|
|
@ -45,9 +45,77 @@ func (m *Machine) applyWireguardConfig(ring int, wg *wireguard.Config) error { |
|
|
|
return err |
|
|
|
return err |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if err := m.applyWireguardInterfaceConfig(ring, wg.Interface); err != nil { |
|
|
|
|
|
|
|
err = core.Wrapf(err, "%s: wg%v:%s", m.Name, ring, addr) |
|
|
|
|
|
|
|
return err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for _, peer := range wg.Peer { |
|
|
|
|
|
|
|
if err := m.applyWireguardPeerConfig(ring, peer); err != nil { |
|
|
|
|
|
|
|
err = core.Wrapf(err, "%s: wg%v:%s", m.Name, ring, addr) |
|
|
|
|
|
|
|
return err |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return nil |
|
|
|
return nil |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (m *Machine) applyRingInfo(ring int, new *RingInfo) error { |
|
|
|
|
|
|
|
var cur *RingInfo |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for _, ri := range m.RingAddresses { |
|
|
|
|
|
|
|
if ri.Ring == ring { |
|
|
|
|
|
|
|
cur = ri |
|
|
|
|
|
|
|
break |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if cur == nil { |
|
|
|
|
|
|
|
// first, append
|
|
|
|
|
|
|
|
m.RingAddresses = append(m.RingAddresses, new) |
|
|
|
|
|
|
|
return nil |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// extra, merge
|
|
|
|
|
|
|
|
return cur.Merge(new) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (m *Machine) applyWireguardInterfaceConfig(ring int, data wireguard.InterfaceConfig) error { |
|
|
|
|
|
|
|
ri := &RingInfo{ |
|
|
|
|
|
|
|
Ring: ring, |
|
|
|
|
|
|
|
Enabled: true, |
|
|
|
|
|
|
|
Address: data.Address, |
|
|
|
|
|
|
|
Keys: &wireguard.KeyPair{ |
|
|
|
|
|
|
|
PrivateKey: data.PrivateKey, |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return m.applyRingInfo(ring, ri) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (m *Machine) applyWireguardPeerConfig(ring int, pc wireguard.PeerConfig) error { |
|
|
|
|
|
|
|
peer, found := m.getPeerByName(pc.Endpoint.Name()) |
|
|
|
|
|
|
|
switch { |
|
|
|
|
|
|
|
case !found: |
|
|
|
|
|
|
|
// unknown
|
|
|
|
|
|
|
|
case ring == 1 && m.zone != peer.zone: |
|
|
|
|
|
|
|
// invalid zone
|
|
|
|
|
|
|
|
default: |
|
|
|
|
|
|
|
// apply RingInfo
|
|
|
|
|
|
|
|
ri := &RingInfo{ |
|
|
|
|
|
|
|
Ring: ring, |
|
|
|
|
|
|
|
Enabled: true, |
|
|
|
|
|
|
|
Keys: &wireguard.KeyPair{ |
|
|
|
|
|
|
|
PublicKey: pc.PublicKey, |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return peer.applyRingInfo(ring, ri) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return fmt.Errorf("%q: invalid peer endpoint", pc.Endpoint.Host) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func (m *Machine) applyZoneNodeID(zoneID, nodeID int) error { |
|
|
|
func (m *Machine) applyZoneNodeID(zoneID, nodeID int) error { |
|
|
|
switch { |
|
|
|
switch { |
|
|
|
case zoneID == 0: |
|
|
|
case zoneID == 0: |
|
|
|