agent

package
v0.0.0-...-50e3f6b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2026 License: MIT Imports: 30 Imported by: 0

Documentation

Overview

Package agent provides the cilod API specification and types.

API Overview:

Authentication (SSH Challenge-Response): 

POST   /auth/connect          — SSH key exchange, returns session token
DELETE /auth/disconnect        — Invalidate session

Environment Management: 

GET    /environments           — List all environments
POST   /environments/:name/up  — Create + start environment
POST   /environments/:name/down — Stop environment
DELETE /environments/:name     — Destroy environment
GET    /environments/:name/status — Get env status
GET    /environments/:name/logs  — Stream logs (WebSocket upgrade)
POST   /environments/:name/exec — Exec into container (WebSocket upgrade)

WireGuard Peer Management: 

POST   /wireguard/exchange     — WireGuard key exchange
DELETE /wireguard/peers/:key   — Remove peer
GET    /wireguard/status       — WireGuard interface status

Workspace Sync: 

POST   /sync/:name             — Receive workspace sync

IP Allocation Strategy:

Each cilod instance manages its own /24 subnet independently without a central coordinator. The default subnet is 10.225.0.0/24 but is configurable.

Peer IP allocation is stored in a simple JSON file at /var/cilo/peers.json: 

{
  "peers": {
    "peer_pubkey_1": "10.225.0.2",
    "peer_pubkey_2": "10.225.0.3"
  },
  "next_ip": "10.225.0.4"
}

Allocation algorithm:

  1. Load existing peers.json (create if missing)
  2. If peer already has IP, return existing
  3. Otherwise, assign next_ip and increment
  4. Persist updated peers.json

This design allows each cilod to operate independently while ensuring unique IPs within its own subnet. No coordination is needed between cilod instances as they manage disjoint IP ranges.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIHandler 

type APIHandler interface {
	// Auth handlers
	HandleAuthConnect(w http.ResponseWriter, r *http.Request)
	HandleAuthDisconnect(w http.ResponseWriter, r *http.Request)

	// Environment handlers
	HandleListEnvironments(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentUp(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentDown(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentDestroy(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentStatus(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentLogs(w http.ResponseWriter, r *http.Request)
	HandleEnvironmentExec(w http.ResponseWriter, r *http.Request)

	// WireGuard handlers
	HandleWireGuardExchange(w http.ResponseWriter, r *http.Request)
	HandleWireGuardRemovePeer(w http.ResponseWriter, r *http.Request)
	HandleWireGuardStatus(w http.ResponseWriter, r *http.Request)

	// Sync handlers
	HandleWorkspaceSync(w http.ResponseWriter, r *http.Request)
}

APIHandler defines all cilod API endpoints as an interface. This interface is implemented by Server and used for testing.

type AddPeerRequest 

type AddPeerRequest struct {
	PublicKey  string `json:"public_key"`
	AllowedIPs string `json:"allowed_ips"`
}

AddPeerRequest is the request body for POST /wireguard/add-peer

type AuthChallengeRequest 

type AuthChallengeRequest struct {
	PublicKey string `json:"public_key"`
}

AuthChallengeRequest requests a new authentication challenge Client calls this before attempting authentication

type AuthChallengeResponse 

type AuthChallengeResponse struct {
	Challenge string    `json:"challenge"`
	ExpiresAt time.Time `json:"expires_at"`
}

AuthChallengeResponse returns a challenge to be signed Client must sign this challenge with their SSH private key

type AuthHandler 

type AuthHandler struct {
	// contains filtered or unexported fields
}

AuthHandler handles SSH key authentication and session management

func NewAuthHandler 

func NewAuthHandler(verifier SSHAuthVerifier, peersFile string) *AuthHandler

NewAuthHandler creates a new authentication handler

func (*AuthHandler) AuthMiddleware 

func (h *AuthHandler) AuthMiddleware(next http.Handler) http.Handler

AuthMiddleware validates the bearer token on protected routes

func (*AuthHandler) HandleChallenge 

func (h *AuthHandler) HandleChallenge(w http.ResponseWriter, r *http.Request)

HandleChallenge handles POST /auth/challenge. Issues a short-lived, single-use challenge that must be signed by the client.

func (*AuthHandler) HandleConnect 

func (h *AuthHandler) HandleConnect(w http.ResponseWriter, r *http.Request)

HandleConnect handles POST /auth/connect Performs SSH challenge-response authentication and issues a session token

func (*AuthHandler) HandleDisconnect 

func (h *AuthHandler) HandleDisconnect(w http.ResponseWriter, r *http.Request)

HandleDisconnect handles DELETE /auth/disconnect Invalidates the current session token

type ChallengeRequest 

type ChallengeRequest struct {
	PublicKey string `json:"public_key"`
}

ChallengeRequest requests a new authentication challenge.

type ChallengeResponse 

type ChallengeResponse struct {
	Challenge string    `json:"challenge"`
	ExpiresAt time.Time `json:"expires_at"`
}

ChallengeResponse defines the challenge-response protocol for SSH auth

func (*ChallengeResponse) IsExpired 

func (c *ChallengeResponse) IsExpired() bool

IsExpired returns true if the challenge has expired

type ConnectRequest 

type ConnectRequest struct {
	PublicKey string `json:"public_key"` // SSH authorized_key format
	Challenge string `json:"challenge"`  // Random nonce
	Signature string `json:"signature"`  // Base64-encoded SSH signature
	// SignatureFormat is the ssh.Signature.Format returned by the signer.
	SignatureFormat string `json:"signature_format,omitempty"`
}

ConnectRequest is the request body for POST /auth/connect Client sends their SSH public key, a challenge, and the signed challenge

type ConnectResponse 

type ConnectResponse struct {
	Token     string    `json:"token"`      // Bearer token for subsequent requests
	ExpiresAt time.Time `json:"expires_at"` // Token expiration time
}

ConnectResponse is returned after successful authentication

type DefaultSSHVerifier 

type DefaultSSHVerifier struct {
	// contains filtered or unexported fields
}

DefaultSSHVerifier is the production SSH signature verifier In the GREEN phase, this will implement actual SSH signature verification

func NewDefaultSSHVerifier 

func NewDefaultSSHVerifier() *DefaultSSHVerifier

NewDefaultSSHVerifier creates a new SSH verifier

func (*DefaultSSHVerifier) AddAuthorizedKey 

func (v *DefaultSSHVerifier) AddAuthorizedKey(publicKey string) error

AddAuthorizedKey adds a public key to the authorized keys list

func (*DefaultSSHVerifier) GenerateChallenge 

func (v *DefaultSSHVerifier) GenerateChallenge() (string, error)

GenerateChallenge creates a random challenge for authentication

func (*DefaultSSHVerifier) Verify 

func (v *DefaultSSHVerifier) Verify(publicKey string, challenge string, signature string, signatureFormat string) error

Verify implements SSH signature verification using golang.org/x/crypto/ssh

type EnvProxy 

type EnvProxy struct {
	// contains filtered or unexported fields
}

EnvProxy is a reverse proxy that routes HTTP traffic by Host header

func NewEnvProxy 

func NewEnvProxy(listenAddr string) (*EnvProxy, error)

NewEnvProxy creates a new reverse proxy listening on the given address

func (*EnvProxy) AddRoute 

func (p *EnvProxy) AddRoute(hostname, target string) error

AddRoute registers a new route for the given hostname

func (*EnvProxy) Close 

func (p *EnvProxy) Close() error

Close shuts down the proxy server

func (*EnvProxy) RemoveRoutesForEnv 

func (p *EnvProxy) RemoveRoutesForEnv(envName string)

RemoveRoutesForEnv removes all routes for a given environment

type EnvironmentDestroyRequest 

type EnvironmentDestroyRequest struct {
	Force bool `json:"force,omitempty"` // Skip confirmation
}

EnvironmentDestroyRequest destroys an environment permanently DELETE /environments/:name

type EnvironmentDestroyResponse 

type EnvironmentDestroyResponse struct {
	Name   string `json:"name"`
	Status string `json:"status"`
}

EnvironmentDestroyResponse confirms environment is destroyed

type EnvironmentDownRequest 

type EnvironmentDownRequest struct {
	Force bool `json:"force,omitempty"` // Force stop even if busy
}

EnvironmentDownRequest stops an environment POST /environments/:name/down

type EnvironmentDownResponse 

type EnvironmentDownResponse struct {
	Name   string `json:"name"`
	Status string `json:"status"`
}

EnvironmentDownResponse confirms environment is stopped

type EnvironmentExecRequest 

type EnvironmentExecRequest struct {
	Service string   `json:"service"`         // Target service/container
	Command []string `json:"command"`         // Command to execute
	TTY     bool     `json:"tty,omitempty"`   // Allocate pseudo-TTY
	Stdin   bool     `json:"stdin,omitempty"` // Attach stdin
}

EnvironmentExecRequest executes a command in a container POST /environments/:name/exec Upgrades to WebSocket for interactive sessions

type EnvironmentInfo 

type EnvironmentInfo struct {
	Name      string    `json:"name"`
	Status    string    `json:"status"` // running, stopped, error
	CreatedAt time.Time `json:"created_at"`
	Services  []string  `json:"services"`
	Subnet    string    `json:"subnet"`
}

EnvironmentInfo describes a single environment

type EnvironmentLogsRequest 

type EnvironmentLogsRequest struct {
	Service string `json:"service"` // Query param: service name
	Follow  bool   `json:"follow"`  // Query param: stream logs
	Tail    int    `json:"tail"`    // Query param: number of lines
}

EnvironmentLogsRequest requests logs for a service GET /environments/:name/logs?service=&follow=

type EnvironmentManager 

type EnvironmentManager struct {
	// contains filtered or unexported fields
}

EnvironmentManager handles Docker Compose operations

func NewEnvironmentManager 

func NewEnvironmentManager(workspaceRoot string, proxy *EnvProxy, sharedStore sharestore.SharedServiceStore) *EnvironmentManager

NewEnvironmentManager creates a new environment manager

func (*EnvironmentManager) ConnectContainerToNetwork 

func (m *EnvironmentManager) ConnectContainerToNetwork(ctx context.Context, containerName, networkName, alias string) error

func (*EnvironmentManager) ContainerExists 

func (m *EnvironmentManager) ContainerExists(ctx context.Context, containerName string) (bool, error)

func (*EnvironmentManager) Destroy 

func (m *EnvironmentManager) Destroy(ctx context.Context, envName string) error

Destroy removes the environment completely

func (*EnvironmentManager) DisconnectContainerFromNetwork 

func (m *EnvironmentManager) DisconnectContainerFromNetwork(ctx context.Context, containerName, networkName string) error

func (*EnvironmentManager) Down 

func (m *EnvironmentManager) Down(ctx context.Context, envName string) error

Down stops the environment

func (*EnvironmentManager) GetContainerIPForNetwork 

func (m *EnvironmentManager) GetContainerIPForNetwork(ctx context.Context, containerName, networkName string) (string, error)

func (*EnvironmentManager) GetContainerStatus 

func (m *EnvironmentManager) GetContainerStatus(ctx context.Context, containerName string) (string, error)

func (*EnvironmentManager) List 

func (m *EnvironmentManager) List(ctx context.Context) ([]EnvironmentInfo, error)

List returns all environments in the workspace root

func (*EnvironmentManager) Logs 

func (m *EnvironmentManager) Logs(ctx context.Context, envName, service string, follow bool) (io.ReadCloser, error)

Logs returns a reader for service logs

func (*EnvironmentManager) RemoveContainer 

func (m *EnvironmentManager) RemoveContainer(ctx context.Context, containerName string) error

func (*EnvironmentManager) Status 

func (m *EnvironmentManager) Status(ctx context.Context, envName string) (map[string]ServiceStatus, error)

Status returns container status for all services

func (*EnvironmentManager) StopContainer 

func (m *EnvironmentManager) StopContainer(ctx context.Context, containerName string) error

func (*EnvironmentManager) Up 

func (m *EnvironmentManager) Up(ctx context.Context, req UpRequest) (*UpResponse, error)

Up starts the environment using docker compose

type EnvironmentStatusResponse 

type EnvironmentStatusResponse struct {
	Name       string                `json:"name"`
	Status     string                `json:"status"`
	Services   []ServiceStatusDetail `json:"services"`
	Networks   []NetworkInfo         `json:"networks"`
	LastActive time.Time             `json:"last_active"`
}

EnvironmentStatusResponse returns detailed environment status GET /environments/:name/status

type EnvironmentUpRequest 

type EnvironmentUpRequest struct {
	WorkspacePath string   `json:"workspace_path,omitempty"` // Optional: override workspace
	Build         bool     `json:"build,omitempty"`          // Rebuild containers
	Recreate      bool     `json:"recreate,omitempty"`       // Force recreate
	Project       string   `json:"project,omitempty"`
	Shared        []string `json:"shared,omitempty"`
	Isolate       []string `json:"isolate,omitempty"`
}

EnvironmentUpRequest starts or creates an environment POST /environments/:name/up

type EnvironmentUpResponse 

type EnvironmentUpResponse struct {
	Name     string            `json:"name"`
	Status   string            `json:"status"`
	Services map[string]string `json:"services"` // service name -> IP
	Subnet   string            `json:"subnet"`
}

EnvironmentUpResponse confirms environment is running

type ExecStream 

type ExecStream interface {
	// Send sends data to the container stdin
	Send(data []byte) error
	// Recv receives data from container stdout/stderr
	Recv() (*WebSocketMessage, error)
	// Close closes the stream
	Close() error
}

ExecStream handles bidirectional exec I/O over WebSocket

type FileSync 

type FileSync struct {
	Path    string `json:"path"`     // Relative path in workspace
	Content []byte `json:"content"`  // File content (base64 encoded for JSON)
	Mode    uint32 `json:"mode"`     // File permissions
	ModTime int64  `json:"mod_time"` // Unix timestamp
	Hash    string `json:"hash"`     // SHA256 hash for verification
}

FileSync describes a single file to sync

type IPAllocator 

type IPAllocator interface {
	// Allocate assigns an IP to a peer, returning existing if already allocated
	Allocate(ctx context.Context, publicKey string) (string, error)
	// Release removes a peer's IP allocation
	Release(ctx context.Context, publicKey string) error
	// Get retrieves the IP for a peer
	Get(ctx context.Context, publicKey string) (string, error)
	// List returns all allocations
	List(ctx context.Context) (map[string]string, error)
}

IPAllocator manages IP allocation for WireGuard peers

type JSONPeerStore 

type JSONPeerStore struct {
	// contains filtered or unexported fields
}

JSONPeerStore implements PeerStore using a JSON file for persistence Stores peer IP allocations at /var/cilo/peers.json

func NewJSONPeerStore 

func NewJSONPeerStore(filePath string) (*JSONPeerStore, error)

NewJSONPeerStore creates a new JSON-backed peer store

func (*JSONPeerStore) AllocatePeerIP 

func (s *JSONPeerStore) AllocatePeerIP(publicKey string) (string, error)

AllocatePeerIP assigns the next available IP to a peer Returns existing IP if peer already has an allocation

func (*JSONPeerStore) GetPeerIP 

func (s *JSONPeerStore) GetPeerIP(publicKey string) (string, error)

GetPeerIP returns the assigned IP for a peer, or "" if not allocated

func (*JSONPeerStore) ListPeers 

func (s *JSONPeerStore) ListPeers() ([]PeerAllocation, error)

ListPeers returns all peer allocations

func (*JSONPeerStore) RemovePeer 

func (s *JSONPeerStore) RemovePeer(publicKey string) error

RemovePeer removes a peer's IP allocation

type ListEnvironmentsResponse 

type ListEnvironmentsResponse struct {
	Environments []EnvironmentInfo `json:"environments"`
}

ListEnvironmentsResponse contains all environments managed by this cilod

type LogStream 

type LogStream interface {
	// Recv receives log lines
	Recv() ([]byte, error)
	// Close closes the stream
	Close() error
}

LogStream handles unidirectional log streaming over WebSocket

type NetworkInfo 

type NetworkInfo struct {
	Name    string `json:"name"`
	Subnet  string `json:"subnet"`
	Gateway string `json:"gateway"`
}

NetworkInfo describes a Docker network

type PeerAllocation 

type PeerAllocation struct {
	PublicKey string `json:"public_key"`
	IP        string `json:"ip"`
}

PeerAllocation manages IP allocation for WireGuard peers Each cilod instance manages its own /24 subnet independently IP allocation is stored in /var/cilo/peers.json as a simple JSON mapping: 

{ "peer_pubkey_1": "10.225.0.2", "peer_pubkey_2": "10.225.0.3", ... }

type PeerIPAllocation 

type PeerIPAllocation struct {
	Peers  map[string]string `json:"peers"`   // pubkey -> IP
	NextIP string            `json:"next_ip"` // Next IP to allocate
}

PeerIPAllocation represents the peers.json file structure Stored at /var/cilo/peers.json

type PeerStatus 

type PeerStatus struct {
	PublicKey     string `json:"public_key"`
	Endpoint      string `json:"endpoint,omitempty"`
	AllowedIPs    string `json:"allowed_ips"`
	LastHandshake string `json:"last_handshake,omitempty"`
	RxBytes       int64  `json:"rx_bytes"`
	TxBytes       int64  `json:"tx_bytes"`
}

PeerStatus represents the status of a single WireGuard peer

type PeerStore 

type PeerStore interface {
	// GetPeerIP returns the assigned IP for a peer, or "" if not allocated
	GetPeerIP(publicKey string) (string, error)
	// AllocatePeerIP assigns the next available IP to a peer
	AllocatePeerIP(publicKey string) (string, error)
	// RemovePeer removes a peer from the allocation
	RemovePeer(publicKey string) error
	// ListPeers returns all peer allocations
	ListPeers() ([]PeerAllocation, error)
}

PeerStore defines the interface for peer IP allocation storage

type PortMapping 

type PortMapping struct {
	HostPort      int    `json:"host_port"`
	ContainerPort int    `json:"container_port"`
	Protocol      string `json:"protocol"`
}

PortMapping describes a port mapping

type SSHAuthVerifier 

type SSHAuthVerifier interface {
	// Verify checks if the signature is valid for the given public key and challenge
	Verify(publicKey string, challenge string, signature string, signatureFormat string) error
	// GenerateChallenge creates a new random challenge for authentication
	GenerateChallenge() (string, error)
}

SSHAuthVerifier defines the interface for SSH key authentication Implementations verify SSH signatures against public keys

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server implements the cilod API

func NewServer 

func NewServer(cfg *config.Config) (*Server, error)

NewServer creates a new agent server with all dependencies initialized

func (*Server) HandleAuthChallenge 

func (s *Server) HandleAuthChallenge(w http.ResponseWriter, r *http.Request)

HandleAuthChallenge handles POST /auth/challenge

func (*Server) HandleAuthConnect 

func (s *Server) HandleAuthConnect(w http.ResponseWriter, r *http.Request)

HandleAuthConnect handles POST /auth/connect

func (*Server) HandleAuthDisconnect 

func (s *Server) HandleAuthDisconnect(w http.ResponseWriter, r *http.Request)

HandleAuthDisconnect handles DELETE /auth/disconnect

func (*Server) HandleEnvironmentDestroy 

func (s *Server) HandleEnvironmentDestroy(w http.ResponseWriter, r *http.Request)

HandleEnvironmentDestroy handles DELETE /environments/:name

func (*Server) HandleEnvironmentDown 

func (s *Server) HandleEnvironmentDown(w http.ResponseWriter, r *http.Request)

HandleEnvironmentDown handles POST /environments/:name/down

func (*Server) HandleEnvironmentExec 

func (s *Server) HandleEnvironmentExec(w http.ResponseWriter, r *http.Request)

HandleEnvironmentExec handles POST /environments/:name/exec

func (*Server) HandleEnvironmentLogs 

func (s *Server) HandleEnvironmentLogs(w http.ResponseWriter, r *http.Request)

HandleEnvironmentLogs handles GET /environments/:name/logs

func (*Server) HandleEnvironmentStatus 

func (s *Server) HandleEnvironmentStatus(w http.ResponseWriter, r *http.Request)

HandleEnvironmentStatus handles GET /environments/:name/status

func (*Server) HandleEnvironmentUp 

func (s *Server) HandleEnvironmentUp(w http.ResponseWriter, r *http.Request)

HandleEnvironmentUp handles POST /environments/:name/up

func (*Server) HandleListEnvironments 

func (s *Server) HandleListEnvironments(w http.ResponseWriter, r *http.Request)

HandleListEnvironments handles GET /environments

func (*Server) HandleWireGuardExchange 

func (s *Server) HandleWireGuardExchange(w http.ResponseWriter, r *http.Request)

HandleWireGuardExchange handles POST /wireguard/exchange

func (*Server) HandleWireGuardRemovePeer 

func (s *Server) HandleWireGuardRemovePeer(w http.ResponseWriter, r *http.Request)

HandleWireGuardRemovePeer handles DELETE /wireguard/peers/:key

func (*Server) HandleWireGuardStatus 

func (s *Server) HandleWireGuardStatus(w http.ResponseWriter, r *http.Request)

HandleWireGuardStatus handles GET /wireguard/status

func (*Server) HandleWorkspaceSync 

func (s *Server) HandleWorkspaceSync(w http.ResponseWriter, r *http.Request)

HandleWorkspaceSync handles POST /sync/:name

func (*Server) Router 

func (s *Server) Router() chi.Router

Router returns the underlying router (useful for testing)

func (*Server) Shutdown 

func (s *Server) Shutdown(ctx context.Context) error

Shutdown gracefully shuts down the server

func (*Server) Start 

func (s *Server) Start() error

Start begins listening for HTTP requests

type ServiceStatus 

type ServiceStatus struct {
	Service string `json:"service"`
	State   string `json:"state"`  // running, exited, etc.
	Status  string `json:"status"` // Up 2 hours, Exited (0), etc.
	Health  string `json:"health"` // healthy, unhealthy, etc.
}

ServiceStatus represents the status of a Docker Compose service

type ServiceStatusDetail 

type ServiceStatusDetail struct {
	Name   string        `json:"name"`
	State  string        `json:"state"`  // running, exited, etc.
	Status string        `json:"status"` // Up 2 hours, Exited (0), etc.
	Health string        `json:"health,omitempty"`
	IP     string        `json:"ip,omitempty"`
	Ports  []PortMapping `json:"ports,omitempty"`
}

ServiceStatusDetail provides detailed service information

type Session 

type Session struct {
	Token     string    `json:"token"`
	PublicKey string    `json:"public_key"`
	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

Session represents an authenticated session with a bearer token

func (*Session) IsExpired 

func (s *Session) IsExpired() bool

IsExpired returns true if the session has expired

type UpRequest 

type UpRequest struct {
	WorkspacePath string   `json:"workspace_path"`
	EnvName       string   `json:"env_name"`
	Subnet        string   `json:"subnet"`
	Build         bool     `json:"build,omitempty"`
	Recreate      bool     `json:"recreate,omitempty"`
	Project       string   `json:"project,omitempty"`
	Shared        []string `json:"shared,omitempty"`
	Isolate       []string `json:"isolate,omitempty"`
}

UpRequest is the request body for POST /environment/up

type UpResponse 

type UpResponse struct {
	Status   string            `json:"status"`
	Services map[string]string `json:"services"` // service name -> IP
}

UpResponse is the response for POST /environment/up

type WGStatusResponse 

type WGStatusResponse struct {
	Interface string       `json:"interface"`
	PublicKey string       `json:"public_key"`
	Peers     []PeerStatus `json:"peers"`
}

WGStatusResponse shows WireGuard status

type WebSocketMessage 

type WebSocketMessage struct {
	Type     string `json:"type"`                // "stdout", "stderr", "error", "exit"
	Data     []byte `json:"data"`                // Message payload
	ExitCode int    `json:"exit_code,omitempty"` // For exec exit
}

WebSocketMessage is the envelope for WebSocket communication

type WireGuardExchangeRequest 

type WireGuardExchangeRequest struct {
	PublicKey     string `json:"public_key"`     // Client's WireGuard public key
	EnvironmentID string `json:"environment_id"` // Optional: env to connect to
	UserID        string `json:"user_id"`        // Optional: for multi-user tracking
}

WireGuardExchangeRequest initiates peer connection POST /wireguard/exchange

type WireGuardExchangeResponse 

type WireGuardExchangeResponse struct {
	ServerPublicKey   string   `json:"server_public_key"` // cilod's WG public key
	ServerEndpoint    string   `json:"server_endpoint"`   // cilod's WG endpoint (IP:port)
	ServerAddress     string   `json:"server_address"`    // cilod's WG tunnel IP (for proxy/DNS)
	AssignedIP        string   `json:"assigned_ip"`       // IP assigned to client in WG subnet
	AllowedIPs        []string `json:"allowed_ips"`       // Routes through tunnel
	EnvironmentSubnet string   `json:"environment_subnet,omitempty"`
}

WireGuardExchangeResponse provides server details for client configuration Client uses this to configure their WireGuard interface

type WireGuardManager 

type WireGuardManager struct {
	// contains filtered or unexported fields
}

WireGuardManager handles WireGuard interface operations

func NewWireGuardManager 

func NewWireGuardManager(cfg *config.Config) (*WireGuardManager, error)

NewWireGuardManager creates a new WireGuard manager with the given configuration.

func (*WireGuardManager) AddPeer 

func (m *WireGuardManager) AddPeer(ctx context.Context, publicKey string, allowedIPs []string) error

AddPeer adds a peer to the WireGuard interface

func (*WireGuardManager) EnsureInterface 

func (m *WireGuardManager) EnsureInterface(ctx context.Context) error

EnsureInterface creates the WireGuard interface if it doesn't exist

func (*WireGuardManager) GetPublicKey 

func (m *WireGuardManager) GetPublicKey() string

GetPublicKey returns the agent's WireGuard public key

func (*WireGuardManager) GetStatus 

func (m *WireGuardManager) GetStatus(ctx context.Context) (*WGStatusResponse, error)

GetStatus returns current WireGuard interface status

func (*WireGuardManager) RemovePeer 

func (m *WireGuardManager) RemovePeer(ctx context.Context, publicKey string) error

RemovePeer removes a peer from the WireGuard interface

type WireGuardPeer 

type WireGuardPeer struct {
	PublicKey       string `json:"public_key"`
	Endpoint        string `json:"endpoint,omitempty"`
	AllowedIPs      string `json:"allowed_ips"`
	LatestHandshake string `json:"latest_handshake,omitempty"`
	RxBytes         int64  `json:"rx_bytes"`
	TxBytes         int64  `json:"tx_bytes"`
	AssignedIP      string `json:"assigned_ip"` // cilod-assigned IP
}

WireGuardPeer describes a connected peer

type WireGuardRemovePeerRequest 

type WireGuardRemovePeerRequest struct {
	PublicKey string `json:"public_key"` // URL param: peer public key
}

WireGuardRemovePeerRequest removes a peer DELETE /wireguard/peers/:key

type WireGuardRemovePeerResponse 

type WireGuardRemovePeerResponse struct {
	PublicKey string `json:"public_key"`
	Status    string `json:"status"`
}

WireGuardRemovePeerResponse confirms peer removal

type WireGuardStatusResponse 

type WireGuardStatusResponse struct {
	Interface  string          `json:"interface"`
	PublicKey  string          `json:"public_key"`
	ListenPort int             `json:"listen_port"`
	Address    string          `json:"address"`
	Peers      []WireGuardPeer `json:"peers"`
}

WireGuardStatusResponse returns interface and peer status GET /wireguard/status

type WorkspaceSyncRequest 

type WorkspaceSyncRequest struct {
	EnvironmentName string     `json:"environment_name"`       // URL param
	SyncType        string     `json:"sync_type"`              // "full" or "incremental"
	Files           []FileSync `json:"files"`                  // Files to sync
	DeletePaths     []string   `json:"delete_paths,omitempty"` // Paths to delete
}

WorkspaceSyncRequest receives workspace file sync POST /sync/:name Supports both full sync and incremental (rsync-style) updates

type WorkspaceSyncResponse 

type WorkspaceSyncResponse struct {
	EnvironmentName string   `json:"environment_name"`
	FilesReceived   int      `json:"files_received"`
	FilesUpdated    int      `json:"files_updated"`
	FilesDeleted    int      `json:"files_deleted"`
	Errors          []string `json:"errors,omitempty"`
}

WorkspaceSyncResponse confirms sync completion

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.