Browse Source

cluster: fix wg1.conf generator

Signed-off-by: Nagy Károly Gábriel <k@jpi.io>
Nagy Károly Gábriel 5 months ago
parent
commit
5ca8c7b940
Signed by: karasz
GPG Key ID: FA002E83BC206F83
  1. 24
      pkg/cluster/rings.go

24
pkg/cluster/rings.go

@ -6,6 +6,7 @@ import (
"net/netip"
"strconv"
"darvaza.org/core"
"git.jpi.io/amery/jpictl/pkg/rings"
"git.jpi.io/amery/jpictl/pkg/wireguard"
)
@ -225,17 +226,28 @@ func (r *Ring) setRingZeroAllowedIPs(rp *RingPeer) {
rp.AllowCIDR(rp.Address, 32)
}
// revive:disable:cognitive-complexity
func (r *Ring) setRingOneGatewayAllowedIPs(rp *RingPeer) {
// revive:enable:cognitive-complexity
regionID, zoneID, _, _ := r.Decode(rp.Address)
// peer
rp.AllowCIDR(rp.Address, 32)
// ring1 gateways connect to all other ring1 networks
r.ForEachZone(func(z *Zone) bool {
if !z.Is(regionID, zoneID) {
subnet := z.RingOnePrefix()
rp.AllowSubnet(subnet)
m, ok := r.ZoneIterator.(RegionIterator)
if !ok {
panic("Cannot iterate Region from Zone")
}
m.ForEachRegion(func(r2 *Region) bool {
if r2.IsPrimary() {
r.ForEachZone(func(z *Zone) bool {
if !z.Is(regionID, zoneID) {
subnet := z.RingOnePrefix()
rp.AllowSubnet(subnet)
}
return false
})
}
return false
})
@ -316,7 +328,9 @@ func (rp *RingPeer) AllowCIDR(addr netip.Addr, bits int) {
// AllowSubnet allows an IP range via this peer
func (rp *RingPeer) AllowSubnet(subnet netip.Prefix) {
rp.PeerConfig.AllowedIPs = append(rp.PeerConfig.AllowedIPs, subnet)
if !core.SliceContains(rp.PeerConfig.AllowedIPs, subnet) {
rp.PeerConfig.AllowedIPs = append(rp.PeerConfig.AllowedIPs, subnet)
}
}
// NewRing composes a new Ring for Wireguard setup

Loading…
Cancel
Save