Compare commits

..

7 Commits

Author SHA1 Message Date
amery 751e2cc4f1 build-sys: use local asciigoat.org/ini
Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-12 15:57:59 +00:00
amery 71e9a5ab8a Merge branch 'pr-amery-dns' into next-amery
Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-12 15:57:54 +00:00
amery bf673093c5 jpictl: introduce jpictl dns write command
it renders BIND config to describe the public view of the cluster

Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-12 15:56:07 +00:00
amery 9237d7b450 Merge branch 'pr-amery-wireguard-ini' into next-amery 2023-09-12 13:23:09 +00:00
amery db62adfb9c wireguard: switch from gcfg to asciigoat.org/ini/basic
Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-05 19:39:09 +00:00
amery 4599eca7d9 wireguard: implement EndpointAddress.UnmarshalText
Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-05 19:38:03 +00:00
amery 312dbe2269 wireguard: implement UnmarshalText for PrivateKey and PublicKey
Signed-off-by: Alejandro Mery <amery@jpi.io>
2023-09-05 19:38:03 +00:00
14 changed files with 260 additions and 592 deletions
+1 -1
View File
@@ -42,7 +42,7 @@ func (cfg *Config) LoadZones(resolve bool) (*cluster.Cluster, error) {
return zones, nil
case !os.IsNotExist(err) || cfg.ConfigFile != DefaultConfigFile:
// file was bad
return nil, core.Wrap(err, "NewFromConfig(%q)", cfg.ConfigFile)
return nil, core.Wrapf(err, "NewFromConfig(%q)", cfg.ConfigFile)
}
// default file doesn't exist. scan instead.
+8 -59
View File
@@ -3,7 +3,6 @@ package main
import (
"context"
"os"
"time"
"github.com/spf13/cobra"
@@ -11,13 +10,9 @@ import (
"git.jpi.io/amery/jpictl/pkg/dns"
)
const (
// DNSSyncTimeout specifies how long are we willing to wait for a DNS
// synchronization
DNSSyncTimeout = 10 * time.Second
)
func newDNSManager(m *cluster.Cluster) (*dns.Manager, error) {
ctx := context.TODO()
func newDNSManager(m *cluster.Cluster, provider dns.Provider) (*dns.Manager, error) {
domain := m.Domain
if m.Name != "" {
domain = m.Name + "." + domain
@@ -28,26 +23,6 @@ func newDNSManager(m *cluster.Cluster, provider dns.Provider) (*dns.Manager, err
return nil, err
}
if provider != nil {
// set provider only if specified
err = dns.WithProvider(provider)(mgr)
if err != nil {
return nil, err
}
}
if err := populateDNSManager(mgr, m); err != nil {
return nil, err
}
return mgr, nil
}
func populateDNSManager(mgr *dns.Manager, m *cluster.Cluster) error {
var err error
ctx := context.TODO()
m.ForEachZone(func(z *cluster.Zone) bool {
z.ForEachMachine(func(p *cluster.Machine) bool {
err = mgr.AddHost(ctx, z.Name, p.ID, true, p.PublicAddresses...)
