chore: implement WireGuard over GRPC

Implements WG over GRPC using virtual tunneling. Signed-off-by: Dmitriy Matrenichev <dmitry.matrenichev@siderolabs.com>
siderolabs · Mar 12, 2024 · 8866351 · 8866351
1 parent 7909156
commit 8866351
Show file tree

Hide file tree

Showing 39 changed files with 3,693 additions and 114 deletions.
diff --git a/.kres.yaml b/.kres.yaml
@@ -7,6 +7,8 @@ spec:
       subdirectory: events/
     - source: api/siderolink/provision.proto
       subdirectory: siderolink/
+    - source: api/siderolink/wireguard.proto
+      subdirectory: siderolink/
 ---
 kind: auto.CommandConfig
 name: siderolink-agent

diff --git a/Dockerfile b/Dockerfile
@@ -2,7 +2,7 @@
 
 # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT.
 #
-# Generated on 2024-03-07T11:10:45Z by kres latest.
+# Generated on 2024-03-10T14:36:55Z by kres latest.
 
 ARG TOOLCHAIN
 
@@ -19,6 +19,7 @@ RUN markdownlint --ignore "CHANGELOG.md" --ignore "**/node_modules/**" --ignore
 FROM scratch AS proto-specs
 ADD api/events/events.proto /api/events/
 ADD api/siderolink/provision.proto /api/siderolink/
+ADD api/siderolink/wireguard.proto /api/siderolink/
 
 # base toolchain image
 FROM ${TOOLCHAIN} AS toolchain
@@ -78,9 +79,10 @@ RUN --mount=type=cache,target=/go/pkg go list -mod=readonly all >/dev/null
 # runs protobuf compiler
 FROM tools AS proto-compile
 COPY --from=proto-specs / /
-RUN protoc -I/api --go_out=paths=source_relative:/api --go-grpc_out=paths=source_relative:/api --go-vtproto_out=paths=source_relative:/api --go-vtproto_opt=features=marshal+unmarshal+size+equal+clone /api/events/events.proto /api/siderolink/provision.proto
+RUN protoc -I/api --go_out=paths=source_relative:/api --go-grpc_out=paths=source_relative:/api --go-vtproto_out=paths=source_relative:/api --go-vtproto_opt=features=marshal+unmarshal+size+equal+clone /api/events/events.proto /api/siderolink/provision.proto /api/siderolink/wireguard.proto
 RUN rm /api/events/events.proto
 RUN rm /api/siderolink/provision.proto
+RUN rm /api/siderolink/wireguard.proto
 RUN goimports -w -local github.com/siderolabs/siderolink /api
 RUN gofumpt -w /api
 

diff --git a/api/events/events.pb.go b/api/events/events.pb.go
diff --git a/api/siderolink/provision.pb.go b/api/siderolink/provision.pb.go
diff --git a/api/siderolink/provision.proto b/api/siderolink/provision.proto
@@ -23,6 +23,8 @@ message ProvisionRequest {
     optional string node_unique_token = 4;
     // Talos Version (as string) of the node.
     optional string talos_version = 5;
+    // Wireguard over GRPC tunnel request
+    optional bool wireguard_over_grpc = 6;
 }
 
 message ProvisionResponse {
@@ -34,4 +36,6 @@ message ProvisionResponse {
     string node_address_prefix = 4;
     // Server address on the Wireguard tunnel.
     string server_address = 5;
+    // Virtual peer address:port in case of Wireguard over GRPC.
+    string grpc_peer_addr_port = 6;
 }
diff --git a/api/siderolink/provision_vtproto.pb.go b/api/siderolink/provision_vtproto.pb.go