = true
+
-	admin, err := CreateUser(admin)
+	admin, err := CreateAdmin(admin)
 	if err != nil {
 		returnErrorResponse(w, r, formatError(err, "badrequest"))
@@ -359,6 +359,18 @@ func createAdmin(w http.ResponseWriter, r *http.Request) {
 	json.NewEncoder(w).Encode(admin)
 }
 func CreateAdmin(admin models.User) (models.User, error) {
 	hasadmin, err := HasAdmin()
 	if err != nil {
 		return models.User{}, err
 	}
 	if hasadmin {
 		return models.User{}, errors.New("admin user already exists")
 	}
 	admin.IsAdmin = true
 	return CreateUser(admin)
 }
 func createUser(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
--- a/controllers/userHttpController_test.go
+++ b/controllers/userHttpController_test.go
@@ -71,6 +71,26 @@ func TestCreateUser(t *testing.T) {
 	})
 }
 func TestCreateAdmin(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllUsers()
 	var user models.User
 	t.Run("NoAdmin", func(t *testing.T) {
 		user.UserName = "admin"
 		user.Password = "password"
 		admin, err := CreateAdmin(user)
 		assert.Nil(t, err)
 		assert.Equal(t, user.UserName, admin.UserName)
 	})
 	t.Run("AdminExists", func(t *testing.T) {
 		user.UserName = "admin2"
 		user.Password = "password1"
 		admin, err := CreateAdmin(user)
 		assert.EqualError(t, err, "admin user already exists")
 		assert.Equal(t, admin, models.User{})
 	})
 }
 func TestDeleteUser(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllUsers()
@@ -153,6 +173,49 @@ func TestGetUser(t *testing.T) {
 	})
 }
 func TestGetUserInternal(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllUsers()
 	t.Run("NonExistantUser", func(t *testing.T) {
 		admin, err := GetUserInternal("admin")
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, "", admin.UserName)
 	})
 	t.Run("UserExisits", func(t *testing.T) {
 		user := models.User{"admin", "password", nil, true}
 		CreateUser(user)
 		admin, err := GetUserInternal("admin")
 		assert.Nil(t, err)
 		assert.Equal(t, user.UserName, admin.UserName)
 	})
 }
 func TestGetUsers(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllUsers()
 	t.Run("NonExistantUser", func(t *testing.T) {
 		admin, err := GetUsers()
 		assert.EqualError(t, err, "could not find any records")
 		assert.Equal(t, []models.ReturnUser(nil), admin)
 	})
 	t.Run("UserExisits", func(t *testing.T) {
 		user := models.User{"admin", "password", nil, true}
 		CreateUser(user)
 		admins, err := GetUsers()
 		assert.Nil(t, err)
 		assert.Equal(t, user.UserName, admins[0].UserName)
 	})
 	t.Run("MulipleUsers", func(t *testing.T) {
 		user := models.User{"user", "password", nil, true}
 		CreateUser(user)
 		admins, err := GetUsers()
 		assert.Nil(t, err)
 		assert.Equal(t, "admin", admins[0].UserName)
 		assert.Equal(t, user.UserName, admins[1].UserName)
 	})
 }
 func TestUpdateUser(t *testing.T) {
 	database.InitializeDatabase()
 	deleteAllUsers()
--- a/go.mod
+++ b/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/mux v1.8.0
-	github.com/lib/pq v1.10.3 // indirect
+	github.com/lib/pq v1.10.3
 	github.com/mattn/go-sqlite3 v1.14.8
 	github.com/rqlite/gorqlite v0.0.0-20210514125552-08ff1e76b22f
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
--- a/go.sum
+++ b/go.sum
@@ -1,8 +1,12 @@
 cloud.google.com/go v0.26.0 h1:e0WKqKTd5BnrG8aKH3J3h+QvEIQtSUcf2n5UZ5ZgLtQ=
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/census-instrumentation/opencensus-proto v0.2.1 h1:glEXhBS5PSLLv4IXzLA5yPRVX4bilULVyxxbrfOtDAk=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403 h1:cqQfy1jclcSy/FwLjemeg3SR1yaINm74aQyupQ0Bl8M=
 github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
 github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
@@ -16,7 +20,9 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad h1:EmNYJhPYy0pOFjCx2PrgtaBXmee0iUX9hLlxE1xHOJE=
 github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/protoc-gen-validate v0.1.0 h1:EQciDnbrYxy13PgWoY8AqoxGiPrpgBZ1R8UNe3ddc+A=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ=
 github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
@@ -31,6 +37,7 @@ github.com/go-playground/validator/v10 v10.5.0 h1:X9rflw/KmpACwT8zdrm1upefpvdy6u
 github.com/go-playground/validator/v10 v10.5.0/go.mod h1:xm76BBt941f7yWdGnI2DVPFFg1UK3YY04qifoXU3lOk=
 github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
 github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -54,12 +61,14 @@ github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4=
 github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q=
 github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
 github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/josharian/native v0.0.0-20200817173448-b6b71def0850 h1:uhL5Gw7BINiiPAo24A2sxkcDI0Jt/sqp1v5xQCniEFA=
 github.com/josharian/native v0.0.0-20200817173448-b6b71def0850/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
@@ -112,10 +121,13 @@ github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
 github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
 github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -156,6 +168,7 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20210504132125-bbd867fde50d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 h1:4CSI6oo7cOjJKajidEljs9h+uP0rRZBPPPhcCbj5mw8=
 golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -187,6 +200,7 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e h1:XMgFehsDnnLGtjvjOfqWSUzt0alpTR1RSEuznObga2c=
 golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
@@ -198,6 +212,7 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135 h1:5Beo0mZN8dRzgrMMkDp0jc8YXQKx9DiJ2k1dkvGsn5A=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
@@ -208,6 +223,7 @@ golang.zx2c4.com/wireguard v0.0.0-20210805125648-3957e9b9dd19/go.mod h1:laHzsbfM
 golang.zx2c4.com/wireguard/wgctrl v0.0.0-20210913210325-91d1988e44de h1:M9Jc92kgqmVmidpnOeegP2VgO2DfHEcsUWtWMmBwNFQ=
 golang.zx2c4.com/wireguard/wgctrl v0.0.0-20210913210325-91d1988e44de/go.mod h1:+1XihzyZUBJcSc5WO9SwNA7v26puQwOEDwanaxfNXPQ=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
@@ -236,6 +252,7 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.3 h1:fvjTMHxHEw/mxHbtzPi3JCcKXQRAnQTBRo6YCJSVHKI=
 gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/kube/helm/README.md
+++ b/kube/helm/README.md
@@ -1,130 +0,0 @@
 # Netmaker Helm
 ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square)
 A Helm chart to run Netmaker with High Availability on Kubernetes:
 ```
 helm repo add netmaker https://gravitl.github.io/netmaker-helm/
 helm repo update
 ```
 ## Requirements
 To run HA Netmaker on Kubernetes, your cluster must have the following:
 - RWO and RWX Storage Classes (RWX is only required if running Netmaker with DNS Management enabled).
