netbird

mirror of https://github.com/netbirdio/netbird.git synced 2025-03-10 04:38:21 +01:00

Author	SHA1	Message	Date
Maycon Santos	da3a053e2b	[management] Refactor getAccountIDWithAuthorizationClaims (#2715 ) This change restructures the getAccountIDWithAuthorizationClaims method to improve readability, maintainability, and performance. - have dedicated methods to handle possible cases - introduced Store.UpdateAccountDomainAttributes and Store.GetAccountUsers methods - Remove GetAccount and SaveAccount dependency - added tests	2024-10-12 08:35:51 +02:00
Zoltan Papp	0e95f16cdd	[relay,client] Relay/fix/wg roaming (#2691 ) If a peer connection switches from Relayed to ICE P2P, the Relayed proxy still consumes the data the other peer sends. Because the proxy is operating, the WireGuard switches back to the Relayed proxy automatically, thanks to the roaming feature. Extend the Proxy implementation with pause/resume functions. Before switching to the p2p connection, pause the WireGuard proxy operation to prevent unnecessary package sources. Consider waiting some milliseconds after the pause to be sure the WireGuard engine already processed all UDP msg in from the pipe.	2024-10-11 16:24:30 +02:00
pascal-fischer	b2379175fe	[signal] new signal dispatcher version (#2722 )	2024-10-10 16:23:46 +02:00
Viktor Liu	09bdd271f1	[client] Improve route acl (#2705 ) - Update nftables library to v0.2.0 - Mark traffic that was originally destined for local and applies the input rules in the forward chain if said traffic was redirected (e.g. by Docker) - Add nft rules to internal map only if flush was successful - Improve error message if handle is 0 (= not found or hasn't been refreshed) - Add debug logging when route rules are added - Replace nftables userdata (rule ID) with a rule hash	2024-10-10 15:54:34 +02:00
Misha Bragin	208a2b7169	Add billing user role (#2714 )	2024-10-10 14:14:56 +02:00
pascal-fischer	8284ae959c	[management] Move testdata to sql files (#2693 )	2024-10-10 12:35:03 +02:00
Maycon Santos	6ce09bca16	Add support to envsub go management configurations (#2708 ) This change allows users to reference environment variables using Go template format, like {{ .EnvName }} Moved the previous file test code to file_suite_test.go.	2024-10-09 20:46:23 +02:00
pascal-fischer	b79c1d64cc	[management] Make max open db conns configurable (#2713 )	2024-10-09 20:17:25 +02:00
Misha Bragin	b1eda43f4b	Add Link to the Lawrence Systems video (#2711 )	2024-10-09 14:56:25 +02:00
pascal-fischer	d4ef84fe6e	[management] Propagate error in store errors (#2709 )	2024-10-09 14:33:58 +02:00
Viktor Liu	44e8107383	[client] Limit P2P attempts and restart on specific events (#2657 )	2024-10-08 11:21:11 +02:00
Bethuel Mmbaga	2c1f5e46d5	[management] Validate peer ownership during login (#2704 ) * check peer ownership in login Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * update error message Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-07 19:06:26 +03:00
pascal-fischer	dbec24b520	[management] Remove admin check on getAccountByID (#2699 )	2024-10-06 17:01:13 +02:00
Carlos Hernandez	f603cd9202	[client] Check wginterface instead of engine ctx (#2676 ) Moving code to ensure wgInterface is gone right after context is cancelled/stop in the off chance that on next retry the backoff operation is permanently cancelled and interface is abandoned without destroying.	2024-10-04 19:15:16 +02:00
Bethuel Mmbaga	5897a48e29	fix wrong reference (#2695 ) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-04 18:55:25 +03:00
Bethuel Mmbaga	8bf729c7b4	[management] Add AccountExists to AccountManager (#2694 ) * Add AccountExists method to account manager interface Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * remove unused code Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-04 18:09:40 +03:00
Bethuel Mmbaga	7f09b39769	[management] Refactor User JWT group sync (#2690 ) * Refactor GetAccountIDByUserOrAccountID Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * sync user jwt group changes Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * propagate jwt group changes to peers Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix no jwt groups synced Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests and lint Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Move the account peer update outside the transaction Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * move updateUserPeersInGroups to account manager Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * move event store outside of transaction Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * get user with update lock Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Run jwt sync in transaction Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-04 17:17:01 +03:00
pascal-fischer	158936fb15	[management] Remove file store (#2689 )	2024-10-03 15:50:35 +02:00
Maycon Santos	8934453b30	Update management base docker image (#2687 )	2024-10-02 19:29:51 +03:00
Zoltan Papp	fd67892cb4	[client] Refactor/iface pkg (#2646 ) Refactor the flat code structure	2024-10-02 18:24:22 +02:00
pascal-fischer	7e5d3bdfe2	[signal] Move dummy signal message handling into dispatcher (#2686 )	2024-10-02 15:33:38 +02:00
Maycon Santos	b7b0828133	[client] Adjust relay worker log level and message (#2683 )	2024-10-02 15:14:09 +02:00
Bethuel Mmbaga	ff7863785f	[management, client] Add access control support to network routes (#2100 )	2024-10-02 13:41:00 +02:00
