nexodus

package
v0.0.0-...-3a8821d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2024 License: Apache-2.0 Imports: 82 Imported by: 0

Documentation

Overview

The derper binary is a simple DERP server.

Index

Constants

View Source 
const (
	DefaultDerpRegionID   = 900
	DefaultDerpRegionCode = "web"
	DefaultDerpRegionName = "NexodusDefault"
	DefaultDerpNodeName   = "900nex"
	DefaultDerpIPAddr     = "relay.nexodus.io"
	CustomDerpRegionID    = 901
	CustomDerpRegionCode  = "local"
	CustomDerpRegionName  = "NexodusLocal"
	CustomDerpNodeName    = "901nex"
)
View Source 
const (
	PACKETSIZE                         = 64
	ICMP_TYPE_ECHO_REQUEST             = 8
	ICMP_ECHO_REPLY_HEADER_IPV4_OFFSET = 20
	ICMP6_TYPE_ECHO_REQUEST            = 128
)
View Source 
const (
	// when nexd is first starting up
	NexdStatusStarting = iota
	// when nexd is waiting for auth and the user must complete the OTP auth flow
	NexdStatusAuth
	// nexd is up and running normally
	NexdStatusRunning
)
View Source 
const (
	WgDefaultPort = 51820
)

Variables

View Source 
var ProxyExistsError = errors.New("port already in use by another proxy rule")

Functions

func AddRoute 

func AddRoute(prefix, dev string) error

func CreateDirectory 

func CreateDirectory(path string) error

CreateDirectory create a directory if one does not exist

func CtlStatus 

func CtlStatus(command *cli.Command) (string, error)

CtlStatus attempt to retrieve the status of the nexd service

func DefaultMeshPSKFile 

func DefaultMeshPSKFile() string

func DeleteRoute 

func DeleteRoute(prefix, dev string) error

DeleteRoute deletes a netlink route

func FileExists 

func FileExists(f string) bool

func IsCommandAvailable 

func IsCommandAvailable(name string) bool

IsCommandAvailable checks to see if a binary is available in the current path

func IsNAT 

func IsNAT(logger *zap.SugaredLogger, nodeOS, controller string, port string) (bool, error)

func LocalIPv4Address 

func LocalIPv4Address() net.IP

func NewManualCertManager 

func NewManualCertManager(certdir, hostname string) (certProvider, error)

NewManualCertManager returns a cert provider which read certificate by given hostname on create.

func ParseIPNet 

func ParseIPNet(s string) (*net.IPNet, error)

ParseIPNet return an IPNet from a string

func ResolveURLToIP 

func ResolveURLToIP(rawURL string) ([]net.IP, error)

ResolveURLToIP resolves the IP address of a given URL.

func RouteExistsOS 

func RouteExistsOS(prefix string) (bool, error)

RouteExistsOS checks netlink routes for the destination prefix

func RouteExistsUS 

func RouteExistsUS(prefix string) (bool, error)

func RunCommand 

func RunCommand(cmd ...string) (string, error)

RunCommand runs the cmd and returns the combined stdout and stderr

func ValidateCIDR 

func ValidateCIDR(cidr string) error

ValidateCIDR ensures a valid IP4/IP6 prefix is provided

func ValidateIp 

func ValidateIp(ip string) error

ValidateIp ensures a valid IP4/IP6 address is provided

func WriteToFile 

func WriteToFile(logger *zap.SugaredLogger, s, file string, filePermissions int)

WriteToFile overwrite the contents of a file

Types

type DerpIpMapping 

type DerpIpMapping struct {
	// contains filtered or unexported fields
}

DerpIpMapping represents the mapping between private keys and IP addresses.

func NewDerpIpMapping 

func NewDerpIpMapping() *DerpIpMapping

NewIPMapping creates a new instance of IPMapping.

func (*DerpIpMapping) CheckIfKeyExist 

func (dim *DerpIpMapping) CheckIfKeyExist(publicKey string) string

func (*DerpIpMapping) GetLocalIPMappingForPeer 

func (dim *DerpIpMapping) GetLocalIPMappingForPeer(publicKey string) (string, error)

GetLocalIPMappingForPeer finds the next available IP address in the 127.0.0.0/24 range.

func (*DerpIpMapping) GetPublicKey 

func (dim *DerpIpMapping) GetPublicKey(ipAddress string) (string, bool)

GetIPAddress retrieves the public key associated with a given ip address.

func (*DerpIpMapping) RemoveLocalIpMappingForPeer 

func (dim *DerpIpMapping) RemoveLocalIpMappingForPeer(publicKey string) error

type DerpUserSpaceProxy 

type DerpUserSpaceProxy struct {
	// contains filtered or unexported fields
}

DerpUserSpaceProxy proxies

func NewDerpUserSpaceProxy 

func NewDerpUserSpaceProxy(logger *zap.SugaredLogger, nexRelay *nexRelay) *DerpUserSpaceProxy

NewWGUserSpaceProxy instantiate a user space WireGuard proxy

func (*DerpUserSpaceProxy) Restart 

func (p *DerpUserSpaceProxy) Restart()

func (*DerpUserSpaceProxy) Start 

func (p *DerpUserSpaceProxy) Start()

Start start the proxy with the given remote conn

func (*DerpUserSpaceProxy) Stop 

func (p *DerpUserSpaceProxy) Stop()

type Derper 

type Derper struct {
	// contains filtered or unexported fields
}

func NewDerper 

func NewDerper(ctx context.Context, command *cli.Command, wg *sync.WaitGroup, logger *zap.SugaredLogger) *Derper

func (*Derper) StartDerp 

func (d *Derper) StartDerp()

func (*Derper) StopDerper 

func (d *Derper) StopDerper()

type HostPort 

type HostPort struct {
	// contains filtered or unexported fields
}

func (HostPort) String 

func (hp HostPort) String() string

type InMemResolver 

type InMemResolver struct {
	// contains filtered or unexported fields
}

func NewInMemResolver 

func NewInMemResolver() *InMemResolver

func (*InMemResolver) Delete 

func (r *InMemResolver) Delete(host string)

func (*InMemResolver) LookupIP 

func (r *InMemResolver) LookupIP(ctx context.Context, host string) ([]netip.Addr, error)

func (*InMemResolver) Set 

func (r *InMemResolver) Set(host string, addrs []netip.Addr)

type ListPeersResponse 

type ListPeersResponse struct {
	RelayPresent  bool                  `json:"relay-present"`
	RelayRequired bool                  `json:"relay-required"`
	Peers         map[string]WgSessions `json:"peers"`
}

type NexdCtl 

type NexdCtl struct {
	// contains filtered or unexported fields
}

func (*NexdCtl) ConnectivityV4 

func (ac *NexdCtl) ConnectivityV4(_ string, keepaliveResults *string) error

ConnectivityV4 pings all peers via IPv4

func (*NexdCtl) ConnectivityV6 

func (ac *NexdCtl) ConnectivityV6(_ string, keepaliveResults *string) error

ConnectivityV6 pings all peers via IPv6

func (*NexdCtl) DisableExitNodeClient 

func (ac *NexdCtl) DisableExitNodeClient(_ string, result *string) error

func (*NexdCtl) EnableExitNodeClient 

func (ac *NexdCtl) EnableExitNodeClient(_ string, result *string) error

func (*NexdCtl) GetDebug 

func (ac *NexdCtl) GetDebug(_ string, result *string) error

func (*NexdCtl) GetTunnelIPv4 

func (ac *NexdCtl) GetTunnelIPv4(_ string, result *string) error

func (*NexdCtl) GetTunnelIPv6 

func (ac *NexdCtl) GetTunnelIPv6(_ string, result *string) error

func (*NexdCtl) ListExitNodes 

func (ac *NexdCtl) ListExitNodes(_ string, result *string) error

ListExitNodes lists all exit node origins

func (*NexdCtl) ListPeers 

func (ac *NexdCtl) ListPeers(_ string, result *string) error

func (*NexdCtl) ProxyAddEgress 

func (ac *NexdCtl) ProxyAddEgress(rule string, result *string) error

func (*NexdCtl) ProxyAddIngress 

func (ac *NexdCtl) ProxyAddIngress(rule string, result *string) error

func (*NexdCtl) ProxyList 

func (ac *NexdCtl) ProxyList(_ string, result *string) error

func (*NexdCtl) ProxyRemoveEgress 

func (ac *NexdCtl) ProxyRemoveEgress(rule string, result *string) error

func (*NexdCtl) ProxyRemoveIngress 

func (ac *NexdCtl) ProxyRemoveIngress(rule string, result *string) error

func (*NexdCtl) SetDebugOff 

func (ac *NexdCtl) SetDebugOff(_ string, result *string) error

func (*NexdCtl) SetDebugOn 

func (ac *NexdCtl) SetDebugOn(_ string, result *string) error

func (*NexdCtl) Status 

func (ac *NexdCtl) Status(_ string, result *string) error

func (*NexdCtl) Version 

func (ac *NexdCtl) Version(_ string, result *string) error

type Nexodus 

type Nexodus struct {
	Derper *Derper

	TunnelIP   string
	TunnelIpV6 string
	// contains filtered or unexported fields
}

func New 

func New(o Options) (*Nexodus, error)

func (*Nexodus) AddRouteUS 

func (nx *Nexodus) AddRouteUS(prefix string) error

func (*Nexodus) CtlServerStart 

func (nx *Nexodus) CtlServerStart(ctx context.Context, wg *sync.WaitGroup) error

func (*Nexodus) CtlServerUnixRun 

func (nx *Nexodus) CtlServerUnixRun(ctx context.Context, ctlWg *sync.WaitGroup, l *net.UnixListener) error

func (*Nexodus) CtlServerUnixStart 

func (nx *Nexodus) CtlServerUnixStart(ctx context.Context, wg *sync.WaitGroup) error

func (*Nexodus) DeployWireguardConfig 

func (nx *Nexodus) DeployWireguardConfig(updatedPeers map[string]client.ModelsDevice) error

func (*Nexodus) DumpPeers 

func (nx *Nexodus) DumpPeers(iface string) (map[string]WgSessions, error)

func (*Nexodus) DumpPeersDefault 

func (nx *Nexodus) DumpPeersDefault() (map[string]WgSessions, error)

func (*Nexodus) DumpPeersOS 

func (nx *Nexodus) DumpPeersOS(iface string) (map[string]WgSessions, error)

