adelorenzo/kilo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pkg/k8s/apis: support for preshared keys in peers

Browse Source 
This commit adds support for defining preshared keys when declaring a
new Peer CRD. This preshared key will be used whenever the nodes in the
Kilo mesh communicate with that peer.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit is contained in:
Lucas Servén Marín
2020-05-05 11:36:39 +02:00
parent e4829832c5
commit 0a10dc921c
9 changed files with 64 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/mesh/mesh.go
View File

@@ -821,7 +821,7 @@ func peersAreEqual(a, b *Peer) bool {
return false
}
}
return string(a.PublicKey) == string(b.PublicKey) && a.PersistentKeepalive == b.PersistentKeepalive
return string(a.PublicKey) == string(b.PublicKey) && string(a.PresharedKey) == string(b.PresharedKey) && a.PersistentKeepalive == b.PersistentKeepalive
}
func ipNetsEqual(a, b *net.IPNet) bool {

11
pkg/mesh/topology.go
View File

@@ -366,17 +366,18 @@ func (t *Topology) Conf() *wireguard.Conf {
peer := &wireguard.Peer{
AllowedIPs: s.allowedIPs,
Endpoint: s.endpoint,
PublicKey: s.key,
PersistentKeepalive: t.persistentKeepalive,
PublicKey: s.key,
}
c.Peers = append(c.Peers, peer)
}
for _, p := range t.peers {
peer := &wireguard.Peer{
AllowedIPs: p.AllowedIPs,
PersistentKeepalive: t.persistentKeepalive,
PublicKey: p.PublicKey,
Endpoint: p.Endpoint,
PersistentKeepalive: t.persistentKeepalive,
PresharedKey: p.PresharedKey,
PublicKey: p.PublicKey,
}
c.Peers = append(c.Peers, peer)
}
@@ -402,9 +403,11 @@ func (t *Topology) AsPeer() *wireguard.Peer {
// PeerConf generates a WireGuard configuration file for a given peer in a Topology.
func (t *Topology) PeerConf(name string) *wireguard.Conf {
var pka int
var psk []byte
for i := range t.peers {
if t.peers[i].Name == name {
pka = t.peers[i].PersistentKeepalive
psk = t.peers[i].PresharedKey
break
}
}
@@ -414,6 +417,7 @@ func (t *Topology) PeerConf(name string) *wireguard.Conf {
AllowedIPs: s.allowedIPs,
Endpoint: s.endpoint,
PersistentKeepalive: pka,
PresharedKey: psk,
PublicKey: s.key,
}
c.Peers = append(c.Peers, peer)
@@ -502,6 +506,7 @@ func deduplicatePeerIPs(peers []*Peer) []*Peer {
Peer: wireguard.Peer{
Endpoint: peer.Endpoint,
PersistentKeepalive: peer.PersistentKeepalive,
PresharedKey: peer.PresharedKey,
PublicKey: peer.PublicKey,
},
}