2 months ago · b423b183e4
--- a/.github/workflows/deletedroplets.yml
+++ b/.github/workflows/deletedroplets.yml
@@ -12,7 +12,7 @@ jobs:
 
				     if: ${{ github.event.workflow_run.conclusion == 'success' }}
			
 
				     steps:
			
 
				       - name: get logs
			
 
				-        uses: dawidd6/action-download-artifact@v9
			
 
				+        uses: dawidd6/action-download-artifact@v11
			
 
				         with:
			
 
				           run_id: ${{ github.event.workflow_run.id}}
			
 
				           if_no_artifact_found: warn
			
@@ -75,7 +75,7 @@ jobs:
 
				     if: ${{ github.event.workflow_run.conclusion == 'failure' }}
			
 
				     steps:
			
 
				       - name: get logs
			
 
				-        uses: dawidd6/action-download-artifact@v9
			
 
				+        uses: dawidd6/action-download-artifact@v11
			
 
				         with:
			
 
				           run_id: ${{ github.event.workflow_run.id}}
			
 
				           if_no_artifact_found: warn
			
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,7 @@ COPY . .
 
				 
			
 
				 RUN GOOS=linux CGO_ENABLED=1 go build -ldflags="-s -w " -tags ${tags} .
			
 
				 # RUN go build -tags=ee . -o netmaker main.go
			
 
				-FROM alpine:3.21.3
			
 
				+FROM alpine:3.22.0
			
 
				 
			
 
				 # add a c lib
			
 
				 # set the working directory
			
--- a/Dockerfile-quick
+++ b/Dockerfile-quick
@@ -1,5 +1,5 @@
 
				 #first stage - builder
			
 
				-FROM alpine:3.21.3
			
 
				+FROM alpine:3.22.0
			
 
				 ARG version 
			
 
				 WORKDIR /app
			
 
				 COPY ./netmaker /root/netmaker
			
--- a/cli/cmd/network/list.go
+++ b/cli/cmd/network/list.go
@@ -6,7 +6,7 @@ import (
 
				 
			
 
				 	"github.com/gravitl/netmaker/cli/cmd/commons"
			
 
				 	"github.com/gravitl/netmaker/cli/functions"
			
 
				-	"github.com/olekukonko/tablewriter"
			
 
				+	"github.com/guumaster/tablewriter"
			
 
				 	"github.com/spf13/cobra"
			
 
				 )
			
 
				 
			
--- a/controllers/ext_client.go
+++ b/controllers/ext_client.go
@@ -7,6 +7,7 @@ import (
 
				 	"fmt"
			
 
				 	"net"
			
 
				 	"net/http"
			
 
				+	"os"
			
 
				 	"reflect"
			
 
				 	"strconv"
			
 
				 	"strings"
			
@@ -673,7 +674,6 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
 
				 
			
 
				 	var params = mux.Vars(r)
			
 
				 	nodeid := params["nodeid"]
			
 
				-
			
 
				 	ingressExists := checkIngressExists(nodeid)
			
 
				 	if !ingressExists {
			
 
				 		err := errors.New("ingress does not exist")
			
@@ -780,6 +780,10 @@ func createExtClient(w http.ResponseWriter, r *http.Request) {
 
				 	}
			
 
				 	extclient.PublicEndpoint = customExtClient.PublicEndpoint
			
 
				 	extclient.Country = customExtClient.Country
			
 
				+	if customExtClient.RemoteAccessClientID != "" && customExtClient.Location == "" {
			
 
				+		extclient.Location = logic.GetHostLocInfo(logic.GetClientIP(r), os.Getenv("IP_INFO_TOKEN"))
			
 
				+	}
			
 
				+	extclient.Location = customExtClient.Location
			
 
				 
			
 
				 	if err = logic.CreateExtClient(&extclient); err != nil {
			
 
				 		slog.Error(
			
@@ -928,6 +932,9 @@ func updateExtClient(w http.ResponseWriter, r *http.Request) {
 
				 		sendPeerUpdate = true
			
 
				 		replacePeers = true
			
 
				 	}
			
 
				+	if update.RemoteAccessClientID != "" && update.Location == "" {
			
 
				+		update.Location = logic.GetHostLocInfo(logic.GetClientIP(r), os.Getenv("IP_INFO_TOKEN"))
			
 
				+	}
			
 
				 	newclient := logic.UpdateExtClient(&oldExtClient, &update)
			
 
				 	if err := logic.DeleteExtClient(oldExtClient.Network, oldExtClient.ClientID); err != nil {
			
 
				 		slog.Error(
			
--- a/controllers/hosts.go
+++ b/controllers/hosts.go
@@ -308,6 +308,7 @@ func updateHost(w http.ResponseWriter, r *http.Request) {
 
				 			}
			
 
				 		}
			
 
				 	}()
			
 
				+
			
 
				 	logic.LogEvent(&models.Event{
			
 
				 		Action: models.Update,
			
 
				 		Source: models.Subject{
			
--- a/controllers/server.go
+++ b/controllers/server.go
@@ -247,7 +247,10 @@ func getConfig(w http.ResponseWriter, r *http.Request) {
 
				 // @Success     200 {object} config.ServerSettings
			
 
				 func getSettings(w http.ResponseWriter, r *http.Request) {
			
 
				 	scfg := logic.GetServerSettings()
			
 
				-	scfg.ClientSecret = logic.Mask()
			
 
				+	if scfg.ClientSecret != "" {
			
 
				+		scfg.ClientSecret = logic.Mask()
			
 
				+	}
			
 
				+
			
 
				 	logic.ReturnSuccessResponseWithJson(w, r, scfg, "fetched server settings successfully")
			
 
				 }
			
 
				 
			
--- a/controllers/user.go
+++ b/controllers/user.go
@@ -1,9 +1,11 @@
 
				 package controller
			
 
				 
			
 
				 import (
			
 
				+	"context"
			
 
				 	"encoding/json"
			
 
				 	"errors"
			
 
				 	"fmt"
			
 
				+	"github.com/gravitl/netmaker/db"
			
 
				 	"net/http"
			
 
				 	"reflect"
			
 
				 	"time"
			
@@ -584,6 +586,18 @@ func getUsers(w http.ResponseWriter, r *http.Request) {
 
				 		return
			
 
				 	}
			
 
				 
			
 
				+	for i, user := range users {
			
 
				+		// only setting num_access_tokens here, because only UI needs it.
			
 
				+		user.NumAccessTokens, err = (&schema.UserAccessToken{
			
 
				+			UserName: user.UserName,
			
 
				+		}).CountByUser(db.WithContext(context.TODO()))
			
 
				+		if err != nil {
			
 
				+			continue
			
 
				+		}
			
 
				+
			
 
				+		users[i] = user
			
 
				+	}
			
 
				+
			
 
				 	logic.SortUsers(users[:])
			
 
				 	logger.Log(2, r.Header.Get("user"), "fetched users")
			
 
				 	json.NewEncoder(w).Encode(users)
			
--- a/go.mod
+++ b/go.mod
@@ -15,16 +15,16 @@ require (
 
				 	github.com/lib/pq v1.10.9
			
 
				 	github.com/mattn/go-sqlite3 v1.14.28
			
 
				 	github.com/rqlite/gorqlite v0.0.0-20240122221808-a8a425b1a6aa
			
 
				-	github.com/seancfoley/ipaddress-go v1.7.0
			
 
				+	github.com/seancfoley/ipaddress-go v1.7.1
			
 
				 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
			
 
				 	github.com/stretchr/testify v1.10.0
			
 
				 	github.com/txn2/txeh v1.5.5
			
 
				 	go.uber.org/automaxprocs v1.6.0
			
 
				-	golang.org/x/crypto v0.38.0
			
 
				-	golang.org/x/net v0.39.0 // indirect
			
 
				+	golang.org/x/crypto v0.39.0
			
 
				+	golang.org/x/net v0.41.0 // indirect
			
 
				 	golang.org/x/oauth2 v0.30.0
			
 
				 	golang.org/x/sys v0.33.0 // indirect
			
 
				-	golang.org/x/text v0.25.0 // indirect
			
 
				+	golang.org/x/text v0.26.0 // indirect
			
 
				 	golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb
			
 
				 	gopkg.in/yaml.v3 v3.0.1
			
 
				 )
			
@@ -32,7 +32,7 @@ require (
 
				 require (
			
 
				 	filippo.io/edwards25519 v1.1.0
			
 
				 	github.com/c-robinson/iplib v1.0.8
			
 
				-	github.com/posthog/posthog-go v1.5.5
			
 
				+	github.com/posthog/posthog-go v1.5.12
			
 
				 )
			
 
				 
			
 
				 require (
			
@@ -46,20 +46,19 @@ require (
 
				 	github.com/goombaio/namegenerator v0.0.0-20181006234301-989e774b106e
			
 
				 	github.com/guumaster/tablewriter v0.0.10
			
 
				 	github.com/matryer/is v1.4.1
			
 
				-	github.com/olekukonko/tablewriter v0.0.5
			
 
				 	github.com/spf13/cobra v1.9.1
			
 
				-	google.golang.org/api v0.229.0
			
 
				+	google.golang.org/api v0.238.0
			
 
				 	gopkg.in/mail.v2 v2.3.1
			
 
				 	gorm.io/datatypes v1.2.5
			
 
				-	gorm.io/driver/postgres v1.5.11
			
 
				-	gorm.io/driver/sqlite v1.5.7
			
 
				+	gorm.io/driver/postgres v1.6.0
			
 
				+	gorm.io/driver/sqlite v1.6.0
			
 
				 	gorm.io/gorm v1.30.0
			
 
				 )
			
 
				 
			
 
				 require (
			
 
				-	cloud.google.com/go/auth v0.16.0 // indirect
			
 
				+	cloud.google.com/go/auth v0.16.2 // indirect
			
 
				 	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
			
 
				-	cloud.google.com/go/compute/metadata v0.6.0 // indirect
			
 
				+	cloud.google.com/go/compute/metadata v0.7.0 // indirect
			
 
				 	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
			
 
				 	github.com/go-jose/go-jose/v4 v4.0.5 // indirect
			
 
				 	github.com/go-logr/logr v1.4.2 // indirect
			
@@ -67,7 +66,7 @@ require (
 
				 	github.com/go-sql-driver/mysql v1.8.1 // indirect
			
 
				 	github.com/google/s2a-go v0.1.9 // indirect
			
 
				 	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
			
 
				-	github.com/googleapis/gax-go/v2 v2.14.1 // indirect
			
 
				+	github.com/googleapis/gax-go/v2 v2.14.2 // indirect
			
 
				 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
			
 
				 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
			
 
				 	github.com/jackc/pgpassfile v1.0.0 // indirect
			
@@ -81,12 +80,12 @@ require (
 
				 	github.com/seancfoley/bintree v1.3.1 // indirect
			
 
				 	github.com/spf13/pflag v1.0.6 // indirect
			
 
				 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
			
 
				-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
			
 
				-	go.opentelemetry.io/otel v1.35.0 // indirect
			
 
				-	go.opentelemetry.io/otel/metric v1.35.0 // indirect
			
 
				-	go.opentelemetry.io/otel/trace v1.35.0 // indirect
			
 
				-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect
			
 
				-	google.golang.org/grpc v1.71.1 // indirect
			
 
				+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
			
 
				+	go.opentelemetry.io/otel v1.36.0 // indirect
			
 
				+	go.opentelemetry.io/otel/metric v1.36.0 // indirect
			
 
				+	go.opentelemetry.io/otel/trace v1.36.0 // indirect
			
 
				+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
			
 
				+	google.golang.org/grpc v1.73.0 // indirect
			
 
				 	google.golang.org/protobuf v1.36.6 // indirect
			
 
				 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
			
 
				 	gorm.io/driver/mysql v1.5.6 // indirect
			
@@ -99,7 +98,7 @@ require (
 
				 	github.com/go-playground/universal-translator v0.18.1 // indirect
			
 
				 	github.com/hashicorp/go-version v1.7.0
			
 
				 	github.com/leodido/go-urn v1.4.0 // indirect
			
 
				-	github.com/mattn/go-runewidth v0.0.13 // indirect
			
 
				+	github.com/mattn/go-runewidth v0.0.16 // indirect
			
 
				 	github.com/pmezard/go-difflib v1.0.0 // indirect
			
 
				-	golang.org/x/sync v0.14.0 // indirect
			
 
				+	golang.org/x/sync v0.15.0 // indirect
			
 
				 )
			
