Merge pull request #586 from gravitl/develop

Develop

.github/workflows/buildandrelease.yml

@@ -29,7 +29,7 @@ jobs:
       - name: Setup go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.16
+          go-version: 1.17
 
       - name: Build
         run: |
@@ -40,7 +40,13 @@ jobs:
           env GOOS=linux GOARCH=arm GOARM=7 go build -o build/netclient-arm7/netclient main.go
           env GOOS=linux GOARCH=arm64 go build -o build/netclient-arm64/netclient main.go
           env GOOS=linux GOARCH=mipsle go build -ldflags "-s -w" -o build/netclient-mipsle/netclient main.go && upx build/netclient-mipsle/netclient
-
+          env CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o build/netclient-freebsd/netclient main.go
+          env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=5 go build -o build/netclient-freebsd-arm5/netclient main.go
+          env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=6 go build -o build/netclient-freebsd-arm6/netclient main.go
+          env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm GOARM=7 go build -o build/netclient-freebsd-arm7/netclient main.go
+          env CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o build/netclient-freebsd-arm64/netclient main.go
+          env CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o build/netclient-darwin/netclient main.go
+          
       - name: Upload x86 to Release
         uses: svenstaro/upload-release-action@v2
         with:
@@ -100,3 +106,63 @@ jobs:
           overwrite: true
           prerelease: true
           asset_name: netclient-mipsle
+
+      - name: Upload freebsd to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-freebsd/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-freebsd      
+          
+      - name: Upload freebsd-arm5 to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-freebsd-arm5/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-freebsd-arm5
+          
+      - name: Upload freebsd-arm6 to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-freebsd-arm6/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-freebsd-arm6
+          
+      - name: Upload freebsd-arm7 to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-freebsd-arm7/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-freebsd-arm7
+          
+      - name: Upload freebsd-arm64 to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-freebsd-arm64/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-freebsd-arm64
+          
+      - name: Upload darwin to Release
+        uses: svenstaro/upload-release-action@v2
+        with:
+          repo_token: ${{ secrets.GITHUB_TOKEN }}
+          file: netclient/build/netclient-darwin/netclient
+          tag: ${{ env.NETMAKER_VERSION }}
+          overwrite: true
+          prerelease: true
+          asset_name: netclient-darwin

.github/workflows/test-artifacts.yml

@@ -12,6 +12,10 @@ jobs:
         steps:
             - name: Checkout
               uses: actions/checkout@v2
+            - name: Setup Go
+              uses: actions/setup-go@v2
+              with:
+                  go-version: 1.17
             - name: Set up QEMU
               uses: docker/setup-qemu-action@v1
             - name: Set up Docker Buildx

.github/workflows/test.yml

@@ -11,6 +11,10 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v2
+      - name: Setup Go
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
       - name: run tests
         run: |
             go test -p 1 ./... -v

.gitignore

@@ -15,3 +15,5 @@ netclient/netclient32
 netclient/netclient.exe
 config/dnsconfig/
 data/
+.vscode/
+.idea/

README.md

@@ -8,7 +8,7 @@
 
 <p align="center">
   <a href="https://github.com/gravitl/netmaker/releases">
-    <img src="https://img.shields.io/badge/Version-0.9.2-informational?style=flat-square" />
+    <img src="https://img.shields.io/badge/Version-0.9.3-informational?style=flat-square" />
   </a>
   <a href="https://hub.docker.com/r/gravitl/netmaker/tags">
     <img src="https://img.shields.io/docker/pulls/gravitl/netmaker" />
@@ -47,7 +47,7 @@
 
 <img src="./docs/images/install-server.gif" width="50%" /><img src="./docs/images/visit-website.gif" width="50%" />
 
-Upon completion, the logs will display the instructions to connect various devices. These can also be retrived from the UI under "Access Keys."
+Upon completion, the logs will display the instructions to connect various devices. These can also be retrieved from the UI under "Access Keys."
 
 After installing Netmaker, check out the [Walkthrough](https://itnext.io/getting-started-with-netmaker-a-wireguard-virtual-networking-platform-3d563fbd87f0) and [Getting Started](https://netmaker.readthedocs.io/en/master/getting-started.html) guides to learn more about configuring networks. Or, check out some of our other [Tutorials](https://gravitl.com/resources) for different use cases, including Kubernetes.
 

auth/azure-ad.go

@@ -3,9 +3,8 @@ package auth
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
-	"os"
 
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
@@ -36,7 +35,7 @@ func initAzureAD(redirectURL string, clientID string, clientSecret string) {
 		ClientID:     clientID,
 		ClientSecret: clientSecret,
 		Scopes:       []string{"User.Read"},
-		Endpoint:     microsoft.AzureADEndpoint(os.Getenv("AZURE_TENANT")),
+		Endpoint:     microsoft.AzureADEndpoint(servercfg.GetAzureTenant()),
 	}
 }
 
@@ -110,7 +109,7 @@ func getAzureUserInfo(state string, code string) (*azureOauthUser, error) {
 		return nil, fmt.Errorf("failed getting user info: %s", err.Error())
 	}
 	defer response.Body.Close()
-	contents, err := ioutil.ReadAll(response.Body)
+	contents, err := io.ReadAll(response.Body)
 	if err != nil {
 		return nil, fmt.Errorf("failed reading response body: %s", err.Error())
 	}

auth/github.go

@@ -3,7 +3,7 @@ package auth
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 
 	"github.com/gravitl/netmaker/logger"
@@ -113,7 +113,7 @@ func getGithubUserInfo(state string, code string) (*githubOauthUser, error) {
 		return nil, fmt.Errorf("failed getting user info: %s", err.Error())
 	}
 	defer response.Body.Close()
-	contents, err := ioutil.ReadAll(response.Body)
+	contents, err := io.ReadAll(response.Body)
 	if err != nil {
 		return nil, fmt.Errorf("failed reading response body: %s", err.Error())
 	}

auth/google.go

@@ -3,7 +3,7 @@ package auth
 import (
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 
 	"github.com/gravitl/netmaker/logger"
@@ -104,7 +104,7 @@ func getGoogleUserInfo(state string, code string) (*googleOauthUser, error) {
 		return nil, fmt.Errorf("failed getting user info: %s", err.Error())
 	}
 	defer response.Body.Close()
-	contents, err := ioutil.ReadAll(response.Body)
+	contents, err := io.ReadAll(response.Body)
 	if err != nil {
 		return nil, fmt.Errorf("failed reading response body: %s", err.Error())
 	}

compose/docker-compose.caddy.yml

@@ -3,7 +3,7 @@ version: "3.4"
 services:
   netmaker:
     container_name: netmaker
-    image: gravitl/netmaker:v0.9.2
+    image: gravitl/netmaker:v0.9.3
     volumes:
       - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
       - /run/systemd/system:/run/systemd/system
@@ -40,7 +40,7 @@ services:
     container_name: netmaker-ui
     depends_on:
       - netmaker
-    image: gravitl/netmaker-ui:v0.9.2
+    image: gravitl/netmaker-ui:v0.9.3
     links:
       - "netmaker:api"
     ports:

compose/docker-compose.contained.yml

@@ -3,7 +3,7 @@ version: "3.4"
 services:
   netmaker:
     container_name: netmaker
-    image: gravitl/netmaker:v0.9.2
+    image: gravitl/netmaker:v0.9.3
     volumes:
       - dnsconfig:/root/config/dnsconfig
       - /usr/bin/wg:/usr/bin/wg
@@ -38,7 +38,7 @@ services:
     container_name: netmaker-ui
     depends_on:
       - netmaker
-    image: gravitl/netmaker-ui:v0.9.2
+    image: gravitl/netmaker-ui:v0.9.3
     links:
       - "netmaker:api"
     ports:

compose/docker-compose.nodns.yml

@@ -3,7 +3,7 @@ version: "3.4"
 services:
   netmaker:
     container_name: netmaker
-    image: gravitl/netmaker:v0.9.2
+    image: gravitl/netmaker:v0.9.3
     volumes:
       - /usr/bin/wg:/usr/bin/wg
       - sqldata:/root/data
@@ -36,7 +36,7 @@ services:
     container_name: netmaker-ui
     depends_on:
       - netmaker
-    image: gravitl/netmaker-ui:v0.9.2
+    image: gravitl/netmaker-ui:v0.9.3
     links:
       - "netmaker:api"
     ports:

compose/docker-compose.reference.yml

@@ -11,7 +11,7 @@ services:
     container_name: netmaker
     depends_on:
       - rqlite
-    image: gravitl/netmaker:v0.9.2
+    image: gravitl/netmaker:v0.9.3
     volumes: # Volume mounts necessary for CLIENT_MODE to control wireguard networking on host (except dnsconfig, which is where dns config files are stored for use by CoreDNS)
       - dnsconfig:/root/config/dnsconfig # Netmaker writes Corefile to this location, which gets mounted by CoreDNS for DNS configuration.
       - /usr/bin/wg:/usr/bin/wg
@@ -41,7 +41,7 @@ services:
     container_name: netmaker-ui
     depends_on:
       - netmaker
-    image: gravitl/netmaker-ui:v0.9.2
+    image: gravitl/netmaker-ui:v0.9.3
     links:
       - "netmaker:api"
     ports:

compose/docker-compose.yml

@@ -3,7 +3,7 @@ version: "3.4"
 services:
   netmaker:
     container_name: netmaker
-    image: gravitl/netmaker:v0.9.0
+    image: gravitl/netmaker:v0.9.3
     volumes:
       - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket
       - /run/systemd/system:/run/systemd/system
@@ -40,7 +40,7 @@ services:
     container_name: netmaker-ui
     depends_on:
       - netmaker
-    image: gravitl/netmaker-ui:v0.9.2
+    image: gravitl/netmaker-ui:v0.9.3
     links:
       - "netmaker:api"
     ports:

config/config.go

@@ -12,7 +12,7 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
-//setting dev by default
+// setting dev by default
 func getEnv() string {
 
 	env := os.Getenv("NETMAKER_ENV")
@@ -27,13 +27,13 @@ func getEnv() string {
 // Config : application config stored as global variable
 var Config *EnvironmentConfig
 
