Jake McGinty
0c8a2ee991
meta: cargo clippy
2021-06-22 11:27:29 +09:00
Jake McGinty
7bc1033b58
meta: cargo clippy
2021-06-16 20:34:53 +09:00
Jake McGinty
1aed782683
client: tighten some error types and apply helptext to io::Error
2021-06-16 20:26:01 +09:00
Jake McGinty
d6ab8e6653
shared(wg): default to 1400 if network CIDR is IPv6
...
Second fix for #102
2021-06-14 23:06:04 +09:00
Jake McGinty
4a458a413c
meta: cargo fmt
2021-06-14 19:10:31 +09:00
Jake McGinty
d431953353
client, server: configurable MTU via --mtu
...
ex: innernet --mtu 1400 up foobarnet
Closes #102
2021-06-14 19:06:40 +09:00
Jake McGinty
647ec7ca3e
shared: proactively create invite file to ensure we have permission
...
This won't clean up an empty file if a later step fails, but this
is still better than the previous solution.
Closes #91
2021-06-14 18:15:31 +09:00
Jake McGinty
72ef070ef3
shared(prompts): fail on no TTY if interactivity was needed
...
Fixes #98
2021-06-14 15:52:15 +09:00
Jake McGinty
449b4b8278
client: support running as non-root ( #94 )
...
shared(wg): use netlink instead of execve calls to "ip"
hostsfile: write to hostsfile in-place
2021-06-10 22:57:47 +09:00
Jake McGinty
15e9c08a8a
shared(wg): remove leftover debugging command
...
Fixes #95
doy.
2021-05-31 16:27:04 +09:00
Kevin K
ec210f9468
client, server: adds ability to rename peers ( #92 )
...
This commit adds a subcommand to both the client and server to allow
changing the name of a peer. The peer retains all the same attributes as
before (public keys, IPs, admin/disabled status, etc.).
Closes #87
2021-05-25 19:58:00 +09:00
Jake McGinty
b4fb9f9250
client, server: new CIDRs must be hostname-compatible
...
towards the goal of supporting #82
2021-05-21 13:35:07 +09:00
Jake McGinty
911a2d8f00
shared(prompts): wait for newline on confirmations
2021-05-21 13:02:11 +09:00
Kevin K
ff0527d836
client, server: adds ability to delete cidrs ( #88 )
...
This commit adds a `delete-cidr` to both the client and server. It walks
through the prompts just like adding a CIDR.
Only eligible CIDRs are presented to the user. Eligibilty requires:
- CIDR has no child CIDRs
- CIDR has no assigned peers
Closes #23
2021-05-21 12:39:33 +09:00
Jake McGinty
c512985214
meta: remove unused code and format
2021-05-20 03:18:43 +09:00
Jake McGinty
5b744d1f78
client, wgctrl: fix various linux userspace issues
...
Fixes #75
2021-05-20 03:16:48 +09:00
Jake McGinty
3892a99156
wgctrl: use wireguard backends explicitly (with OS-specific defaults) ( #85 )
...
Based on the conversation from #5 (comment) - this changes innernet's behavior on Linux from automatically falling back to the userspace, instead requiring --backend userspace to be specified.
This should help people avoid weird situations in environments like Docker.
2021-05-19 16:54:07 +09:00
Johann150
170c8267bf
client, server: make adding routes optional ( #71 )
2021-05-12 02:31:47 +09:00
Jake McGinty
3cb766f795
shared(prompts): add consent prompt for public IP query
...
Closes #73
2021-05-10 04:39:46 +09:00
Jake McGinty
46d9783109
publicip: don't explode, just leave as None
2021-05-10 04:17:02 +09:00
Jake McGinty
426916fadd
meta: make clippy happy
2021-05-10 00:09:50 +09:00
Jake McGinty
981f7e8701
shared: add better visibility into IO errors
2021-05-09 21:34:11 +09:00
Jake McGinty
54e7c1b183
server(new): add more explanation text at beginning
2021-05-09 21:04:49 +09:00
Jake McGinty
0000488910
client, server: create own crate for public ip resolution ( #72 )
2021-05-09 19:57:52 +09:00
Jake McGinty
fb1de8e210
shared(wg): don't fail silently on bringing the interface up
2021-05-09 02:17:23 +09:00
Jake McGinty
2ce552cc36
client, server: invite expirations
...
The server now expects a UNIX timestamp after which the invitation will be expired. If a peer invite hasn't been redeemed after it expires, the server will clean up old entries and allow the IP to be re-allocated for a new invite.
Closes #24
2021-05-09 00:32:51 +09:00
Jake McGinty
76500b3778
shared(prompts): simplify cidr selection code
2021-05-07 15:45:32 +09:00
Jake McGinty
f27a2426c8
client: make clippy happy
2021-05-06 12:40:00 +09:00
Jake McGinty
c01c2be4bb
server: switch from using warp directly to hyper ( #67 )
...
Closes #53
2021-05-06 12:32:54 +09:00
Jake McGinty
f18fe14553
{client,server}: hide innernet-server CIDR from selection menus
...
It's a special /32 CIDR that is un-interactable, so is only taking
up space.
Closes #63
2021-05-04 11:34:16 +09:00
Jake McGinty
0a26bdedce
{client,server}: allow hostnames in endpoints ( #56 )
...
use new Endpoint type instead of SocketAddr in appropriate places
2021-04-21 00:35:10 +09:00
Jake McGinty
e2ea2ddded
docker-tests: initial integration tests ( #55 )
...
Scripts that demonstrate building a network of docker containers, doubling as an integration test for innernet.
Includes a number of improvements to the recent non-interactive CLI changes as well.
2021-04-19 21:56:18 +09:00
Jake McGinty
c4e369ee54
server: non-interactive network creation
2021-04-18 01:32:56 +09:00
Jake McGinty
b92ad65b17
client: add opts for non-interactive network installs
2021-04-17 12:33:24 +09:00
Jake McGinty
6d28e7f4ab
{client,server}: allow peer/cidr creation with CLI arguments ( #48 )
...
Fixes #20
2021-04-15 00:25:31 +09:00
Jake McGinty
05d78eb253
shared: add types module
2021-04-11 14:56:47 +09:00
Jake McGinty
dcf553c8fd
shared: update chmod util to ignore non-perm bits
2021-04-10 17:13:00 +09:00
Jake McGinty
c370c25924
server: add uninstall command
2021-04-09 22:42:29 +09:00
Jake McGinty
a44fe0d3ad
client: add uninstall command
2021-04-09 22:37:33 +09:00
Jake McGinty
72dc14c49c
{client,server}: enforce permissions on directories and files
...
This may become a warning rather than an action later, but for now
let's make sure older installations that had incorrect permissions
are taken care of.
2021-04-09 15:00:53 +09:00
Jake McGinty
a87d56cfc9
{client,server}: send and require a header that contains the server public key
...
This is a stop-gap CSRF protection mechanism from unsophisticated attacks. It's to be considered a temporary solution until a more complete one can be implemented, but it should be sufficient in most cases for the time being.
See https://github.com/tonarino/innernet/issues/38 for further discussion.
2021-04-09 13:48:00 +09:00
BlackHoleFox
b1e1ff8f4f
wgctrl-sys: Remove some unsafe in the kernel backend
...
Validates WireGuard interfaces against the linux specification for interface names.
Refactor userspace and other OSes to use InterfaceName
2021-04-09 10:28:37 +09:00
Anselm Eberhardt
c3ae74bd34
Fix macos ip/route setup for ipv6 nets
2021-03-31 18:22:13 +02:00
Jake McGinty
c49f061bb7
kabloomers. public release v1.0.0
2021-03-30 02:47:34 +09:00