use serde::{Deserialize, Serialize}; #[derive(Clone, Serialize, Deserialize)] pub struct Route { pub prefix: String, pub kind: RouteKind, pub enabled: bool, #[serde(default)] pub mapped_prefix: Option, } #[derive(Clone, Serialize, Deserialize)] #[serde(rename_all = "snake_case")] pub enum RouteKind { Subnet, Exit, } #[derive(Clone, Serialize, Deserialize)] pub struct NetworkInfo { pub id: String, pub name: String, pub overlay_v4: String, pub overlay_v6: String, pub dns_domain: String, #[serde(default)] pub requires_approval: bool, #[serde(default)] pub key_rotation_max_age_seconds: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct NodeInfo { pub id: String, pub name: String, pub dns_name: String, pub ipv4: String, pub ipv6: String, pub wg_public_key: String, pub machine_public_key: String, pub endpoints: Vec, pub tags: Vec, pub routes: Vec, pub last_seen: i64, #[serde(default = "default_true")] pub approved: bool, #[serde(default)] pub key_rotation_required: bool, #[serde(default)] pub revoked: bool, } #[derive(Clone, Serialize, Deserialize)] pub struct PeerInfo { pub id: String, pub name: String, pub dns_name: String, pub ipv4: String, pub ipv6: String, pub wg_public_key: String, pub endpoints: Vec, pub tags: Vec, pub routes: Vec, pub last_seen: i64, } #[derive(Clone, Serialize, Deserialize)] pub struct NetMap { pub network: NetworkInfo, pub node: NodeInfo, pub peers: Vec, pub relay: Option, #[serde(default)] pub probe_requests: Vec, pub generated_at: i64, #[serde(default)] pub revision: u64, } #[derive(Clone, Serialize, Deserialize)] pub struct ProbeRequest { pub peer_id: String, pub endpoints: Vec, pub ipv4: String, pub ipv6: String, pub requested_at: i64, } #[derive(Clone, Serialize, Deserialize, Default)] pub struct RelayConfig { pub stun_servers: Vec, pub turn_servers: Vec, #[serde(default)] pub stream_relay_servers: Vec, #[serde(default)] pub udp_relay_servers: Vec, } #[derive(Clone, Serialize, Deserialize)] pub struct RegisterRequest { pub token: String, pub node_name: String, pub machine_public_key: String, pub wg_public_key: String, } #[derive(Clone, Serialize, Deserialize)] pub struct RegisterResponse { pub node_token: String, pub netmap: NetMap, } #[derive(Clone, Serialize, Deserialize)] pub struct RegisterUrlRequest { pub network_id: String, pub node_name: String, pub machine_public_key: String, pub wg_public_key: String, pub ttl_seconds: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct RegisterUrlResponse { pub node_id: String, pub network_id: String, pub ipv4: String, pub ipv6: String, pub auth_path: String, pub expires_at: i64, pub node_token: String, } #[derive(Clone, Serialize, Deserialize)] pub struct EnrollmentToken { pub token: String, pub expires_at: i64, pub uses_left: u32, pub tags: Vec, pub revoked_at: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct CreateTokenRequest { pub ttl_seconds: u64, pub uses: u32, pub tags: Vec, } #[derive(Clone, Serialize, Deserialize)] pub struct CreateTokenResponse { pub token: EnrollmentToken, } #[derive(Clone, Serialize, Deserialize)] pub struct AdminNodesResponse { pub nodes: Vec, } #[derive(Clone, Serialize, Deserialize)] pub struct ApproveNodeResponse { pub node_id: String, pub approved: bool, pub approved_at: Option, } fn default_true() -> bool { true } #[derive(Clone, Serialize, Deserialize)] pub struct HeartbeatRequest { pub node_id: String, pub endpoints: Vec, pub listen_port: Option, pub routes: Vec, #[serde(default)] pub probe: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct HeartbeatResponse { pub netmap: NetMap, } #[derive(Clone, Serialize, Deserialize, Default)] pub struct AclPolicy { #[serde(default)] pub default_action: AclAction, #[serde(default)] pub rules: Vec, } #[derive(Clone, Serialize, Deserialize)] #[serde(rename_all = "snake_case")] pub enum AclAction { Allow, Deny, } impl Default for AclAction { fn default() -> Self { Self::Allow } } #[derive(Clone, Serialize, Deserialize, Default)] pub struct AclSelector { #[serde(default)] pub any: bool, #[serde(default)] pub tags: Vec, #[serde(default)] pub node_ids: Vec, #[serde(default)] pub names: Vec, } #[derive(Clone, Serialize, Deserialize)] pub struct AclRule { pub action: AclAction, #[serde(default)] pub src: AclSelector, #[serde(default)] pub dst: AclSelector, } #[derive(Clone, Serialize, Deserialize, Default)] pub struct UpdateAclRequest { pub policy: AclPolicy, } #[derive(Clone, Serialize, Deserialize)] pub struct UpdateAclResponse { pub policy: AclPolicy, } #[derive(Clone, Serialize, Deserialize)] pub struct UpdateNodeRequest { pub name: Option, pub tags: Option>, } #[derive(Clone, Serialize, Deserialize)] pub struct UpdateNodeResponse { pub node: NodeInfo, } #[derive(Clone, Serialize, Deserialize, Default)] pub struct KeyRotationPolicy { #[serde(default)] pub max_age_seconds: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct KeyPolicyResponse { pub policy: KeyRotationPolicy, } #[derive(Clone, Copy, Serialize, Deserialize, PartialEq, Eq)] #[serde(rename_all = "snake_case")] pub enum KeyType { Machine, WireGuard, } #[derive(Clone, Serialize, Deserialize)] pub struct KeyRecord { pub key_type: KeyType, pub public_key: String, pub created_at: i64, #[serde(default)] pub revoked_at: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct KeyRotationRequest { pub machine_public_key: Option, pub wg_public_key: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct KeyRotationResponse { pub node_id: String, pub machine_public_key: String, pub wg_public_key: String, } #[derive(Clone, Serialize, Deserialize)] pub struct KeyHistoryResponse { pub node_id: String, pub keys: Vec, } #[derive(Clone, Serialize, Deserialize)] pub struct RevokeNodeResponse { pub node_id: String, pub revoked_at: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct AuditEntry { pub id: String, pub timestamp: i64, pub network_id: Option, pub node_id: Option, pub action: String, #[serde(default)] pub detail: Option, } #[derive(Clone, Serialize, Deserialize)] pub struct AuditLogResponse { pub entries: Vec, }