Documentation ¶
Overview ¶
Package wireguard contains utilities for working with wireguard interfaces.
Index ¶
Constants ¶
View Source
const DefaultListenPort = 51820
DefaultListenPort is the default listen port for the WireGuard interface.
Variables ¶
View Source
var ( // BytesSentTotal tracks bytes sent over a wireguard interface BytesSentTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_bytes_sent_total", Help: "Total bytes sent over the wireguard interface.", }, []string{"node_id"}) // BytesRecvdTotal tracks bytes received over a wireguard interface. BytesRecvdTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_bytes_rcvd_total", Help: "Total bytes received over the wireguard interface.", }, []string{"node_id"}) // ConnectedPeers tracks the remote peers on a wireguard interface. ConnectedPeers = promauto.NewGaugeVec(prometheus.GaugeOpts{ Namespace: "webmesh", Name: "wireguard_connected_peers", Help: "The current number of wireguard peers.", }, []string{"node_id", "peer"}) // PeerBytesSentTotal tracks bytes sent over a wireguard interface // to a specific peer. PeerBytesSentTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_peer_bytes_sent_total", Help: "Total bytes sent over the wireguard interface by peer.", }, []string{"node_id", "peer"}) // PeerBytesRecvdTotal tracks bytes received over a wireguard interface // from a specific peer. PeerBytesRecvdTotal = promauto.NewCounterVec(prometheus.CounterOpts{ Namespace: "webmesh", Name: "wireguard_peer_bytes_rcvd_total", Help: "Total bytes received over the wireguard interface by peer.", }, []string{"node_id", "peer"}) )
Peer Metrics
View Source
var DefaultInterfaceName = "webmesh+"
DefaultInterfaceName is the default name to use for the WireGuard interface.
Functions ¶
This section is empty.
Types ¶
type Interface ¶
type Interface interface { // Interface is the underlying system interface. system.Interface // NetworkV4 returns the IPv4 network of this interface. NetworkV4() netip.Prefix // NetworkV6 returns the IPv6 network of this interface. NetworkV6() netip.Prefix // InNetwork returns true if the given address is in the network of this interface. InNetwork(addr netip.Addr) bool // Configure configures the wireguard interface to use the given key and listen port. Configure(ctx context.Context, key crypto.PrivateKey) error // ListenPort returns the current listen port of the wireguard interface. ListenPort() (int, error) // PutPeer updates a peer in the wireguard configuration. PutPeer(ctx context.Context, peer *Peer) error // DeletePeer removes a peer from the wireguard configuration. DeletePeer(ctx context.Context, id string) error // Peers returns the list of peers in the wireguard configuration. Peers() map[string]Peer // Metrics returns the metrics for the wireguard interface and the host. Metrics() (*v1.InterfaceMetrics, error) // Close closes the wireguard interface and all client connections. Close(ctx context.Context) error }
Interface is a high-level interface for managing wireguard connections.
type MetricsRecorder ¶
type MetricsRecorder struct {
// contains filtered or unexported fields
}
MetricsRecorder records metrics for a wireguard interface.
func NewMetricsRecorder ¶
func NewMetricsRecorder(ctx context.Context, wg Interface) *MetricsRecorder
NewMetricsRecorder returns a new MetricsRecorder.
type Options ¶
type Options struct { // NodeID is the ID of the node. This is only used for metrics. NodeID string // ListenPort is the port to listen on. ListenPort int // Name is the name of the interface. Name string // ForceName forces the use of the given name by deleting // any pre-existing interface with the same name. ForceName bool // ForceTUN forces the use of a TUN interface. ForceTUN bool // PersistentKeepAlive is the interval at which to send keepalive packets // to peers. If unset, keepalive packets will automatically be sent to publicly // accessible peers when this instance is behind a NAT. Otherwise, no keep-alive // packets are sent. PersistentKeepAlive time.Duration // MTU is the MTU to use for the interface. MTU int // AddressV4 is the private IPv4 address of this interface. AddressV4 netip.Prefix // AddressV6 is the private IPv6 address of this interface. AddressV6 netip.Prefix // NetworkV4 is the IPv4 network of this interface. NetworkV4 netip.Prefix // NetworkV6 is the IPv6 network of this interface. NetworkV6 netip.Prefix // Metrics is true if prometheus metrics should be enabled. Metrics bool // MetricsInterval is the interval at which to update metrics. // Defaults to 15 seconds. MetricsInterval time.Duration // DisableIPv4 disables IPv4 on the interface. DisableIPv4 bool // DisableIPv6 disables IPv6 on the interface. DisableIPv6 bool }
Options are options for configuring the wireguard interface.
type Peer ¶
type Peer struct { // ID is the ID of the peer. ID string `json:"id"` // GRPCPort is the gRPC port of the peer. GRPCPort int `json:"grpcPort"` // RaftMember indicates if the peer is a raft member. RaftMember bool `json:"raftMember"` // PublicKey is the public key of the peer. PublicKey crypto.PublicKey `json:"publicKey"` // Multiaddrs is the list of multiaddrs for this peer. Multiaddrs []multiaddr.Multiaddr `json:"multiaddrs"` // Endpoint is the endpoint of this peer, if applicable. Endpoint netip.AddrPort `json:"endpoint"` // PrivateIPv4 is the private IPv4 address of this peer, if applicable. PrivateIPv4 netip.Prefix `json:"privateIPv4"` // PrivateIPv6 is the private IPv6 address of this peer, if applicable. PrivateIPv6 netip.Prefix `json:"privateIPv6"` // AllowedIPs is the list of allowed IPs for this peer. AllowedIPs []netip.Prefix `json:"allowedIPs"` // AllowedRoutes is the list of allowed routes for this peer. AllowedRoutes []netip.Prefix `json:"allowedRoutes"` }
Peer contains configurations for a wireguard peer. When removing, only the PublicKey is required.
func (Peer) MarshalJSON ¶
Click to show internal directories.
Click to hide internal directories.