Skip to content

Add comments and minor renames to peerwg #2609

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 23, 2022
Merged

Add comments and minor renames to peerwg #2609

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 13 additions & 11 deletions agent/agent.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,30 +47,30 @@ const (

type Options struct {
EnableWireguard bool
PostPublicKeys PostKeys
UploadWireguardKeys UploadWireguardKeys
ListenWireguardPeers ListenWireguardPeers
ReconnectingPTYTimeout time.Duration
EnvironmentVariables map[string]string
Logger slog.Logger
}

type Metadata struct {
Addresses []netaddr.IPPrefix `json:"addresses"`
WireguardAddresses []netaddr.IPPrefix `json:"addresses"`
OwnerEmail string `json:"owner_email"`
OwnerUsername string `json:"owner_username"`
EnvironmentVariables map[string]string `json:"environment_variables"`
StartupScript string `json:"startup_script"`
Directory string `json:"directory"`
}

type PublicKeys struct {
type WireguardPublicKeys struct {
Public key.NodePublic `json:"public"`
Disco key.DiscoPublic `json:"disco"`
}

type Dialer func(ctx context.Context, logger slog.Logger) (Metadata, *peerbroker.Listener, error)
type PostKeys func(ctx context.Context, keys PublicKeys) error
type ListenWireguardPeers func(ctx context.Context, logger slog.Logger) (<-chan peerwg.WireguardPeerMessage, func(), error)
type UploadWireguardKeys func(ctx context.Context, keys WireguardPublicKeys) error
type ListenWireguardPeers func(ctx context.Context, logger slog.Logger) (<-chan peerwg.Handshake, func(), error)

func New(dialer Dialer, options *Options) io.Closer {
if options == nil {
Expand All @@ -88,7 +88,7 @@ func New(dialer Dialer, options *Options) io.Closer {
closed: make(chan struct{}),
envVars: options.EnvironmentVariables,
enableWireguard: options.EnableWireguard,
postKeys: options.PostPublicKeys,
postKeys: options.UploadWireguardKeys,
listenWireguardPeers: options.ListenWireguardPeers,
}
server.init(ctx)
Expand All @@ -114,8 +114,8 @@ type agent struct {
sshServer *ssh.Server

enableWireguard bool
wg *peerwg.WireguardNetwork
postKeys PostKeys
network *peerwg.Network
postKeys UploadWireguardKeys
listenWireguardPeers ListenWireguardPeers
}

Expand Down Expand Up @@ -160,9 +160,11 @@ func (a *agent) run(ctx context.Context) {
}()
}

err = a.startWireguard(ctx, metadata.Addresses)
if err != nil {
a.logger.Error(ctx, "start wireguard", slog.Error(err))
if a.enableWireguard {
err = a.startWireguard(ctx, metadata.WireguardAddresses)
if err != nil {
a.logger.Error(ctx, "start wireguard", slog.Error(err))
}
}

for {
Expand Down
24 changes: 11 additions & 13 deletions agent/wireguard.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,28 +11,26 @@ import (
)

func (a *agent) startWireguard(ctx context.Context, addrs []netaddr.IPPrefix) error {
if a.wg != nil {
_ = a.wg.Close()
a.wg = nil
}

if !a.enableWireguard {
return nil
if a.network != nil {
_ = a.network.Close()
a.network = nil
}

// We can't create a wireguard network without these.
if len(addrs) == 0 || a.listenWireguardPeers == nil || a.postKeys == nil {
return xerrors.New("wireguard is enabled, but no addresses were provided or necessary functions were not provided")
}

wg, err := peerwg.NewWireguardNetwork(ctx, a.logger.Named("wireguard"), addrs)
wg, err := peerwg.New(a.logger.Named("wireguard"), addrs)
if err != nil {
return xerrors.Errorf("create wireguard network: %w", err)
}

