Documentation
¶
Overview ¶
Package wireguard contains utilities for working with wireguard interfaces.
Index ¶
Constants ¶
View Source
const DefaultListenPort = 51820
DefaultListenPort is the default listen port for the WireGuard interface.
Variables ¶
View Source
var ( // BytesSentTotal tracks bytes sent over a wireguard interface BytesSentTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_bytes_sent_total", Help: "Total bytes sent over the wireguard interface.", }, []string{"node_id"}) // BytesRecvdTotal tracks bytes received over a wireguard interface. BytesRecvdTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_bytes_rcvd_total", Help: "Total bytes received over the wireguard interface.", }, []string{"node_id"}) // ConnectedPeers tracks the remote peers on a wireguard interface. ConnectedPeers = promauto.NewGaugeVec(prometheus.GaugeOpts{ Namespace: "webmesh", Name: "wireguard_connected_peers", Help: "The current number of wireguard peers.", }, []string{"node_id", "peer"}) // PeerBytesSentTotal tracks bytes sent over a wireguard interface // to a specific peer. PeerBytesSentTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_peer_bytes_sent_total", Help: "Total bytes sent over the wireguard interface by peer.", }, []string{"node_id", "peer"}) // PeerBytesRecvdTotal tracks bytes received over a wireguard interface // from a specific peer. PeerBytesRecvdTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_peer_bytes_rcvd_total", Help: "Total bytes received over the wireguard interface by peer.", }, []string{"node_id", "peer"}) )
Peer Metrics
View Source
var DefaultInterfaceName = "webmesh0"
DefaultInterfaceName is the default name to use for the WireGuard interface.
Functions ¶
This section is empty.
Types ¶
type Interface ¶
type Interface interface {
// Interface is the underlying system interface.
system.Interface
// NetworkV4 returns the IPv4 network of this interface.
NetworkV4() netip.Prefix
// NetworkV6 returns the IPv6 network of this interface.
NetworkV6() netip.Prefix
// Configure configures the wireguard interface to use the given key and listen port.
Configure(ctx context.Context, key wgtypes.Key, listenPort int) error
// ListenPort returns the current listen port of the wireguard interface.
ListenPort() (int, error)
// PutPeer updates a peer in the wireguard configuration.
PutPeer(ctx context.Context, peer *Peer) error
// DeletePeer removes a peer from the wireguard configuration.
DeletePeer(ctx context.Context, id string) error
// Peers returns the list of peers in the wireguard configuration.
Peers() map[string]Peer
// Metrics returns the metrics for the wireguard interface and the host.
Metrics() (*v1.InterfaceMetrics, error)
// Close closes the wireguard interface and all client connections.
Close(ctx context.Context) error
}
Interface is a high-level interface for managing wireguard connections.
type MetricsRecorder ¶
type MetricsRecorder struct {
// contains filtered or unexported fields
}
MetricsRecorder records metrics for a wireguard interface.
func NewMetricsRecorder ¶
func NewMetricsRecorder(wg Interface) *MetricsRecorder
NewMetricsRecorder returns a new MetricsRecorder.
type Options ¶
type Options struct {
// NodeID is the ID of the node. This is only used for metrics.
NodeID string
// ListenPort is the port to listen on.
ListenPort int
// Name is the name of the interface.
Name string
// ForceName forces the use of the given name by deleting
// any pre-existing interface with the same name.
ForceName bool
// ForceTUN forces the use of a TUN interface.
ForceTUN bool
// PersistentKeepAlive is the interval at which to send keepalive packets
// to peers. If unset, keepalive packets will automatically be sent to publicly
// accessible peers when this instance is behind a NAT. Otherwise, no keep-alive
// packets are sent.
PersistentKeepAlive time.Duration
// MTU is the MTU to use for the interface.
MTU int
// AddressV4 is the private IPv4 address of this interface.
AddressV4 netip.Prefix
// AddressV6 is the private IPv6 address of this interface.
AddressV6 netip.Prefix
// NetworkV4 is the IPv4 network of this interface.
NetworkV4 netip.Prefix
// NetworkV6 is the IPv6 network of this interface.
NetworkV6 netip.Prefix
// Metrics is true if prometheus metrics should be enabled.
Metrics bool
// MetricsInterval is the interval at which to update metrics.
// Defaults to 15 seconds.
MetricsInterval time.Duration
// DisableIPv4 disables IPv4 on the interface.
DisableIPv4 bool
// DisableIPv6 disables IPv6 on the interface.
DisableIPv6 bool
}
Options are options for configuring the wireguard interface.
type Peer ¶
type Peer struct {
// ID is the ID of the peer.
ID string `json:"id"`
// GRPCPort is the gRPC port of the peer.
GRPCPort int `json:"grpcPort"`
// RaftMember indicates if the peer is a raft member.
RaftMember bool `json:"raftMember"`
// PublicKey is the public key of the peer.
PublicKey wgtypes.Key `json:"publicKey"`
// Endpoint is the endpoint of this peer, if applicable.
Endpoint netip.AddrPort `json:"endpoint"`
// PrivateIPv4 is the private IPv4 address of this peer, if applicable.
PrivateIPv4 netip.Prefix `json:"privateIPv4"`
// PrivateIPv6 is the private IPv6 address of this peer, if applicable.
PrivateIPv6 netip.Prefix `json:"privateIPv6"`
// AllowedIPs is the list of allowed IPs for this peer.
AllowedIPs []netip.Prefix `json:"allowedIPs"`
// AllowedRoutes is the list of allowed routes for this peer.
AllowedRoutes []netip.Prefix `json:"allowedRoutes"`
}
Peer contains configurations for a wireguard peer. When removing, only the PublicKey is required.
func (Peer) MarshalJSON ¶
Source Files
Click to show internal directories.
Click to hide internal directories.