Merge branch 'develop' into tob/fix-logs

gravitl · Jun 28, 2023 · 08e29bd · 08e29bd
2 parents e9672f4 + 3ef4648
commit 08e29bd
Show file tree

Hide file tree

Showing 18 changed files with 239 additions and 88 deletions.
diff --git a/.github/workflows/branchtest.yml b/.github/workflows/branchtest.yml
@@ -9,12 +9,13 @@ jobs:
  skip-check:
  runs-on: ubuntu-latest
  outputs:
- skip: ${{ steps.check.outputs.skip }}
+ skip: ${{ steps.skip.outputs.skip }}
  steps:
  - id: skip
  uses: fkirc/skip-duplicate-actions@v5
  with:
  concurrent_skipping: 'always'
+
  getbranch:
  runs-on: ubuntu-latest
  needs: skip-check
@@ -38,12 +39,56 @@ jobs:
  echo "netmakerbranch=develop" >> $GITHUB_OUTPUT
  fi
  
+ getserver:
+ runs-on: ubuntu-latest
+ needs: skip-check
+ if: ${{ needs.skip-check.outputs.skip != 'true' }}
+ outputs:
+ netmakerserver: ${{ steps.getserver.outputs.server }}
+ steps:
+ - name: setup ssh
+ run: |
+ mkdir -p ~/.ssh/
+ echo "$SSH_KEY" > ~/.ssh/id_devops
+ chmod 600 ~/.ssh/id_devops
+ cat >>~/.ssh/config <<END
+ Host *.clustercat.com
+ User root
+ IdentityFile ~/.ssh/id_devops
+ StrictHostKeyChecking no
+ END
+ env:
+ SSH_KEY: ${{ secrets.TESTING_SSH_KEY }}
+ - name: getserver
+ id: getserver
+ run: |
+ server=""
+ for arg in "branch1" "branch2" "branch3" "branch4" "branch5"; do
+ echo checking $arg
+ result=$( ssh root@server.${arg}.clustercat.com '~/branchtesting/check.sh') 
+ echo $result
+ if [ "$result" == "pass" ]
+ then
+ server=$arg
+ echo $server>>/tmp/server
+ break
+ fi
+ done
+ echo server is $server
+ if [ "$server" == "" ]
+ then
+ echo server not set
+ exit 1
+ fi
+ echo "netmakerserver=$server" >> $GITHUB_OUTPUT
+ 
  terraform:
- needs: getbranch
+ needs: [getbranch, getserver]
  uses: gravitl/devops/.github/workflows/terraform.yml@master
  with:
  netclientbranch: ${{ github.head_ref }}
  netmakerbranch: ${{ needs.getbranch.outputs.netmakerbranch }}
+ server: ${{ needs.getserver.outputs.netmakerserver }}
  secrets: inherit
 
 

diff --git a/.github/workflows/deletedroplets.yml b/.github/workflows/deletedroplets.yml
@@ -16,6 +16,9 @@ jobs:
  with:
  run_id: ${{ github.event.workflow_run.id}}
  if_no_artifact_found: warn
+ - name: get server name
+ run: |
+ echo "SERVER=$(cat ./server/server) >> $GITHUB_ENV"
  - name: get PR
  env:
  GH_TOKEN: ${{ github.token }}
@@ -42,6 +45,14 @@ jobs:
  env:
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  TAG: ${{ github.event.workflow_run.id }}-${{ github.event.workflow_run.run_attempt }}
+ - name: mark server as available
+ uses: appleboy/ssh-action@master
+ with:
+ host: server.${{ env.SERVER }}.clustercat.com
+ username: root
+ key: ${{ secrets.TESTING_SSH_KEY }}
+ script: |
+ rm /tmp/branchtest
 
  on-failure:
  runs-on: ubuntu-latest
@@ -52,6 +63,9 @@ jobs:
  with:
  run_id: ${{ github.event.workflow_run.id}}
  if_no_artifact_found: warn
+ - name: get server name
+ run: |
+ echo "SERVER=$(cat ./server/server) >> $GITHUB_ENV"
  - name: get PR
  env:
  GH_TOKEN: ${{ github.token }}
@@ -65,7 +79,7 @@ jobs:
  webhook_token: ${{ secrets.DISCORD_WEBHOOK_TOKEN }}
  color: "#990000"
  username: "GitHub Bot"
- message: " ${{ github.repository}}:${{ github.event.workflow_run.name }}:PR ${{ env.pull_request}} failed: droplets from this workflow (tag ${{ github.event.workflow_run.id }}-${{ github.event.workflow_run.run_attempt }}) will be deleted in 5 hours"
+ message: " ${{ github.repository}}:${{ github.event.workflow_run.name }}:PR ${{ env.pull_request}} failed: droplets from this workflow (tag ${{ github.event.workflow_run.id }}-${{ github.event.workflow_run.run_attempt }}) will be deleted in 3 hours"
  file: ./results/results.log
  - name: discord error message
  uses: appleboy/discord-action@master
@@ -79,11 +93,21 @@ jobs:
  - name: delete droplets
  if: success() || failure()
  run: |
- sleep 5h
+ sleep 3h
  curl -X DELETE \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
  "https://api.digitalocean.com/v2/droplets?tag_name=$TAG"
  env:
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  TAG: ${{ github.event.workflow_run.id }}-${{ github.event.workflow_run.run_attempt }}
+ - name: mark server as available
+ if: success() || failure()
+ uses: appleboy/ssh-action@master
+ with:
+ host: server.${{ env.SERVER }}.clustercat.com
+ username: root
+ key: ${{ secrets.TESTING_SSH_KEY }}
+ script: |
+ rm /tmp/branchtest
+
diff --git a/cmd/root.go b/cmd/root.go
@@ -10,6 +10,7 @@ import (
 
  "github.com/gravitl/netclient/config"
  "github.com/gravitl/netclient/functions"
+ "github.com/gravitl/netclient/wireguard"
  "github.com/spf13/cobra"
  "github.com/spf13/viper"
  "golang.org/x/exp/slog"
@@ -54,6 +55,12 @@ func initConfig() {
  flags.BindPFlags(rootCmd.Flags())
  config.InitConfig(flags)
  setupLoging(flags)
+ nc := wireguard.NewNCIface(config.Netclient(), config.GetNodes())
+ if err := nc.Create(); err != nil {
+ slog.Error("failed to create interface, is wireguard installed?", "error", err)
+ os.Exit(1)
+ }
+ nc.Close()
 }
 
 func setupLoging(flags *viper.Viper) {

diff --git a/config/config.go b/config/config.go
@@ -31,7 +31,7 @@ const (
  // MacAppDataPath - mac path
  MacAppDataPath = "/Applications/Netclient/"
  // WindowsAppDataPath - windows path
- WindowsAppDataPath = "C:\\Program Files (x86)\\Netclient\\"
+ WindowsAppDataPath = "C:\\Program Files\\Netclient\\"
  // Timeout timelimit for obtaining/releasing lockfile
  Timeout = time.Second * 5
  // ConfigLockfile lockfile to control access to config file

diff --git a/functions/daemon.go b/functions/daemon.go
@@ -123,7 +123,7 @@ func closeRoutines(closers []context.CancelFunc, wg *sync.WaitGroup) {
 func startGoRoutines(wg *sync.WaitGroup) context.CancelFunc {
  ctx, cancel := context.WithCancel(context.Background())
  if _, err := config.ReadNetclientConfig(); err != nil {
- slog.Error("error reading neclient config file", "error", err)
+ slog.Error("error reading netclient config file", "error", err)
  }
  config.UpdateNetclient(*config.Netclient())
  if err := config.ReadServerConf(); err != nil {
@@ -132,6 +132,21 @@ func startGoRoutines(wg *sync.WaitGroup) context.CancelFunc {
  config.SetServerCtx()
  config.HostPublicIP, config.WgPublicListenPort = holePunchWgPort()
  slog.Info("wireguard public listen port: ", "port", config.WgPublicListenPort)
+
+ updateConfig := false
+ if config.Netclient().WgPublicListenPort == 0 {
+ config.Netclient().WgPublicListenPort = config.WgPublicListenPort
+ updateConfig = true
+ }
+ if config.Netclient().EndpointIP == nil {
+ config.Netclient().EndpointIP = config.HostPublicIP
+ updateConfig = true
+ }
+ if updateConfig {
+ if err := config.WriteNetclientConfig(); err != nil {
+ slog.Error("error writing endpoint/port netclient config file", "error", err)
+ }
+ }
  setNatInfo()
  slog.Info("configuring netmaker wireguard interface")
  if len(config.Servers) == 0 {
@@ -211,7 +226,7 @@ func setupMQTT(server *config.Server) error {
  setHostSubscription(client, server.Name)
  checkin()
  })
- opts.SetOrderMatters(true)
+ opts.SetOrderMatters(false)
  opts.SetResumeSubs(true)
  opts.SetConnectionLostHandler(func(c mqtt.Client, e error) {
  slog.Warn("detected broker connection lost for", "server", server.Broker)
@@ -447,14 +462,14 @@ func UpdateKeys() error {
 }
 
 func holePunchWgPort() (pubIP net.IP, pubPort int) {
- for _, server := range config.Servers {
- portToStun := config.Netclient().ListenPort
- pubIP, pubPort = stun.HolePunch(server.StunList, portToStun)
- if pubPort == 0 || pubIP == nil || pubIP.IsUnspecified() {
-  continue
-  }
-  break
- }
+ stunServers := []models.StunServer{
+ {Domain: "stun1.netmaker.io", Port: 3478},
+ {Domain: "stun2.netmaker.io", Port: 3478},
+ {Domain: "stun1.l.google.com", Port: 19302},
+ {Domain: "stun2.l.google.com", Port: 19302},
+ }
+ portToStun := config.Netclient().ListenPort
+ pubIP, pubPort = stun.HolePunch(stunServers, portToStun)
  return
 }
 

diff --git a/functions/httpserver.go b/functions/httpserver.go
@@ -6,6 +6,7 @@ import (
  "fmt"
  "log"
  "net/http"
+ "runtime"
  "strings"
  "sync"
 
@@ -22,19 +23,26 @@ type Network struct {
  Server config.Server
 }
 
+const DefaultHttpServerPort = "18095"
+const DefaultHttpServerAddr = "127.0.0.1"
+
 func HttpServer(ctx context.Context, wg *sync.WaitGroup) {
  defer wg.Done()
  if config.Netclient().DisableGUIServer {
  return
  }
- port, err := ncutils.GetFreeTCPPort()
- if err != nil {
- logger.Log(0, "failed to get free port", err.Error())
- logger.Log(0, "unable to start http server", "exiting")
- logger.Log(0, "netclient-gui will not be available")
- return
+ port := DefaultHttpServerPort
+ if runtime.GOOS != "windows" {
+ p, err := ncutils.GetFreeTCPPort()
+ if err != nil {
+ logger.Log(0, "failed to get free port", err.Error())
+ logger.Log(0, "unable to start http server", "exiting")
+ logger.Log(0, "netclient-gui will not be available")
+ return
+ }
+ port = p
  }
- config.SetGUI("127.0.0.1", port)
+ config.SetGUI(DefaultHttpServerAddr, port)
  config.WriteGUIConfig()
 
  router := SetupRouter()

diff --git a/functions/mqhandlers.go b/functions/mqhandlers.go
@@ -125,6 +125,7 @@ func HostPeerUpdate(client mqtt.Client, msg mqtt.Message) {
  slog.Error("error unmarshalling peer data", "error", err)
  return
  }
+ turn.ResetCh <- struct{}{}
  if peerUpdate.ServerVersion != config.Version {
  slog.Warn("server/client version mismatch", "server", peerUpdate.ServerVersion, "client", config.Version)
  if versionLessThan(config.Version, peerUpdate.ServerVersion) && config.Netclient().Host.AutoUpdate {
@@ -140,8 +141,6 @@ func HostPeerUpdate(client mqtt.Client, msg mqtt.Message) {
  server.Version = peerUpdate.ServerVersion
  config.WriteServerConfig()
  }
- // endpoint detection always comes from the server
- config.Netclient().Host.EndpointDetection = peerUpdate.Host.EndpointDetection
  gwDetected := config.GW4PeerDetected || config.GW6PeerDetected
  currentGW4 := config.GW4Addr
  currentGW6 := config.GW6Addr
@@ -165,7 +164,7 @@ func HostPeerUpdate(client mqtt.Client, msg mqtt.Message) {
  gwDelta,
  &originalGW,
  )
- if config.Netclient().Host.EndpointDetection {
+ if peerUpdate.EndpointDetection {
  slog.Debug("endpoint detection enabled")
  go handleEndpointDetection(&peerUpdate)
  } else {
@@ -307,7 +306,7 @@ func handleEndpointDetection(peerUpdate *models.HostPeerUpdate) {
  peerPubKey,
  peerInfo.ProxyListenPort,
  ); err != nil { // happens v often
- slog.Error("failed to check for endpoint on peer", "peer", peerPubKey, "error", err)
+ slog.Debug("failed to check for endpoint on peer", "peer", peerPubKey, "error", err)
  }
  }
  }

