Skip to content

Commit

Permalink
Merge pull request #3267 from gravitl/master
Browse files Browse the repository at this point in the history
Master
  • Loading branch information
abhishek9686 authored Dec 18, 2024
2 parents b1d813a + 697d0d6 commit 2244054
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 43 deletions.
3 changes: 2 additions & 1 deletion controllers/dns.go
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,8 @@ func createDNS(w http.ResponseWriter, r *http.Request) {
return
}
// check if default domain is appended if not append
if !strings.HasSuffix(entry.Name, servercfg.GetDefaultDomain()) {
if servercfg.GetDefaultDomain() != "" &&
!strings.HasSuffix(entry.Name, servercfg.GetDefaultDomain()) {
entry.Name += "." + servercfg.GetDefaultDomain()
}
entry, err = logic.CreateDNS(entry)
Expand Down
49 changes: 26 additions & 23 deletions logic/acls.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,14 +39,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
_, _ = ListAclsByNetwork(netID)
if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-nodes")) {
defaultDeviceAcl := models.Acl{
ID: fmt.Sprintf("%s.%s", netID, "all-nodes"),
Name: "All Nodes",
MetaData: "This Policy allows all nodes in the network to communicate with each other",
Default: true,
NetworkID: netID,
Proto: models.ALL,
Port: []string{},
RuleType: models.DevicePolicy,
ID: fmt.Sprintf("%s.%s", netID, "all-nodes"),
Name: "All Nodes",
MetaData: "This Policy allows all nodes in the network to communicate with each other",
Default: true,
NetworkID: netID,
Proto: models.ALL,
ServiceType: models.Any,
Port: []string{},
RuleType: models.DevicePolicy,
Src: []models.AclPolicyTag{
{
ID: models.DeviceAclID,
Expand All @@ -66,14 +67,15 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {
}
if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-users")) {
defaultUserAcl := models.Acl{
ID: fmt.Sprintf("%s.%s", netID, "all-users"),
Default: true,
Name: "All Users",
MetaData: "This policy gives access to everything in the network for an user",
NetworkID: netID,
Proto: models.ALL,
Port: []string{},
RuleType: models.UserPolicy,
ID: fmt.Sprintf("%s.%s", netID, "all-users"),
Default: true,
Name: "All Users",
MetaData: "This policy gives access to everything in the network for an user",
NetworkID: netID,
Proto: models.ALL,
ServiceType: models.Any,
Port: []string{},
RuleType: models.UserPolicy,
Src: []models.AclPolicyTag{
{
ID: models.UserAclID,
Expand All @@ -94,13 +96,14 @@ func CreateDefaultAclNetworkPolicies(netID models.NetworkID) {

if !IsAclExists(fmt.Sprintf("%s.%s", netID, "all-remote-access-gws")) {
defaultUserAcl := models.Acl{
ID: fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
Default: true,
Name: "All Remote Access Gateways",
NetworkID: netID,
Proto: models.ALL,
Port: []string{},
RuleType: models.DevicePolicy,
ID: fmt.Sprintf("%s.%s", netID, "all-remote-access-gws"),
Default: true,
Name: "All Remote Access Gateways",
NetworkID: netID,
Proto: models.ALL,
ServiceType: models.Any,
Port: []string{},
RuleType: models.DevicePolicy,
Src: []models.AclPolicyTag{
{
ID: models.DeviceAclID,
Expand Down
6 changes: 5 additions & 1 deletion logic/dns.go
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,11 @@ func GetNodeDNS(network string) ([]models.DNSEntry, error) {
continue
}
var entry = models.DNSEntry{}
entry.Name = fmt.Sprintf("%s.%s.%s", host.Name, network, defaultDomain)
if defaultDomain == "" {
entry.Name = fmt.Sprintf("%s.%s", host.Name, network)
} else {
entry.Name = fmt.Sprintf("%s.%s.%s", host.Name, network, defaultDomain)
}
entry.Network = network
if node.Address.IP != nil {
entry.Address = node.Address.IP.String()
Expand Down
26 changes: 14 additions & 12 deletions pro/logic/user_mgmt.go
Original file line number Diff line number Diff line change
Expand Up @@ -1207,12 +1207,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {

if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin)) {
defaultUserAcl := models.Acl{
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
Name: "Network Admin",
MetaData: "This Policy allows all network admins to communicate with all remote access gateways",
Default: true,
NetworkID: netID,
RuleType: models.UserPolicy,
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkAdmin),
Name: "Network Admin",
MetaData: "This Policy allows all network admins to communicate with all remote access gateways",
Default: true,
ServiceType: models.Any,
NetworkID: netID,
RuleType: models.UserPolicy,
Src: []models.AclPolicyTag{
{
ID: models.UserGroupAclID,
Expand All @@ -1238,12 +1239,13 @@ func CreateDefaultUserPolicies(netID models.NetworkID) {

if !logic.IsAclExists(fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser)) {
defaultUserAcl := models.Acl{
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
Name: "Network User",
MetaData: "This Policy allows all network users to communicate with all remote access gateways",
Default: true,
NetworkID: netID,
RuleType: models.UserPolicy,
ID: fmt.Sprintf("%s.%s-grp", netID, models.NetworkUser),
Name: "Network User",
MetaData: "This Policy allows all network users to communicate with all remote access gateways",
Default: true,
ServiceType: models.Any,
NetworkID: netID,
RuleType: models.UserPolicy,
Src: []models.AclPolicyTag{
{
ID: models.UserGroupAclID,
Expand Down
2 changes: 1 addition & 1 deletion scripts/netmaker.default.env
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ EMAIL_SENDER_USER=
# sender smtp password
EMAIL_SENDER_PASSWORD=
# default domain for internal DNS lookup
DEFAULT_DOMAIN=netmaker.hosted
DEFAULT_DOMAIN=hosted.nm
# managed dns setting, set to true to resolve dns entries on netmaker network
MANAGE_DNS=false
# set to true, old acl is supported, otherwise, old acl is disabled
Expand Down
7 changes: 2 additions & 5 deletions servercfg/serverconf.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ import (

"github.com/gravitl/netmaker/config"
"github.com/gravitl/netmaker/models"
"golang.org/x/exp/slog"
)

// EmqxBrokerType denotes the broker type for EMQX MQTT
Expand Down Expand Up @@ -684,13 +683,11 @@ func IsOldAclEnabled() bool {

// GetDefaultDomain - get the default domain
func GetDefaultDomain() string {
//default netmaker.hosted
domain := "netmaker.hosted"
//default hosted.nm
var domain string
if os.Getenv("DEFAULT_DOMAIN") != "" {
if validateDomain(os.Getenv("DEFAULT_DOMAIN")) {
domain = os.Getenv("DEFAULT_DOMAIN")
} else {
slog.Warn("invalid value, set to default domain: netmaker.hosted", "warn", os.Getenv("DEFAULT_DOMAIN"))
}
}
return domain
Expand Down

0 comments on commit 2244054

Please sign in to comment.