err = a.postKeys(ctx, PublicKeys{
Public: wg.Private.Public(),
Disco: wg.Disco,
// A new keypair is generated on each agent start.
// This keypair must be sent to Coder to allow for incoming connections.
err = a.postKeys(ctx, WireguardPublicKeys{
Public: wg.NodePrivateKey.Public(),
Disco: wg.DiscoPublicKey,
})
if err != nil {
a.logger.Warn(ctx, "post keys", slog.Error(err))
Expand All @@ -53,13 +51,13 @@ func (a *agent) startWireguard(ctx context.Context, addrs []netaddr.IPPrefix) er
}

err := wg.AddPeer(peer)
a.logger.Info(ctx, "added wireguard peer", slog.F("peer", peer.Public.ShortString()), slog.Error(err))
a.logger.Info(ctx, "added wireguard peer", slog.F("peer", peer.NodePublicKey.ShortString()), slog.Error(err))
}

listenClose()
}
}()

a.wg = wg
a.network = wg
return nil
}
2 changes: 1 addition & 1 deletion cli/agent.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@ func workspaceAgent() *cobra.Command {
"CODER_AGENT_TOKEN": client.SessionToken,
},
EnableWireguard: wireguard,
PostPublicKeys: client.PostWorkspaceAgentKeys,
UploadWireguardKeys: client.UploadWorkspaceAgentKeys,
ListenWireguardPeers: client.WireguardPeerListener,
})
<-cmd.Context().Done()
Expand Down
26 changes: 14 additions & 12 deletions cli/wireguardtunnel.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,29 +100,29 @@ func wireguardPortForward() *cobra.Command {
}

ipv6 := peerwg.UUIDToNetaddr(uuid.New())
wgn, err := peerwg.NewWireguardNetwork(cmd.Context(),
wgn, err := peerwg.New(
slog.Make(sloghuman.Sink(os.Stderr)),
[]netaddr.IPPrefix{netaddr.IPPrefixFrom(ipv6, 128)},
)
if err != nil {
return xerrors.Errorf("create wireguard network: %w", err)
}

err = client.PostWireguardPeer(cmd.Context(), workspace.ID, peerwg.WireguardPeerMessage{
Recipient: workspaceAgent.ID,
Public: wgn.Private.Public(),
Disco: wgn.Disco,
IPv6: ipv6,
err = client.PostWireguardPeer(cmd.Context(), workspace.ID, peerwg.Handshake{
Recipient: workspaceAgent.ID,
NodePublicKey: wgn.NodePrivateKey.Public(),
DiscoPublicKey: wgn.DiscoPublicKey,
IPv6: ipv6,
})
if err != nil {
return xerrors.Errorf("post wireguard peer: %w", err)
}

err = wgn.AddPeer(peerwg.WireguardPeerMessage{
Recipient: workspaceAgent.ID,
Disco: workspaceAgent.DiscoPublicKey,
Public: workspaceAgent.WireguardPublicKey,
IPv6: workspaceAgent.IPv6.IP(),
err = wgn.AddPeer(peerwg.Handshake{
Recipient: workspaceAgent.ID,
DiscoPublicKey: workspaceAgent.DiscoPublicKey,
NodePublicKey: workspaceAgent.WireguardPublicKey,
IPv6: workspaceAgent.IPv6.IP(),
})
if err != nil {
return xerrors.Errorf("add workspace agent as peer: %w", err)
Expand Down Expand Up @@ -177,6 +177,8 @@ func wireguardPortForward() *cobra.Command {
},
}

// Hide all wireguard commands for now while we test!
cmd.Hidden = true
cmd.Flags().StringArrayVarP(&tcpForwards, "tcp", "p", []string{}, "Forward a TCP port from the workspace to the local machine")
cmd.Flags().StringArrayVar(&udpForwards, "udp", []string{}, "Forward a UDP port from the workspace to the local machine. The UDP connection has TCP-like semantics to support stateful UDP protocols")
cmd.Flags().StringArrayVar(&unixForwards, "unix", []string{}, "Forward a Unix socket in the workspace to a local Unix socket or TCP port")
Expand All @@ -185,7 +187,7 @@ func wireguardPortForward() *cobra.Command {
}

func listenAndPortForwardWireguard(ctx context.Context, cmd *cobra.Command,
wgn *peerwg.WireguardNetwork,
wgn *peerwg.Network,
wg *sync.WaitGroup,
spec portForwardSpec,
agentIP netaddr.IP,
Expand Down
38 changes: 19 additions & 19 deletions coderd/database/databasefake/databasefake.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1599,23 +1599,23 @@ func (q *fakeQuerier) InsertWorkspaceAgent(_ context.Context, arg database.Inser
defer q.mutex.Unlock()

agent := database.WorkspaceAgent{
ID: arg.ID,
CreatedAt: arg.CreatedAt,
UpdatedAt: arg.UpdatedAt,
ResourceID: arg.ResourceID,
AuthToken: arg.AuthToken,
AuthInstanceID: arg.AuthInstanceID,
EnvironmentVariables: arg.EnvironmentVariables,
Name: arg.Name,
Architecture: arg.Architecture,
OperatingSystem: arg.OperatingSystem,
Directory: arg.Directory,
StartupScript: arg.StartupScript,
InstanceMetadata: arg.InstanceMetadata,
ResourceMetadata: arg.ResourceMetadata,
Ipv6: arg.Ipv6,
WireguardPublicKey: arg.WireguardPublicKey,
DiscoPublicKey: arg.DiscoPublicKey,
ID: arg.ID,
CreatedAt: arg.CreatedAt,
UpdatedAt: arg.UpdatedAt,
ResourceID: arg.ResourceID,
AuthToken: arg.AuthToken,
AuthInstanceID: arg.AuthInstanceID,
EnvironmentVariables: arg.EnvironmentVariables,
Name: arg.Name,
Architecture: arg.Architecture,
OperatingSystem: arg.OperatingSystem,
Directory: arg.Directory,
StartupScript: arg.StartupScript,
InstanceMetadata: arg.InstanceMetadata,
ResourceMetadata: arg.ResourceMetadata,
WireguardNodeIPv6: arg.WireguardNodeIPv6,
WireguardNodePublicKey: arg.WireguardNodePublicKey,
WireguardDiscoPublicKey: arg.WireguardDiscoPublicKey,
}

q.provisionerJobAgents = append(q.provisionerJobAgents, agent)
Expand Down Expand Up @@ -1920,8 +1920,8 @@ func (q *fakeQuerier) UpdateWorkspaceAgentKeysByID(_ context.Context, arg databa
continue
}

agent.WireguardPublicKey = arg.WireguardPublicKey
agent.DiscoPublicKey = arg.DiscoPublicKey
agent.WireguardNodePublicKey = arg.WireguardNodePublicKey
agent.WireguardDiscoPublicKey = arg.WireguardDiscoPublicKey
agent.UpdatedAt = database.Now()
q.provisionerJobAgents[index] = agent
return nil
Expand Down
6 changes: 3 additions & 3 deletions coderd/database/dump.sql
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions coderd/database/migrations/000028_wireguard.down.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
ALTER TABLE workspace_agents
DROP COLUMN ipv6,
DROP COLUMN wireguard_public_key,
DROP COLUMN wireguard_ipv6,
DROP COLUMN node_public_key,
DROP COLUMN disco_public_key;
6 changes: 3 additions & 3 deletions coderd/database/migrations/000028_wireguard.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
ALTER TABLE workspace_agents
ADD COLUMN ipv6 inet NOT NULL DEFAULT '::/128',
ADD COLUMN wireguard_public_key varchar(128) NOT NULL DEFAULT 'mkey:0000000000000000000000000000000000000000000000000000000000000000',
ADD COLUMN disco_public_key varchar(128) NOT NULL DEFAULT 'discokey:0000000000000000000000000000000000000000000000000000000000000000';
ADD COLUMN wireguard_node_ipv6 inet NOT NULL DEFAULT '::/128',
ADD COLUMN wireguard_node_public_key varchar(128) NOT NULL DEFAULT 'mkey:0000000000000000000000000000000000000000000000000000000000000000',
ADD COLUMN wireguard_disco_public_key varchar(128) NOT NULL DEFAULT 'discokey:0000000000000000000000000000000000000000000000000000000000000000';
40 changes: 20 additions & 20 deletions coderd/database/models.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading