Giter VIP home page Giter VIP logo

nerf's Introduction

sequenceDiagram
    nerf (GUI)->>nerf (GUI): Download Nebula to /opt/nebula/nebula
    nerf (GUI)->>GitHub: Authorize
    GitHub-->>nerf (GUI): Authorized
    nerf (GUI)->>nerf-api: Connect (gRPC over UNIX socket)
    nerf-api->>nerf-server: Connect (gRPC over TCP socket)
    nerf-api->>nerf-api: Autodiscover all VPN endpoints through DNS SRV record
    nerf-api->>nerf-api: Probe all VPN endpoints via gRPC to find the fastest endpoint
    nerf-api->>nerf-server: Get generated config.yml for Nebula with appropriate IP and Groups
    nerf-server->>nerf-server: Generate config.yml
    nerf-server-->>nerf-api: Send config.yml
    nerf-api->>nebula: Start Nebul
    nerf (GUI)->>nerf-api: Disconnect
    nerf-api->>nerf-server: Disconnect
    nerf (GUI)->>nerf-api: Quit
    nerf-api->>nerf-server: Disconnect

Compile

Server

export OAUTH_MASTER_TOKEN=<masterToken>        # OAuth token with 'read:org' scope
export OAUTH_ORGANIZATION=<githubOrganization> # Github organization
make check                                     # Run linters, formatters, etc.
make server                                    # For Linux amd64 only

Client

sudo apt install libappindicator3-dev gir1.2-appindicator3-0.1
export OAUTH_CLIENT_ID=<clientID>              # OAuth application client id with 'user:email' scope
export OAUTH_CLIENT_SECRET=<clientSecret>      # OAuth application client secret
export DNS_AUTODISCOVER_ZONE=<dnsZone>         # DNS zone to discover VPN endpoints. E.g.: example.org
make check                                     # Run linters, formatters, etc.
make darwin-client                             # For MacOS
make linux-client                              # For Linux
make deb                                       # Build Ubuntu/Debian .deb package

Start

Server

Usage of ./nerf-server:
  -gaidysUrl string
    	Set URL for Gaidys service (IPAM)
  -help
    	Print command line usage
  -lighthouse string
    	Set the lighthouse. E.g.: <NebulaIP>:<PublicIP>
  -log-level string
    	Set the logging level - values are 'debug', 'info', 'warn', and 'error' (default "info")

The server is needed to generate config.yml for Nebula. To start a server type:

./nerf-server -lighthouse 172.16.0.1:193.219.12.13

Client

API for GUI

This is the gRPC API for GUI to talk

sudo chown root ./nerf-api
sudo chmod +s ./nerf-api
./nerf-api -log-level debug

Start GUI

./nerf

Building application for OSX

To build an application for OSX it's recommended to use Packages application (easiest).

After running make darwin-client, the binary is copied to osx/Nerf.app/Contents/MacOS/nerf, and the whole structure is created for the app.

In payload section right click on Applications and Add files. Add osx/Nerf.app.

Also add osx/LaunchDaemons/com.ton31337.nerf.app.launchd.plist under /Library/LaunchDaemons.

Below, under /Library, create a new directory Services/Nerf and put ./nerf-api.

It's IMPORTANT to set SetUID bit for the owner (root:wheel).

Put pre-install and post-install scripts located in osx/scripts accordingly.

Installing a package

./osx/scripts/install.sh

Uninstall a package

./osx/scripts/uninstall.sh

nerf's People

Contributors

benner avatar dinuxlt avatar nerijusrazvodovskis avatar ton31337 avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

nerf's Issues

Evaluate how to implement GUI

https://github.com/getlantern/systray

GTK bans setuid/setguid. So the only solution would be to split backend/GUI into separate parts. Backend is running as a service with root privileges and GUI (frontend) as a regular user and talks to each other via sockets.

  1. Split nerf_client.go into nerf_client.go and nerf_api.go;
  2. Split cmd/nerf/main.go main() method into separate methods;
  3. Add an ability to run Nerf client without GUI. ./nerf -grpc=false or so. This means use a client without a gRPC server as an API for frontend (GUI);
  4. Run gRPC inside Nerf client by default using UNIX domain sockets;
  5. Forward all gRPC requests from GUI to Nerf Server via API.

API call for `status`

Now we have calls Connect and Disconnect

It will be nice to have Status call using which GUI app can check connection status.
This call should return: connected, connecting or disconnected

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.