Documentation
¶
Index ¶
- Constants
- func Connection() *gorm.DB
- func CreateCRL(db *gorm.DB)
- func CreateDNS(db *gorm.DB)
- func DacAccessCheckOrCreateForUser(logupn string, user_access_id int, client_id string, device_name string, ...) (err error)
- func DacAccessConvertUserAccessIdToAccessId(user_access_id int, client_id string) (aid int, err error)
- func DacAccessDelete(id int, logupn string) (err error)
- func DacAccessSave(logupn string, dest *Access, orig *Access) (err error)
- func DacAccessSaveDeviceStatisticsForDevice(logupn string, access_id int, device_name string, device_os string, ...) (err error)
- func DacAccessSaveNote(logupn string, id int, note string) (err error)
- func DacAdminDashboardStats() (users int, servers int, usersInvited int, err error)
- func DacCheckUpnForAccess(upn string, AccessId int) (err error)
- func DacCheckUpnForUserAccess(upn string, UserAccessId int) (err error)
- func DacCleanAccessStats()
- func DacCleanDeviceLog()
- func DacEntityCheckLoginInfo(u *Entity, cc *myjwt.CustomClaimsShieldoo, roles []string) error
- func DacEntityDelete(id int, logupn string) (err error)
- func DacEntitySave(logupn string, dest *Entity, orig *Entity) (err error)
- func DacEntityServerSave(logupn string, dest *Entity, orig *Entity, destAcc *Access, origAcc *Access) (err error)
- func DacEntitySetName(id int, name string) error
- func DacEntitySetOrigin(id int, origin string) error
- func DacFirstAccessIdByEntityID(eid int) (int, error)
- func DacFwconfigDelete(id int, logupn string) (err error)
- func DacFwconfigSave(logupn string, dest *Fwconfig) (err error)
- func DacGetKey(key string) (string, error)
- func DacGroupDelete(id int, logupn string) (err error)
- func DacGroupSave(logupn string, dest *Group) (err error)
- func DacGroupSaveFromImport(name string, fullName string, id string) error
- func DacImportUser(upn string, name string, isadmin bool, origin string, groups []Group) error
- func DacInviteUser(upn string, templateId int, dest *Entity, orig *Entity) (err error)
- func DacSaveKey(key string, value string) error
- func DacUserAccessDelete(id int, logupn string) (err error)
- func DacUserAccessSave(logupn string, dest *UserAccess, orig *UserAccess) (err error)
- func DacUserAccessTemplateDelete(id int, logupn string) (err error)
- func DacUserAccessTemplateSave(logupn string, dest *UserAccessTemplate) (err error)
- func DownloadCRL(db *gorm.DB) ([]string, error)
- func DownloadCreateNebulaConfig(db *gorm.DB, a *Access, isLighthouse bool, port int) (string, error)
- func DownloadDNS(db *gorm.DB) ([]string, error)
- func DownloadGenereateMyconfig(a *Access) (string, error)
- func DownloadGenereateMyconfigUPN(cuser *Entity) (string, error)
- func GetLighthouseIP(cidrnet string, maxl int, num int) string
- func Init(cfg *utils.Config)
- func InitSystemConfig()
- func IpBetween(from net.IP, to net.IP, test net.IP) bool
- func LogStoreDatachange(logtype string, upn string, currobj interface{}, oldobj interface{})
- func SendInvitationEmail(upn string)
- func SystemConfigApplyAadSyncConfig(aadSyncConfig AADSyncConfig) error
- func SystemConfigApplyCIDR(cidr string) error
- func SystemConfigApplyCliApiConfig(enableApi bool) error
- func SystemConfigMigrateCIDR(tx *gorm.DB) error
- func TestInit(cfg *utils.Config)
- type AADSyncConfig
- type Access
- type AccessDevice
- type AccessGroup
- type AccessListener
- type AccessListenerType
- type AccessStatistic
- type AccessStatisticData
- type Base
- type Certificate
- type CliApiConfig
- type CodeListItem
- type Config
- type CostMonthTotalItem
- type CostUsageItem
- type DBVersion
- type DeviceLogin
- type Entity
- func DacAllServers() (dest []Entity, err error)
- func DacEntityAccesses(id int) (dest Entity, err error)
- func DacEntityGet(id int) (dest Entity, err error)
- func DacEntityList(entitytype int, filter string, origin string, preloadAccess bool, ...) (dest []Entity, err error)
- func DacEntityMe(upn string) (dest Entity, err error)
- func DacServerGetAll(name string) (dest []Entity, err error)
- func DacUserByUpn(upn string) (ret *Entity, err error)
- func DacUsersAll() (users []Entity, err error)
- type Fwconfig
- type Fwconfigin
- type FwconfiginGroup
- type Fwconfigout
- type FwconfigoutGroup
- type Group
- type Ipam
- type IpamError
- type IpamNamedArgument
- type KeyValueStore
- type LighthouseConfig
- type NebulaClientUPNYamlConfig
- type NebulaClientYamlConfig
- type NebulaYamlConfig
- type NebulaYamlConfigFW
- type OSAutoUpdateType
- type OSAutoupdateConfigType
- type StatUsersInHour
- type SystemConfigDef
- type UserAccess
- type UserAccessGroup
- type UserAccessTemplate
- type UserAccessTemplateGroup
Constants ¶
View Source
const ( ENTITY_SERVER = 0 ENTITY_USER = 1 ENTITY_APPLIANCE = 2 ENTITY_DEFAULTTEMPLATE_ID = 1 ENTITY_DEFAULTFIREWALL_ID = 1 )
View Source
const ( ROLE_SYSTEM = "SYSTEM" ROLE_ADMINISTRATOR = "ADMINISTRATOR" ROLE_USER = "USER" )
define roles in system
Variables ¶
This section is empty.
Functions ¶
func Connection ¶
func DacAccessDelete ¶
func DacAdminDashboardStats ¶
func DacCheckUpnForAccess ¶
func DacCleanAccessStats ¶
func DacCleanAccessStats()
func DacCleanDeviceLog ¶
func DacCleanDeviceLog()
func DacEntityCheckLoginInfo ¶
func DacEntityCheckLoginInfo(u *Entity, cc *myjwt.CustomClaimsShieldoo, roles []string) error
func DacEntityDelete ¶
func DacEntityServerSave ¶
func DacEntitySetName ¶
func DacEntitySetOrigin ¶
func DacFwconfigDelete ¶
func DacFwconfigSave ¶
func DacGroupDelete ¶
func DacGroupSave ¶
func DacGroupSaveFromImport ¶
func DacImportUser ¶
func DacInviteUser ¶
func DacSaveKey ¶
func DacUserAccessDelete ¶
func DacUserAccessSave ¶
func DacUserAccessSave(logupn string, dest *UserAccess, orig *UserAccess) (err error)
func DacUserAccessTemplateSave ¶
func DacUserAccessTemplateSave(logupn string, dest *UserAccessTemplate) (err error)
func InitSystemConfig ¶
func InitSystemConfig()
func LogStoreDatachange ¶
func SendInvitationEmail ¶
func SendInvitationEmail(upn string)
func SystemConfigApplyAadSyncConfig ¶
func SystemConfigApplyAadSyncConfig(aadSyncConfig AADSyncConfig) error
func SystemConfigApplyCIDR ¶
func SystemConfigMigrateCIDR ¶
Types ¶
type AADSyncConfig ¶
type Access ¶
type Access struct {
Base
Name string `gorm:"type:varchar(256);not null"`
IpAddress string `gorm:"type:varchar(32);index;unique;not null"`
FQDN string `gorm:"type:varchar(256);not null"`
AdditionalHostnames string `gorm:"type:TEXT NOT NULL DEFAULT ''"`
Description string
AccessGroups []AccessGroup `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
FwconfigID int `gorm:"not null"`
Fwconfig Fwconfig
EntityID int `gorm:"index;not null"`
ValidFrom time.Time
ValidTo time.Time
Certificate Certificate `gorm:"constraint:OnUpdate:CASCADE,OnDelete:SET NULL;" json:",omitempty"`
Secret string `gorm:"type:varchar(256);null" json:"-"`
Changed time.Time `gorm:"type:TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP"`
AccessListeners []AccessListener `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
NebulaPunchBack *bool `gorm:"default:false;not null"`
NebulaRestrictiveNetwork *bool `gorm:"default:false;not null"`
Autoupdate *bool `gorm:"default:false;not null"`
AccessStatistic AccessStatistic `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:",omitempty"`
AccessDevice AccessDevice `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;" json:",omitempty"`
UserAccessID int `gorm:"index;null"`
OSAutoupdateConfig string
}
func DacAccessCreateForUser ¶
func DacAccessGet ¶
type AccessDevice ¶
type AccessDevice struct {
AccessID int `gorm:"primaryKey;not null"`
DeviceName string `gorm:"type:varchar(256);not null"`
DeviceID string `gorm:"type:varchar(64);not null;index"`
DeviceOs string `gorm:"type:varchar(256);not null"`
ClientVersion string `gorm:"type:varchar(256)"`
Contacted time.Time `gorm:"type:TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP"`
OSAutoUpdate string
}
type AccessGroup ¶
type AccessListener ¶
type AccessListenerType ¶
type AccessListenerType struct {
Base
Glyph string `gorm:"type:varchar(64);not null"`
Name string `gorm:"type:varchar(256);not null"`
}
func DacAccessListenerTypeList ¶
func DacAccessListenerTypeList(filter string) (dest []AccessListenerType, err error)
type AccessStatistic ¶
type AccessStatisticData ¶
type AccessStatisticData struct {
ID string `gorm:"type:varchar(256);primaryKey;not null"`
HourPeriod string `gorm:"type:varchar(16);index;not null"`
UPN string `gorm:"type:varchar(256);index;not null"`
AccessID int `gorm:"not null"`
IsConnected *bool `gorm:"default:false;not null"`
IsContacted *bool `gorm:"default:false;not null"`
DataIn int64 `gorm:"default:0;not null"`
DataOut int64 `gorm:"default:0;not null"`
IsUser *bool `gorm:"default:false;not null"`
}
type Certificate ¶
type Certificate struct {
Base
AccessID int `gorm:"index;null"`
SecretCrt string
SecretKey string
SecretPublicKey string
Metadata string
Fingerprint string `gorm:"type:varchar(256);not null"`
ValidFrom time.Time
ValidTo time.Time
}
func CreateCert ¶
func CreateCertAccess ¶
type CliApiConfig ¶
type CodeListItem ¶
type CodeListItem struct {
// Numeric ID
ID int `json:"id"`
// Name of the record
Name string `json:"name"`
}
Code list item.
func DacCodeListFirewalls ¶
func DacCodeListFirewalls() (dest []CodeListItem, err error)
func DacCodeListGroups ¶
func DacCodeListGroups() (dest []CodeListItem, err error)
func DacCodeListUserAccessTemplates ¶
func DacCodeListUserAccessTemplates() (dest []CodeListItem, err error)
type CostMonthTotalItem ¶
type CostMonthTotalItem struct {
// year+month
YearMonth string
// cost
Cost float64
// users and servers
UsageItems []CostUsageItem
}
month usage total statistics
func DacGetCostUsage ¶
func DacGetCostUsage() (costMonthTotal []CostMonthTotalItem, err error)
type CostUsageItem ¶
type CostUsageItem struct {
// year+month
YearMonth string
// upn
Upn string
// is user
IsUser bool
// hours
HoursUsed int
// cost
Cost float64
}
cost usage statistics
type DeviceLogin ¶
type Entity ¶
type Entity struct {
Base
EntityType int `gorm:"type:int8 NOT NULL DEFAULT 0"`
UPN string `gorm:"type:varchar(256);index:,unique,expression:lower(upn);unique;not null"`
Name string `gorm:"type:varchar(256);index;not null"`
Origin string
Roles string
Description string
Secret string `` /* 138-byte string literal not displayed */
Accesses []Access
UserAccesses []UserAccess
}
func DacAllServers ¶
func DacEntityAccesses ¶
func DacEntityGet ¶
func DacEntityList ¶
func DacEntityMe ¶
func DacServerGetAll ¶
func DacUserByUpn ¶
func DacUsersAll ¶
type Fwconfig ¶
type Fwconfig struct {
Base
Name string `gorm:"type:varchar(256);index:,unique,expression:lower(name);unique;not null"`
Fwconfigouts []Fwconfigout `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
Fwconfigins []Fwconfigin `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
Changed time.Time `gorm:"type:TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP"`
}
func DacFwconfigGet ¶
func DacFwconfigGetAll ¶
func DacFwconfigList ¶
type Fwconfigin ¶
type Fwconfigin struct {
Base `json:"-"`
FwconfigID int `gorm:"index;not null" json:"-"`
Port string `gorm:"type:varchar(32);not null"`
Proto string `gorm:"type:varchar(32);not null"`
Host string `gorm:"type:varchar(256);not null"`
FwconfigGroups []FwconfiginGroup `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}
type FwconfiginGroup ¶
type Fwconfigout ¶
type Fwconfigout struct {
Base `json:"-"`
FwconfigID int `gorm:"index;not null" json:"-"`
Port string `gorm:"type:varchar(32);not null"`
Proto string `gorm:"type:varchar(32);not null"`
Host string `gorm:"type:varchar(256);not null"`
FwconfigGroups []FwconfigoutGroup `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
}
type FwconfigoutGroup ¶
type Group ¶
type Group struct {
Base
Name string `gorm:"type:varchar(256);index:,unique,expression:lower(name);unique;not null;check:name ~ '^[a-zA-Z0-9_.-]*$'"`
Description string
ObjectId string `gorm:"type:varchar(64);index;null"`
}
func DacGroupGet ¶
func DacGroupGetAll ¶
func DacGroupList ¶
func DacGroupsInFW ¶
type Ipam ¶
type IpamNamedArgument ¶
type KeyValueStore ¶
type LighthouseConfig ¶
type NebulaClientYamlConfig ¶
type NebulaYamlConfig ¶
type NebulaYamlConfig struct {
Pki struct {
Ca string `yaml:"ca"`
Cert string `yaml:"cert"`
Key string `yaml:"key"`
Blocklist []string `yaml:"blocklist"`
} `yaml:"pki"`
StaticHostMap map[string][]string `yaml:"static_host_map"`
Lighthouse struct {
AmLighthouse bool `yaml:"am_lighthouse"`
Interval int `yaml:"interval"`
Hosts []string `yaml:"hosts"`
} `yaml:"lighthouse"`
Listen struct {
Host string `yaml:"host"`
Port int `yaml:"port"`
} `yaml:"listen"`
Punchy struct {
Punch bool `yaml:"punch"`
Respond bool `yaml:"respond"`
} `yaml:"punchy"`
Relay struct {
Relays []string `yaml:"relays"`
AmRelay bool `yaml:"am_relay"`
UseRelays bool `yaml:"use_relays"`
} `yaml:"relay"`
Tun struct {
Disabled bool `yaml:"disabled"`
Dev string `yaml:"dev"`
DropLocalBroadcast bool `yaml:"drop_local_broadcast"`
DropMulticast bool `yaml:"drop_multicast"`
TxQueue int `yaml:"tx_queue"`
Mtu int `yaml:"mtu"`
Routes interface{} `yaml:"routes"`
UnsafeRoutes interface{} `yaml:"unsafe_routes"`
} `yaml:"tun"`
Logging struct {
Level string `yaml:"level"`
Format string `yaml:"format"`
} `yaml:"logging"`
Firewall struct {
Conntrack struct {
TCPTimeout string `yaml:"tcp_timeout"`
UDPTimeout string `yaml:"udp_timeout"`
DefaultTimeout string `yaml:"default_timeout"`
MaxConnections int `yaml:"max_connections"`
} `yaml:"conntrack"`
Outbound []NebulaYamlConfigFW `yaml:"outbound"`
Inbound []NebulaYamlConfigFW `yaml:"inbound"`
} `yaml:"firewall"`
}
type NebulaYamlConfigFW ¶
type OSAutoUpdateType ¶
type OSAutoUpdateType struct {
Type string `json:"type"`
Name string `json:"name"`
Version string `json:"version"`
Description string `json:"description"`
LastUpdate time.Time `json:"last_update"`
LastUpdateOutput string `json:"last_update_output"`
Success bool `json:"success"`
SecurityUpdatesCount int `json:"security_updates_count"`
OtherUpdatesCount int `json:"other_updates_count"`
SecurityUpdates []string `json:"security_updates"`
OtherUpdates []string `json:"other_updates"`
}
type OSAutoupdateConfigType ¶
type OSAutoupdateConfigType struct {
Enabled bool `json:"enabled"`
SecurityAutoupdateEnabled bool `json:"securityAutoupdateEnabled"`
AllAutoupdateEnabled bool `json:"allAutoupdateEnabled"`
RestartAfterUpdate bool `json:"restartAfterUpdate"`
// 0 means any hour in day
UpdateHour int `json:"updateHour"`
}
type StatUsersInHour ¶
func DacAdminDashboardStatsUsersInHours ¶
func DacAdminDashboardStatsUsersInHours() (userstats []StatUsersInHour, err error)
type SystemConfigDef ¶
type SystemConfigDef struct {
CA struct {
Crt string
ValidTo time.Time
}
Network struct {
CIDR string
MaxLighthouses int
}
Lighthouses []LighthouseConfig
Secret string
AADSyncConfig AADSyncConfig
CliApiConfig CliApiConfig
}
func SystemConfig ¶
func SystemConfig() *SystemConfigDef
func (SystemConfigDef) GetCIDR ¶
func (m SystemConfigDef) GetCIDR() string
func (SystemConfigDef) GetCIDRMask ¶
func (m SystemConfigDef) GetCIDRMask() string
func (SystemConfigDef) GetMaxLighthouses ¶
func (m SystemConfigDef) GetMaxLighthouses() int
type UserAccess ¶
type UserAccess struct {
Base
Name string `gorm:"type:varchar(256);not null"`
Description string
UserAccessTemplateID int `gorm:"not null"`
UserAccessTemplate UserAccessTemplate
UserAccessGroups []UserAccessGroup `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
FwconfigID int `gorm:"not null"`
Fwconfig Fwconfig
EntityID int `gorm:"index;not null"`
ValidFrom time.Time
ValidTo time.Time
Secret string `gorm:"type:varchar(256);null" json:"-"`
Changed time.Time `gorm:"type:TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP"`
Accesses []Access `gorm:"constraint:OnUpdate:CASCADE,OnDelete:SET NULL;"`
}
func DacUserAccessGet ¶
func DacUserAccessGet(id int) (dest UserAccess, err error)
func (*UserAccess) BeforeSave ¶
func (u *UserAccess) BeforeSave(tx *gorm.DB) (err error)
type UserAccessGroup ¶
type UserAccessTemplate ¶
type UserAccessTemplate struct {
Base
Name string `gorm:"type:varchar(256);not null"`
Description string
UserAccessTemplateGroups []UserAccessTemplateGroup `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
FwconfigID int `gorm:"not null"`
Fwconfig Fwconfig
ValidFrom time.Time
ValidTo time.Time
Changed time.Time `gorm:"type:TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP"`
UserAccesses []UserAccess `gorm:"constraint:OnUpdate:CASCADE,OnDelete:CASCADE;"`
Deleted *bool `gorm:"default:false;not null"`
}
func DacUserAccessTemplateGet ¶
func DacUserAccessTemplateGet(id int) (dest UserAccessTemplate, err error)
func DacUserAccessTemplateList ¶
func DacUserAccessTemplateList(filter string) (dest []UserAccessTemplate, err error)
Source Files
Click to show internal directories.
Click to hide internal directories.