@@ -57,7 +32,7 @@ func populateDNSManager(mgr *dns.Manager, m *cluster.Cluster) error {
return err != nil
})
if err != nil {
return err
return nil, err
}
m.ForEachRegion(func(r *cluster.Region) bool {
@@ -68,8 +43,11 @@ func populateDNSManager(mgr *dns.Manager, m *cluster.Cluster) error {
return err != nil
})
if err != nil {
return nil, err
}
return err
return mgr, nil
}
// Command
@@ -79,7 +57,6 @@ var dnsCmd = &cobra.Command{
var dnsWriteCmd = &cobra.Command{
Use: "write",
Short: "dns write generates public DNS records",
PreRun: setVerbosity,
RunE: func(_ *cobra.Command, _ []string) error {
m, err := cfg.LoadZones(true)
@@ -87,7 +64,7 @@ var dnsWriteCmd = &cobra.Command{
return err
}
mgr, err := newDNSManager(m, nil)
mgr, err := newDNSManager(m)
if err != nil {
return err
}
@@ -97,36 +74,8 @@ var dnsWriteCmd = &cobra.Command{
},
}
var dnsSyncCmd = &cobra.Command{
Use: "sync",
Short: "dns sync updates public DNS records",
PreRun: setVerbosity,
RunE: func(_ *cobra.Command, _ []string) error {
cred, err := dns.DefaultDNSProvider()
if err != nil {
return err
}
m, err := cfg.LoadZones(true)
if err != nil {
return err
}
mgr, err := newDNSManager(m, cred)
if err != nil {
return err
}
ctx, cancel := context.WithTimeout(context.Background(), DNSSyncTimeout)
defer cancel()
return mgr.Sync(ctx)
},
}
func init() {
rootCmd.AddCommand(dnsCmd)
dnsCmd.AddCommand(dnsWriteCmd)
dnsCmd.AddCommand(dnsSyncCmd)
}
+12 -15
View File
@@ -2,9 +2,11 @@ module git.jpi.io/amery/jpictl
go 1.19
replace asciigoat.org/ini => ../../../asciigoat.org/ini
require (
asciigoat.org/ini v0.2.5
darvaza.org/core v0.10.0
darvaza.org/core v0.9.8
darvaza.org/resolver v0.5.4
darvaza.org/sidecar v0.0.2
darvaza.org/slog v0.5.3
@@ -13,11 +15,10 @@ require (
github.com/hack-pad/hackpadfs v0.2.1
github.com/libdns/cloudflare v0.1.0
github.com/libdns/libdns v0.2.1
github.com/mgechev/revive v1.3.4
github.com/mgechev/revive v1.3.3
github.com/spf13/cobra v1.7.0
golang.org/x/crypto v0.14.0
golang.org/x/net v0.17.0
gopkg.in/gcfg.v1 v1.2.3
golang.org/x/crypto v0.12.0
golang.org/x/net v0.14.0
gopkg.in/yaml.v3 v3.0.1
)
@@ -30,23 +31,19 @@ require (
github.com/fatih/color v1.15.0 // indirect
github.com/fatih/structtag v1.2.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/kr/pretty v0.3.1 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-isatty v0.0.19 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/mgechev/dots v0.0.0-20210922191527-e955255bf517 // indirect
github.com/miekg/dns v1.1.56 // indirect
github.com/miekg/dns v1.1.55 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/olekukonko/tablewriter v0.0.5 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/rivo/uniseg v0.4.4 // indirect
github.com/rogpeppe/go-internal v1.10.1-0.20230524175051-ec119421bb97 // indirect
github.com/rs/zerolog v1.31.0 // indirect
github.com/rs/zerolog v1.30.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
golang.org/x/mod v0.13.0 // indirect
golang.org/x/sys v0.13.0 // indirect
golang.org/x/mod v0.12.0 // indirect
golang.org/x/sys v0.12.0 // indirect
golang.org/x/text v0.13.0 // indirect
golang.org/x/tools v0.14.0 // indirect
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
golang.org/x/tools v0.12.0 // indirect
)
+25 -42
View File
@@ -1,9 +1,7 @@
asciigoat.org/core v0.3.9 h1:hgDDz4ecm3ZvehX++m8A/IzAt+B5oDPiRtxatzfUHPQ=