 - An Ingress Controller and valid TLS certificates 
 	- This chart can currently generate ingress for:
 		- Nginx Ingress + LetsEncrypt/Cert-Manager
 		- Traefik Ingress + LetsEncrypt/Cert-Manager
 	- to generate automatically, make sure one of the two is configured for your cluster
 Furthermore, the chart will by default install and use a postgresql cluster as its datastore: 
 | Repository | Name | Version |
 |------------|------|---------|
 | https://charts.bitnami.com/bitnami | postgresql-ha | 7.11.0 |
 ### Example Install
 ```
 helm install netmaker/netmaker --generate-name \ # generate a random id for the deploy 
 --set baseDomain=nm.example.com \ # the base wildcard domain to use for the netmaker api/dashboard/grpc ingress 
 --set replicas=3 \ # number of server replicas to deploy (3 by default) 
 --set ingress.enabled=true \ # deploy ingress automatically (requires nginx or traefik and cert-manager + letsencrypt) 
 --set ingress.className=nginx \ # ingress class to use 
 --set ingress.tls.issuerName=letsencrypt-prod \ # LetsEncrypt certificate issuer to use 
 --set dns.enabled=true \ # deploy and enable private DNS management with CoreDNS 
 --set dns.clusterIP=10.245.75.75 --set dns.RWX.storageClassName=nfs \ # required fields for DNS 
 --set postgresql-ha.postgresql.replicaCount=2 \ # number of DB replicas to deploy (default 2)
 ```
 ### Recommended Settings:
 A minimal HA install of Netmaker can be run with the following command:
 `helm install netmaker --generate-name --set baseDomain=nm.example.com`
 This install has some notable exceptions:
 - Ingress **must** be manually configured post-install (need to create valid Ingress with TLS)
 - Server will use "userspace" WireGuard, which is slower than kernel WG
 - DNS will be disabled
 Below, we discuss the considerations for Ingress, Kernel WireGuard, and DNS.
 #### Ingress	
 To run HA Netmaker, you must have ingress installed and enabled on your cluster with valid TLS certificates (not self-signed). If you are running Nginx or Traefik as your Ingress Controller and LetsEncrypt for TLS certificate management, you can run the helm install with the following settings:
 `--set ingress.enabled=true`
 `--set ingress.className=<nginx|traefik>`
 `--set ingress.annotations.cert-manager.io/cluster-issuer=<your LE issuer name>`
 If you are not using Nginx or Traefik and LetsEncrypt, we recommend leaving ingress.enabled=false (default), and then manually creating the ingress objects post-install. You will need three ingress objects with TLS:
 `dashboard.<baseDomain>`
 `api.<baseDomain>`
 `grpc.<baseDomain>`
 The gRPC ingress object must include annotations to use the gRPC protocol, which is supported by most ingress controllers. For instance, on Traefik, the annotation is:
 `ingress.kubernetes.io/protocol: h2c`
 You can find example ingress objects in the kube/example folder.
 #### Kernel WireGuard
 If you have control of the Kubernetes worker node servers, we recommend **first** installing WireGuard on the hosts, and then installing HA Netmaker in Kernel mode. By default, Netmaker will install with userspace WireGuard (wireguard-go) for maximum compatibility, and to avoid needing permissions at the host level. If you have installed WireGuard on your hosts, you should install Netmaker's helm chart with the following option:
 `--set wireguard.kernel=true`
 #### DNS
 By Default, the helm chart will deploy without DNS enabled. To enable DNS, specify with:
 `--set dns.enabled=true` 
 This will require specifying a RWX storage class, e.g.:
 `--set dns.RWX.storageClassName=nfs`
 This will also require specifying a service address for DNS. Choose a valid ipv4 address from the service IP CIDR for your cluster, e.g.:
 `--set dns.clusterIP=10.245.69.69`
 **This address will only be reachable from hosts that have access to the cluster service CIDR.** It is only designed for use cases related to k8s. If you want a more general-use Netmaker server on Kubernetes for use cases outside of k8s, you will need to do one of the following:
 - bind the CoreDNS service to port 53 on one of your worker nodes and set the COREDNS_ADDRESS equal to the public IP of the worker node
 - Create a private Network with Netmaker and set the COREDNS_ADDRESS equal to the private address of the host running CoreDNS. For this, CoreDNS will need a node selector and will ideally run on the same host as one of the Netmaker server instances.
