pangolin_mirror/olm
1
0
Fork 0
mirror of https://github.com/fosrl/olm.git synced 2026-03-05 18:26:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename to client

Browse Source
This commit is contained in:
Owen
2025-02-20 22:04:06 -05:00
parent 5ec1aac0d1
commit c5098f0cd0
13 changed files with 74 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.dockerignore
View File

@@ -1,6 +1,6 @@
.gitignore .gitignore
.dockerignore .dockerignore
newt client
*.json *.json
README.md README.md
Makefile Makefile

2
.github/workflows/cicd.yml vendored
View File

@@ -36,7 +36,7 @@ jobs:
run: | run: |
TAG=${{ env.TAG }} TAG=${{ env.TAG }}
if [ -f main.go ]; then if [ -f main.go ]; then
sed -i 's/Newt version replaceme/Newt version '"$TAG"'/' main.go sed -i 's/Client version replaceme/Client version '"$TAG"'/' main.go
echo "Updated main.go with version $TAG" echo "Updated main.go with version $TAG"
else else
echo "main.go not found" echo "main.go not found"

2
.gitignore vendored
View File

@@ -1,3 +1,3 @@
newt client
.DS_Store .DS_Store
bin/ bin/

6
Dockerfile
View File

@@ -13,7 +13,7 @@ RUN go mod download
COPY . . COPY . .
# Build the application # Build the application
RUN CGO_ENABLED=0 GOOS=linux go build -o /newt RUN CGO_ENABLED=0 GOOS=linux go build -o /client
# Start a new stage from scratch # Start a new stage from scratch
FROM ubuntu:22.04 AS runner FROM ubuntu:22.04 AS runner
@@ -21,7 +21,7 @@ FROM ubuntu:22.04 AS runner
RUN apt-get update && apt-get install ca-certificates -y && rm -rf /var/lib/apt/lists/* RUN apt-get update && apt-get install ca-certificates -y && rm -rf /var/lib/apt/lists/*
# Copy the pre-built binary file from the previous stage and the entrypoint script # Copy the pre-built binary file from the previous stage and the entrypoint script
COPY --from=builder /newt /usr/local/bin/ COPY --from=builder /client /usr/local/bin/
COPY entrypoint.sh / COPY entrypoint.sh /
RUN chmod +x /entrypoint.sh RUN chmod +x /entrypoint.sh
@@ -30,4 +30,4 @@ RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
# Command to run the executable # Command to run the executable
CMD ["newt"] CMD ["client"]

28
Makefile
View File

@@ -6,29 +6,29 @@ docker-build-release:
echo "Error: tag is required. Usage: make build-all tag=<tag>"; \ echo "Error: tag is required. Usage: make build-all tag=<tag>"; \
exit 1; \ exit 1; \
fi fi
docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/newt:latest -f Dockerfile --push . docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/client:latest -f Dockerfile --push .
docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/newt:$(tag) -f Dockerfile --push . docker buildx build --platform linux/arm64,linux/amd64 -t fosrl/client:$(tag) -f Dockerfile --push .
build: build:
docker build -t fosrl/newt:latest . docker build -t fosrl/client:latest .
push: push:
docker push fosrl/newt:latest docker push fosrl/client:latest
test: test:
docker run fosrl/newt:latest docker run fosrl/client:latest
local: local:
CGO_ENABLED=0 go build -o newt CGO_ENABLED=0 go build -o client
go-build-release: go-build-release:
CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/newt_linux_arm64 CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/client_linux_arm64
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/newt_linux_amd64 CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/client_linux_amd64
CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o bin/newt_darwin_arm64 CGO_ENABLED=0 GOOS=darwin GOARCH=arm64 go build -o bin/client_darwin_arm64
CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o bin/newt_darwin_amd64 CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o bin/client_darwin_amd64
CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o bin/newt_windows_amd64.exe CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o bin/client_windows_amd64.exe
CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o bin/newt_freebsd_amd64 CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -o bin/client_freebsd_amd64
CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o bin/newt_freebsd_arm64 CGO_ENABLED=0 GOOS=freebsd GOARCH=arm64 go build -o bin/client_freebsd_arm64
clean: clean:
rm newt rm client

42
README.md
View File

@@ -1,10 +1,10 @@
# Newt # Client
Newt is a fully user space [WireGuard](https://www.wireguard.com/) tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. By using Newt, you don't need to manage complex WireGuard tunnels and NATing. Client is a fully user space [WireGuard](https://www.wireguard.com/) tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. By using Client, you don't need to manage complex WireGuard tunnels and NATing.
### Installation and Documentation ### Installation and Documentation
Newt is used with Pangolin and Gerbil as part of the larger system. See documentation below: Client is used with Pangolin and Gerbil as part of the larger system. See documentation below:
- [Installation Instructions](https://docs.fossorial.io) - [Installation Instructions](https://docs.fossorial.io)
- [Full Documentation](https://docs.fossorial.io) - [Full Documentation](https://docs.fossorial.io)
@@ -13,26 +13,26 @@ Newt is used with Pangolin and Gerbil as part of the larger system. See document
<img src="public/screenshots/preview.png" alt="Preview"/> <img src="public/screenshots/preview.png" alt="Preview"/>
_Sample output of a Newt container connected to Pangolin and hosting various resource target proxies._ _Sample output of a Client container connected to Pangolin and hosting various resource target proxies._
## Key Functions ## Key Functions
### Registers with Pangolin ### Registers with Pangolin
Using the Newt ID and a secret, the client will make HTTP requests to Pangolin to receive a session token. Using that token, it will connect to a websocket and maintain that connection. Control messages will be sent over the websocket. Using the Client ID and a secret, the client will make HTTP requests to Pangolin to receive a session token. Using that token, it will connect to a websocket and maintain that connection. Control messages will be sent over the websocket.
### Receives WireGuard Control Messages ### Receives WireGuard Control Messages
When Newt receives WireGuard control messages, it will use the information encoded (endpoint, public key) to bring up a WireGuard tunnel using [netstack](https://github.com/WireGuard/wireguard-go/blob/master/tun/netstack/examples/http_server.go) fully in user space. It will ping over the tunnel to ensure the peer on the Gerbil side is brought up. When Client receives WireGuard control messages, it will use the information encoded (endpoint, public key) to bring up a WireGuard tunnel using [netstack](https://github.com/WireGuard/wireguard-go/blob/master/tun/netstack/examples/http_server.go) fully in user space. It will ping over the tunnel to ensure the peer on the Gerbil side is brought up.
### Receives Proxy Control Messages ### Receives Proxy Control Messages
When Newt receives WireGuard control messages, it will use the information encoded to create a local low level TCP and UDP proxies attached to the virtual tunnel in order to relay traffic to programmed targets. When Client receives WireGuard control messages, it will use the information encoded to create a local low level TCP and UDP proxies attached to the virtual tunnel in order to relay traffic to programmed targets.
## CLI Args ## CLI Args
- `endpoint`: The endpoint where both Gerbil and Pangolin reside in order to connect to the websocket. - `endpoint`: The endpoint where both Gerbil and Pangolin reside in order to connect to the websocket.
- `id`: Newt ID generated by Pangolin to identify the client. - `id`: Client ID generated by Pangolin to identify the client.
- `secret`: A unique secret (not shared and kept private) used to authenticate the client ID with the websocket in order to receive commands. - `secret`: A unique secret (not shared and kept private) used to authenticate the client ID with the websocket in order to receive commands.
- `dns`: DNS server to use to resolve the endpoint - `dns`: DNS server to use to resolve the endpoint
- `log-level` (optional): The log level to use. Default: INFO - `log-level` (optional): The log level to use. Default: INFO
@@ -40,7 +40,7 @@ When Newt receives WireGuard control messages, it will use the information encod
Example: Example:
```bash ```bash
./newt \ ./client \
--id 31frd0uzbjvp721 \ --id 31frd0uzbjvp721 \
--secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 \ --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 \
--endpoint https://example.com --endpoint https://example.com
@@ -50,23 +50,23 @@ You can also run it with Docker compose. For example, a service in your `docker-
```yaml ```yaml
services: services:
newt: client:
image: fosrl/newt image: fosrl/client
container_name: newt container_name: client
restart: unless-stopped restart: unless-stopped
environment: environment:
- PANGOLIN_ENDPOINT=https://example.com - PANGOLIN_ENDPOINT=https://example.com
- NEWT_ID=2ix2t8xk22ubpfy - CLIENT_ID=2ix2t8xk22ubpfy
- NEWT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 - CLIENT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2
``` ```
You can also pass the CLI args to the container: You can also pass the CLI args to the container:
```yaml ```yaml
services: services:
newt: client:
image: fosrl/newt image: fosrl/client
container_name: newt container_name: client
restart: unless-stopped restart: unless-stopped
command: command:
- --id 31frd0uzbjvp721 - --id 31frd0uzbjvp721
@@ -78,11 +78,11 @@ Finally a basic systemd service:
``` ```
[Unit] [Unit]
Description=Newt VPN Client Description=Client VPN Client
After=network.target After=network.target
[Service] [Service]
ExecStart=/usr/local/bin/newt --id 31frd0uzbjvp721 --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 --endpoint https://example.com ExecStart=/usr/local/bin/client --id 31frd0uzbjvp721 --secret h51mmlknrvrwv8s4r1i210azhumt6isgbpyavxodibx1k2d6 --endpoint https://example.com
Restart=always Restart=always
User=root User=root
@@ -90,7 +90,7 @@ User=root
WantedBy=multi-user.target WantedBy=multi-user.target
``` ```
Make sure to `mv ./newt /usr/local/bin/newt`! Make sure to `mv ./client /usr/local/bin/client`!
## Build ## Build
@@ -112,7 +112,7 @@ make local
## Licensing ## Licensing
Newt is dual licensed under the AGPLv3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us. Client is dual licensed under the AGPLv3 and the Fossorial Commercial license. For inquiries about commercial licensing, please contact us.
## Contributions ## Contributions

