forked from extern/smegmesh
Advertising routes into the mesh
This commit is contained in:
parent
4c6bbcffcd
commit
5757d81a81
21
cert/cacert.pem
Normal file
21
cert/cacert.pem
Normal file
@ -0,0 +1,21 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDazCCAlOgAwIBAgIUDRIRI8UnHU2a4znsun0gxFwlrFQwDQYJKoZIhvcNAQEL
|
||||
BQAwRTELMAkGA1UEBhMCR0IxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
|
||||
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzEwMjcxNTIzMDZaFw0yNDEw
|
||||
MjYxNTIzMDZaMEUxCzAJBgNVBAYTAkdCMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
|
||||
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
|
||||
AQUAA4IBDwAwggEKAoIBAQDJ5hOmzilimA/zM5hYP7CQf4iRmICtSbVLgt6/rTDP
|
||||
p3JsGGQWZ4pZNofzGnGa7aEMoXS2Ztl7GzZbr1p4+rd6MBbVt8XZ/hP+X4zasCXi
|
||||
/YubG0TYyBuAt+JrcYb0cbsTBkMXXnFcNIXDfeYFsNq+pfyJwq2ElMUUZ6SQmVhH
|
||||
ovn1Wk9Fv4t2GJMhmUcObrSIoYdgo4Vf9CfQnn0PCaRf+RjspY/Kz33oyqDI6xJx
|
||||
I0rfJR7f9B6ZKosfAkt4oTTfT9P8w/d1I95oBENhDkalgkdJCuNJ/AwKGxZrYf/P
|
||||
aefcc91HheauObjBYPFrSn6bUj3LMJEfj4IeBK+fOZCfAgMBAAGjUzBRMB0GA1Ud
|
||||
DgQWBBSpcF7jtpd9n73VM3xhPmI1GMEkFjAfBgNVHSMEGDAWgBSpcF7jtpd9n73V
|
||||
M3xhPmI1GMEkFjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCK
|
||||
GplAveP9nVo9zmg+/mkDpyVoo5rp64oJh4DFtm6X+EI31FmH6Cb71Kn2ZzXhQvSq
|
||||
qrP7+VoGeBDxk4guJtAs/fhnuDupJG2SjsctjiFnDbSrJjWJjGhC0kuL0wcjLU5G
|
||||
qUpCEJu13GkDlYHKKw0z+oLUOw+OHmvE5/sD23sKl2KxBWKItx0hwSCkGtm0RQld
|
||||
8mfjOsHqJ2V/FOcHK6X2DSV1728PAhu4l/PRSB0drBA+7kdeCuWIRZw5RA/OyxvU
|
||||
CuC5dfUh75MrK7KL6sZsXklsoXo8BZp4rRRUt/v1D3r/SMBJPULSGXh6QDjXQX1D
|
||||
km71c3DEDyKznHTpGxPt
|
||||
-----END CERTIFICATE-----
|
28
cert/caprivate.pem
Normal file
28
cert/caprivate.pem
Normal file
@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJ5hOmzilimA/z
|
||||
M5hYP7CQf4iRmICtSbVLgt6/rTDPp3JsGGQWZ4pZNofzGnGa7aEMoXS2Ztl7GzZb
|
||||
r1p4+rd6MBbVt8XZ/hP+X4zasCXi/YubG0TYyBuAt+JrcYb0cbsTBkMXXnFcNIXD
|
||||
feYFsNq+pfyJwq2ElMUUZ6SQmVhHovn1Wk9Fv4t2GJMhmUcObrSIoYdgo4Vf9CfQ
|
||||
nn0PCaRf+RjspY/Kz33oyqDI6xJxI0rfJR7f9B6ZKosfAkt4oTTfT9P8w/d1I95o
|
||||
BENhDkalgkdJCuNJ/AwKGxZrYf/Paefcc91HheauObjBYPFrSn6bUj3LMJEfj4Ie
|
||||
BK+fOZCfAgMBAAECggEADqAjoUxC9Dj2wtPkf9QRSs5qSr3E6Iiz4OX4k+MMa6aC
|
||||
I/F6YqMagw7vtz0dqK75ISybA1GdBI16mRaxU5056FiOdunqo7mDokQytG7ZN8HN
|
||||
OK23hYqtb1wiw0zEjXWlqyGjf5BgXuERJZG7tYLTvcbRbftTzYxnYGyHn8/z9LBp
|
||||
GsTJ5X8XMLM5+bTvg1Ovv5s0q31FCeqAuw+auHH4pBNP+ylV6dF5XOWq4HO3TJ2b
|
||||
grHxWB94JZChZnDC/K+HxQ6aHJfbZ5XCoXfIaIVkoXfnyPzgjvgK+/IpHEF8f/3I
|
||||
uT/NBiArTpRl29pX5flEO4R121VaW93eM1tuzL32VQKBgQD6Trctx9SYuhzgfiO7
|
||||
kdefvR43Kl9SFyEw3hN3HW1cxSNGCCFotjmdem+QdtMBtUd27UJ9tuiKJC0lcCER
|
||||
t3WRz4kVd/cb0eC1DPzpGHA81o1rUUR3nMr1o7aBfvQ06VAxFUrFAOPpF8nD7tI4
|
||||
0CiOh7/sL1ElThA3bOPUpXkYHQKBgQDOfYbP8dppIkC8pRTnHWe0qUY0G4YXxg7r
|
||||
UtTo4GYOLJeKH/MKoK8MjBDS5VN5n5TAHJ8yUVzhpWXZIPIGzNEhIRDMa56sRPgI
|
||||
9mLJNs5z/ZIxd/7ZQbDHrD4T3PKeTjzVUtjXrhLowokPlPB/RMQL6ZT+qMao+3bS
|
||||
fDITSfLG6wKBgBpbcZSDh1JxvpqxDagxqkfqzSS39IObZeZUbC5NzfdH1vgH4SS6
