extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2024-11-07 08:44:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
c65a5acab9
netbird/management/server/file_store.go

445 lines
12 KiB
Go
Raw Normal View History

Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
package server
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
import (
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
"github.com/netbirdio/netbird/management/server/status"
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
"github.com/rs/xid"
Introduce locking on the account level (#548)
2022-11-07 17:52:23 +01:00
log "github.com/sirupsen/logrus"
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
"os"
"path/filepath"
"strings"
"sync"
Introduce locking on the account level (#548)
2022-11-07 17:52:23 +01:00
"time"
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
Rename module to netbirdio/netbird (#288) rename the go module to netbirdio/netbird as part of our rebranding.
2022-03-26 12:08:54 +01:00
"github.com/netbirdio/netbird/util"
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
)
// storeFileName Store file name. Stored in the datadir
const storeFileName = "store.json"
docs: minor FilesStore corrections
2021-07-18 21:00:32 +02:00
// FileStore represents an account storage backed by a file persisted to disk
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
type FileStore struct {
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
Accounts map[string]*Account
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
SetupKeyID2AccountID map[string]string `json:"-"`
PeerKeyID2AccountID map[string]string `json:"-"`
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
PeerID2AccountID map[string]string `json:"-"`
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
UserID2AccountID map[string]string `json:"-"`
PrivateDomain2AccountID map[string]string `json:"-"`
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
InstallationID string
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
// mutex to synchronise Store read/write operations
mux sync.Mutex `json:"-"`
storeFile string `json:"-"`
Introduce locking on the account level (#548)
2022-11-07 17:52:23 +01:00
// sync.Mutex indexed by accountID
accountLocks sync.Map `json:"-"`
globalAccountLock sync.Mutex `json:"-"`
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
}
Feat peer groups (#304) * feat(management): add groups * squash * feat(management): add handlers for groups * feat(management): add handlers for groups * chore(management): add tests for the get group of the management * chore(management): add tests for save group
2022-05-03 16:02:51 +02:00
type StoredAccount struct{}
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
// NewFileStore restores a store from the file located in the datadir
func NewFileStore(dataDir string) (*FileStore, error) {
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
return restore(filepath.Join(dataDir, storeFileName))
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// restore the state of the store from the file.
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
// Creates a new empty store file if doesn't exist
func restore(file string) (*FileStore, error) {
if _, err := os.Stat(file); os.IsNotExist(err) {
// create a new FileStore if previously didn't exist (e.g. first run)
s := &FileStore{
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
Accounts: make(map[string]*Account),
mux: sync.Mutex{},
Introduce locking on the account level (#548)
2022-11-07 17:52:23 +01:00
globalAccountLock: sync.Mutex{},
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
SetupKeyID2AccountID: make(map[string]string),
PeerKeyID2AccountID: make(map[string]string),
UserID2AccountID: make(map[string]string),
PrivateDomain2AccountID: make(map[string]string),
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
PeerID2AccountID: make(map[string]string),
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
storeFile: file,
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
}
err = s.persist(file)
if err != nil {
return nil, err
}
return s, nil
}
read, err := util.ReadJson(file, &FileStore{})
if err != nil {
return nil, err
}
store := read.(*FileStore)
store.storeFile = file
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.SetupKeyID2AccountID = make(map[string]string)
store.PeerKeyID2AccountID = make(map[string]string)
store.UserID2AccountID = make(map[string]string)
store.PrivateDomain2AccountID = make(map[string]string)
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
store.PeerID2AccountID = make(map[string]string)
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
for accountID, account := range store.Accounts {
Add peer login expiration (#682) This PR adds a peer login expiration logic that requires peers created by a user to re-authenticate (re-login) after a certain threshold of time (24h by default). The Account object now has a PeerLoginExpiration property that indicates the duration after which a peer's login will expire and a login will be required. Defaults to 24h. There are two new properties added to the Peer object: LastLogin that indicates the last time peer successfully used the Login gRPC endpoint and LoginExpirationEnabled that enables/disables peer login expiration. The login expiration logic applies only to peers that were created by a user and not those that were added with a setup key.
2023-02-13 12:21:02 +01:00
Add account settings (#686) Add account settings with a global peer expiration flag and duration
2023-02-13 15:07:15 +01:00
if account.Settings == nil {
account.Settings = &Settings{
PeerLoginExpirationEnabled: false,
PeerLoginExpiration: DefaultPeerLoginExpiration,
}
Add peer login expiration (#682) This PR adds a peer login expiration logic that requires peers created by a user to re-authenticate (re-login) after a certain threshold of time (24h by default). The Account object now has a PeerLoginExpiration property that indicates the duration after which a peer's login will expire and a login will be required. Defaults to 24h. There are two new properties added to the Peer object: LastLogin that indicates the last time peer successfully used the Login gRPC endpoint and LoginExpirationEnabled that enables/disables peer login expiration. The login expiration logic applies only to peers that were created by a user and not those that were added with a setup key.
2023-02-13 12:21:02 +01:00
}
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
for setupKeyId := range account.SetupKeys {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.SetupKeyID2AccountID[strings.ToUpper(setupKeyId)] = accountID
Add rules for ACL (#306) Add rules HTTP endpoint for frontend - CRUD operations. Add Default rule - allow all. Send network map to peers based on rules.
2022-05-21 15:21:39 +02:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
for _, peer := range account.Peers {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.PeerKeyID2AccountID[peer.Key] = accountID
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
store.PeerID2AccountID[peer.ID] = accountID
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// reset all peers to status = Disconnected
if peer.Status != nil && peer.Status.Connected {
peer.Status.Connected = false
}
Extend Management to support peer changes distribution (#55) * feature: add peer sync and a server public key endpoints * test: add Management.Sync() gRpc endpoint test * feat: implement peer sync * docs: added some comments to the Management server * chore: use for loop over channel when monitoring peer updates * fix: exit infinite loop when sending updates to peers * test: add multiple concurrent peers test for management service * chore: remove unused test * fix: reduce the amount peers for a concurrent peer update test Co-authored-by: braginini <m.bragin@wiretrustee.com>
2021-07-22 10:28:00 +02:00
}
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
for _, user := range account.Users {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.UserID2AccountID[user.Id] = accountID
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
}
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
for _, user := range account.Users {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.UserID2AccountID[user.Id] = accountID
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
Add rules for ACL (#306) Add rules HTTP endpoint for frontend - CRUD operations. Add Default rule - allow all. Send network map to peers based on rules.
2022-05-21 15:21:39 +02:00
if account.Domain != "" && account.DomainCategory == PrivateCategory &&
account.IsDomainPrimaryAccount {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
store.PrivateDomain2AccountID[account.Domain] = accountID
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
}
Move dns label generation to store (#552)
2022-11-08 10:31:34 +01:00
// for data migration. Can be removed once most base will be with labels
existingLabels := account.getPeerDNSLabels()
if len(existingLabels) != len(account.Peers) {
addPeerLabelsToAccount(account, existingLabels)
}
Add network routes distribution groups (#606) Updated tests, API, and account manager methods Sync routes to peers in the distribution groups Added store upgrade by adding the All group to routes that don't have them
2022-12-06 10:11:57 +01:00
allGroup, err := account.GetGroupAll()
if err != nil {
log.Errorf("unable to find the All group, this should happen only when migrate from a version that didn't support groups. Error: %v", err)
// if the All group didn't exist we probably don't have routes to update
continue
}
for _, route := range account.Routes {
if len(route.Groups) == 0 {
route.Groups = []string{allGroup.ID}
}
}
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
// migration to Peer.ID from Peer.Key.
// Old peers that require migration have an empty Peer.ID in the store.json.
// Generate new ID with xid for these peers.
// Set the Peer.ID to the newly generated value.
// Replace all the mentions of Peer.Key as ID (groups and routes).
