6d985c5991
go mod tidy
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 23:54:52 +03:00
ce7de03d6e
use generic differ for netip.Addr and netip.Prefix
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 23:49:41 +03:00
9ee08fc441
fix nameserver tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 17:04:20 +03:00
271bed5f73
upgrade diff package
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 17:01:40 +03:00
2a751645f9
fix group tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 17:00:29 +03:00
d4edde90c2
fix routes tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-09 13:52:43 +03:00
5cc07ba42a
fix nameserver tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 19:39:12 +03:00
70f1c394c1
fix typo
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 17:15:06 +03:00
c74a13e1a9
fix account and route tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 17:11:50 +03:00
1ed44b810c
fix user and setup key tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 16:51:00 +03:00
41acacfba5
add posture checks tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 15:50:13 +03:00
fc7157f82f
add policy tests
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-08 11:59:03 +03:00
63c510e80d
fix merge
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-06 20:34:50 +03:00
716009b791
Merge branch 'feature/optimize-network-map-updates' into feature/validate-group-association
...
# Conflicts:
# management/server/account.go
# management/server/peer.go
# management/server/peer_test.go
# management/server/policy.go
# management/server/route.go
# management/server/route_test.go
2024-10-04 10:46:41 +03:00
a915707d13
fix merge
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-10-03 14:12:53 +03:00
5108888163
Merge branch 'main' into feature/optimize-network-map-updates
...
# Conflicts:
# management/server/account_test.go
# management/server/peer.go
2024-10-03 14:10:46 +03:00
8934453b30
Update management base docker image ( #2687 )
2024-10-02 19:29:51 +03:00
fd67892cb4
[client] Refactor/iface pkg ( #2646 )
...
Refactor the flat code structure
2024-10-02 18:24:22 +02:00
7e5d3bdfe2
[signal] Move dummy signal message handling into dispatcher ( #2686 )
2024-10-02 15:33:38 +02:00
b7b0828133
[client] Adjust relay worker log level and message ( #2683 )
2024-10-02 15:14:09 +02:00
ff7863785f
[management, client] Add access control support to network routes ( #2100 )
2024-10-02 13:41:00 +02:00
a3a479429e
Use the pkgs to get the latest version ( #2682 )
...
* Use the pkgs to get the latest version
* disable fail fast
2024-10-02 11:48:42 +02:00
5932298ce0
Add log setting to Caddy container ( #2684 )
...
This avoids full disk on busy systems
2024-10-02 11:48:09 +02:00
ee0ea86a0a
[relay-client] Fix Relay disconnection handling ( #2680 )
...
* Fix Relay disconnection handling
If has an active P2P connection meanwhile the Relay connection broken with the server then we removed the WireGuard peer configuration.
* Change logs
2024-10-01 16:22:18 +02:00
24c0aaa745
Install sh alpine fixes ( #2678 )
...
* Made changes to the peer install script that makes it work on alpine linux without changes
* fix small oversight with doas fix
* use try catch approach when curling binaries
2024-10-01 13:32:58 +02:00
16179db599
[management] Propagate metrics ( #2667 )
2024-09-30 22:18:10 +02:00
e27f85b317
Update docker creds ( #2677 )
2024-09-30 20:07:21 +02:00
2fd60b2cb4
Specify goreleaser version and update to 2 ( #2673 )
2024-09-30 16:43:34 +02:00
3dca6099d4
Fix ebpf close function ( #2672 )
2024-09-30 10:34:57 +02:00
cfbcf507fb
propagate meter ( #2668 )
2024-09-29 20:23:34 +02:00
52ae693c9e
[signal] add context to signal-dispatcher ( #2662 )
2024-09-29 00:22:47 +02:00
58ff7ab797
[management] improve zitadel idp error response detail by decoding errors ( #2634 )
...
* [management] improve zitadel idp error response detail by decoding errors
* [management] extend readZitadelError to be used for requestJWTToken
more generically parse the error returned by zitadel.
* fix lint
---------
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-09-27 22:21:34 +03:00
acb73bd64a
[management] Remove redundant get account calls in GetAccountFromToken ( #2615 )
...