|
||||
k4SOoPLQYFW8tgLC5w5/1Sq+tnZLwV+xNtMczG2TTVUDm6rU7EjLRv5RBWE4lIIX
|
||||
45NMIuqt6J8ttkEE4fOurVEdLSTRoBdVa//eMYp4TQ4lkzWS5Ma+ierNAoGAYO3z
|
||||
1rFFQYzerq8ffM4E3H2JgvRYodhLMJQVdavAvG6aRDBzOk3rXgxx6U3VPYZ3oSbO
|
||||
ZCRlYVbu1FnuwtpqYQ7Qf+UU+vD1Ld/ax3F+wFwLwET/0KRRg6mLCm/xQ/ad/9WA
|
||||
DN6d6b1H8ZSMwHFbRexEELbRaomAYZYDO6K+4DkCgYEAv5De85hPnWtAvKhPzwQi
|
||||
9mtyWo/cfQgtwL8IKNu6hBHl5RXDpPgX/+pNbXLJfBPwVR3H62x1CMYJDkWVuE6/
|
||||
ZjtF7FSucZMz/mR6r1GhSOXy3YLwQ6JLPjjKzvnEjahGlKwALJNL0O2ZucjsZxHE
|
||||
PM4rmhRZT9opiapiltEhRm0=
|
||||
-----END PRIVATE KEY-----
|
@ -1,21 +1,19 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDazCCAlOgAwIBAgIUT6VZnyJjB25my9JrUt/qfdX+J8QwDQYJKoZIhvcNAQEL
|
||||
BQAwRTELMAkGA1UEBhMCVUsxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
|
||||
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzEwMDExNDM5MjFaFw0zMzA5
|
||||
MjgxNDM5MjFaMEUxCzAJBgNVBAYTAlVLMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
|
||||
HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
|
||||
AQUAA4IBDwAwggEKAoIBAQCVrc2ZbkM+ICgr9M9AahLijQOmbqhH03PtqUOprMuX
|
||||
KGzKiG8v6VWCzdqrDMJTBe24/Ph9KUda8J63ra+uEfPXfTgox/NkbMVkd4qz5vIW
|
||||
a6Q22g3RU2W8LpSczlcAdEvWBKxakWVnPvi1Sw/gj9Yn//HZxOvANeaTzr+wWNJa
|
||||
VpTTXBPnvkpDY5GkfkSVkt1cZqCntZQAx85xBW1Bth860d0lZPibJBBtdtX3QO7r
|
||||
PxeOgARB97J964M2DDvScaLiTH5+qQFzj/bS06Km+7s2rmA9ilPK/GlZb6Wc8f3Q
|
||||
NdanZwF/odoLKFkW4cj0dG3vrRqJGKSO1tTk6OGrQfBTAgMBAAGjUzBRMB0GA1Ud
|
||||
DgQWBBRLjaTwD74slcrdH0AWwqnCIBzDvzAfBgNVHSMEGDAWgBRLjaTwD74slcrd
|
||||
H0AWwqnCIBzDvzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCQ
|
||||
50dhW6+cdzv6vfTrhe5ABOlJ288cxrOnpqKZLK0kWgtXTBXuJdIMqKO7f1dNGGAF
|
||||
fbhcIoo8YsTVYAHvK0e0nUvKKTj5Jq39YXX4jSmLZMhV9RCxHiuzn3a0Szly2FRG
|
||||
oLhmz+ib0WmROmspLD+T500toayGi3gfoWALo/LtOSYqUI9JNlFXPEyOfg1dkKfE
|
||||
op/8Nx4DY73mHtp25dKL3mG1FAa0MQQvDnYTv5BNMRiG2k3N4AL2nORR60PXZV+S
|
||||
oW9vF+bDWo++GJjmTVgbJPX3joH2B4mg97f4L9i4KqXW38hSB890iyp02j7vXM8Y
|
||||
vT7vM2Qae3Y48SeOdZIX
|
||||
MIIDCjCCAfICFB/Vd2eOXWdNdrakThJhFIRtZmhUMA0GCSqGSIb3DQEBCwUAMEUx
|
||||
CzAJBgNVBAYTAkdCMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
||||
cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjMxMDI3MTUzNDM1WhcNMjMxMTI2MTUz
|
||||
NDM1WjA+MQswCQYDVQQGEwJHQjENMAsGA1UECAwERmlmZTENMAsGA1UEBwwEY2l0
|
||||
eTERMA8GA1UECgwITWVzaCBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||
AoIBAQDVgcLtNU5AYfPML/mE5PyC7YYKvZn2mt6vEiJ7M/6EzYeTXFeYexD5ZqHg
|
||||
ewGEd1fwiQWQsATsWd+EM4OnCAXAaNiOH6gGY7FR8CThfT+k8yIGPrl1BovzHHYS
|
||||
Orekna17UFeIyFMHDPIjl4d2WiJPvmNn5PhLEppPHPBWPhl3J3sMrSbqyRuYbtta
|
||||
oFIzN8mFcikixLg0SnBPtwlLC72ah9G+MF5CwEcU/E0bYbLQZXv+WhG5aw5JEzes
|
||||
K2GLxVNgM0xXB7hSyLoX1wBc8DdQyLCMkOp55Hl04UKTxtVE82MiuAOVqMUuKFjR
|
||||
u2a1C+/Gbk/PS5SHgenGjdZ8sZGpAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHMc
|
||||
jIFG5Rn9KaVmo7E+/UAq+3ld/3y2yMHg5wq7oG8b7/z0mlSGErHdFMzo75AFLN4r
|
||||
kOuiF5ItF6dRLNrG8IUFSNMGVH3b3ukw1EI8E89L8ak3CM+wpLT6GVP3BfV8ah+X
