Merge pull request #2111 from gravitl/GRA-1375-default-proxy

default proxy mode

compose/docker-compose-emqx.yml

@@ -30,6 +30,7 @@ services:
       VERBOSITY: "1"
       MQ_PASSWORD: "REPLACE_MQ_PASSWORD"
       MQ_USERNAME: "REPLACE_MQ_USERNAME"
+      DEFAULT_PROXY_MODE: "auto"
     ports:
       - "3478:3478/udp"
   netmaker-ui:

compose/docker-compose.ee.yml

@@ -33,6 +33,7 @@ services:
       METRICS_EXPORTER: "on"
       LICENSE_KEY: "YOUR_LICENSE_KEY"
       NETMAKER_ACCOUNT_ID: "YOUR_ACCOUNT_ID"
+      DEFAULT_PROXY_MODE: "auto"
     ports:
       - "3478:3478/udp"
   netmaker-ui:

compose/docker-compose.reference.yml

@@ -38,6 +38,7 @@ services:
       FRONTEND_URL: "" # "https://dashboard.<netmaker base domain>"
       AZURE_TENANT: "" # "<only for azure, you may optionally specify the tenant for the OAuth>"
       OIDC_ISSUER: "" # https://oidc.yourprovider.com - URL of oidc provider
+      DEFAULT_PROXY_MODE: "auto" # if ON, all new clients will enable proxy by default if OFF, all new clients will disable proxy by default, if AUTO, stick with the existing logic for NAT detection
     ports:
       - "3478:3478/udp" # the stun port
   netmaker-ui:  # The Netmaker UI Component

compose/docker-compose.yml

@@ -28,6 +28,7 @@ services:
       MQ_PASSWORD: "REPLACE_MQ_PASSWORD"
       MQ_USERNAME: "REPLACE_MQ_USERNAME"
       STUN_PORT: "3478"
+      DEFAULT_PROXY_MODE: "auto"
     ports:
       - "3478:3478/udp"
   netmaker-ui:

config/config.go

@@ -32,48 +32,55 @@ type EnvironmentConfig struct {
 
 // ServerConfig - server conf struct
 type ServerConfig struct {
-	CoreDNSAddr          string `yaml:"corednsaddr"`
-	APIConnString        string `yaml:"apiconn"`
-	APIHost              string `yaml:"apihost"`
-	APIPort              string `yaml:"apiport"`
-	Broker               string `yam:"broker"`
-	ServerBrokerEndpoint string `yaml:"serverbrokerendpoint"`
-	BrokerType           string `yaml:"brokertype"`
-	EmqxRestEndpoint     string `yaml:"emqxrestendpoint"`
-	MasterKey            string `yaml:"masterkey"`
-	DNSKey               string `yaml:"dnskey"`
-	AllowedOrigin        string `yaml:"allowedorigin"`
-	NodeID               string `yaml:"nodeid"`
-	RestBackend          string `yaml:"restbackend"`
-	MessageQueueBackend  string `yaml:"messagequeuebackend"`
-	DNSMode              string `yaml:"dnsmode"`
-	DisableRemoteIPCheck string `yaml:"disableremoteipcheck"`
-	Version              string `yaml:"version"`
-	SQLConn              string `yaml:"sqlconn"`
-	Platform             string `yaml:"platform"`
-	Database             string `yaml:"database"`
-	Verbosity            int32  `yaml:"verbosity"`
-	AuthProvider         string `yaml:"authprovider"`
-	OIDCIssuer           string `yaml:"oidcissuer"`
-	ClientID             string `yaml:"clientid"`
-	ClientSecret         string `yaml:"clientsecret"`
-	FrontendURL          string `yaml:"frontendurl"`
-	DisplayKeys          string `yaml:"displaykeys"`
-	AzureTenant          string `yaml:"azuretenant"`
-	Telemetry            string `yaml:"telemetry"`
-	HostNetwork          string `yaml:"hostnetwork"`
-	Server               string `yaml:"server"`
-	PublicIPService      string `yaml:"publicipservice"`
-	MQPassword           string `yaml:"mqpassword"`
-	MQUserName           string `yaml:"mqusername"`
-	MetricsExporter      string `yaml:"metrics_exporter"`
-	BasicAuth            string `yaml:"basic_auth"`
-	LicenseValue         string `yaml:"license_value"`
-	NetmakerAccountID    string `yaml:"netmaker_account_id"`
-	IsEE                 string `yaml:"is_ee"`
-	StunPort             int    `yaml:"stun_port"`
-	StunList             string `yaml:"stun_list"`
-	Proxy                string `yaml:"proxy"`
+	CoreDNSAddr          string    `yaml:"corednsaddr"`
+	APIConnString        string    `yaml:"apiconn"`
+	APIHost              string    `yaml:"apihost"`
+	APIPort              string    `yaml:"apiport"`
+	Broker               string    `yam:"broker"`
+	ServerBrokerEndpoint string    `yaml:"serverbrokerendpoint"`
+	BrokerType           string    `yaml:"brokertype"`
+	EmqxRestEndpoint     string    `yaml:"emqxrestendpoint"`
+	MasterKey            string    `yaml:"masterkey"`
+	DNSKey               string    `yaml:"dnskey"`
+	AllowedOrigin        string    `yaml:"allowedorigin"`
+	NodeID               string    `yaml:"nodeid"`
+	RestBackend          string    `yaml:"restbackend"`
+	MessageQueueBackend  string    `yaml:"messagequeuebackend"`
+	DNSMode              string    `yaml:"dnsmode"`
+	DisableRemoteIPCheck string    `yaml:"disableremoteipcheck"`
+	Version              string    `yaml:"version"`
+	SQLConn              string    `yaml:"sqlconn"`
+	Platform             string    `yaml:"platform"`
+	Database             string    `yaml:"database"`
+	Verbosity            int32     `yaml:"verbosity"`
+	AuthProvider         string    `yaml:"authprovider"`
+	OIDCIssuer           string    `yaml:"oidcissuer"`
+	ClientID             string    `yaml:"clientid"`
+	ClientSecret         string    `yaml:"clientsecret"`
+	FrontendURL          string    `yaml:"frontendurl"`
+	DisplayKeys          string    `yaml:"displaykeys"`
+	AzureTenant          string    `yaml:"azuretenant"`
+	Telemetry            string    `yaml:"telemetry"`
+	HostNetwork          string    `yaml:"hostnetwork"`
+	Server               string    `yaml:"server"`
+	PublicIPService      string    `yaml:"publicipservice"`
+	MQPassword           string    `yaml:"mqpassword"`
+	MQUserName           string    `yaml:"mqusername"`
+	MetricsExporter      string    `yaml:"metrics_exporter"`
+	BasicAuth            string    `yaml:"basic_auth"`
+	LicenseValue         string    `yaml:"license_value"`
+	NetmakerAccountID    string    `yaml:"netmaker_account_id"`
+	IsEE                 string    `yaml:"is_ee"`
+	StunPort             int       `yaml:"stun_port"`
+	StunList             string    `yaml:"stun_list"`
+	Proxy                string    `yaml:"proxy"`
+	DefaultProxyMode     ProxyMode `yaml:"defaultproxymode"`
+}
+
+// ProxyMode - default proxy mode for server
+type ProxyMode struct {
+	Set   bool
+	Value bool
 }
 
