Merge branch 'develop' into NET-641

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -31,6 +31,7 @@ body:
       label: Version
       description: What version are you running?
       options:
+        - v0.21.2
         - v0.21.1
         - v0.21.0
         - v0.20.6

README.md

@@ -16,7 +16,7 @@
 
 <p align="center">
   <a href="https://github.com/gravitl/netmaker/releases">
-    <img src="https://img.shields.io/badge/Version-0.21.1-informational?style=flat-square" />
+    <img src="https://img.shields.io/badge/Version-0.21.2-informational?style=flat-square" />
   </a>
   <a href="https://hub.docker.com/r/gravitl/netmaker/tags">
     <img src="https://img.shields.io/docker/pulls/gravitl/netmaker?label=downloads" />

compose/docker-compose.netclient.yml

@@ -3,7 +3,7 @@ version: "3.4"
 services:
   netclient:
     container_name: netclient
-    image: 'gravitl/netclient:v0.21.1'
+    image: 'gravitl/netclient:v0.21.2'
     hostname: netmaker-1
     network_mode: host
     restart: on-failure

controllers/docs.go

@@ -10,7 +10,7 @@
 //
 //	Schemes: https
 //	BasePath: /
-//	Version: 0.21.1
+//	Version: 0.21.2
 //	Host: api.demo.netmaker.io
 //
 //	Consumes:

controllers/ext_client.go

@@ -364,7 +364,7 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
 					extclient.RemoteAccessClientID == customExtClient.RemoteAccessClientID && nodeid == extclient.IngressGatewayID {
 					// extclient on the gw already exists for the remote access client
 					err = errors.New("remote client config already exists on the gateway")
-					slog.Error("failed to get extclients", "error", err)
+					slog.Error("failed to create extclient", "user", userName, "error", err)
 					logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 					return
 				}
@@ -539,12 +539,12 @@ func deleteExtClient(w http.ResponseWriter, r *http.Request) {
 	if err != nil {
 		err = errors.New("Could not delete extclient " + params["clientid"])
 		logger.Log(0, r.Header.Get("user"),
-			fmt.Sprintf("failed to delete extclient [%s],network [%s]: %v", clientid, network, err))
+			fmt.Sprintf("failed to get extclient [%s],network [%s]: %v", clientid, network, err))
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}
 	if !logic.IsUserAllowedAccessToExtClient(r.Header.Get("user"), extclient) {
-		slog.Error("failed to get extclient", "network", network, "clientID",
+		slog.Error("user not allowed to delete", "network", network, "clientID",
 			clientid, "error", errors.New("access is denied"))
 		logic.ReturnErrorResponse(w, r, logic.FormatError(errors.New("access is denied"), "forbidden"))
 		return

controllers/hosts.go

@@ -100,13 +100,13 @@ func pull(w http.ResponseWriter, r *http.Request) {
 	}
 	allNodes, err := logic.GetAllNodes()
 	if err != nil {
-		logger.Log(0, "could not pull peers for host", hostID)
+		logger.Log(0, "failed to get nodes: ", hostID)
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}
 	hPU, err := logic.GetPeerUpdateForHost("", host, allNodes, nil, nil)
 	if err != nil {
-		logger.Log(0, "could not pull peers for host", hostID)
+		logger.Log(0, "could not pull peers for host", hostID, err.Error())
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "internal"))
 		return
 	}

controllers/migrate.go

@@ -65,7 +65,6 @@ func migrate(w http.ResponseWriter, r *http.Request) {
 			host.Name = data.HostName
 			host.HostPass = data.Password
 			host.OS = data.OS
-			host.PersistentKeepalive = time.Duration(legacy.PersistentKeepalive)
 			if err := logic.CreateHost(&host); err != nil {
 				slog.Error("create host", "error", err)
 				logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
@@ -141,6 +140,9 @@ func convertLegacyHostNode(legacy models.LegacyNode) (models.Host, models.Node)
 	host.AutoUpdate = servercfg.AutoUpdateEnabled()
 	host.Interface = "netmaker"
 	host.ListenPort = int(legacy.ListenPort)
+	if host.ListenPort == 0 {
+		host.ListenPort = 51821
+	}
 	host.MTU = int(legacy.MTU)
 	host.PublicKey, _ = wgtypes.ParseKey(legacy.PublicKey)
 	host.MacAddress = net.HardwareAddr(legacy.MacAddress)
@@ -152,6 +154,11 @@ func convertLegacyHostNode(legacy models.LegacyNode) (models.Host, models.Node)
 	host.IsDocker = models.ParseBool(legacy.IsDocker)
 	host.IsK8S = models.ParseBool(legacy.IsK8S)
 	host.IsStatic = models.ParseBool(legacy.IsStatic)
+	host.PersistentKeepalive = time.Duration(legacy.PersistentKeepalive) * time.Second
+	if host.PersistentKeepalive == 0 {
+		host.PersistentKeepalive = models.DefaultPersistentKeepAlive
+	}
+
 	node := convertLegacyNode(legacy, host.ID)
 	return host, node
 }

controllers/node.go

@@ -571,10 +571,28 @@ func deleteIngressGateway(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if servercfg.IsPro && wasFailover {
-		if err = logic.EnterpriseResetFailoverFunc(node.Network); err != nil {
-			logger.Log(1, "failed to reset failover list during failover create", node.ID.String(), node.Network)
+	if servercfg.IsPro {
+		if wasFailover {
+			if err = logic.EnterpriseResetFailoverFunc(node.Network); err != nil {
+				logger.Log(1, "failed to reset failover list during failover create", node.ID.String(), node.Network)
+			}
 		}
+		go func() {
+			users, err := logic.GetUsersDB()
+			if err == nil {
+				for _, user := range users {
+					if _, ok := user.RemoteGwIDs[nodeid]; ok {
+						delete(user.RemoteGwIDs, nodeid)
+						err = logic.UpsertUser(user)
+						if err != nil {
+							slog.Error("failed to get user", "user", user.UserName, "error", err)
+						}
+					}
+				}
+			} else {
+				slog.Error("failed to get users", "error", err)
+			}
+		}()
 	}
 
 	apiNode := node.ConvertToAPINode()

controllers/user.go

@@ -525,7 +525,23 @@ func deleteUser(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(err, "badrequest"))
 		return
 	}
-
+	// check and delete extclient with this ownerID
+	go func() {
+		extclients, err := logic.GetAllExtClients()
+		if err != nil {
+			slog.Error("failed to get extclients", "error", err)
+			return
+		}
+		for _, extclient := range extclients {
+			if extclient.OwnerID == user.UserName {
+				err = logic.DeleteExtClient(extclient.Network, extclient.ClientID)
+				if err != nil {
+					slog.Error("failed to delete extclient",
+						"id", extclient.ClientID, "owner", user.UserName, "error", err)
+				}
+			}
+		}
+	}()
 	logger.Log(1, username, "was deleted")
 	json.NewEncoder(w).Encode(params["username"] + " deleted.")
 }

k8s/client/netclient-daemonset.yaml

@@ -16,7 +16,7 @@ spec:
       hostNetwork: true
       containers:
       - name: netclient
-        image: gravitl/netclient:v0.21.1
+        image: gravitl/netclient:v0.21.2
         env:
         - name: TOKEN
           value: "TOKEN_VALUE"

k8s/client/netclient.yaml

@@ -28,7 +28,7 @@ spec:
       #           - "<node label value>"
       containers:
       - name: netclient
-        image: gravitl/netclient:v0.21.1
+        image: gravitl/netclient:v0.21.2
         env:
         - name: TOKEN
           value: "TOKEN_VALUE"

k8s/server/netmaker-ui.yaml

@@ -15,7 +15,7 @@ spec:
     spec:
       containers:
       - name: netmaker-ui
-        image: gravitl/netmaker-ui:v0.21.1
+        image: gravitl/netmaker-ui:v0.21.2
         ports:
         - containerPort: 443
         env:

logic/auth.go

@@ -39,6 +39,30 @@ func HasSuperAdmin() (bool, error) {
 	return false, err
 }
 
+// GetUsersDB - gets users
+func GetUsersDB() ([]models.User, error) {
+
+	var users []models.User
+
+	collection, err := database.FetchRecords(database.USERS_TABLE_NAME)
+
+	if err != nil {
+		return users, err
+	}
+
+	for _, value := range collection {
+
+		var user models.User
+		err = json.Unmarshal([]byte(value), &user)
+		if err != nil {
+			continue // get users
+		}
+		users = append(users, user)
+	}
+
+	return users, err
+}
+
 // GetUsers - gets users
 func GetUsers() ([]models.ReturnUser, error) {
 

logic/peers.go

@@ -118,7 +118,7 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
 			peerHost, err := GetHost(peer.HostID.String())
 			if err != nil {
 				logger.Log(1, "no peer host", peer.HostID.String(), err.Error())
-				return models.HostPeerUpdate{}, err
+				continue
 			}
 			peerConfig := wgtypes.PeerConfig{
 				PublicKey:                   peerHost.PublicKey,

main.go

@@ -28,7 +28,8 @@ import (
 	"golang.org/x/exp/slog"
 )
 
-var version = "v0.21.0"
+
+var version = "v0.21.2"
 
 // Start DB Connection and start API Request Handler
 func main() {

pro/controllers/users.go

@@ -185,6 +185,9 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
 			if node.PendingDelete {
 				continue
 			}
+			if !node.IsIngressGateway {
+				continue
+			}
 			host, err := logic.GetHost(node.HostID.String())
 			if err != nil {
 				continue
@@ -214,6 +217,9 @@ func getUserRemoteAccessGws(w http.ResponseWriter, r *http.Request) {
 		if err != nil {
 			continue
 		}
+		if !node.IsIngressGateway {
+			continue
+		}
 		if node.PendingDelete {
 			continue
 		}

release.md

@@ -1,11 +1,15 @@
 
-# Netmaker v0.21.1
+# Netmaker v0.21.2
 
 ## Whats New
-- New User Management, Refer Docs For More Info
-- Added Support For Remote Access Client
+- Remote access client session management, refer users section in docs for more details
+- Can now create generic DNS entries
+- Upgrade client version to match server version from UI
+- Moved PersistentKeepAlive setting from node to host level
 ## What's Fixed
--  Proper Cleanup Of Extclients On a Client Gateway Deletion
+- Extclients DNS now properly set from ingress dns value provided
+- Allow role update of OAuth user
+- Fixed zombie node issue
 ## known issues
 - Windows installer does not install WireGuard
 - netclient-gui will continously display error dialog if netmaker server is offline

scripts/nm-upgrade-0-17-1-to-0-19-0.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-LATEST="v0.21.1"
+LATEST="v0.21.2"
 INSTALL_PATH="/root"
 
 trap restore_old_netmaker_instructions

swagger.yml

@@ -1149,7 +1149,7 @@ info:
 
         API calls must be authenticated via a header of the format -H “Authorization: Bearer <YOUR_SECRET_KEY>” There are two methods to obtain YOUR_SECRET_KEY: 1. Using the masterkey. By default, this value is “secret key,” but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [Netmaker](https://docs.netmaker.org/index.html) documentation for more details. 2. Using a JWT received for a node. This can be retrieved by calling the /api/nodes/<network>/authenticate endpoint, as documented below.
     title: Netmaker
-    version: 0.21.1
+    version: 0.21.2
 paths:
     /api/dns:
         get: