| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389 |
- package functions
- import (
- "google.golang.org/grpc/credentials"
- "crypto/tls"
- "context"
- "strings"
- "log"
- "net"
- "os/exec"
- "github.com/gravitl/netmaker/netclient/config"
- "github.com/gravitl/netmaker/netclient/local"
- "github.com/gravitl/netmaker/netclient/wireguard"
- "github.com/gravitl/netmaker/netclient/server"
- "github.com/gravitl/netmaker/netclient/auth"
- nodepb "github.com/gravitl/netmaker/grpc"
- "google.golang.org/grpc"
- "google.golang.org/grpc/metadata"
- //homedir "github.com/mitchellh/go-homedir"
- )
- func CheckIn(cliconf config.ClientConfig) error {
- network := cliconf.Network
- node := server.GetNode(network)
- cfg, err := config.ReadConfig(network)
- if err != nil {
- return err
- }
- nodecfg := cfg.Node
- servercfg := cfg.Server
- log.Println("Checking into server at " + servercfg.GRPCAddress)
- setupcheck := true
- ipchange := false
- if nodecfg.DNS == "on" || cliconf.Node.DNS == "on" {
- log.Println("setting dns")
- ifacename := node.Interface
- nameserver := servercfg.CoreDNSAddr
- network := node.Nodenetwork
- _ = local.UpdateDNS(ifacename, network, nameserver)
- }
- if !(nodecfg.IPForwarding == "off") {
- out, err := exec.Command("sysctl", "net.ipv4.ip_forward").Output()
- if err != nil {
- log.Println(err)
- log.Println("WARNING: Error encountered setting ip forwarding. This can break functionality.")
- } else {
- s := strings.Fields(string(out))
- if s[2] != "1" {
- _, err = exec.Command("sysctl", "-w", "net.ipv4.ip_forward=1").Output()
- if err != nil {
- log.Println(err)
- log.Println("WARNING: Error encountered setting ip forwarding. You may want to investigate this.")
- }
- }
- }
- }
- if nodecfg.Roaming != "off" {
- if nodecfg.IsLocal != "yes" {
- log.Println("Checking to see if public addresses have changed")
- extIP, err := getPublicIP()
- if err != nil {
- log.Println("Error encountered checking ip addresses: %v", err)
- }
- if nodecfg.Endpoint != extIP && extIP != "" {
- log.Println("Endpoint has changed from " +
- nodecfg.Endpoint + " to " + extIP)
- log.Println("Updating address")
- nodecfg.Endpoint = extIP
- nodecfg.PostChanges = "true"
- node.Endpoint = extIP
- node.Postchanges = "true"
- ipchange = true
- }
- intIP, err := getPrivateAddr()
- if err != nil {
- log.Println("Error encountered checking ip addresses: %v", err)
- }
- if nodecfg.LocalAddress != intIP && intIP != "" {
- log.Println("Local Address has changed from " +
- nodecfg.LocalAddress + " to " + intIP)
- log.Println("Updating address")
- nodecfg.LocalAddress = intIP
- nodecfg.PostChanges = "true"
- node.Localaddress = intIP
- node.Postchanges = "true"
- ipchange = true
- }
- } else {
- log.Println("Checking to see if local addresses have changed")
- localIP, err := getLocalIP(nodecfg.LocalRange)
- if err != nil {
- log.Println("Error encountered checking ip addresses: %v", err)
- }
- if nodecfg.Endpoint != localIP && localIP != "" {
- log.Println("Endpoint has changed from " +
- nodecfg.Endpoint + " to " + localIP)
- log.Println("Updating address")
- nodecfg.Endpoint = localIP
- nodecfg.LocalAddress = localIP
- nodecfg.PostChanges = "true"
- node.Endpoint = localIP
- node.Localaddress = localIP
- node.Postchanges = "true"
- ipchange = true
- }
- }
- if node.Postchanges != "true" {
- log.Println("Addresses have not changed.")
- }
- }
- if ipchange {
- err := config.ModConfig(&node)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- err = wireguard.SetWGConfig(network, false)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- node = server.GetNode(network)
- cfg, err := config.ReadConfig(network)
- if err != nil {
- return err
- }
- nodecfg = cfg.Node
- }
- var wcclient nodepb.NodeServiceClient
- var requestOpts grpc.DialOption
- requestOpts = grpc.WithInsecure()
- if servercfg.GRPCSSL == "on" {
- log.Println("using SSL")
- h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
- requestOpts = grpc.WithTransportCredentials(h2creds)
- } else {
- log.Println("using insecure GRPC connection")
- }
- conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
- if err != nil {
- log.Println("Cant dial GRPC server: %v", err)
- return err
- }
- wcclient = nodepb.NewNodeServiceClient(conn)
- ctx := context.Background()
- log.Println("Authenticating with GRPC Server")
- ctx, err = auth.SetJWT(wcclient, network)
- if err != nil {
- log.Println("Failed to authenticate: %v", err)
- return err
- }
- log.Println("Authenticated")
- log.Println("Checking In.")
- var header metadata.MD
- node.Nodenetwork = network
- checkinres, err := wcclient.CheckIn(
- ctx,
- &nodepb.CheckInReq{
- Node: &node,
- },
- grpc.Header(&header),
- )
- if err != nil {
- if checkinres != nil && checkinres.Checkinresponse.Ispending {
- log.Println("Node is in pending status. Waiting for Admin approval of node before making further updates.")
- return nil
- }
- log.Println("Unable to process Check In request: %v", err)
- return err
- }
- log.Println("Checked in.")
- if checkinres.Checkinresponse.Ispending {
- log.Println("Node is in pending status. Waiting for Admin approval of node before making further updates.")
- return err
- }
- newinterface := server.GetNode(network).Interface
- readreq := &nodepb.ReadNodeReq{
- Macaddress: node.Macaddress,
- Network: node.Nodenetwork,
- }
- readres, err := wcclient.ReadNode(ctx, readreq, grpc.Header(&header))
- if err != nil {
- log.Println("Error: %v", err)
- } else {
- currentiface := readres.Node.Interface
- ifaceupdate := newinterface != currentiface
- if err != nil {
- log.Println("Error retrieving interface: %v", err)
- }
- if ifaceupdate {
- log.Println("Interface update: " + currentiface +
- " >>>> " + newinterface)
- err := DeleteInterface(currentiface, nodecfg.PostDown)
- if err != nil {
- log.Println("ERROR DELETING INTERFACE: " + currentiface)
- }
- err = wireguard.SetWGConfig(network, false)
- if err != nil {
- log.Println("Error updating interface: %v", err)
- }
- }
- }
- if checkinres.Checkinresponse.Needconfigupdate {
- log.Println("Server has requested that node update config.")
- log.Println("Updating config from remote server.")
- req := &nodepb.ReadNodeReq{
- Macaddress: node.Macaddress,
- Network: node.Nodenetwork,
- }
- readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- err = config.ModConfig(readres.Node)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- err = wireguard.SetWGConfig(network, false)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- setupcheck = false
- } else if nodecfg.PostChanges == "true" {
- log.Println("Node has requested to update remote config.")
- log.Println("Posting local config to remote server.")
- postnode := server.GetNode(network)
- log.Println("POSTING NODE: ",postnode.Macaddress,postnode.Saveconfig)
- req := &nodepb.UpdateNodeReq{
- Node: &postnode,
- }
- res, err := wcclient.UpdateNode(ctx, req, grpc.Header(&header))
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- res.Node.Postchanges = "false"
- err = config.ModConfig(res.Node)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- setupcheck = false
- }
- if checkinres.Checkinresponse.Needkeyupdate {
- log.Println("Server has requested that node update key pairs.")
- log.Println("Proceeding to re-generate key pairs for Wiregard.")
- err = wireguard.SetWGKeyConfig(network, servercfg.GRPCAddress)
- if err != nil {
- return err
- log.Fatalf("Unable to process reset keys request: %v", err)
- }
- setupcheck = false
- }
- if checkinres.Checkinresponse.Needpeerupdate {
- log.Println("Server has requested that node update peer list.")
- log.Println("Updating peer list from remote server.")
- err = wireguard.SetWGConfig(network, true)
- if err != nil {
- return err
- log.Fatalf("Unable to process Set Peers request: %v", err)
- }
- setupcheck = false
- }
- if checkinres.Checkinresponse.Needdelete {
- log.Println("This machine got the delete signal. Deleting.")
- err := LeaveNetwork(network)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- }
- if setupcheck {
- iface := nodecfg.Interface
- _, err := net.InterfaceByName(iface)
- if err != nil {
- log.Println("interface " + iface + " does not currently exist. Setting up WireGuard.")
- err = wireguard.SetWGKeyConfig(network, servercfg.GRPCAddress)
- if err != nil {
- return err
- log.Fatalf("Error: %v", err)
- }
- }
- }
- //err = Pull(network)
- return err
- }
- func Pull (network string) error{
- node := server.GetNode(network)
- cfg, err := config.ReadConfig(network)
- if err != nil {
- return err
- }
- servercfg := cfg.Server
- var header metadata.MD
- var wcclient nodepb.NodeServiceClient
- var requestOpts grpc.DialOption
- requestOpts = grpc.WithInsecure()
- if cfg.Server.GRPCSSL == "on" {
- h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
- requestOpts = grpc.WithTransportCredentials(h2creds)
- }
- conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
- if err != nil {
- log.Println("Cant dial GRPC server: %v", err)
- return err
- }
- wcclient = nodepb.NewNodeServiceClient(conn)
- ctx := context.Background()
- ctx, err = auth.SetJWT(wcclient, network)
- if err != nil {
- log.Println("Failed to authenticate: %v", err)
- return err
- }
- req := &nodepb.ReadNodeReq{
- Macaddress: node.Macaddress,
- Network: node.Nodenetwork,
- }
- readres, err := wcclient.ReadNode(ctx, req, grpc.Header(&header))
- if err != nil {
- return err
- }
- err = config.ModConfig(readres.Node)
- if err != nil {
- return err
- }
- err = wireguard.SetWGConfig(network, false)
- if err != nil {
- return err
- }
- return err
- }
- func Push (network string) error{
- postnode := server.GetNode(network)
- cfg, err := config.ReadConfig(network)
- if err != nil {
- return err
- }
- servercfg := cfg.Server
- var header metadata.MD
- var wcclient nodepb.NodeServiceClient
- var requestOpts grpc.DialOption
- requestOpts = grpc.WithInsecure()
- if cfg.Server.GRPCSSL == "on" {
- h2creds := credentials.NewTLS(&tls.Config{NextProtos: []string{"h2"}})
- requestOpts = grpc.WithTransportCredentials(h2creds)
- }
- conn, err := grpc.Dial(servercfg.GRPCAddress, requestOpts)
- if err != nil {
- log.Println("Cant dial GRPC server: %v", err)
- return err
- }
- wcclient = nodepb.NewNodeServiceClient(conn)
- ctx := context.Background()
- ctx, err = auth.SetJWT(wcclient, network)
- if err != nil {
- log.Println("Failed to authenticate: %v", err)
- return err
- }
- req := &nodepb.UpdateNodeReq{
- Node: &postnode,
- }
- _, err = wcclient.UpdateNode(ctx, req, grpc.Header(&header))
- return err
- }
|