|
||||
4RRix40Tmx4C81l+Lf5W10rHIdlXBCanJy/Fa0ae+S+oXFc9jeXHlK9qlgszrECT
|
||||
Pa3VCR95LAIc6o9pDL2Z8tpEkSbyzvIWhp53fnC80PyXpSsFMfIw657shagBc/Ov
|
||||
e7/aPpPf3V3CafJlEIraQp24MDI5ZM59lT5vhRq2AC50gelL6UPV16mVVUlGVhWE
|
||||
vYyejod5i5ZbuLFOy2g=
|
||||
-----END CERTIFICATE-----
|
||||
|
28
cert/key.pem
28
cert/key.pem
@ -1,28 +0,0 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCVrc2ZbkM+ICgr
|
||||
9M9AahLijQOmbqhH03PtqUOprMuXKGzKiG8v6VWCzdqrDMJTBe24/Ph9KUda8J63
|
||||
ra+uEfPXfTgox/NkbMVkd4qz5vIWa6Q22g3RU2W8LpSczlcAdEvWBKxakWVnPvi1
|
||||
Sw/gj9Yn//HZxOvANeaTzr+wWNJaVpTTXBPnvkpDY5GkfkSVkt1cZqCntZQAx85x
|
||||
BW1Bth860d0lZPibJBBtdtX3QO7rPxeOgARB97J964M2DDvScaLiTH5+qQFzj/bS
|
||||
06Km+7s2rmA9ilPK/GlZb6Wc8f3QNdanZwF/odoLKFkW4cj0dG3vrRqJGKSO1tTk
|
||||
6OGrQfBTAgMBAAECggEAC4kwrmGUJyadUf31Nza1q+ZIYLxoldiTN77y6xHZQxYn
|
||||
hFiNkTi/kWxCLSq3k2SClN5SXHsg975RzUBCqPzTOUl6WZJHjPbhI8Qe2Yy0HcxA
|
||||
BMY7iGWQErfYVlmE1REhgyYrDnPkR9fPnVFisOEFFWIhhrIppU/CLKQjm/jMhY/G
|
||||
jdVaaTUcz9ee80BB8S6RCOWZLVc2/yYeIkby7AdGf8TUMqOvw/7AnLo4KwC3t06d
|
||||
ZK+bCVpTD6O4d4VcXzy5eBDwsYUfWdLSp9JEuLJRQlsq449nXF9V7xjHCD8zOoqI
|
||||
9PYh6xvPNB6fr9zSaOzLH9A4v+1zQqOoLHRliG2IcQKBgQDFlsYSzKUw+ae8AtqZ
|
||||
qWQiHSXhEoeosjGHLvDWyXmqdORpDparDOw1b0UlFvt3wm/QXU8q3UtNcWn7/aP8
|
||||
f/QsKZshJnuk8/+piJBv0v+pHZjpx7lTGVnfTUXpaP5T1EWz9p6HUX5qLHA7XUpr
|
||||
hQJLt0evvYv06GDtFLIjzHAHSQKBgQDB7UWO1n9TUofYHxG9zhoKsdCvNxeACxJJ
|
||||
EA1Ue0Ri+y3FnUYY3H9JqQ4d4k3xm731rbgV6TD15xzqv+RGL0+pQ1dDKy4T0lH8
|
||||
+bsjRShrq+QVxVLBWff5rike1LTk8Q2bmFlv1COft+edrMsZOpK4af9QINbGc/wF
|
||||
te5d77GuuwKBgC1bQvSlzXXEmWBrN0r2u2mpTzyvSDzNStlBST/E2Azs8FG9a5Cw
|
||||
UrihZjnxYKBJHemywa2RRuvsEOwreS1JIf/RPS8K6m8fI50DIETLJqzngmaH1l7g
|
||||
/uRnlJjT5S3RGH8LKbDeYCp3MPwvmhm8Wp6O4AHTfQEnJrjFe28ESuMhAoGAUiAT
|
||||
dvwri7PFx6bQsprXuHO5NpqUHyuRINPlcUOKoIhSx/9ksh6e4Sjwy4MNEyareaGJ
|
||||
9e19SIYJXvjIyVg72iikidN9ffNxuTphH/yns4Fl5DpeY3egZmJ1E5Ns0A+tfZk1
|
||||
NwCV3YvaUJHeqN5/SA3Li7l8eyqfLiPvwGRD0QUCgYEAs4VG+7f8qyTQ/9l4VzTj
|
||||
1G4naIfDxOS8UTnbc3KJqk48yNuPHLUoAxXmmA+ulqsaLhW1Xn+PWTXdFVaHQ5eB
|
||||
WCsgnrvi9zrznqyVi54y0lrQTt6dMsLpul/29zKR/464Uyzcdy0008Khl3dDTk0o
|
||||
91xucId8s41do8dEqaHVEhE=
|
||||
-----END PRIVATE KEY-----
|
28
cert/priv.pem
Normal file
28
cert/priv.pem
Normal file
@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVgcLtNU5AYfPM
|
||||
L/mE5PyC7YYKvZn2mt6vEiJ7M/6EzYeTXFeYexD5ZqHgewGEd1fwiQWQsATsWd+E
|
||||
M4OnCAXAaNiOH6gGY7FR8CThfT+k8yIGPrl1BovzHHYSOrekna17UFeIyFMHDPIj
|
||||
l4d2WiJPvmNn5PhLEppPHPBWPhl3J3sMrSbqyRuYbttaoFIzN8mFcikixLg0SnBP
|
||||
twlLC72ah9G+MF5CwEcU/E0bYbLQZXv+WhG5aw5JEzesK2GLxVNgM0xXB7hSyLoX
|
||||
1wBc8DdQyLCMkOp55Hl04UKTxtVE82MiuAOVqMUuKFjRu2a1C+/Gbk/PS5SHgenG
|
||||
jdZ8sZGpAgMBAAECggEARJNAggLYhtpPPVp9WJ9ZsU3L+0AppujYND/tXkf1bD89
|
||||
V+nVYq7IZWp+/MRVWPAiCSphZLb8ZdN59JK9KtVrT4D9aSymwaKcjfZFSj15xyem
|
||||
Wn4j///hzGxsSe+dE1znnw9PhindbQrN7Pua8TsDATzj3bdPvoETmexwDysz765i
|
||||
u4zXvxP+xAessz1OYa5IUaDXdlWOf0e1zNXWwanjRggzCeWR3lTofG49GX087oVC
|
