3 years ago · c858d76bad
--- a/config/config.go
+++ b/config/config.go
@@ -69,6 +69,7 @@ type ServerConfig struct {
 
				 	MQPort                string `yaml:"mqport"`
			
 
				 	MQServerPort          string `yaml:"mqserverport"`
			
 
				 	Server                string `yaml:"server"`
			
 
				+	PublicIPService       string `yaml:"publicipservice"`
			
 
				 }
			
 
				 
			
 
				 // SQLConfig - Generic SQL Config
			
--- a/config/environments/dev.yaml
+++ b/config/environments/dev.yaml
@@ -11,3 +11,4 @@ server:
 
				   disableremoteipcheck: "" # defaults to "false" or DISABLE_REMOTE_IP_CHECK (if set)
			
 
				   version: "" # version of server
			
 
				   rce: "" # defaults to "off"
			
 
				+  publicipservice: "" # defaults to "" or PUBLIC_IP_SERVICE (if set)
			
--- a/logic/peers.go
+++ b/logic/peers.go
@@ -324,6 +324,16 @@ func GetAllowedIPs(node, peer *models.Node) []net.IPNet {
 
				 				extAllowedIPs := getEgressIPs(node, relayedNode)
			
 
				 				allowedips = append(allowedips, extAllowedIPs...)
			
 
				 			}
			
 
				+			if relayedNode.IsIngressGateway == "yes" {
			
 
				+				extPeers, err := getExtPeers(relayedNode)
			
 
				+				if err == nil {
			
 
				+					for _, extPeer := range extPeers {
			
 
				+						allowedips = append(allowedips, extPeer.AllowedIPs...)
			
 
				+					}
			
 
				+				} else {
			
 
				+					logger.Log(0, "failed to retrieve extclients from relayed ingress", err.Error())
			
 
				+				}
			
 
				+			}
			
 
				 		}
			
 
				 	}
			
 
				 	return allowedips
			
@@ -413,6 +423,14 @@ func GetPeerUpdateForRelayedNode(node *models.Node, udppeers map[string]string)
 
				 			}
			
 
				 		}
			
 
				 	}
			
 
				+	//delete extclients from allowedip if we are ingress gateway
			
 
				+	if node.IsIngressGateway == "yes" {
			
 
				+		for i := len(allowedips) - 1; i >= 0; i-- {
			
 
				+			if strings.Contains(node.IngressGatewayRange, allowedips[i].IP.String()) {
			
 
				+				allowedips = append(allowedips[:i], allowedips[i+1:]...)
			
 
				+			}
			
 
				+		}
			
 
				+	}
			
 
				 
			
 
				 	pubkey, err := wgtypes.ParseKey(relay.PublicKey)
			
 
				 	if err != nil {
			
@@ -458,6 +476,15 @@ func GetPeerUpdateForRelayedNode(node *models.Node, udppeers map[string]string)
 
				 	if relay.IsServer == "yes" {
			
 
				 		serverNodeAddresses = append(serverNodeAddresses, models.ServerAddr{IsLeader: IsLeader(relay), Address: relay.Address})
			
 
				 	}
			
 
				+	//if ingress add extclients
			
 
				+	if node.IsIngressGateway == "yes" {
			
 
				+		extPeers, err := getExtPeers(node)
			
 
				+		if err == nil {
			
 
				+			peers = append(peers, extPeers...)
			
 
				+		} else {
			
 
				+			logger.Log(2, "could not retrieve ext peers for ", node.Name, err.Error())
			
 
				+		}
			
 
				+	}
			
 
				 	peerUpdate.Network = node.Network
			
 
				 	peerUpdate.ServerVersion = servercfg.Version
			
 
				 	peerUpdate.Peers = peers
			
--- a/servercfg/serverconf.go
+++ b/servercfg/serverconf.go
@@ -430,7 +430,13 @@ func GetPublicIP() (string, error) {
 
				 	iplist := []string{"https://ip.server.gravitl.com", "https://ifconfig.me", "https://api.ipify.org", "https://ipinfo.io/ip"}
			
 
				 	publicIpService := os.Getenv("PUBLIC_IP_SERVICE")
			
 
				 	if publicIpService != "" {
			
 
				-		logger.Log(3, "User provided public IP service is", publicIpService)
			
 
				+		logger.Log(3, "User (environment variable) provided public IP service is", publicIpService)
			
 
				+
			
 
				+		// prepend the user-specified service so it's checked first
			
 
				+		iplist = append([]string{publicIpService}, iplist...)
			
 
				+	} else if config.Config.Server.PublicIPService != "" {
			
 
				+		publicIpService = config.Config.Server.PublicIPService
			
 
				+		logger.Log(3, "User (config file) provided public IP service is", publicIpService)
			
 
				 
			
 
				 		// prepend the user-specified service so it's checked first
			
 
				 		iplist = append([]string{publicIpService}, iplist...)