Server Daemon

HTTP Endpoints accessible to ygg

GET /info - Displays info
- Gatway owner name / email, etc
- Description - A message to the node user's UI
- Registration required (if AllowRegistration AND WhitelistEnabled)
POST /register - Takes basic information and stores requester's node key for whitelisting
- 200 - Registration accepted
- 400 - Registration failed
GET /register - Shows the status of registration
- 200 - Registration open
- 202 - Registration pending approval
- 201 - Registration successful / complete
- 403 - Registration not allowed
POST /renew - takes the source IP and finds public key, finds a free or existing IP in ygg.conf and adds a remote subnet if not exists, returns json or plain text the assigned IP, save timestamp somewhere
- 200 - lease exists or renewed, responds with lease IP
- 401 - Needs to register first
- 201 - Registration pending
- 403 - On blacklist or not on whitelist, contact node owner
- 503 - MaxClients reached try again later

Daemon tasks

Schedule daemon to hourly remove leases not renewed in x hours

Daemon config

WhitelistEnabled=true/false Rejects /renew requests from keys not in whitelist if enabled Whitelist=[] Whitelist array of keys to allow along with optional data, or whitelist file /shrug BlacklistEnabled=true/false Blacklist=[] AllowRegistration=true/false Enables the /register endpoint, which outputs to Registered RegistrationAutoApprove=true/false Redirects registered nodes to the Whitelist Registered=[] Nodes that have registered, awaiting approval MaxClients=10 If there are <= MaxClients leases unexpired, reject /renew requests that do not have a lease LeaseTimeout=240 Number of minutes to consider lease expired

Client Daemon

Schedules hourly daemon to POST /renew if a lease is saved, detect if IP changes (it could if it expired and a new lease is given), and execute the proper steps to update tunnel ip / routes

HTTP Endpoints accessible locally

POST /connect - with gateway ID, on success it saves lease details for hourly daemon to renew and assigns ip/routes

responses could probably mirror the server http response

Client UI

Allows user to save an array of gateway IDs/IPs in UCI
Web UI queries /info and /register to display gateway name/owner and registration requirements
Web UI provides form to send registration with personal information if desired
Web UI provides connect / disconnect button to set the gateway - on success, saves gateway to active lease file for auto renewing

stephen304 commented 4 years ago

mm_lib.py or something

[x] Function to add arbitrary route, ip ro add <peer_ip> via <wan_gw> dev <wan_dev>, 3 params
[x] Function to add ip to interface, used for adding tunnel ips to the ygg interface a la ip addr add 10.42.0.4/16 dev ygg0, 2 parameters, ip/cidr and interface name
[x] Function to add remote subnet to ygg runtime config, a la yggdrasilctl addremotesubnet subnet=10.42.0.1/32 box_pub_key=<key>, 2 params, ip/cidr and key. Use hemicarp for this
[x] Function to set default route ip ro replace default via 10.42.0.1, 1 param

wfleurant commented 4 years ago

[x] mm-cli gw daemon-start