-
Notifications
You must be signed in to change notification settings - Fork 12
/
main.go
110 lines (88 loc) · 2.54 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package main
import (
"flag"
"log"
"net"
"os"
"github.com/coreos/go-iptables/iptables"
"github.com/digitalocean/go-metadata"
"github.com/digitalocean/godo"
"golang.org/x/oauth2"
)
var appVersion string
func main() {
version := flag.Bool("version", false, "Print the version and exit.")
flag.Parse()
if *version {
log.Printf(appVersion)
os.Exit(0)
}
accessToken := os.Getenv("DO_KEY")
if accessToken == "" {
log.Fatal("Usage: DO_KEY environment variable must be set.")
}
peerTag := os.Getenv("DO_TAG")
// PUBLIC=true will tell us to block traffic on the public interface
public := os.Getenv("PUBLIC")
// setup dependencies
oauthClient := oauth2.NewClient(oauth2.NoContext, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: accessToken}))
apiClient := godo.NewClient(oauthClient)
metaClient := metadata.NewClient()
ipt, err := iptables.New()
failIfErr(err)
// collect needed metadata from metadata service
region, err := metaClient.Region()
failIfErr(err)
mData, err := metaClient.Metadata()
failIfErr(err)
// collect list of all droplets
var drops []godo.Droplet
if peerTag != "" {
drops, err = DropletListTags(apiClient.Droplets, peerTag)
} else {
drops, err = DropletList(apiClient.Droplets)
}
failIfErr(err)
// collect local network interface information
ifaces, err := net.Interfaces()
failIfErr(err)
pubAddr, err := PublicAddress(mData)
failIfErr(err)
if public == "true" {
publicPeers := PublicDroplets(drops)
// find public iface name
iface, err := FindInterfaceName(ifaces, pubAddr)
failIfErr(err)
// setup droplan-peers-public chain for public interface
err = Setup(ipt, iface, "droplan-peers-public")
failIfErr(err)
// update droplan-peers-public
err = UpdatePeers(ipt, publicPeers, "droplan-peers-public")
failIfErr(err)
log.Printf("Added %d peers to droplan-peers-public", len(publicPeers))
}
privAddr, err := PrivateAddress(mData)
failIfErr(err)
privatePeers, ok := SortDroplets(drops)[region]
if !ok {
log.Printf("No droplets listed in region [%s]", region)
}
// find private iface name
iface, err := FindInterfaceName(ifaces, privAddr)
if public != "" && err != nil && err.Error() == "no private interfaces" {
os.Exit(0)
}
failIfErr(err)
// setup droplan-peers chain for private interface
err = Setup(ipt, iface, "droplan-peers")
failIfErr(err)
// update droplan-peers
err = UpdatePeers(ipt, privatePeers, "droplan-peers")
failIfErr(err)
log.Printf("Added %d peers to droplan-peers", len(privatePeers))
}
func failIfErr(err error) {
if err != nil {
log.Fatal(err)
}
}