-// EnvironmentConfig :
+// EnvironmentConfig - environment conf struct
 type EnvironmentConfig struct {
 	Server ServerConfig `yaml:"server"`
 	SQL    SQLConfig    `yaml:"sql"`
 }
 
-// ServerConfig :
+// ServerConfig - server conf struct
 type ServerConfig struct {
 	CoreDNSAddr           string `yaml:"corednsaddr"`
 	APIConnString         string `yaml:"apiconn"`
@@ -58,8 +58,8 @@ type ServerConfig struct {
 	Version               string `yaml:"version"`
 	SQLConn               string `yaml:"sqlconn"`
 	Platform              string `yaml:"platform"`
-	Database              string `yaml:database`
-	CheckinInterval       string `yaml:checkininterval`
+	Database              string `yaml:"database"`
+	CheckinInterval       string `yaml:"checkininterval"`
 	DefaultNodeLimit      int32  `yaml:"defaultnodelimit"`
 	Verbosity             int32  `yaml:"verbosity"`
 	ServerCheckinInterval int64  `yaml:"servercheckininterval"`
@@ -68,9 +68,11 @@ type ServerConfig struct {
 	ClientSecret          string `yaml:"clientsecret"`
 	FrontendURL           string `yaml:"frontendurl"`
 	DisplayKeys           string `yaml:"displaykeys"`
+	AzureTenant           string `yaml:"azuretenant"`
+	RCE                   string `yaml:"rce"`
 }
 
-// Generic SQL Config
+// SQLConfig - Generic SQL Config
 type SQLConfig struct {
 	Host     string `yaml:"host"`
 	Port     int32  `yaml:"port"`
@@ -80,7 +82,7 @@ type SQLConfig struct {
 	SSLMode  string `yaml:"sslmode"`
 }
 
-//reading in the env file
+// reading in the env file
 func readConfig() *EnvironmentConfig {
 	file := fmt.Sprintf("config/environments/%s.yaml", getEnv())
 	f, err := os.Open(file)

controllers/controller.go

@@ -52,20 +52,19 @@ func HandleRESTRequests(wg *sync.WaitGroup) {
 		}
 	}()
 	logger.Log(0, "REST Server successfully started on port ", port, " (REST)")
-	c := make(chan os.Signal)
 
 	// Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
 	// Ignore other incoming signals
-	signal.Notify(c, os.Interrupt)
+	ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
+	defer stop()
 
 	// Block main routine until a signal is received
 	// As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
-	<-c
+	<-ctx.Done()
 
 	// After receiving CTRL+C Properly stop the server
 	logger.Log(0, "Stopping the REST server...")
 	srv.Shutdown(context.TODO())
 	logger.Log(0, "REST Server closed.")
 	logger.DumpFile(fmt.Sprintf("data/netmaker.log.%s", time.Now().Format(logger.TimeFormatDay)))
-
 }

controllers/dns_test.go

@@ -1,7 +1,6 @@
 package controller
 
 import (
-	"io/ioutil"
 	"os"
 	"testing"
 
@@ -200,7 +199,7 @@ func TestSetDNS(t *testing.T) {
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
-		content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
+		content, err := os.ReadFile("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.Contains(t, string(content), "testnode.skynet")
 	})
@@ -212,7 +211,7 @@ func TestSetDNS(t *testing.T) {
 		info, err := os.Stat("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.False(t, info.IsDir())
-		content, err := ioutil.ReadFile("./config/dnsconfig/netmaker.hosts")
+		content, err := os.ReadFile("./config/dnsconfig/netmaker.hosts")
 		assert.Nil(t, err)
 		assert.Contains(t, string(content), "newhost.skynet")
 	})

controllers/network.go

@@ -68,7 +68,7 @@ func getNetworks(w http.ResponseWriter, r *http.Request) {
 	json.NewEncoder(w).Encode(allnetworks)
 }
 
-//Simple get network function
+// Simple get network function
 func getNetwork(w http.ResponseWriter, r *http.Request) {
 	// set header.
 	w.Header().Set("Content-Type", "application/json")
@@ -101,7 +101,7 @@ func keyUpdate(w http.ResponseWriter, r *http.Request) {
 	json.NewEncoder(w).Encode(network)
 }
 
-//Update a network
+// Update a network
 func updateNetwork(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
 	var params = mux.Vars(r)
@@ -119,6 +119,11 @@ func updateNetwork(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if !servercfg.GetRce() {
+		newNetwork.DefaultPostDown = network.DefaultPostDown
+		newNetwork.DefaultPostUp = network.DefaultPostUp
+	}
+
 	rangeupdate, localrangeupdate, err := logic.UpdateNetwork(&network, &newNetwork)
 	if err != nil {
 		returnErrorResponse(w, r, formatError(err, "badrequest"))

controllers/node.go

@@ -524,6 +524,12 @@ func updateNode(w http.ResponseWriter, r *http.Request) {
 			}
 		}
 	}
+
+	if !servercfg.GetRce() {
+		newNode.PostDown = node.PostDown
+		newNode.PostUp = node.PostUp
+	}
+
 	err = logic.UpdateNode(&node, &newNode)
 	if err != nil {
 		returnErrorResponse(w, r, formatError(err, "internal"))

controllers/node_grpc.go

@@ -10,6 +10,7 @@ import (
 	"github.com/gravitl/netmaker/logger"
 	"github.com/gravitl/netmaker/logic"
 	"github.com/gravitl/netmaker/models"
+	"github.com/gravitl/netmaker/servercfg"
 )
 
 // NodeServiceServer - represents the service server for gRPC
@@ -107,6 +108,12 @@ func (s *NodeServiceServer) UpdateNode(ctx context.Context, req *nodepb.Object)
 	if err != nil {
 		return nil, err
 	}
+
+	if !servercfg.GetRce() {
+		newnode.PostDown = node.PostDown
+		newnode.PostUp = node.PostUp
+	}
+
 	err = logic.UpdateNode(&node, &newnode)
 	if err != nil {
 		return nil, err

controllers/user.go

@@ -23,7 +23,7 @@ func userHandlers(r *mux.Router) {
 	r.HandleFunc("/api/users/networks/{username}", securityCheck(true, http.HandlerFunc(updateUserNetworks))).Methods("PUT")
 	r.HandleFunc("/api/users/{username}/adm", securityCheck(true, http.HandlerFunc(updateUserAdm))).Methods("PUT")
 	r.HandleFunc("/api/users/{username}", securityCheck(true, http.HandlerFunc(createUser))).Methods("POST")
-	r.HandleFunc("/api/users/{username}", securityCheck(false, continueIfUserMatch(http.HandlerFunc(deleteUser)))).Methods("DELETE")
+	r.HandleFunc("/api/users/{username}", securityCheck(true, http.HandlerFunc(deleteUser))).Methods("DELETE")
 	r.HandleFunc("/api/users/{username}", securityCheck(false, continueIfUserMatch(http.HandlerFunc(getUser)))).Methods("GET")
 	r.HandleFunc("/api/users", securityCheck(true, http.HandlerFunc(getUsers))).Methods("GET")
 	r.HandleFunc("/api/oauth/login", auth.HandleAuthLogin).Methods("GET")

docs/api.rst

@@ -12,7 +12,7 @@ Authentication
 ==============
 API calls must be authenticated via a header of  the format  `-H "Authorization: Bearer <YOUR_SECRET_KEY>"` There are two methods to obtain YOUR_SECRET_KEY:
 1. Using the masterkey. By default, this value is "secret key," but you should change this on your instance and keep it secure. This value can be set via env var at startup or in a config file (config/environments/< env >.yaml). See the [general usage](./USAGE.md) documentation for more details.
-2. Using a JWT recieved for a node. This  can be retrieved by calling the `/api/nodes/<network>/authenticate` endpoint, as documented below.
+2. Using a JWT received for a node. This  can be retrieved by calling the `/api/nodes/<network>/authenticate` endpoint, as documented below.
 
 
 Format of Calls for Curl

docs/architecture.rst

@@ -21,7 +21,7 @@ WireGuard
 
 WireGuard is a relatively new but very important technology which was recently added to the Linux kernel. WireGuard creates very fast but simple encrypted tunnels between devices. From the `WireGuard <https://www.wireguard.com/>`_ website, "it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry."
 
-Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunnelling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no signigifant performance impact.  With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.
+Previous solutions like OpenVPN and IPSec are considerably more heavy and complex, while being less performant. All existing VPN tunneling solutions will cause a significant increase in your network latency. WireGuard is the first to achieve near over-the-line network speeds, meaning you see no significant performance impact.  With the release of WireGuard, there is little reason to use any other existing tunnel encryption technology.
 
 Mesh Network
 -------------
@@ -56,7 +56,7 @@ Netmaker does a lot of work to set configurations for you, so that you don't hav
 Node
 ------
 
-A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and recieve traffic from all of the other nodes.
+A machine in a Netmaker network, which is managed by the Netclient, is referred to as a Node, as you will see in the UI. A Node can be a VM, a bare metal server, a desktop computer, an IoT device, or any other number of internet-connected machines on which the netclient is installed. A node is simply an endpoint in the network, which can send traffic to all the other nodes, and receive traffic from all of the other nodes.
 
 SystemD
 -------
@@ -153,7 +153,7 @@ Below is a high level, step-by-step overview of the flow of communications withi
 9. Netmaker server verifies information and creates the node, setting default values for any missing information. 
 10. Timestamp is set for the network (see #16). 
 11. Netmaker returns settings as response to netclient. Some settings may be added or modified based on the network.
-12. Netclient recieves response. If successful, it takes any additional info returned from Netmaker and configures the local system/WireGuard
+12. Netclient receives response. If successful, it takes any additional info returned from Netmaker and configures the local system/WireGuard
 13. Netclient sends another request to Netmaker's GRPC server, this time to retrieve the peers list (all other clients in the network).
 14. Netmaker sends back peers list, including current known configurations of all nodes in network.
 15. Netclient configures WireGuard with this information. At this point, the node is fully configured as a part of the network and should be able to reach the other nodes via private address.

go.mod

@@ -3,13 +3,13 @@ module github.com/gravitl/netmaker
 go 1.17
 
 require (
-	github.com/go-playground/validator/v10 v10.9.0
+	github.com/go-playground/validator/v10 v10.10.0
 	github.com/golang-jwt/jwt/v4 v4.2.0
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/mux v1.8.0
 	github.com/lib/pq v1.10.4
-	github.com/mattn/go-sqlite3 v1.14.9
+	github.com/mattn/go-sqlite3 v1.14.10
 	github.com/rqlite/gorqlite v0.0.0-20210514125552-08ff1e76b22f
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/stretchr/testify v1.7.0
@@ -23,7 +23,7 @@ require (
 	golang.zx2c4.com/wireguard v0.0.0-20210805125648-3957e9b9dd19 // indirect
 	golang.zx2c4.com/wireguard/wgctrl v0.0.0-20210913210325-91d1988e44de
 	google.golang.org/genproto v0.0.0-20210201151548-94839c025ad4 // indirect
-	google.golang.org/grpc v1.42.0
+	google.golang.org/grpc v1.43.0
 	google.golang.org/protobuf v1.27.1
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )
@@ -31,6 +31,7 @@ require (
 require (
 	cloud.google.com/go v0.34.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/felixge/httpsnoop v1.0.1 // indirect
 	github.com/go-playground/locales v0.14.0 // indirect
 	github.com/go-playground/universal-translator v0.18.0 // indirect

go.sum

@@ -40,8 +40,8 @@ github.com/go-playground/locales v0.14.0 h1:u50s323jtVGugKlcYeyzC0etD1HifMjqmJqb
 github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
 github.com/go-playground/universal-translator v0.18.0 h1:82dyy6p4OuJq4/CByFNOn/jYrnRPArHwAcmLoJZxyho=
 github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
-github.com/go-playground/validator/v10 v10.9.0 h1:NgTtmN58D0m8+UuxtYmGztBJB7VnPgjj221I1QHci2A=
-github.com/go-playground/validator/v10 v10.9.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
+github.com/go-playground/validator/v10 v10.10.0 h1:I7mrTYv78z8k8VXa/qJlOlEXn/nBh+BF8dHX5nt/dr0=
+github.com/go-playground/validator/v10 v10.10.0/go.mod h1:74x4gJWsvQexRdW8Pn3dXSGrTK4nAUsbPlLADvpJkos=
 github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
 github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
@@ -100,8 +100,8 @@ github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ic
 github.com/lib/pq v1.10.4 h1:SO9z7FRPzA03QhHKJrH5BXA6HU1rS4V2nIVrrNC1iYk=
 github.com/lib/pq v1.10.4/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/mattn/go-sqlite3 v1.14.9 h1:10HX2Td0ocZpYEjhilsuo6WWtUqttj2Kb0KtD86/KYA=
-github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
+github.com/mattn/go-sqlite3 v1.14.10 h1:MLn+5bFRlWMGoSRmJour3CL1w/qL96mvipqpwQW/Sfk=
+github.com/mattn/go-sqlite3 v1.14.10/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mdlayher/ethtool v0.0.0-20210210192532-2b88debcdd43 h1:WgyLFv10Ov49JAQI/ZLUkCZ7VJS3r74hwFIGXJsgZlY=
 github.com/mdlayher/ethtool v0.0.0-20210210192532-2b88debcdd43/go.mod h1:+t7E0lkKfbBsebllff1xdTmyJt8lH37niI6kwFk9OTo=
 github.com/mdlayher/genetlink v1.0.0 h1:OoHN1OdyEIkScEmRgxLEe2M9U8ClMytqA5niynLtfj0=
@@ -258,8 +258,8 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ
 google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
 google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
 google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A=
-google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
+google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM=
+google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=

logger/logger.go

@@ -2,7 +2,6 @@ package logger
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"sort"
 	"strconv"
@@ -90,7 +89,7 @@ func DumpFile(filePath string) {
 
 // Retrieve - retrieves logs from given file
 func Retrieve(filePath string) string {
-	contents, err := ioutil.ReadFile(filePath)
+	contents, err := os.ReadFile(filePath)
 	if err != nil {
 		panic(err)
 	}

logic/dns.go

@@ -2,7 +2,6 @@ package logic
 
 import (
 	"encoding/json"
-	"io/ioutil"
 	"os"
 
 	"github.com/go-playground/validator/v10"
@@ -135,7 +134,7 @@ func SetCorefile(domains string) error {
 `
 	corebytes := []byte(corefile)
 
-	err = ioutil.WriteFile(dir+"/config/dnsconfig/Corefile", corebytes, 0644)
+	err = os.WriteFile(dir+"/config/dnsconfig/Corefile", corebytes, 0644)
 	if err != nil {
 		return err
 	}

logic/nodes.go

@@ -253,6 +253,10 @@ func SetNodeDefaults(node *models.Node) {
 		postup := parentNetwork.DefaultPostUp
 		node.PostUp = postup
 	}
+	if node.PostDown == "" {
+		postdown := parentNetwork.DefaultPostDown
+		node.PostDown = postdown
+	}
 	if node.IsStatic == "" {
 		node.IsStatic = "no"
 	}

logic/util.go

@@ -184,26 +184,18 @@ func GetNode(macaddress string, network string) (models.Node, error) {
 // GetNodePeers - fetches peers for a given node
 func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error) {
 	var peers []models.Node
-	collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
+	var networkNodes, egressNetworkNodes, err = getNetworkEgressAndNodes(networkName)
 	if err != nil {
-		if database.IsEmptyRecord(err) {
-			return peers, nil
-		}
-		logger.Log(2, err.Error())
-		return nil, err
+		return peers, nil
 	}
+
 	udppeers, errN := database.GetPeers(networkName)
 	if errN != nil {
 		logger.Log(2, errN.Error())
 	}
-	for _, value := range collection {
-		var node = &models.Node{}
+
+	for _, node := range networkNodes {
 		var peer = models.Node{}
-		err := json.Unmarshal([]byte(value), node)
-		if err != nil {
-			logger.Log(2, err.Error())
-			continue
-		}
 		if node.IsEgressGateway == "yes" { // handle egress stuff
 			peer.EgressGatewayRanges = node.EgressGatewayRanges
 			peer.IsEgressGateway = node.IsEgressGateway
@@ -211,7 +203,7 @@ func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error
 		allow := node.IsRelayed != "yes" || !excludeRelayed
 
 		if node.Network == networkName && node.IsPending != "yes" && allow {
-			peer = setPeerInfo(node)
+			peer = setPeerInfo(&node)
 			if node.UDPHolePunch == "yes" && errN == nil && CheckEndpoint(udppeers[node.PublicKey]) {
 				endpointstring := udppeers[node.PublicKey]
 				endpointarr := strings.Split(endpointstring, ":")
@@ -230,6 +222,11 @@ func GetNodePeers(networkName string, excludeRelayed bool) ([]models.Node, error
 				} else {
 					peer.AllowedIPs = append(peer.AllowedIPs, node.RelayAddrs...)
 				}
+				for _, egressNode := range egressNetworkNodes {
+					if egressNode.IsRelayed == "yes" && StringSliceContains(node.RelayAddrs, egressNode.Address) {
+						peer.AllowedIPs = append(peer.AllowedIPs, egressNode.EgressGatewayRanges...)
+					}
+				}
 			}
 			peers = append(peers, peer)
 		}
@@ -252,6 +249,14 @@ func GetPeersList(networkName string, excludeRelayed bool, relayedNodeAddr strin
 			network, err := GetNetwork(networkName)
 			if err == nil {
 				peerNode.AllowedIPs = append(peerNode.AllowedIPs, network.AddressRange)
+				var _, egressNetworkNodes, err = getNetworkEgressAndNodes(networkName)
+				if err == nil {
+					for _, egress := range egressNetworkNodes {
+						if egress.Address != relayedNodeAddr {
+							peerNode.AllowedIPs = append(peerNode.AllowedIPs, egress.EgressGatewayRanges...)
+						}
+					}
+				}
 			} else {
 				peerNode.AllowedIPs = append(peerNode.AllowedIPs, peerNode.RelayAddrs...)
 			}
@@ -286,6 +291,34 @@ func RandomString(length int) string {
 
