mirror of
https://github.com/netbirdio/netbird.git
synced 2024-11-23 00:23:36 +01:00
11982d6dde
* Add client's interaction with management service * Getting updates * Fixed key and nil ptr * Added setupKey param * Added managment address parameter * Fixed test * feature: use RemotePeers from the management server instead of deprecated Peers * merge: merge changes from main
131 lines
4.2 KiB
Go
131 lines
4.2 KiB
Go
package cmd
|
|
|
|
import (
|
|
"os"
|
|
"strings"
|
|
|
|
ice "github.com/pion/ice/v2"
|
|
log "github.com/sirupsen/logrus"
|
|
"github.com/spf13/cobra"
|
|
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
|
|
)
|
|
|
|
var (
|
|
wgKey string
|
|
wgInterface string
|
|
wgLocalAddr string
|
|
signalAddr string
|
|
managementAddr string
|
|
stunURLs string
|
|
turnURLs string
|
|
|
|
initCmd = &cobra.Command{
|
|
Use: "init",
|
|
Short: "init wiretrustee",
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
InitLog(logLevel)
|
|
|
|
if _, err := os.Stat(configPath); !os.IsNotExist(err) {
|
|
log.Warnf("config already exists under path %s", configPath)
|
|
os.Exit(ExitSetupFailed)
|
|
}
|
|
|
|
if wgKey == "" {
|
|
wgKey = generateKey()
|
|
log.Warnf("there was no Wireguard private key specified, a new Wireguard key has been generated")
|
|
}
|
|
|
|
parsedKey, err := wgtypes.ParseKey(wgKey)
|
|
if err != nil {
|
|
log.Errorf("invalid Wireguard private key %s", wgKey)
|
|
os.Exit(ExitSetupFailed)
|
|
}
|
|
|
|
log.Infof("my public Wireguard key is %s", parsedKey.PublicKey().String())
|
|
|
|
var stunTurnURLs []*ice.URL
|
|
stuns := strings.Split(stunURLs, ",")
|
|
for _, url := range stuns {
|
|
|
|
parsedURL, err := ice.ParseURL(url)
|
|
if err != nil {
|
|
log.Errorf("failed parsing STUN URL %s: %s", url, err.Error())
|
|
os.Exit(ExitSetupFailed)
|
|
}
|
|
stunTurnURLs = append(stunTurnURLs, parsedURL)
|
|
}
|
|
|
|
turns := strings.Split(turnURLs, ",")
|
|
for _, url := range turns {
|
|
|
|
var urlToParse string
|
|
var user string
|
|
var pwd string
|
|
//extract user:password from user:password@proto:host:port
|
|
urlSplit := strings.Split(url, "@")
|
|
if len(urlSplit) == 2 {
|
|
urlToParse = urlSplit[1]
|
|
credential := strings.Split(urlSplit[0], ":")
|
|
user = credential[0]
|
|
pwd = credential[1]
|
|
} else {
|
|
urlToParse = url
|
|
}
|
|
|
|
parsedURL, err := ice.ParseURL(urlToParse)
|
|
if err != nil {
|
|
log.Errorf("failed parsing TURN URL %s: %s", url, err.Error())
|
|
os.Exit(ExitSetupFailed)
|
|
}
|
|
parsedURL.Username = user
|
|
parsedURL.Password = pwd
|
|
stunTurnURLs = append(stunTurnURLs, parsedURL)
|
|
}
|
|
|
|
config := &Config{
|
|
PrivateKey: wgKey,
|
|
Peers: nil,
|
|
StunTurnURLs: stunTurnURLs,
|
|
SignalAddr: signalAddr,
|
|
ManagementAddr: managementAddr,
|
|
WgAddr: wgLocalAddr,
|
|
WgIface: wgInterface,
|
|
}
|
|
|
|
err = config.Write(configPath)
|
|
if err != nil {
|
|
log.Errorf("failed writing config to %s: %s", config, err.Error())
|
|
os.Exit(ExitSetupFailed)
|
|
}
|
|
|
|
log.Infof("a new config has been generated and written to %s", configPath)
|
|
},
|
|
}
|
|
)
|
|
|
|
func init() {
|
|
initCmd.PersistentFlags().StringVar(&wgKey, "wgKey", "", "Wireguard private key, if not specified a new one will be generated")
|
|
initCmd.PersistentFlags().StringVar(&wgInterface, "wgInterface", "wiretrustee0", "Wireguard interface name, e.g. wiretreustee0 or wg0")
|
|
initCmd.PersistentFlags().StringVar(&wgLocalAddr, "wgLocalAddr", "", "Wireguard local address, e.g. 10.30.30.1/24")
|
|
initCmd.PersistentFlags().StringVar(&signalAddr, "signalAddr", "", "Signal server address, e.g. signal.wiretrustee.com:10000")
|
|
initCmd.PersistentFlags().StringVar(&managementAddr, "managementAddr", "", "Management server address, e.g. management.wiretrustee.com:10000")
|
|
initCmd.PersistentFlags().StringVar(&stunURLs, "stunURLs", "", "Comma separated STUN server URLs: protocol:host:port, e.g. stun:stun.l.google.com:19302,stun:stun1.l.google.com:19302")
|
|
//todo user:password@protocol:host:port not the best way to pass TURN credentials, do it according to https://tools.ietf.org/html/rfc7065 E.g. use oauth
|
|
initCmd.PersistentFlags().StringVar(&turnURLs, "turnURLs", "", "Comma separated TURN server URLs: user:password@protocol:host:port, e.g. user:password@turn:stun.wiretrustee.com:3468")
|
|
//initCmd.MarkPersistentFlagRequired("configPath")
|
|
initCmd.MarkPersistentFlagRequired("wgLocalAddr") //nolint
|
|
initCmd.MarkPersistentFlagRequired("signalAddr") //nolint
|
|
initCmd.MarkPersistentFlagRequired("managementAddr") //nolint
|
|
initCmd.MarkPersistentFlagRequired("stunURLs") //nolint
|
|
initCmd.MarkPersistentFlagRequired("turnURLs") //nolint
|
|
}
|
|
|
|
// generateKey generates a new Wireguard private key
|
|
func generateKey() string {
|
|
key, err := wgtypes.GenerateKey()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return key.String()
|
|
}
|