* add additional mutex lock on node acls func
* increase verbosity
* disable acls on cloud emqx
* add emqx creds creation to go routine
* add debug log of mq client id
* comment port check
* uncomment port check
* check for connection mq connection open
* use username for client id
* add write mutex on acl is allowed
* add mq connection lost handler on server
* spin off zombie init as go routine
* get whole api path from config
* Revert "get whole api path from config"
This reverts commit 392f5f4c5f.
* update extclient acls async
* add additional mutex lock on node acls func
(cherry picked from commit 5325f0e7d7)
* increase verbosity
(cherry picked from commit 705b3cf0bf)
* add emqx creds creation to go routine
(cherry picked from commit c8e65f4820)
* add debug log of mq client id
(cherry picked from commit 29c5d6ceca)
* comment port check
(cherry picked from commit db8d6d95ea)
* check for connection mq connection open
(cherry picked from commit 13b11033b0)
* use username for client id
(cherry picked from commit e90c7386de)
* add write mutex on acl is allowed
(cherry picked from commit 4cae1b0bb4)
* add mq connection lost handler on server
(cherry picked from commit c82918ad35)
* spin off zombie init as go routine
(cherry picked from commit 6d65c44c43)
* update extclient acls async
(cherry picked from commit 6557ef1ebe)
* additionl logs for oauth user flow
(cherry picked from commit 61703038ae)
* add more debug logs
(cherry picked from commit 5980beacd1)
* add more debug logs
(cherry picked from commit 4d001f0d27)
* add set auth secret
(cherry picked from commit f41cef5da5)
* fix fetch pass
(cherry picked from commit 825caf4b60)
* make sure auth secret is set only once
(cherry picked from commit ba33ed02aa)
* make sure auth secret is set only once
(cherry picked from commit 920ac4c507)
* comment usage of emqx acls
* replace read lock with write lock on acls
* replace read lock with write lock on acls
(cherry picked from commit 808d2135c8)
* use deadlock pkg for visibility
* add additional mutex locks
* remove race flag
* on mq re-connecting donot exit if failed
* on mq re-connecting donot exit if failed
* revert mutex package change
* set mq clean session
* remove debug log
* go mod tidy
* revert on prem emqx acls del
* internet gws apis
* add validate check for inet request
* add default gw changes to peer update
* update json tag
* add OS checks for inet gws
* add set defaul gw pro func
* allow disable and enable inet gw
* add inet handlers to pro
* add fields to api node
* add inet allowed ips
* add default gw to pull
* unset node inet details on deletion
* unset internet gw on network nodes
* unset inet gw fix
* unset inet gw fix
* send default gw ip
* fix inet node endpoint
* add default gw endpoint ip to pull resp
* validate after unset gws
* add inet client peer allowedips to inet node
* validate after unset gws
* fix allowed ips for inet peer and gw node
* fix allowed ips for inet peer and gw node
* fix allowed ips for inet peer and gw node
* fix allowed ips for inet peer and gw node
* fix inet gw and relayed conflict
* fix inet gw and relayed conflict
* fix update req
* fix update inet gw api
* when inet gw is peer ignore other allowedIps
* test relay
* revert test relay
* revert inet peer update changes
* channel internet traffic of relayed node to relay's inetgw
* channel internet traffic of relayed node to relay's inetgw
* channel internet traffic of relayed node to relay's inetgw
* add check for relayed node
* add inet info to peer update
* add inet info to peer update
* fix update node to persist inet info
* fix go tests
* egress ranges with inet gw fix
* egress ranges with inet gw fix
* disallow node acting using inet gw to act as inet gw
* add check to validate inet gw
* fix typos
* add firewall check
* set inetgw on ingress req on community
* set inetgw to false on community on ingress del
* deprecate setting etc host dns entries, set coredns entries at neccessary places
* remove dns mq topics
* only set dns when set on
* add extcleints dns entries to coredns
* fix static checks
* run coredns with host network mode
* add bind address to coredns container
* add internet gateway to client gateway
* migration func to remove internet egress range from egress gateway
* add internet gateways ranges to firewall update
* add internet gw ranges to extcleint conf
* add ipv6 internet address
* remove failover field from ingress req
* only let normal to be created on PRO (#2716)
* feat(NET-805): send internet gw props to rac
* set inet gw field on node update api
* move internet gws to EE
---------
Co-authored-by: the_aceix <aceixsmartx@gmail.com>
* remove client gw from user when deleted
* clear extclient of a user if deleted
* check if ingress gw on user gws
* debug log
* log change
* pr comments
* NET-600
* Ext clients dns now properly set from ingress dns value provided that the individual ext client dns are not present.
* NET-468 & NET-600
* When individual extclient dns is changed or removed, it reflects on the UI properly and also gets updated on backend.
* add superadmin role, apis to create superadmin user
* apis to attach and remove user from remote access gateways
* add api to list user's remote client has gateway clients
* remove code related user groups
* remove networks and groups from user model
* refactor user CRUD operations
* fix network permission test
* add superadmin to authorize func
* remove user network and groups from cli
* api to transfer superadmin role
* add api to list users on a ingress gw
* restrict user access to resources on server
* deny request from remote access client if extclient is already created
* fix user tests
* fix static checks
* fix static checks
* add limits to extclient create handler
* set username to superadmin on if masterkey is used
* allow creation of extclients using masterkey
* add migration func to assign superadmin role for existing admin user
* check for superadmin on migration if users are present
* allowe masterkey to extcleint apis
* check ownerid
* format error, on jwt token verification failure return unauthorized rather than forbidden
* user update fix
* move user remote functionality to ee
* fix update user api
* security patch
* initalise ee user handlers
* allow user to use master key to update any user
* use slog
* fix auth user test
* table headers
* remove user role, it's covered in middleware
* setuser defaults fix
* IoT peer updates remove flag is now only triggering on relay deletion. Not triggering on extclients deletion anymore.
* Small typo fix on publish dns update for new extclient function name.
* Rename var
* Rename consts and use iota
* Use switch instead of repeated else if
* Rename limits related vars
* Introduce new free tier limits
* Measure new limits and report on license validation
* Separate usage and limits, have new ones
* Don't check for hosts and clients limits, but for machines instead
* Error on egress creation @ free tier w/ internet gateways
* Remove clients and hosts limit from code
* Rename var
* Rename consts and use iota
* Use switch instead of repeated else if
* Rename limits related vars
* Introduce new free tier limits
* Measure new limits and report on license validation
* Separate usage and limits, have new ones
* Don't check for hosts and clients limits, but for machines instead
* Error on egress creation @ free tier w/ internet gateways
* Remove clients and hosts limit from code
* NET-509
* External client config files with IPv6 endpoints now have the [] separating the address and port.
* NET-515
* Increased network name max length to 32
* NET-509-515
* Updated unit test for network name max length check.
* Updated extclient endpoint ip string manipulation to use sprintf
* Added proper error message for network name length more than max allowed.
* NET-515 small typo fix for error strings should not be capitalized
* remove related fields and code
* remover metrics collection from server code
* fw update struct
* add ext client flag to metrics data
* simply nat types
* rm proxy update from cli
* model changes
* additional fields for extclient create
* add DNS to extclient config
* extclient name checks
* update extclient
* nmctl extclient
* final tweaks
* review comments
* add extclientdns to node on ingress creation
* fix to add ingress dns to api (#2296)
---------
Co-authored-by: Aceix <aceixsmartX@gmail.com>
