wireguard

package
v0.0.0-...-c8940be Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2026 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const WGAdditionalKeyASN = "asn"
View Source 
const WGAdditionalKeyConnectionID = "connid"
View Source 
const WGAdditionalKeyLinkLocal = "linklocal"
View Source 
const WGAdditionalKeyPeerLinkLocal = "peerlinklocal"
View Source 
const WGAdditionalKeyVRF = "vrf"
View Source 
const WGINIKeyAllowedIPs string = "AllowedIPs"
View Source 
const WGINIKeyEndpoint string = "Endpoint"
View Source 
const WGINIKeyListenPort string = "ListenPort"
View Source 
const WGINIKeyPersistentKeepalive string = "PersistentKeepalive"
View Source 
const WGINIKeyPresharedKey string = "PresharedKey"
View Source 
const WGINIKeyPrivateKey string = "PrivateKey"
View Source 
const WGINIKeyPublicKey string = "PublicKey"

Variables

This section is empty.

Functions

This section is empty.

Types

type ExtendedINIWireGuardConfigAdapter 

type ExtendedINIWireGuardConfigAdapter struct{}

func (*ExtendedINIWireGuardConfigAdapter) ToWireGuardConfig 

func (adapter *ExtendedINIWireGuardConfigAdapter) ToWireGuardConfig(raw []byte) (*WireGuardConfig, error)

type PeerEndpointCache 

type PeerEndpointCache struct {
	// contains filtered or unexported fields
}

func NewPeerEndpointCache 

func NewPeerEndpointCache() *PeerEndpointCache

func (*PeerEndpointCache) Append 

func (cache *PeerEndpointCache) Append(ctx context.Context, key string, endpoint string, resolver *net.Resolver) error

func (*PeerEndpointCache) AppendUDPAddr 

func (cache *PeerEndpointCache) AppendUDPAddr(key string, udpAddr *net.UDPAddr)

func (*PeerEndpointCache) GetAll 

func (cache *PeerEndpointCache) GetAll(key string) []string

func (*PeerEndpointCache) GetPrimary 

func (cache *PeerEndpointCache) GetPrimary(key string, preferV6 bool) *net.UDPAddr

func (*PeerEndpointCache) IsExist 

func (cache *PeerEndpointCache) IsExist(key string, udpAddr *net.UDPAddr) bool

type WireGuardConfig 

type WireGuardConfig struct {
	Name       string `yaml:"name" json:"name" bson:"name"`
	PrivateKey string `yaml:"privatekey,omitempty" json:"privatekey,omitempty" bson:"privatekey,omitempty"`

	// If privatekey is not set, privatekey_from will be checked, if privatekey_from is not nil and not empty,
	// it will be treated as an URL, the URL can be a regular file path, or a HTTP/HTTPS URL.
	PrivateKeyFrom *string                            `yaml:"privatekey_from,omitempty" json:"privatekey_from,omitempty" bson:"privatekey_from,omitempty"`
	Peers          []WireGuardPeerConfig              `yaml:"peers,omitempty" json:"peers,omitempty" bson:"peers,omitempty"`
	Addresses      []pkginterfacecommon.AddressConfig `yaml:"addresses,omitempty" json:"addresses,omitempty" bson:"addresses,omitempty"`
	Container      *pkginterfacecommon.ContainerInfo  `yaml:"container,omitempty" json:"container,omitempty" bson:"container,omitempty"`

	// If not specified, would be generated randomly from [11024, 65535]
	ListenPort *int `yaml:"listen_port,omitempty" json:"listen_port,omitempty" bson:"listen_port,omitempty"`

	MTU *int `yaml:"mtu,omitempty" json:"mtu,omitempty" bson:"mtu,omitempty"`

	VRF *string `yaml:"vrf,omitempty" json:"vrf,omitempty" bson:"vrf,omitempty"`

	// Use to store metadata or anything that is business-relevant.
	Additionals map[string]string `yaml:"additionals,omitempty" json:"additionals,omitempty" bson:"additionals,omitempty"`

	// When storing in database, use Node to distinguish which node the resource belongs to.
	// And ResourceId serves as the unique ID to distinguish the resource in the global scope.
	Node       *string `yaml:"node,omitempty" json:"node,omitempty" bson:"node,omitempty"`
	ResourceId *string `yaml:"resource_id,omitempty" json:"resource_id,omitempty" bson:"resource_id,omitempty"`

	// For soft-deletion
	Deleted bool `yaml:"deleted,omitempty" json:"deleted,omitempty" bson:"deleted,omitempty"`
}

func (*WireGuardConfig) CheckExist 

func (wgConf *WireGuardConfig) CheckExist(ctx context.Context) (bool, error)

func (*WireGuardConfig) Create 

func (wgConf *WireGuardConfig) Create(ctx context.Context) error

func (*WireGuardConfig) Delete 

func (wgConfig *WireGuardConfig) Delete(ctx context.Context) error

func (*WireGuardConfig) DetectChanges 

func (wgConf *WireGuardConfig) DetectChanges(ctx context.Context) (pkgreconcile.InterfaceChangeSet, error)

func (*WireGuardConfig) GetInterfaceName 

func (wgConf *WireGuardConfig) GetInterfaceName() string

func (*WireGuardConfig) GetNetNsInfo 

func (wgConfig *WireGuardConfig) GetNetNsInfo(ctx context.Context) (*pkgnetns.NetNsInfo, error)

A WireGuardConfig is also an implementation of NetNsAwareResource interface

func (*WireGuardConfig) GetResourceID 

func (wgConfig *WireGuardConfig) GetResourceID() (string, error)

func (*WireGuardConfig) GetType 

func (wgConf *WireGuardConfig) GetType() string

func (*WireGuardConfig) IsSoftDeleted 

func (wgConfig *WireGuardConfig) IsSoftDeleted() bool

func (*WireGuardConfig) SetNodeAndResourceID 

func (wgConfig *WireGuardConfig) SetNodeAndResourceID(nodeName string) error

func (*WireGuardConfig) ToStatus 

func (wgConfig *WireGuardConfig) ToStatus(ctx context.Context) (pkginterfacestub.InterfaceStatus, error)

func (*WireGuardConfig) ToWGTypesConfig 

func (wgConf *WireGuardConfig) ToWGTypesConfig(ctx context.Context) (*wgtypes.Config, *PeerEndpointCache, error)

type WireGuardConfigAdapter 

type WireGuardConfigAdapter interface {
	ToWireGuardConfig(raw []byte) (*WireGuardConfig, error)
}

Might be used to convert any plaintext or binary representation of WireGuard config to WireGuardConfig object in memory.

type WireGuardConfigurationList 

type WireGuardConfigurationList struct {
	Containers       []pkginterfacecommon.ContainerInfo `yaml:"containers" json:"containers"`
	WireGuardConfigs []WireGuardConfig                  `yaml:"wireguard_configs" json:"wireguard_configs"`
}

func (*WireGuardConfigurationList) DetectChanges 

func (wgCfgsList *WireGuardConfigurationList) DetectChanges(ctx context.Context, delete bool) (pkgreconcile.ResourceListChangeSet, error)

func (*WireGuardConfigurationList) GetNetNsInfos 

func (wgCfgsList *WireGuardConfigurationList) GetNetNsInfos(ctx context.Context) ([]pkgnetns.NetNsInfo, error)

An WireGuardConfigurationList is also an implementation of MultiNetnsResource interface.

func (*WireGuardConfigurationList) GetProvisioners 

func (wgCfgsList *WireGuardConfigurationList) GetProvisioners() []pkginterfacestub.NetnsIdentifiableProvisioner

func (*WireGuardConfigurationList) GetType 

func (wgCfgsList *WireGuardConfigurationList) GetType() string

type WireGuardInterfaceChangeSet 

type WireGuardInterfaceChangeSet struct {
	PrivateKeyToSet *wgtypes.Key
	MTUToSet        *int
	ListenPortToSet *int

	PeersToRemove map[string]*wgtypes.Peer
	PeersToAdd    map[string]wgtypes.PeerConfig

	AddressesToAdd    []*netlink.Addr
	AddressesToRemove []*netlink.Addr

	VRFToSet *string
	// contains filtered or unexported fields
}

func (*WireGuardInterfaceChangeSet) Apply 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) Apply(ctx context.Context) error

func (*WireGuardInterfaceChangeSet) GetChangedItems 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) GetChangedItems() map[string]bool

func (*WireGuardInterfaceChangeSet) GetInterfaceName 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) GetInterfaceName() string

func (*WireGuardInterfaceChangeSet) GetNetNsInfo 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) GetNetNsInfo(ctx context.Context) (*pkgnetns.NetNsInfo, error)

func (*WireGuardInterfaceChangeSet) GetType 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) GetType() string

func (*WireGuardInterfaceChangeSet) HasUpdates 

func (wgInterfaceChangeSet *WireGuardInterfaceChangeSet) HasUpdates() bool

type WireGuardInterfaceStatus 

type WireGuardInterfaceStatus struct {
	InterfaceStatus *pkginterfacecommon.CommonInterfaceStatus `yaml:"interface_status,omitempty" json:"interface_status,omitempty" bson:"interface_status,omitempty"`
	PublicKey       string                                    `yaml:"public_key" json:"public_key" bson:"public_key"`
	ListenPort      int                                       `yaml:"listen_port" json:"listen_port" bson:"listen_port"`
	Peers           []WireGuardPeerStatus                     `yaml:"peers,omitempty" json:"peers,omitempty" bson:"peers,omitempty"`
}

