scaffolding to support 'vpn' backend mode

bin/generate_rest.sh

@@ -9,10 +9,12 @@ command -v swagger >/dev/null 2>&1 || {
 
 command -v openapi >/dev/null 2>&1 || {
   echo >&2 "command 'openapi' not installed. see: https://www.npmjs.com/package/openapi-client for installation"
+  exit 1
 }
 
 command -v swagger-codegen 2>&1 || {
   echo >&2 "command 'swagger-codegen. see: https://github.com/swagger-api/swagger-codegen for installation"
+  exit 1
 }
 
 scriptPath=$(realpath $0)

controller/store/sql/postgresql/020_v0_4_28_backend_mode_socks.sql

@@ -0,0 +1,3 @@
+-- +migrate Up
+
+alter type backend_mode add value 'vpn';

controller/store/sql/sqlite3/020_v0_4_28_backend_mode_socks.sql

@@ -0,0 +1,71 @@
+-- +migrate Up
+
+alter table shares rename to shares_old;
+create table shares (
+    id                        integer             primary key,
+    environment_id            integer             constraint fk_environments_shares references environments on delete cascade,
+    z_id                      string              not null unique,
+    token                     string              not null,
+    share_mode                string              not null,
+    backend_mode              string              not null,
+    frontend_selection        string,
+    frontend_endpoint         string,
+    backend_proxy_endpoint    string,
+    reserved                  boolean             not null default(false),
+    created_at                datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at                datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    deleted                   boolean             not null default(false),
+    permission_mode           string              not null default('open'),
+
+    constraint chk_z_id check (z_id <> ''),
+    constraint chk_token check (token <> ''),
+    constraint chk_share_mode check (share_mode == 'public' or share_mode == 'private'),
+    constraint chk_backend_mode check (backend_mode == 'proxy' or backend_mode == 'web' or backend_mode == 'tcpTunnel' or backend_mode == 'udpTunnel' or backend_mode == 'caddy' or backend_mode == 'drive' or backend_mode == 'socks' or backend_mode == 'vpn')
+);
+insert into shares select * from shares_old;
+drop index shares_token_idx;
+create unique index shares_token_idx ON shares(token) WHERE deleted is false;
+
+alter table frontends rename to frontends_old;
+create table frontends (
+    id                    integer             primary key,
+    environment_id        integer             references environments(id),
+    token                 varchar(32)         not null unique,
+    z_id                  varchar(32)         not null,
+    public_name           varchar(64)         unique,
+    url_template          varchar(1024),
+    reserved              boolean             not null default(false),
+    created_at            datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at            datetime            not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    deleted               boolean             not null default(false),
+    private_share_id      integer             references shares(id)
+);
+insert into frontends select * from frontends_old;
+drop table frontends_old;
+
+alter table share_limit_journal rename to share_limit_journal_old;
+create table share_limit_journal (
+    id                  integer                 primary key,
+    share_id            integer                 references shares(id),
+    rx_bytes            bigint                  not null,
+    tx_bytes            bigint                  not null,
+    action              limit_action_type       not null,
+    created_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now'))
+);
+insert into share_limit_journal select * from share_limit_journal_old;
+drop table share_limit_journal_old;
+
+alter table access_grants rename to access_grants_old;
+create table access_grants (
+    id                  integer                 primary key,
+    share_id            integer                 references shares(id),
+    account_id          integer                 references accounts(id),
+    created_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    updated_at          datetime                not null default(strftime('%Y-%m-%d %H:%M:%f', 'now')),
+    deleted             boolean                 not null default(false)
+);
+insert into access_grants select * from access_grants_old;
+drop table access_grants_old;
+
+drop table shares_old;

rest_model_zrok/share_request.go

@@ -31,7 +31,7 @@ type ShareRequest struct {
 	AuthUsers []*AuthUser `json:"authUsers"`
 
 	// backend mode
-	// Enum: [proxy web tcpTunnel udpTunnel caddy drive socks]
+	// Enum: [proxy web tcpTunnel udpTunnel caddy drive socks vpn]
 	BackendMode string `json:"backendMode,omitempty"`
 
 	// backend proxy endpoint
@@ -128,7 +128,7 @@ var shareRequestTypeBackendModePropEnum []interface{}
 
 func init() {
 	var res []string
-	if err := json.Unmarshal([]byte(`["proxy","web","tcpTunnel","udpTunnel","caddy","drive","socks"]`), &res); err != nil {
+	if err := json.Unmarshal([]byte(`["proxy","web","tcpTunnel","udpTunnel","caddy","drive","socks","vpn"]`), &res); err != nil {
 		panic(err)
 	}
 	for _, v := range res {
@@ -158,6 +158,9 @@ const (
 
 	// ShareRequestBackendModeSocks captures enum value "socks"
 	ShareRequestBackendModeSocks string = "socks"
+
+	// ShareRequestBackendModeVpn captures enum value "vpn"
+	ShareRequestBackendModeVpn string = "vpn"
 )
 
 // prop value enum

rest_server_zrok/embedded_spec.go

@@ -1589,7 +1589,8 @@ func init() {
             "udpTunnel",
             "caddy",
             "drive",
-            "socks"
+            "socks",
+            "vpn"
           ]
         },
         "backendProxyEndpoint": {
@@ -3344,7 +3345,8 @@ func init() {
             "udpTunnel",
             "caddy",
             "drive",
-            "socks"
+            "socks",
+            "vpn"
           ]
         },
         "backendProxyEndpoint": {

sdk/golang/sdk/model.go

@@ -11,6 +11,8 @@ const (
 	UdpTunnelBackendMode BackendMode = "udpTunnel"
 	CaddyBackendMode     BackendMode = "caddy"
 	DriveBackendMode     BackendMode = "drive"
+	SocksBackendMode     BackendMode = "socks"
+	VpnBackendMode       BackendMode = "vpn"
 )
 
 type ShareMode string

sdk/python/sdk/zrok/zrok/model.py

@@ -7,6 +7,9 @@ WEB_BACKEND_MODE: BackendMode = "web"
 TCP_TUNNEL_BACKEND_MODE: BackendMode = "tcpTunnel"
 UDP_TUNNEL_BACKEND_MODE: BackendMode = "udpTunnel"
 CADDY_BACKEND_MODE: BackendMode = "caddy"
+DRIVE_BACKEND_MODE: BackendMode = "drive"
+SOCKS_BACKEND_MODE: BackendMode = "socks"
+VPN_BACKEND_MODE: BackendMode = "vpn"
 
 ShareMode = str
 

sdk/python/sdk/zrok/zrok_api/models/share_request.py

@@ -194,7 +194,7 @@ class ShareRequest(object):
         :param backend_mode: The backend_mode of this ShareRequest.  # noqa: E501
         :type: str
         """
-        allowed_values = ["proxy", "web", "tcpTunnel", "udpTunnel", "caddy", "drive", "socks"]  # noqa: E501
+        allowed_values = ["proxy", "web", "tcpTunnel", "udpTunnel", "caddy", "drive", "socks", "vpn"]  # noqa: E501
         if backend_mode not in allowed_values:
             raise ValueError(
                 "Invalid value for `backend_mode` ({0}), must be one of {1}"  # noqa: E501

specs/zrok.yml

@@ -1039,7 +1039,7 @@ definitions:
           type: string
       backendMode:
         type: string
-        enum: ["proxy", "web", "tcpTunnel", "udpTunnel", "caddy", "drive", "socks"]
+        enum: ["proxy", "web", "tcpTunnel", "udpTunnel", "caddy", "drive", "socks", "vpn"]
       backendProxyEndpoint:
         type: string
       authScheme: