Compare commits
12 Commits
v0.6.2
..
6e5cecb01b
| Author | SHA1 | Date | |
|---|---|---|---|
| 6e5cecb01b | |||
| 9237d7b450 | |||
| 4402555f04 | |||
| 6e7f24f491 | |||
| 54b302c6d5 | |||
| f62a47003d | |||
| 5abaed9047 | |||
| c702d649e0 | |||
| e9f9d474dc | |||
| db62adfb9c | |||
| 4599eca7d9 | |||
| 312dbe2269 |
Vendored
+3
@@ -1,9 +1,12 @@
|
||||
{
|
||||
"cSpell.words": [
|
||||
"asciigoat",
|
||||
"ceph",
|
||||
"cyclomatic",
|
||||
"darvaza",
|
||||
"gofrs",
|
||||
"jpictl",
|
||||
"Wrapf",
|
||||
"zerolog"
|
||||
]
|
||||
}
|
||||
|
||||
+1
-1
@@ -37,5 +37,5 @@ func setVerbosity(_ *cobra.Command, _ []string) {
|
||||
if desired > 6 {
|
||||
desired = 6
|
||||
}
|
||||
log = log.WithLevel(slog.LogLevel(desired))
|
||||
log = zerolog.New(nil, slog.LogLevel(desired))
|
||||
}
|
||||
|
||||
@@ -2,6 +2,8 @@ module git.jpi.io/amery/jpictl
|
||||
|
||||
go 1.19
|
||||
|
||||
replace asciigoat.org/ini => ../../../asciigoat.org/ini
|
||||
|
||||
require (
|
||||
asciigoat.org/ini v0.2.5
|
||||
darvaza.org/core v0.9.8
|
||||
@@ -14,7 +16,6 @@ require (
|
||||
github.com/mgechev/revive v1.3.3
|
||||
github.com/spf13/cobra v1.7.0
|
||||
golang.org/x/crypto v0.12.0
|
||||
gopkg.in/gcfg.v1 v1.2.3
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
)
|
||||
|
||||
@@ -43,5 +44,4 @@ require (
|
||||
golang.org/x/sys v0.12.0 // indirect
|
||||
golang.org/x/text v0.13.0 // indirect
|
||||
golang.org/x/tools v0.12.0 // indirect
|
||||
gopkg.in/warnings.v0 v0.1.2 // indirect
|
||||
)
|
||||
|
||||
@@ -1,7 +1,5 @@
|
||||
asciigoat.org/core v0.3.9 h1:hgDDz4ecm3ZvehX++m8A/IzAt+B5oDPiRtxatzfUHPQ=
|
||||
asciigoat.org/core v0.3.9/go.mod h1:CAaHwyw8MpAq4a1MYtN2dxJrsK+hmIdW50OndaQZYPI=
|
||||
asciigoat.org/ini v0.2.5 h1:4gRIp9rU+XQt8+HMqZO5R7GavMv9Yl2+N+je6djDIAE=
|
||||
asciigoat.org/ini v0.2.5/go.mod h1:gmXzJ9XFqf1NLk5nQkj04USQ4tMtdRJHNQX6vp3DzjU=
|
||||
darvaza.org/core v0.9.8 h1:luLxgfUc2pzuusYPo/Z/dC/qr9XZPKpSQw8/kS7zNUM=
|
||||
darvaza.org/core v0.9.8/go.mod h1:Dbme64naxeshQfxcVJX9ZT7AiGyIY8kldfuELVtf8mw=
|
||||
darvaza.org/resolver v0.5.4 h1:dlSBNV14yYsp7Kg7ipwYOMNsLbrpeXa8Z0HBTa0Ryxs=
|
||||
@@ -98,10 +96,6 @@ golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss=
|
||||
golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/gcfg.v1 v1.2.3 h1:m8OOJ4ccYHnx2f4gQwpno8nAX5OGOh7RLaaz0pj3Ogs=
|
||||
gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
|
||||
gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
|
||||
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
||||
@@ -71,7 +71,7 @@ func newCephScanTODO(cfg *ceph.Config) *cephScanTODO {
|
||||
return todo
|
||||
}
|
||||
|
||||
func (m *Cluster) scanCephMonitors(_ *ScanOptions) error {
|
||||
func (m *Cluster) scanCephMonitors(opts *ScanOptions) error {
|
||||
cfg, err := m.GetCephConfig()
|
||||
switch {
|
||||
case os.IsNotExist(err):
|
||||
@@ -94,6 +94,10 @@ func (m *Cluster) scanCephMonitors(_ *ScanOptions) error {
|
||||
todo.LogMissing(m.log)
|
||||
}
|
||||
|
||||
return m.initCephMonitors(opts)
|
||||
}
|
||||
|
||||
func (m *Cluster) initCephMonitors(_ *ScanOptions) error {
|
||||
// make sure every zone has one
|
||||
m.ForEachZone(func(z *Zone) bool {
|
||||
_ = z.GetCephMonitors()
|
||||
|
||||
@@ -27,7 +27,8 @@ type Cluster struct {
|
||||
Domain string `json:"domain,omitempty" yaml:"domain,omitempty"`
|
||||
|
||||
CephFSID uuid.UUID `json:"ceph_fsid,omitempty" yaml:"ceph_fsid,omitempty"`
|
||||
Zones []*Zone `json:"zones,omitempty" yaml:"zones,omitempty"`
|
||||
Regions []Region `json:",omitempty" yaml:",omitempty"`
|
||||
Zones []*Zone `json:",omitempty" yaml:",omitempty"`
|
||||
}
|
||||
|
||||
// revive:enable:line-length-limit
|
||||
|
||||
@@ -14,6 +14,8 @@ func (m *Cluster) init(opts *ScanOptions) error {
|
||||
m.scanZoneIDs,
|
||||
m.scanSort,
|
||||
m.scanGateways,
|
||||
m.initCephMonitors,
|
||||
m.initRegions,
|
||||
} {
|
||||
if err := fn(opts); err != nil {
|
||||
return err
|
||||
|
||||
@@ -0,0 +1,88 @@
|
||||
package cluster
|
||||
|
||||
// Region represents a group of zones geographically related
|
||||
type Region struct {
|
||||
m *Cluster
|
||||
zones []*Zone
|
||||
|
||||
Name string
|
||||
Regions []string `json:",omitempty" yaml:",omitempty"`
|
||||
}
|
||||
|
||||
func (m *Cluster) initRegions(_ *ScanOptions) error {
|
||||
regions := make(map[string][]*Zone)
|
||||
|
||||
// first regions defined by zones
|
||||
m.ForEachZone(func(z *Zone) bool {
|
||||
for _, region := range z.Regions {
|
||||
regions[region] = append(regions[region], z)
|
||||
}
|
||||
|
||||
return false
|
||||
})
|
||||
|
||||
// bind first level regions and their zones
|
||||
for name, zones := range regions {
|
||||
m.syncRegions(name, zones...)
|
||||
}
|
||||
|
||||
// and combine zones to produce larger regions
|
||||
for i := range m.Regions {
|
||||
r := &m.Regions[i]
|
||||
m.finishRegion(r)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *Cluster) syncRegions(name string, zones ...*Zone) {
|
||||
for _, r := range m.Regions {
|
||||
if r.Name == name {
|
||||
// found
|
||||
r.m = m
|
||||
r.zones = zones
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
// new
|
||||
m.Regions = append(m.Regions, Region{
|
||||
m: m,
|
||||
zones: zones,
|
||||
Name: name,
|
||||
})
|
||||
}
|
||||
|
||||
func (m *Cluster) finishRegion(r *Region) {
|
||||
if r.m != nil {
|
||||
// ready
|
||||
return
|
||||
}
|
||||
|
||||
r.m = m
|
||||
sub := []string{}
|
||||
for _, name := range r.Regions {
|
||||
r2, ok := m.getRegion(name)
|
||||
if !ok {
|
||||
m.warn(nil).WithField("region", name).Print("unknown region")
|
||||
continue
|
||||
}
|
||||
|
||||
sub = append(sub, r2.Name)
|
||||
r.zones = append(r.zones, r2.zones...)
|
||||
}
|
||||
r.Regions = sub
|
||||
}
|
||||
|
||||
func (m *Cluster) getRegion(name string) (*Region, bool) {
|
||||
for i := range m.Regions {
|
||||
r := &m.Regions[i]
|
||||
|
||||
if name == r.Name {
|
||||
m.finishRegion(r)
|
||||
return r, true
|
||||
}
|
||||
}
|
||||
|
||||
return nil, false
|
||||
}
|
||||
@@ -19,8 +19,9 @@ type Zone struct {
|
||||
zones *Cluster
|
||||
logger `json:"-" yaml:"-"`
|
||||
|
||||
ID int
|
||||
Name string
|
||||
ID int
|
||||
Name string
|
||||
Regions []string `json:",omitempty" yaml:",omitempty"`
|
||||
|
||||
Machines
|
||||
}
|
||||
|
||||
+14
-110
@@ -2,7 +2,6 @@ package wireguard
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/netip"
|
||||
@@ -10,8 +9,8 @@ import (
|
||||
"strings"
|
||||
"text/template"
|
||||
|
||||
"asciigoat.org/ini/basic"
|
||||
"darvaza.org/core"
|
||||
"gopkg.in/gcfg.v1"
|
||||
)
|
||||
|
||||
var configTemplate = template.Must(template.New("config").Funcs(template.FuncMap{
|
||||
@@ -107,6 +106,11 @@ func (ep EndpointAddress) String() string {
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalText loads an endpoint address from text data
|
||||
func (ep *EndpointAddress) UnmarshalText(b []byte) error {
|
||||
return ep.FromString(string(b))
|
||||
}
|
||||
|
||||
// FromString sets the EndpointAddress from a given "[host]:port"
|
||||
func (ep *EndpointAddress) FromString(s string) error {
|
||||
host, port, err := core.SplitHostPort(s)
|
||||
@@ -127,98 +131,6 @@ func (ep *EndpointAddress) FromString(s string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
type intermediateConfig struct {
|
||||
Interface interfaceConfig
|
||||
Peer peersConfig
|
||||
}
|
||||
|
||||
func (v *intermediateConfig) Export() (*Config, error) {
|
||||
var out Config
|
||||
var err error
|
||||
|
||||
// Interface
|
||||
out.Interface, err = v.Interface.Export()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Peers
|
||||
peers, ok := v.PeersCount()
|
||||
if !ok {
|
||||
return nil, errors.New("inconsistent Peer data")
|
||||
}
|
||||
|
||||
for i := 0; i < peers; i++ {
|
||||
p, err := v.ExportPeer(i)
|
||||
if err != nil {
|
||||
err = core.Wrapf(err, "Peer[%v]:", i)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
out.Peer = append(out.Peer, p)
|
||||
}
|
||||
|
||||
return &out, nil
|
||||
}
|
||||
|
||||
type interfaceConfig struct {
|
||||
Address netip.Addr
|
||||
PrivateKey string
|
||||
ListenPort uint16
|
||||
}
|
||||
|
||||
func (p interfaceConfig) Export() (InterfaceConfig, error) {
|
||||
var err error
|
||||
|
||||
out := InterfaceConfig{
|
||||
Address: p.Address,
|
||||
ListenPort: p.ListenPort,
|
||||
}
|
||||
|
||||
out.PrivateKey, err = PrivateKeyFromBase64(p.PrivateKey)
|
||||
if err != nil {
|
||||
err = core.Wrap(err, "PrivateKey")
|
||||
return InterfaceConfig{}, err
|
||||
}
|
||||
|
||||
return out, nil
|
||||
}
|
||||
|
||||
type peersConfig struct {
|
||||
PublicKey []string
|
||||
Endpoint []string
|
||||
AllowedIPs []string
|
||||
}
|
||||
|
||||
func (v *intermediateConfig) ExportPeer(i int) (PeerConfig, error) {
|
||||
var out PeerConfig
|
||||
|
||||
// Endpoint
|
||||
s := v.Peer.Endpoint[i]
|
||||
err := out.Endpoint.FromString(s)
|
||||
if err != nil {
|
||||
err = core.Wrap(err, "Endpoint")
|
||||
return out, err
|
||||
}
|
||||
|
||||
// PublicKey
|
||||
out.PublicKey, err = PublicKeyFromBase64(v.Peer.PublicKey[i])
|
||||
if err != nil {
|
||||
err = core.Wrap(err, "PublicKey")
|
||||
return out, err
|
||||
}
|
||||
|
||||
// AllowedIPs
|
||||
s = v.Peer.AllowedIPs[i]
|
||||
out.AllowedIPs, err = parseAllowedIPs(s)
|
||||
if err != nil {
|
||||
err = core.Wrap(err, "AllowedIPs")
|
||||
return out, err
|
||||
}
|
||||
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func parseAllowedIPs(data string) ([]netip.Prefix, error) {
|
||||
var out []netip.Prefix
|
||||
|
||||
@@ -235,25 +147,17 @@ func parseAllowedIPs(data string) ([]netip.Prefix, error) {
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (v *intermediateConfig) PeersCount() (int, bool) {
|
||||
c0 := len(v.Peer.Endpoint)
|
||||
c1 := len(v.Peer.PublicKey)
|
||||
c2 := len(v.Peer.AllowedIPs)
|
||||
|
||||
if c0 != c1 || c1 != c2 {
|
||||
return 0, false
|
||||
}
|
||||
|
||||
return c0, true
|
||||
}
|
||||
|
||||
// NewConfigFromReader parses a wgN.conf file
|
||||
func NewConfigFromReader(r io.Reader) (*Config, error) {
|
||||
temp := &intermediateConfig{}
|
||||
|
||||
if err := gcfg.ReadInto(temp, r); err != nil {
|
||||
doc, err := basic.Decode(r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return temp.Export()
|
||||
cfg, err := newConfigFromDocument(doc)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return cfg, nil
|
||||
}
|
||||
|
||||
@@ -0,0 +1,169 @@
|
||||
package wireguard
|
||||
|
||||
import (
|
||||
"io/fs"
|
||||
"strconv"
|
||||
|
||||
"asciigoat.org/ini/basic"
|
||||
"darvaza.org/core"
|
||||
)
|
||||
|
||||
type sectionHandler func(*Config, *basic.Section) error
|
||||
|
||||
var sectionMap = map[string]func(*Config, *basic.Section) error{
|
||||
"Interface": loadInterfaceConfSection,
|
||||
"Peer": loadPeerConfSection,
|
||||
}
|
||||
|
||||
func loadConfSection(out *Config, src *basic.Section) error {
|
||||
h, ok := sectionMap[src.Key]
|
||||
if !ok {
|
||||
return core.Wrapf(fs.ErrInvalid, "unknown section %q", src.Key)
|
||||
}
|
||||
|
||||
return h(out, src)
|
||||
}
|
||||
|
||||
func loadInterfaceConfSection(out *Config, src *basic.Section) error {
|
||||
var cfg InterfaceConfig
|
||||
|
||||
for _, field := range src.Fields {
|
||||
if err := loadInterfaceConfField(&cfg, field); err != nil {
|
||||
return core.Wrap(err, "Interface")
|
||||
}
|
||||
}
|
||||
|
||||
out.Interface = cfg
|
||||
return nil
|
||||
}
|
||||
|
||||
func loadPeerConfSection(out *Config, src *basic.Section) error {
|
||||
var cfg PeerConfig
|
||||
|
||||
for _, field := range src.Fields {
|
||||
if err := loadPeerConfField(&cfg, field); err != nil {
|
||||
return core.Wrapf(err, "Peer[%v]", len(out.Peer))
|
||||
}
|
||||
}
|
||||
|
||||
out.Peer = append(out.Peer, cfg)
|
||||
return nil
|
||||
}
|
||||
|
||||
// revive:disable:cyclomatic
|
||||
// revive:disable:cognitive-complexity
|
||||
|
||||
func loadInterfaceConfField(cfg *InterfaceConfig, field basic.Field) error {
|
||||
// revive:enable:cyclomatic
|
||||
// revive:enable:cognitive-complexity
|
||||
|
||||
// TODO: refactor when asciigoat's ini parser learns to do reflection
|
||||
switch field.Key {
|
||||
case "Address":
|
||||
if !core.IsZero(cfg.Address) {
|
||||
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
|
||||
}
|
||||
|
||||
err := cfg.Address.UnmarshalText([]byte(field.Value))
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
case "PrivateKey":
|
||||
if !core.IsZero(cfg.PrivateKey) {
|
||||
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
|
||||
}
|
||||
|
||||
err := cfg.PrivateKey.UnmarshalText([]byte(field.Value))
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
case "ListenPort":
|
||||
if cfg.ListenPort > 0 {
|
||||
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
|
||||
}
|
||||
|
||||
u64, err := strconv.ParseUint(field.Value, 10, 16)
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
case u64 == 0:
|
||||
return core.Wrapf(fs.ErrInvalid, "invalid %q value", field.Key)
|
||||
default:
|
||||
cfg.ListenPort = uint16(u64)
|
||||
return nil
|
||||
}
|
||||
default:
|
||||
return core.Wrapf(fs.ErrInvalid, "unknown field %q", field.Key)
|
||||
}
|
||||
}
|
||||
|
||||
// revive:disable:cyclomatic
|
||||
// revive:disable:cognitive-complexity
|
||||
|
||||
func loadPeerConfField(cfg *PeerConfig, field basic.Field) error {
|
||||
// revive:enable:cyclomatic
|
||||
// revive:enable:cognitive-complexity
|
||||
|
||||
switch field.Key {
|
||||
case "PublicKey":
|
||||
if !core.IsZero(cfg.PublicKey) {
|
||||
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
|
||||
}
|
||||
|
||||
err := cfg.PublicKey.UnmarshalText([]byte(field.Value))
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
case "Endpoint":
|
||||
if cfg.Endpoint.String() != "" {
|
||||
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
|
||||
}
|
||||
|
||||
err := cfg.Endpoint.UnmarshalText([]byte(field.Value))
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
case "AllowedIPs":
|
||||
s, err := parseAllowedIPs(field.Value)
|
||||
switch {
|
||||
case err != nil:
|
||||
return core.Wrap(err, field.Key)
|
||||
case len(s) > 0:
|
||||
cfg.AllowedIPs = append(cfg.AllowedIPs, s...)
|
||||
return nil
|
||||
}
|
||||
default:
|
||||
return core.Wrapf(fs.ErrInvalid, "unknown field %q", field.Key)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func newConfigFromDocument(doc *basic.Document) (*Config, error) {
|
||||
var out Config
|
||||
|
||||
if len(doc.Global) > 0 {
|
||||
err := core.Wrap(fs.ErrInvalid, "fields before the first section")
|
||||
return nil, err
|
||||
}
|
||||
|
||||
for i := range doc.Sections {
|
||||
src := &doc.Sections[i]
|
||||
if err := loadConfSection(&out, src); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return &out, nil
|
||||
}
|
||||
@@ -51,6 +51,30 @@ func (pub PublicKey) String() string {
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalText loads the value from base64
|
||||
func (key *PrivateKey) UnmarshalText(b []byte) error {
|
||||
v, err := PrivateKeyFromBase64(string(b))
|
||||
switch {
|
||||
case err != nil:
|
||||
return err
|
||||
default:
|
||||
*key = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// UnmarshalText loads the value from base64
|
||||
func (pub *PublicKey) UnmarshalText(b []byte) error {
|
||||
v, err := PublicKeyFromBase64(string(b))
|
||||
switch {
|
||||
case err != nil:
|
||||
return err
|
||||
default:
|
||||
*pub = v
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// MarshalJSON encodes the key for JSON, omitting empty.
|
||||
func (key PrivateKey) MarshalJSON() ([]byte, error) {
|
||||
return encodeKeyJSON(key.String())
|
||||
|
||||
Reference in New Issue
Block a user