docker compose update, add stun to caddyfile

Dockerfile

@@ -4,19 +4,21 @@ ARG version
 ARG tags 
 WORKDIR /app
 COPY . .
+# RUN mkdir -p /Users/abhishekk/go/src/github.com/gravitl
+# ADD ../netclient /Users/abhishekk/go/src/github.com/gravitl
 ENV GO111MODULE=auto
 
-RUN apk add git libpcap-dev
-RUN GOOS=linux CGO_ENABLED=1 go build ${tags} -ldflags="-s -X 'main.version=${version}'" .
+# RUN apk add git
+# RUN GOOS=linux CGO_ENABLED=1 go build ${tags} -ldflags="-s -X 'main.version=${version}'" .
 # RUN go build -tags=ee . -o netmaker main.go
 FROM alpine:3.16.2
 
 # add a c lib
-RUN apk add gcompat iptables wireguard-tools libpcap-dev
+RUN apk add gcompat iptables wireguard-tools
 # set the working directory
 WORKDIR /root/
 RUN mkdir -p /etc/netclient/config
-COPY --from=builder /app/netmaker .
+COPY --from=builder /app/bin/netmaker .
 COPY --from=builder /app/config config
 EXPOSE 8081
 ENTRYPOINT ["./netmaker"]

compose/docker-compose.yml

@@ -21,6 +21,7 @@ services:
     environment:
       BROKER_NAME: "broker.NETMAKER_BASE_DOMAIN"
       SERVER_NAME: "NETMAKER_BASE_DOMAIN"
+      STUN_DOMAIN: "stun.NETMAKER_BASE_DOMAIN"
       SERVER_HOST: "SERVER_PUBLIC_IP"
       SERVER_API_CONN_STRING: "api.NETMAKER_BASE_DOMAIN:443"
       COREDNS_ADDR: "SERVER_PUBLIC_IP"
@@ -45,6 +46,7 @@ services:
       PROXY: "on"
     ports:
       - "51821-51830:51821-51830/udp"
+      - "3478:3478/udp"
   netmaker-ui:
     container_name: netmaker-ui
     image: gravitl/netmaker-ui:v0.17.0

config/config.go

@@ -78,6 +78,7 @@ type ServerConfig struct {
 	NetmakerAccountID     string `yaml:"netmaker_account_id"`
 	IsEE                  string `yaml:"is_ee"`
 	StunPort              string `yaml:"stun_port"`
+	StunHost              string `yaml:"stun_host"`
 	Proxy                 string `yaml:"proxy"`
 }
 

controllers/node.go

@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/gorilla/mux"
+	"github.com/gravitl/netclient/nm-proxy/manager"
 	"github.com/gravitl/netmaker/database"
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
@@ -115,7 +116,7 @@ func authenticate(response http.ResponseWriter, request *http.Request) {
 			},
 			{
 				Command:  mq.CreateClientCmd,
-				Username: result.ID,
+				Username: result.HostID,
 				Password: authRequest.Password,
 				Textname: result.Name,
 				Roles: []mq.MqDynSecRole{
@@ -618,6 +619,7 @@ func createNode(w http.ResponseWriter, r *http.Request) {
 	}
 	// consume password before hashing for mq client creation
 	nodePassword := node.Password
+	node.Server = servercfg.GetServer()
 	err = logic.CreateNode(&node)
 	if err != nil {
 		logger.Log(0, r.Header.Get("user"),
@@ -1046,6 +1048,12 @@ func deleteNode(w http.ResponseWriter, r *http.Request) {
 		logic.ReturnErrorResponse(w, r, logic.FormatError(fmt.Errorf("failed to delete node"), "internal"))
 		return
 	}
+	if node.Proxy {
+		mq.ProxyUpdate(&manager.ProxyManagerPayload{
+			Action:  manager.DeleteNetwork,
+			Network: node.Network,
+		}, &node)
+	}
 	if fromNode {
 		//check if server should be removed from mq
 		found := false

docker/Caddyfile

@@ -29,6 +29,12 @@ https://api.NETMAKER_BASE_DOMAIN {
         reverse_proxy http://netmaker:8081
 }
 
+# STUN
+https://stun.NETMAKER_BASE_DOMAIN {
+	reverse_proxy netmaker:3478
+}
+
+
 # MQ
 wss://broker.NETMAKER_BASE_DOMAIN {
         reverse_proxy ws://mq:8883

docker/Caddyfile-EE

@@ -44,6 +44,11 @@ https://api.NETMAKER_BASE_DOMAIN {
         reverse_proxy http://netmaker:8081
 }
 
+# STUN
+https://stun.NETMAKER_BASE_DOMAIN {
+	reverse_proxy netmaker:3478
+}
+
 # MQ
 wss://broker.NETMAKER_BASE_DOMAIN {
         reverse_proxy ws://mq:8883

go.mod

@@ -53,30 +53,10 @@ require (
 )
 
 require (
-	github.com/gravitl/netclient v0.0.0-20221130181441-8e24c4c15dec
+	github.com/gravitl/netclient v0.0.0-20221205113827-847146e217b3
 	github.com/matryer/is v1.4.0
 )
 
-require (
-	github.com/devilcove/httpclient v0.6.0 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/inconshreveable/mousetrap v1.0.1 // indirect
-	github.com/magiconair/properties v1.8.6 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
-	github.com/pelletier/go-toml v1.9.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
-	github.com/spf13/cast v1.5.0 // indirect
-	github.com/spf13/cobra v1.6.0 // indirect
-	github.com/spf13/jwalterweatherman v1.1.0 // indirect
-	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/spf13/viper v1.13.0 // indirect
-	github.com/subosito/gotenv v1.4.1 // indirect
-	github.com/vishvananda/netlink v1.1.0 // indirect
-	github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df // indirect
-	golang.zx2c4.com/wintun v0.0.0-20211104114900-415007cec224 // indirect
-	golang.zx2c4.com/wireguard/windows v0.5.3 // indirect
-)
-
 require (
 	cloud.google.com/go/compute v1.7.0 // indirect
 	fyne.io/systray v1.10.1-0.20220621085403-9a2652634e93 // indirect

logic/peers.go

@@ -161,6 +161,7 @@ func GetPeersForProxy(node *models.Node, onlyPeers bool) (manager.ProxyManagerPa
 	proxyPayload.WgAddr = addr
 	proxyPayload.Peers = peers
 	proxyPayload.PeerMap = peerConfMap
+	proxyPayload.Network = node.Network
 	proxyPayload.InterfaceName = node.Interface
 	return proxyPayload, nil
 }

models/node.go

@@ -475,7 +475,7 @@ func (newNode *Node) Fill(currentNode *Node) { // TODO add new field for nftable
 	if newNode.Failover == "" {
 		newNode.Failover = currentNode.Failover
 	}
-
+	newNode.Proxy = currentNode.Proxy
 	newNode.TrafficKeys = currentNode.TrafficKeys
 }
 

models/structs.go

@@ -223,6 +223,7 @@ type ServerConfig struct {
 	Broker      string `yaml:"broker"`
 	Is_EE       bool   `yaml:"isee"`
 	StunPort    string `yaml:"stun_port"`
+	StunHost    string `yaml:"stun_host"`
 }
 
 // User.NameInCharset - returns if name is in charset below or not

mq/publishers.go

@@ -29,7 +29,7 @@ func PublishPeerUpdate(newNode *models.Node, publishToSelf bool) error {
 
 		if node.IsServer == "yes" {
 			if servercfg.IsProxyEnabled() {
-				err := PublishProxyUpdate(&node)
+				err := PublishProxyPeerUpdate(&node)
 				if err != nil {
 					logger.Log(0, "failed to send proxy update for server: ", err.Error())
 				}
@@ -50,12 +50,13 @@ func PublishPeerUpdate(newNode *models.Node, publishToSelf bool) error {
 	return err
 }
 
-func PublishProxyUpdate(node *models.Node) error {
-	peerUpdates, err := logic.GetPeersForProxy(node, false)
+func PublishProxyPeerUpdate(node *models.Node) error {
+	proxyUpdate, err := logic.GetPeersForProxy(node, false)
 	if err != nil {
 		return err
 	}
-	err = ProxyUpdate(&peerUpdates, node)
+	proxyUpdate.Action = manager.AddNetwork
+	err = ProxyUpdate(&proxyUpdate, node)
 	if err != nil {
 		logger.Log(1, "failed to send proxy update: ", err.Error())
 		return err
@@ -75,6 +76,7 @@ func PublishSinglePeerUpdate(node *models.Node) error {
 		if err != nil {
 			return err
 		}
+		proxyUpdate.Action = manager.AddNetwork
 		peerUpdate.ProxyUpdate = proxyUpdate
 
 	}
@@ -138,7 +140,7 @@ func NodeUpdate(node *models.Node) error {
 		return err
 	}
 	if node.Proxy {
-		err = PublishProxyUpdate(node)
+		err = PublishProxyPeerUpdate(node)
 		if err != nil {
 			logger.Log(1, "failed to publish proxy update to node", node.Name, "on network", node.Network, ":", err.Error())
 		}
@@ -149,7 +151,7 @@ func NodeUpdate(node *models.Node) error {
 
 // ProxyUpdate -- publishes updates to peers related to proxy
 func ProxyUpdate(proxyPayload *manager.ProxyManagerPayload, node *models.Node) error {
-	if !servercfg.IsMessageQueueBackend() {
+	if !servercfg.IsMessageQueueBackend() || !node.Proxy {
 		return nil
 	}
 	if node.IsServer == "yes" {

servercfg/serverconf.go

@@ -108,6 +108,7 @@ func GetServerInfo() models.ServerConfig {
 	}
 	cfg.Version = GetVersion()
 	cfg.Is_EE = Is_EE
+	cfg.StunHost = GetStunAddr()
 	cfg.StunPort = GetStunPort()
 
 	return cfg
@@ -194,6 +195,17 @@ func GetAPIPort() string {
 	return apiport
 }
 
+// GetStunAddr - gets the stun host address
+func GetStunAddr() string {
+	stunAddr := ""
+	if os.Getenv("STUN_DOMAIN") != "" {
+		stunAddr = os.Getenv("STUN_DOMAIN")
+	} else if config.Config.Server.StunHost != "" {
+		stunAddr = config.Config.Server.StunHost
+	}
+	return stunAddr
+}
+
 // GetDefaultNodeLimit - get node limit if one is set
 func GetDefaultNodeLimit() int32 {
 	var limit int32