Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitba48069

Browse files
chore: implement CoderVPN client & tunnel (#15612)
Addresses#14734.This PR wires up `tunnel.go` to a `tailnet.Conn` via the new `/tailnet` endpoint, with all the necessary controllers such that a VPN connection can be started, stopped and inspected via the CoderVPN protocol.
1 parentb5b0a0e commitba48069

File tree

14 files changed

+1431
-157
lines changed

14 files changed

+1431
-157
lines changed

‎cli/vpndaemon_windows.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ func (r *RootCmd) vpnDaemonRun() *serpent.Command {
6060
deferpipe.Close()
6161

6262
logger.Info(ctx,"starting tunnel")
63-
tunnel,err:=vpn.NewTunnel(ctx,logger,pipe)
63+
tunnel,err:=vpn.NewTunnel(ctx,logger,pipe,vpn.NewClient())
6464
iferr!=nil {
6565
returnxerrors.Errorf("create new tunnel for client: %w",err)
6666
}

‎codersdk/wsjson/encoder.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ func (e *Encoder[T]) Encode(v T) error {
2727
returnnil
2828
}
2929

30+
// nolint: revive // complains that Decoder has the same function name
3031
func (e*Encoder[T])Close(c websocket.StatusCode)error {
3132
returne.conn.Close(c,"")
3233
}

‎tailnet/conn.go

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ import (
1414

1515
"github.com/cenkalti/backoff/v4"
1616
"github.com/google/uuid"
17+
"github.com/tailscale/wireguard-go/tun"
1718
"golang.org/x/xerrors"
1819
"google.golang.org/protobuf/types/known/durationpb"
1920
"google.golang.org/protobuf/types/known/wrapperspb"
@@ -113,6 +114,8 @@ type Options struct {
113114
DNSConfigurator dns.OSConfigurator
114115
// Router is optional, and is passed to the underlying wireguard engine.
115116
Router router.Router
117+
// TUNDev is optional, and is passed to the underlying wireguard engine.
118+
TUNDev tun.Device
116119
}
117120

118121
// TelemetrySink allows tailnet.Conn to send network telemetry to the Coder
@@ -143,6 +146,8 @@ func NewConn(options *Options) (conn *Conn, err error) {
143146
returnnil,xerrors.New("At least one IP range must be provided")
144147
}
145148

149+
netns.SetEnabled(options.TUNDev!=nil)
150+
146151
vartelemetryStore*TelemetryStore
147152
ifoptions.TelemetrySink!=nil {
148153
varerrerror
@@ -187,6 +192,7 @@ func NewConn(options *Options) (conn *Conn, err error) {
187192
SetSubsystem:sys.Set,
188193
DNS:options.DNSConfigurator,
189194
Router:options.Router,
195+
Tun:options.TUNDev,
190196
})
191197
iferr!=nil {
192198
returnnil,xerrors.Errorf("create wgengine: %w",err)
@@ -197,11 +203,14 @@ func NewConn(options *Options) (conn *Conn, err error) {
197203
}
198204
}()
199205
wireguardEngine.InstallCaptureHook(options.CaptureHook)
200-
dialer.UseNetstackForIP=func(ip netip.Addr)bool {
201-
_,ok:=wireguardEngine.PeerForIP(ip)
202-
returnok
206+
ifoptions.TUNDev==nil {
207+
dialer.UseNetstackForIP=func(ip netip.Addr)bool {
208+
_,ok:=wireguardEngine.PeerForIP(ip)
209+
returnok
210+
}
203211
}
204212

213+
wireguardEngine=wgengine.NewWatchdog(wireguardEngine)
205214
sys.Set(wireguardEngine)
206215

207216
magicConn:=sys.MagicSock.Get()
@@ -244,11 +253,12 @@ func NewConn(options *Options) (conn *Conn, err error) {
244253
returnnil,xerrors.Errorf("create netstack: %w",err)
245254
}
246255

247-
dialer.NetstackDialTCP=func(ctx context.Context,dst netip.AddrPort) (net.Conn,error) {
248-
returnnetStack.DialContextTCP(ctx,dst)
256+
ifoptions.TUNDev==nil {
257+
dialer.NetstackDialTCP=func(ctx context.Context,dst netip.AddrPort) (net.Conn,error) {
258+
returnnetStack.DialContextTCP(ctx,dst)
259+
}
260+
netStack.ProcessLocalIPs=true
249261
}
250-
netStack.ProcessLocalIPs=true
251-
wireguardEngine=wgengine.NewWatchdog(wireguardEngine)
252262

253263
cfgMaps:=newConfigMaps(
254264
options.Logger,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp