golang
/
netmaker
mirror of https://github.com/gravitl/netmaker


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185
							package serverctl

import (
	//"github.com/davecgh/go-spew/spew"

	"encoding/json"
	"errors"
	"log"
	"net"
	"os"
	"strconv"

	"github.com/gravitl/netmaker/database"
	"github.com/gravitl/netmaker/functions"
	"github.com/gravitl/netmaker/models"
	"github.com/gravitl/netmaker/servercfg"
	"github.com/vishvananda/netlink"
	"golang.zx2c4.com/wireguard/wgctrl"
	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)

func InitServerWireGuard() error {

	created, err := CreateCommsNetwork()
	if !created {
		return err
	}
	wgconfig := servercfg.GetWGConfig()
	if !(wgconfig.GRPCWireGuard == "on") {
		return errors.New("WireGuard not enabled on this server.")
	}
	ifaceSettings := netlink.NewLinkAttrs()

	if wgconfig.GRPCWGInterface == "" {
		return errors.New("No WireGuard Interface Name set.")
	}
	ifaceSettings.Name = wgconfig.GRPCWGInterface
	wglink := &models.WireGuardLink{LinkAttrs: &ifaceSettings}

	err = netlink.LinkAdd(wglink)
	if err != nil {
		if os.IsExist(err) {
			log.Println("WireGuard interface " + ifaceSettings.Name + " already exists. Skipping...")
		} else {
			return err
		}
	}
	address, err := netlink.ParseAddr(wgconfig.GRPCWGAddress + "/24")
	if err != nil {
		return err
	}

	err = netlink.AddrAdd(wglink, address)
	if err != nil && !os.IsExist(err) {
		return err
	}
	err = netlink.LinkSetUp(wglink)
	if err != nil {
		log.Println("could not bring up wireguard interface")
		return err
	}
	var client models.IntClient
	client.PrivateKey = wgconfig.GRPCWGPrivKey
	client.PublicKey = wgconfig.GRPCWGPubKey
	client.ServerPublicEndpoint = servercfg.GetAPIHost()
	client.ServerAPIPort = servercfg.GetAPIPort()
	client.ServerPrivateAddress = servercfg.GetGRPCWGAddress()
	client.ServerWGPort = servercfg.GetGRPCWGPort()
	client.ServerGRPCPort = servercfg.GetGRPCPort()
	client.Address = servercfg.GetGRPCWGAddress()
	client.IsServer = "yes"
	client.Network = "comms"
	exists, _ := functions.GetServerIntClient()
	if exists != nil {
		err = RegisterServer(client)
	}
	return err
}

func DeleteServerClient() error {
	return nil
}

func RegisterServer(client models.IntClient) error {
	if client.PrivateKey == "" {
		privateKey, err := wgtypes.GeneratePrivateKey()
		if err != nil {
			return err
		}

		client.PrivateKey = privateKey.String()
		client.PublicKey = privateKey.PublicKey().String()
	}

	if client.Address == "" {
		newAddress, err := functions.UniqueAddress(client.Network)
		if err != nil {
			return err
		}
		if newAddress == "" {
			return errors.New("Could not retrieve address")
		}
		client.Address = newAddress
	}
	if client.Network == "" {
		client.Network = "comms"
	}
	client.ServerKey = client.PublicKey
	value, err := json.Marshal(client)
	if err != nil {
		return err
	}
	database.Insert(client.PublicKey, string(value), database.INT_CLIENTS_TABLE_NAME)

	ReconfigureServerWireGuard()

	return err
}

func ReconfigureServerWireGuard() error {
	server, err := functions.GetServerIntClient()
	if err != nil {
		return err
	}
	serverkey, err := wgtypes.ParseKey(server.PrivateKey)
	if err != nil {
		return err
	}
	serverport, err := strconv.Atoi(servercfg.GetGRPCWGPort())
	if err != nil {
		return err
	}

	peers, err := functions.GetIntPeersList()
	if err != nil {
		return err
	}
	wgserver, err := wgctrl.New()
	if err != nil {
		return err
	}
	var serverpeers []wgtypes.PeerConfig
	for _, peer := range peers {

		pubkey, err := wgtypes.ParseKey(peer.PublicKey)
		if err != nil {
			return err
		}
		var peercfg wgtypes.PeerConfig
		var allowedips []net.IPNet
		if peer.Address != "" {
			var peeraddr = net.IPNet{
				IP:   net.ParseIP(peer.Address),
				Mask: net.CIDRMask(32, 32),
			}
			allowedips = append(allowedips, peeraddr)
		}
		if peer.Address6 != "" {
			var addr6 = net.IPNet{
				IP:   net.ParseIP(peer.Address6),
				Mask: net.CIDRMask(128, 128),
			}
			allowedips = append(allowedips, addr6)
		}
		peercfg = wgtypes.PeerConfig{
			PublicKey:         pubkey,
			ReplaceAllowedIPs: true,
			AllowedIPs:        allowedips,
		}
		serverpeers = append(serverpeers, peercfg)
	}

	wgconf := wgtypes.Config{
		PrivateKey:   &serverkey,
		ListenPort:   &serverport,
		ReplacePeers: true,
		Peers:        serverpeers,
	}
	wgiface := servercfg.GetGRPCWGInterface()
	err = wgserver.ConfigureDevice(wgiface, wgconf)
	if err != nil {
		return err
	}
	return nil
}