||||
Sb9ASy+AScnOlwpTdQ8sKy1r9gXmE5ey4AULVb0nJ8LDvrCoBBhKBtVE5mJHepE6
|
||||
bdC9l6poL6roGvHfMAo3SmiUUT5XceqUxBtHcyHX3wKBgQD1uh+Dv0PrH3CTW9cF
|
||||
bwHL1rmQNJrbDzDAaounGBe9mcot1RrBhyQAoGw1no4c+QWDAwYRuBP2+Rp6JLU/
|
||||
XnEXSyN85rJN6LajlrLEr+BNmKw6ghNsnAFUZBLaJ7epRi6OjACUwmtvH6hRIef8
|
||||
aMg4WiOyDT+Z4Xe81pdXb91HXwKBgQDebs3idgVEau3LCKGYnqvmUhzv8iiQiJmD
|
||||
R29o2G5Xrahf3r1O5gJdGLO1DaCBtdrI7J4xUOlM935KaEYFe5B7RVGXg23tNWgb
|
||||
2M+YQqu5qz61bDxhg7dGkegHrdvKNcSkV6GUSm5w9rdxJlY8+l45p/7QpSkatcbd
|
||||
IRiVzMNr9wKBgQC/+Z5fbpFgYxqvdaPicdxkZShqOj71f8OlwFfEvrTlgv4KmqAh
|
||||
rDP7bVm89leu2PpuZXFbbIXkgK8n1//mNyGBgkmCbjXFWlc+LSETOxixZuK/fxov
|
||||
0x3S0bBM0ZTSYatD4KsfjVkj4wa8BBJbB33NUNbsZx9WWGkUlk58mD+3XwKBgQDV
|
||||
mgR+n6WJQUIfwqckH+Ol517AkYSg33zEE9qKDaVQ74QMpKKY3MqSSkFw8agcR93V
|
||||
K1zysOeJsPYHUEFFzJY/up6S6HSs4aebbkZUylmMkEVFBa6qWkmrLDxs+2lgsuem
|
||||
hjy1YhDSzCn3L8CLCEdqCMjr5l8ltkBFZB3u5NcZmwKBgHE9ODedQm783JfvDNBb
|
||||
lB/IoUjMhMR0J2vHC3zxgTU4nIK+MR0vXvA7fmZebpaQNwYrHY9gvrL0/QevOrmG
|
||||
PtXlkQ9GITMxTlqfHWV5jXZuRBIGTqh1QW3tKbVAhUhNlM0XDNBmBvjKIFjxUIo3
|
||||
zMRw/o4R4cIaazyVxguZbsa2
|
||||
-----END PRIVATE KEY-----
|
@ -1,5 +1,6 @@
|
||||
certificatePath: "../../cert/cert.pem"
|
||||
privateKeyPath: "../../cert/key.pem"
|
||||
privateKeyPath: "../../cert/priv.pem"
|
||||
caCertificatePath: "../../cert/cacert.pem"
|
||||
skipCertVerification: true
|
||||
gRPCPort: "8080"
|
||||
advertiseRoutes: true
|
@ -40,17 +40,6 @@ func (c *CrdtMeshManager) AddNode(node mesh.MeshNode) {
|
||||
nodeVal.Map().Set("routes", automerge.NewMap())
|
||||
}
|
||||
|
||||
func (c *CrdtMeshManager) ApplyWg() error {
|
||||
// snapshot, err := c.GetMesh()
|
||||
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
|
||||
// c.updateWgConf(c.IfName, snapshot.GetNodes(), *c.Client)
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetMesh(): Converts the document into a struct
|
||||
func (c *CrdtMeshManager) GetMesh() (mesh.MeshSnapshot, error) {
|
||||
return automerge.As[*MeshCrdt](c.doc.Root())
|
||||
@ -95,43 +84,6 @@ func NewCrdtNodeManager(meshId, devName string, port int, conf conf.WgMeshConfig
|
||||
return &manager, nil
|
||||
}
|
||||
|
||||
func (m *CrdtMeshManager) convertMeshNode(node MeshNodeCrdt) (*wgtypes.PeerConfig, error) {
|
||||
peerEndpoint, err := net.ResolveUDPAddr("udp", node.WgEndpoint)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
peerPublic, err := wgtypes.ParseKey(node.PublicKey)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
allowedIps := make([]net.IPNet, 1)
|
||||
_, ipnet, err := net.ParseCIDR(node.WgHost)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
allowedIps[0] = *ipnet
|
||||
|
||||
for route, _ := range node.Routes {
|
||||
_, ipnet, _ := net.ParseCIDR(route)
|
||||
allowedIps = append(allowedIps, *ipnet)
|
||||
}
|
||||
|
||||
peerConfig := wgtypes.PeerConfig{
|
||||
PublicKey: peerPublic,
|
||||
Remove: m.HasFailed(node.HostEndpoint),
|
||||
Endpoint: peerEndpoint,
|
||||
AllowedIPs: allowedIps,
|
||||
}
|
||||
|
||||
return &peerConfig, nil
|
||||
}
|
||||
|
||||
func (c *CrdtMeshManager) removeNode(endpoint string) error {
|
||||
err := c.doc.Path("nodes").Map().Delete(endpoint)
|
||||
|
||||
@ -222,6 +174,7 @@ func (m *CrdtMeshManager) UpdateTimeStamp(nodeId string) error {
|
||||
// AddRoutes: adds routes to the specific nodeId
|
||||
func (m *CrdtMeshManager) AddRoutes(nodeId string, routes ...string) error {
|
||||
nodeVal, err := m.doc.Path("nodes").Map().Get(nodeId)
|
||||
logging.Log.WriteInfof("Adding route to %s", nodeId)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
@ -244,31 +197,6 @@ func (m *CrdtMeshManager) AddRoutes(nodeId string, routes ...string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *CrdtMeshManager) updateWgConf(devName string, nodes map[string]MeshNodeCrdt, client wgctrl.Client) error {
|
||||
peerConfigs := make([]wgtypes.PeerConfig, len(nodes))
|
||||
|
||||
var count int = 0
|
||||
|
||||
for _, n := range nodes {
|
||||
peer, err := m.convertMeshNode(n)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
peerConfigs[count] = *peer
|
||||
count++
|
||||
}
|
||||
|
||||
cfg := wgtypes.Config{
|
||||
Peers: peerConfigs,
|
||||
ReplacePeers: true,
|
||||
}
|
||||
|
||||
client.ConfigureDevice(devName, cfg)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *CrdtMeshManager) GetSyncer() mesh.MeshSyncer {
|
||||
return NewAutomergeSync(m)
|
||||
}
|
||||
@ -286,7 +214,7 @@ func (m *MeshNodeCrdt) GetPublicKey() (wgtypes.Key, error) {
|
||||
}
|
||||
|
||||
func (m *MeshNodeCrdt) GetWgEndpoint() string {
|
||||
return m.HostEndpoint
|
||||
return m.WgEndpoint
|
||||
}
|
||||
|
||||
func (m *MeshNodeCrdt) GetWgHost() *net.IPNet {
|
||||
@ -308,6 +236,15 @@ func (m *MeshNodeCrdt) GetRoutes() []string {
|
||||
return lib.MapKeys(m.Routes)
|
||||
}
|
||||
|
||||
func (m *MeshNodeCrdt) GetIdentifier() string {
|
||||
ipv6 := m.WgHost[:len(m.WgHost)-4]
|
||||
|
||||
constituents := strings.Split(ipv6, ":")
|
||||
logging.Log.WriteInfof(ipv6)
|
||||
constituents = constituents[4:]
|
||||
return strings.Join(constituents, ":")
|
||||
}
|
||||
|
||||
func (m *MeshCrdt) GetNodes() map[string]mesh.MeshNode {
|
||||
nodes := make(map[string]mesh.MeshNode)
|
||||
|
||||
|
@ -11,6 +11,7 @@ import (
|
||||
type WgMeshConfiguration struct {
|
||||
CertificatePath string `yaml:"certificatePath"`
|
||||
PrivateKeyPath string `yaml:"privateKeyPath"`
|
||||
CaCertificatePath string `yaml:"caCertificatePath"`
|
||||
SkipCertVerification bool `yaml:"skipCertVerification"`
|
||||
GrpcPort string `yaml:"gRPCPort"`
|
||||
// AdvertiseRoutes advertises other meshes if the node is in multiple meshes
|
||||
|
@ -2,6 +2,9 @@ package conn
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"os"
|
||||
"sync"
|
||||
|
||||
logging "github.com/tim-beatham/wgmesh/pkg/log"
|
||||
@ -41,6 +44,7 @@ type NewConnectionManageParams struct {
|
||||
PrivateKey string
|
||||
// Whether or not to skip certificate verification
|
||||
SkipCertVerification bool
|
||||
CaCert string
|
||||
}
|
||||
|
||||
// NewConnectionManager: Creates a new instance of a ConnectionManager or an error
|
||||
@ -61,6 +65,23 @@ func NewConnectionManager(params *NewConnectionManageParams) (ConnectionManager,
|
||||
serverAuth = tls.RequireAnyClientCert
|
||||
}
|
||||
|
||||
certPool := x509.NewCertPool()
|
||||
|
||||
if !params.SkipCertVerification {
|
||||
|
||||
if params.CaCert == "" {
|
||||
return nil, errors.New("CA Cert is not specified")
|
||||
}
|
||||
|
||||
caCert, err := os.ReadFile(params.CaCert)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
certPool.AppendCertsFromPEM(caCert)
|
||||
}
|
||||
|
||||
serverConfig := &tls.Config{
|
||||
ClientAuth: serverAuth,
|
||||
Certificates: []tls.Certificate{cert},
|
||||
@ -69,6 +90,7 @@ func NewConnectionManager(params *NewConnectionManageParams) (ConnectionManager,
|
||||
clientConfig := &tls.Config{
|
||||
Certificates: []tls.Certificate{cert},
|
||||
InsecureSkipVerify: params.SkipCertVerification,
|
||||
RootCAs: certPool,
|
||||
}
|
||||
|
||||
connections := make(map[string]PeerConnection)
|
||||
|
@ -30,6 +30,7 @@ func NewCtrlServer(params *NewCtrlServerParams) (*MeshCtrlServer, error) {
|
||||
CertificatePath: params.Conf.CertificatePath,
|
||||
PrivateKey: params.Conf.PrivateKeyPath,
|
||||
SkipCertVerification: params.Conf.SkipCertVerification,
|
||||
CaCert: params.Conf.CaCertificatePath,
|
||||
}
|
||||
|
||||
connMgr, err := conn.NewConnectionManager(&connManagerParams)
|
||||
|
@ -11,12 +11,19 @@ import (
|
||||
)
|
||||
|
||||
type GraphType string
|
||||
type Shape string
|
||||
|
||||
const (
|
||||
GRAPH GraphType = "graph"
|
||||
DIGRAPH = "digraph"
|
||||
)
|
||||
|
||||
const (
|
||||
CIRCLE Shape = "circle"
|
||||
STAR Shape = "star"
|
||||
HEXAGON Shape = "hexagon"
|
||||
)
|
||||
|
||||
type Graph struct {
|
||||
Type GraphType
|
||||
Label string
|
||||
@ -26,6 +33,7 @@ type Graph struct {
|
||||
|
||||
type Node struct {
|
||||
Name string
|
||||
Shape Shape
|
||||
}
|
||||
|
||||
type Edge interface {
|
||||
@ -53,15 +61,16 @@ func NewGraph(label string, graphType GraphType) *Graph {
|
||||
return &Graph{Type: graphType, Label: label, nodes: make(map[string]*Node), edges: make([]Edge, 0)}
|
||||
}
|
||||
|
||||
// AddNode: adds a node to the graph
|
||||
func (g *Graph) AddNode(label string) error {
|
||||
// PutNode: puts a node in the graph
|
||||
func (g *Graph) PutNode(label string, shape Shape) error {
|
||||
_, exists := g.nodes[label]
|
||||
|
||||
if exists {
|
||||
return errors.New(fmt.Sprintf("Node %s already exists", label))
|
||||
// If exists no need to add the ndoe
|
||||
return nil
|
||||
}
|
||||
|
||||
g.nodes[label] = &Node{Name: label}
|
||||
g.nodes[label] = &Node{Name: label, Shape: shape}
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -156,8 +165,8 @@ func (n *Node) hash() int {
|
||||
}
|
||||
|
||||
func (n *Node) GetDOT() (string, error) {
|
||||
return fmt.Sprintf("node[shape=circle, style=\"filled\", fillcolor=%d] %s;\n",
|
||||
n.hash(), n.Name), nil
|
||||
return fmt.Sprintf("node[shape=%s, style=\"filled\", fillcolor=%d] %s;\n",
|
||||
n.Shape, n.hash(), n.Name), nil
|
||||
}
|
||||
|
||||
func (e *DirectedEdge) GetDOT() (string, error) {
|
||||
|
@ -34,7 +34,7 @@ func (c *MeshDOTConverter) Generate(meshId string) (string, error) {
|
||||
}
|
||||
|
||||
for _, node := range snapshot.GetNodes() {
|
||||
g.AddNode(fmt.Sprintf("\"%s\"", node.GetWgHost().IP.String()))
|
||||
c.graphNode(g, node)
|
||||
}
|
||||
|
||||
nodes := lib.MapValues(snapshot.GetNodes())
|
||||
@ -45,8 +45,8 @@ func (c *MeshDOTConverter) Generate(meshId string) (string, error) {
|
||||
continue
|
||||
}
|
||||
|
||||
node1Id := fmt.Sprintf("\"%s\"", node1.GetWgHost().IP.String())
|
||||
node2Id := fmt.Sprintf("\"%s\"", node2.GetWgHost().IP.String())
|
||||
node1Id := fmt.Sprintf("\"%s\"", node1.GetIdentifier())
|
||||
node2Id := fmt.Sprintf("\"%s\"", node2.GetIdentifier())
|
||||
g.AddEdge(fmt.Sprintf("%s to %s", node1Id, node2Id), node1Id, node2Id)
|
||||
}
|
||||
}
|
||||
@ -54,6 +54,22 @@ func (c *MeshDOTConverter) Generate(meshId string) (string, error) {
|
||||
return g.GetDOT()
|
||||
}
|
||||
|
||||
// graphNode: graphs a node within the mesh
|
||||
func (c *MeshDOTConverter) graphNode(g *graph.Graph, node MeshNode) {
|
||||
nodeId := fmt.Sprintf("\"%s\"", node.GetIdentifier())
|
||||
g.PutNode(nodeId, graph.CIRCLE)
|
||||
|
||||
if node.GetHostEndpoint() == c.manager.HostParameters.HostEndpoint {
|
||||
return
|
||||
}
|
||||
|
||||
for _, route := range node.GetRoutes() {
|
||||
routeId := fmt.Sprintf("\"%s\"", route)
|
||||
g.PutNode(routeId, graph.HEXAGON)
|
||||
g.AddEdge(fmt.Sprintf("%s to %s", nodeId, routeId), nodeId, routeId)
|
||||
}
|
||||
}
|
||||
|
||||
func NewMeshDotConverter(m *MeshManager) MeshGraphConverter {
|
||||
return &MeshDOTConverter{manager: m}
|
||||
}
|
@ -45,7 +45,6 @@ func (m *MeshManager) CreateMesh(devName string, port int) (string, error) {
|
||||
}
|
||||
|
||||
m.Meshes[key.String()] = nodeManager
|
||||
|
||||
return key.String(), err
|
||||
}
|
||||
|
||||
@ -70,12 +69,13 @@ func (m *MeshManager) AddMesh(meshId string, devName string, port int, meshBytes
|
||||
}
|
||||
|
||||
m.Meshes[meshId] = meshProvider
|
||||
return nil
|
||||
return err
|
||||
}
|
||||
|
||||
// AddMeshNode: Add a mesh node
|
||||
func (m *MeshManager) AddMeshNode(meshId string, node MeshNode) {
|
||||
func (m *MeshManager) AddMeshNode(meshId string, node MeshNode) error {
|
||||
m.Meshes[meshId].AddNode(node)
|
||||
return m.RouteManager.UpdateRoutes()
|
||||
}
|
||||
|
||||
// HasChanges returns true if the mesh has changes
|
||||
|
@ -1,12 +1,13 @@
|
||||
package mesh
|
||||
|
||||
import (
|
||||
"github.com/tim-beatham/wgmesh/pkg/ip"
|
||||
logging "github.com/tim-beatham/wgmesh/pkg/log"
|
||||
"github.com/tim-beatham/wgmesh/pkg/route"
|
||||
)
|
||||
|
||||
type RouteManager interface {
|
||||
UpdateRoutes() error
|
||||
ApplyWg() error
|
||||
}
|
||||
|
||||
type RouteManagerImpl struct {
|
||||
@ -15,55 +16,29 @@ type RouteManagerImpl struct {
|
||||
}
|
||||
|
||||
func (r *RouteManagerImpl) UpdateRoutes() error {
|
||||
// // meshes := r.meshManager.Meshes
|
||||
// // ulaBuilder := new(ip.ULABuilder)
|
||||
meshes := r.meshManager.Meshes
|
||||
ulaBuilder := new(ip.ULABuilder)
|
||||
|
||||
// for _, mesh1 := range meshes {
|
||||
// for _, mesh2 := range meshes {
|
||||
// if mesh1 == mesh2 {
|
||||
// continue
|
||||
// }
|
||||
for _, mesh1 := range meshes {
|
||||
for _, mesh2 := range meshes {
|
||||
if mesh1 == mesh2 {
|
||||
continue
|
||||
}
|
||||
|
||||
// ipNet, err := ulaBuilder.GetIPNet(mesh2.MeshId)
|
||||
ipNet, err := ulaBuilder.GetIPNet(mesh2.GetMeshId())
|
||||
|
||||
// if err != nil {
|
||||
// logging.Log.WriteErrorf(err.Error())
|
||||
// return err
|
||||
// }
|
||||
if err != nil {
|
||||
logging.Log.WriteErrorf(err.Error())
|
||||
return err
|
||||
}
|
||||
|
||||
// mesh1.AddRoutes(ipNet.String())
|
||||
// }
|
||||
// }
|
||||
err = mesh1.AddRoutes(r.meshManager.HostParameters.HostEndpoint, ipNet.String())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (r *RouteManagerImpl) ApplyWg() error {
|
||||
// snapshot, err := mesh.GetMesh()
|
||||
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
|
||||
// for _, node := range snapshot.Nodes {
|
||||
// if node.HostEndpoint == r.meshManager.HostEndpoint {
|
||||
// continue
|
||||
// }
|
||||
|
||||
// for route, _ := range node.Routes {
|
||||
// _, netIP, err := net.ParseCIDR(route)
|
||||
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
|
||||
// err = r.routeInstaller.InstallRoutes(mesh.IfName, netIP)
|
||||
|
||||
// if err != nil {
|
||||
// return err
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
@ -24,6 +24,8 @@ type MeshNode interface {
|
||||
GetTimeStamp() int64
|
||||
// GetRoutes: returns the routes that the nodes provides
|
||||
GetRoutes() []string
|
||||
// GetIdentifier: returns the identifier of the node
|
||||
GetIdentifier() string
|
||||
}
|
||||
|
||||
type MeshSnapshot interface {
|
||||
|
@ -54,7 +54,7 @@ func (n *IpcHandler) CreateMesh(args *ipc.NewMeshArgs, reply *string) error {
|
||||
Routes: map[string]interface{}{},
|
||||
}
|
||||
|
||||
n.Server.MeshManager.AddMeshNode(meshId, &meshNode)
|
||||
err = n.Server.MeshManager.AddMeshNode(meshId, &meshNode)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
@ -130,7 +130,12 @@ func (n *IpcHandler) JoinMesh(args ipc.JoinMeshArgs, reply *string) error {
|
||||
WgHost: ipAddr.String() + "/128",
|
||||
Routes: make(map[string]interface{}),
|
||||
}
|
||||
n.Server.MeshManager.AddMeshNode(args.MeshId, &node)
|
||||
err = n.Server.MeshManager.AddMeshNode(args.MeshId, &node)
|
||||
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
*reply = strconv.FormatBool(true)
|
||||
return nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user