From 27088a3595581915696ed8ed3c8764ae356de4cd Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Fri, 20 Dec 2024 20:10:57 +0400 Subject: [PATCH 1/4] add all proto to default user policies --- pro/logic/user_mgmt.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pro/logic/user_mgmt.go b/pro/logic/user_mgmt.go index 05e5c5459..7185e9e00 100644 --- a/pro/logic/user_mgmt.go +++ b/pro/logic/user_mgmt.go @@ -1213,6 +1213,7 @@ func CreateDefaultUserPolicies(netID models.NetworkID) { Default: true, ServiceType: models.Any, NetworkID: netID, + Proto: models.ALL, RuleType: models.UserPolicy, Src: []models.AclPolicyTag{ { @@ -1245,6 +1246,7 @@ func CreateDefaultUserPolicies(netID models.NetworkID) { Default: true, ServiceType: models.Any, NetworkID: netID, + Proto: models.ALL, RuleType: models.UserPolicy, Src: []models.AclPolicyTag{ { From 7a6ce592042af1f7980930318911f7575cc1b0f7 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Sat, 28 Dec 2024 15:57:36 +0400 Subject: [PATCH 2/4] handle ip check gracefully --- scripts/nm-quick.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 9f1c99cd3..f508a404f 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -509,8 +509,8 @@ set -e # set_install_vars - sets the variables that will be used throughout installation set_install_vars() { - IP_ADDR=$(curl -s -4 ifconfig.me) - IP6_ADDR=$(curl -s -6 ifconfig.me) + IP_ADDR=$(curl -s -4 ifconfig.me || echo "") + IP6_ADDR=$(curl -s -6 ifconfig.me || echo "") if [ "$NETMAKER_BASE_DOMAIN" = "" ]; then NETMAKER_BASE_DOMAIN=nm.$(echo $IP_ADDR | tr . -).nip.io fi From 081efde1269d47c6688ae3ae4609b3c26522e1fb Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Sat, 28 Dec 2024 16:15:33 +0400 Subject: [PATCH 3/4] only use tcp on caddy --- compose/docker-compose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index c3c3379a2..00f9f0774 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -52,11 +52,11 @@ services: - caddy_data:/data - caddy_conf:/config ports: - - "$SERVER_HOST:80:80" - - "$SERVER_HOST:443:443" + - "$SERVER_HOST:80:80/tcp" + - "$SERVER_HOST:443:443/tcp" #uncomment to enable IPv6 communication - # - "$SERVER_HOST6:80:80" - # - "$SERVER_HOST6:443:443" + # - "$SERVER_HOST6:80:80/tcp" + # - "$SERVER_HOST6:443:443/tcp" coredns: #network_mode: host From 64ae917faf7ea6298e9232540b5f0d001761aca8 Mon Sep 17 00:00:00 2001 From: abhishek9686 Date: Sat, 28 Dec 2024 17:41:22 +0400 Subject: [PATCH 4/4] remove deprecated stun servers --- compose/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml index 00f9f0774..5e1091066 100644 --- a/compose/docker-compose.yml +++ b/compose/docker-compose.yml @@ -12,7 +12,7 @@ services: - sqldata:/root/data environment: # config-dependant vars - - STUN_SERVERS=stun1.netmaker.io:3478,stun2.netmaker.io:3478,stun1.l.google.com:19302,stun2.l.google.com:19302 + - STUN_SERVERS=stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302 # The domain/host IP indicating the mq broker address - BROKER_ENDPOINT=wss://broker.${NM_DOMAIN} # For EMQX broker use `BROKER_ENDPOINT=wss://broker.${NM_DOMAIN}/mqtt` # For EMQX broker (uncomment the two lines below)