From ce8f7c22da35169e2312c7fdea74afbad2a21129 Mon Sep 17 00:00:00 2001
From: Francesco Cheinasso <francesco.cheinasso@staff.aruba.it>
Date: Mon, 16 Oct 2023 15:08:50 +0200
Subject: [PATCH] External Network: Wireguard Templates

---
 ...iqo-wireguard-gateway-client-template.yaml | 48 +++++++++++++++
 ...iqo-wireguard-gateway-server-template.yaml | 59 +++++++++++++++++++
 ...iqo-wireguard-gateway-client-template.yaml | 13 ++++
 ...iqo-wireguard-gateway-server-template.yaml | 14 +++++
 .../client-operator/client_controller.go      | 16 +++--
 5 files changed, 144 insertions(+), 6 deletions(-)
 create mode 100644 deployments/liqo/files/liqo-wireguard-gateway-client-template.yaml
 create mode 100644 deployments/liqo/files/liqo-wireguard-gateway-server-template.yaml
 create mode 100644 deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml
 create mode 100644 deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml

diff --git a/deployments/liqo/files/liqo-wireguard-gateway-client-template.yaml b/deployments/liqo/files/liqo-wireguard-gateway-client-template.yaml
new file mode 100644
index 0000000000..cbab32e773
--- /dev/null
+++ b/deployments/liqo/files/liqo-wireguard-gateway-client-template.yaml
@@ -0,0 +1,48 @@
+metadata:
+  labels:
+    app: "{{ .Name }}"
+spec:
+  deployment:
+    metadata:
+      labels:
+        app: "{{ .Name }}"
+    spec:
+      replicas: 1
+      selector:
+        matchLabels:
+          app: "{{ .Name }}"
+      template:
+        metadata:
+          labels:
+            app: "{{ .Name }}"
+        spec:
+          containers:
+          - name: tunnel
+            image: ghcr.io/liqotech/gateway/wireguard/tunnel
+            imagePullPolicy: Always
+            args:
+            - --name="{{ .Name }}"
+            - --namespace="{{ .Namespace }}"
+            - --remote-cluster-id="{{ .ClusterID }}"
+            - --wireguard-gateway-uid="{{ .GatewayUID }}"
+            - --mode=client
+            - --mtu="{{ .MTU }}"
+            - --endpoint-address="{{ index .Spec.Endpoint.Addresses 0 }}"
+            - --endpoint-port="{{ .Spec.Endpoint.Port }}"
+            securityContext:
+              privileged: true
+              capabilities:
+                add:
+                - ALL
+          - name: gateway
+            image: ghcr.io/liqotech/gateway/main
+            imagePullPolicy: Always
+            args:
+            - --name="{{ .Name }}"
+            - --namespace="{{ .Namespace }}"
+            - --mode=client
+            securityContext:
+              privileged: true
+              capabilities:
+                add:
+                - ALL
\ No newline at end of file
diff --git a/deployments/liqo/files/liqo-wireguard-gateway-server-template.yaml b/deployments/liqo/files/liqo-wireguard-gateway-server-template.yaml
new file mode 100644
index 0000000000..aaf7b68b9f
--- /dev/null
+++ b/deployments/liqo/files/liqo-wireguard-gateway-server-template.yaml
@@ -0,0 +1,59 @@
+metadata:
+  labels:
+    app: "{{ .Name }}"
+spec:
+  service:
+    metadata:
+      labels:
+        app: "{{ .Name }}"
+    spec:
+      selector:
+        app: "{{ .Name }}"
+      type: "{{ .Spec.Endpoint.ServiceType }}"
+      ports:
+      - port: "{{ .Spec.Endpoint.Port }}"
+        protocol: UDP
+        nodePort: 31820
+  deployment:
+    metadata:
+      labels:
+        app: "{{ .Name }}"
+    spec:
+      replicas: 1
+      selector:
+        matchLabels:
+          app: "{{ .Name }}"
+      template:
+        metadata:
+          labels:
+            app: "{{ .Name }}"
+        spec:
+          containers:
+          - name: tunnel
+            image: ghcr.io/liqotech/gateway/wireguard/tunnel
+            imagePullPolicy: Always
+            args:
+            - --name="{{ .Name }}"
+            - --namespace="{{ .Namespace }}"
+            - --remote-cluster-id="{{ .ClusterID }}"
+            - --wireguard-gateway-uid="{{ .GatewayUID }}"
+            - --mode=server
+            - --mtu="{{ .Spec.MTU }}"
+            - --listen-port="{{ .Spec.Endpoint.Port }}"
+            securityContext:
+              privileged: true
+              capabilities:
+                add:
+                - ALL
+          - name: gateway
+            image: ghcr.io/liqotech/gateway/main
+            imagePullPolicy: Always
+            args:
+            - --name="{{ .Name }}"
+            - --namespace="{{ .Namespace }}"
+            - --mode=server
+            securityContext:
+              privileged: true
+              capabilities:
+                add:
+                - ALL
\ No newline at end of file
diff --git a/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml b/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml
new file mode 100644
index 0000000000..ca039eeffa
--- /dev/null
+++ b/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.networking.internal }}
+
+apiVersion: networking.liqo.io/v1alpha1
+kind: WgGatewayClientTemplate
+metadata:
+  name: wg-client-template
+  namespace: liqo
+spec:
+  objectKind:
+    apiVersion: networking.liqo.io/v1alpha1
+    kind: WgGatewayClient
+  template: {{- .Files.Get ("files/liqo-wireguard-gateway-client-template.yaml") | nindent 4 }}
+{{- end }}
diff --git a/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml
new file mode 100644
index 0000000000..0c1f1bf734
--- /dev/null
+++ b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.networking.internal }}
+
+apiVersion: networking.liqo.io/v1alpha1
+kind: WgGatewayServerTemplate
+metadata:
+  name: wg-server-template
+  namespace: liqo
+spec:
+  objectKind:
+    apiVersion: networking.liqo.io/v1alpha1
+    kind: WgGatewayServer
+  template: {{- .Files.Get ("files/liqo-wireguard-gateway-server-template.yaml") | nindent 4 }}
+{{- end }}
+
diff --git a/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go b/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go
index dc143847ea..faf73265ef 100644
--- a/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go
+++ b/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go
@@ -46,9 +46,11 @@ type ClientReconciler struct {
 }
 
 type templateData struct {
-	Spec       networkingv1alpha1.GatewayClientSpec
-	GatewayUID string
-	ClusterID  string
+	Spec             networkingv1alpha1.GatewayClientSpec
+	GatewayName      string
+	GatewayNamespace string
+	GatewayUID       string
+	ClusterID        string
 }
 
 // NewClientReconciler returns a new ClientReconciler.
@@ -178,9 +180,11 @@ func (r *ClientReconciler) EnsureGatewayClient(ctx context.Context, gwClient *ne
 			},
 		})
 		spec, err := enutils.RenderTemplate(objectTemplateSpec, templateData{
-			Spec:       gwClient.Spec,
-			GatewayUID: string(gwClient.UID),
-			ClusterID:  remoteClusterID,
+			Spec:             gwClient.Spec,
+			GatewayName:      gwClient.Name,
+			GatewayNamespace: gwClient.Namespace,
+			GatewayUID:       string(gwClient.UID),
+			ClusterID:        remoteClusterID,
 		})
 		if err != nil {
 			return fmt.Errorf("unable to render the template: %w", err)