--- a/go.sum
+++ b/go.sum
@@ -1,9 +1,9 @@
 
				-cloud.google.com/go/auth v0.16.0 h1:Pd8P1s9WkcrBE2n/PhAwKsdrR35V3Sg2II9B+ndM3CU=
			
 
				-cloud.google.com/go/auth v0.16.0/go.mod h1:1howDHJ5IETh/LwYs3ZxvlkXF48aSqqJUM+5o02dNOI=
			
 
				+cloud.google.com/go/auth v0.16.2 h1:QvBAGFPLrDeoiNjyfVunhQ10HKNYuOwZ5noee0M5df4=
			
 
				+cloud.google.com/go/auth v0.16.2/go.mod h1:sRBas2Y1fB1vZTdurouM0AzuYQBMZinrUYL8EufhtEA=
			
 
				 cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
			
 
				 cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
			
 
				-cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I=
			
 
				-cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg=
			
 
				+cloud.google.com/go/compute/metadata v0.7.0 h1:PBWF+iiAerVNe8UCHxdOt6eHLVc3ydFeOCw78U8ytSU=
			
 
				+cloud.google.com/go/compute/metadata v0.7.0/go.mod h1:j5MvL9PprKL39t166CoB1uVHfQMs4tFQZZcKwksXUjo=
			
 
				 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
			
 
				 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
			
 
				 github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
			
@@ -56,8 +56,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 
				 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
			
 
				 github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4=
			
 
				 github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA=
			
 
				-github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q=
			
 
				-github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA=
			
 
				+github.com/googleapis/gax-go/v2 v2.14.2 h1:eBLnkZ9635krYIPD+ag1USrOAI0Nr0QYF3+/3GqO0k0=
			
 
				+github.com/googleapis/gax-go/v2 v2.14.2/go.mod h1:ON64QhlJkhVtSqp4v1uaK92VyZ2gmvDQsweuyLV+8+w=
			
 
				 github.com/goombaio/namegenerator v0.0.0-20181006234301-989e774b106e h1:XmA6L9IPRdUr28a+SK/oMchGgQy159wvzXA5tJ7l+40=
			
 
				 github.com/goombaio/namegenerator v0.0.0-20181006234301-989e774b106e/go.mod h1:AFIo+02s+12CEg8Gzz9kzhCbmbq6JcKNrhHffCGA9z4=
			
 
				 github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
			
@@ -96,20 +96,17 @@ github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 
				 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
			
 
				 github.com/matryer/is v1.4.1 h1:55ehd8zaGABKLXQUe2awZ99BD/PTc2ls+KV/dXphgEQ=
			
 
				 github.com/matryer/is v1.4.1/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU=
			
 
				-github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
			
 
				 github.com/mattn/go-runewidth v0.0.10/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk=
			
 
				-github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
			
 
				-github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
			
 
				+github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
			
 
				+github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
			
 
				 github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
			
 
				 github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
			
 
				 github.com/microsoft/go-mssqldb v1.7.2 h1:CHkFJiObW7ItKTJfHo1QX7QBBD1iV+mn1eOyRP3b/PA=
			
 
				 github.com/microsoft/go-mssqldb v1.7.2/go.mod h1:kOvZKUdrhhFQmxLZqbwUV0rHkNkZpthMITIb2Ko1IoA=
			
 
				-github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
			
 
				-github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
			
 
				 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
			
 
				 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
			
 
				-github.com/posthog/posthog-go v1.5.5 h1:2o3j7IrHbTIfxRtj4MPaXKeimuTYg49onNzNBZbwksM=
			
 
				-github.com/posthog/posthog-go v1.5.5/go.mod h1:3RqUmSnPuwmeVj/GYrS75wNGqcAKdpODiwc83xZWgdE=
			
 
				+github.com/posthog/posthog-go v1.5.12 h1:nxK/z5QLCFxwzxV8GNvVd4Y1wJ++zJSWMGEtzU+/HLM=
			
 
				+github.com/posthog/posthog-go v1.5.12/go.mod h1:ZPCind3bz8xDLK0Zhvpv1fQav6WfRcQDqTMfMXmna98=
			
 
				 github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g=
			
 
				 github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U=
			
 
				 github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
			
@@ -122,8 +119,8 @@ github.com/rqlite/gorqlite v0.0.0-20240122221808-a8a425b1a6aa/go.mod h1:xF/KoXmr
 
				 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
			
 
				 github.com/seancfoley/bintree v1.3.1 h1:cqmmQK7Jm4aw8gna0bP+huu5leVOgHGSJBEpUx3EXGI=
			
 
				 github.com/seancfoley/bintree v1.3.1/go.mod h1:hIUabL8OFYyFVTQ6azeajbopogQc2l5C/hiXMcemWNU=
			
 
				-github.com/seancfoley/ipaddress-go v1.7.0 h1:vWp3SR3k+HkV3aKiNO2vEe6xbVxS0x/Ixw6hgyP238s=
			
 
				-github.com/seancfoley/ipaddress-go v1.7.0/go.mod h1:TQRZgv+9jdvzHmKoPGBMxyiaVmoI0rYpfEk8Q/sL/Iw=
			
 
				+github.com/seancfoley/ipaddress-go v1.7.1 h1:fDWryS+L8iaaH5RxIKbY0xB5Z+Zxk8xoXLN4S4eAPdQ=
			
 
				+github.com/seancfoley/ipaddress-go v1.7.1/go.mod h1:TQRZgv+9jdvzHmKoPGBMxyiaVmoI0rYpfEk8Q/sL/Iw=
			
 
				 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
			
 
				 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
			
 
				 github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
			
@@ -139,48 +136,50 @@ github.com/txn2/txeh v1.5.5 h1:UN4e/lCK5HGw/gGAi2GCVrNKg0GTCUWs7gs5riaZlz4=
 
				 github.com/txn2/txeh v1.5.5/go.mod h1:qYzGG9kCzeVEI12geK4IlanHWY8X4uy/I3NcW7mk8g4=
			
 
				 go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
			
 
				 go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
			
 
				-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw=
			
 
				-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM=
			
 
				-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU=
			
 
				-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ=
			
 
				-go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
			
 
				-go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
			
 
				-go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
			
 
				-go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
			
 
				-go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
			
 
				-go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
			
 
				-go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
			
 
				-go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
			
 
				-go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
			
 
				-go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
			
 
				+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 h1:q4XOmH/0opmeuJtPsbFNivyl7bCt7yRBbeEm2sC/XtQ=
			
 
				+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0/go.mod h1:snMWehoOh2wsEwnvvwtDyFCxVeDAODenXHtn5vzrKjo=
			
 
				+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
			
 
				+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
			
 
				+go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg=
			
 
				+go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E=
			
 
				+go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE=
			
 
				+go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs=
			
 
				+go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
			
 
				+go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
			
 
				+go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis=
			
 
				+go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
			
 
				+go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w=
			
 
				+go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA=
			
 
				 go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
			
 
				 go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
			
 
				-golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
			
 
				-golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
			
 
				+golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
			
 
				+golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
			
 
				 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
			
 
				 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
			
 
				-golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
			
 
				-golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
			
 
				+golang.org/x/net v0.41.0 h1:vBTly1HeNPEn3wtREYfy4GZ/NECgw2Cnl+nK6Nz3uvw=
			
 
				+golang.org/x/net v0.41.0/go.mod h1:B/K4NNqkfmg07DQYrbwvSluqCJOOXwUjeb/5lOisjbA=
			
 
				 golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
			
 
				 golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
			
 
				-golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
			
 
				-golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
			
 
				+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
			
 
				+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
			
 
				 golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
			
 
				 golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
			
 
				-golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4=
			
 
				-golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
			
 
				-golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
			
 
				-golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
			
 
				+golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
			
 
				+golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
			
 
				+golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
			
 
				+golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
			
 
				 golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb h1:9aqVcYEDHmSNb0uOWukxV5lHV09WqiSiCuhEgWNETLY=
			
 
				 golang.zx2c4.com/wireguard/wgctrl v0.0.0-20221104135756-97bc4ad4a1cb/go.mod h1:mQqgjkW8GQQcJQsbBvK890TKqUK1DfKWkuBGbOkuMHQ=
			
 
				-google.golang.org/api v0.229.0 h1:p98ymMtqeJ5i3lIBMj5MpR9kzIIgzpHHh8vQ+vgAzx8=
			
 
				-google.golang.org/api v0.229.0/go.mod h1:wyDfmq5g1wYJWn29O22FDWN48P7Xcz0xz+LBpptYvB0=
			
 
				-google.golang.org/genproto/googleapis/api v0.0.0-20250106144421-5f5ef82da422 h1:GVIKPyP/kLIyVOgOnTwFOrvQaQUzOzGMCxgFUOEmm24=
			
 
				-google.golang.org/genproto/googleapis/api v0.0.0-20250106144421-5f5ef82da422/go.mod h1:b6h1vNKhxaSoEI+5jc3PJUCustfli/mRab7295pY7rw=
			
 
				-google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e h1:ztQaXfzEXTmCBvbtWYRhJxW+0iJcz2qXfd38/e9l7bA=
			
 
				-google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
			
 
				-google.golang.org/grpc v1.71.1 h1:ffsFWr7ygTUscGPI0KKK6TLrGz0476KUvvsbqWK0rPI=
			
 
				-google.golang.org/grpc v1.71.1/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec=
			
 
				+google.golang.org/api v0.238.0 h1:+EldkglWIg/pWjkq97sd+XxH7PxakNYoe/rkSTbnvOs=
			
 
				+google.golang.org/api v0.238.0/go.mod h1:cOVEm2TpdAGHL2z+UwyS+kmlGr3bVWQQ6sYEqkKje50=
			
 
				+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2 h1:1tXaIXCracvtsRxSBsYDiSBN0cuJvM7QYW+MrpIRY78=
			
 
				+google.golang.org/genproto v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:49MsLSx0oWMOZqcpB3uL8ZOkAh1+TndpJ8ONoCBWiZk=
			
 
				+google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2 h1:vPV0tzlsK6EzEDHNNH5sa7Hs9bd7iXR7B1tSiPepkV0=
			
 
				+google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2/go.mod h1:pKLAc5OolXC3ViWGI62vvC0n10CpwAtRcTNCFwTKBEw=
			
 
				+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 h1:fc6jSaCT0vBduLYZHYrBBNY4dsWuvgyff9noRNDdBeE=
			
 
				+google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
			
 
				+google.golang.org/grpc v1.73.0 h1:VIWSmpI2MegBtTuFt5/JWy2oXxtjJ/e89Z70ImfD2ok=
			
 
				+google.golang.org/grpc v1.73.0/go.mod h1:50sbHOUqWoCQGI8V2HQLJM0B+LMlIUjNSZmow7EVBQc=
			
 
				 google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
			
 
				 google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
			
 
				 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
			
@@ -197,10 +196,10 @@ gorm.io/datatypes v1.2.5 h1:9UogU3jkydFVW1bIVVeoYsTpLRgwDVW3rHfJG6/Ek9I=
 
				 gorm.io/datatypes v1.2.5/go.mod h1:I5FUdlKpLb5PMqeMQhm30CQ6jXP8Rj89xkTeCSAaAD4=
			
 
				 gorm.io/driver/mysql v1.5.6 h1:Ld4mkIickM+EliaQZQx3uOJDJHtrd70MxAUqWqlx3Y8=
			
 
				 gorm.io/driver/mysql v1.5.6/go.mod h1:sEtPWMiqiN1N1cMXoXmBbd8C6/l+TESwriotuRRpkDM=
			
 
				-gorm.io/driver/postgres v1.5.11 h1:ubBVAfbKEUld/twyKZ0IYn9rSQh448EdelLYk9Mv314=
			
 
				-gorm.io/driver/postgres v1.5.11/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
			
 
				-gorm.io/driver/sqlite v1.5.7 h1:8NvsrhP0ifM7LX9G4zPB97NwovUakUxc+2V2uuf3Z1I=
			
 
				-gorm.io/driver/sqlite v1.5.7/go.mod h1:U+J8craQU6Fzkcvu8oLeAQmi50TkwPEhHDEjQZXDah4=
			
 
				+gorm.io/driver/postgres v1.6.0 h1:2dxzU8xJ+ivvqTRph34QX+WrRaJlmfyPqXmoGVjMBa4=
			
 
				+gorm.io/driver/postgres v1.6.0/go.mod h1:vUw0mrGgrTK+uPHEhAdV4sfFELrByKVGnaVRkXDhtWo=
			