 // == Private Methods ==
 
+func getNetworkEgressAndNodes(networkName string) ([]models.Node, []models.Node, error) {
+	var networkNodes, egressNetworkNodes []models.Node
+	collection, err := database.FetchRecords(database.NODES_TABLE_NAME)
+	if err != nil {
+		if database.IsEmptyRecord(err) {
+			return networkNodes, egressNetworkNodes, nil
+		}
+		logger.Log(2, err.Error())
+		return nil, nil, err
+	}
+
+	for _, value := range collection {
+		var node = models.Node{}
+		err := json.Unmarshal([]byte(value), &node)
+		if err != nil {
+			logger.Log(2, err.Error())
+			continue
+		}
+		if node.Network == networkName {
+			networkNodes = append(networkNodes, node)
+			if node.IsEgressGateway == "yes" {
+				egressNetworkNodes = append(egressNetworkNodes, node)
+			}
+		}
+	}
+	return networkNodes, egressNetworkNodes, nil
+}
+
 func setPeerInfo(node *models.Node) models.Node {
 	var peer models.Node
 	peer.RelayAddrs = node.RelayAddrs
@@ -326,3 +359,13 @@ func setIPForwardingLinux() error {
 	}
 	return nil
 }
+
+// StringSliceContains - sees if a string slice contains a string element
+func StringSliceContains(slice []string, item string) bool {
+	for _, s := range slice {
+		if s == item {
+			return true
+		}
+	}
+	return false
+}

logic/wireguard.go

@@ -3,7 +3,6 @@ package logic
 import (
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"strconv"
@@ -86,10 +85,10 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 
 	if !ncutils.IsKernel() {
 		var newConf string
-		newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, node.PersistentKeepalive, peers)
+		newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), peers)
 		confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
 		logger.Log(1, "writing wg conf file to:", confPath)
-		err = ioutil.WriteFile(confPath, []byte(newConf), 0644)
+		err = os.WriteFile(confPath, []byte(newConf), 0644)
 		if err != nil {
 			logger.Log(1, "error writing wg conf file to", confPath, ":", err.Error())
 			return err
@@ -97,7 +96,7 @@ func initWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 		if ncutils.IsWindows() {
 			wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
 			logger.Log(1, "writing wg conf file to:", confPath)
-			err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
+			err = os.WriteFile(wgConfPath, []byte(newConf), 0644)
 			if err != nil {
 				logger.Log(1, "error writing wg conf file to", wgConfPath, ":", err.Error())
 				return err

main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"fmt"
 	"net"
 	"os"
@@ -43,7 +44,7 @@ func initialize() { // Client Mode Prereq Check
 
 	var authProvider = auth.InitializeAuthProvider()
 	if authProvider != "" {
-		logger.Log(0, "OAuth provider, ", authProvider, ", initialized")
+		logger.Log(0, "OAuth provider,", authProvider+",", "initialized")
 	} else {
 		logger.Log(0, "no OAuth provider found or not configured, continuing without OAuth")
 	}
@@ -157,21 +158,18 @@ func runGRPC(wg *sync.WaitGroup) {
 	}()
 	logger.Log(0, "Agent Server successfully started on port ", grpcport, "(gRPC)")
 
-	// Right way to stop the server using a SHUTDOWN HOOK
-	// Create a channel to receive OS signals
-	c := make(chan os.Signal, 1)
-
 	// Relay os.Interrupt to our channel (os.Interrupt = CTRL+C)
 	// Ignore other incoming signals
-	signal.Notify(c, os.Interrupt)
+	ctx, stop := signal.NotifyContext(context.TODO(), os.Interrupt)
+	defer stop()
 
 	// Block main routine until a signal is received
 	// As long as user doesn't press CTRL+C a message is not passed and our main routine keeps running
-	<-c
+	<-ctx.Done()
 
 	// After receiving CTRL+C Properly stop the server
 	logger.Log(0, "Stopping the Agent server...")
-	s.Stop()
+	s.GracefulStop()
 	listener.Close()
 	logger.Log(0, "Agent server closed..")
 	logger.Log(0, "Closed DB connection.")

netclient/auth/auth.go

@@ -3,6 +3,7 @@ package auth
 import (
 	"encoding/json"
 	"fmt"
+	"os"
 
 	"github.com/gravitl/netmaker/models"
 	"github.com/gravitl/netmaker/netclient/config"
@@ -10,7 +11,6 @@ import (
 
 	//    "os"
 	"context"
-	"io/ioutil"
 
 	nodepb "github.com/gravitl/netmaker/grpc"
 	"google.golang.org/grpc/codes"
@@ -21,13 +21,13 @@ import (
 // SetJWT func will used to create the JWT while signing in and signing out
 func SetJWT(client nodepb.NodeServiceClient, network string) (context.Context, error) {
 	home := ncutils.GetNetclientPathSpecific()
-	tokentext, err := ioutil.ReadFile(home + "nettoken-" + network)
+	tokentext, err := os.ReadFile(home + "nettoken-" + network)
 	if err != nil {
 		err = AutoLogin(client, network)
 		if err != nil {
 			return nil, status.Errorf(codes.Unauthenticated, fmt.Sprintf("Something went wrong with Auto Login: %v", err))
 		}
-		tokentext, err = ioutil.ReadFile(home + "nettoken-" + network)
+		tokentext, err = os.ReadFile(home + "nettoken-" + network)
 		if err != nil {
 			return nil, status.Errorf(codes.Unauthenticated, fmt.Sprintf("Something went wrong: %v", err))
 		}
@@ -71,7 +71,7 @@ func AutoLogin(client nodepb.NodeServiceClient, network string) error {
 		return err
 	}
 	tokenstring := []byte(res.Data)
-	err = ioutil.WriteFile(home+"nettoken-"+network, tokenstring, 0644)
+	err = os.WriteFile(home+"nettoken-"+network, tokenstring, 0644)
 	if err != nil {
 		return err
 	}
@@ -81,13 +81,13 @@ func AutoLogin(client nodepb.NodeServiceClient, network string) error {
 // StoreSecret - stores auth secret locally
 func StoreSecret(key string, network string) error {
 	d1 := []byte(key)
-	err := ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"secret-"+network, d1, 0644)
+	err := os.WriteFile(ncutils.GetNetclientPathSpecific()+"secret-"+network, d1, 0644)
 	return err
 }
 
 // RetrieveSecret - fetches secret locally
 func RetrieveSecret(network string) (string, error) {
-	dat, err := ioutil.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + network)
+	dat, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "secret-" + network)
 	return string(dat), err
 }
 

netclient/cli_options/cmds.go

@@ -21,11 +21,11 @@ func GetCommands(cliFlags []cli.Flag) []*cli.Command {
 					return err
 				}
 				if cfg.Network == "all" {
-					err = errors.New("No network provided.")
+					err = errors.New("no network provided")
 					return err
 				}
 				if cfg.Server.GRPCAddress == "" {
-					err = errors.New("No server address provided.")
+					err = errors.New("no server address provided")
 					return err
 				}
 				err = command.Join(cfg, pvtKey)

netclient/command/commands.go

@@ -7,22 +7,13 @@ import (
 	"strings"
 	"time"
 
-	nodepb "github.com/gravitl/netmaker/grpc"
 	"github.com/gravitl/netmaker/netclient/config"
 	"github.com/gravitl/netmaker/netclient/daemon"
 	"github.com/gravitl/netmaker/netclient/functions"
 	"github.com/gravitl/netmaker/netclient/ncutils"
-	"golang.zx2c4.com/wireguard/wgctrl"
-)
-
-var (
-	wgclient *wgctrl.Client
-)
-
-var (
-	wcclient nodepb.NodeServiceClient
 )
 
+// Join - join command to run from cli
 func Join(cfg config.ClientConfig, privateKey string) error {
 
 	var err error
@@ -83,6 +74,7 @@ func getWindowsInterval() int {
 	return interval
 }
 
+// RunUserspaceDaemon - runs continual checkins
 func RunUserspaceDaemon() {
 
 	cfg := config.ClientConfig{
@@ -91,14 +83,15 @@ func RunUserspaceDaemon() {
 	interval := getWindowsInterval()
 	dur := time.Duration(interval) * time.Second
 	for {
-		if err := CheckIn(cfg); err != nil {
-			// pass
-		}
+		CheckIn(cfg)
 		time.Sleep(dur)
 	}
 }
 
+// CheckIn - runs checkin command from cli
 func CheckIn(cfg config.ClientConfig) error {
+	//log.Println("checkin --- diabled for now")
+	//return nil
 	var err error
 	var errN error
 	if cfg.Network == "" {
@@ -139,6 +132,7 @@ func CheckIn(cfg config.ClientConfig) error {
 	return err
 }
 
+// Leave - runs the leave command from cli
 func Leave(cfg config.ClientConfig) error {
 	err := functions.LeaveNetwork(cfg.Network)
 	if err != nil {
@@ -149,6 +143,7 @@ func Leave(cfg config.ClientConfig) error {
 	return err
 }
 
+// Push - runs push command
 func Push(cfg config.ClientConfig) error {
 	var err error
 	if cfg.Network == "all" || ncutils.IsWindows() {
@@ -175,6 +170,7 @@ func Push(cfg config.ClientConfig) error {
 	return err
 }
 
+// Pull - runs pull command from cli
 func Pull(cfg config.ClientConfig) error {
 	var err error
 	if cfg.Network == "all" {
@@ -201,13 +197,16 @@ func Pull(cfg config.ClientConfig) error {
 	return err
 }
 
+// List - runs list command from cli
 func List(cfg config.ClientConfig) error {
 	err := functions.List(cfg.Network)
 	return err
 }
 
+// Uninstall - runs uninstall command from cli
 func Uninstall() error {
-	ncutils.PrintLog("uninstalling netclient", 0)
+	ncutils.PrintLog("uninstalling netclient...", 0)
 	err := functions.Uninstall()
+	ncutils.PrintLog("uninstalled netclient", 0)
 	return err
 }

netclient/config/config.go

@@ -6,7 +6,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 
@@ -133,12 +132,12 @@ func SaveBackup(network string) error {
 	var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
 	var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
 	if FileExists(configPath) {
-		input, err := ioutil.ReadFile(configPath)
+		input, err := os.ReadFile(configPath)
 		if err != nil {
 			ncutils.Log("failed to read " + configPath + " to make a backup")
 			return err
 		}
-		if err = ioutil.WriteFile(backupPath, input, 0644); err != nil {
+		if err = os.WriteFile(backupPath, input, 0644); err != nil {
 			ncutils.Log("failed to copy backup to " + backupPath)
 			return err
 		}
@@ -151,12 +150,12 @@ func ReplaceWithBackup(network string) error {
 	var backupPath = ncutils.GetNetclientPathSpecific() + "backup.netconfig-" + network
 	var configPath = ncutils.GetNetclientPathSpecific() + "netconfig-" + network
 	if FileExists(backupPath) {
-		input, err := ioutil.ReadFile(backupPath)
+		input, err := os.ReadFile(backupPath)
 		if err != nil {
 			ncutils.Log("failed to read file " + backupPath + " to backup network: " + network)
 			return err
 		}
-		if err = ioutil.WriteFile(configPath, input, 0644); err != nil {
+		if err = os.WriteFile(configPath, input, 0644); err != nil {
 			ncutils.Log("failed backup " + backupPath + " to " + configPath)
 			return err
 		}

netclient/daemon/macos.go

@@ -2,7 +2,6 @@ package daemon
 
 import (
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
@@ -64,7 +63,7 @@ func CreateMacService(servicename string, interval string) error {
 	daemonbytes := []byte(daemonstring)
 
 	if !ncutils.FileExists("/Library/LaunchDaemons/com.gravitl.netclient.plist") {
-		err = ioutil.WriteFile("/Library/LaunchDaemons/com.gravitl.netclient.plist", daemonbytes, 0644)
+		err = os.WriteFile("/Library/LaunchDaemons/com.gravitl.netclient.plist", daemonbytes, 0644)
 	}
 	return err
 }

netclient/daemon/systemd.go

@@ -3,7 +3,6 @@ package daemon
 import (
 	//"github.com/davecgh/go-spew/spew"
 
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
@@ -75,7 +74,7 @@ WantedBy=timers.target
 	timerbytes := []byte(systemtimer)
 
 	if !ncutils.FileExists("/etc/systemd/system/netclient.service") {
-		err = ioutil.WriteFile("/etc/systemd/system/netclient.service", servicebytes, 0644)
+		err = os.WriteFile("/etc/systemd/system/netclient.service", servicebytes, 0644)
 		if err != nil {
 			log.Println(err)
 			return err
@@ -83,7 +82,7 @@ WantedBy=timers.target
 	}
 
 	if !ncutils.FileExists("/etc/systemd/system/netclient.timer") {
-		err = ioutil.WriteFile("/etc/systemd/system/netclient.timer", timerbytes, 0644)
+		err = os.WriteFile("/etc/systemd/system/netclient.timer", timerbytes, 0644)
 		if err != nil {
 			log.Println(err)
 			return err

netclient/daemon/windows.go

@@ -2,7 +2,6 @@ package daemon
 
 import (
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"strings"
@@ -57,7 +56,7 @@ func writeServiceConfig() error {
 </service>
 `, strings.Replace(ncutils.GetNetclientPathSpecific()+"netclient.exe", `\\`, `\`, -1))
 	if !ncutils.FileExists(serviceConfigPath) {
-		err := ioutil.WriteFile(serviceConfigPath, []byte(scriptString), 0644)
+		err := os.WriteFile(serviceConfigPath, []byte(scriptString), 0644)
 		if err != nil {
 			return err
 		}

netclient/functions/checkin.go

@@ -82,14 +82,15 @@ func checkIP(node *models.Node, servercfg config.ServerConfig, cliconf config.Cl
 	return ipchange && err == nil
 }
 
-func setDNS(node *models.Node, servercfg config.ServerConfig, nodecfg *models.Node) {
-	if nodecfg.DNSOn == "yes" {
-		ifacename := node.Interface
-		nameserver := servercfg.CoreDNSAddr
-		network := node.Network
-		local.UpdateDNS(ifacename, network, nameserver)
-	}
-}
+// DEPRECATED
+// func setDNS(node *models.Node, servercfg config.ServerConfig, nodecfg *models.Node) {
+// 	if nodecfg.DNSOn == "yes" {
+// 		ifacename := node.Interface
+// 		nameserver := servercfg.CoreDNSAddr
+// 		network := node.Network
+// 		local.UpdateDNS(ifacename, network, nameserver)
+// 	}
+// }
 
 func checkNodeActions(node *models.Node, networkName string, servercfg config.ServerConfig, localNode *models.Node, cfg *config.ClientConfig) string {
 	if (node.Action == models.NODE_UPDATE_KEY || localNode.Action == models.NODE_UPDATE_KEY) &&
@@ -156,7 +157,7 @@ func Pull(network string, manual bool) (*models.Node, error) {
 	}
 
 	node := cfg.Node
-	servercfg := cfg.Server
+	//servercfg := cfg.Server
 
 	if cfg.Node.IPForwarding == "yes" && !ncutils.IsWindows() {
 		if err = local.SetIPForwarding(); err != nil {
@@ -241,9 +242,9 @@ func Pull(network string, manual bool) (*models.Node, error) {
 			}
 		}
 	}
-	if ncutils.IsLinux() {
-		setDNS(&resNode, servercfg, &cfg.Node)
-	}
+	//if ncutils.IsLinux() {
+	//	setDNS(&resNode, servercfg, &cfg.Node)
+	//}
 	var bkupErr = config.SaveBackup(network)
 	if bkupErr != nil {
 		ncutils.Log("unable to update backup file")

netclient/functions/common.go

@@ -1,15 +1,11 @@
 package functions
 
 import (
-	"context"
-	"encoding/json"
 	"errors"
 	"fmt"
 	"log"
 	"net"
 	"os"
-	"os/exec"
-	"strings"
 
 	nodepb "github.com/gravitl/netmaker/grpc"
 	"github.com/gravitl/netmaker/models"
@@ -23,10 +19,6 @@ import (
 	"google.golang.org/grpc/metadata"
 )
 
-var (
-	wcclient nodepb.NodeServiceClient
-)
-
 // ListPorts - lists ports of WireGuard devices
 func ListPorts() error {
 	wgclient, err := wgctrl.New()
@@ -103,30 +95,31 @@ func getPrivateAddrBackup() (string, error) {
 		}
 	}
 	if !found {
-		err := errors.New("Local Address Not Found.")
+		err := errors.New("local ip address not found")
 		return "", err
 	}
 	return local, err
 }
 
-func needInterfaceUpdate(ctx context.Context, mac string, network string, iface string) (bool, string, error) {
-	var header metadata.MD
-	req := &nodepb.Object{
-		Data: mac + "###" + network,
-		Type: nodepb.STRING_TYPE,
-	}
-	readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
-	if err != nil {
-		return false, "", err
-	}
-	var resNode models.Node
-	if err := json.Unmarshal([]byte(readres.Data), &resNode); err != nil {
-		return false, iface, err
-	}
-	oldiface := resNode.Interface
+// DEPRECATED
+// func needInterfaceUpdate(ctx context.Context, mac string, network string, iface string) (bool, string, error) {
+// 	var header metadata.MD
+// 	req := &nodepb.Object{
+// 		Data: mac + "###" + network,
+// 		Type: nodepb.STRING_TYPE,
+// 	}
+// 	readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
+// 	if err != nil {
+// 		return false, "", err
+// 	}
+// 	var resNode models.Node
+// 	if err := json.Unmarshal([]byte(readres.Data), &resNode); err != nil {
+// 		return false, iface, err
+// 	}
+// 	oldiface := resNode.Interface
 
-	return iface != oldiface, oldiface, err
-}
+// 	return iface != oldiface, oldiface, err
+// }
 
 // GetNode - gets node locally
 func GetNode(network string) models.Node {
@@ -244,22 +237,7 @@ func RemoveLocalInstance(cfg *config.ClientConfig, networkName string) error {
 