// Swap Peer.Key with Peer.ID in the Account.Peers map.
migrationPeers := make(map[string]*Peer) // key to Peer
for key, peer := range account.Peers {
if peer.ID != "" {
continue
}
id := xid.New().String()
peer.ID = id
migrationPeers[key] = peer
}
if len(migrationPeers) > 0 {
// swap Peer.Key with Peer.ID in the Account.Peers map.
for key, peer := range migrationPeers {
delete(account.Peers, key)
account.Peers[peer.ID] = peer
store.PeerID2AccountID[peer.ID] = accountID
}
// detect groups that have Peer.Key as a reference and replace it with ID.
for _, group := range account.Groups {
for i, peer := range group.Peers {
if p, ok := migrationPeers[peer]; ok {
group.Peers[i] = p.ID
}
}
}
// detect routes that have Peer.Key as a reference and replace it with ID.
for _, route := range account.Routes {
if peer, ok := migrationPeers[route.Peer]; ok {
route.Peer = peer.ID
}
}
}
Extend Management to support peer changes distribution (#55) * feature: add peer sync and a server public key endpoints * test: add Management.Sync() gRpc endpoint test * feat: implement peer sync * docs: added some comments to the Management server * chore: use for loop over channel when monitoring peer updates * fix: exit infinite loop when sending updates to peers * test: add multiple concurrent peers test for management service * chore: remove unused test * fix: reduce the amount peers for a concurrent peer update test Co-authored-by: braginini <m.bragin@wiretrustee.com>
2021-07-22 10:28:00 +02:00
}
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// we need this persist to apply changes we made to account.Peers (we set them to Disconnected)
err = store.persist(store.storeFile)
Extend peer http endpoint (#94) * feature: add peer GET and DELETE API methods * refactor: extract peer business logic to a separate file * refactor: extract peer business logic to a separate file * feature: add peer update HTTP endpoint * chore: fill peer new fields * merge with main * refactor: HTTP methods according to standards * chore: setup keys POST endpoint without ID
2021-08-23 21:43:05 +02:00
if err != nil {
return nil, err
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
return store, nil
Extend peer http endpoint (#94) * feature: add peer GET and DELETE API methods * refactor: extract peer business logic to a separate file * refactor: extract peer business logic to a separate file * feature: add peer update HTTP endpoint * chore: fill peer new fields * merge with main * refactor: HTTP methods according to standards * chore: setup keys POST endpoint without ID
2021-08-23 21:43:05 +02:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// persist account data to a file
// It is recommended to call it with locking FileStore.mux
func (s *FileStore) persist(file string) error {
return util.WriteJson(file, s)
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
}
Introduce locking on the account level (#548)
2022-11-07 17:52:23 +01:00
// AcquireGlobalLock acquires global lock across all the accounts and returns a function that releases the lock
func (s *FileStore) AcquireGlobalLock() (unlock func()) {
log.Debugf("acquiring global lock")
start := time.Now()
s.globalAccountLock.Lock()
unlock = func() {
s.globalAccountLock.Unlock()
log.Debugf("released global lock in %v", time.Since(start))
}
return unlock
}
// AcquireAccountLock acquires account lock and returns a function that releases the lock
func (s *FileStore) AcquireAccountLock(accountID string) (unlock func()) {
log.Debugf("acquiring lock for account %s", accountID)
start := time.Now()
value, _ := s.accountLocks.LoadOrStore(accountID, &sync.Mutex{})
mtx := value.(*sync.Mutex)
mtx.Lock()
unlock = func() {
mtx.Unlock()
log.Debugf("released lock for account %s in %v", accountID, time.Since(start))
}
return unlock
}
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
func (s *FileStore) SaveAccount(account *Account) error {
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
s.mux.Lock()
defer s.mux.Unlock()
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
accountCopy := account.Copy()
s.Accounts[accountCopy.Id] = accountCopy
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
// todo check that account.Id and keyId are not exist already
// because if keyId exists for other accounts this can be bad
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
for keyID := range accountCopy.SetupKeys {
s.SetupKeyID2AccountID[strings.ToUpper(keyID)] = accountCopy.Id
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
}
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
// enforce peer to account index and delete peer to route indexes for rebuild
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
for _, peer := range accountCopy.Peers {
s.PeerKeyID2AccountID[peer.Key] = accountCopy.Id
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
s.PeerID2AccountID[peer.ID] = accountCopy.Id
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
for _, user := range accountCopy.Users {
s.UserID2AccountID[user.Id] = accountCopy.Id
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
if accountCopy.DomainCategory == PrivateCategory && accountCopy.IsDomainPrimaryAccount {
s.PrivateDomain2AccountID[accountCopy.Domain] = accountCopy.Id
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
}
Feat peer groups (#304) * feat(management): add groups * squash * feat(management): add handlers for groups * feat(management): add handlers for groups * chore(management): add tests for the get group of the management * chore(management): add tests for save group
2022-05-03 16:02:51 +02:00
return s.persist(s.storeFile)
Improve addition of new peers in Management service. (#56) * Store refactoring * Improve addition of new peers in Management service.
