diff --git a/.dockerignore b/.dockerignore index e5cc1f8..16e21ed 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,6 +1,6 @@ .gitignore .dockerignore -newt +client *.json README.md Makefile diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 5db7d94..a48894a 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -36,7 +36,7 @@ jobs: run: | TAG=${{ env.TAG }} if [ -f main.go ]; then - sed -i 's/Newt version replaceme/Newt version '"$TAG"'/' main.go + sed -i 's/Client version replaceme/Client version '"$TAG"'/' main.go echo "Updated main.go with version $TAG" else echo "main.go not found" diff --git a/.gitignore b/.gitignore index 8b1c477..a2c4eb9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -newt +client .DS_Store bin/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index d573c7b..c4851aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ RUN go mod download COPY . . # Build the application -RUN CGO_ENABLED=0 GOOS=linux go build -o /newt +RUN CGO_ENABLED=0 GOOS=linux go build -o /client # Start a new stage from scratch FROM ubuntu:22.04 AS runner @@ -21,7 +21,7 @@ FROM ubuntu:22.04 AS runner RUN apt-get update && apt-get install ca-certificates -y && rm -rf /var/lib/apt/lists/* # Copy the pre-built binary file from the previous stage and the entrypoint script -COPY --from=builder /newt /usr/local/bin/ +COPY --from=builder /client /usr/local/bin/ COPY entrypoint.sh / RUN chmod +x /entrypoint.sh @@ -30,4 +30,4 @@ RUN chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"] # Command to run the executable -CMD ["newt"] \ No newline at end of file +CMD ["client"] \ No newline at end of file diff --git a/Makefile b/Makefile index 3dbb196..a60772e 100644 --- a/Makefile +++ b/Makefile @@ -6,29 +6,29 @@ docker-build-release: echo "Error: tag is required. Usage: make build-all tag="; \ exit 1; \ fi - docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/newt:latest -f Dockerfile --push . - docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/newt:$(tag) -f Dockerfile --push . + docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/client:latest -f Dockerfile --push . + docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/client:$(tag) -f Dockerfile --push . build: - docker build -t fosrl/newt:latest . + docker build -t fosrl/client:latest . push: - docker push fosrl/newt:latest + docker push fosrl/client:latest test: - docker run fosrl/newt:latest + docker run fosrl/client:latest local: - CGO_ENABLED=0 go build -o newt + CGO_ENABLED=0 go build -o client go-build-release: - CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/newt_linux_arm64 - CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/newt_linux_amd64 - CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o bin/newt_darwin_arm64 - CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o bin/newt_darwin_amd64 - CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o bin/newt_windows_amd64.exe - CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o bin/newt_freebsd_amd64 - CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o bin/newt_freebsd_arm64 + CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/client_linux_arm64 + CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/client_linux_amd64 + CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o bin/client_darwin_arm64 + CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o bin/client_darwin_amd64 + CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o bin/client_windows_amd64.exe + CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o bin/client_freebsd_amd64 + CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o bin/client_freebsd_arm64 clean: - rm newt + rm client diff --git a/README.md b/README.md index 471b603..5b53779 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ -# Newt +# Client -Newt is a fully user space [WireGuard](https://www.wireguard.com/) tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. By using Newt, you don't need to manage complex WireGuard tunnels and NATing. +Client is a fully user space [WireGuard](https://www.wireguard.com/) tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. By using Client, you don't need to manage complex WireGuard tunnels and NATing. ### Installation and Documentation -Newt is used with Pangolin and Gerbil as part of the larger system. See documentation below: +Client is used with Pangolin and Gerbil as part of the larger system. See documentation below: - [Installation Instructions](https://docs.fossorial.io) - [Full Documentation](https://docs.fossorial.io) @@ -13,26 +13,26 @@ Newt is used with Pangolin and Gerbil as part of the larger system. See document Preview -_Sample output of a Newt container connected to Pangolin and hosting various resource target proxies._ +_Sample output of a Client container connected to Pangolin and hosting various resource target proxies._ ## Key Functions ### Registers with Pangolin -Using the Newt ID and a secret, the client will make HTTP requests to Pangolin to receive a session token. Using