 ## Values
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | dns.enabled | bool | `false` | whether or not to run with DNS (CoreDNS) |
 | dns.storageSize | string | `"128Mi"` | volume size for DNS (only needs to hold one file) |
 | fullnameOverride | string | `""` | override the full name for netmaker objects  |
 | image.pullPolicy | string | `"Always"` | Pull Policy for images |
 | image.repository | string | `"gravitl/netmaker"` | The image repo to pull Netmaker image from  |
 | image.tag | string | `"v0.8.4"` | Override the image tag to pull  |
 | ingress.annotations.base."kubernetes.io/ingress.allow-http" | string | `"false"` | annotation to generate ACME certs if available |
 | ingress.annotations.grpc.nginx."nginx.ingress.kubernetes.io/backend-protocol" | string | `"GRPC"` | annotation to use grpc protocol on grpc domain |
 | ingress.annotations.grpc.traefik."ingress.kubernetes.io/protocol" | string | `"h2c"` | annotation to use grpc protocol on grpc domain |
 | ingress.annotations.nginx."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/"` | destination addr for route |
 | ingress.annotations.nginx."nginx.ingress.kubernetes.io/ssl-redirect" | string | `"true"` | Redirect http to https  |
 | ingress.annotations.tls."kubernetes.io/tls-acme" | string | `"true"` | use acme cert if available |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/redirect-entry-point" | string | `"https"` | Redirect to https |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/redirect-permanent" | string | `"true"` | Redirect to https permanently |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/rule-type" | string | `"PathPrefixStrip"` | rule type |
 | ingress.enabled | bool | `false` | attempts to configure ingress if true |
 | ingress.hostPrefix.grpc | string | `"grpc."` | grpc route subdomain |
 | ingress.hostPrefix.rest | string | `"api."` | api (REST) route subdomain |
 | ingress.hostPrefix.ui | string | `"dashboard."` | ui route subdomain |
 | ingress.tls.enabled | bool | `true` |  |
 | ingress.tls.issuerName | string | `"letsencrypt-prod"` |  |
 | nameOverride | string | `""` | override the name for netmaker objects  |
 | podAnnotations | object | `{}` | pod annotations to add |
 | podSecurityContext | object | `{}` | pod security contect to add |
 | postgresql-ha.persistence.size | string | `"3Gi"` | size of postgres DB |
 | postgresql-ha.postgresql.database | string | `"netmaker"` | postgress db to generate |
 | postgresql-ha.postgresql.password | string | `"netmaker"` | postgres pass to generate |
 | postgresql-ha.postgresql.username | string | `"netmaker"` | postgres user to generate |
 | replicas | int | `3` | number of netmaker server replicas to create  |
 | service.grpcPort | int | `443` | port for GRPC service |
 | service.restPort | int | `8081` | port for API service |
 | service.type | string | `"ClusterIP"` | type for netmaker server services |
 | service.uiPort | int | `80` | port for UI service |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.name | string | `""` | Name of SA to use. If not set and create is true, a name is generated using the fullname template |
 | ui.replicas | int | `2` | how many UI replicas to create |
 | wireguard.enabled | bool | `true` | whether or not to use WireGuard on server |
 | wireguard.kernel | bool | `false` | whether or not to use Kernel WG (should be false unless WireGuard is installed on hosts). |
 | wireguard.networkLimit | int | `10` | max number of networks that Netmaker will support if running with WireGuard enabled |
--- a/kube/helm/netmaker/Chart.lock
+++ b/kube/helm/netmaker/Chart.lock
@@ -1,6 +0,0 @@
 dependencies:
 - name: postgresql-ha
  repository: https://charts.bitnami.com/bitnami
  version: 7.11.0
 digest: sha256:849759b9fd9d89bf0d47a271334889601010d1d11dd5c00562c18feafd93356d
 generated: "2021-10-13T14:02:45.428151972-04:00"
--- a/kube/helm/netmaker/Chart.yaml
+++ b/kube/helm/netmaker/Chart.yaml
@@ -1,29 +0,0 @@
 apiVersion: v2
 name: netmaker
 description: A Helm chart to run HA Netmaker on Kubernetes
 # A chart can be either an 'application' or a 'library' chart.
 #
 # Application charts are a collection of templates that can be packaged into versioned archives
 # to be deployed.
 #
 # Library charts provide useful utilities or functions for the chart developer. They're included as
 # a dependency of application charts to inject those utilities and functions into the rendering
 # pipeline. Library charts do not define any templates and therefore cannot be deployed.
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
 version: 0.1.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "0.9.0"
 dependencies:
  - name: "postgresql-ha"
    version: "7.11.0"
    repository: https://charts.bitnami.com/bitnami
--- a/kube/helm/netmaker/README.md
+++ b/kube/helm/netmaker/README.md
@@ -1,57 +0,0 @@
 # netmaker
 ![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square)
 A Helm chart to run HA Netmaker on Kubernetes
 ## Requirements
 | Repository | Name | Version |
 |------------|------|---------|
 | https://charts.bitnami.com/bitnami | postgresql-ha | 7.11.0 |
 ## Values
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | dns.enabled | bool | `false` | whether or not to run with DNS (CoreDNS) |
 | dns.storageSize | string | `"128Mi"` | volume size for DNS (only needs to hold one file) |
 | fullnameOverride | string | `""` | override the full name for netmaker objects  |
 | image.pullPolicy | string | `"Always"` | Pull Policy for images |
 | image.repository | string | `"gravitl/netmaker"` | The image repo to pull Netmaker image from  |
 | image.tag | string | `"v0.8.4"` | Override the image tag to pull  |
 | ingress.annotations.base."kubernetes.io/ingress.allow-http" | string | `"false"` | annotation to generate ACME certs if available |
 | ingress.annotations.grpc.nginx."nginx.ingress.kubernetes.io/backend-protocol" | string | `"GRPC"` | annotation to use grpc protocol on grpc domain |
 | ingress.annotations.grpc.traefik."ingress.kubernetes.io/protocol" | string | `"h2c"` | annotation to use grpc protocol on grpc domain |
 | ingress.annotations.nginx."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/"` | destination addr for route |
 | ingress.annotations.nginx."nginx.ingress.kubernetes.io/ssl-redirect" | string | `"true"` | Redirect http to https  |
 | ingress.annotations.tls."kubernetes.io/tls-acme" | string | `"true"` | use acme cert if available |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/redirect-entry-point" | string | `"https"` | Redirect to https |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/redirect-permanent" | string | `"true"` | Redirect to https permanently |
 | ingress.annotations.traefik."traefik.ingress.kubernetes.io/rule-type" | string | `"PathPrefixStrip"` | rule type |
 | ingress.enabled | bool | `false` | attempts to configure ingress if true |
 | ingress.hostPrefix.grpc | string | `"grpc."` | grpc route subdomain |
 | ingress.hostPrefix.rest | string | `"api."` | api (REST) route subdomain |
 | ingress.hostPrefix.ui | string | `"dashboard."` | ui route subdomain |
 | ingress.tls.enabled | bool | `true` |  |
 | ingress.tls.issuerName | string | `"letsencrypt-prod"` |  |
 | nameOverride | string | `""` | override the name for netmaker objects  |
 | podAnnotations | object | `{}` | pod annotations to add |
 | podSecurityContext | object | `{}` | pod security contect to add |
 | postgresql-ha.persistence.size | string | `"3Gi"` | size of postgres DB |
 | postgresql-ha.postgresql.database | string | `"netmaker"` | postgress db to generate |
 | postgresql-ha.postgresql.password | string | `"netmaker"` | postgres pass to generate |
 | postgresql-ha.postgresql.username | string | `"netmaker"` | postgres user to generate |
 | replicas | int | `3` | number of netmaker server replicas to create  |
 | service.grpcPort | int | `443` | port for GRPC service |
 | service.restPort | int | `8081` | port for API service |
 | service.type | string | `"ClusterIP"` | type for netmaker server services |
 | service.uiPort | int | `80` | port for UI service |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.name | string | `""` | Name of SA to use. If not set and create is true, a name is generated using the fullname template |
 | ui.replicas | int | `2` | how many UI replicas to create |
 | wireguard.enabled | bool | `true` | whether or not to use WireGuard on server |
 | wireguard.kernel | bool | `false` | whether or not to use Kernel WG (should be false unless WireGuard is installed on hosts). |
 | wireguard.networkLimit | int | `10` | max number of networks that Netmaker will support if running with WireGuard enabled |
--- a/kube/helm/netmaker/charts/postgresql-ha-7.11.0.tgz
+++ b/kube/helm/netmaker/charts/postgresql-ha-7.11.0.tgz
--- a/kube/helm/netmaker/templates/NOTES.txt
+++ b/kube/helm/netmaker/templates/NOTES.txt
@@ -1,22 +0,0 @@
 1. Get the application URL by running these commands:
 {{- if .Values.ingress.enabled }}
 {{- range $host := .Values.ingress.hosts }}
  {{- range .paths }}
  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
  {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.type }}
  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "netmaker.fullname" . }})
  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT
 {{- else if contains "LoadBalancer" .Values.service.type }}
     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "netmaker.fullname" . }}'
  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "netmaker.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
  echo http://$SERVICE_IP:{{ .Values.service.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "netmaker.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
  echo "Visit http://127.0.0.1:8080 to use your application"
  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
 {{- end }}
--- a/kube/helm/netmaker/templates/_helpers.tpl
+++ b/kube/helm/netmaker/templates/_helpers.tpl
@@ -1,70 +0,0 @@
 {{/*
 Expand the name of the chart.