2021-07-18 20:51:09 +02:00
}
Extend Management to support peer changes distribution (#55) * feature: add peer sync and a server public key endpoints * test: add Management.Sync() gRpc endpoint test * feat: implement peer sync * docs: added some comments to the Management server * chore: use for loop over channel when monitoring peer updates * fix: exit infinite loop when sending updates to peers * test: add multiple concurrent peers test for management service * chore: remove unused test * fix: reduce the amount peers for a concurrent peer update test Co-authored-by: braginini <m.bragin@wiretrustee.com>
2021-07-22 10:28:00 +02:00
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
// GetAccountByPrivateDomain returns account by private domain
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
func (s *FileStore) GetAccountByPrivateDomain(domain string) (*Account, error) {
Always lock the store when getting an account (#551)
2022-11-07 19:09:22 +01:00
s.mux.Lock()
defer s.mux.Unlock()
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
accountID, accountIDFound := s.PrivateDomain2AccountID[strings.ToLower(domain)]
if !accountIDFound {
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
return nil, status.Errorf(status.NotFound, "account not found: provided domain is not registered or is not private")
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
return account.Copy(), nil
Group users of same private domain (#243) * Added Domain Category field and fix store tests * Add GetAccountByDomain method * Add Domain Category to authorization claims * Initial GetAccountWithAuthorizationClaims test cases * Renamed Private Domain map and index it on saving account * New Go build tags * Added NewRegularUser function * Updated restore to account for primary domain account Also, added another test case * Added grouping user of private domains Also added auxiliary methods for update metadata and domain attributes * Update http handles get account method and tests * Fix lint and document another case * Removed unnecessary log * Move use cases to method and add flow comments * Split the new user and existing logic from GetAccountWithAuthorizationClaims * Review: minor corrections Co-authored-by: braginini <bangvalo@gmail.com>
2022-03-01 15:22:18 +01:00
}
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
// GetAccountBySetupKey returns account by setup key id
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
func (s *FileStore) GetAccountBySetupKey(setupKey string) (*Account, error) {
Always lock the store when getting an account (#551)
2022-11-07 19:09:22 +01:00
s.mux.Lock()
defer s.mux.Unlock()
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
accountID, accountIDFound := s.SetupKeyID2AccountID[strings.ToUpper(setupKey)]
if !accountIDFound {
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
return nil, status.Errorf(status.NotFound, "account not found: provided setup key doesn't exists")
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
return account.Copy(), nil
Delete peer (#114) * feature: add peer deletion * feature: add peer deletion [CLIENT] * fix: lint error * test: fix sync block * test: fix management test * feature: add client stop after was deleted * chore: remove permission denied cancellation * chore: add larger signal backoff * feature: notify deleted peer of removal * fix: lint issue * chore: add 2nd default key - one off * test: fix account key check
2021-09-07 18:36:46 +02:00
}
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
// GetAllAccounts returns all accounts
Add rules for ACL (#306) Add rules HTTP endpoint for frontend - CRUD operations. Add Default rule - allow all. Send network map to peers based on rules.
2022-05-21 15:21:39 +02:00
func (s *FileStore) GetAllAccounts() (all []*Account) {
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
s.mux.Lock()
defer s.mux.Unlock()
Add rules for ACL (#306) Add rules HTTP endpoint for frontend - CRUD operations. Add Default rule - allow all. Send network map to peers based on rules.
2022-05-21 15:21:39 +02:00
for _, a := range s.Accounts {
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
all = append(all, a.Copy())
Add rules for ACL (#306) Add rules HTTP endpoint for frontend - CRUD operations. Add Default rule - allow all. Send network map to peers based on rules.
2022-05-21 15:21:39 +02:00
}
return all
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
// getAccount returns a reference to the Account. Should not return a copy.