* refactor access control middleware and user access by JWT groups
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor jwt groups extractor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor handlers to get account when necessary
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor getAccountFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor getAccountWithAuthorizationClaims
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix merge
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* revert handles change
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* remove GetUserByID from account manager
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor getAccountWithAuthorizationClaims to return account id
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor handlers to use GetAccountIDFromToken
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* remove locks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add GetGroupByName from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add GetGroupByID from store and refactor
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Refactor retrieval of policy and posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Refactor user permissions and retrieves PAT
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Refactor route, setupkey, nameserver and dns to get record(s) from store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Refactor store
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix lint
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix add missing policy source posture checks
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add store lock
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add get account
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-09-27 17:10:50 +03:00
4ebf6e1c4c
[client] Close the remote conn in proxy ( #2626 )
...
Port the conn close call to eBPF proxy
2024-09-25 18:50:10 +02:00
1e4a0f77e2
Add get DB method to store ( #2650 )
2024-09-25 18:22:27 +02:00
b51d75204b
[client] Anonymize relay address in status peers view ( #2640 )
2024-09-24 20:58:18 +02:00
e7d52c8c95
[client] Fix error count formatting ( #2641 )
2024-09-24 20:57:56 +02:00
ab82302c95
[client] Remove usage of custom dialer for localhost ( #2639 )
...
* Downgrade error log level for network monitor warnings
* Do not use custom dialer for localhost
2024-09-24 12:29:15 +02:00
d47be154ea
[misc] Fix ip range posture check example ( #2628 )
2024-09-23 10:02:03 +02:00
35c892aea3
[management] Restrict accessible peers to user-owned peers for non-admins ( #2618 )
...
* Restrict accessible peers to user-owned peers for non-admin users
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add service user test
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* reuse account from token
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* return error when peer not found
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-09-20 12:36:58 +03:00
fc4b37f7bc
Exit from processConnResults after all tries ( #2621 )
...
* Exit from processConnResults after all tries
If all server is unavailable then the server picker never return
because we never close the result channel.
Count the number of the results and exit when we reached the
expected size
2024-09-19 13:49:28 +02:00
6f0fd1d1b3
- Increase queue size and drop the overflowed messages ( #2617 )
...
- Explicit close the net.Conn in user space wgProxy when close the wgProxy
- Add extra logs
2024-09-19 13:49:09 +02:00
28cbb4b70f
[client] Cancel the context of wg watcher when the go routine exit ( #2612 )
2024-09-17 12:10:17 +02:00
1104c9c048
[client] Fix race condition while read/write conn status in peer conn ( #2607 )
2024-09-17 11:15:14 +02:00
5bc601111d
[relay] Add health check attempt threshold ( #2609 )
...
* Add health check attempt threshold for receiver
* Add health check attempt threshold for sender
2024-09-17 10:04:17 +02:00
b74951f29e
[client] Enforce permissions on Win ( #2568 )
...
Enforce folder permission on Windows, giving only administrators and system access to the NetBird folder.
2024-09-16 22:42:37 +02:00
97e10e440c
Fix leaked server connections ( #2596 )
...
Fix leaked server connections
close unused connections in the client lib
close deprecated connection in the server lib
The Server Picker is reusable in the guard if we want in the future. So we can support the server address changes.
---------
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com >
* Add logging
---------
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com >
2024-09-16 16:11:10 +02:00
6c50b0c84b
[management] Add transaction to addPeer ( #2469 )
...
This PR removes the GetAccount and SaveAccount operations from the AddPeer and instead makes use of gorm.Transaction to add the new peer.
2024-09-16 15:47:03 +02:00
730dd1733e
[signal] Fix signal active peers metrics ( #2591 )
2024-09-15 16:46:55 +02:00
82739e2832
[management] fix legacy decrypting of empty values ( #2595 )
...
* allow legacy decrypting on empty values
* validate source size and padding limits
* added tests
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com >
2024-09-15 16:22:46 +02:00
