Improvement of the NetBird integration#97
Merged
Conversation
Greptile SummaryThis PR improves the NetBird VPN integration by adding proper HTTPS/certificate support end-to-end: the backend gains a new validation rule, the endpoint hash is extended to detect HTTPS/certificate changes, and the frontend is updated to load, display, and persist certificate data correctly. Key changes:
Confidence Score: 4/5
|
| Filename | Overview |
|---|---|
| core/host/validator.go | Adds an early validation guard: if a certificate is provided but HTTPS is disabled, a validation error is emitted. The fieldPath variable is hoisted out of the guard for reuse. Logic is correct and well-tested. |
| core/nginx/vpn_manager.go | Hash now includes enableHTTPS flag and certificate ID, ensuring configuration changes to HTTPS or the selected certificate correctly trigger endpoint restart/stop during reload. Improvement is safe and well-reasoned. |
| frontend/src/domain/host/HostConverter.ts | Now fetches the associated certificate when converting a saved VPN entry to form values, and correctly serializes enableHttps and certificateId back into the request payload. Both additions are required for round-trip correctness. |
| frontend/src/domain/host/HostFormPage.tsx | Adds handleVpnsChange that keeps component state in sync with the VPN list; the call to setFieldsValue in the callback correctly synchronises Ant Design's internal form state after the React state update. |
| frontend/src/domain/host/components/HostVpns.tsx | Refactored to pass the updated VPN array back through onChange; however, both handleVpnChange and handleCertificateChange use a shallow array spread ([...vpns]) which still mutates the original element objects, violating React immutability expectations. |
| frontend/src/domain/host/model/HostRequest.ts | Adds enableHttps: boolean (required) and certificateId?: string (optional) to the HostVpn payload interface, correctly aligning the frontend model with the backend's updated VPN structure. |
| vpn/netbird/endpoint.go | No functional changes; this file reads the target.HTTPS data already constructed by vpn_manager.go, and the TLS listener / proxy transport logic is unchanged. |
| vpn/netbird/logger.go | Introduces noOpLogger, a minimal io.Writer that discards NetBird client log output; clean, focused change that avoids polluting application logs with library internals. |
Sequence Diagram
sequenceDiagram
participant User
participant HostVpns
participant HostFormPage
participant HostConverter
participant ValidatorGo as validator.go
participant VpnManagerGo as vpn_manager.go
participant NetbirdEndpoint as netbird/endpoint.go
User->>HostVpns: Select VPN / Certificate
HostVpns->>HostVpns: handleVpnChange / handleCertificateChange
HostVpns->>HostFormPage: onChange(updatedVpns)
HostFormPage->>HostFormPage: handleVpnsChange → setState + setFieldsValue
User->>HostFormPage: Submit form
HostFormPage->>HostConverter: formValuesToRequest(formValues)
HostConverter-->>HostFormPage: HostRequest (vpns[].enableHttps, vpns[].certificateId)
HostFormPage->>ValidatorGo: POST /hosts (HTTP request)
ValidatorGo->>ValidatorGo: validateVPNCertificate
alt certificateId set but enableHTTPS=false
ValidatorGo-->>HostFormPage: 422 Validation error
else valid
ValidatorGo-->>VpnManagerGo: proceed
end
VpnManagerGo->>VpnManagerGo: buildEndpoints (loads certDetails)
VpnManagerGo->>VpnManagerGo: endpointAdapter.Hash() includes enableHTTPS + certID
VpnManagerGo->>VpnManagerGo: stopObsoleteEndpoints / startNewEndpoints
VpnManagerGo->>NetbirdEndpoint: Start(ctx, endpoint)
NetbirdEndpoint->>NetbirdEndpoint: startListener (TLS if HTTPS enabled)
Last reviewed commit: 424b1f9
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



No description provided.