diff --git a/functions/mqpublish.go b/functions/mqpublish.go
@@ -291,13 +291,6 @@ func UpdateHostSettings() error {
  publishMsg = true
  }
  }
- if !config.Netclient().ProxyEnabledSet && proxyCfg.GetCfg().ShouldUseProxy() &&
- !config.Netclient().ProxyEnabled && !proxyCfg.NatAutoSwitchDone() {
- logger.Log(0, "Host is behind NAT, enabling proxy...")
- proxyCfg.SetNatAutoSwitch()
- config.Netclient().ProxyEnabled = true
- publishMsg = true
- }
  ip, err := getInterfaces()
  if err != nil {
  logger.Log(0, "failed to retrieve local interfaces during check-in", err.Error())

diff --git a/functions/register.go b/functions/register.go
@@ -72,11 +72,11 @@ func Register(token string) error {
 }
 
 func doubleCheck(host *config.Config, apiServer string) (shouldUpdate bool, err error) {
+ var shouldUpdateHost bool
 
  if len(config.CurrServer) == 0 { // should indicate a first join
  // do a double check of name and uuid
  logger.Log(1, "performing first join")
- var shouldUpdateHost bool
  if len(host.Name) == 0 {
  if name, err := os.Hostname(); err == nil {
  host.Name = name
@@ -97,11 +97,19 @@ func doubleCheck(host *config.Config, apiServer string) (shouldUpdate bool, err
  host.HostPass = logic.RandomString(32)
  shouldUpdateHost = true
  }
- if shouldUpdateHost {
- config.UpdateNetclient(*host)
- config.WriteNetclientConfig()
- return true, nil
- }
+ }
+
+ if host.EndpointIP == nil || host.WgPublicListenPort == 0 {
+ publicIp, publicPort := holePunchWgPort()
+ host.EndpointIP = publicIp
+ host.WgPublicListenPort = publicPort
+ shouldUpdateHost = true
+ }
+
+ if shouldUpdateHost {
+ config.UpdateNetclient(*host)
+ config.WriteNetclientConfig()
+ return true, nil
  }
  return
 }

diff --git a/go.mod b/go.mod
@@ -12,7 +12,7 @@ require (
  github.com/google/nftables v0.1.0
  github.com/google/uuid v1.3.0
  github.com/gorilla/websocket v1.5.0
- github.com/gravitl/netmaker v0.20.2-0.20230607190105-1e65fa2f9ad5
+ github.com/gravitl/netmaker v0.20.3-0.20230627170624-243cc7449057
  github.com/gravitl/txeh v0.0.0-20230509181318-3778c58bd69f
  github.com/guumaster/hostctl v1.1.4
  github.com/hashicorp/go-version v1.6.0
@@ -124,7 +124,7 @@ require (
  golang.org/x/image v0.6.0 // indirect
  golang.org/x/mobile v0.0.0-20230301163155-e0f57694e12c // indirect
  golang.org/x/mod v0.8.0 // indirect
- golang.org/x/oauth2 v0.8.0 // indirect
+ golang.org/x/oauth2 v0.9.0 // indirect
  golang.org/x/sync v0.1.0 // indirect
  golang.org/x/text v0.10.0 // indirect
  golang.org/x/tools v0.6.0 // indirect