 
				+gorm.io/driver/sqlite v1.6.0 h1:WHRRrIiulaPiPFmDcod6prc4l2VGVWHz80KspNsxSfQ=
			
 
				+gorm.io/driver/sqlite v1.6.0/go.mod h1:AO9V1qIQddBESngQUKWL9yoH93HIeA1X6V633rBwyT8=
			
 
				 gorm.io/driver/sqlserver v1.5.4 h1:xA+Y1KDNspv79q43bPyjDMUgHoYHLhXYmdFcYPobg8g=
			
 
				 gorm.io/driver/sqlserver v1.5.4/go.mod h1:+frZ/qYmuna11zHPlh5oc2O6ZA/lS88Keb0XSH1Zh/g=
			
 
				 gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
			
--- a/logic/auth.go
+++ b/logic/auth.go
@@ -106,6 +106,7 @@ func GetUsers() ([]models.ReturnUser, error) {
 
				 		if err != nil {
			
 
				 			continue // get users
			
 
				 		}
			
 
				+
			
 
				 		users = append(users, user)
			
 
				 	}
			
 
				 
			
--- a/logic/extpeers.go
+++ b/logic/extpeers.go
@@ -427,6 +427,12 @@ func UpdateExtClient(old *models.ExtClient, update *models.CustomExtClient) mode
 
				 	new.PostUp = strings.Replace(update.PostUp, "\r\n", "\n", -1)
			
 
				 	new.PostDown = strings.Replace(update.PostDown, "\r\n", "\n", -1)
			
 
				 	new.Tags = update.Tags
			
 
				+	if update.Location != "" && update.Location != old.Location {
			
 
				+		new.Location = update.Location
			
 
				+	}
			
 
				+	if update.Country != "" && update.Country != old.Country {
			
 
				+		new.Country = update.Country
			
 
				+	}
			
 
				 	return new
			
 
				 }
			
 
				 
			
--- a/logic/hosts.go
+++ b/logic/hosts.go
@@ -5,6 +5,7 @@ import (
 
				 	"encoding/json"
			
 
				 	"errors"
			
 
				 	"fmt"
			
 
				+	"os"
			
 
				 	"sort"
			
 
				 	"sync"
			
 
				 
			
@@ -30,6 +31,8 @@ var (
 
				 	ErrInvalidHostID error = errors.New("invalid host id")
			
 
				 )
			
 
				 
			
 
				+var GetHostLocInfo = func(ip, token string) string { return "" }
			
 
				+
			
 
				 func getHostsFromCache() (hosts []models.Host) {
			
 
				 	hostCacheMutex.RLock()
			
 
				 	for _, host := range hostsCacheMap {
			
@@ -235,6 +238,11 @@ func CreateHost(h *models.Host) error {
 
				 	} else {
			
 
				 		h.DNS = "no"
			
 
				 	}
			
 
				+	if h.EndpointIP != nil {
			
 
				+		h.Location = GetHostLocInfo(h.EndpointIP.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+	} else if h.EndpointIPv6 != nil {
			
 
				+		h.Location = GetHostLocInfo(h.EndpointIPv6.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+	}
			
 
				 	checkForZombieHosts(h)
			
 
				 	return UpsertHost(h)
			
 
				 }
			
--- a/logic/nodes.go
+++ b/logic/nodes.go
@@ -594,6 +594,24 @@ func GetAllNodesAPI(nodes []models.Node) []models.ApiNode {
 
				 	return apiNodes[:]
			
 
				 }
			
 
				 
			
 
				+// GetAllNodesAPI - get all nodes for api usage
			
 
				+func GetAllNodesAPIWithLocation(nodes []models.Node) []models.ApiNode {
			
 
				+	apiNodes := []models.ApiNode{}
			
 
				+	for i := range nodes {
			
 
				+		node := nodes[i]
			
 
				+		newApiNode := node.ConvertToAPINode()
			
 
				+		if node.IsStatic {
			
 
				+			newApiNode.Location = node.StaticNode.Location
			
 
				+		} else {
			
 
				+			host, _ := GetHost(node.HostID.String())
			
 
				+			newApiNode.Location = host.Location
			
 
				+		}
			
 
				+
			
 
				+		apiNodes = append(apiNodes, *newApiNode)
			
 
				+	}
			
 
				+	return apiNodes[:]
			
 
				+}
			
 
				+
			
 
				 // GetNodesStatusAPI - gets nodes status
			
 
				 func GetNodesStatusAPI(nodes []models.Node) map[string]models.ApiNodeStatus {
			
 
				 	apiStatusNodesMap := make(map[string]models.ApiNodeStatus)
			
--- a/logic/peers.go
+++ b/logic/peers.go
@@ -70,7 +70,6 @@ func GetHostPeerInfo(host *models.Host) (models.HostPeerInfo, error) {
 
				 		for _, peer := range currentPeers {
			
 
				 			peer := peer
			
 
				 			if peer.ID.String() == node.ID.String() {
			
 
				-				logger.Log(2, "peer update, skipping self")
			
 
				 				// skip yourself
			
 
				 				continue
			
 
				 			}
			
@@ -225,7 +224,6 @@ func GetPeerUpdateForHost(network string, host *models.Host, allNodes []models.N
 
				 		for _, peer := range currentPeers {
			
 
				 			peer := peer
			
 
				 			if peer.ID.String() == node.ID.String() {
			
 
				-				logger.Log(2, "peer update, skipping self")
			
 
				 				// skip yourself
			
 
				 				continue
			
 
				 			}
			
--- a/logic/user_mgmt.go
+++ b/logic/user_mgmt.go
@@ -2,6 +2,8 @@ package logic
 
				 
			
 
				 import (
			
 
				 	"encoding/json"
			
 
				+	"fmt"
			
 
				+	"time"
			
 
				 
			
 
				 	"github.com/gravitl/netmaker/database"
			
 
				 	"github.com/gravitl/netmaker/models"
			
@@ -60,7 +62,39 @@ var InitialiseRoles = userRolesInit
 
				 var IntialiseGroups = func() {}
			
 
				 var DeleteNetworkRoles = func(netID string) {}
			
 
				 var CreateDefaultNetworkRolesAndGroups = func(netID models.NetworkID) {}
			
 
				-var CreateDefaultUserPolicies = func(netID models.NetworkID) {}
			
 
				+var CreateDefaultUserPolicies = func(netID models.NetworkID) {
			
 
				+	if netID.String() == "" {
			
 
				+		return
			
 
				+	}
			
 
				+	if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-users")) {
			
 
				+		defaultUserAcl := models.Acl{
			
 
				+			ID:          fmt.Sprintf("%s.%s", netID, "all-users"),
			
 
				+			Default:     true,
			
 
				+			Name:        "All Users",
			
 
				+			MetaData:    "This policy gives access to everything in the network for an user",
			
 
				+			NetworkID:   netID,
			
 
				+			Proto:       models.ALL,
			
 
				+			ServiceType: models.Any,
			
 
				+			Port:        []string{},
			
 
				+			RuleType:    models.UserPolicy,
			
 
				+			Src: []models.AclPolicyTag{
			
 
				+				{
			
 
				+					ID:    models.UserAclID,
			
 
				+					Value: "*",
			
 
				+				},
			
 
				+			},
			
 
				+			Dst: []models.AclPolicyTag{{
			
 
				+				ID:    models.NodeTagID,
			
 
				+				Value: "*",
			
 
				+			}},
			
 
				+			AllowedDirection: models.TrafficDirectionUni,
			
 
				+			Enabled:          true,
			
 
				+			CreatedBy:        "auto",
			
 
				+			CreatedAt:        time.Now().UTC(),
			
 
				+		}
			
 
				+		InsertAcl(defaultUserAcl)
			
 
				+	}
			
 
				+}
			
 
				 var GetUserGroupsInNetwork = func(netID models.NetworkID) (networkGrps map[models.UserGroupID]models.UserGroup) { return }
			
 
				 var GetUserGroup = func(groupId models.UserGroupID) (userGrps models.UserGroup, err error) { return }
			
 
				 var AddGlobalNetRolesToAdmins = func(u *models.User) {}
			
--- a/logic/util.go
+++ b/logic/util.go
@@ -9,6 +9,7 @@ import (
 
				 	"fmt"
			
 
				 	"log/slog"
			
 
				 	"net"
			
 
				+	"net/http"
			
 
				 	"os"
			
 
				 	"reflect"
			
 
				 	"strings"
			
@@ -236,3 +237,19 @@ func UniqueStrings(input []string) []string {
 
				 
			
 
				 	return result
			
 
				 }
			
 
				+func GetClientIP(r *http.Request) string {
			
 
				+	// Trust X-Forwarded-For first
			
 
				+	if xff := r.Header.Get("X-Forwarded-For"); xff != "" {
			
 
				+		parts := strings.Split(xff, ",")
			
 
				+		return strings.TrimSpace(parts[0])
			
 
				+	}
			
 
				+	if xrip := r.Header.Get("X-Real-IP"); xrip != "" {
			
 
				+		return xrip
			
 
				+	}
			
 
				+
			
 
				+	ip, _, err := net.SplitHostPort(r.RemoteAddr)
			
 
				+	if err != nil {
			
 
				+		return r.RemoteAddr
			
 
				+	}
			
 
				+	return ip
			
 
				+}
			
--- a/migrate/migrate.go
+++ b/migrate/migrate.go
@@ -5,6 +5,7 @@ import (
 
				 	"encoding/json"
			
 
				 	"fmt"
			
 
				 	"log"
			
 
				+	"os"
			
 
				 	"time"
			
 
				 
			
 
				 	"golang.org/x/exp/slog"
			
@@ -248,6 +249,16 @@ func updateHosts() {
 
				 			}
			
 
				 			logic.UpsertHost(&host)
			
 
				 		}
			
 
				+		if servercfg.IsPro && host.Location == "" {
			
 
				+			if host.EndpointIP != nil {
			
 
				+				host.Location = logic.GetHostLocInfo(host.EndpointIP.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+			} else if host.EndpointIPv6 != nil {
			
 
				+				host.Location = logic.GetHostLocInfo(host.EndpointIPv6.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+			}
			
 
				+			if host.Location != "" {
			
 
				+				logic.UpsertHost(&host)
			
 
				+			}
			
 
				+		}
			
 
				 	}
			
 
				 }
			
 
				 
			
--- a/models/api_host.go
+++ b/models/api_host.go
@@ -32,6 +32,7 @@ type ApiHost struct {
 
				 	PersistentKeepalive int        `json:"persistentkeepalive"   yaml:"persistentkeepalive"`
			
 
				 	AutoUpdate          bool       `json:"autoupdate"              yaml:"autoupdate"`
			
 
				 	DNS                 string     `json:"dns"               yaml:"dns"`
			
 
				+	Location            string     `json:"location"`
			
 
				 }
			
 
				 
			
 
				 // ApiIface - the interface struct for API usage
			
@@ -80,6 +81,7 @@ func (h *Host) ConvertNMHostToAPI() *ApiHost {
 
				 	a.PersistentKeepalive = int(h.PersistentKeepalive.Seconds())
			
 
				 	a.AutoUpdate = h.AutoUpdate
			
 
				 	a.DNS = h.DNS
			
 
				+	a.Location = h.Location
			
 
				 	return &a
			
 
				 }
			
 
				 
			
@@ -126,5 +128,6 @@ func (a *ApiHost) ConvertAPIHostToNMHost(currentHost *Host) *Host {
 
				 	h.PersistentKeepalive = time.Duration(a.PersistentKeepalive) * time.Second
			
 
				 	h.AutoUpdate = a.AutoUpdate
			
 
				 	h.DNS = strings.ToLower(a.DNS)
			
 
				+	h.Location = currentHost.Location
			
 
				 	return &h
			
 
				 }
			
--- a/models/api_node.go
+++ b/models/api_node.go
@@ -62,6 +62,7 @@ type ApiNode struct {
 
				 	IsUserNode        bool                `json:"is_user_node"`
			
 
				 	StaticNode        ExtClient           `json:"static_node"`
			
 
				 	Status            NodeStatus          `json:"status"`
			
 
				+	Location          string              `json:"location"`
			
 
				 }
			
 
				 
			
 
				 // ApiNode.ConvertToServerNode - converts an api node to a server node
			
--- a/models/extclient.go
+++ b/models/extclient.go
@@ -27,6 +27,7 @@ type ExtClient struct {
 
				 	DeviceName             string              `json:"device_name"`
			
 
				 	PublicEndpoint         string              `json:"public_endpoint"`
			
 
				 	Country                string              `json:"country"`
			
 
				+	Location               string              `json:"location"` //format: lat,long
			
 
				 	Mutex                  *sync.Mutex         `json:"-"`
			
 
				 }
			
 
				 
			
@@ -47,6 +48,7 @@ type CustomExtClient struct {
 
				 	IsAlreadyConnectedToInetGw bool                `json:"is_already_connected_to_inet_gw"`
			
 
				 	PublicEndpoint             string              `json:"public_endpoint"`
			
 
				 	Country                    string              `json:"country"`
			
 
				+	Location                   string              `json:"location"` //format: lat,long
			
 
				 }
			
 
				 
			
 
				 func (ext *ExtClient) ConvertToStaticNode() Node {
			
--- a/models/host.go
+++ b/models/host.go
@@ -73,6 +73,7 @@ type Host struct {
 
				 	NatType             string           `json:"nat_type,omitempty"      yaml:"nat_type,omitempty"`
			
 
				 	TurnEndpoint        *netip.AddrPort  `json:"turn_endpoint,omitempty" yaml:"turn_endpoint,omitempty"`
			
 
				 	PersistentKeepalive time.Duration    `json:"persistentkeepalive" swaggertype:"primitive,integer" format:"int64" yaml:"persistentkeepalive"`
			
 
				+	Location            string           `json:"location"` // Format: "lat,lon"
			
 
				 }
			
 
				 
			
 
				 // FormatBool converts a boolean to a [yes|no] string
			
--- a/models/user_mgmt.go
+++ b/models/user_mgmt.go
@@ -190,6 +190,7 @@ type ReturnUser struct {
 
				 	PlatformRoleID             UserRoleID                            `json:"platform_role_id"`
			
 
				 	NetworkRoles               map[NetworkID]map[UserRoleID]struct{} `json:"network_roles"`
			
 
				 	LastLoginTime              time.Time                             `json:"last_login_time"`
			
 
				+	NumAccessTokens            int                                   `json:"num_access_tokens"`
			
 
				 }
			
 
				 
			
 
				 // UserAuthParams - user auth params struct
			
--- a/mq/handlers.go
+++ b/mq/handlers.go
@@ -2,6 +2,7 @@ package mq
 
				 
			
 
				 import (
			
 
				 	"encoding/json"
			
 
				+	"os"
			
 
				 
			
 
				 	mqtt "github.com/eclipse/paho.mqtt.golang"
			
 
				 	"github.com/google/uuid"
			
@@ -280,7 +281,13 @@ func HandleHostCheckin(h, currentHost *models.Host) bool {
 
				 		(h.ListenPort != 0 && h.ListenPort != currentHost.ListenPort) ||
			
 
				 		(h.WgPublicListenPort != 0 && h.WgPublicListenPort != currentHost.WgPublicListenPort) || (!h.EndpointIPv6.Equal(currentHost.EndpointIPv6))
			
 
				 	if ifaceDelta { // only save if something changes
			
 
				-
			
 
				+		if !h.EndpointIP.Equal(currentHost.EndpointIP) || !h.EndpointIPv6.Equal(currentHost.EndpointIPv6) {
			
 
				+			if h.EndpointIP != nil {
			
 
				+				h.Location = logic.GetHostLocInfo(h.EndpointIP.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+			} else if h.EndpointIPv6 != nil {
			
 
				+				h.Location = logic.GetHostLocInfo(h.EndpointIPv6.String(), os.Getenv("IP_INFO_TOKEN"))
			
 
				+			}
			
 
				+		}
			
 
				 		currentHost.EndpointIP = h.EndpointIP
			
 
				 		currentHost.EndpointIPv6 = h.EndpointIPv6
			
 
				 		currentHost.Interfaces = h.Interfaces
			
--- a/pro/auth/error.go
+++ b/pro/auth/error.go
@@ -98,7 +98,7 @@ var oauthNotConfigured = fmt.Sprintf(htmlBaseTemplate, `<h2>Your Netmaker server
 
				 var oauthStateInvalid = fmt.Sprintf(htmlBaseTemplate, `<h2>Invalid OAuth Session. Please re-try again.</h2>`)
			
 
				 
			
 
				 var userNotAllowed = fmt.Sprintf(htmlBaseTemplate, `<h2>Your account does not have access to the dashboard. Please contact your administrator for more information about your account.</h2>
			
 
				-<p>Non-Admins can access the netmaker networks using <a href="https://docs.netmaker.io/docs/remote-access-client-rac#downloadinstallation" target="_blank" rel="noopener">our Netmaker Desktop App.</a></p>`)
			
 
				+<p>Non-Admins can access the netmaker networks using <a href="https://docs.netmaker.io/docs/client-installation/netmaker-desktop#downloadinstallation" target="_blank" rel="noopener">our Netmaker Desktop App.</a></p>`)
			
 
				 
			
 
				 var userFirstTimeSignUp = fmt.Sprintf(htmlBaseTemplate, `<h2>Thank you for signing up. Please contact your administrator for access.</h2>`)
			
 
				 
			
--- a/pro/controllers/metrics.go
+++ b/pro/controllers/metrics.go
@@ -20,6 +20,7 @@ func MetricHandlers(r *mux.Router) {
 
				 	r.HandleFunc("/api/metrics/{network}", logic.SecurityCheck(true, http.HandlerFunc(getNetworkNodesMetrics))).Methods(http.MethodGet)
			
 
				 	r.HandleFunc("/api/metrics", logic.SecurityCheck(true, http.HandlerFunc(getAllMetrics))).Methods(http.MethodGet)
			
 
				 	r.HandleFunc("/api/metrics-ext/{network}", logic.SecurityCheck(true, http.HandlerFunc(getNetworkExtMetrics))).Methods(http.MethodGet)
			
 
				+	r.HandleFunc("/api/v1/graph/{network}", logic.SecurityCheck(true, http.HandlerFunc(graph))).Methods(http.MethodGet)
			
 
				 }
			
 
				 
			
 