10
docker-compose.yml
View File

@@ -1,10 +1,10 @@
services: services:
newt: client:
image: fosrl/newt:latest image: fosrl/client:latest
container_name: newt container_name: client
restart: unless-stopped restart: unless-stopped
environment: environment:
- PANGOLIN_ENDPOINT=https://example.com - PANGOLIN_ENDPOINT=https://example.com
- NEWT_ID=2ix2t8xk22ubpfy - CLIENT_ID=2ix2t8xk22ubpfy
- NEWT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2 - CLIENT_SECRET=nnisrfsdfc7prqsp9ewo1dvtvci50j5uiqotez00dgap0ii2
- LOG_LEVEL=DEBUG - LOG_LEVEL=DEBUG

2
entrypoint.sh
View File

@@ -4,7 +4,7 @@ set -e
# first arg is `-f` or `--some-option` # first arg is `-f` or `--some-option`
if [ "${1#-}" != "$1" ]; then if [ "${1#-}" != "$1" ]; then
set -- newt "$@" set -- client "$@"
fi fi
exec "$@" exec "$@"

2
go.mod
View File

@@ -1,4 +1,4 @@
module github.com/fosrl/newt module github.com/fosrl/client
go 1.23.1 go 1.23.1

16
main.go
View File

@@ -15,8 +15,8 @@ import (
"syscall" "syscall"
"time" "time"
"github.com/fosrl/newt/logger" "github.com/fosrl/client/logger"
"github.com/fosrl/newt/websocket" "github.com/fosrl/client/websocket"
"golang.org/x/net/icmp" "golang.org/x/net/icmp"
"golang.org/x/net/ipv4" "golang.org/x/net/ipv4"
@@ -291,10 +291,10 @@ func main() {
reachableAt string reachableAt string
) )
// if PANGOLIN_ENDPOINT, NEWT_ID, and NEWT_SECRET are set as environment variables, they will be used as default values // if PANGOLIN_ENDPOINT, CLIENT_ID, and CLIENT_SECRET are set as environment variables, they will be used as default values
endpoint = os.Getenv("PANGOLIN_ENDPOINT") endpoint = os.Getenv("PANGOLIN_ENDPOINT")
id = os.Getenv("NEWT_ID") id = os.Getenv("CLIENT_ID")
secret = os.Getenv("NEWT_SECRET") secret = os.Getenv("CLIENT_SECRET")
mtu = os.Getenv("MTU") mtu = os.Getenv("MTU")
dns = os.Getenv("DNS") dns = os.Getenv("DNS")
logLevel = os.Getenv("LOG_LEVEL") logLevel = os.Getenv("LOG_LEVEL")
@@ -306,10 +306,10 @@ func main() {
flag.StringVar(&endpoint, "endpoint", "", "Endpoint of your pangolin server") flag.StringVar(&endpoint, "endpoint", "", "Endpoint of your pangolin server")
} }
if id == "" { if id == "" {
flag.StringVar(&id, "id", "", "Newt ID") flag.StringVar(&id, "id", "", "Client ID")
} }
if secret == "" { if secret == "" {
flag.StringVar(&secret, "secret", "", "Newt secret") flag.StringVar(&secret, "secret", "", "Client secret")
} }
if mtu == "" { if mtu == "" {
flag.StringVar(&mtu, "mtu", "1280", "MTU to use") flag.StringVar(&mtu, "mtu", "1280", "MTU to use")
@@ -336,7 +336,7 @@ func main() {
flag.Parse() flag.Parse()
if *version { if *version {
fmt.Println("Newt version replaceme") fmt.Println("Client version replaceme")
os.Exit(0) os.Exit(0)
} }

22
websocket/client.go
View File

@@ -10,7 +10,7 @@ import (
"sync" "sync"
"time" "time"
"github.com/fosrl/newt/logger" "github.com/fosrl/client/logger"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"
) )
@@ -45,10 +45,10 @@ func (c *Client) OnConnect(callback func() error) {
c.onConnect = callback c.onConnect = callback
} }
// NewClient creates a new Newt client // NewClient creates a new Client client
func NewClient(newtID, secret string, endpoint string, opts ...ClientOption) (*Client, error) { func NewClient(clientID, secret string, endpoint string, opts ...ClientOption) (*Client, error) {
config := &Config{ config := &Config{
NewtID: newtID, ClientID: clientID,
Secret: secret, Secret: secret,
Endpoint: endpoint, Endpoint: endpoint,
} }
@@ -152,9 +152,9 @@ func (c *Client) getToken() (string, error) {
// If we already have a token, try to use it // If we already have a token, try to use it
if c.config.Token != "" { if c.config.Token != "" {
tokenCheckData := map[string]interface{}{ tokenCheckData := map[string]interface{}{
"newtId": c.config.NewtID, "clientId": c.config.ClientID,
"secret": c.config.Secret, "secret": c.config.Secret,
"token": c.config.Token, "token": c.config.Token,
} }
jsonData, err := json.Marshal(tokenCheckData) jsonData, err := json.Marshal(tokenCheckData)
if err != nil { if err != nil {
@@ -164,7 +164,7 @@ func (c *Client) getToken() (string, error) {
// Create a new request // Create a new request
req, err := http.NewRequest( req, err := http.NewRequest(
"POST", "POST",
baseEndpoint+"/api/v1/auth/newt/get-token", baseEndpoint+"/api/v1/auth/client/get-token",
bytes.NewBuffer(jsonData), bytes.NewBuffer(jsonData),
) )
if err != nil { if err != nil {
@@ -196,8 +196,8 @@ func (c *Client) getToken() (string, error) {
// Get a new token // Get a new token
tokenData := map[string]interface{}{ tokenData := map[string]interface{}{
"newtId": c.config.NewtID, "clientId": c.config.ClientID,
"secret": c.config.Secret, "secret": c.config.Secret,
} }
jsonData, err := json.Marshal(tokenData) jsonData, err := json.Marshal(tokenData)
if err != nil { if err != nil {
@@ -207,7 +207,7 @@ func (c *Client) getToken() (string, error) {
// Create a new request // Create a new request
req, err := http.NewRequest( req, err := http.NewRequest(
"POST", "POST",
baseEndpoint+"/api/v1/auth/newt/get-token", baseEndpoint+"/api/v1/auth/client/get-token",
bytes.NewBuffer(jsonData), bytes.NewBuffer(jsonData),
) )
if err != nil { if err != nil {

12
websocket/config.go
View File

@@ -12,11 +12,11 @@ func getConfigPath() string {
var configDir string var configDir string
switch runtime.GOOS { switch runtime.GOOS {
case "darwin": case "darwin":
configDir = filepath.Join(os.Getenv("HOME"), "Library", "Application Support", "newt-client") configDir = filepath.Join(os.Getenv("HOME"), "Library", "Application Support", "client-client")
case "windows": case "windows":
configDir = filepath.Join(os.Getenv("APPDATA"), "newt-client") configDir = filepath.Join(os.Getenv("APPDATA"), "client-client")
default: // linux and others default: // linux and others
configDir = filepath.Join(os.Getenv("HOME"), ".config", "newt-client") configDir = filepath.Join(os.Getenv("HOME"), ".config", "client-client")
} }
if err := os.MkdirAll(configDir, 0755); err != nil { if err := os.MkdirAll(configDir, 0755); err != nil {
@@ -27,7 +27,7 @@ func getConfigPath() string {
} }
func (c *Client) loadConfig() error { func (c *Client) loadConfig() error {
if c.config.NewtID != "" && c.config.Secret != "" && c.config.Endpoint != "" { if c.config.ClientID != "" && c.config.Secret != "" && c.config.Endpoint != "" {
return nil return nil
} }
@@ -45,8 +45,8 @@ func (c *Client) loadConfig() error {
return err return err
} }
if c.config.NewtID == "" { if c.config.ClientID == "" {
c.config.NewtID = config.NewtID c.config.ClientID = config.ClientID
} }
if c.config.Token == "" { if c.config.Token == "" {
c.config.Token = config.Token c.config.Token = config.Token

2
websocket/types.go
View File

@@ -1,7 +1,7 @@
package websocket package websocket
type Config struct { type Config struct {
NewtID string `json:"newtId"` ClientID string `json:"clientId"`
Secret string `json:"secret"` Secret string `json:"secret"`
Token string `json:"token"` Token string `json:"token"`
Endpoint string `json:"endpoint"` Endpoint string `json:"endpoint"`