Merge pull request #430 from gravitl/develop

Develop

compose/docker-compose.contained.yml

@@ -0,0 +1,61 @@
+version: "3.4"
+
+services:
+  netmaker:
+    container_name: netmaker
+    image: gravitl/netmaker:v0.8.5
+    volumes:
+      - dnsconfig:/root/config/dnsconfig
+      - /usr/bin/wg:/usr/bin/wg
+      - sqldata:/root/data
+    cap_add: 
+      - NET_ADMIN
+    restart: always
+    privileged: true
+    environment:
+      SERVER_HOST: "SERVER_PUBLIC_IP"
+      SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
+      SERVER_GRPC_CONN_STRING: "grpc.NETMAKER_BASE_DOMAIN:443"
+      COREDNS_ADDR: "SERVER_PUBLIC_IP"
+      GRPC_SSL: "on"
+      DNS_MODE: "on"
+      SERVER_HTTP_HOST: "api.NETMAKER_BASE_DOMAIN"
+      SERVER_GRPC_HOST: "grpc.NETMAKER_BASE_DOMAIN"
+      API_PORT: "8081"
+      GRPC_PORT: "50051"
+      CLIENT_MODE: "on"
+      MASTER_KEY: "REPLACE_MASTER_KEY"
+      SERVER_GRPC_WIREGUARD: "off"
+      CORS_ALLOWED_ORIGIN: "*"
+      DATABASE: "sqlite"
+    ports:
+      - "51821-51830:51821-51830/udp"
+      - "8081:8081"
+      - "50051:50051"
+  netmaker-ui:
+    container_name: netmaker-ui
+    depends_on:
+      - netmaker
+    image: gravitl/netmaker-ui:v0.8.5
+    links:
+      - "netmaker:api"
+    ports:
+      - "8082:80"
+    environment:
+      BACKEND_URL: "https://api.NETMAKER_BASE_DOMAIN"
+    restart: always
+  coredns:
+    depends_on:
+      - netmaker 
+    image: coredns/coredns
+    command: -conf /root/dnsconfig/Corefile
+    container_name: coredns
+    restart: always
+    ports:
+      - "COREDNS_IP:53:53/udp"
+      - "COREDNS_IP:53:53/tcp"
+    volumes:
+      - dnsconfig:/root/dnsconfig
+volumes:
+  sqldata: {}
+  dnsconfig: {}

compose/docker-compose.yml

@@ -5,12 +5,18 @@ services:
     container_name: netmaker
     image: gravitl/netmaker:v0.8.5
     volumes:
-      - dnsconfig:/root/config/dnsconfig
+      - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
+      - /run/systemd/system:/run/systemd/system
+      - /etc/systemd/system:/etc/systemd/system
+      - /sys/fs/cgroup:/sys/fs/cgroup
       - /usr/bin/wg:/usr/bin/wg
+      - dnsconfig:/root/config/dnsconfig
       - sqldata:/root/data
     cap_add: 
       - NET_ADMIN
+      - SYS_ADMIN
     restart: always
+    network_mode: host
     privileged: true
     environment:
       SERVER_HOST: "SERVER_PUBLIC_IP"
@@ -28,10 +34,7 @@ services:
       SERVER_GRPC_WIREGUARD: "off"
       CORS_ALLOWED_ORIGIN: "*"
       DATABASE: "sqlite"
-    ports:
-      - "51821-51830:51821-51830/udp"
-      - "8081:8081"
-      - "50051:50051"
+      NODE_ID: "netmaker-server-1"
   netmaker-ui:
     container_name: netmaker-ui
     depends_on:

docs/oauth.rst

@@ -18,13 +18,13 @@ Configuring your provider
 
 In order to use OAuth, configure your OAuth provider (GitHub, Google, Azure AD).
 
-You must configure your provider to use the Netmaker Dashboard URI dashboard.<netmaker.base.domain> as the origin URL.
+You must configure your provider (except for Azure AD) to use the Netmaker Dashboard URI dashboard.<netmaker.base.domain> as the origin URL.
 
 For example: `https://dashboard.netmaker.mydomain.com`
 
-You must configure your provider to use the Netmaker API URI redirect route with the following format: https://api.<netmaker base domain>/api/oauth2/callback.
+You must configure your provider to use the Netmaker API URI redirect route with the following format: https://api.<netmaker base domain>/api/oauth/callback.
 
-For example: `https://api.netmaker.mydomain.com/api/oauth2/callback`
+For example: `https://api.netmaker.mydomain.com/api/oauth/callback`
 
 General provider instructions can be found with the following links:
 
@@ -41,14 +41,18 @@ Next, Configure Netmaker with the following environment variables. If any are le
 
 .. code-block::
 
-    AUTH_PROVIDER="<azure-ad|github|google>"
-    CLIENT_ID="<client id of your oauth provider>"
-    CLIENT_SECRET="<client secret of your oauth provider>"
-    SERVER_HTTP_HOST="https://<your-netmaker-api-domain>"
-    FRONTEND_URL="https://<your-netmaker-dashboard-domain>"
+    AUTH_PROVIDER: "<azure-ad|github|google>"
+    CLIENT_ID: "<client id of your oauth provider>"
+    CLIENT_SECRET: "<client secret of your oauth provider>"
+    SERVER_HTTP_HOST: "api.<netmaker base domain>"
+    FRONTEND_URL: "https://dashboard.<netmaker base domain>"
 
 
-After restarting your server, the Netmaker logs will indicate if the OAuth provider was successfully initialized.
+After restarting your server, the Netmaker logs will indicate if the OAuth provider was successfully initialized:
+
+.. code-block::
+
+   sudo docker logs netmaker
 
 Once successful, users can click the key symbol on the login page to sign-in with your configured OAuth provider.
 

go.mod

@@ -4,7 +4,7 @@ go 1.15
 
 require (
 	github.com/go-playground/validator/v10 v10.9.0
-	github.com/golang-jwt/jwt/v4 v4.0.0
+	github.com/golang-jwt/jwt/v4 v4.1.0
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/mux v1.8.0

go.sum

@@ -39,8 +39,8 @@ github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/j
 github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
 github.com/go-playground/validator/v10 v10.9.0 h1:NgTtmN58D0m8+UuxtYmGztBJB7VnPgjj221I1QHci2A=
 github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
-github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
-github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
+github.com/golang-jwt/jwt/v4 v4.1.0 h1:XUgk2Ex5veyVFVeLm0xhusUTQybEbexJXrvPNOKkSY0=
+github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
 github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=

netclient/config/config.go

@@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io/ioutil"
 	"log"
 	"os"
 
@@ -208,6 +209,44 @@ func ModConfig(node *models.Node) error {
 	return err
 }
 
+// ModConfig - overwrites the node inside client config on disk
+func SaveBackup(network string) error {
+
+	var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
+	var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
+	if FileExists(configPath) {
+		input, err := ioutil.ReadFile(configPath)
+		if err != nil {
+			ncutils.Log("failed to read " + configPath + " to make a backup")
+			return err
+		}
+		if err = ioutil.WriteFile(backupPath, input, 0644); err != nil {
+			ncutils.Log("failed to copy backup to " + backupPath)
+			return err
+		}
+	}
+	return nil
+}
+
+// ReplaceWithBackup - replaces netconfig file with backup
+func ReplaceWithBackup(network string) error {
+	var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
+	var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
+	if FileExists(backupPath) {
+		input, err := ioutil.ReadFile(backupPath)
+		if err != nil {
+			ncutils.Log("failed to read file " + backupPath + " to backup network: " + network)
+			return err
+		}
+		if err = ioutil.WriteFile(configPath, input, 0644); err != nil {
+			ncutils.Log("failed backup " + backupPath + " to " + configPath)
+			return err
+		}
+	}
+	ncutils.Log("used backup file for network: " + network)
+	return nil
+}
+
 // GetCLIConfig - gets the cli flags as a config
 func GetCLIConfig(c *cli.Context) (ClientConfig, string, error) {
 	var cfg ClientConfig
@@ -332,7 +371,13 @@ func ReadConfig(network string) (*ClientConfig, error) {
 	f, err := os.Open(file)
 
 	if err != nil {
-		nofile = true
+		if err = ReplaceWithBackup(network); err != nil {
+			nofile = true
+		}
+		f, err = os.Open(file)
+		if err != nil {
+			nofile = true
+		}
 	}
 	defer f.Close()
 

netclient/functions/checkin.go

@@ -151,10 +151,11 @@ func CheckConfig(cliconf config.ClientConfig) error {
 // Pull - pulls the latest config from the server, if manual it will overwrite
 func Pull(network string, manual bool) (*models.Node, error) {
 	cfg, err := config.ReadConfig(network)
-	node := cfg.Node
 	if err != nil {
 		return nil, err
 	}
+
+	node := cfg.Node
 	servercfg := cfg.Server
 
 	if cfg.Node.IPForwarding == "yes" && !ncutils.IsWindows() {
@@ -243,6 +244,10 @@ func Pull(network string, manual bool) (*models.Node, error) {
 	if ncutils.IsLinux() {
 		setDNS(&resNode, servercfg, &cfg.Node)
 	}
+	var bkupErr = config.SaveBackup(network)
+	if bkupErr != nil {
+		ncutils.Log("unable to update backup file")
+	}
 
 	return &resNode, err
 }

netclient/functions/join.go

@@ -5,6 +5,9 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
+	"os/exec"
+
 	nodepb "github.com/gravitl/netmaker/grpc"
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/auth"
@@ -16,8 +19,6 @@ import (
 	"github.com/gravitl/netmaker/netclient/wireguard"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 	"google.golang.org/grpc"
-	"log"
-	"os/exec"
 )
 
 // JoinNetwork - helps a client join a network
@@ -185,6 +186,10 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
 		if err != nil {
 			return err
 		}
+		// attempt to make backup
+		if err = config.SaveBackup(node.Network); err != nil {
+			ncutils.Log("failed to make backup, node will not auto restore if config is corrupted")
+		}
 	}
 
 	ncutils.Log("retrieving peers")

scripts/netclient-install.sh

@@ -51,6 +51,7 @@ set -e
 
 [ -z "$KEY" ] && KEY=nokey;
 [ -z "$VERSION" ] && echo "no \$VERSION provided, fallback to latest" && VERSION=latest;
+[ "latest" != "$VERSION" ] && [ "v" != `echo $VERSION | cut -c1` ] && VERSION="v$VERSION"
 
 dist=netclient
 
@@ -78,6 +79,9 @@ case $(uname | tr '[:upper:]' '[:lower:]') in
 			aarch64)
                                 dist=netclient-arm64
 			;;
+			armv7l)
+                                dist=netclient-armv7
+			;;
 			arm*)
 				dist=netclient-$CPU_ARCH
             		;;
@@ -92,7 +96,14 @@ esac
 
 echo "Binary = $dist"
 
-wget -nv -O netclient https://github.com/gravitl/netmaker/releases/download/$VERSION/$dist
+url="https://github.com/gravitl/netmaker/releases/download/$VERSION/$dist"
+if curl --output /dev/null --silent --head --fail "$url"; then
+	echo "Downloading $dist $VERSION"
+	wget -nv -O netclient $url
+else
+	echo "Downloading $dist latest"
+	wget -nv -O netclient https://github.com/gravitl/netmaker/releases/download/latest/$dist
+fi
 chmod +x netclient
 sudo ./netclient join -t $KEY
 rm -f netclient