DumpPeers dump wireguard peers

func (*Nexodus) DumpPeersUS 

func (nx *Nexodus) DumpPeersUS(iface string) (map[string]WgSessions, error)

func (*Nexodus) ExitNodeClientSetup 

func (nx *Nexodus) ExitNodeClientSetup() error

ExitNodeClientSetup setups up the routing tables, netfilter tables and out of band connections for the exit node client

func (*Nexodus) LoadProxyRules 

func (nx *Nexodus) LoadProxyRules() error

func (*Nexodus) RouteExists 

func (nx *Nexodus) RouteExists(prefix string) (bool, error)

func (*Nexodus) SetStatus 

func (nx *Nexodus) SetStatus(status int, msg string)

func (*Nexodus) Start 

func (nx *Nexodus) Start(ctx context.Context, wg *sync.WaitGroup) error

func (*Nexodus) Stop 

func (nx *Nexodus) Stop()

func (*Nexodus) StoreProxyRules 

func (nx *Nexodus) StoreProxyRules() error

func (*Nexodus) UserspaceProxyAdd 

func (nx *Nexodus) UserspaceProxyAdd(newRule ProxyRule) (*UsProxy, error)

func (*Nexodus) UserspaceProxyRemove 

func (nx *Nexodus) UserspaceProxyRemove(cmpProxy ProxyRule) (*UsProxy, error)

type NexodusClaims 

type NexodusClaims struct {
	jwt.RegisteredClaims
	Scope          string    `json:"scope,omitempty"`
	OrganizationID uuid.UUID `json:"org,omitempty"`
	DeviceID       uuid.UUID `json:"device,omitempty"`
}

type OperatingSystem 

type OperatingSystem string

OperatingSystem supported OS types 

const (
	Linux   OperatingSystem = "Linux"
	Darwin  OperatingSystem = "Darwin"
	Windows OperatingSystem = "Windows"
)

func (OperatingSystem) String 

func (operatingSystem OperatingSystem) String() string

type Options 

type Options struct {
	AdvertiseCidrs          []string
	ApiURL                  *url.URL
	Context                 context.Context
	Derper                  *Derper
	ExitNodeClientEnabled   bool
	ExitNodeOriginEnabled   bool
	InsecureSkipTlsVerify   bool
	ListenPort              int
	LogLevel                *zap.AtomicLevel
	Logger                  *zap.SugaredLogger
	NetworkRouter           bool
	NetworkRouterDisableNAT bool
	Password                string
	RegKey                  string
	Relay                   bool
	RelayDerp               bool
	RelayOnly               bool
	RequestedIP             string
	StateDir                string
	StateStore              state.Store
	UserProvidedLocalIP     string
	Username                string
	UserspaceMode           bool
	Version                 string
	VpcId                   string
	SecurityGroupId         string
}

type ProxyKey 

type ProxyKey struct {
	// contains filtered or unexported fields
}

func (ProxyKey) String 

func (rule ProxyKey) String() string

type ProxyProtocol 

type ProxyProtocol string

type ProxyRule 

type ProxyRule struct {
	ProxyKey
	// contains filtered or unexported fields
}

func ParseProxyRule 

func ParseProxyRule(rule string, ruleType ProxyType) (emptyRule ProxyRule, err error)

func (ProxyRule) AsFlag 

func (rule ProxyRule) AsFlag() string

func (ProxyRule) String 

func (rule ProxyRule) String() string

type ProxyType 

type ProxyType int
const (
	ProxyTypeEgress ProxyType = iota
	ProxyTypeIngress
)

func (ProxyType) String 

func (ruleType ProxyType) String() string

type StateTokenStore 

type StateTokenStore struct {
	// contains filtered or unexported fields
}

func (StateTokenStore) Load 

func (s StateTokenStore) Load() (*oauth2.Token, error)

func (StateTokenStore) Store 

func (s StateTokenStore) Store(token *oauth2.Token) error

type UsProxy 

type UsProxy struct {
	// contains filtered or unexported fields
}

func (*UsProxy) NextDest 

func (proxy *UsProxy) NextDest() HostPort

func (*UsProxy) Start 

func (proxy *UsProxy) Start(ctx context.Context, wg *sync.WaitGroup, net *netstack.Net)

func (*UsProxy) Stop 

func (proxy *UsProxy) Stop()

type WgSessions 

type WgSessions struct {
	PublicKey         string
	Endpoint          string
	AllowedIPs        []string
	LatestHandshake   string
	LastHandshakeTime time.Time `json:"-"`
	Tx                int64
	Rx                int64
	// Only set when populating from the device cache, wgSessionsCached()
	Healthy bool
}

WgSessions wireguard peer session information

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.