Merge pull request #121 from fosrl/dev

Support JIT sync message

olm/data.go

@@ -236,19 +236,22 @@ func (o *Olm) handleSync(msg websocket.WSMessage) {
 	// Find peers to add (in expected but not in current) and peers to update
 	for siteId, expectedSite := range expectedPeers {
 		if _, exists := currentPeerMap[siteId]; !exists {
+			// Only trigger add if this is NOT a JIT-only config (i.e., has more than just siteId and aliases)
+			jitOnly := expectedSite.PublicKey == ""
+			if jitOnly {
+				logger.Debug("Sync: Registering aliases for JIT-only site %d", siteId)
+				if err := pm.AddPeer(expectedSite); err != nil {
+					logger.Error("Sync: Failed to register aliases for JIT site %d: %v", siteId, err)
+				}
+				continue
+			}
+
 			// New peer - add it using the add flow (with holepunch)
 			logger.Info("Sync: Adding new peer for site %d", siteId)
 
 			o.holePunchManager.TriggerHolePunch()
 			o.holePunchManager.ResetServerHolepunchInterval() // start sending immediately again so we fill in the endpoint on the cloud
 
-			// // TODO: do we need to send the message to the cloud to add the peer that way?
-			// if err := o.peerManager.AddPeer(expectedSite); err != nil {
-			// 	logger.Error("Sync: Failed to add peer %d: %v", siteId, err)
-			// } else {
-			// 	logger.Info("Sync: Successfully added peer for site %d", siteId)
-			// }
-
 			// add the peer via the server
 			// this is important because newt needs to get triggered as well to add the peer once the hp is complete
 			chainId := fmt.Sprintf("sync-%d", expectedSite.SiteId)

olm/peer.go

@@ -189,6 +189,9 @@ func (o *Olm) handleWgPeerUpdate(msg websocket.WSMessage) {
 	if updateData.RemoteSubnets != nil {
 		siteConfig.RemoteSubnets = updateData.RemoteSubnets
 	}
+	if updateData.Aliases != nil {
+		siteConfig.Aliases = updateData.Aliases
+	}
 
 	if err := pm.UpdatePeer(siteConfig); err != nil {
 		logger.Error("Failed to update peer: %v", err)

peers/manager.go

@@ -33,7 +33,7 @@ type PeerManagerConfig struct {
 	SharedBind *bind.SharedBind
 	// WSClient is optional - if nil, relay messages won't be sent
 	WSClient  *websocket.Client
-	APIServer   *api.API
+	APIServer *api.API
 	PublicDNS []string
 }
 
@@ -52,7 +52,7 @@ type PeerManager struct {
 	// key is the CIDR string, value is a set of siteIds that want this IP
 	allowedIPClaims map[string]map[int]bool
 	APIServer       *api.API
-	publicDNS     []string
+	publicDNS       []string
 
 	PersistentKeepalive int
 
@@ -71,7 +71,7 @@ func NewPeerManager(config PeerManagerConfig) *PeerManager {
 		allowedIPOwners: make(map[string]int),
 		allowedIPClaims: make(map[string]map[int]bool),
 		APIServer:       config.APIServer,
-		publicDNS:     config.PublicDNS,
+		publicDNS:       config.PublicDNS,
 	}
 
 	// Create the peer monitor
@@ -116,7 +116,7 @@ func (pm *PeerManager) GetAllPeers() []SiteConfig {
 func (pm *PeerManager) AddPeer(siteConfig SiteConfig) error {
 	pm.mu.Lock()
 	defer pm.mu.Unlock()
-	
+
 	for _, alias := range siteConfig.Aliases {
 		address := net.ParseIP(alias.AliasAddress)
 		if address == nil {
@@ -124,7 +124,7 @@ func (pm *PeerManager) AddPeer(siteConfig SiteConfig) error {
 		}
 		pm.dnsProxy.AddDNSRecord(alias.Alias, address, siteConfig.SiteId)
 	}
-	
+
 	if siteConfig.PublicKey == "" {
 		logger.Debug("Skip adding site %d because no pub key", siteConfig.SiteId)
 		return nil
@@ -162,7 +162,7 @@ func (pm *PeerManager) AddPeer(siteConfig SiteConfig) error {
 	if err := network.AddRoutes(siteConfig.RemoteSubnets, pm.interfaceName); err != nil {
 		logger.Error("Failed to add routes for remote subnets: %v", err)
 	}
-	
+
 	monitorAddress := strings.Split(siteConfig.ServerIP, "/")[0]
 	monitorPeer := net.JoinHostPort(monitorAddress, strconv.Itoa(int(siteConfig.ServerPort+1))) // +1 for the monitor port
 
@@ -189,7 +189,7 @@ func (pm *PeerManager) AddPeer(siteConfig SiteConfig) error {
 func (pm *PeerManager) UpdateAllPeersPersistentKeepalive(interval int) map[int]error {
 	pm.mu.RLock()
 	defer pm.mu.RUnlock()
-	
+
 	pm.PersistentKeepalive = interval
 
 	errors := make(map[int]error)
@@ -311,6 +311,29 @@ func (pm *PeerManager) UpdatePeer(siteConfig SiteConfig) error {
 		return fmt.Errorf("peer with site ID %d not found", siteConfig.SiteId)
 	}
 
+	// Update aliases
+	// Remove old aliases
+	for _, alias := range oldPeer.Aliases {
+		address := net.ParseIP(alias.AliasAddress)
+		if address == nil {
+			continue
+		}
+		pm.dnsProxy.RemoveDNSRecord(alias.Alias, address)
+	}
+	// Add new aliases
+	for _, alias := range siteConfig.Aliases {
+		address := net.ParseIP(alias.AliasAddress)
+		if address == nil {
+			continue
+		}
+		pm.dnsProxy.AddDNSRecord(alias.Alias, address, siteConfig.SiteId)
+	}
+
+	if siteConfig.PublicKey == "" {
+		logger.Debug("Skip updating site %d because no pub key", siteConfig.SiteId)
+		return nil
+	}
+
 	// If public key changed, remove old peer first
 	if siteConfig.PublicKey != oldPeer.PublicKey {
 		if err := RemovePeer(pm.device, siteConfig.SiteId, oldPeer.PublicKey); err != nil {
@@ -434,24 +457,6 @@ func (pm *PeerManager) UpdatePeer(siteConfig SiteConfig) error {
 		}
 	}
 
-	// Update aliases
-	// Remove old aliases
-	for _, alias := range oldPeer.Aliases {
-		address := net.ParseIP(alias.AliasAddress)
-		if address == nil {
-			continue
-		}
-		pm.dnsProxy.RemoveDNSRecord(alias.Alias, address)
-	}
-	// Add new aliases
-	for _, alias := range siteConfig.Aliases {
-		address := net.ParseIP(alias.AliasAddress)
-		if address == nil {
-			continue
-		}
-		pm.dnsProxy.AddDNSRecord(alias.Alias, address, siteConfig.SiteId)
-	}
-
 	pm.peerMonitor.UpdateHolepunchEndpoint(siteConfig.SiteId, siteConfig.Endpoint)
 
 	monitorAddress := strings.Split(siteConfig.ServerIP, "/")[0]