Documentation
¶
Index ¶
- Constants
- func EnsureAllowedIPs(ctrl *wgctrl.Client, deviceName string, peer *wgtypes.Peer, facts []*fact.Fact) (added int, err error)
- func EnsurePeerAutoIP(ctrl *wgctrl.Client, dev *wgtypes.Device) (int, error)
- func OnlyAutoIP(ctrl *wgctrl.Client, deviceName string, peer *wgtypes.Peer) (bool, error)
- type Manager
- type PeerConfigState
- func (pcs *PeerConfigState) IsAlive() bool
- func (pcs *PeerConfigState) IsHealthy() bool
- func (pcs *PeerConfigState) NextEndpoint(peerFacts []*fact.Fact) *net.UDPAddr
- func (pcs *PeerConfigState) TimeForNextEndpoint() bool
- func (pcs *PeerConfigState) Update(peer *wgtypes.Peer, newAlive bool) *PeerConfigState
Constants ¶
const HealthHysteresisBandaid = 10 * time.Second
HealthHysteresisBandaid is an extra delay to add before considering a peer unhealthy, based on as-yet undiagnosed observations of handshakes not refreshing as often as documentation seems to suggest they should
Variables ¶
This section is empty.
Functions ¶
func EnsureAllowedIPs ¶
func EnsureAllowedIPs(ctrl *wgctrl.Client, deviceName string, peer *wgtypes.Peer, facts []*fact.Fact) (added int, err error)
EnsureAllowedIPs updates the device config if needed to add all the AllowedIPs from the facts to the peer
func EnsurePeerAutoIP ¶
EnsurePeerAutoIP updates the config of the device, if needed, to ensure all peers have their IPv6-LL IP listed in their AllowedIPs. It returns the number of peers modified and any error that happens
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager is a wrapper for applying local configuration changes
func NewManager ¶
NewManager instantiates a new Manager object with its own netlink handle
type PeerConfigState ¶
type PeerConfigState struct {
// contains filtered or unexported fields
}
PeerConfigState stores state to remember peer info so we can cycle through configurations effectively
func (*PeerConfigState) IsAlive ¶ added in v0.0.2
func (pcs *PeerConfigState) IsAlive() bool
IsAlive returns if the peer looked alive on the last call to `Update`. note that a peer can be alive but unhealthy!
func (*PeerConfigState) IsHealthy ¶
func (pcs *PeerConfigState) IsHealthy() bool
IsHealthy returns if the peer looked healthy on the last call to `Update`
func (*PeerConfigState) NextEndpoint ¶
func (pcs *PeerConfigState) NextEndpoint(peerFacts []*fact.Fact) *net.UDPAddr
NextEndpoint recommends the next endpoint to try configuring on the peer, if any, based on the available facts (assumed to all be about the peer!) Note that this does _not_ embed the logic for whether a new endpoint _should_ be attempted (i.e. it doesn't call `TimeForNextEndpoint` internally).
func (*PeerConfigState) TimeForNextEndpoint ¶
func (pcs *PeerConfigState) TimeForNextEndpoint() bool
TimeForNextEndpoint returns if we should try another endpoint for the peer (or if we should wait for the current endpoint to test out)
func (*PeerConfigState) Update ¶
func (pcs *PeerConfigState) Update(peer *wgtypes.Peer, newAlive bool) *PeerConfigState
Update refreshes the PeerConfigState with new data from the wireguard device. NOTE: It is safe to call this on a `nil` pointer, it will return a new state TODO: give this access to the `peerKnowledgeSet` instead of passing in the alive state
Source Files