Maycon Santos	a3a479429e	Use the pkgs to get the latest version (#2682 ) * Use the pkgs to get the latest version * disable fail fast	2024-10-02 11:48:42 +02:00
Maycon Santos	5932298ce0	Add log setting to Caddy container (#2684 ) This avoids full disk on busy systems	2024-10-02 11:48:09 +02:00
bcmmbaga	0297b5f142	wip: refactoring Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-02 11:56:47 +03:00
Zoltan Papp	ee0ea86a0a	[relay-client] Fix Relay disconnection handling (#2680 ) * Fix Relay disconnection handling If has an active P2P connection meanwhile the Relay connection broken with the server then we removed the WireGuard peer configuration. * Change logs	2024-10-01 16:22:18 +02:00
bcmmbaga	78e238646c	refactor groups methods Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 16:32:31 +03:00
Simen	24c0aaa745	Install sh alpine fixes (#2678 ) * Made changes to the peer install script that makes it work on alpine linux without changes * fix small oversight with doas fix * use try catch approach when curling binaries	2024-10-01 13:32:58 +02:00
bcmmbaga	f9ed25f8b1	wip refactor peer methods Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 01:07:48 +03:00
bcmmbaga	f43a006c34	Fix posture check name uniqueness per account Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 01:06:52 +03:00
bcmmbaga	1a37b12d1b	refactor user PAT Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 00:55:32 +03:00
bcmmbaga	d36d30dec4	refactor name server groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 00:54:53 +03:00
bcmmbaga	43eb7261e3	refactor account and dns settings Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-01 00:54:28 +03:00
pascal-fischer	16179db599	[management] Propagate metrics (#2667 )	2024-09-30 22:18:10 +02:00
Maycon Santos	e27f85b317	Update docker creds (#2677 )	2024-09-30 20:07:21 +02:00
Gianluca Boiano	2fd60b2cb4	Specify goreleaser version and update to 2 (#2673 )	2024-09-30 16:43:34 +02:00
bcmmbaga	9e47c94a7f	refactor setup keys Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-30 14:02:55 +03:00
Zoltan Papp	3dca6099d4	Fix ebpf close function (#2672 )	2024-09-30 10:34:57 +02:00
pascal-fischer	cfbcf507fb	propagate meter (#2668 )	2024-09-29 20:23:34 +02:00
pascal-fischer	52ae693c9e	[signal] add context to signal-dispatcher (#2662 )	2024-09-29 00:22:47 +02:00
bcmmbaga	edf67672ad	fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-27 22:31:26 +03:00
adasauce	58ff7ab797	[management] improve zitadel idp error response detail by decoding errors (#2634 ) * [management] improve zitadel idp error response detail by decoding errors * [management] extend readZitadelError to be used for requestJWTToken more generically parse the error returned by zitadel. * fix lint --------- Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-27 22:21:34 +03:00
bcmmbaga	bc520412ba	Merge branch 'main' into refactor/get-account-usage # Conflicts: # management/server/file_store.go # management/server/http/posture_checks_handler.go # management/server/mock_server/account_mock.go # management/server/policy.go # management/server/sql_store.go # management/server/store.go	2024-09-27 20:27:05 +03:00
Bethuel Mmbaga	acb73bd64a	[management] Remove redundant get account calls in GetAccountFromToken (#2615 ) * refactor access control middleware and user access by JWT groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor jwt groups extractor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor handlers to get account when necessary Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountFromToken Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountWithAuthorizationClaims Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * revert handles change Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * remove GetUserByID from account manager Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountWithAuthorizationClaims to return account id Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor handlers to use GetAccountIDFromToken Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * remove locks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add GetGroupByName from store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add GetGroupByID from store and refactor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor retrieval of policy and posture checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor user permissions and retrieves PAT Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor route, setupkey, nameserver and dns to get record(s) from store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix lint Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix add missing policy source posture checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add store lock Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add get account Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-27 17:10:50 +03:00
bcmmbaga	d87fe0257b	Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage	2024-09-26 19:48:17 +03:00
bcmmbaga	b1b2b0adf0	fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-26 19:47:43 +03:00
bcmmbaga	96f18c2c8c	fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-26 19:46:37 +03:00
bcmmbaga	73be8c8a32	fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-09-26 19:00:59 +03:00
bcmmbaga	f61c914fd7	Merge branch 'refactor-get-account-by-token' into refactor/get-account-usage # Conflicts: # management/server/file_store.go	2024-09-26 18:51:47 +03:00

1 2 3 4 5 ...

1745 Commits