mirror of
https://github.com/netbirdio/netbird.git
synced 2026-03-31 06:24:18 -04:00
218 lines
7.5 KiB
Go
218 lines
7.5 KiB
Go
package server
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
"github.com/netbirdio/management-integrations/integrations"
|
|
|
|
"github.com/netbirdio/netbird/management/internals/modules/peers"
|
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/domain/manager"
|
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/proxy"
|
|
proxymanager "github.com/netbirdio/netbird/management/internals/modules/reverseproxy/proxy/manager"
|
|
"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service"
|
|
nbreverseproxy "github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service/manager"
|
|
"github.com/netbirdio/netbird/management/internals/modules/zones"
|
|
zonesManager "github.com/netbirdio/netbird/management/internals/modules/zones/manager"
|
|
"github.com/netbirdio/netbird/management/internals/modules/zones/records"
|
|
recordsManager "github.com/netbirdio/netbird/management/internals/modules/zones/records/manager"
|
|
"github.com/netbirdio/netbird/management/server"
|
|
"github.com/netbirdio/netbird/management/server/account"
|
|
"github.com/netbirdio/netbird/management/server/geolocation"
|
|
"github.com/netbirdio/netbird/management/server/groups"
|
|
"github.com/netbirdio/netbird/management/server/idp"
|
|
"github.com/netbirdio/netbird/management/server/networks"
|
|
"github.com/netbirdio/netbird/management/server/networks/resources"
|
|
"github.com/netbirdio/netbird/management/server/networks/routers"
|
|
|
|
"github.com/netbirdio/netbird/management/server/permissions"
|
|
"github.com/netbirdio/netbird/management/server/settings"
|
|
"github.com/netbirdio/netbird/management/server/users"
|
|
)
|
|
|
|
const (
|
|
geolocationDisabledKey = "NB_DISABLE_GEOLOCATION"
|
|
)
|
|
|
|
func (s *BaseServer) GeoLocationManager() geolocation.Geolocation {
|
|
if os.Getenv(geolocationDisabledKey) == "true" {
|
|
log.Info("geolocation service is disabled, skipping initialization")
|
|
return nil
|
|
}
|
|
|
|
return Create(s, func() geolocation.Geolocation {
|
|
geo, err := geolocation.NewGeolocation(context.Background(), s.Config.Datadir, !s.disableGeoliteUpdate)
|
|
if err != nil {
|
|
log.Fatalf("could not initialize geolocation service: %v", err)
|
|
}
|
|
|
|
log.Infof("geolocation service has been initialized from %s", s.Config.Datadir)
|
|
|
|
return geo
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) PermissionsManager() permissions.Manager {
|
|
return Create(s, func() permissions.Manager {
|
|
manager := integrations.InitPermissionsManager(s.Store(), s.Metrics().GetMeter())
|
|
|
|
s.AfterInit(func(s *BaseServer) {
|
|
manager.SetAccountManager(s.AccountManager())
|
|
})
|
|
|
|
return manager
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) UsersManager() users.Manager {
|
|
return Create(s, func() users.Manager {
|
|
return users.NewManager(s.Store())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) SettingsManager() settings.Manager {
|
|
return Create(s, func() settings.Manager {
|
|
extraSettingsManager := integrations.NewManager(s.EventStore())
|
|
|
|
idpConfig := settings.IdpConfig{}
|
|
if s.Config.EmbeddedIdP != nil && s.Config.EmbeddedIdP.Enabled {
|
|
idpConfig.EmbeddedIdpEnabled = true
|
|
idpConfig.LocalAuthDisabled = s.Config.EmbeddedIdP.LocalAuthDisabled
|
|
}
|
|
|
|
return settings.NewManager(s.Store(), s.UsersManager(), extraSettingsManager, s.PermissionsManager(), idpConfig)
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) PeersManager() peers.Manager {
|
|
return Create(s, func() peers.Manager {
|
|
manager := peers.NewManager(s.Store(), s.PermissionsManager())
|
|
s.AfterInit(func(s *BaseServer) {
|
|
manager.SetNetworkMapController(s.NetworkMapController())
|
|
manager.SetIntegratedPeerValidator(s.IntegratedValidator())
|
|
manager.SetAccountManager(s.AccountManager())
|
|
})
|
|
return manager
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) AccountManager() account.Manager {
|
|
return Create(s, func() account.Manager {
|
|
accountManager, err := server.BuildManager(context.Background(), s.Config, s.Store(), s.NetworkMapController(), s.JobManager(), s.IdpManager(), s.mgmtSingleAccModeDomain, s.EventStore(), s.GeoLocationManager(), s.userDeleteFromIDPEnabled, s.IntegratedValidator(), s.Metrics(), s.ProxyController(), s.SettingsManager(), s.PermissionsManager(), s.Config.DisableDefaultPolicy)
|
|
if err != nil {
|
|
log.Fatalf("failed to create account service: %v", err)
|
|
}
|
|
|
|
s.AfterInit(func(s *BaseServer) {
|
|
accountManager.SetServiceManager(s.ServiceManager())
|
|
})
|
|
|
|
return accountManager
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) IdpManager() idp.Manager {
|
|
return Create(s, func() idp.Manager {
|
|
var idpManager idp.Manager
|
|
var err error
|
|
// Use embedded IdP service if embedded Dex is configured and enabled.
|
|
// Legacy IdpManager won't be used anymore even if configured.
|
|
if s.Config.EmbeddedIdP != nil && s.Config.EmbeddedIdP.Enabled {
|
|
idpManager, err = idp.NewEmbeddedIdPManager(context.Background(), s.Config.EmbeddedIdP, s.Metrics())
|
|
if err != nil {
|
|
log.Fatalf("failed to create embedded IDP service: %v", err)
|
|
}
|
|
return idpManager
|
|
}
|
|
|
|
// Fall back to external IdP service
|
|
if s.Config.IdpManagerConfig != nil {
|
|
idpManager, err = idp.NewManager(context.Background(), *s.Config.IdpManagerConfig, s.Metrics())
|
|
if err != nil {
|
|
log.Fatalf("failed to create IDP service: %v", err)
|
|
}
|
|
}
|
|
return idpManager
|
|
})
|
|
}
|
|
|
|
// OAuthConfigProvider is only relevant when we have an embedded IdP service. Otherwise must be nil
|
|
func (s *BaseServer) OAuthConfigProvider() idp.OAuthConfigProvider {
|
|
if s.Config.EmbeddedIdP == nil || !s.Config.EmbeddedIdP.Enabled {
|
|
return nil
|
|
}
|
|
|
|
idpManager := s.IdpManager()
|
|
if idpManager == nil {
|
|
return nil
|
|
}
|
|
|
|
// Reuse the EmbeddedIdPManager instance from IdpManager
|
|
// EmbeddedIdPManager implements both idp.Manager and idp.OAuthConfigProvider
|
|
if provider, ok := idpManager.(idp.OAuthConfigProvider); ok {
|
|
return provider
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (s *BaseServer) GroupsManager() groups.Manager {
|
|
return Create(s, func() groups.Manager {
|
|
return groups.NewManager(s.Store(), s.PermissionsManager(), s.AccountManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) ResourcesManager() resources.Manager {
|
|
return Create(s, func() resources.Manager {
|
|
return resources.NewManager(s.Store(), s.PermissionsManager(), s.GroupsManager(), s.AccountManager(), s.ServiceManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) RoutesManager() routers.Manager {
|
|
return Create(s, func() routers.Manager {
|
|
return routers.NewManager(s.Store(), s.PermissionsManager(), s.AccountManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) NetworksManager() networks.Manager {
|
|
return Create(s, func() networks.Manager {
|
|
return networks.NewManager(s.Store(), s.PermissionsManager(), s.ResourcesManager(), s.RoutesManager(), s.AccountManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) ZonesManager() zones.Manager {
|
|
return Create(s, func() zones.Manager {
|
|
return zonesManager.NewManager(s.Store(), s.AccountManager(), s.PermissionsManager(), s.DNSDomain())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) RecordsManager() records.Manager {
|
|
return Create(s, func() records.Manager {
|
|
return recordsManager.NewManager(s.Store(), s.AccountManager(), s.PermissionsManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) ServiceManager() service.Manager {
|
|
return Create(s, func() service.Manager {
|
|
return nbreverseproxy.NewManager(s.Store(), s.AccountManager(), s.PermissionsManager(), s.ServiceProxyController(), s.ProxyManager(), s.ReverseProxyDomainManager())
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) ProxyManager() proxy.Manager {
|
|
return Create(s, func() proxy.Manager {
|
|
manager, err := proxymanager.NewManager(s.Store(), s.Metrics().GetMeter())
|
|
if err != nil {
|
|
log.Fatalf("failed to create proxy manager: %v", err)
|
|
}
|
|
return manager
|
|
})
|
|
}
|
|
|
|
func (s *BaseServer) ReverseProxyDomainManager() *manager.Manager {
|
|
return Create(s, func() *manager.Manager {
|
|
m := manager.NewManager(s.Store(), s.ProxyManager(), s.PermissionsManager(), s.AccountManager())
|
|
return &m
|
|
})
|
|
}
|