 */}}
 {{- define "netmaker.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
 {{- define "netmaker.fullname" -}}
 {{- if .Values.fullnameOverride }}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- $name := default .Chart.Name .Values.nameOverride }}
 {{- if contains $name .Release.Name }}
 {{- .Release.Name | trunc 63 | trimSuffix "-" }}
 {{- else }}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{- end }}
 {{- end }}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "netmaker.masterKey" -}}
 {{- randAlphaNum 12 | nospace -}}
 {{- end -}}
 {{/*
 Create chart name and version as used by the chart label.
 */}}
 {{- define "netmaker.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
 {{- end }}
 {{/*
 Common labels
 */}}
 {{- define "netmaker.labels" -}}
 helm.sh/chart: {{ include "netmaker.chart" . }}
 {{ include "netmaker.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "netmaker.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "netmaker.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
 {{- define "netmaker.serviceAccountName" -}}
 {{- if .Values.serviceAccount.create }}
 {{- default (include "netmaker.fullname" .) .Values.serviceAccount.name }}
 {{- else }}
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
--- a/kube/helm/netmaker/templates/coredns.yaml
+++ b/kube/helm/netmaker/templates/coredns.yaml
@@ -1,85 +0,0 @@
 {{- if .Values.dns.enabled -}}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "netmaker.fullname" . }}-coredns
  labels:
    app: {{ include "netmaker.fullname" . }}-coredns
 spec:
  selector:
    matchLabels:
      app: {{ include "netmaker.fullname" . }}-coredns
  replicas: 1
  template:
    metadata:
      labels:
        app: {{ include "netmaker.fullname" . }}-coredns
    spec:
      containers:
      - args:
        - -conf
        - /root/dnsconfig/Corefile
        image: coredns/coredns
        imagePullPolicy: Always
        name: netmaker-dns
        ports:
        - containerPort: 53
          name: dns
          protocol: UDP
        - containerPort: 53
          name: dns-tcp
          protocol: TCP
        volumeMounts:
        - mountPath: /root/dnsconfig
          name: {{ include "netmaker.fullname" . }}-dns-pvc
          readOnly: true
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - all
      dnsPolicy: "None"
      dnsConfig:
        nameservers:
          - 127.0.0.1
      volumes:
      - name: {{ include "netmaker.fullname" . }}-dns-pvc
        persistentVolumeClaim:
          claimName: {{ include "netmaker.fullname" . }}-dns-pvc
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app: {{ include "netmaker.fullname" . }}-coredns
  name: {{ include "netmaker.fullname" . }}-coredns
 spec:
  ports:
  - port: 53
    protocol: UDP
    targetPort: 53
    name: udp
  - port: 53
    protocol: TCP
    targetPort: 53
    name: tcp
  selector:
    app: {{ include "netmaker.fullname" . }}-coredns
  sessionAffinity: None
  type: ClusterIP
  clusterIP: {{ required "A valid .Values.dns.clusterIP entry required! Choose an IP from your k8s service IP CIDR" .Values.dns.clusterIP}}
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: {{ include "netmaker.fullname" . }}-dns-pvc
 spec:
  storageClassName: {{ required "A valid .Values.dns.RWX.storageClassName entry required! Specify an available RWX storage class." .Values.dns.RWX.storageClassName}}
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: {{ .Values.dns.storageSize }}
 {{- end }}
--- a/kube/helm/netmaker/templates/ingress.yaml
+++ b/kube/helm/netmaker/templates/ingress.yaml
@@ -1,236 +0,0 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "netmaker.fullname" . -}}
 {{- $fullUIName := printf "%s-%s" $fullName "ui" -}}
 {{- $fullRESTName := printf "%s-%s" $fullName "rest" -}}
 {{- $fullGRPCName := printf "%s-%s" $fullName "grpc" -}}
 {{- $uiSvcPort := .Values.service.uiPort -}}
 {{- $restSvcPort := .Values.service.restPort -}}
 {{- $grpcSvcPort := .Values.service.grpcPort -}}
 {{- $classname := required "A valid .Values.ingress.className entry required! Please set this to your ingress class (nginx, traefik)" .Values.ingress.className}}
 {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
  {{- end }}
 {{- end }}
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
  name: {{ $fullUIName }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  {{- with .Values.ingress }}
  annotations:
    {{- toYaml .annotations.base | nindent 4 }}
    {{- if or (eq .className "nginx") (eq .className "public") }}
    {{- toYaml .annotations.nginx | nindent 4 }}
    {{- end }}
    {{- if eq .className "traefik" }}
    {{- toYaml .annotations.traefik | nindent 4 }}
    {{- end }}
    {{- if and .tls.enabled (eq .tls.issuerName "" )}}
    {{- toYaml .annotations.tls | nindent 4 }}
    {{- else if .tls.enabled}}
    cert-manager.io/cluster-issuer: {{ .tls.issuerName }}
    {{- end }}
  {{- end }}
 spec:
  {{- if (not (eq .Values.ingress.className "traefik")) }}
  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
  ingressClassName: {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
  {{- end }}
  {{- end }}
  {{- if .Values.ingress.tls.enabled }}
  tls:
    - hosts:
        - {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
      secretName: {{ $fullUIName }}-tls-secret
  {{- end}}
  rules:
    - host: {{ .Values.ingress.hostPrefix.ui }}{{ .Values.baseDomain }}
      http:
        paths:
          - path: /
            {{- if (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
              service:
                name: {{ $fullUIName }}
                port:
                  number: {{ $uiSvcPort }}
              {{- else }}
              serviceName: {{ $fullUIName }}
              servicePort: {{ $uiSvcPort }}
              {{- end }}
 ---
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
  name: {{ $fullRESTName }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  {{- with .Values.ingress }}
  annotations:
    {{- toYaml .annotations.base | nindent 4 }}
    {{- if or (eq .className "nginx") (eq .className "public") }}
    {{- toYaml .annotations.nginx | nindent 4 }}
    {{- end }}
    {{- if eq .className "traefik" }}
    {{- toYaml .annotations.traefik | nindent 4 }}
    {{- end }}
    {{- if and .tls.enabled (eq .tls.issuerName "" )}}
    {{- toYaml .annotations.tls | nindent 4 }}
    {{- else if .tls.enabled}}
    cert-manager.io/cluster-issuer: {{ .tls.issuerName }}
    {{- end }}
  {{- end }}
 spec:
  {{- if (not (eq .Values.ingress.className "traefik")) }}
  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
  ingressClassName:  {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
  {{- end }}
  {{- end }}
  {{- if .Values.ingress.tls.enabled }}
  tls:
    - hosts:
        - {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
      secretName: {{ $fullRESTName }}-tls-secret
  {{- end }}
  rules:
    - host: {{ .Values.ingress.hostPrefix.rest }}{{ .Values.baseDomain }}
      http:
        paths:
          - path: /
            {{- if (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
              service:
                name: {{ $fullRESTName }}
                port:
                  number: {{ $restSvcPort }}
              {{- else }}
              serviceName: {{ $fullRESTName }}
              servicePort: {{ $restSvcPort }}
              {{- end }}
 ---
 {{- if not (eq .Values.ingress.className "traefik") }}
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
 {{- end }}
 kind: Ingress
 metadata:
  name: {{ $fullGRPCName }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  {{- with .Values.ingress }}
  annotations:
    {{- toYaml .annotations.base | nindent 4 }}
    {{- if or (eq .className "nginx") (eq .className "public") }}
    {{- toYaml .annotations.nginx | nindent 4 }}
    {{- toYaml .annotations.grpc.nginx | nindent 4 }}
    {{- end }}
    {{- if eq .className "traefik" }}
    {{- toYaml .annotations.traefik | nindent 4 }}
    {{- end }}
    {{- if and .tls.enabled (eq .tls.issuerName "" )}}
    {{- toYaml .annotations.tls | nindent 4 }}
    {{- else if .tls.enabled}}
    cert-manager.io/cluster-issuer: {{ .tls.issuerName }}
    {{- end }}
  {{- end }}
 spec:
  {{- if (not (eq .Values.ingress.className "traefik")) }}
  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
  ingressClassName:  {{ required "A valid .Values.ingress.className entry required!" .Values.ingress.className}}
  {{- end }}
  {{- end }}
  {{- if .Values.ingress.tls.enabled }}
  tls:
    - hosts:
        - {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
      secretName: {{ $fullGRPCName }}-tls-secret
  {{- end }}
  rules:
    - host: {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
      http:
        paths:
          - path: /
            {{- if (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
            pathType: Prefix
            {{- end }}
            backend:
              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
              service:
                name: {{ $fullGRPCName }}
                port:
                  number: {{ $grpcSvcPort }}
              {{- else }}
              serviceName: {{ $fullGRPCName }}
              servicePort: {{ $grpcSvcPort }}
              {{- end }}
 {{- end }}
 {{- if eq .Values.ingress.className "traefik" }}
 ---
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRouteTCP
 metadata:
  name: {{ $fullGRPCName }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
 spec:
  entryPoints:
    - websecure
  routes:
  - match: HostSNI(`{{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}`)
    services:
    - name: {{ $fullGRPCName }}
      port: {{ $grpcSvcPort }}
    passthrough: true
    scheme: https
  tls:
    secretName: {{ $fullGRPCName }}-tls-secret
    domains:
    - main: {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
 {{- if and .Values.ingress.tls.enabled (not (eq .Values.ingress.tls.issuerName "" ))}}
 ---
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
  annotations:
    acme.cert-manager.io/http01-override-ingress-name: {{ $fullRESTName }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  name: {{ $fullGRPCName }}-tls-secret
 spec:
  dnsNames:
  - {{ .Values.ingress.hostPrefix.grpc }}{{ .Values.baseDomain }}
  issuerRef:
    group: cert-manager.io
    kind: ClusterIssuer
    name:  {{ .Values.ingress.tls.issuerName }}
  secretName: {{ $fullGRPCName }}-tls-secret
  usages:
  - digital signature
  - key encipherment
 {{- end }}
 {{- end }}
 {{- end }}
--- a/kube/helm/netmaker/templates/netmaker-statefulset.yaml
+++ b/kube/helm/netmaker/templates/netmaker-statefulset.yaml
@@ -1,133 +0,0 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  labels:
    app: {{ include "netmaker.fullname" . }}
  name: {{ include "netmaker.fullname" . }}
 spec:
  replicas: {{ .Values.replicas }}
  serviceName: {{ include "netmaker.fullname" . }}-headless
  selector:
    matchLabels:
      app: {{ include "netmaker.fullname" . }}
  template:
    metadata:
      labels:
        app: {{ include "netmaker.fullname" . }}
    spec:
      {{- if .Values.wireguard.enabled }}
      {{- if .Values.setIpForwarding.enabled }}
      initContainers:
      - name: init-sysctl
        image: busybox
        imagePullPolicy: IfNotPresent
        command: ["sysctl", "-w", "net.ipv4.ip_forward=1"]
        securityContext:
          privileged: true
      {{- end }}
      dnsPolicy: ClusterFirstWithHostNet
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - {{ include "netmaker.fullname" . }}
            topologyKey: "kubernetes.io/hostname"
      {{- end }}
      containers:
      - env:
        - name: SERVER_API_CONN_STRING
          value: api.{{ required "A valid .Values.baseDomain entry required!" .Values.baseDomain}}:443
        - name: SERVER_GRPC_CONN_STRING
          value: grpc.{{ required "A valid .Values.baseDomain entry required!" .Values.baseDomain}}:443
        - name: GRPC_SSL
          value: "on"
        - name: SERVER_HTTP_HOST
          value: api.{{ required "A valid .Values.baseDomain entry required!" .Values.baseDomain}}
        - name: SERVER_GRPC_HOST
          value: grpc.{{ required "A valid .Values.baseDomain entry required!" .Values.baseDomain}}
        - name: API_PORT
          value: "8081"
        {{- if not .Values.wireguard.kernel }}
        - name: WG_QUICK_USERSPACE_IMPLEMENTATION
          value: wireguard-go
