Documentation ¶
Overview ¶
The derper binary is a simple DERP server.
Index ¶
- Constants
- Variables
- func AddRoute(prefix, dev string) error
- func CreateDirectory(path string) error
- func CtlStatus(command *cli.Command) (string, error)
- func DefaultMeshPSKFile() string
- func DeleteRoute(prefix, dev string) error
- func FileExists(f string) bool
- func IsCommandAvailable(name string) bool
- func IsNAT(logger *zap.SugaredLogger, nodeOS, controller string, port string) (bool, error)
- func LocalIPv4Address() net.IP
- func NewManualCertManager(certdir, hostname string) (certProvider, error)
- func ParseIPNet(s string) (*net.IPNet, error)
- func ResolveURLToIP(rawURL string) ([]net.IP, error)
- func RouteExistsOS(prefix string) (bool, error)
- func RouteExistsUS(prefix string) (bool, error)
- func RunCommand(cmd ...string) (string, error)
- func ValidateCIDR(cidr string) error
- func ValidateIp(ip string) error
- func WriteToFile(logger *zap.SugaredLogger, s, file string, filePermissions int)
- type DerpIpMapping
- func (dim *DerpIpMapping) CheckIfKeyExist(publicKey string) string
- func (dim *DerpIpMapping) GetLocalIPMappingForPeer(publicKey string) (string, error)
- func (dim *DerpIpMapping) GetPublicKey(ipAddress string) (string, bool)
- func (dim *DerpIpMapping) RemoveLocalIpMappingForPeer(publicKey string) error
- type DerpUserSpaceProxy
- type Derper
- type HostPort
- type InMemResolver
- type ListPeersResponse
- type NexdCtl
- func (ac *NexdCtl) ConnectivityV4(_ string, keepaliveResults *string) error
- func (ac *NexdCtl) ConnectivityV6(_ string, keepaliveResults *string) error
- func (ac *NexdCtl) DisableExitNodeClient(_ string, result *string) error
- func (ac *NexdCtl) EnableExitNodeClient(_ string, result *string) error
- func (ac *NexdCtl) GetDebug(_ string, result *string) error
- func (ac *NexdCtl) GetTunnelIPv4(_ string, result *string) error
- func (ac *NexdCtl) GetTunnelIPv6(_ string, result *string) error
- func (ac *NexdCtl) ListExitNodes(_ string, result *string) error
- func (ac *NexdCtl) ListPeers(_ string, result *string) error
- func (ac *NexdCtl) ProxyAddEgress(rule string, result *string) error
- func (ac *NexdCtl) ProxyAddIngress(rule string, result *string) error
- func (ac *NexdCtl) ProxyList(_ string, result *string) error
- func (ac *NexdCtl) ProxyRemoveEgress(rule string, result *string) error
- func (ac *NexdCtl) ProxyRemoveIngress(rule string, result *string) error
- func (ac *NexdCtl) SetDebugOff(_ string, result *string) error
- func (ac *NexdCtl) SetDebugOn(_ string, result *string) error
- func (ac *NexdCtl) Status(_ string, result *string) error
- func (ac *NexdCtl) Version(_ string, result *string) error
- type Nexodus
- func (nx *Nexodus) AddRouteUS(prefix string) error
- func (nx *Nexodus) CtlServerStart(ctx context.Context, wg *sync.WaitGroup) error
- func (nx *Nexodus) CtlServerUnixRun(ctx context.Context, ctlWg *sync.WaitGroup, l *net.UnixListener) error
- func (nx *Nexodus) CtlServerUnixStart(ctx context.Context, wg *sync.WaitGroup) error
- func (nx *Nexodus) DeployWireguardConfig(updatedPeers map[string]client.ModelsDevice) error
- func (nx *Nexodus) DumpPeers(iface string) (map[string]WgSessions, error)
- func (nx *Nexodus) DumpPeersDefault() (map[string]WgSessions, error)
- func (nx *Nexodus) DumpPeersOS(iface string) (map[string]WgSessions, error)
- func (nx *Nexodus) DumpPeersUS(iface string) (map[string]WgSessions, error)
- func (nx *Nexodus) ExitNodeClientSetup() error
- func (nx *Nexodus) LoadProxyRules() error
- func (nx *Nexodus) RouteExists(prefix string) (bool, error)
- func (nx *Nexodus) SetStatus(status int, msg string)
- func (nx *Nexodus) Start(ctx context.Context, wg *sync.WaitGroup) error
- func (nx *Nexodus) Stop()
- func (nx *Nexodus) StoreProxyRules() error
- func (nx *Nexodus) UserspaceProxyAdd(newRule ProxyRule) (*UsProxy, error)
- func (nx *Nexodus) UserspaceProxyRemove(cmpProxy ProxyRule) (*UsProxy, error)
- type NexodusClaims
- type OperatingSystem
- type Options
- type ProxyKey
- type ProxyProtocol
- type ProxyRule
- type ProxyType
- type StateTokenStore
- type UsProxy
- type WgSessions
Constants ¶
const ( DefaultDerpRegionID = 900 DefaultDerpRegionCode = "web" DefaultDerpRegionName = "NexodusDefault" DefaultDerpNodeName = "900nex" DefaultDerpIPAddr = "relay.nexodus.io" CustomDerpRegionID = 901 CustomDerpRegionCode = "local" CustomDerpRegionName = "NexodusLocal" CustomDerpNodeName = "901nex" )
const ( PACKETSIZE = 64 ICMP_TYPE_ECHO_REQUEST = 8 ICMP_ECHO_REPLY_HEADER_IPV4_OFFSET = 20 ICMP6_TYPE_ECHO_REQUEST = 128 )
const ( // when nexd is first starting up NexdStatusStarting = iota // when nexd is waiting for auth and the user must complete the OTP auth flow NexdStatusAuth // nexd is up and running normally NexdStatusRunning )
const (
WgDefaultPort = 51820
)
Variables ¶
var ProxyExistsError = errors.New("port already in use by another proxy rule")
Functions ¶
func CreateDirectory ¶
CreateDirectory create a directory if one does not exist
func DefaultMeshPSKFile ¶
func DefaultMeshPSKFile() string
func FileExists ¶
func IsCommandAvailable ¶
IsCommandAvailable checks to see if a binary is available in the current path
func LocalIPv4Address ¶
func NewManualCertManager ¶
NewManualCertManager returns a cert provider which read certificate by given hostname on create.
func ParseIPNet ¶
ParseIPNet return an IPNet from a string
func ResolveURLToIP ¶
ResolveURLToIP resolves the IP address of a given URL.
func RouteExistsOS ¶
RouteExistsOS checks netlink routes for the destination prefix
func RouteExistsUS ¶
func RunCommand ¶
RunCommand runs the cmd and returns the combined stdout and stderr
func ValidateCIDR ¶
ValidateCIDR ensures a valid IP4/IP6 prefix is provided
func ValidateIp ¶
ValidateIp ensures a valid IP4/IP6 address is provided
func WriteToFile ¶
func WriteToFile(logger *zap.SugaredLogger, s, file string, filePermissions int)
WriteToFile overwrite the contents of a file
Types ¶
type DerpIpMapping ¶
type DerpIpMapping struct {
// contains filtered or unexported fields
}
DerpIpMapping represents the mapping between private keys and IP addresses.
func NewDerpIpMapping ¶
func NewDerpIpMapping() *DerpIpMapping
NewIPMapping creates a new instance of IPMapping.
func (*DerpIpMapping) CheckIfKeyExist ¶
func (dim *DerpIpMapping) CheckIfKeyExist(publicKey string) string
func (*DerpIpMapping) GetLocalIPMappingForPeer ¶
func (dim *DerpIpMapping) GetLocalIPMappingForPeer(publicKey string) (string, error)
GetLocalIPMappingForPeer finds the next available IP address in the 127.0.0.0/24 range.
func (*DerpIpMapping) GetPublicKey ¶
func (dim *DerpIpMapping) GetPublicKey(ipAddress string) (string, bool)
GetIPAddress retrieves the public key associated with a given ip address.
func (*DerpIpMapping) RemoveLocalIpMappingForPeer ¶
func (dim *DerpIpMapping) RemoveLocalIpMappingForPeer(publicKey string) error
type DerpUserSpaceProxy ¶
type DerpUserSpaceProxy struct {
// contains filtered or unexported fields
}
DerpUserSpaceProxy proxies
func NewDerpUserSpaceProxy ¶
func NewDerpUserSpaceProxy(logger *zap.SugaredLogger, nexRelay *nexRelay) *DerpUserSpaceProxy
NewWGUserSpaceProxy instantiate a user space WireGuard proxy
func (*DerpUserSpaceProxy) Restart ¶
func (p *DerpUserSpaceProxy) Restart()
func (*DerpUserSpaceProxy) Start ¶
func (p *DerpUserSpaceProxy) Start()
Start start the proxy with the given remote conn
func (*DerpUserSpaceProxy) Stop ¶
func (p *DerpUserSpaceProxy) Stop()
type Derper ¶
type Derper struct {
// contains filtered or unexported fields
}
func (*Derper) StopDerper ¶
func (d *Derper) StopDerper()
type InMemResolver ¶
type InMemResolver struct {
// contains filtered or unexported fields
}
func NewInMemResolver ¶
func NewInMemResolver() *InMemResolver
func (*InMemResolver) Delete ¶
func (r *InMemResolver) Delete(host string)
type ListPeersResponse ¶
type ListPeersResponse struct { RelayPresent bool `json:"relay-present"` RelayRequired bool `json:"relay-required"` Peers map[string]WgSessions `json:"peers"` }
type NexdCtl ¶
type NexdCtl struct {
// contains filtered or unexported fields
}
func (*NexdCtl) ConnectivityV4 ¶
ConnectivityV4 pings all peers via IPv4
func (*NexdCtl) ConnectivityV6 ¶
ConnectivityV6 pings all peers via IPv6
func (*NexdCtl) DisableExitNodeClient ¶
func (*NexdCtl) EnableExitNodeClient ¶
func (*NexdCtl) ListExitNodes ¶
ListExitNodes lists all exit node origins
func (*NexdCtl) ProxyAddEgress ¶
func (*NexdCtl) ProxyAddIngress ¶
func (*NexdCtl) ProxyRemoveEgress ¶
func (*NexdCtl) ProxyRemoveIngress ¶
type Nexodus ¶
type Nexodus struct { Derper *Derper TunnelIP string TunnelIpV6 string // contains filtered or unexported fields }
func (*Nexodus) AddRouteUS ¶
func (*Nexodus) CtlServerStart ¶
func (*Nexodus) CtlServerUnixRun ¶
func (*Nexodus) CtlServerUnixStart ¶
func (*Nexodus) DeployWireguardConfig ¶
func (nx *Nexodus) DeployWireguardConfig(updatedPeers map[string]client.ModelsDevice) error
func (*Nexodus) DumpPeers ¶
func (nx *Nexodus) DumpPeers(iface string) (map[string]WgSessions, error)
func (*Nexodus) DumpPeersDefault ¶
func (nx *Nexodus) DumpPeersDefault() (map[string]WgSessions, error)
func (*Nexodus) DumpPeersOS ¶
func (nx *Nexodus) DumpPeersOS(iface string) (map[string]WgSessions, error)
DumpPeers dump wireguard peers
func (*Nexodus) DumpPeersUS ¶
func (nx *Nexodus) DumpPeersUS(iface string) (map[string]WgSessions, error)
func (*Nexodus) ExitNodeClientSetup ¶
ExitNodeClientSetup setups up the routing tables, netfilter tables and out of band connections for the exit node client
func (*Nexodus) LoadProxyRules ¶
func (*Nexodus) StoreProxyRules ¶
func (*Nexodus) UserspaceProxyAdd ¶
type NexodusClaims ¶
type OperatingSystem ¶
type OperatingSystem string
OperatingSystem supported OS types
const ( Linux OperatingSystem = "Linux" Darwin OperatingSystem = "Darwin" Windows OperatingSystem = "Windows" )
func (OperatingSystem) String ¶
func (operatingSystem OperatingSystem) String() string
type Options ¶
type Options struct { AdvertiseCidrs []string ApiURL *url.URL Context context.Context Derper *Derper ExitNodeClientEnabled bool ExitNodeOriginEnabled bool InsecureSkipTlsVerify bool ListenPort int LogLevel *zap.AtomicLevel Logger *zap.SugaredLogger NetworkRouter bool NetworkRouterDisableNAT bool Password string RegKey string Relay bool RelayDerp bool RelayOnly bool RequestedIP string StateDir string StateStore state.Store UserProvidedLocalIP string Username string UserspaceMode bool Version string VpcId string SecurityGroupId string }
type ProxyProtocol ¶
type ProxyProtocol string
type ProxyRule ¶
type ProxyRule struct { ProxyKey // contains filtered or unexported fields }
func ParseProxyRule ¶
type StateTokenStore ¶
type StateTokenStore struct {
// contains filtered or unexported fields
}
type UsProxy ¶
type UsProxy struct {
// contains filtered or unexported fields
}
type WgSessions ¶
type WgSessions struct { PublicKey string Endpoint string AllowedIPs []string LatestHandshake string LastHandshakeTime time.Time `json:"-"` Tx int64 Rx int64 // Only set when populating from the device cache, wgSessionsCached() Healthy bool }
WgSessions wireguard peer session information
Source Files ¶
- bootstrap_dns.go
- cert.go
- ctlconnectivty.go
- ctlexit.go
- ctlpeers.go
- ctlserver.go
- ctlserver_unix.go
- ctlstatus.go
- derp.go
- derper.go
- dump.go
- exit_client.go
- exit_node.go
- exit_origin.go
- in_mem_resolver.go
- join.go
- keepalive.go
- keys.go
- mesh.go
- net_router.go
- nexodus.go
- nexodus_linux.go
- nexodus_unix.go
- nexodus_userspace.go
- policy_linux.go
- proxyrule.go
- route.go
- route_linux.go
- route_userspace.go
- userspace_proxy.go
- utils.go
- utils_linux.go
- websocket.go
- wg.go
- wg_deploy.go
- wg_derp_proxy.go
- wg_iface.go
- wg_peers.go
- wg_peers_derp_mapping.go