Documentation
¶
Index ¶
- Constants
- func EnsureAllowedIPs(peer *wgtypes.Peer, facts []*fact.Fact, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
- func EnsurePeerAutoIP(peer *wgtypes.Peer, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
- func EnsurePeersAutoIP(ctrl *wgctrl.Client, dev *wgtypes.Device) (int, error)
- func OnlyAutoIP(peer *wgtypes.Peer, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
- type Manager
- type PeerConfigState
- func (pcs *PeerConfigState) AliveSince() time.Time
- func (pcs *PeerConfigState) IsAlive() bool
- func (pcs *PeerConfigState) IsHealthy() bool
- func (pcs *PeerConfigState) NextEndpoint(peerFacts []*fact.Fact) *net.UDPAddr
- func (pcs *PeerConfigState) TimeForNextEndpoint() bool
- func (pcs *PeerConfigState) Update(peer *wgtypes.Peer, name string, newAlive bool) *PeerConfigState
Constants ¶
const HealthHysteresisBandaid = 30 * time.Second
HealthHysteresisBandaid is an extra delay to add before considering a peer unhealthy, based on as-yet undiagnosed observations of handshakes not refreshing as often as documentation seems to suggest they should
Variables ¶
This section is empty.
Functions ¶
func EnsureAllowedIPs ¶
func EnsureAllowedIPs(peer *wgtypes.Peer, facts []*fact.Fact, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
EnsureAllowedIPs updates the device config if needed to add all the AllowedIPs from the facts to the peer
func EnsurePeerAutoIP ¶
func EnsurePeerAutoIP(peer *wgtypes.Peer, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
EnsurePeerAutoIP ensures that the config (if any) for the given peer key includes its automatic IPv6-LL address.
func EnsurePeersAutoIP ¶ added in v0.1.1
EnsurePeersAutoIP updates the config of the device, if needed, to ensure all peers have their IPv6-LL IP listed in their AllowedIPs. It returns the number of peers modified and any error that happens
func OnlyAutoIP ¶
func OnlyAutoIP(peer *wgtypes.Peer, cfg *wgtypes.PeerConfig) *wgtypes.PeerConfig
OnlyAutoIP configures a peer to have _only_ its IPv6-LL IP in its AllowedIPs it returns whether a change was attempted and any error that happens
Types ¶
type Manager ¶
type Manager struct {
// contains filtered or unexported fields
}
Manager is a wrapper for applying local configuration changes
func NewManager ¶
NewManager instantiates a new Manager object with its own netlink handle
type PeerConfigState ¶
type PeerConfigState struct {
// contains filtered or unexported fields
}
PeerConfigState stores state to remember peer info so we can cycle through configurations effectively
func (*PeerConfigState) AliveSince ¶ added in v0.1.2
func (pcs *PeerConfigState) AliveSince() time.Time
AliveSince gives the time since which the peer has been healthy and alive, or a _very_ far future value if it is not healthy and alive.
func (*PeerConfigState) IsAlive ¶ added in v0.0.2
func (pcs *PeerConfigState) IsAlive() bool
IsAlive returns if the peer looked alive on the last call to `Update`. note that a peer can be alive but unhealthy!
func (*PeerConfigState) IsHealthy ¶
func (pcs *PeerConfigState) IsHealthy() bool
IsHealthy returns if the peer looked healthy on the last call to `Update`
func (*PeerConfigState) NextEndpoint ¶
func (pcs *PeerConfigState) NextEndpoint(peerFacts []*fact.Fact) *net.UDPAddr
NextEndpoint recommends the next endpoint to try configuring on the peer, if any, based on the available facts (assumed to all be about the peer!) Note that this does _not_ embed the logic for whether a new endpoint _should_ be attempted (i.e. it doesn't call `TimeForNextEndpoint` internally).
func (*PeerConfigState) TimeForNextEndpoint ¶
func (pcs *PeerConfigState) TimeForNextEndpoint() bool
TimeForNextEndpoint returns if we should try another endpoint for the peer (or if we should wait for the current endpoint to test out)
func (*PeerConfigState) Update ¶
func (pcs *PeerConfigState) Update(peer *wgtypes.Peer, name string, newAlive bool) *PeerConfigState
Update refreshes the PeerConfigState with new data from the wireguard device. NOTE: It is safe to call this on a `nil` pointer, it will return a new state TODO: give this access to the `peerKnowledgeSet` instead of passing in the alive state
Source Files