 // SQLConfig - Generic SQL Config

logic/hosts.go

@@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log"
 
 	"github.com/google/uuid"
 	"github.com/gravitl/netmaker/database"
@@ -96,6 +97,15 @@ func CreateHost(h *models.Host) error {
 		return err
 	}
 	h.HostPass = string(hash)
+	// if another server has already updated proxyenabled, leave it alone
+	if !h.ProxyEnabledSet {
+		log.Println("checking default proxy", servercfg.GetServerConfig().DefaultProxyMode)
+		if servercfg.GetServerConfig().DefaultProxyMode.Set {
+			h.ProxyEnabledSet = true
+			h.ProxyEnabled = servercfg.GetServerConfig().DefaultProxyMode.Value
+			log.Println("set proxy enabled to ", h.ProxyEnabled)
+		}
+	}
 	checkForZombieHosts(h)
 	return UpsertHost(h)
 }

models/host.go

@@ -55,6 +55,7 @@ type Host struct {
 	DefaultInterface string           `json:"defaultinterface" yaml:"defautlinterface"`
 	EndpointIP       net.IP           `json:"endpointip" yaml:"endpointip"`
 	ProxyEnabled     bool             `json:"proxy_enabled" yaml:"proxy_enabled"`
+	ProxyEnabledSet  bool             `json:"proxy_enabled_updated" yaml:"proxy_enabled_updated"`
 	IsDocker         bool             `json:"isdocker" yaml:"isdocker"`
 	IsK8S            bool             `json:"isk8s" yaml:"isk8s"`
 	IsStatic         bool             `json:"isstatic" yaml:"isstatic"`

servercfg/serverconf.go

@@ -79,6 +79,7 @@ func GetServerConfig() config.ServerConfig {
 	if Is_EE {
 		cfg.IsEE = "yes"
 	}
+	cfg.DefaultProxyMode = GetDefaultProxyMode()
 
 	return cfg
 }
@@ -636,6 +637,32 @@ func IsProxyEnabled() bool {
 	return enabled
 }
 
+// GetDefaultProxyMode - default proxy mode for a server
+func GetDefaultProxyMode() config.ProxyMode {
+	var (
+		mode config.ProxyMode
+		def  string
+	)
+	if os.Getenv("DEFAULT_PROXY_MODE") != "" {
+		def = os.Getenv("DEFAULT_PROXY_MODE")
+	} else if config.Config.Server.DefaultProxyMode.Set {
+		return config.Config.Server.DefaultProxyMode
+	}
+	switch strings.ToUpper(def) {
+	case "ON":
+		mode.Set = true
+		mode.Value = true
+	case "OFF":
+		mode.Set = true
+		mode.Value = false
+	// AUTO or any other value
+	default:
+		mode.Set = false
+	}
+	return mode
+
+}
+
 // parseStunList - turn string into slice of StunServers
 func parseStunList(stunString string) ([]models.StunServer, error) {
 	var err error