gost

b4992960 · nanahira · 2280142f · b4992960 · b4992960
Commit b4992960 authored Aug 13, 2021 by nanahira
Show whitespace changes
Inline Side-by-side

Showing with 53 additions and 6 deletions

ansible/configure.yaml ansible/configure.yaml +13 -0

src/inventory.ts src/inventory.ts +40 -6

No files found.
--- a/ansible/configure.yaml
+++ b/ansible/configure.yaml
@@ -144,6 +144,12 @@
        dest: '{{ansible_user_dir}}/nextgen-network/services/babeld.conf'
      #notify: restart_babeld
      when: not noBird and not systemBird
+    - name: gost.json
+      copy:
+        src: '{{gostConfig | to_nice_json}}'
+        dest: '{{ansible_user_dir}}/nextgen-network/services/gost.json'
+      notify: restart_gost
+      when: installGost
    - name: monitor route plans
      template:
        src: route-plans.j2
@@ -231,6 +237,13 @@
        services:
          - ocserv
      when: not noBird
+    - name: restart_gost
+      docker_compose:
+        project_src: '{{ansible_user_dir}}/nextgen-network/services'
+        restarted: true
+        services:
+          - gost
+      when: installGost
    - name: restart_openconnect
      docker_compose:
        project_src: '{{ansible_user_dir}}/nextgen-network/services'

--- a/src/inventory.ts
+++ b/src/inventory.ts
@@ -27,6 +27,18 @@ interface GatewayGroup extends Record<string, any> {
  destMark: number;
 }

+interface GostRoute {
+  Retries?: string;
+  ServeNodes: string[];
+  ChainNodes?: string[];
+  Mark?: number
+}
+
+interface GostConfig extends Partial<GostRoute> {
+  Routes: GostRoute[];
+  Debug?: boolean;
+}
+
 type CommonEntry = Record<string, any>;

 class InventoryBuilder {
@@ -47,7 +59,7 @@ class InventoryBuilder {
    this.resolver.setServers(process.env.DNS ? [process.env.DNS] : ['114.114.114.114', '223.5.5.5']);
  }

-  getDockerImageTag(host: any) {
+  getDockerImageTag(host: CommonEntry) {
    if (host.arch && host.arch.length) {
      return `:master-${host.arch}`;
    } else {
@@ -174,7 +186,7 @@ class InventoryBuilder {
    }
    return addresses.join(" ");
  }
-  isGatewayGroupContains(gatewayGroup: GatewayGroup, host: any) {
+  isGatewayGroupContains(gatewayGroup: GatewayGroup, host: CommonEntry) {
    const locationPrefixes = gatewayGroup.locationPrefix.split(",");
    const excludeRouters = gatewayGroup.excludeRouters.split(",");
    const includeRouters = gatewayGroup.includeRouters.split(",");
@@ -196,11 +208,11 @@ class InventoryBuilder {
    }
    return false;
  }
-  getAddressesFromGatewayGroup(gatewayGroup: GatewayGroup, hosts: any[]) {
+  getAddressesFromGatewayGroup(gatewayGroup: GatewayGroup, hosts: CommonEntry[]) {
    const suitableHosts = hosts.filter(host => this.isGatewayGroupContains(gatewayGroup, host));
    return suitableHosts.map(host => host.address);
  }
-  getRoutePlansFromGatewayGroups(host: any) {
+  getRoutePlansFromGatewayGroups(host: CommonEntry) {
    const allOtherHosts = Object.values(this.hosts).filter(h => h !== host.name)
    const routePlans = this.gatewayGroups.filter(group => !this.isGatewayGroupContains(group, host)).map(group => {
      const addresses = this.getAddressesFromGatewayGroup(group, allOtherHosts);
@@ -214,7 +226,7 @@ class InventoryBuilder {
    return routePlans;
  }

-  getHostConnectionInfo(host) {
+  getHostConnectionInfo(host: CommonEntry) {
    return {
      ansible_ssh_host: host.host,
      ansible_ssh_user: host.user,
@@ -225,7 +237,7 @@ class InventoryBuilder {
    }
  }

-  async host_vars(host) {
+  async host_vars(host: CommonEntry) {
    const connections = [];
    host.dockerServices = {
      version: '2.4',
@@ -250,6 +262,26 @@ class InventoryBuilder {
        volumes: ['./babeld.conf:/etc/babeld.conf:ro']
      };
    }
+
+    const gostConfig: GostConfig = {
+      Routes: Object.values(this.gateways[host.name]).filter(gateway => !gateway.hidden).map(gateway => ({
+        ServeNodes: [`red://${host.address}:${gateway.redirectPort}`],
+        Mark: gateway.selectionMark as number,
+      }))
+    };
+
+    if (gostConfig.Routes.length) {
+      host.gostConfig = gostConfig;
+      host.dockerServices.services.gost = {
+        restart: 'always',
+        image: `git-registry.mycard.moe/nanahira/gost${this.getDockerImageTag(host)}`,
+        network_mode: 'host',
+        privileged: true,
+        volumes: ['./gost.json:/etc/gost/gost.json:ro'],
+        command: '-C /etc/gost/gost.json'
+      };
+    }
+    
    host.frpcRestarts = [];
    host.ocRestarts = [];
    host.frpsNeeded = false;
@@ -321,6 +353,8 @@ class InventoryBuilder {
      dockerServices: host.dockerServices,
      routePlans,
      iptables_type: host.iptables || 'auto',
+      gostConfig,
+      installGost: !!gostConfig,
    };
  }