that token, it will connect to a websocket and maintain that connection. Control messages will be sent over the websocket. +Using the Client ID and a secret, the client will make HTTP requests to Pangolin to receive a session token. Using that token, it will connect to a websocket and maintain that connection. Control messages will be sent over the websocket. ### Receives WireGuard Control Messages -When Newt receives WireGuard control messages, it will use the information encoded (endpoint, public key) to bring up a WireGuard tunnel using [netstack](https://github.com/WireGuard/wireguard-go/blob/master/tun/netstack/examples/http_server.go) fully in user space. It will ping over the tunnel to ensure the peer on the Gerbil side is brought up. +When Client receives WireGuard control messages, it will use the information encoded (endpoint, public key) to bring up a WireGuard tunnel using [netstack](https://github.com/WireGuard/wireguard-go/blob/master/tun/netstack/examples/http_server.go) fully in user space. It will ping over the tunnel to ensure the peer on the Gerbil side is brought up. ### Receives Proxy Control Messages -When Newt receives WireGuard control messages, it will use the information encoded to create a local low level TCP and UDP proxies attached to the virtual tunnel in order to relay traffic to programmed targets. +When Client receives WireGuard control messages, it will use the information encoded to create a local low level TCP and UDP proxies attached to the virtual tunnel in order to relay traffic to programmed targets. ## CLI Args - `endpoint`: The endpoint where both Gerbil and Pangolin reside in order to connect to the websocket. -- `id`: Newt ID generated by Pangolin to identify the client. +- `id`: Client ID generated by Pangolin to identify the client. - `secret`: A unique secret (not shared and kept private) used to authenticate the client ID with the websocket in order to receive commands. - `dns`: DNS server to use to resolve the endpoint - `log-level` (optional): The log level to use. Default: INFO @@ -40,7 +40,7 @@ When Newt receives WireGuard control messages, it will use the information encod Example: ```bash -./newt \ +./client \ --id 31frd0uzbjvp721 \ --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 \ --endpoint https://example.com @@ -50,23 +50,23 @@ You can also run it with Docker compose. For example, a service in your `docker- ```yaml services: - newt: - image: fosrl/newt - container_name: newt + client: + image: fosrl/client + container_name: client restart: unless-stopped environment: - PANGOLIN_ENDPOINT=https://example.com - - NEWT_ID=2ix2t8xk22ubpfy - - NEWT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 + - CLIENT_ID=2ix2t8xk22ubpfy + - CLIENT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 ``` You can also pass the CLI args to the container: ```yaml services: - newt: - image: fosrl/newt - container_name: newt + client: + image: fosrl/client + container_name: client restart: unless-stopped command: - --id 31frd0uzbjvp721 @@ -78,11 +78,11 @@ Finally a basic systemd service: ``` [Unit] -Description=Newt VPN Client +Description=Client VPN Client After=network.target [Service] -ExecStart=/usr/local/bin/newt --id 31frd0uzbjvp721 --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 --endpoint https://example.com +ExecStart=/usr/local/bin/client --id 31frd0uzbjvp721 --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 --endpoint https://example.com Restart=always User=root @@ -90,7 +90,7 @@ User=root WantedBy=multi-user.target ``` -Make sure to `mv ./newt /usr/local/bin/newt`! +Make sure to `mv ./client /usr/local/bin/client`! ## Build @@ -112,7 +112,7 @@ make local ## Licensing -Newt is dual licensed under the AGPLv3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us. +Client is dual licensed under the AGPLv3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us. ## Contributions diff --git a/docker-compose.yml b/docker-compose.yml index 86f4ca1..49e364b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,10 @@ services: - newt: - image: fosrl/newt:latest - container_name: newt + client: + image: fosrl/client:latest + container_name: client restart: unless-stopped environment: - PANGOLIN_ENDPOINT=https://example.com - - NEWT_ID=2ix2t8xk22ubpfy - - NEWT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 + - CLIENT_ID=2ix2t8xk22ubpfy + - CLIENT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 - LOG_LEVEL=DEBUG \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index 79ae7a0..57ca6fa 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -4,7 +4,7 @@ set -e # first arg is `-f` or `--some-option` if [ "${1#-}" != "$1" ]; then - set -- newt "$@" + set -- client "$@" fi exec "$@" \ No newline at end of file diff --git a/go.mod b/go.mod index 7812b1b..460e8c1 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/fosrl/newt +module github.com/fosrl/client go 1.23.1 diff --git a/main.go b/main.go index d782482..d684038 100644 --- a/main.go +++ b/main.go @@ -15,8 +15,8 @@ import ( "syscall" "time" - "github.com/fosrl/newt/logger" - "github.com/fosrl/newt/websocket" + "github.com/fosrl/client/logger" + "github.com/fosrl/client/websocket" "golang.org/x/net/icmp" "golang.org/x/net/ipv4" @@ -291,10 +291,10 @@ func main() { reachableAt string ) - // if PANGOLIN_ENDPOINT, NEWT_ID, and NEWT_SECRET are set as environment variables, they will be used as default values + // if PANGOLIN_ENDPOINT, CLIENT_ID, and CLIENT_SECRET are set as environment variables, they will be used as default values endpoint = os.Getenv("PANGOLIN_ENDPOINT") - id = os.Getenv("NEWT_ID") - secret = os.Getenv("NEWT_SECRET") + id = os.Getenv("CLIENT_ID") + secret = os.Getenv("CLIENT_SECRET") mtu = os.Getenv("MTU") dns = os.Getenv("DNS") logLevel = os.Getenv("LOG_LEVEL") @@ -306,10 +306,10 @@ func main() { flag.StringVar(&endpoint, "endpoint", "", "Endpoint of your pangolin server") } if id == "" { - flag.StringVar(&id, "id", "", "Newt ID") + flag.StringVar(&id, "id", "", "Client ID") } if secret == "" { - flag.StringVar(&secret, "secret", "", "Newt secret") + flag.StringVar(&secret, "secret", "", "Client secret") } if mtu == "" { flag.StringVar(&mtu, "mtu", "1280", "MTU to use") @@ -336,7 +336,7 @@ func main() { flag.Parse() if *version { - fmt.Println("Newt version replaceme") + fmt.Println("Client version replaceme") os.Exit(0) } diff --git a/websocket/client.go b/websocket/client.go index 8a7d3f9..14d19e1 100644 --- a/websocket/client.go +++ b/websocket/client.go @@ -10,7 +10,7 @@ import ( "sync" "time" - "github.com/fosrl/newt/logger" + "github.com/fosrl/client/logger" "github.com/gorilla/websocket" ) @@ -45,10 +45,10 @@ func (c *Client) OnConnect(callback func() error) { c.onConnect = callback } -// NewClient creates a new Newt client -func NewClient(newtID, secret string, endpoint string, opts ...ClientOption) (*Client, error) { +// NewClient creates a new Client client +func NewClient(clientID, secret string, endpoint string, opts ...ClientOption) (*Client, error) { config := &Config{ - NewtID: newtID, + ClientID: clientID, Secret: secret, Endpoint: endpoint, } @@ -152,9 +152,9 @@ func (c *Client) getToken() (string, error) { // If we already have a token, try to use it if c.config.Token != "" { tokenCheckData := map[string]interface{}{ - "newtId": c.config.NewtID, - "secret": c.config.Secret, - "token": c.config.Token, + "clientId": c.config.ClientID, + "secret": c.config.Secret, + "token": c.config.Token, } jsonData, err := json.Marshal(tokenCheckData) if err != nil { @@ -164,7 +164,7 @@ func (c *Client) getToken() (string, error) { // Create a new request req, err := http.NewRequest( "POST", - baseEndpoint+"/api/v1/auth/newt/get-token", + baseEndpoint+"/api/v1/auth/client/get-token", bytes.NewBuffer(jsonData), ) if err != nil { @@ -196,8 +196,8 @@ func (c *Client) getToken() (string, error) { // Get a new token tokenData := map[string]interface{}{ - "newtId": c.config.NewtID, - "secret": c.config.Secret, + "clientId": c.config.ClientID, + "secret": c.config.Secret, } jsonData, err := json.Marshal(tokenData) if err != nil { @@ -207,7 +207,7 @@ func (c *Client) getToken() (string, error) { // Create a new request req, err := http.NewRequest( "POST", - baseEndpoint+"/api/v1/auth/newt/get-token", + baseEndpoint+"/api/v1/auth/client/get-token", bytes.NewBuffer(jsonData), ) if err != nil { diff --git a/websocket/config.go b/websocket/config.go index 794ff1e..bc51204 100644 --- a/websocket/config.go +++ b/websocket/config.go @@ -12,11 +12,11 @@ func getConfigPath() string { var configDir string switch runtime.GOOS { case "darwin": - configDir = filepath.Join(os.Getenv("HOME"), "Library", "Application Support", "newt-client") + configDir = filepath.Join(os.Getenv("HOME"), "Library", "Application Support", "client-client") case "windows": - configDir = filepath.Join(os.Getenv("APPDATA"), "newt-client") + configDir = filepath.Join(os.Getenv("APPDATA"), "client-client") default: // linux and others - configDir = filepath.Join(os.Getenv("HOME"), ".config", "newt-client") + configDir = filepath.Join(os.Getenv("HOME"), ".config", "client-client") } if err := os.MkdirAll(configDir, 0755); err != nil { @@ -27,7 +27,7 @@ func getConfigPath() string { } func (c *Client) loadConfig() error { - if c.config.NewtID != "" && c.config.Secret != "" && c.config.Endpoint != "" { + if c.config.ClientID != "" && c.config.Secret != "" && c.config.Endpoint != "" { return nil } @@ -45,8 +45,8 @@ func (c *Client) loadConfig() error { return err } - if c.config.NewtID == "" { - c.config.NewtID = config.NewtID + if c.config.ClientID == "" { + c.config.ClientID = config.ClientID } if c.config.Token == "" { c.config.Token = config.Token diff --git a/websocket/types.go b/websocket/types.go index 084465a..9a72e90 100644 --- a/websocket/types.go +++ b/websocket/types.go @@ -1,7 +1,7 @@ package websocket type Config struct { - NewtID string `json:"newtId"` + ClientID string `json:"clientId"` Secret string `json:"secret"` Token string `json:"token"` Endpoint string `json:"endpoint"`