        {{- end }}
        - name: GRPC_PORT
          value: "443"
        {{- if .Values.dns.enabled }}
        - name: DNS_MODE
          value: "on"
        - name: COREDNS_ADDR
          value: {{ required "A valid .Values.dns.clusterIP entry required! Choose an IP from your k8s service IP CIDR" .Values.dns.clusterIP }}
        {{- else }}
        - name: DNS_MODE
          value: "off"
        {{- end }}
        {{- if .Values.wireguard.enabled }}
        - name: CLIENT_MODE
          value: "on"
        {{- else }}
        - name: CLIENT_MODE
          value: "off"
        {{- end }}
        - name: MASTER_KEY
          value: {{ include "netmaker.masterKey" . }}
        - name: PLATFORM
          value: Kubernetes
        - name: CORS_ALLOWED_ORIGIN
          value: '*'
        - name: NODE_ID
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.name
        - name: SQL_HOST
          value: '{{ .Release.Name }}-postgresql-ha-pgpool.{{ .Release.Namespace }}.svc.cluster.local'
        - name: SQL_PORT
          value: "5432"
        - name: SQL_DB
          value: {{ index .Values "postgresql-ha" "postgresql" "database" }}
        - name: SQL_USER
          value: {{ index .Values "postgresql-ha" "postgresql" "username" }}
        - name: SQL_PASS
          value: {{ index .Values "postgresql-ha" "postgresql" "password" }}
        - name: DATABASE
          value: postgres
      {{- if or (not .Values.wireguard.enabled) (.Values.wireguard.kernel) }}
        image: gravitl/netmaker:v0.8.4
      {{- else }}
        image: gravitl/netmaker:v0.8.4-userspace
      {{- end }}
        imagePullPolicy: Always
        name: {{ include "netmaker.fullname" . }}
        ports:
        - containerPort: {{ .Values.service.restPort }}
          protocol: TCP
        - containerPort: {{ .Values.service.grpcPort }}
          protocol: TCP
      {{- if .Values.wireguard.enabled }}
        {{ $count := (add .Values.wireguard.networkLimit 1 | int) }}
        {{- range untilStep 1 $count 1 }}
        - containerPort: {{ add 31820 . }}
          protocol: UDP      
        {{- end }}
      {{- end }}
        resources: {}
        {{- if .Values.wireguard.enabled }}
        securityContext:
          capabilities:
            add:
            - NET_ADMIN
        {{- end }}
      {{- if .Values.dns.enabled }}
        volumeMounts:
        - name: {{ include "netmaker.fullname" . }}-dns-pvc
          mountPath: /root/config/dnsconfig
      volumes:
      - name: {{ include "netmaker.fullname" . }}-dns-pvc
        persistentVolumeClaim:
          claimName: {{ include "netmaker.fullname" . }}-dns-pvc
      {{- end }}
--- a/kube/helm/netmaker/templates/netmaker-ui-deployment.yaml
+++ b/kube/helm/netmaker/templates/netmaker-ui-deployment.yaml
@@ -1,25 +0,0 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
    app: {{ include "netmaker.fullname" . }}-ui
  name: {{ include "netmaker.fullname" . }}-ui
 spec:
  replicas: {{ .Values.ui.replicas }}
  selector:
    matchLabels:
      app: {{ include "netmaker.fullname" . }}-ui
  template:
    metadata:
      labels:
        app: {{ include "netmaker.fullname" . }}-ui
    spec:
      containers:
      - name: {{ include "netmaker.fullname" . }}-ui
        image: gravitl/netmaker-ui:v0.8
        ports:
        - containerPort: {{ .Values.service.grpcPort }}
        env:
        - name: BACKEND_URL
          value: 'https://{{ .Values.ingress.hostPrefix.rest }}{{ required "A valid .Values.baseDomain entry required!" .Values.baseDomain}}'
      terminationGracePeriodSeconds: 15
--- a/kube/helm/netmaker/templates/serviceaccount.yaml
+++ b/kube/helm/netmaker/templates/serviceaccount.yaml
@@ -1,12 +0,0 @@
 {{- if .Values.serviceAccount.create -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "netmaker.serviceAccountName" . }}
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  {{- with .Values.serviceAccount.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 {{- end }}
--- a/kube/helm/netmaker/templates/services.yaml
+++ b/kube/helm/netmaker/templates/services.yaml
@@ -1,72 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  name: '{{ include "netmaker.fullname" . }}-ui'
 spec:
  ports:
  - port: {{ .Values.service.uiPort }}
    protocol: TCP
    targetPort: {{ .Values.service.uiPort }}
  selector:
    app: '{{ include "netmaker.fullname" . }}-ui'
  sessionAffinity: None
  type: '{{ .Values.service.type }}'
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  name: '{{ include "netmaker.fullname" . }}-rest'
 spec:
  ports:
  - name: rest
    port: {{ .Values.service.restPort }}
    protocol: TCP
    targetPort: {{ .Values.service.restPort }}
  selector:
    app: '{{ include "netmaker.fullname" . }}'
  sessionAffinity: None
  type: {{ .Values.service.type }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  name: '{{ include "netmaker.fullname" . }}-grpc'
 spec:
  ports:
  - name: rest
    port: {{ .Values.service.grpcPort }}
    protocol: TCP
    targetPort: {{ .Values.service.grpcPort }}
  selector:
    app: '{{ include "netmaker.fullname" . }}'
  sessionAffinity: None
  type: {{ .Values.service.type }}
 {{- if .Values.wireguard.enabled }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  name: '{{ include "netmaker.fullname" . }}-wireguard'
 spec:
  externalTrafficPolicy: Local
  type: NodePort
  ports:
  {{ $count := (add .Values.wireguard.networkLimit 1 | int) }}
  {{- range untilStep 1 $count 1 }}
  - port: {{ add 31820 . }}
    nodePort: {{ add 31820 . }}
    protocol: UDP
    targetPort: {{ add 31820 . }}
    name: wg-iface-{{ add 31820 . }}
  {{- end }}
  selector:
    app: '{{ include "netmaker.fullname" . }}'
 {{- end }}
--- a/kube/helm/netmaker/templates/tests/test-connection.yaml
+++ b/kube/helm/netmaker/templates/tests/test-connection.yaml
@@ -1,15 +0,0 @@
 apiVersion: v1
 kind: Pod
 metadata:
  name: "{{ include "netmaker.fullname" . }}-test-connection"
  labels:
    {{- include "netmaker.labels" . | nindent 4 }}
  annotations:
    "helm.sh/hook": test
 spec:
  containers:
    - name: wget
      image: busybox
      command: ['wget']
      args: ['{{ include "netmaker.fullname" . }}:{{ .Values.service.port }}']
  restartPolicy: Never
--- a/kube/helm/netmaker/values.yaml
+++ b/kube/helm/netmaker/values.yaml
@@ -1,124 +0,0 @@
 # Default values for netmaker.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.
 # -- number of netmaker server replicas to create 
 replicas: 3
 image:
  # -- The image repo to pull Netmaker image from 
  repository: gravitl/netmaker
  # -- Pull Policy for images
  pullPolicy: Always
  # -- Override the image tag to pull 
  tag: "v0.8.4"
 # -- override the name for netmaker objects 
 nameOverride: ""  
 # -- override the full name for netmaker objects 
 fullnameOverride: ""
 serviceAccount:
  # -- Specifies whether a service account should be created
  create: true
  # -- Annotations to add to the service account
  annotations: {}
  # -- Name of SA to use. If not set and create is true, a name is generated using the fullname template
  name: ""
 # -- pod annotations to add
 podAnnotations: {}
 # -- pod security contect to add
 podSecurityContext: {}
  # fsGroup: 2000
 ui:
  # -- how many UI replicas to create
  replicas: 2
 setIpForwarding:
  enabled: true
 service:
  # -- type for netmaker server services
  type: ClusterIP
  # -- port for API service
  restPort: 8081
  # -- port for GRPC service
  grpcPort: 443
  # -- port for UI service
  uiPort: 80
 ingress:
  # -- attempts to configure ingress if true
  enabled: false
  tls:
    enabled: true
    issuerName: "letsencrypt-prod"
  annotations:
    base:
      # -- annotation to generate ACME certs if available
      kubernetes.io/ingress.allow-http: "false"    
    tls:
      # -- use acme cert if available
      kubernetes.io/tls-acme: "true"
    nginx:
      # -- Redirect http to https 
      nginx.ingress.kubernetes.io/ssl-redirect: 'true'
      # -- destination addr for route
      nginx.ingress.kubernetes.io/rewrite-target: /
    traefik:
      # -- Redirect to https
      traefik.ingress.kubernetes.io/redirect-entry-point: https
      # -- Redirect to https permanently
      traefik.ingress.kubernetes.io/redirect-permanent: "true"
      # -- rule type
      traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip"
      # -- enforce https
      traefik.ingress.kubernetes.io/router.entrypoints: websecure
      # -- enforce tls
      traefik.ingress.kubernetes.io/router.tls: "true"
    grpc:
      nginx:
        # -- annotation to use grpc protocol on grpc domain
        nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
      traefik:
        # -- annotation to use grpc protocol on grpc domain
        ingress.kubernetes.io/protocol: "h2c"
  hostPrefix:
    # -- ui route subdomain
    ui: 'dashboard.'
    # -- api (REST) route subdomain
    rest: 'api.'
    # -- grpc route subdomain
    grpc: 'grpc.'
 wireguard:
  # -- whether or not to use WireGuard on server
  enabled: true
  # -- whether or not to use Kernel WG (should be false unless WireGuard is installed on hosts).
  kernel: false
  # -- max number of networks that Netmaker will support if running with WireGuard enabled
  networkLimit: 10
 dns:
  # -- whether or not to run with DNS (CoreDNS)
  enabled: false
  # -- volume size for DNS (only needs to hold one file)
  storageSize: 128Mi
 postgresql-ha:
  postgresql:
    # -- postgres user to generate
    username: netmaker
    # -- postgres pass to generate
    password: netmaker
    # -- postgress db to generate
    database: netmaker
    # -- postgress number of replicas to deploy
    replicaCount: 2
  persistence:
    # -- size of postgres DB
    size: 3Gi
--- a/logic/util.go
+++ b/logic/util.go
@@ -280,6 +280,7 @@ func setPeerInfo(node models.Node) models.Node {
 	peer.IsRelayed = node.IsRelayed
 	peer.PublicKey = node.PublicKey
 	peer.Endpoint = node.Endpoint
 	peer.Name = node.Name
 	peer.LocalAddress = node.LocalAddress
 	peer.ListenPort = node.ListenPort
 	peer.AllowedIPs = node.AllowedIPs
--- a/netclient/command/commands.go
+++ b/netclient/command/commands.go
@@ -192,7 +192,7 @@ func Pull(cfg config.ClientConfig) error {
 }
 func List(cfg config.ClientConfig) error {
-	err := functions.List()
+	err := functions.List(cfg.Network)
 	return err
 }
--- a/netclient/daemon/systemd.go
+++ b/netclient/daemon/systemd.go
@@ -97,6 +97,13 @@ WantedBy=timers.target
 	return nil
 }
 func CleanupLinux() {
 	err := os.RemoveAll(ncutils.GetNetclientPath())
 	if err != nil {
 		ncutils.PrintLog("Removing netclient binary: "+err.Error(), 1)
 	}
 }
 // RemoveSystemDServices - removes the systemd services on a machine
 func RemoveSystemDServices() error {
 	//sysExec, err := exec.LookPath("systemctl")
--- a/netclient/functions/common.go
+++ b/netclient/functions/common.go
@@ -158,6 +158,8 @@ func Uninstall() error {
 		daemon.CleanupWindows()
 	} else if ncutils.IsMac() {
 		daemon.CleanupMac()
 	} else if ncutils.IsLinux() {
 		daemon.CleanupLinux()
 	} else if !ncutils.IsKernel() {
 		ncutils.PrintLog("manual cleanup required", 1)
 	}
@@ -255,32 +257,6 @@ func DeleteInterface(ifacename string, postdown string) error {
 	return err
 }
 // List - lists all networks on local machine
 func List() error {
 	networks, err := ncutils.GetSystemNetworks()
 	if err != nil {
 		return err
 	}
 	for _, network := range networks {
 		cfg, err := config.ReadConfig(network)
 		if err == nil {
 			jsoncfg, _ := json.Marshal(
 				map[string]string{
 					"Name":           cfg.Node.Name,
 					"Interface":      cfg.Node.Interface,
 					"PrivateIPv4":    cfg.Node.Address,
 					"PrivateIPv6":    cfg.Node.Address6,
 					"PublicEndpoint": cfg.Node.Endpoint,
 				})
 			fmt.Println(network + ": " + string(jsoncfg))
 		} else {
 			ncutils.PrintLog(network+": Could not retrieve network configuration.", 1)
 		}
 	}
 	return nil
 }
 // WipeLocal - wipes local instance
 func WipeLocal(network string) error {
 	cfg, err := config.ReadConfig(network)
--- a/netclient/functions/list.go
+++ b/netclient/functions/list.go
@@ -0,0 +1,128 @@
 package functions
 import (
 	"encoding/json"
 	"fmt"
 	nodepb "github.com/gravitl/netmaker/grpc"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/auth"
 	"github.com/gravitl/netmaker/netclient/config"
 	"github.com/gravitl/netmaker/netclient/ncutils"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/metadata"
 )
 type Peer struct {
 	Name           string `json:"name"`
 	Interface      string `json:"interface,omitempty"`
 	PrivateIPv4    string `json:"private_ipv4,omitempty"`
 	PrivateIPv6    string `json:"private_ipv6,omitempty"`
 	PublicEndpoint string `json:"public_endoint,omitempty"`
 }
 type Network struct {
 	Name        string `json:"name"`
 	CurrentNode Peer   `json:"current_node"`
 	Peers       []Peer `json:"peers"`
 }
 func List(network string) error {
 	nets := []Network{}
 	var err error
 	var networks []string
 	if network == "all" {
 		networks, err = ncutils.GetSystemNetworks()
 		if err != nil {
 			return err
 		}
 	} else {
 		networks = append(networks, network)
 	}
 	for _, network := range networks {
 		net, err := getNetwork(network)
 		if err != nil {
 			ncutils.PrintLog(network+": Could not retrieve network configuration.", 1)
 			return err
 		}
 		nets = append(nets, net)
 	}
 	jsoncfg, _ := json.Marshal(struct {
 		Networks []Network `json:"networks"`
 	}{nets})
 	fmt.Println(string(jsoncfg))
 	return nil
 }
 func getNetwork(network string) (Network, error) {
 	cfg, err := config.ReadConfig(network)
 	if err != nil {
 		return Network{}, fmt.Errorf("reading configuration for network %v: %w", network, err)
 	}
 	peers, err := getPeers(network)
 	if err != nil {
 		return Network{}, fmt.Errorf("listing peers for network %v: %w", network, err)
 	}
 	return Network{
 		Name:  network,
 		Peers: peers,
 		CurrentNode: Peer{
 			Name:           cfg.Node.Name,
 			Interface:      cfg.Node.Interface,
 			PrivateIPv4:    cfg.Node.Address,
 			PrivateIPv6:    cfg.Node.Address6,
 			PublicEndpoint: cfg.Node.Endpoint,
 		},
 	}, nil
 }
 func getPeers(network string) ([]Peer, error) {
 	cfg, err := config.ReadConfig(network)
 	if err != nil {
 		return []Peer{}, err
 	}
 	nodecfg := cfg.Node
 	var nodes []models.Node
 	var wcclient nodepb.NodeServiceClient
 	conn, err := grpc.Dial(cfg.Server.GRPCAddress,
 		ncutils.GRPCRequestOpts(cfg.Server.GRPCSSL))
 	if err != nil {
 		return []Peer{}, fmt.Errorf("connecting to %v: %w", cfg.Server.GRPCAddress, err)
 	}
 	defer conn.Close()
 	// Instantiate the BlogServiceClient with our client connection to the server
 	wcclient = nodepb.NewNodeServiceClient(conn)
 	req := &nodepb.Object{
 		Data: nodecfg.MacAddress + "###" + nodecfg.Network,
 		Type: nodepb.STRING_TYPE,
 	}
 	ctx, err := auth.SetJWT(wcclient, network)
 	if err != nil {
 		return []Peer{}, fmt.Errorf("authenticating: %w", err)
 	}
 	var header metadata.MD
 	response, err := wcclient.GetPeers(ctx, req, grpc.Header(&header))
 	if err != nil {
 		return []Peer{}, fmt.Errorf("retrieving peers: %w", err)
 	}
 	if err := json.Unmarshal([]byte(response.GetData()), &nodes); err != nil {
 		return []Peer{}, fmt.Errorf("unmarshaling data for peers: %w", err)
 	}
 	peers := []Peer{}
 	for _, node := range nodes {
 		if node.Name != cfg.Node.Name {
 			peers = append(peers, Peer{Name: fmt.Sprintf("%v.%v", node.Name, network), PrivateIPv4: node.Address, PrivateIPv6: node.Address6})
 		}
 	}
 	return peers, nil
 }
--- a/netclient/main.go
+++ b/netclient/main.go
@@ -26,6 +26,11 @@ func main() {
 	app.Usage = "Netmaker's netclient agent and CLI. Used to perform interactions with Netmaker server and set local WireGuard config."
 	app.Version = "v0.8.4"
 	hostname, err := os.Hostname()
 	if err != nil {
 		hostname = ""
 	}
 	cliFlags := []cli.Flag{
 		&cli.StringFlag{
 			Name:    "network",
@@ -91,7 +96,7 @@ func main() {
 		&cli.StringFlag{
 			Name:    "name",
 			EnvVars: []string{"NETCLIENT_NAME"},
-			Value:   "",
+			Value:   hostname,
 			Usage:   "Identifiable name for machine within Netmaker network.",
 		},
 		&cli.StringFlag{