IPv6-only mode

author: Alex Auvolat <alex@adnab.me> 2023-04-05 09:47:58 +0200
committer: Alex Auvolat <alex@adnab.me> 2023-04-05 09:47:58 +0200
commit: c356c4d1c471acd9d2f7e1dcfd3a432442177b48 (patch)
tree: 66f12a24e7a486457d1b907b1e268efd631eab8c /src/config
parent: f410230240b270ec01cfbf0002cbe9d3849eb03b (diff)
download: diplonat-c356c4d1c471acd9d2f7e1dcfd3a432442177b48.tar.gz
diplonat-c356c4d1c471acd9d2f7e1dcfd3a432442177b48.zip
3 files changed, 30 insertions, 15 deletions
diff --git a/src/config/options.rs b/src/config/options.rs
index 100c23c..fc9df16 100644
--- a/src/config/options.rs
+++ b/src/config/options.rs
@@ -19,6 +19,9 @@ pub struct ConfigOptsBase {
     pub refresh_time: Option<u16>,
     /// STUN server [default: stun.nextcloud.com:443]
     pub stun_server: Option<String>,
+    /// IPv6-only mode (disables IGD, IPv4 firewall and IPv4 address autodiscovery) [default: false]
+    #[serde(default)]
+    pub ipv6_only: bool,
 }
 
 /// ACME configuration options
diff --git a/src/config/options_test.rs b/src/config/options_test.rs
index 8e05c90..073b9ac 100644
--- a/src/config/options_test.rs
+++ b/src/config/options_test.rs
@@ -63,15 +63,13 @@ fn ok_from_iter_minimal_valid_options() {
         rt_config.firewall.refresh_time,
         Duration::from_secs(REFRESH_TIME.into())
     );
-    assert!(rt_config.igd.private_ip.is_none());
+    let igd = rt_config.igd.unwrap();
+    assert!(igd.private_ip.is_none());
     assert_eq!(
-        rt_config.igd.expiration_time,
+        igd.expiration_time,
         Duration::from_secs(EXPIRATION_TIME.into())
     );
-    assert_eq!(
-        rt_config.igd.refresh_time,
-        Duration::from_secs(REFRESH_TIME.into())
-    );
+    assert_eq!(igd.refresh_time, Duration::from_secs(REFRESH_TIME.into()));
 }
 
 #[test]
@@ -117,10 +115,11 @@ fn ok_from_iter_all_valid_options() {
         opts.get(&"DIPLONAT_CONSUL_URL".to_string()).unwrap()
     );
     assert_eq!(rt_config.firewall.refresh_time, refresh_time);
+    let igd = rt_config.igd.unwrap();
     assert_eq!(
-        &rt_config.igd.private_ip.unwrap().to_string(),
+        &igd.private_ip.unwrap().to_string(),
         opts.get(&"DIPLONAT_PRIVATE_IP".to_string()).unwrap()
     );
-    assert_eq!(rt_config.igd.expiration_time, expiration_time);
-    assert_eq!(rt_config.igd.refresh_time, refresh_time);
+    assert_eq!(igd.expiration_time, expiration_time);
+    assert_eq!(igd.refresh_time, refresh_time);
 }
diff --git a/src/config/runtime.rs b/src/config/runtime.rs
index 45a29c3..d1a3f89 100644
--- a/src/config/runtime.rs
+++ b/src/config/runtime.rs
@@ -26,6 +26,7 @@ pub struct RuntimeConfigConsul {
 
 #[derive(Debug)]
 pub struct RuntimeConfigFirewall {
+    pub ipv6_only: bool,
     pub refresh_time: Duration,
 }
 
@@ -38,7 +39,7 @@ pub struct RuntimeConfigIgd {
 
 #[derive(Debug)]
 pub struct RuntimeConfigStun {
-    pub stun_server_v4: SocketAddr,
+    pub stun_server_v4: Option<SocketAddr>,
     pub stun_server_v6: SocketAddr,
     pub refresh_time: Duration,
 }
@@ -48,7 +49,7 @@ pub struct RuntimeConfig {
     pub acme: Option<RuntimeConfigAcme>,
     pub consul: RuntimeConfigConsul,
     pub firewall: RuntimeConfigFirewall,
-    pub igd: RuntimeConfigIgd,
+    pub igd: Option<RuntimeConfigIgd>,
     pub stun: RuntimeConfigStun,
 }
 
@@ -57,7 +58,10 @@ impl RuntimeConfig {
         let acme = RuntimeConfigAcme::new(opts.acme)?;
         let consul = RuntimeConfigConsul::new(opts.consul)?;
         let firewall = RuntimeConfigFirewall::new(&opts.base)?;
-        let igd = RuntimeConfigIgd::new(&opts.base)?;
+        let igd = match opts.base.ipv6_only {
+            false => Some(RuntimeConfigIgd::new(&opts.base)?),
+            true => None,
+        };
         let stun = RuntimeConfigStun::new(&opts.base)?;
 
         Ok(Self {
@@ -131,7 +135,10 @@ impl RuntimeConfigFirewall {
         let refresh_time =
             Duration::from_secs(opts.refresh_time.unwrap_or(super::REFRESH_TIME).into());
 
-        Ok(Self { refresh_time })
+        Ok(Self {
+            refresh_time,
+            ipv6_only: opts.ipv6_only,
+        })
     }
 }
 
@@ -189,9 +196,15 @@ impl RuntimeConfigStun {
         let refresh_time =
             Duration::from_secs(opts.refresh_time.unwrap_or(super::REFRESH_TIME).into());
 
+        let stun_server_v4 = match opts.ipv6_only {
+            false => Some(
+                stun_server_v4.ok_or(anyhow!("Unable to resolve STUN server's IPv4 address"))?,
+            ),
+            true => None,
+        };
+
         Ok(Self {
-            stun_server_v4: stun_server_v4
-                .ok_or(anyhow!("Unable to resolve STUN server's IPv4 address"))?,
+            stun_server_v4,
             stun_server_v6: stun_server_v6
                 .ok_or(anyhow!("Unable to resolve STUN server's IPv6 address"))?,
             refresh_time,
author	Alex Auvolat <alex@adnab.me>	2023-04-05 09:47:58 +0200
committer	Alex Auvolat <alex@adnab.me>	2023-04-05 09:47:58 +0200
commit	c356c4d1c471acd9d2f7e1dcfd3a432442177b48 (patch)
tree	66f12a24e7a486457d1b907b1e268efd631eab8c /src/config
parent	f410230240b270ec01cfbf0002cbe9d3849eb03b (diff)
download	diplonat-c356c4d1c471acd9d2f7e1dcfd3a432442177b48.tar.gz diplonat-c356c4d1c471acd9d2f7e1dcfd3a432442177b48.zip