32d90b67ce
WIP: feat: commands and tools to setup fw and system settings for VPN:
...
This is scrapped for now. It may be outside the scope of
this service to manage the fw...
Let that be handled by automations such as Ansible or other tools
during deployment-time.
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-31 00:30:33 +03:00
489ecd65fb
feat: allow disabling monitor
2024-03-28 23:25:25 +03:00
fcf41c3ee7
defualt logging to info
2024-03-28 22:59:50 +03:00
9836ce6725
fix: correctly set the country code when no flag is passed:
...
- And send uuid in node info
2024-03-28 22:58:20 +03:00
f0018bbd2f
feat: Node info includes country code, and added cli flag
2024-03-28 22:35:17 +03:00
64880261c2
fix: some http status error codes are not sent to client du to order
2024-03-28 21:56:36 +03:00
7d1a0cdbdc
feat: grace period for new peers as a new evection policy
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-28 01:22:29 +03:00
8e798706e3
WIP: create new peers server-side
...
Creates a new peer server-side.
- Gen keys
- Allocate IP
- Add to WG Link
- Respond with a read wg config for the client to use
2024-03-27 09:28:13 +03:00
d6aa213461
feat: evect inactive peers
2024-03-24 18:26:48 +03:00
a9c728355b
mon cycle and uptime
2024-03-24 18:13:26 +03:00
ed0fcb59eb
feat: monitor peers in logs, README, Status
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-19 02:56:52 +03:00
4bab068c10
fix: Assign IP to wg device
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-19 02:55:31 +03:00
ca29b792fb
feat: add API Key Auth middleware
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-19 02:54:24 +03:00
77c41ce3f3
Update README
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 23:23:39 +03:00
82d6ac96e4
set_cap: helper script to set CAP_NET_ADMIN for the binary
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 23:03:18 +03:00
da0b1c720e
feat: implement optional mTLS and helper scripts
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 23:02:22 +03:00
1f3eca1b1b
setup: allow running when uuid can not be read or saved
2024-03-18 20:30:40 +03:00
e3b080ba7f
README
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 19:56:24 +03:00
6c032e1d97
bugfix: Free net.IP from pool on DeletePeer
2024-03-18 02:06:56 +03:00
11340e4d7a
feat: return device type on nodeinfo
2024-03-18 02:06:33 +03:00
4c6e251247
refactor: do cli.Exit in top level
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 01:43:07 +03:00
e5e4641264
feat: Do not quit when keyfile can not be opened, create key
...
- Refactor AddTestPeer
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 01:35:37 +03:00
44961e91dc
cli: allow generating private key on startup
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 01:17:02 +03:00
78b61aede4
feat: store a wglink endpoint string
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-18 00:58:17 +03:00
c9b5e56f14
api: add node info
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-15 23:48:22 +03:00
b0e8f71f8d
LICENSE, README.md, and .gitignore
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-15 00:46:18 +03:00
79463c18b9
main: move root and node UUID checks to setup():
...
to prevent log messages on 'hvpn-node --help'
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-15 00:29:08 +03:00
39d3b55a34
node: dir and file permissions to allow non-root to read UUID
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-15 00:26:22 +03:00
5d6a69806a
feat: Read stdin for commands to exit
...
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-15 00:18:41 +03:00
0c703465af
feat: node UUID
2024-03-14 02:28:36 +03:00
eb97d49d1f
feat: Add, Check, Get, and Delete peers
2024-03-14 01:46:05 +03:00
4a1039e5b1
setup: add and remove peer on setup as runtime test
2024-03-13 00:26:19 +03:00
defd32b3c8
slog: use the slog.LevelVar unmarshal to parse log level flag
2024-03-13 00:03:14 +03:00
a9ad981137
Reorg and add host flag, and catch error when not root:
...
- A previous workaround done to recover from a panic on nil
ref is now not needed and removed. The issue was that I assumed
cli.Exit(err, int) was a way to exit; i.e. it uses os.Exit()
under the hood. However, it only constructs a struct that implements
error. Hence, we should return it, not just execute it.
- Also warn on root and Windows
- Move IPPool init to setup rather than run
2024-03-12 23:35:57 +03:00
1a611616bd
init:
...
- Working basic wg controls
- Working ip_pool allocation
- Working basic HTTP API
Signed-off-by: HeshamTB <hishaminv@gmail.com>
2024-03-11 17:34:06 +03:00