asciigoat.org/core v0.3.9/go.mod h1:CAaHwyw8MpAq4a1MYtN2dxJrsK+hmIdW50OndaQZYPI=
asciigoat.org/ini v0.2.5 h1:4gRIp9rU+XQt8+HMqZO5R7GavMv9Yl2+N+je6djDIAE=
asciigoat.org/ini v0.2.5/go.mod h1:gmXzJ9XFqf1NLk5nQkj04USQ4tMtdRJHNQX6vp3DzjU=
darvaza.org/core v0.10.0 h1:/nQOSWnMgWW8ZJmv3AEdTgIK+Pg4lkPd+VNejL84q3M=
darvaza.org/core v0.10.0/go.mod h1:72iWMVoXjMHjsPSlctDzA7yKzwXsj5dO+se6F9B3ERs=
darvaza.org/core v0.9.8 h1:luLxgfUc2pzuusYPo/Z/dC/qr9XZPKpSQw8/kS7zNUM=
darvaza.org/core v0.9.8/go.mod h1:Dbme64naxeshQfxcVJX9ZT7AiGyIY8kldfuELVtf8mw=
darvaza.org/resolver v0.5.4 h1:dlSBNV14yYsp7Kg7ipwYOMNsLbrpeXa8Z0HBTa0Ryxs=
darvaza.org/resolver v0.5.4/go.mod h1:vHMkQUmHjaetFqG2ZLZJiQHsXEMGoTOFGm+NXwfndhE=
darvaza.org/sidecar v0.0.2 h1:4H8FUxc43kkLjxdShN1CoxLTcoHQsZjDVwm7kt6eIK0=
@@ -22,7 +20,6 @@ github.com/chavacava/garif v0.1.0 h1:2JHa3hbYf5D9dsgseMKAmc/MZ109otzgNFk5s87H9Pc
github.com/chavacava/garif v0.1.0/go.mod h1:XMyYCkEL58DF0oyW4qDjjnPWONs2HBqYKI+UIPD+Gww=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -37,38 +34,31 @@ github.com/hack-pad/hackpadfs v0.2.1 h1:FelFhIhv26gyjujoA/yeFO+6YGlqzmc9la/6iKMI
github.com/hack-pad/hackpadfs v0.2.1/go.mod h1:khQBuCEwGXWakkmq8ZiFUvUZz84ZkJ2KNwKvChs4OrU=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/libdns/cloudflare v0.1.0 h1:93WkJaGaiXCe353LHEP36kAWCUw0YjFqwhkBkU2/iic=
github.com/libdns/cloudflare v0.1.0/go.mod h1:a44IP6J1YH6nvcNl1PverfJviADgXUnsozR3a7vBKN8=
github.com/libdns/libdns v0.2.0/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40=
github.com/libdns/libdns v0.2.1 h1:Wu59T7wSHRgtA0cfxC+n1c/e+O3upJGWytknkmFEDis=
github.com/libdns/libdns v0.2.1/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40=
github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
github.com/mgechev/dots v0.0.0-20210922191527-e955255bf517 h1:zpIH83+oKzcpryru8ceC6BxnoG8TBrhgAvRg8obzup0=
github.com/mgechev/dots v0.0.0-20210922191527-e955255bf517/go.mod h1:KQ7+USdGKfpPjXk4Ga+5XxQM4Lm4e3gAogrreFAYpOg=
github.com/mgechev/revive v1.3.4 h1:k/tO3XTaWY4DEHal9tWBkkUMJYO/dLDVyMmAQxmIMDc=
github.com/mgechev/revive v1.3.4/go.mod h1:W+pZCMu9qj8Uhfs1iJMQsEFLRozUfvwFwqVvRbSNLVw=
github.com/miekg/dns v1.1.56 h1:5imZaSeoRNvpM9SzWNhEcP9QliKiz20/dA2QabIGVnE=
github.com/miekg/dns v1.1.56/go.mod h1:cRm6Oo2C8TY9ZS/TqsSrseAcncm74lfK5G+ikN2SWWY=
github.com/mgechev/revive v1.3.3 h1:GUWzV3g185agbHN4ZdaQvR6zrLVYTUSA2ktvIinivK0=
github.com/mgechev/revive v1.3.3/go.mod h1:NhpOtVtDbjYNDj697eDUBTobijCDHQKar4HDKc0TuTo=
github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo=
github.com/miekg/dns v1.1.55/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY=
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -76,12 +66,9 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
github.com/rogpeppe/go-internal v1.10.1-0.20230524175051-ec119421bb97 h1:3RPlVWzZ/PDqmVuf/FKHARG5EMid/tl7cv54Sw/QRVY=
github.com/rogpeppe/go-internal v1.10.1-0.20230524175051-ec119421bb97/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
github.com/rs/zerolog v1.31.0 h1:FcTR3NnLWW+NnTwwhFWiJSZr4ECLpqCm6QsEnyvbV4A=
github.com/rs/zerolog v1.31.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
github.com/rs/zerolog v1.30.0 h1:SymVODrcRsaRaSInD9yQtKbtWqwsfoPcRff/oRXLj4c=
github.com/rs/zerolog v1.30.0/go.mod h1:/tk+P47gFdPXq4QYjvCmT5/Gsug2nagsFWBWhAiSi1w=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
@@ -94,30 +81,26 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1 h1:MGwJjxBy0HJshjDNfLsYO8xppfqWlA5ZT9OhtUUhTNw=
golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss=
golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/gcfg.v1 v1.2.3 h1:m8OOJ4ccYHnx2f4gQwpno8nAX5OGOh7RLaaz0pj3Ogs=
gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+2 -2
View File
@@ -17,7 +17,7 @@ var sectionMap = map[string]func(*Config, *basic.Section) error{
func loadConfSection(out *Config, src *basic.Section) error {
h, ok := sectionMap[src.Key]
if !ok {
return core.Wrap(fs.ErrInvalid, "unknown section %q", src.Key)
return core.Wrapf(fs.ErrInvalid, "unknown section %q", src.Key)
}
return h(out, src)
@@ -48,7 +48,7 @@ func loadGlobalConfField(cfg *GlobalConfig, field basic.Field) error {
switch field.Key {
case "fsid":
if !core.IsZero(cfg.FSID) {
return core.Wrap(fs.ErrInvalid, "duplicate field %q", field.Key)
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
err := cfg.FSID.UnmarshalText([]byte(field.Value))
+1 -5
View File
@@ -33,11 +33,7 @@ func (m *Cluster) openWriter(name string, flags int, args ...any) (io.WriteClose
return nil, err
}
if f, ok := f.(io.WriteCloser); ok {
return f, nil
}
panic("unreachable")
return f.(io.WriteCloser), nil
}
// ReadFile reads a file from the cluster's config directory
+1 -5
View File
@@ -34,11 +34,7 @@ func (m *Machine) openWriter(name string, flags int, args ...any) (io.WriteClose
return nil, err
}
if f, ok := f.(io.WriteCloser); ok {
return f, nil
}
panic("unreachable")
return f.(io.WriteCloser), nil
}
// RemoveFile deletes a file from the machine's config directory
+3 -3
View File
@@ -28,7 +28,7 @@ func (m *Machine) GetWireguardKeys(ring int) (wireguard.KeyPair, error) {
out.PrivateKey, err = wireguard.PrivateKeyFromBase64(string(data))
if err != nil {
// bad key
err = core.Wrap(err, "wg%v.key", ring)
err = core.Wrapf(err, "wg%v.key", ring)
return out, err
}
@@ -44,7 +44,7 @@ func (m *Machine) GetWireguardKeys(ring int) (wireguard.KeyPair, error) {
out.PublicKey, err = wireguard.PublicKeyFromBase64(string(data))
if err != nil {
// bad key
err = core.Wrap(err, "wg%v.pub", ring)
err = core.Wrapf(err, "wg%v.pub", ring)
return out, err
}
}
@@ -126,7 +126,7 @@ func (m *Machine) applyWireguardConfig(ring int, wg *wireguard.Config) error {
}
if err := m.applyZoneNodeID(zoneID, nodeID); err != nil {
return core.Wrap(err, "%s: invalid address", addr)
return core.Wrapf(err, "%s: invalid address", addr)
}
if err := m.applyWireguardInterfaceConfig(ring, wg.Interface); err != nil {
-2
View File
@@ -18,8 +18,6 @@ const (
type Provider interface {
libdns.RecordGetter
libdns.RecordDeleter
libdns.RecordSetter
libdns.RecordAppender
}
// DefaultDNSProvider returns a cloudflare DNS provider
-1
View File
@@ -167,7 +167,6 @@ func (mgr *Manager) genAllAddrRecords() []AddrRecord {
out = append(out, rec)
}
SortAddrRecords(out)
return out
}
-347
View File
@@ -1,347 +0,0 @@
package dns
import (
"context"
"errors"
"net/netip"
"sort"
"strings"
"time"
"darvaza.org/core"
"darvaza.org/slog"
"github.com/libdns/libdns"
)
// SyncAddrRecord is similar to AddrRecord but include libdns.Record details
// fetched from the Provider
type SyncAddrRecord struct {
Name string
Addrs []SyncAddr
}
// SyncAddr extends netip.Addr with ID and TTL fetched from the Provider
type SyncAddr struct {
ID string
Addr netip.Addr
TTL time.Duration
}
// Export assembles a libdns.Record
func (rec *SyncAddr) Export(name string) libdns.Record {
return libdns.Record{
ID: rec.ID,
Name: name,
Type: core.IIf(rec.Addr.Is6(), "AAAA", "A"),
TTL: time.Second,
Value: rec.Addr.String(),
}
}
// SortSyncAddrSlice sorts a slice of [SyncAddr] by its address
func SortSyncAddrSlice(s []SyncAddr) []SyncAddr {
sort.Slice(s, func(i, j int) bool {
a1 := s[i].Addr
a2 := s[j].Addr
return a1.Less(a2)
})
return s
}
// GetRecords pulls all the address records on DNS for our domain
func (mgr *Manager) GetRecords(ctx context.Context) ([]SyncAddrRecord, error) {
if mgr.p == nil {
return nil, errors.New("dns provider not specified")
}
recs, err := mgr.p.GetRecords(ctx, mgr.domain)
if err != nil {
return nil, err
}
return mgr.filteredRecords(recs)
}
// AsSyncAddr converts a A or AAAA [libdns.Record] into a [SyncAddr]
func (mgr *Manager) AsSyncAddr(rr libdns.Record) (SyncAddr, bool, error) {
var out SyncAddr
var addr netip.Addr
// skip non-address types
if rr.Type != "A" && rr.Type != "AAAA" {
return out, false, nil
}
// skip entries not containing our suffix
if mgr.suffix != "" {
if !strings.HasSuffix(rr.Name, mgr.suffix) {
return out, false, nil
}
}
err := addr.UnmarshalText([]byte(rr.Value))
if err != nil {
// invalid address on A or AAAA record
return out, false, err
}
out = SyncAddr{
ID: rr.ID,
TTL: rr.TTL,
Addr: addr,
}
return out, true, nil
}
func (mgr *Manager) filteredRecords(recs []libdns.Record) ([]SyncAddrRecord, error) {
// filter and convert
cache := make(map[string][]SyncAddr)
for _, rr := range recs {
addr, ok, err := mgr.AsSyncAddr(rr)
switch {
case err != nil:
// skip invalid addresses
mgr.l.Error().
WithField("subsystem", "dns").
WithField(slog.ErrorFieldName, err).
WithField("name", rr.Name).
WithField("type", rr.Type).
WithField("addr", rr.Value).
Print()
case ok:
// store
cache[rr.Name] = append(cache[rr.Name], addr)
}
}
// prepare records
out := make([]SyncAddrRecord, len(cache))
names := make([]string, 0, len(cache))
for name := range cache {
names = append(names, name)
}
sort.Strings(names)
for i, name := range names {
addrs := cache[name]
out[i] = SyncAddrRecord{
Name: name,
Addrs: SortSyncAddrSlice(addrs),
}
}
return out, nil
}
// Sync updates all the address records on DNS for our domain
func (mgr *Manager) Sync(ctx context.Context) error {
current, err := mgr.GetRecords(ctx)
if err != nil {
return core.Wrap(err, "GetRecords")
}
goal := mgr.genAllAddrRecords()
for _, p := range makeSyncMap(current, goal) {
err := mgr.doSync(ctx, p.Name, p.Before, p.After)
if err != nil {
return err
}
}
return nil
}
func (mgr *Manager) doSync(ctx context.Context, name string,
before []SyncAddr, after []netip.Addr) error {
//
var err error
for _, a := range after {
before, err = mgr.doSyncUpdateOrInsert(ctx, name, a, before)
if err != nil {
return err
}
}
for _, b := range before {
err = mgr.doSyncRemove(ctx, name, b)
if err != nil {
return err
}
}
return nil
}
func (mgr *Manager) doSyncUpdateOrInsert(ctx context.Context, name string,
addr netip.Addr, addrs []SyncAddr) ([]SyncAddr, error) {
//
var err error
i, ok := findSyncAddrSorted(addr, addrs)
if ok {
rec := addrs[i]
addrs = append(addrs[:i], addrs[i+1:]...)
err = mgr.doSyncUpdate(ctx, name, addr, rec)
} else {
err = mgr.doSyncInsert(ctx, name, addr)
}
return addrs, err
}
func (mgr *Manager) doSyncUpdate(ctx context.Context, name string,
addr netip.Addr, rec SyncAddr) error {
//
var log slog.Logger
var msg string
var err error
if rec.TTL != time.Second {
// amend TTL
// TODO: batch updates
_, err = mgr.p.SetRecords(ctx, mgr.domain, []libdns.Record{
rec.Export(name),
})
if err == nil {
log = mgr.l.Info()
msg = "Updated"
} else {
log = mgr.l.Error().
WithField(slog.ErrorFieldName, err)
msg = "Failed"
}
} else {
log = mgr.l.Info()
msg = "OK"
}
log.
WithField("subsystem", "dns").
WithField("name", name).
WithField("addr", addr).
Print(msg)
return err
}
func (mgr *Manager) doSyncInsert(ctx context.Context, name string,
addr netip.Addr) error {
//
var log slog.Logger
var msg string
rec := libdns.Record{
Name: name,
Type: core.IIf(addr.Is6(), "AAAA", "A"),
TTL: time.Second,
Value: addr.String(),
}
_, err := mgr.p.AppendRecords(ctx, mgr.domain, []libdns.Record{
rec,
})
if err != nil {
log = mgr.l.Error().
WithField(slog.ErrorFieldName, err)
msg = "Failed to Add"
} else {
log = mgr.l.Info()
msg = "Added"
}
log.
WithField("subsystem", "dns").
WithField("name", name).
WithField("addr", addr).
Print(msg)
return err
}
func (mgr *Manager) doSyncRemove(ctx context.Context, name string,
rec SyncAddr) error {
//
var log slog.Logger
var msg string
// TODO: batch deletes
_, err := mgr.p.DeleteRecords(ctx, mgr.domain, []libdns.Record{
rec.Export(name),
})
if err != nil {
log = mgr.l.Error().
WithField(slog.ErrorFieldName, err)
msg = "Failed to Delete"
} else {
log = mgr.l.Warn()
msg = "Deleted"
}
log.
WithField("subsystem", "dns").
WithField("name", name).
WithField("addr", rec.Addr).
Print(msg)
return err
}
func findSyncAddrSorted(target netip.Addr, addrs []SyncAddr) (int, bool) {
for i, a := range addrs {
switch target.Compare(a.Addr) {
case 0:
// match
return i, true
case -1:
// miss
return -1, false
default:
// next
}
}
return -1, false
}
type syncMapEntry struct {
Name string
Before []SyncAddr
After []netip.Addr
}
func makeSyncMap(current []SyncAddrRecord,
goal []AddrRecord) map[string]syncMapEntry {
//
data := make(map[string]syncMapEntry)
for _, cur := range current {
me, ok := data[cur.Name]
if !ok {
me = syncMapEntry{
Name: cur.Name,
}
}
me.Before = append(me.Before, cur.Addrs...)
data[cur.Name] = me
}
for _, rr := range goal {
me, ok := data[rr.Name]
if !ok {
me = syncMapEntry{
Name: rr.Name,
}
}
me.After = append(me.After, rr.Addr...)
data[rr.Name] = me
}
return data
}
+14 -110
View File
@@ -2,7 +2,6 @@ package wireguard
import (
"bytes"
"errors"
"fmt"
"io"
"net/netip"
@@ -10,8 +9,8 @@ import (
"strings"
"text/template"
"asciigoat.org/ini/basic"
"darvaza.org/core"
"gopkg.in/gcfg.v1"
)
var configTemplate = template.Must(template.New("config").Funcs(template.FuncMap{
@@ -107,6 +106,11 @@ func (ep EndpointAddress) String() string {
}
}
// UnmarshalText loads an endpoint address from text data
func (ep *EndpointAddress) UnmarshalText(b []byte) error {
return ep.FromString(string(b))
}
// FromString sets the EndpointAddress from a given "[host]:port"
func (ep *EndpointAddress) FromString(s string) error {
host, port, err := core.SplitHostPort(s)
@@ -127,98 +131,6 @@ func (ep *EndpointAddress) FromString(s string) error {
return nil
}
type intermediateConfig struct {
Interface interfaceConfig
Peer peersConfig
}
func (v *intermediateConfig) Export() (*Config, error) {
var out Config
var err error
// Interface
out.Interface, err = v.Interface.Export()
if err != nil {
return nil, err
}
// Peers
peers, ok := v.PeersCount()
if !ok {
return nil, errors.New("inconsistent Peer data")
}
for i := 0; i < peers; i++ {
p, err := v.ExportPeer(i)
if err != nil {
err = core.Wrap(err, "Peer[%v]:", i)
return nil, err
}
out.Peer = append(out.Peer, p)
}
return &out, nil
}
type interfaceConfig struct {
Address netip.Addr
PrivateKey string
ListenPort uint16
}
func (p interfaceConfig) Export() (InterfaceConfig, error) {
var err error
out := InterfaceConfig{
Address: p.Address,
ListenPort: p.ListenPort,
}
out.PrivateKey, err = PrivateKeyFromBase64(p.PrivateKey)
if err != nil {
err = core.Wrap(err, "PrivateKey")
return InterfaceConfig{}, err
}
return out, nil
}
type peersConfig struct {
PublicKey []string
Endpoint []string
AllowedIPs []string
}
func (v *intermediateConfig) ExportPeer(i int) (PeerConfig, error) {
var out PeerConfig
// Endpoint
s := v.Peer.Endpoint[i]
err := out.Endpoint.FromString(s)
if err != nil {
err = core.Wrap(err, "Endpoint")
return out, err
}
// PublicKey
out.PublicKey, err = PublicKeyFromBase64(v.Peer.PublicKey[i])
if err != nil {
err = core.Wrap(err, "PublicKey")
return out, err
}
// AllowedIPs
s = v.Peer.AllowedIPs[i]
out.AllowedIPs, err = parseAllowedIPs(s)
if err != nil {
err = core.Wrap(err, "AllowedIPs")
return out, err
}
return out, nil
}
func parseAllowedIPs(data string) ([]netip.Prefix, error) {
var out []netip.Prefix
@@ -235,25 +147,17 @@ func parseAllowedIPs(data string) ([]netip.Prefix, error) {
return out, nil
}
func (v *intermediateConfig) PeersCount() (int, bool) {
c0 := len(v.Peer.Endpoint)
c1 := len(v.Peer.PublicKey)
c2 := len(v.Peer.AllowedIPs)
if c0 != c1 || c1 != c2 {
return 0, false
}
return c0, true
}
// NewConfigFromReader parses a wgN.conf file
func NewConfigFromReader(r io.Reader) (*Config, error) {
temp := &intermediateConfig{}
if err := gcfg.ReadInto(temp, r); err != nil {
doc, err := basic.Decode(r)
if err != nil {
return nil, err
}
return temp.Export()
cfg, err := newConfigFromDocument(doc)
if err != nil {
return nil, err
}
return cfg, nil
}
+169
View File
@@ -0,0 +1,169 @@
package wireguard
import (
"io/fs"
"strconv"
"asciigoat.org/ini/basic"
"darvaza.org/core"
)
type sectionHandler func(*Config, *basic.Section) error
var sectionMap = map[string]func(*Config, *basic.Section) error{
"Interface": loadInterfaceConfSection,
"Peer": loadPeerConfSection,
}
func loadConfSection(out *Config, src *basic.Section) error {
h, ok := sectionMap[src.Key]
if !ok {
return core.Wrapf(fs.ErrInvalid, "unknown section %q", src.Key)
}
return h(out, src)
}
func loadInterfaceConfSection(out *Config, src *basic.Section) error {