 // DeleteInterface - delete an interface of a network
 func DeleteInterface(ifacename string, postdown string) error {
-	var err error
-	if !ncutils.IsKernel() {
-		err = wireguard.RemoveConf(ifacename, true)
-	} else {
-		ipExec, errN := exec.LookPath("ip")
-		err = errN
-		if err != nil {
-			ncutils.PrintLog(err.Error(), 1)
-		}
-		_, err = ncutils.RunCmd(ipExec+" link del "+ifacename, false)
-		if postdown != "" {
-			runcmds := strings.Split(postdown, "; ")
-			err = ncutils.RunCmds(runcmds, true)
-		}
-	}
-	return err
+	return wireguard.RemoveConf(ifacename, true)
 }
 
 // WipeLocal - wipes local instance
@@ -271,27 +249,11 @@ func WipeLocal(network string) error {
 	nodecfg := cfg.Node
 	ifacename := nodecfg.Interface
 	if ifacename != "" {
-		if !ncutils.IsKernel() {
-			if err = wireguard.RemoveConf(ifacename, true); err == nil {
-				ncutils.PrintLog("removed WireGuard interface: "+ifacename, 1)
-			}
-		} else {
-			ipExec, err := exec.LookPath("ip")
-			if err != nil {
-				return err
-			}
-			out, err := ncutils.RunCmd(ipExec+" link del "+ifacename, false)
-			dontprint := strings.Contains(out, "does not exist") || strings.Contains(out, "Cannot find device")
-			if err != nil && !dontprint {
-				ncutils.PrintLog("error running command: "+ipExec+" link del "+ifacename, 1)
-				ncutils.PrintLog(out, 1)
-			}
-			if nodecfg.PostDown != "" {
-				runcmds := strings.Split(nodecfg.PostDown, "; ")
-				_ = ncutils.RunCmds(runcmds, false)
-			}
+		if err = wireguard.RemoveConf(ifacename, true); err == nil {
+			ncutils.PrintLog("removed WireGuard interface: "+ifacename, 1)
 		}
 	}
+
 	home := ncutils.GetNetclientPathSpecific()
 	if ncutils.FileExists(home + "netconfig-" + network) {
 		_ = os.Remove(home + "netconfig-" + network)

netclient/functions/join.go

@@ -83,9 +83,9 @@ func JoinNetwork(cfg config.ClientConfig, privateKey string) error {
 		}
 	}
 	if ncutils.IsLinux() {
-		_, err := exec.LookPath("resolvectl")
+		_, err := exec.LookPath("resolvconf")
 		if err != nil {
-			ncutils.PrintLog("resolvectl not present", 2)
+			ncutils.PrintLog("resolvconf not present", 2)
 			ncutils.PrintLog("unable to configure DNS automatically, disabling automated DNS management", 2)
 			cfg.Node.DNSOn = "no"
 		}

netclient/local/dns.go

@@ -1,7 +1,6 @@
 package local
 
 import (
-	"io/ioutil"
 	"os"
 	"strings"
 
@@ -14,7 +13,7 @@ import (
 
 // SetDNS - sets the DNS of a local machine
 func SetDNS(nameserver string) error {
-	bytes, err := ioutil.ReadFile("/etc/resolv.conf")
+	bytes, err := os.ReadFile("/etc/resolv.conf")
 	if err != nil {
 		return err
 	}

netclient/local/local.go

@@ -25,7 +25,7 @@ func SetIPForwarding() error {
 	case "darwin":
 		err = SetIPForwardingMac()
 	default:
-		err = errors.New("This OS is not supported")
+		err = errors.New("this OS is not currently supported")
 	}
 	return err
 }

netclient/main.go

@@ -18,7 +18,7 @@ func main() {
 	app := cli.NewApp()
 	app.Name = "Netclient CLI"
 	app.Usage = "Netmaker's netclient agent and CLI. Used to perform interactions with Netmaker server and set local WireGuard config."
-	app.Version = "v0.9.2"
+	app.Version = "v0.9.3"
 
 	cliFlags := cli_options.GetFlags(ncutils.GetHostname())
 	app.Commands = cli_options.GetCommands(cliFlags[:])

netclient/ncutils/netclientutils.go

@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"math/rand"
 	"net"
@@ -132,7 +131,7 @@ func GetPublicIP() (string, error) {
 		}
 		defer resp.Body.Close()
 		if resp.StatusCode == http.StatusOK {
-			bodyBytes, err := ioutil.ReadAll(resp.Body)
+			bodyBytes, err := io.ReadAll(resp.Body)
 			if err != nil {
 				continue
 			}
@@ -409,7 +408,7 @@ func PrintLog(message string, loglevel int) {
 // GetSystemNetworks - get networks locally
 func GetSystemNetworks() ([]string, error) {
 	var networks []string
-	files, err := ioutil.ReadDir(GetNetclientPathSpecific())
+	files, err := os.ReadDir(GetNetclientPathSpecific())
 	if err != nil {
 		return networks, err
 	}

netclient/ncutils/netclientutils_darwin.go

@@ -7,6 +7,7 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/gravitl/netmaker/models"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
@@ -33,12 +34,12 @@ func GetEmbedded() error {
 	return nil
 }
 
-// CreateUserSpaceConf - creates a user space WireGuard conf
-func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
-	peersString, err := parsePeers(perskeepalive, peers)
+// CreateWireGuardConf - creates a WireGuard conf string
+func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
+	peersString, err := parsePeers(node.PersistentKeepalive, peers)
 	var listenPortString string
-	if mtu <= 0 {
-		mtu = 1280
+	if node.MTU <= 0 {
+		node.MTU = 1280
 	}
 	if listenPort != "" {
 		listenPortString += "ListenPort = " + listenPort
@@ -55,9 +56,9 @@ MTU = %s
 %s
 
 `,
-		address+"/32",
+		node.Address+"/32",
 		privatekey,
-		strconv.Itoa(int(mtu)),
+		strconv.Itoa(int(node.MTU)),
 		listenPortString,
 		peersString)
 	return config, nil

netclient/ncutils/netclientutils_freebsd.go

@@ -3,13 +3,15 @@ package ncutils
 import (
 	"context"
 	"fmt"
-	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 	"log"
 	"os/exec"
 	"strconv"
 	"strings"
 	"syscall"
 	"time"
+
+	"github.com/gravitl/netmaker/models"
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
 // RunCmdFormatted - run a command formatted for freebsd
@@ -41,12 +43,12 @@ func RunCmd(command string, printerr bool) (string, error) {
 	return string(out), err
 }
 
-// CreateUserSpaceConf - creates a user space WireGuard conf
-func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
-	peersString, err := parsePeers(perskeepalive, peers)
+// CreateWireGuardConf - creates a WireGuard conf string
+func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
+	peersString, err := parsePeers(node.PersistentKeepalive, peers)
 	var listenPortString string
-	if mtu <= 0 {
-		mtu = 1280
+	if node.MTU <= 0 {
+		node.MTU = 1280
 	}
 	if listenPort != "" {
 		listenPortString += "ListenPort = " + listenPort
@@ -63,9 +65,9 @@ MTU = %s
 %s
 
 `,
-		address+"/32",
+		node.Address+"/32",
 		privatekey,
-		strconv.Itoa(int(mtu)),
+		strconv.Itoa(int(node.MTU)),
 		listenPortString,
 		peersString)
 	return config, nil

netclient/ncutils/netclientutils_linux.go

@@ -2,11 +2,11 @@ package ncutils
 
 import (
 	"fmt"
-	"log"
 	"os/exec"
 	"strconv"
 	"strings"
 
+	"github.com/gravitl/netmaker/models"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
@@ -17,8 +17,8 @@ func RunCmd(command string, printerr bool) (string, error) {
 	cmd.Wait()
 	out, err := cmd.CombinedOutput()
 	if err != nil && printerr {
-		log.Println("error running command:", command)
-		log.Println(strings.TrimSuffix(string(out), "\n"))
+		Log(fmt.Sprintf("error running command: %s", command))
+		Log(strings.TrimSuffix(string(out), "\n"))
 	}
 	return string(out), err
 }
@@ -33,16 +33,24 @@ func GetEmbedded() error {
 	return nil
 }
 
-// CreateUserSpaceConf - creates a user space WireGuard conf
-func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
-	peersString, err := parsePeers(perskeepalive, peers)
-	var listenPortString string
-	if mtu <= 0 {
-		mtu = 1280
+// CreateWireGuardConf - creates a user space WireGuard conf
+func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, peers []wgtypes.PeerConfig) (string, error) {
+	peersString, err := parsePeers(node.PersistentKeepalive, peers)
+	var listenPortString, postDownString, postUpString string
+	if node.MTU <= 0 {
+		node.MTU = 1280
 	}
+	if node.PostDown != "" {
+		postDownString = fmt.Sprintf("PostDown = %s", node.PostDown)
+	}
+	if node.PostUp != "" {
+		postUpString = fmt.Sprintf("PostUp = %s", node.PostUp)
+	}
+
 	if listenPort != "" {
-		listenPortString += "ListenPort = " + listenPort
+		listenPortString = fmt.Sprintf("ListenPort = %s", listenPort)
 	}
+
 	if err != nil {
 		return "", err
 	}
@@ -51,13 +59,17 @@ Address = %s
 PrivateKey = %s
 MTU = %s
 %s
+%s
+%s
 
 %s
 
 `,
-		address+"/32",
+		node.Address+"/32",
 		privatekey,
-		strconv.Itoa(int(mtu)),
+		strconv.Itoa(int(node.MTU)),
+		postDownString,
+		postUpString,
 		listenPortString,
 		peersString)
 	return config, nil

netclient/ncutils/netclientutils_windows.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 	"syscall"
 
+	"github.com/gravitl/netmaker/models"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
@@ -47,12 +48,12 @@ func RunCmdFormatted(command string, printerr bool) (string, error) {
 	return string(out), err
 }
 
-// CreateUserSpaceConf - creates a user space WireGuard conf
-func CreateUserSpaceConf(address string, privatekey string, listenPort string, mtu int32, perskeepalive int32, peers []wgtypes.PeerConfig) (string, error) {
-	peersString, err := parsePeers(perskeepalive, peers)
+// CreateWireGuardConf - creates a WireGuard conf string
+func CreateWireGuardConf(node *models.Node, privatekey string, listenPort string, dns string, peers []wgtypes.PeerConfig) (string, error) {
+	peersString, err := parsePeers(node.PersistentKeepalive, peers)
 	var listenPortString string
-	if mtu <= 0 {
-		mtu = 1280
+	if node.MTU <= 0 {
+		node.MTU = 1280
 	}
 	if listenPort != "" {
 		listenPortString += "ListenPort = " + listenPort
@@ -69,9 +70,9 @@ MTU = %s
 %s
 
 `,
-		address+"/32",
+		node.Address+"/32",
 		privatekey,
-		strconv.Itoa(int(mtu)),
+		strconv.Itoa(int(node.MTU)),
 		listenPortString,
 		peersString)
 	return config, nil

netclient/ncwindows/windows.go

@@ -1,7 +1,6 @@
 package ncwindows
 
 import (
-	"io/ioutil"
 	"log"
 	"os"
 
@@ -24,12 +23,12 @@ func InitWindows() {
 
 	if os.IsNotExist(dataNetclientErr) { // check and see if netclient.exe is in appdata
 		if currentNetclientErr == nil { // copy it if it exists locally
-			input, err := ioutil.ReadFile(wdPath + "\\netclient.exe")
+			input, err := os.ReadFile(wdPath + "\\netclient.exe")
 			if err != nil {
 				log.Println("failed to find netclient.exe")
 				return
 			}
-			if err = ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0644); err != nil {
+			if err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"netclient.exe", input, 0644); err != nil {
 				log.Println("failed to copy netclient.exe to", ncutils.GetNetclientPath())
 				return
 			}

netclient/netclient.exe.manifest.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
     <assemblyIdentity
-            version="0.9.2.0"
+            version="0.9.3.0"
             processorArchitecture="*"
             name="netclient.exe"
             type="win32"

netclient/server/grpc.go

@@ -50,6 +50,9 @@ func CheckIn(network string) (*models.Node, error) {
 		// == run client action ==
 		var header metadata.MD
 		ctx, err := auth.SetJWT(wcclient, network)
+		if err != nil {
+			return nil, err
+		}
 		nodeData, err := json.Marshal(&node)
 		if err != nil {
 			return nil, err
@@ -123,7 +126,7 @@ func GetPeers(macaddress string, network string, server string, dualstack bool,
 	}
 
 	keepalive := nodecfg.PersistentKeepalive
-	keepalivedur, err := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
+	keepalivedur, _ := time.ParseDuration(strconv.FormatInt(int64(keepalive), 10) + "s")
 	keepaliveserver, err := time.ParseDuration(strconv.FormatInt(int64(5), 10) + "s")
 	if err != nil {
 		log.Fatalf("Issue with format of keepalive value. Please update netconfig: %v", err)

netclient/versioninfo.json

@@ -29,7 +29,7 @@
         "OriginalFilename": "",
         "PrivateBuild": "",
         "ProductName": "Netclient",
-        "ProductVersion": "v0.9.2.0",
+        "ProductVersion": "v0.9.3.0",
         "SpecialBuild": ""
     },
     "VarFileInfo": {

netclient/wireguard/common.go

@@ -2,11 +2,8 @@ package wireguard
 
 import (
 	"errors"
-	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
-	"os/exec"
 	"runtime"
 	"strconv"
 	"strings"
@@ -121,7 +118,6 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 		return err
 	}
 	nodecfg := modcfg.Node
-	servercfg := modcfg.Server
 
 	if err != nil {
 		log.Fatalf("failed to open client: %v", err)
@@ -138,167 +134,73 @@ func InitWireguard(node *models.Node, privkey string, peers []wgtypes.PeerConfig
 	if node.Address == "" {
 		log.Fatal("no address to configure")
 	}
-
-	nameserver := servercfg.CoreDNSAddr
-	network := node.Network
-	if nodecfg.Network != "" {
-		network = nodecfg.Network
-	} else if node.Network != "" {
-		network = node.Network
+	var newConf string
+	if node.UDPHolePunch != "yes" {
+		newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), peers)
+	} else {
+		newConf, _ = ncutils.CreateWireGuardConf(node, key.String(), "", peers)
 	}
-
-	if ncutils.IsKernel() {
-		setKernelDevice(ifacename, node.Address)
+	confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
+	ncutils.PrintLog("writing wg conf file to: "+confPath, 1)
+	err = os.WriteFile(confPath, []byte(newConf), 0644)
+	if err != nil {
+		ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
+		return err
 	}
-
-	nodeport := int(node.ListenPort)
-	conf := wgtypes.Config{}
-	if nodecfg.UDPHolePunch == "yes" &&
-		nodecfg.IsServer == "no" &&
-		nodecfg.IsIngressGateway != "yes" &&
-		nodecfg.IsStatic != "yes" {
-		conf = wgtypes.Config{
-			PrivateKey:   &key,
-			ReplacePeers: true,
-			Peers:        peers,
-		}
-	} else {
-		conf = wgtypes.Config{
-			PrivateKey:   &key,
-			ListenPort:   &nodeport,
-			ReplacePeers: true,
-			Peers:        peers,
+	if ncutils.IsWindows() {
+		wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
+		err = os.WriteFile(wgConfPath, []byte(newConf), 0644)
+		if err != nil {
+			ncutils.PrintLog("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
+			return err
 		}
+		confPath = wgConfPath
 	}
-	if !ncutils.IsKernel() {
-		var newConf string
-		if node.UDPHolePunch != "yes" {
-			newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), strconv.FormatInt(int64(node.ListenPort), 10), node.MTU, node.PersistentKeepalive, peers)
-		} else {
-			newConf, _ = ncutils.CreateUserSpaceConf(node.Address, key.String(), "", node.MTU, node.PersistentKeepalive, peers)
+	// spin up userspace / windows interface + apply the conf file
+	var deviceiface string
+	if ncutils.IsMac() {
+		deviceiface, err = local.GetMacIface(node.Address)
+		if err != nil || deviceiface == "" {
+			deviceiface = ifacename
 		}
-		confPath := ncutils.GetNetclientPathSpecific() + ifacename + ".conf"
-		ncutils.PrintLog("writing wg conf file to: "+confPath, 1)
-		err = ioutil.WriteFile(confPath, []byte(newConf), 0644)
-		if err != nil {
-			ncutils.PrintLog("error writing wg conf file to "+confPath+": "+err.Error(), 1)
-			return err
+	}
+	if syncconf {
+		err = SyncWGQuickConf(ifacename, confPath)
+	} else {
+		d, _ := wgclient.Device(deviceiface)
+		for d != nil && d.Name == deviceiface {
+			RemoveConf(ifacename, false) // remove interface first
+			time.Sleep(time.Second >> 2)
+			d, _ = wgclient.Device(deviceiface)
 		}
-		if ncutils.IsWindows() {
-			wgConfPath := ncutils.GetWGPathSpecific() + ifacename + ".conf"
-			err = ioutil.WriteFile(wgConfPath, []byte(newConf), 0644)
+		if !ncutils.IsWindows() {
+			err = ApplyConf(confPath)
 			if err != nil {
-				ncutils.PrintLog("error writing wg conf file to "+wgConfPath+": "+err.Error(), 1)
+				ncutils.PrintLog("failed to create wireguard interface", 1)
 				return err
 			}
-			confPath = wgConfPath
-		}
-		// spin up userspace / windows interface + apply the conf file
-		var deviceiface string
-		if ncutils.IsMac() {
-			deviceiface, err = local.GetMacIface(node.Address)
-			if err != nil || deviceiface == "" {
-				deviceiface = ifacename
-			}
-		}
-		if syncconf {
-			log.Println("syncing conf")
-			err = SyncWGQuickConf(ifacename, confPath)
 		} else {
-			d, _ := wgclient.Device(deviceiface)
-			for d != nil && d.Name == deviceiface {
-				_ = RemoveConf(ifacename, false) // remove interface first
-				time.Sleep(time.Second >> 2)
-				d, _ = wgclient.Device(deviceiface)
-			}
-			if !ncutils.IsWindows() {
+			var output string
+			starttime := time.Now()
+			RemoveConf(ifacename, false)
+			time.Sleep(time.Second >> 2)
+			ncutils.PrintLog("waiting for interface...", 1)
+			for !strings.Contains(output, ifacename) && !(time.Now().After(starttime.Add(time.Duration(10) * time.Second))) {
+				output, _ = ncutils.RunCmd("wg", false)
 				err = ApplyConf(confPath)
-				if err != nil {
-					ncutils.PrintLog("failed to create wireguard interface", 1)
-					return err
-				}
-			} else {
-				var output string
-				starttime := time.Now()
-				RemoveConf(ifacename, false)
-				time.Sleep(time.Second >> 2)
-				ncutils.PrintLog("waiting for interface...", 1)
-				for !strings.Contains(output, ifacename) && !(time.Now().After(starttime.Add(time.Duration(10) * time.Second))) {
-					output, _ = ncutils.RunCmd("wg", false)
-					err = ApplyConf(confPath)
-					time.Sleep(time.Second)
-				}
-				if !strings.Contains(output, ifacename) {
-					return errors.New("could not create wg interface for " + ifacename)
-				}
-				ip, mask, err := ncutils.GetNetworkIPMask(nodecfg.NetworkSettings.AddressRange)
-				if err != nil {
-					log.Println(err.Error())
-					return err
-				}
-				ncutils.RunCmd("route add "+ip+" mask "+mask+" "+node.Address, true)
-				time.Sleep(time.Second >> 2)
-				ncutils.RunCmd("route change "+ip+" mask "+mask+" "+node.Address, true)
+				time.Sleep(time.Second)
 			}
-		}
-	} else {
-		ipExec, err := exec.LookPath("ip")
-		if err != nil {
-			return err
-		}
-
-		_, err = wgclient.Device(ifacename)
-		if err != nil {
-			if os.IsNotExist(err) {
-				fmt.Println("Device does not exist: ")
-				fmt.Println(err)
-			} else {
-				log.Fatalf("Unknown config error: %v", err)
+			if !strings.Contains(output, ifacename) {
+				return errors.New("could not create wg interface for " + ifacename)
 			}
-		}
-
-		err = wgclient.ConfigureDevice(ifacename, conf)
-		if err != nil {
-			if os.IsNotExist(err) {
-				fmt.Println("Device does not exist: ")
-				fmt.Println(err)
-			} else {
-				fmt.Printf("This is inconvenient: %v", err)
-			}
-		}
-
-		//=========DNS Setup==========\\
-		if nodecfg.DNSOn == "yes" {
-			_ = local.UpdateDNS(ifacename, network, nameserver)
-		}
-		//=========End DNS Setup=======\\
-		if _, err := ncutils.RunCmd(ipExec+" link set down dev "+ifacename, false); err != nil {
-			ncutils.Log("attempted to remove interface before editing")
-			return err
-		}
-
-		if nodecfg.PostDown != "" {
-			runcmds := strings.Split(nodecfg.PostDown, "; ")
-			_ = ncutils.RunCmds(runcmds, true)
-		}
-		// set MTU of node interface
-		if _, err := ncutils.RunCmd(ipExec+" link set mtu "+strconv.Itoa(int(nodecfg.MTU))+" up dev "+ifacename, true); err != nil {
-			ncutils.Log("failed to create interface with mtu " + ifacename)
-			return err
-		}
-
-		if nodecfg.PostUp != "" {
-			runcmds := strings.Split(nodecfg.PostUp, "; ")
-			_ = ncutils.RunCmds(runcmds, true)
-		}
-		if hasGateway {
-			for _, gateway := range gateways {
-				_, _ = ncutils.RunCmd(ipExec+" -4 route add "+gateway+" dev "+ifacename, true)
+			ip, mask, err := ncutils.GetNetworkIPMask(nodecfg.NetworkSettings.AddressRange)
+			if err != nil {
+				log.Println(err.Error())
+				return err
 			}
-		}
-		if node.Address6 != "" && node.IsDualStack == "yes" {
-			log.Println("[netclient] adding address: "+node.Address6, 1)
-			_, _ = ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+node.Address6+"/64", true)
+			ncutils.RunCmd("route add "+ip+" mask "+mask+" "+node.Address, true)
+			time.Sleep(time.Second >> 2)
+			ncutils.RunCmd("route change "+ip+" mask "+mask+" "+node.Address, true)
 		}
 	}
 
@@ -345,6 +247,9 @@ func SetWGConfig(network string, peerupdate bool) error {
 	} else {
 		err = InitWireguard(&nodecfg, privkey, peers, hasGateway, gateways, false)
 	}
+	if nodecfg.DNSOn == "yes" {
+		_ = local.UpdateDNS(nodecfg.Interface, nodecfg.Network, servercfg.CoreDNSAddr)
+	}
 	return err
 }
 

netclient/wireguard/kernel.go

@@ -1,21 +0,0 @@
-package wireguard
-
-import (
-	"os/exec"
-
-	"github.com/gravitl/netmaker/netclient/ncutils"
-	//homedir "github.com/mitchellh/go-homedir"
-)
-
-func setKernelDevice(ifacename string, address string) error {
-	ipExec, err := exec.LookPath("ip")
-	if err != nil {
-		return err
-	}
-
-	_, _ = ncutils.RunCmd("ip link delete dev "+ifacename, false)
-	_, _ = ncutils.RunCmd(ipExec+" link add dev "+ifacename+" type wireguard", true)
-	_, _ = ncutils.RunCmd(ipExec+" address add dev "+ifacename+" "+address+"/24", true)
-
-	return nil
-}

netclient/wireguard/unix.go

@@ -1,7 +1,7 @@
 package wireguard
 
 import (
-	"io/ioutil"
+	"fmt"
 	"log"
 	"os"
 	"regexp"
@@ -67,7 +67,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
 	}
 	regex := regexp.MustCompile(".*Warning.*\n")
 	conf := regex.ReplaceAllString(confRaw, "")
-	err = ioutil.WriteFile(tmpConf, []byte(conf), 0644)
+	err = os.WriteFile(tmpConf, []byte(conf), 0644)
 	if err != nil {
 		return err
 	}
@@ -86,7 +86,7 @@ func SyncWGQuickConf(iface string, confPath string) error {
 
 // RemoveWGQuickConf - calls wg-quick down
 func RemoveWGQuickConf(confPath string, printlog bool) error {
-	_, err := ncutils.RunCmd("wg-quick down "+confPath, printlog)
+	_, err := ncutils.RunCmd(fmt.Sprintf("wg-quick down %s", confPath), printlog)
 	return err
 }
 
@@ -94,12 +94,12 @@ func RemoveWGQuickConf(confPath string, printlog bool) error {
 func StorePrivKey(key string, network string) error {
 	var err error
 	d1 := []byte(key)
-	err = ioutil.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0644)
+	err = os.WriteFile(ncutils.GetNetclientPathSpecific()+"wgkey-"+network, d1, 0644)
 	return err
 }
 
 // RetrievePrivKey - reads wg priv key from local disk
 func RetrievePrivKey(network string) (string, error) {
-	dat, err := ioutil.ReadFile(ncutils.GetNetclientPathSpecific() + "wgkey-" + network)
+	dat, err := os.ReadFile(ncutils.GetNetclientPathSpecific() + "wgkey-" + network)
 	return string(dat), err
 }

scripts/nm-quick.sh

@@ -50,7 +50,7 @@ elif [ -f /etc/fedora-release ]; then
 	dnf update
 fi
 
-dependencies=("docker.io" "docker-compose" "wireguard" "jq")
+dependencies=("docker.io" "docker-compose" "wireguard" "jq" "resolvconf")
 
 
 

servercfg/serverconf.go

@@ -2,7 +2,7 @@ package servercfg
 
 import (
 	"errors"
-	"io/ioutil"
+	"io"
 	"net"
 	"net/http"
 	"os"
@@ -80,6 +80,11 @@ func GetServerConfig() config.ServerConfig {
 	cfg.ClientID = authInfo[1]
 	cfg.ClientSecret = authInfo[2]
 	cfg.FrontendURL = GetFrontendURL()
+	if GetRce() {
+		cfg.RCE = "on"
+	} else {
+		cfg.RCE = "off"
+	}
 
 	return cfg
 }
@@ -108,7 +113,7 @@ func GetAPIConnString() string {
 
 // GetVersion - version of netmaker
 func GetVersion() string {
-	version := "0.9.2"
+	version := "0.9.3"
 	if config.Config.Server.Version != "" {
 		version = config.Config.Server.Version
 	}
@@ -412,7 +417,7 @@ func GetPublicIP() (string, error) {
 		}
 		defer resp.Body.Close()
 		if resp.StatusCode == http.StatusOK {
-			bodyBytes, err := ioutil.ReadAll(resp.Body)
+			bodyBytes, err := io.ReadAll(resp.Body)
 			if err != nil {
 				continue
 			}
@@ -502,6 +507,17 @@ func GetAuthProviderInfo() []string {
 	return []string{"", "", ""}
 }
 
+// GetAzureTenant - retrieve the azure tenant ID from env variable or config file
+func GetAzureTenant() string {
+	var azureTenant = ""
+	if os.Getenv("AZURE_TENANT") != "" {
+		azureTenant = os.Getenv("AZURE_TENANT")
+	} else if config.Config.Server.AzureTenant != "" {
+		azureTenant = config.Config.Server.AzureTenant
+	}
+	return azureTenant
+}
+
 // GetMacAddr - get's mac address
 func getMacAddr() string {
 	ifas, err := net.Interfaces()
@@ -517,3 +533,8 @@ func getMacAddr() string {
 	}
 	return as[0]
 }
+
+// GetRce - sees if Rce is enabled, off by default
+func GetRce() bool {
+	return os.Getenv("RCE") == "on" || config.Config.Server.RCE == "on"
+}