Auto-configure device tunnel name, remove from daemon.yml

go/daemon/children/nebula.go

@@ -6,6 +6,7 @@ import (
 	"io"
 	"isle/bootstrap"
 	"isle/daemon/daecommon"
+	"isle/nebula"
 	"isle/toolkit"
 	"net"
 	"path/filepath"
@@ -116,7 +117,7 @@ func nebulaConfig(
 			"respond": true,
 		},
 		"tun": map[string]any{
-			"dev": networkConfig.VPN.Tun.Device,
+			"dev": nebula.GetDeviceName(hostBootstrap.NetworkCreationParams.ID),
 		},
 		"firewall": firewall,
 	}

go/daemon/daecommon/config.go

@@ -24,10 +24,6 @@ const (
 //go:embed daemon.yml
 var defaultConfigB []byte
 
-type ConfigTun struct {
-	Device string `yaml:"device"`
-}
-
 type ConfigFirewall struct {
 	Outbound []ConfigFirewallRule `yaml:"outbound"`
 	Inbound  []ConfigFirewallRule `yaml:"inbound"`
@@ -74,7 +70,6 @@ type NetworkConfig struct {
 	VPN struct {
 		PublicAddr string         `yaml:"public_addr"`
 		Firewall   ConfigFirewall `yaml:"firewall"`
-		Tun        ConfigTun      `yaml:"tun"`
 	} `yaml:"vpn"`
 	Storage struct {
 		Allocations []ConfigStorageAllocation `yaml:"allocations"`
@@ -121,12 +116,6 @@ func (c *NetworkConfig) fillDefaults() {
 		}
 	}
 
-	if c.VPN.Tun.Device == "" {
-		// TODO if there are multiple Networks then each one needs a unique
-		// device name.
-		c.VPN.Tun.Device = "isle-tun"
-	}
-
 	nextRPCPort := 3900
 
 	for i := range c.Storage.Allocations {

go/daemon/daecommon/daemon.yml

@@ -47,10 +47,6 @@
         #  # If any storage allocations are declared below, the ports used will be
         #  # allowed here automatically.
 
-      #tun:
-        # Name of the tun network device which will route VPN traffic.
-        #device: isle-tun
-
     #storage:
 
       # Allocations defined here are used to store data in the distributed storage

go/daemon/daemon_test.go

@@ -127,7 +127,7 @@ func TestNew(t *testing.T) {
 			})
 
 			networkConfigB = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) {
-				c.VPN.Tun.Device = "bar"
+				c.VPN.PublicAddr = "1.2.3.4:5"
 			})
 
 			networkConfigC = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) {
@@ -189,7 +189,7 @@ func TestDaemon_SetConfig(t *testing.T) {
 			})
 
 			networkConfig = daecommon.NewNetworkConfig(func(c *daecommon.NetworkConfig) {
-				c.VPN.Tun.Device = "foo"
+				c.VPN.PublicAddr = "1.2.3.4:5"
 			})
 		)
 
@@ -220,7 +220,7 @@ func TestDaemon_SetConfig(t *testing.T) {
 			})
 		)
 
-		networkConfig.VPN.Tun.Device = "foo"
+		networkConfig.VPN.PublicAddr = "1.2.3.4:5"
 		err := h.daemon.SetConfig(h.ctx, networkConfig)
 		assert.ErrorIs(t, err, ErrManagedNetworkConfig)
 	})

go/daemon/network/network_it_util_test.go

@@ -32,7 +32,6 @@ var (
 
 	ipNetCounter          uint64 = 0
 	publicAddrPortCounter uint64 = 1024
-	tunDeviceCounter      uint64 = 0
 )
 
 func newIPNet() nebula.IPNet {
@@ -56,10 +55,6 @@ func newPublicAddr() string {
 	)
 }
 
-func newTunDevice() string {
-	return fmt.Sprintf("isle-test-%d", atomic.AddUint64(&tunDeviceCounter, 1))
-}
-
 type integrationHarness struct {
 	ctx        context.Context
 	logger     *mlog.Logger
@@ -129,8 +124,6 @@ func (h *integrationHarness) mkNetworkConfig(
 			c.VPN.PublicAddr = newPublicAddr()
 		}
 
-		c.VPN.Tun.Device = newTunDevice()
-
 		c.Storage.Allocations = make(
 			[]daecommon.ConfigStorageAllocation, opts.numStorageAllocs,
 		)

go/nebula/device.go

@@ -0,0 +1,18 @@
+package nebula
+
+import (
+	"fmt"
+	"sync/atomic"
+)
+
+var deviceCounter = new(atomic.Uint64)
+
+// GetDeviceName returns the network device name to use for a particular
+// network. Each returns name is gauranteed to be unique for the lifetime of the
+// process.
+func GetDeviceName(networkID string) string {
+	i := deviceCounter.Add(1) - 1
+	// the returned string will be too long for linux, but it will get
+	// automatically truncated.
+	return fmt.Sprintf("isle%d-%s", i, networkID)
+}