				 // get the metrics of a given node
			
@@ -165,3 +166,21 @@ func getAllMetrics(w http.ResponseWriter, r *http.Request) {
 
				 	w.WriteHeader(http.StatusOK)
			
 
				 	json.NewEncoder(w).Encode(networkMetrics)
			
 
				 }
			
 
				+
			
 
				+func graph(w http.ResponseWriter, r *http.Request) {
			
 
				+	w.Header().Set("Content-Type", "application/json")
			
 
				+
			
 
				+	var params = mux.Vars(r)
			
 
				+	network := params["network"]
			
 
				+	networkNodes, err := logic.GetNetworkNodes(network)
			
 
				+	if err != nil {
			
 
				+		logger.Log(1, r.Header.Get("user"), "failed to get network nodes", err.Error())
			
 
				+		return
			
 
				+	}
			
 
				+	networkNodes = logic.AddStaticNodestoList(networkNodes)
			
 
				+	// return all the nodes in JSON/API format
			
 
				+	apiNodes := logic.GetAllNodesAPIWithLocation(networkNodes[:])
			
 
				+	logic.SortApiNodes(apiNodes[:])
			
 
				+	w.WriteHeader(http.StatusOK)
			
 
				+	json.NewEncoder(w).Encode(apiNodes)
			
 
				+}
			
--- a/pro/controllers/users.go
+++ b/pro/controllers/users.go
@@ -1304,6 +1304,12 @@ func getUserRemoteAccessGwsV1(w http.ResponseWriter, r *http.Request) {
 
				 			if extClient.DNS == "" {
			
 
				 				extClient.DNS = node.IngressDNS
			
 
				 			}
			
 
				+
			
 
				+			extClient.IngressGatewayEndpoint = utils.GetExtClientEndpoint(
			
 
				+				host.EndpointIP,
			
 
				+				host.EndpointIPv6,
			
 
				+				logic.GetPeerListenPort(host),
			
 
				+			)
			
 
				 			extClient.AllowedIPs = logic.GetExtclientAllowedIPs(extClient)
			
 
				 			gws = append(gws, models.UserRemoteGws{
			
 
				 				GwID:              node.ID.String(),
			
--- a/pro/initialize.go
+++ b/pro/initialize.go
@@ -156,6 +156,7 @@ func InitPro() {
 
				 	logic.IsNodeAllowedToCommunicate = proLogic.IsNodeAllowedToCommunicate
			
 
				 	logic.GetFwRulesForNodeAndPeerOnGw = proLogic.GetFwRulesForNodeAndPeerOnGw
			
 
				 	logic.GetFwRulesForUserNodesOnGw = proLogic.GetFwRulesForUserNodesOnGw
			
 
				+	logic.GetHostLocInfo = proLogic.GetHostLocInfo
			
 
				 
			
 
				 }
			
 
				 
			
--- a/pro/logic/metrics.go
+++ b/pro/logic/metrics.go
@@ -2,6 +2,7 @@ package logic
 
				 
			
 
				 import (
			
 
				 	"encoding/json"
			
 
				+	"net/http"
			
 
				 	"sync"
			
 
				 	"time"
			
 
				 
			
@@ -237,3 +238,29 @@ func updateNodeMetrics(currentNode *models.Node, newMetrics *models.Metrics) {
 
				 
			
 
				 	slog.Debug("[metrics] node metrics data", "node ID", currentNode.ID, "metrics", newMetrics)
			
 
				 }
			
 
				+
			
 
				+func GetHostLocInfo(ip, token string) string {
			
 
				+	url := "https://ipinfo.io/"
			
 
				+	if ip != "" {
			
 
				+		url += ip
			
 
				+	}
			
 
				+	url += "/json"
			
 
				+	if token != "" {
			
 
				+		url += "?token=" + token
			
 
				+	}
			
 
				+
			
 
				+	client := http.Client{Timeout: 3 * time.Second}
			
 
				+	resp, err := client.Get(url)
			
 
				+	if err != nil {
			
 
				+		return ""
			
 
				+	}
			
 
				+	defer resp.Body.Close()
			
 
				+
			
 
				+	var data struct {
			
 
				+		Loc string `json:"loc"` // Format: "lat,lon"
			
 
				+	}
			
 
				+	if err := json.NewDecoder(resp.Body).Decode(&data); err != nil {
			
 
				+		return ""
			
 
				+	}
			
 
				+	return data.Loc
			
 
				+}
			
--- a/schema/user_access_token.go
+++ b/schema/user_access_token.go
@@ -43,6 +43,15 @@ func (a *UserAccessToken) ListByUser(ctx context.Context) (ats []UserAccessToken
 
				 	return
			
 
				 }
			
 
				 
			
 
				+func (a *UserAccessToken) CountByUser(ctx context.Context) (int, error) {
			
 
				+	var count int64
			
 
				+	err := db.FromContext(ctx).Model(&UserAccessToken{}).
			
 
				+		Where("user_name = ?", a.UserName).
			
 
				+		Count(&count).
			
 
				+		Error
			
 
				+	return int(count), err
			
 
				+}
			
 
				+
			
 
				 func (a *UserAccessToken) Delete(ctx context.Context) error {
			
 
				 	return db.FromContext(ctx).Model(&UserAccessToken{}).Where("id = ?", a.ID).Delete(&a).Error
			
 
				 }
			
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -1,7 +1,9 @@
 
				 package utils
			
 
				 
			
 
				 import (
			
 
				+	"fmt"
			
 
				 	"log/slog"
			
 
				+	"net"
			
 
				 	"runtime"
			
 
				 	"strings"
			
 
				 	"time"
			
@@ -75,3 +77,12 @@ func NoEmptyStringToCsv(strs ...string) string {
 
				 	}
			
 
				 	return sb.String()
			
 
				 }
			
 
				+
			
 
				+// GetExtClientEndpoint returns the external client endpoint in the format "host:port" or "[host]:port" for IPv6
			
 
				+func GetExtClientEndpoint(hostIpv4Endpoint, hostIpv6Endpoint net.IP, hostListenPort int) string {
			
 
				+	if hostIpv4Endpoint.To4() == nil {
			
 
				+		return fmt.Sprintf("[%s]:%d", hostIpv6Endpoint.String(), hostListenPort)
			
 
				+	} else {
			
 
				+		return fmt.Sprintf("%s:%d", hostIpv4Endpoint.String(), hostListenPort)
			
 
				+	}
			
 
				+}