Merge pull request #1868 from gravitl/story/GRA-823df

Story/gra 823df

controllers/hosts.go

@@ -8,6 +8,7 @@ import (
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
+	"github.com/gravitl/netmaker/servercfg"
 )
 
 type hostNetworksUpdatePayload struct {
@@ -15,7 +16,7 @@ type hostNetworksUpdatePayload struct {
 }
 
 func hostHandlers(r *mux.Router) {
-	r.HandleFunc("/api/hosts", logic.SecurityCheck(false, http.HandlerFunc(getHosts))).Methods("GET")
+	r.HandleFunc("/api/hosts", logic.SecurityCheck(true, http.HandlerFunc(getHosts))).Methods("GET")
 	r.HandleFunc("/api/hosts/{hostid}", logic.SecurityCheck(true, http.HandlerFunc(updateHost))).Methods("PUT")
 	r.HandleFunc("/api/hosts/{hostid}", logic.SecurityCheck(true, http.HandlerFunc(deleteHost))).Methods("DELETE")
 	r.HandleFunc("/api/hosts/{hostid}/networks", logic.SecurityCheck(true, http.HandlerFunc(updateHostNetworks))).Methods("PUT")
@@ -153,7 +154,11 @@ func updateHostNetworks(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// TODO: add and remove hosts to networks (nodes)
+	if err = logic.UpdateHostNetworks(currHost, servercfg.GetServer(), payload.Networks); err != nil {
+		logger.Log(0, r.Header.Get("user"), "failed to update host networks:", err.Error())
+		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
+		return
+	}
 
 	logger.Log(2, r.Header.Get("user"), "updated host networks", currHost.Name)
 	w.WriteHeader(http.StatusOK)

controllers/node.go

@@ -627,7 +627,7 @@ func createNode(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 	}
-	err = logic.CreateNode(&data.Node)
+	err = logic.AssociateNodeToHost(&data.Node, &data.Host)
 	if err != nil {
 		logger.Log(0, r.Header.Get("user"),
 			fmt.Sprintf("failed to create node on network [%s]: %s",
@@ -661,7 +661,6 @@ func createNode(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	data.Node.Peers = peerUpdate.Peers
-
 	// Create client for this host in Mq
 	event := mq.MqDynsecPayload{
 		Commands: []mq.MqDynSecCmd{
@@ -1132,6 +1131,7 @@ func deleteNode(w http.ResponseWriter, r *http.Request) {
 				break
 			}
 		}
+		// TODO: Address how to remove host
 		if !found {
 			// deletes node related role and client
 			event := mq.MqDynsecPayload{

logic/hosts.go

@@ -3,15 +3,21 @@ package logic
 import (
 	"encoding/json"
 	"errors"
+	"fmt"
 
+	"github.com/google/uuid"
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/models"
 	"golang.org/x/crypto/bcrypt"
 )
 
-// ErrHostExists error indicating that host exists when trying to create new host
-var ErrHostExists error = errors.New("host already exists")
+var (
+	// ErrHostExists error indicating that host exists when trying to create new host
+	ErrHostExists error = errors.New("host already exists")
+	// ErrInvalidHostID
+	ErrInvalidHostID error = errors.New("invalid host id")
+)
 
 // GetAllHosts - returns all hosts in flat list or error
 func GetAllHosts() ([]models.Host, error) {
@@ -110,10 +116,6 @@ func UpdateHost(newHost, currentHost *models.Host) {
 		newHost.Name = currentHost.Name
 	}
 
-	if newHost.LocalAddress.String() != currentHost.LocalAddress.String() {
-		newHost.LocalAddress = currentHost.LocalAddress
-	}
-
 	if newHost.LocalRange.String() != currentHost.LocalRange.String() {
 		newHost.LocalRange = currentHost.LocalRange
 	}
@@ -148,7 +150,7 @@ func RemoveHost(h *models.Host) error {
 			id := h.Nodes[i]
 			n, err := GetNodeByID(id)
 			if err == nil {
-				if err = DeleteNodeByID(&n); err != nil {
+				if err = DissasociateNodeFromHost(&n, h); err != nil {
 					return err // must remove associated nodes before removing a host
 				}
 			}
@@ -158,7 +160,7 @@ func RemoveHost(h *models.Host) error {
 }
 
 // UpdateHostNetworks - updates a given host's networks
-func UpdateHostNetworks(h *models.Host, nets []string) error {
+func UpdateHostNetworks(h *models.Host, server string, nets []string) error {
 	if len(h.Nodes) > 0 {
 		for i := range h.Nodes {
 			n, err := GetNodeByID(h.Nodes[i])
@@ -174,7 +176,7 @@ func UpdateHostNetworks(h *models.Host, nets []string) error {
 				}
 			}
 			if !found { // remove the node/host from that network
-				if err = DeleteNodeByID(&n); err != nil {
+				if err = DissasociateNodeFromHost(&n, h); err != nil {
 					return err
 				}
 			}
@@ -186,10 +188,61 @@ func UpdateHostNetworks(h *models.Host, nets []string) error {
 	for i := range nets {
 		// create a node for each non zero network remaining
 		if len(nets[i]) > 0 {
-			// TODO create a node with given hostid
-			logger.Log(0, "I will create a node here")
+			newNode := models.Node{}
+			newNode.Server = server
+			newNode.Network = nets[i]
+			if err := AssociateNodeToHost(&newNode, h); err != nil {
+				return err
+			}
+			logger.Log(1, "added new node", newNode.ID.String(), "to host", h.Name)
 		}
 	}
 
 	return nil
 }
+
+// AssociateNodeToHost - associates and creates a node with a given host
+// should be the only way nodes get created as of 0.18
+func AssociateNodeToHost(n *models.Node, h *models.Host) error {
+	if len(h.ID.String()) == 0 || h.ID == uuid.Nil {
+		return ErrInvalidHostID
+	}
+	n.HostID = h.ID
+	err := createNode(n)
+	if err != nil {
+		return err
+	}
+	h.Nodes = append(h.Nodes, n.ID.String())
+	return UpsertHost(h)
+}
+
+// DissasociateNodeFromHost - deletes a node and removes from host nodes
+// should be the only way nodes are deleted as of 0.18
+func DissasociateNodeFromHost(n *models.Node, h *models.Host) error {
+	if len(h.ID.String()) == 0 || h.ID == uuid.Nil {
+		return ErrInvalidHostID
+	}
+	if n.HostID != h.ID { // check if node actually belongs to host
+		return fmt.Errorf("node is not associated with host")
+	}
+	if len(h.Nodes) == 0 {
+		return fmt.Errorf("no nodes present in given host")
+	}
+	index := -1
+	for i := range h.Nodes {
+		if h.Nodes[i] == n.ID.String() {
+			index = i
+			break
+		}
+	}
+	if index < 0 {
+		if len(h.Nodes) == 0 {
+			return fmt.Errorf("node %s, not found in host, %s", n.ID.String(), h.ID.String())
+		}
+	}
+	if err := deleteNodeByID(n); err != nil {
+		return err
+	}
+	h.Nodes = RemoveStringSlice(h.Nodes, index)
+	return UpsertHost(h)
+}

logic/nodes.go

@@ -85,19 +85,22 @@ func UpdateNode(currentNode *models.Node, newNode *models.Node) error {
 // DeleteNode - marks node for deletion if called by UI or deletes node if called by node
 func DeleteNode(node *models.Node, purge bool) error {
 	if !purge {
-		newnode := node
+		newnode := *node
 		newnode.PendingDelete = true
 		newnode.Action = models.NODE_DELETE
-		if err := UpdateNode(node, newnode); err != nil {
+		if err := UpdateNode(node, &newnode); err != nil {
 			return err
 		}
 		return nil
 	}
-	if err := DeleteNodeByID(node); err != nil {
+	host, err := GetHost(node.HostID.String())
+	if err != nil {
+		return err
+	}
+	if err := DissasociateNodeFromHost(node, host); err != nil {
 		return err
 	}
 	if servercfg.Is_EE {
-		host, _ := GetHost(node.HostID.String())
 		if err := EnterpriseResetAllPeersFailovers(node.ID.String(), node.Network); err != nil {
 			logger.Log(0, "failed to reset failover lists during node delete for node", host.Name, node.Network)
 		}
@@ -106,8 +109,8 @@ func DeleteNode(node *models.Node, purge bool) error {
 	return nil
 }
 
-// DeleteNodeByID - deletes a node from database
-func DeleteNodeByID(node *models.Node) error {
+// deleteNodeByID - deletes a node from database
+func deleteNodeByID(node *models.Node) error {
 	var err error
 	var key = node.ID.String()
 	//delete any ext clients as required
@@ -183,109 +186,6 @@ func IsFailoverPresent(network string) bool {
 	return false
 }
 
-// CreateNode - creates a node in database
-func CreateNode(node *models.Node) error {
-	host, err := GetHost(node.HostID.String())
-	if err != nil {
-		return err
-	}
-
-	if !node.DNSOn {
-		if servercfg.IsDNSMode() {
-			node.DNSOn = true
-		} else {
-			node.DNSOn = false
-		}
-	}
-
-	SetNodeDefaults(node)
-
-	defaultACLVal := acls.Allowed
-	parentNetwork, err := GetNetwork(node.Network)
-	if err == nil {
-		if parentNetwork.DefaultACL != "yes" {
-			defaultACLVal = acls.NotAllowed
-		}
-	}
-
-	if node.DefaultACL == "" {
-		node.DefaultACL = "unset"
-	}
-
-	if node.Address.IP == nil {
-		if parentNetwork.IsIPv4 == "yes" {
-			if node.Address.IP, err = UniqueAddress(node.Network, false); err != nil {
-				return err
-			}
-			_, cidr, err := net.ParseCIDR(parentNetwork.AddressRange)
-			if err != nil {
-				return err
-			}
-			node.Address.Mask = net.CIDRMask(cidr.Mask.Size())
-		}
-	} else if !IsIPUnique(node.Network, node.Address.String(), database.NODES_TABLE_NAME, false) {
-		return fmt.Errorf("invalid address: ipv4 " + node.Address.String() + " is not unique")
-	}
-
-	if node.Address6.IP == nil {
-		if parentNetwork.IsIPv6 == "yes" {
-			if node.Address6.IP, err = UniqueAddress6(node.Network, false); err != nil {
-				return err
-			}
-			_, cidr, err := net.ParseCIDR(parentNetwork.AddressRange6)
-			if err != nil {
-				return err
-			}
-			node.Address6.Mask = net.CIDRMask(cidr.Mask.Size())
-		}
-	} else if !IsIPUnique(node.Network, node.Address6.String(), database.NODES_TABLE_NAME, true) {
-		return fmt.Errorf("invalid address: ipv6 " + node.Address6.String() + " is not unique")
-	}
-
-	node.ID = uuid.New()
-	//Create a JWT for the node
-	tokenString, _ := CreateJWT(node.ID.String(), host.MacAddress.String(), node.Network)
-	if tokenString == "" {
-		//logic.ReturnErrorResponse(w, r, errorResponse)
-		return err
-	}
-	err = ValidateNode(node, false)
-	if err != nil {
-		return err
-	}
-	CheckZombies(node, host.MacAddress)
-
-	nodebytes, err := json.Marshal(&node)
-	if err != nil {
-		return err
-	}
-	err = database.Insert(node.ID.String(), string(nodebytes), database.NODES_TABLE_NAME)
-	if err != nil {
-		return err
-	}
-
-	_, err = nodeacls.CreateNodeACL(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID.String()), defaultACLVal)
-	if err != nil {
-		logger.Log(1, "failed to create node ACL for node,", node.ID.String(), "err:", err.Error())
-		return err
-	}
-
-	if err = updateProNodeACLS(node); err != nil {
-		logger.Log(1, "failed to apply node level ACLs during creation of node", node.ID.String(), "-", err.Error())
-		return err
-	}
-
-	if err = UpdateMetrics(node.ID.String(), &models.Metrics{Connectivity: make(map[string]models.Metric)}); err != nil {
-		logger.Log(1, "failed to initialize metrics for node", node.ID.String(), err.Error())
-	}
-
-	SetNetworkNodesLastModified(node.Network)
-	if servercfg.IsDNSMode() {
-		err = SetDNS()
-	}
-	return err
-}
-
 // GetAllNodes - returns all nodes in the DB
 func GetAllNodes() ([]models.Node, error) {
 	var nodes []models.Node
@@ -620,7 +520,6 @@ func PurgePendingNodes(ctx context.Context) {
 						} else {
 							logger.Log(0, "purged node ", node.ID.String())
 						}
-
 					}
 				}
 			}
@@ -628,4 +527,107 @@ func PurgePendingNodes(ctx context.Context) {
 	}
 }
 