var cfg InterfaceConfig
for _, field := range src.Fields {
if err := loadInterfaceConfField(&cfg, field); err != nil {
return core.Wrap(err, "Interface")
}
}
out.Interface = cfg
return nil
}
func loadPeerConfSection(out *Config, src *basic.Section) error {
var cfg PeerConfig
for _, field := range src.Fields {
if err := loadPeerConfField(&cfg, field); err != nil {
return core.Wrapf(err, "Peer[%v]", len(out.Peer))
}
}
out.Peer = append(out.Peer, cfg)
return nil
}
// revive:disable:cyclomatic
// revive:disable:cognitive-complexity
func loadInterfaceConfField(cfg *InterfaceConfig, field basic.Field) error {
// revive:enable:cyclomatic
// revive:enable:cognitive-complexity
// TODO: refactor when asciigoat's ini parser learns to do reflection
switch field.Key {
case "Address":
if !core.IsZero(cfg.Address) {
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
err := cfg.Address.UnmarshalText([]byte(field.Value))
switch {
case err != nil:
return core.Wrap(err, field.Key)
default:
return nil
}
case "PrivateKey":
if !core.IsZero(cfg.PrivateKey) {
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
err := cfg.PrivateKey.UnmarshalText([]byte(field.Value))
switch {
case err != nil:
return core.Wrap(err, field.Key)
default:
return nil
}
case "ListenPort":
if cfg.ListenPort > 0 {
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
u64, err := strconv.ParseUint(field.Value, 10, 16)
switch {
case err != nil:
return core.Wrap(err, field.Key)
case u64 == 0:
return core.Wrapf(fs.ErrInvalid, "invalid %q value", field.Key)
default:
cfg.ListenPort = uint16(u64)
return nil
}
default:
return core.Wrapf(fs.ErrInvalid, "unknown field %q", field.Key)
}
}
// revive:disable:cyclomatic
// revive:disable:cognitive-complexity
func loadPeerConfField(cfg *PeerConfig, field basic.Field) error {
// revive:enable:cyclomatic
// revive:enable:cognitive-complexity
switch field.Key {
case "PublicKey":
if !core.IsZero(cfg.PublicKey) {
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
err := cfg.PublicKey.UnmarshalText([]byte(field.Value))
switch {
case err != nil:
return core.Wrap(err, field.Key)
default:
return nil
}
case "Endpoint":
if cfg.Endpoint.String() != "" {
return core.Wrapf(fs.ErrInvalid, "duplicate field %q", field.Key)
}
err := cfg.Endpoint.UnmarshalText([]byte(field.Value))
switch {
case err != nil:
return core.Wrap(err, field.Key)
default:
return nil
}
case "AllowedIPs":
s, err := parseAllowedIPs(field.Value)
switch {
case err != nil:
return core.Wrap(err, field.Key)
case len(s) > 0:
cfg.AllowedIPs = append(cfg.AllowedIPs, s...)
return nil
}
default:
return core.Wrapf(fs.ErrInvalid, "unknown field %q", field.Key)
}
return nil
}
func newConfigFromDocument(doc *basic.Document) (*Config, error) {
var out Config
if len(doc.Global) > 0 {
err := core.Wrap(fs.ErrInvalid, "fields before the first section")
return nil, err
}
for i := range doc.Sections {
src := &doc.Sections[i]
if err := loadConfSection(&out, src); err != nil {
return nil, err
}
}
return &out, nil
}
+24
View File
@@ -51,6 +51,30 @@ func (pub PublicKey) String() string {
}
}
// UnmarshalText loads the value from base64
func (key *PrivateKey) UnmarshalText(b []byte) error {
v, err := PrivateKeyFromBase64(string(b))
switch {
case err != nil:
return err
default:
*key = v
return nil
}
}
// UnmarshalText loads the value from base64
func (pub *PublicKey) UnmarshalText(b []byte) error {
v, err := PublicKeyFromBase64(string(b))
switch {
case err != nil:
return err
default:
*pub = v
return nil
}
}
// MarshalJSON encodes the key for JSON, omitting empty.
func (key PrivateKey) MarshalJSON() ([]byte, error) {
return encodeKeyJSON(key.String())