+k8s:deepcopy-gen=true

func (*WireGuardInterfaceStatus) DeepCopy 

func (in *WireGuardInterfaceStatus) DeepCopy() *WireGuardInterfaceStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WireGuardInterfaceStatus.

func (*WireGuardInterfaceStatus) DeepCopyInto 

func (in *WireGuardInterfaceStatus) DeepCopyInto(out *WireGuardInterfaceStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WireGuardInterfaceStatus) IsEqual 

func (wgInterfaceStatus *WireGuardInterfaceStatus) IsEqual(other pkginterfacestub.InterfaceStatus) bool

type WireGuardPeerConfig 

type WireGuardPeerConfig struct {
	PublicKey           string `yaml:"publickey,omitempty" json:"publickey,omitempty" bson:"publickey,omitempty"`
	PersistentKeepalive *int   `yaml:"persistent_keepalive,omitempty" json:"persistent_keepalive,omitempty" bson:"persistent_keepalive,omitempty"`

	PresharedKey string `yaml:"presharedkey,omitempty" json:"presharedkey,omitempty" bson:"presharedkey,omitempty"`

	// If PresharedKey is not set, PresharedKeyFrom will be checked, if PresharedKeyFrom is not nil and not empty,
	// it will be treated as an URL, the URL can be a regular file path, or a HTTP/HTTPS URL.
	PresharedKeyFrom *string `yaml:"presharedkey_from,omitempty" json:"presharedkey_from,omitempty" bson:"presharedkey_from,omitempty"`

	// If PublicKey is not set, PublicKeyFrom will be checked, if PublicKeyFrom is not nil and not empty,
	// it will be treated as an URL, the URL can be a regular file path, or a HTTP/HTTPS URL.
	PublicKeyFrom *string `yaml:"publickey_from,omitempty" json:"publickey_from,omitempty" bson:"publickey_from,omitempty"`

	Endpoint   *string  `yaml:"endpoint,omitempty" json:"endpoint,omitempty" bson:"endpoint,omitempty"`
	AllowedIPs []string `yaml:"allowedips,omitempty" json:"allowedips,omitempty" bson:"allowedips,omitempty"`
}

func (*WireGuardPeerConfig) ToWGTypesPeer 

func (wgPeerConfig *WireGuardPeerConfig) ToWGTypesPeer(ctx context.Context, endpointCache *PeerEndpointCache) (*wgtypes.PeerConfig, *PeerEndpointCache, error)

type WireGuardPeerStatus 

type WireGuardPeerStatus struct {
	PublicKey  string   `yaml:"public_key" json:"public_key" bson:"public_key"`
	Endpoint   *string  `yaml:"endpoint,omitempty" json:"endpoint,omitempty" bson:"endpoint,omitempty"`
	AllowedIPs []string `yaml:"allowedips,omitempty" json:"allowedips,omitempty" bson:"allowedips,omitempty"`

	// Seconds of PKL
	PersistentKeepalive *int    `yaml:"persistent_keepalive,omitempty" json:"persistent_keepalive,omitempty" bson:"persistent_keepalive,omitempty"`
	PresharedKey        *string `yaml:"preshared_key,omitempty" json:"preshared_key,omitempty" bson:"preshared_key,omitempty"`

	// Optional field, might not necessarily be present. In unit of seconds.
	LastHandshakeAt *int64 `yaml:"last_handshake_at,omitempty" json:"last_handshake_at,omitempty" bson:"last_handshake_at,omitempty"`
}

+k8s:deepcopy-gen=true

func (*WireGuardPeerStatus) DeepCopy 

func (in *WireGuardPeerStatus) DeepCopy() *WireGuardPeerStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WireGuardPeerStatus.

func (*WireGuardPeerStatus) DeepCopyInto 

func (in *WireGuardPeerStatus) DeepCopyInto(out *WireGuardPeerStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WireGuardPeerStatus) IsEqual 

func (wgPeerStatus *WireGuardPeerStatus) IsEqual(other *WireGuardPeerStatus) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.