comment certs code for mq

controllers/node.go

@@ -601,19 +601,8 @@ func createNode(w http.ResponseWriter, r *http.Request) {
 					Command:  mq.CreateClientCmd,
 					Username: node.ID,
 					Password: node.Password,
-					Clientid: node.ID,
-					Roles: []mq.MqDynSecRole{
-						{
-							Rolename: "node",
-							Priority: -1,
-						},
-					},
-					Groups: []mq.MqDynSecGroup{
-						{
-							Groupname: "nodes",
-							Priority:  -1,
-						},
-					},
+					Roles:    make([]mq.MqDynSecRole, 0),
+					Groups:   make([]mq.MqDynSecGroup, 0),
 				},
 			},
 		},

mq/mq.go

@@ -26,6 +26,7 @@ var mqclient mqtt.Client
 func SetupMQTT() {
 	opts := mqtt.NewClientOptions()
 	broker, _ := servercfg.GetMessageQueueEndpoint()
+	logger.Log(0, "----------> BROKER: ", broker)
 	opts.AddBroker(broker)
 	id := ncutils.MakeRandomString(23)
 	opts.ClientID = id

netclient/command/commands.go

@@ -1,8 +1,6 @@
 package command
 
 import (
-	"crypto/ed25519"
-	"crypto/rand"
 	"fmt"
 	"strings"
 
@@ -11,7 +9,6 @@ import (
 	"github.com/gravitl/netmaker/netclient/daemon"
 	"github.com/gravitl/netmaker/netclient/functions"
 	"github.com/gravitl/netmaker/netclient/ncutils"
-	"github.com/gravitl/netmaker/tls"
 )
 
 // Join - join command to run from cli
@@ -93,27 +90,27 @@ func Pull(cfg *config.ClientConfig) error {
 
 		currentServers[currCfg.Server.Server] = *currCfg
 	}
-	//generate new client key if one doesn' exist
-	var private *ed25519.PrivateKey
-	private, err = tls.ReadKeyFromFile(ncutils.GetNetclientPath() + ncutils.GetSeparator() + "client.key")
-	if err != nil {
-		_, newKey, err := ed25519.GenerateKey(rand.Reader)
-		if err != nil {
-			return err
-		}
-		if err := tls.SaveKeyToFile(ncutils.GetNetclientPath(), ncutils.GetSeparator()+"client.key", newKey); err != nil {
-			return err
-		}
-		private = &newKey
-	}
-	// re-register with server -- get new certs for broker
-	for _, clientCfg := range currentServers {
-		if err = functions.RegisterWithServer(private, &clientCfg); err != nil {
-			logger.Log(0, "registration error", err.Error())
-		} else {
-			daemon.Restart()
-		}
-	}
+	// //generate new client key if one doesn' exist
+	// var private *ed25519.PrivateKey
+	// private, err = tls.ReadKeyFromFile(ncutils.GetNetclientPath() + ncutils.GetSeparator() + "client.key")
+	// if err != nil {
+	// 	_, newKey, err := ed25519.GenerateKey(rand.Reader)
+	// 	if err != nil {
+	// 		return err
+	// 	}
+	// 	if err := tls.SaveKeyToFile(ncutils.GetNetclientPath(), ncutils.GetSeparator()+"client.key", newKey); err != nil {
+	// 		return err
+	// 	}
+	// 	private = &newKey
+	// }
+	// // re-register with server -- get new certs for broker
+	// for _, clientCfg := range currentServers {
+	// 	if err = functions.RegisterWithServer(private, &clientCfg); err != nil {
+	// 		logger.Log(0, "registration error", err.Error())
+	// 	} else {
+	daemon.Restart()
+	// 	}
+	// }
 	logger.Log(1, "reset network", cfg.Network, "and peer configs")
 
 	return err

netclient/functions/daemon.go

@@ -265,13 +265,15 @@ func setupMQTT(cfg *config.ClientConfig) error {
 	opts := mqtt.NewClientOptions()
 	server := cfg.Server.Server
 	port := cfg.Server.MQPort
-	opts.AddBroker("ssl://" + server + ":" + port)
-	tlsConfig, err := NewTLSConfig(server)
-	if err != nil {
-		logger.Log(0, "failed to get TLS config for", server, err.Error())
-		return err
-	}
-	opts.SetTLSConfig(tlsConfig)
+	opts.AddBroker("mqtts://" + server + ":" + port)
+	// tlsConfig, err := NewTLSConfig(server)
+	// if err != nil {
+	// 	logger.Log(0, "failed to get TLS config for", server, err.Error())
+	// 	return err
+	// }
+	//opts.SetTLSConfig(tlsConfig)
+	opts.SetUsername(cfg.Node.ID)
+	opts.SetPassword(cfg.Node.Password)
 	opts.SetClientID(ncutils.MakeRandomString(23))
 	opts.SetDefaultPublishHandler(All)
 	opts.SetAutoReconnect(true)
@@ -314,7 +316,7 @@ func setupMQTT(cfg *config.ClientConfig) error {
 		}
 	}
 	if connecterr != nil {
-		reRegisterWithServer(cfg)
+		//reRegisterWithServer(cfg)
 		//try after re-registering
 		if token := mqclient.Connect(); !token.WaitTimeout(30*time.Second) || token.Error() != nil {
 			return errors.New("unable to connect to broker")

netclient/functions/join.go

@@ -206,9 +206,9 @@ func JoinNetwork(cfg *config.ClientConfig, privateKey string) error {
 		logger.Log(0, "error setting route for netmaker: "+err.Error())
 	}
 	cfg.Node = node
-	if err := Register(cfg); err != nil {
-		return err
-	}
+	// if err := Register(cfg); err != nil {
+	// 	return err
+	// }
 
 	logger.Log(0, "starting wireguard")
 	err = wireguard.InitWireguard(&node, privateKey, nodeGET.Peers[:])

netclient/functions/mqpublish.go

@@ -103,7 +103,7 @@ func checkin() {
 			config.Write(&nodeCfg, nodeCfg.Network)
 		}
 		Hello(&nodeCfg)
-		checkCertExpiry(&nodeCfg)
+		//checkCertExpiry(&nodeCfg)
 	}
 }