Always lock the store when getting an account (#551)
2022-11-07 19:09:22 +01:00
func (s *FileStore) getAccount(accountID string) (*Account, error) {
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
account, accountFound := s.Accounts[accountID]
Extend Management to support peer changes distribution (#55) * feature: add peer sync and a server public key endpoints * test: add Management.Sync() gRpc endpoint test * feat: implement peer sync * docs: added some comments to the Management server * chore: use for loop over channel when monitoring peer updates * fix: exit infinite loop when sending updates to peers * test: add multiple concurrent peers test for management service * chore: remove unused test * fix: reduce the amount peers for a concurrent peer update test Co-authored-by: braginini <m.bragin@wiretrustee.com>
2021-07-22 10:28:00 +02:00
if !accountFound {
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
return nil, status.Errorf(status.NotFound, "account not found")
Extend Management to support peer changes distribution (#55) * feature: add peer sync and a server public key endpoints * test: add Management.Sync() gRpc endpoint test * feat: implement peer sync * docs: added some comments to the Management server * chore: use for loop over channel when monitoring peer updates * fix: exit infinite loop when sending updates to peers * test: add multiple concurrent peers test for management service * chore: remove unused test * fix: reduce the amount peers for a concurrent peer update test Co-authored-by: braginini <m.bragin@wiretrustee.com>
2021-07-22 10:28:00 +02:00
}
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
return account, nil
Peer configuration management (#69) * feature: add config properties to the SyncResponse of the management gRpc service * fix: lint errors * chore: modify management protocol according to the review notes * fix: management proto fields sequence * feature: add proper peer configuration to be synced * chore: minor changes * feature: finalize peer config management * fix: lint errors * feature: add management server config file * refactor: extract hosts-config to a separate file * refactor: review notes applied to correct file_store usage * refactor: extract management service configuration to a file * refactor: simplify management config
2021-07-30 17:46:38 +02:00
}
Always lock the store when getting an account (#551)
2022-11-07 19:09:22 +01:00
// GetAccount returns an account for ID
func (s *FileStore) GetAccount(accountID string) (*Account, error) {
s.mux.Lock()
defer s.mux.Unlock()
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
return account.Copy(), nil
Always lock the store when getting an account (#551)
2022-11-07 19:09:22 +01:00
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// GetAccountByUser returns a user account
func (s *FileStore) GetAccountByUser(userID string) (*Account, error) {
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
s.mux.Lock()
defer s.mux.Unlock()
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
accountID, accountIDFound := s.UserID2AccountID[userID]
if !accountIDFound {
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
return nil, status.Errorf(status.NotFound, "account not found")
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
return account.Copy(), nil
Refactor: support multiple users under the same account (#170) * feature: add User entity to Account * test: new file store creation test * test: add FileStore persist-restore tests * test: add GetOrCreateAccountByUser Accountmanager test * refactor: rename account manager users file * refactor: use userId instead of accountId when handling Management HTTP API * fix: new account creation for every request * fix: golint * chore: add account creator to Account Entity to identify who created the account. * chore: use xid ID generator for account IDs * fix: test failures * test: check that CreatedBy is stored when account is stored * chore: add account copy method * test: remove test for non existent GetOrCreateAccount func * chore: add accounts conversion function * fix: golint * refactor: simplify admin user creation * refactor: move migration script to a separate package
2021-12-27 13:17:15 +01:00
}
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
// GetAccountByPeerID returns an account for a given peer ID
func (s *FileStore) GetAccountByPeerID(peerID string) (*Account, error) {
s.mux.Lock()
defer s.mux.Unlock()
accountID, accountIDFound := s.PeerID2AccountID[peerID]
if !accountIDFound {
return nil, status.Errorf(status.NotFound, "provided peer ID doesn't exists %s", peerID)
}
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
Remove stale peer indices when getting peer by key after removing (#711) When we delete a peer from an account, we save the account in the file store. The file store maintains peerID -> accountID and peerKey -> accountID indices. Those can't be updated when we delete a peer because the store saves the whole account without a peer already and has no access to the removed peer. In this PR, we dynamically check if there are stale indices when GetAccountByPeerPubKey and GetAccountByPeerID.
2023-03-01 12:11:32 +01:00
// this protection is needed because when we delete a peer, we don't really remove index peerID -> accountID.
// check Account.Peers for a match
if _, ok := account.Peers[peerID]; !ok {
delete(s.PeerID2AccountID, peerID)
log.Warnf("removed stale peerID %s to accountID %s index", peerID, accountID)
return nil, status.Errorf(status.NotFound, "provided peer doesn't exists %s", peerID)
}
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
return account.Copy(), nil
}
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
// GetAccountByPeerPubKey returns an account for a given peer WireGuard public key
func (s *FileStore) GetAccountByPeerPubKey(peerKey string) (*Account, error) {
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
s.mux.Lock()
defer s.mux.Unlock()
Simplified Store Interface (#545) This PR simplifies Store and FileStore by keeping just the Get and Save account methods. The AccountManager operates mostly around a single account, so it makes sense to fetch the whole account object from the store.
2022-11-07 12:10:56 +01:00
accountID, accountIDFound := s.PeerKeyID2AccountID[peerKey]
if !accountIDFound {
Replace gRPC errors in business logic with internal ones (#558)
2022-11-11 20:36:45 +01:00
return nil, status.Errorf(status.NotFound, "provided peer key doesn't exists %s", peerKey)
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
account, err := s.getAccount(accountID)
if err != nil {
return nil, err
}
Remove stale peer indices when getting peer by key after removing (#711) When we delete a peer from an account, we save the account in the file store. The file store maintains peerID -> accountID and peerKey -> accountID indices. Those can't be updated when we delete a peer because the store saves the whole account without a peer already and has no access to the removed peer. In this PR, we dynamically check if there are stale indices when GetAccountByPeerPubKey and GetAccountByPeerID.
2023-03-01 12:11:32 +01:00
// this protection is needed because when we delete a peer, we don't really remove index peerKey -> accountID.
// check Account.Peers for a match
stale := true
for _, peer := range account.Peers {
if peer.Key == peerKey {
stale = false
break
}
}
if stale {
delete(s.PeerKeyID2AccountID, peerKey)
log.Warnf("removed stale peerKey %s to accountID %s index", peerKey, accountID)
return nil, status.Errorf(status.NotFound, "provided peer doesn't exists %s", peerKey)
}
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
return account.Copy(), nil
Add routing support to management service (#424) Management will receive and store routes that are associated with a peer ID. The routes are distributed to peers according to their ACLs.
2022-08-18 18:22:15 +02:00
}
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
// GetInstallationID returns the installation ID from the store
func (s *FileStore) GetInstallationID() string {
return s.InstallationID
}
// SaveInstallationID saves the installation ID
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
func (s *FileStore) SaveInstallationID(ID string) error {
s.mux.Lock()
defer s.mux.Unlock()
s.InstallationID = ID
return s.persist(s.storeFile)
}
// SavePeerStatus stores the PeerStatus in memory. It doesn't attempt to persist data to speed up things.
// PeerStatus will be saved eventually when some other changes occur.
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
func (s *FileStore) SavePeerStatus(accountID, peerID string, peerStatus PeerStatus) error {
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
s.mux.Lock()
defer s.mux.Unlock()
account, err := s.getAccount(accountID)
if err != nil {
return err
}
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
peer := account.Peers[peerID]
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
if peer == nil {
Use Peer.ID instead of Peer.Key as peer identifier (#664) Replace Peer.Key as internal identifier with a randomly generated Peer.ID in the Management service. Every group now references peers by ID instead of a public key. Every route now references peers by ID instead of a public key. FileStore does store.json file migration on startup by generating Peer.ID and replacing all Peer.Key identifier references .
2023-02-03 10:33:28 +01:00
return status.Errorf(status.NotFound, "peer %s not found", peerID)
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
}
peer.Status = &peerStatus
return nil
}
// Close the FileStore persisting data to disk
func (s *FileStore) Close() error {
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
s.mux.Lock()
defer s.mux.Unlock()
Save Peer Status separately in the FileStore (#554) Due to peer reconnects when restarting the Management service, there are lots of SaveStore operations to update peer status. Store.SavePeerStatus stores peer status separately and the FileStore implementation stores it in memory.
2022-11-08 10:46:12 +01:00
log.Infof("closing FileStore")
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env
2022-10-16 13:33:46 +02:00
return s.persist(s.storeFile)
}
Reference in New Issue Copy Permalink