+// createNode - creates a node in database
+func createNode(node *models.Node) error {
+	host, err := GetHost(node.HostID.String())
+	if err != nil {
+		return err
+	}
+
+	if !node.DNSOn {
+		if servercfg.IsDNSMode() {
+			node.DNSOn = true
+		} else {
+			node.DNSOn = false
+		}
+	}
+
+	SetNodeDefaults(node)
+
+	defaultACLVal := acls.Allowed
+	parentNetwork, err := GetNetwork(node.Network)
+	if err == nil {
+		if parentNetwork.DefaultACL != "yes" {
+			defaultACLVal = acls.NotAllowed
+		}
+	}
+
+	if node.DefaultACL == "" {
+		node.DefaultACL = "unset"
+	}
+
+	if node.Address.IP == nil {
+		if parentNetwork.IsIPv4 == "yes" {
+			if node.Address.IP, err = UniqueAddress(node.Network, false); err != nil {
+				return err
+			}
+			_, cidr, err := net.ParseCIDR(parentNetwork.AddressRange)
+			if err != nil {
+				return err
+			}
+			node.Address.Mask = net.CIDRMask(cidr.Mask.Size())
+		}
+	} else if !IsIPUnique(node.Network, node.Address.String(), database.NODES_TABLE_NAME, false) {
+		return fmt.Errorf("invalid address: ipv4 " + node.Address.String() + " is not unique")
+	}
+
+	if node.Address6.IP == nil {
+		if parentNetwork.IsIPv6 == "yes" {
+			if node.Address6.IP, err = UniqueAddress6(node.Network, false); err != nil {
+				return err
+			}
+			_, cidr, err := net.ParseCIDR(parentNetwork.AddressRange6)
+			if err != nil {
+				return err
+			}
+			node.Address6.Mask = net.CIDRMask(cidr.Mask.Size())
+		}
+	} else if !IsIPUnique(node.Network, node.Address6.String(), database.NODES_TABLE_NAME, true) {
+		return fmt.Errorf("invalid address: ipv6 " + node.Address6.String() + " is not unique")
+	}
+
+	node.ID = uuid.New()
+	//Create a JWT for the node
+	tokenString, _ := CreateJWT(node.ID.String(), host.MacAddress.String(), node.Network)
+	if tokenString == "" {
+		//logic.ReturnErrorResponse(w, r, errorResponse)
+		return err
+	}
+	err = ValidateNode(node, false)
+	if err != nil {
+		return err
+	}
+	CheckZombies(node, host.MacAddress)
+
+	nodebytes, err := json.Marshal(&node)
+	if err != nil {
+		return err
+	}
+	err = database.Insert(node.ID.String(), string(nodebytes), database.NODES_TABLE_NAME)
+	if err != nil {
+		return err
+	}
+
+	_, err = nodeacls.CreateNodeACL(nodeacls.NetworkID(node.Network), nodeacls.NodeID(node.ID.String()), defaultACLVal)
+	if err != nil {
+		logger.Log(1, "failed to create node ACL for node,", node.ID.String(), "err:", err.Error())
+		return err
+	}
+
+	if err = updateProNodeACLS(node); err != nil {
+		logger.Log(1, "failed to apply node level ACLs during creation of node", node.ID.String(), "-", err.Error())
+		return err
+	}
+
+	if err = UpdateMetrics(node.ID.String(), &models.Metrics{Connectivity: make(map[string]models.Metric)}); err != nil {
+		logger.Log(1, "failed to initialize metrics for node", node.ID.String(), err.Error())
+	}
+
+	SetNetworkNodesLastModified(node.Network)
+	if servercfg.IsDNSMode() {
+		err = SetDNS()
+	}
+	return err
+}
+
 // == END PRO ==

logic/peers.go

@@ -276,8 +276,8 @@ func GetPeerUpdate(node *models.Node) (models.PeerUpdate, error) {
 		if host.EndpointIP.String() == peerHost.EndpointIP.String() {
 			//peer is on same network
 			// set_local
-			if host.LocalAddress.String() != peerHost.LocalAddress.String() && peerHost.LocalAddress.IP != nil {
-				peerHost.EndpointIP = peerHost.LocalAddress.IP
+			if node.LocalAddress.String() != peer.LocalAddress.String() && peer.LocalAddress.IP != nil {
+				peerHost.EndpointIP = peer.LocalAddress.IP
 				if peerHost.LocalListenPort != 0 {
 					peerHost.ListenPort = peerHost.LocalListenPort
 				}
@@ -811,8 +811,8 @@ func getEgressIPs(node, peer *models.Node) []net.IPNet {
 			continue // skip adding egress range if overlaps with node's ip
 		}
 		// TODO: Could put in a lot of great logic to avoid conflicts / bad routes
-		if ipnet.Contains(net.ParseIP(host.LocalAddress.String())) && !internetGateway { // ensuring egress gateway range does not contain public ip of node
-			logger.Log(2, "egress IP range of ", iprange, " overlaps with ", host.LocalAddress.String(), ", omitting")
+		if ipnet.Contains(net.ParseIP(node.LocalAddress.String())) && !internetGateway { // ensuring egress gateway range does not contain public ip of node
+			logger.Log(2, "egress IP range of ", iprange, " overlaps with ", node.LocalAddress.String(), ", omitting")
 			continue // skip adding egress range if overlaps with node's local ip
 		}
 		if err != nil {
@@ -826,42 +826,12 @@ func getEgressIPs(node, peer *models.Node) []net.IPNet {
 
 func getNodeAllowedIPs(peer, node *models.Node) []net.IPNet {
 	var allowedips = []net.IPNet{}
-	host, err := GetHost(node.ID.String())
-	if err != nil {
-		logger.Log(0, "error retrieving host for node", node.ID.String(), err.Error())
-	}
 	if peer.Address.IP != nil {
 		allowedips = append(allowedips, peer.Address)
 	}
 	if peer.Address6.IP != nil {
 		allowedips = append(allowedips, peer.Address6)
 	}
-	// handle manually set peers
-	for _, allowedIp := range peer.AllowedIPs {
-
-		// parsing as a CIDR first. If valid CIDR, append
-		if _, ipnet, err := net.ParseCIDR(allowedIp); err == nil {
-			nodeEndpointArr := strings.Split(host.EndpointIP.String(), ":")
-			if !ipnet.Contains(net.IP(nodeEndpointArr[0])) && ipnet.IP.String() != peer.Address.IP.String() { // don't need to add an allowed ip that already exists..
-				allowedips = append(allowedips, *ipnet)
-			}
-
-		} else { // parsing as an IP second. If valid IP, check if ipv4 or ipv6, then append
-			if iplib.Version(net.ParseIP(allowedIp)) == 4 && allowedIp != peer.Address.IP.String() {
-				ipnet := net.IPNet{
-					IP:   net.ParseIP(allowedIp),
-					Mask: net.CIDRMask(32, 32),
-				}
-				allowedips = append(allowedips, ipnet)
-			} else if iplib.Version(net.ParseIP(allowedIp)) == 6 && allowedIp != peer.Address6.IP.String() {
-				ipnet := net.IPNet{
-					IP:   net.ParseIP(allowedIp),
-					Mask: net.CIDRMask(128, 128),
-				}
-				allowedips = append(allowedips, ipnet)
-			}
-		}
-	}
 	// handle egress gateway peers
 	if peer.IsEgressGateway {
 		//hasGateway = true

logic/util.go

@@ -200,3 +200,9 @@ func CheckIfFileExists(filePath string) bool {
 	}
 	return true
 }
+
+// RemoveStringSlice - removes an element at given index i
+// from a given string slice
+func RemoveStringSlice(slice []string, i int) []string {
+	return append(slice[:i], slice[i+1:]...)
+}

logic/wireguard.go

@@ -14,8 +14,7 @@ func IfaceDelta(currentNode *models.Node, newNode *models.Node) bool {
 		newNode.IsRelay != currentNode.IsRelay ||
 		newNode.PersistentKeepalive != currentNode.PersistentKeepalive ||
 		newNode.DNSOn != currentNode.DNSOn ||
-		newNode.Connected != currentNode.Connected ||
-		len(newNode.AllowedIPs) != len(currentNode.AllowedIPs) {
+		newNode.Connected != currentNode.Connected {
 		return true
 	}
 	// multi-comparison statements
@@ -39,11 +38,6 @@ func IfaceDelta(currentNode *models.Node, newNode *models.Node) bool {
 			}
 		}
 	}
-	for _, address := range newNode.AllowedIPs {
-		if !StringSliceContains(currentNode.AllowedIPs, address) {
-			return true
-		}
-	}
 	return false
 }
 

models/api_host.go

@@ -13,7 +13,6 @@ type ApiHost struct {
 	Debug           bool     `json:"debug"`
 	IsStatic        bool     `json:"isstatic"`
 	ListenPort      int      `json:"listenport"`
-	LocalAddress    string   `json:"localaddress"`
 	LocalRange      string   `json:"localrange"`
 	LocalListenPort int      `json:"locallistenport"`
 	ProxyListenPort int      `json:"proxy_listen_port"`
@@ -42,10 +41,6 @@ func (h *Host) ConvertNMHostToAPI() *ApiHost {
 	}
 	a.IsStatic = h.IsStatic
 	a.ListenPort = h.ListenPort
-	a.LocalAddress = h.LocalAddress.String()
-	if isEmptyAddr(a.LocalAddress) {
-		a.LocalAddress = ""
-	}
 	a.LocalListenPort = h.LocalListenPort
 	a.LocalRange = h.LocalRange.String()
 	if isEmptyAddr(a.LocalRange) {
@@ -94,14 +89,7 @@ func (a *ApiHost) ConvertAPIHostToNMHost(currentHost *Host) *Host {
 	h.Nodes = currentHost.Nodes
 	h.TrafficKeyPublic = currentHost.TrafficKeyPublic
 	h.OS = currentHost.OS
-	if len(a.LocalAddress) > 0 {
-		_, localAddr, err := net.ParseCIDR(a.LocalAddress)
-		if err == nil {
-			h.LocalAddress = *localAddr
-		}
-	} else if !isEmptyAddr(currentHost.LocalAddress.String()) {
-		h.LocalAddress = currentHost.LocalAddress
-	}
+
 	if len(a.LocalRange) > 0 {
 		_, localRange, err := net.ParseCIDR(a.LocalRange)
 		if err == nil {

models/api_node.go

@@ -13,6 +13,7 @@ type ApiNode struct {
 	HostID                  string   `json:"hostid,omitempty" validate:"required,min=5,id_unique"`
 	Address                 string   `json:"address" validate:"omitempty,ipv4"`
 	Address6                string   `json:"address6" validate:"omitempty,ipv6"`
+	LocalAddress            string   `json:"localaddress" validate:"omitempty,ipv4"`
 	PostUp                  string   `json:"postup"`
 	PostDown                string   `json:"postdown"`
 	AllowedIPs              []string `json:"allowedips"`
@@ -50,7 +51,6 @@ func (a *ApiNode) ConvertToServerNode(currentNode *Node) *Node {
 	convertedNode.Server = a.Server
 	convertedNode.Action = currentNode.Action
 	convertedNode.Connected = a.Connected
-	convertedNode.AllowedIPs = a.AllowedIPs
 	convertedNode.ID, _ = uuid.Parse(a.ID)
 	convertedNode.HostID, _ = uuid.Parse(a.HostID)
 	convertedNode.PostUp = a.PostUp
@@ -81,6 +81,14 @@ func (a *ApiNode) ConvertToServerNode(currentNode *Node) *Node {
 	if err == nil {
 		convertedNode.NetworkRange6 = *networkRange6
 	}
+	if len(a.LocalAddress) > 0 {
+		_, localAddr, err := net.ParseCIDR(a.LocalAddress)
+		if err == nil {
+			convertedNode.LocalAddress = *localAddr
+		}
+	} else if !isEmptyAddr(currentNode.LocalAddress.String()) {
+		convertedNode.LocalAddress = currentNode.LocalAddress
+	}
 	udpAddr, err := net.ResolveUDPAddr("udp", a.InternetGateway)
 	if err == nil {
 		convertedNode.InternetGateway = udpAddr
@@ -114,9 +122,12 @@ func (nm *Node) ConvertToAPINode() *ApiNode {
 	if isEmptyAddr(apiNode.Address6) {
 		apiNode.Address6 = ""
 	}
+	apiNode.LocalAddress = nm.LocalAddress.String()
+	if isEmptyAddr(apiNode.LocalAddress) {
+		apiNode.LocalAddress = ""
+	}
 	apiNode.PostDown = nm.PostDown
 	apiNode.PostUp = nm.PostUp
-	apiNode.AllowedIPs = nm.AllowedIPs
 	apiNode.PersistentKeepalive = int32(nm.PersistentKeepalive)
 	apiNode.LastModified = nm.LastModified.Unix()
 	apiNode.LastCheckIn = nm.LastCheckIn.Unix()

models/host.go

@@ -24,7 +24,6 @@ type Host struct {
 	Interface        string           `json:"interface" yaml:"interface"`
 	Debug            bool             `json:"debug" yaml:"debug"`
 	ListenPort       int              `json:"listenport" yaml:"listenport"`
-	LocalAddress     net.IPNet        `json:"localaddress" yaml:"localaddress"`
 	LocalRange       net.IPNet        `json:"localrange" yaml:"localrange"`
 	LocalListenPort  int              `json:"locallistenport" yaml:"locallistenport"`
 	ProxyListenPort  int              `json:"proxy_listen_port" yaml:"proxy_listen_port"`

models/node.go

@@ -69,6 +69,7 @@ type CommonNode struct {
 	PostUp              string               `json:"postup" yaml:"postup"`
 	PostDown            string               `json:"postdown" yaml:"postdown"`
 	Action              string               `json:"action" yaml:"action"`
+	LocalAddress        net.IPNet            `json:"localaddress" yaml:"localaddress"`
 	IsLocal             bool                 `json:"islocal" yaml:"islocal"`
 	IsEgressGateway     bool                 `json:"isegressgateway" yaml:"isegressgateway"`
 	IsIngressGateway    bool                 `json:"isingressgateway" yaml:"isingressgateway"`
@@ -85,7 +86,6 @@ type Node struct {
 	LastCheckIn             time.Time            `json:"lastcheckin" bson:"lastcheckin" yaml:"lastcheckin"`
 	LastPeerUpdate          time.Time            `json:"lastpeerupdate" bson:"lastpeerupdate" yaml:"lastpeerupdate"`
 	ExpirationDateTime      time.Time            `json:"expdatetime" bson:"expdatetime" yaml:"expdatetime"`
-	AllowedIPs              []string             `json:"allowedips" bson:"allowedips" yaml:"allowedips"`
 	EgressGatewayRanges     []string             `json:"egressgatewayranges" bson:"egressgatewayranges" yaml:"egressgatewayranges"`
 	EgressGatewayNatEnabled bool                 `json:"egressgatewaynatenabled" bson:"egressgatewaynatenabled" yaml:"egressgatewaynatenabled"`
 	EgressGatewayRequest    EgressGatewayRequest `json:"egressgatewayrequest" bson:"egressgatewayrequest" yaml:"egressgatewayrequest"`
@@ -381,9 +381,6 @@ func (newNode *Node) Fill(currentNode *Node) { // TODO add new field for nftable
 	if newNode.PostDown == "" {
 		newNode.PostDown = currentNode.PostDown
 	}
-	if newNode.AllowedIPs == nil {
-		newNode.AllowedIPs = currentNode.AllowedIPs
-	}
 	if newNode.PersistentKeepalive < 0 {
 		newNode.PersistentKeepalive = currentNode.PersistentKeepalive
 	}
@@ -503,7 +500,6 @@ func (ln *LegacyNode) ConvertToNewNode() (*Host, *Node) {
 		host.Name = ln.Name
 		host.ListenPort = int(ln.ListenPort)
 		_, cidr, _ := net.ParseCIDR(ln.LocalAddress)
-		host.LocalAddress = *cidr
 		_, cidr, _ = net.ParseCIDR(ln.LocalRange)
 		host.LocalRange = *cidr
 		host.LocalListenPort = int(ln.LocalListenPort)
@@ -552,7 +548,6 @@ func (n *Node) Legacy(h *Host, s *ServerConfig, net *Network) *LegacyNode {
 	l.HostID = h.ID.String()
 	l.Address = n.Address.String()
 	l.Address6 = n.Address6.String()
-	l.LocalAddress = h.LocalAddress.String()
 	l.Interfaces = h.Interfaces
 	l.Name = h.Name
 	l.NetworkSettings = *net