Standardize remote subnets build

2026-02-21 20:36:37 +00:00 · 2025-11-17 10:22:10 -05:00
parent 7dcf4d5192
commit 1261ad3a00
6 changed files with 90 additions and 64 deletions
--- a/server/lib/ip.ts
+++ b/server/lib/ip.ts
@@ -1,7 +1,8 @@
-import { db } from "@server/db";
+import { db, SiteResource } from "@server/db";
 import { clients, orgs, sites } from "@server/db";
 import { and, eq, isNotNull } from "drizzle-orm";
 import config from "@server/lib/config";
+import z from "zod";

 interface IPRange {
    start: bigint;
@@ -300,3 +301,28 @@ export async function getNextAvailableOrgSubnet(): Promise<string> {

    return subnet;
 }
+
+export function generateRemoteSubnetsStr(allSiteResources: SiteResource[]) {
+    let remoteSubnets = allSiteResources
+        .filter((sr) => {
+            if (sr.mode === "cidr") return true;
+            if (sr.mode === "host") {
+                // check if its a valid IP using zod
+                const ipSchema = z.string().ip();
+                const parseResult = ipSchema.safeParse(sr.destination);
+                return parseResult.success;
+            }
+            return false;
+        })
+        .map((sr) => {
+            if (sr.mode === "cidr") return sr.destination;
+            if (sr.mode === "host") {
+                return `${sr.destination}/32`;
+            }
+        });
+    // remove duplicates
+    remoteSubnets = Array.from(new Set(remoteSubnets));
+    const remoteSubnetsStr =
+        remoteSubnets.length > 0 ? remoteSubnets.join(",") : null;
+    return remoteSubnetsStr;
+}
--- a/server/lib/rebuildSiteClientAssociations.ts
+++ b/server/lib/rebuildSiteClientAssociations.ts
@@ -29,6 +29,8 @@ import {
 } from "@server/routers/olm/peers";
 import { sendToExitNode } from "#dynamic/lib/exitNodes";
 import logger from "@server/logger";
+import z from "zod";
+import { generateRemoteSubnetsStr } from "@server/lib/ip";

 export async function rebuildSiteClientAssociations(
    siteResource: SiteResource,
@@ -331,14 +333,6 @@ async function handleMessagesForSiteClients(
                .from(siteResources)
                .where(eq(siteResources.siteId, site.siteId));

-            let remoteSubnets = allSiteResources
-                .filter((sr) => sr.mode == "cidr")
-                .map((sr) => sr.destination);
-            // remove duplicates
-            remoteSubnets = Array.from(new Set(remoteSubnets));
-            const remoteSubnetsStr =
-                remoteSubnets.length > 0 ? remoteSubnets.join(",") : null;
-
            olmJobs.push(
                olmAddPeer(
                    client.clientId,
@@ -351,7 +345,7 @@ async function handleMessagesForSiteClients(
                        publicKey: site.publicKey,
                        serverIP: site.address,
                        serverPort: site.listenPort,
-                        remoteSubnets: remoteSubnetsStr
+                        remoteSubnets: generateRemoteSubnetsStr(allSiteResources)
                    },
                    olm.olmId
                )