Documentation
¶
Overview ¶
Package peer handles the matching of data in this project.
Index ¶
Constants ¶
const ( // HandshakeTimeout specifies the duration after a wireguard handshake is assumed out of date. HandshakeTimeout = 140 * time.Second )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type DNSResolver ¶
DNSResolver is responsible for resolving a DNS record.
type Peer ¶
type Peer struct {
// Public is the base64 encoded WG public key.
Public string `yaml:"public"`
// DNSName is the name of the DNS AAAA RR that contains the global endpint of the peer.
// Is refereshed continuously.
DNSName string `yaml:"dnsName"`
// MACs is the list of MAC addresses of the peer. This is used to determine if a link address
// belongs to it. Multiple MACs may be specified in case the node connects with multiple network
// cards (may it be with all at the same time or a single one out of the list).
// If multiple peer addresses are found the one belonging belonging to the earlier specified MAC
// is preferred.
MACs []string `yaml:"macs"`
// contains filtered or unexported fields
}
Peer defines a peer this nodes wants to connect to vai wireguard.
func (*Peer) WGConfig ¶
func (p *Peer) WGConfig(ctx context.Context, log logr.Logger, resolver DNSResolver) *wgtypes.PeerConfig
WGConfig deducts a wireguard PeerConfig instance from a given peer container. It returns nil if not change needs to be performed.
It determines this by first checking if we have a recent handshake with the peer. If so no change is needed since the connection is working. It is then checked if we know a neighbouring endpoint address of the peer. If so and it is different from the current endpoint it is selected. If there are multiple endpoints known the next one in the list is tried out. If both of the previous are false and DNSName is set, try to resolve it and pick the next resolved address. Note that endpoints will be tried randomly if your DNS server returns RR in an randomized order.
Source Files