Commit Graph

140 Commits

Author SHA1 Message Date
Ian VanSchooten 7eff4d9a57 Fix go cache in gofmt 2024-10-23 11:09:54 -04:00
Ian VanSchooten 150d1ec740 Fix show-progress flag 2024-10-23 10:07:58 -04:00
Ian VanSchooten 403fe7c41e Update upload-artifact 2024-10-22 14:32:45 -04:00
Ian VanSchooten f0c0d4b49e Remove deprecated actions/upload-release-asset 2024-10-22 14:31:28 -04:00
Ian VanSchooten 6da94f1b48 Replace deprecated github release action 2024-10-22 14:31:28 -04:00
Ian VanSchooten 24b46087da Update upload-artifact 2024-10-22 14:31:28 -04:00
Ian VanSchooten e391a9550c Update actions/setup-java 2024-10-22 14:31:28 -04:00
Ian VanSchooten 836d2a45bf Fix go cache 2024-10-22 14:31:28 -04:00
Ian VanSchooten 9cb9018208 Update actions/setup-go 2024-10-22 14:31:28 -04:00
Ian VanSchooten c55c6f141b Update actions/checkout, set progress false 2024-10-22 14:31:28 -04:00
Ian VanSchooten 9814360613
Upload debug apk (#187)
This adds steps to our android debug smoke build to upload a debug apk on merges to main, retained for 60 days. This can be used to help test and troubleshoot builds in between Android releases.
2024-10-22 14:30:59 -04:00
Ian VanSchooten e58078fa48
Handle managed nebula updates correctly (#186)
This fixes a few issues:

1) When updates are made, we will no longer create duplicate VPN profiles, rather we will update existing ones.
2) We will correctly update an existing profile when the site is running and an update is received, rather than attempting to create a new profile, which failed due to permissions errors.  
3) We will always reload nebula, even if we can't successfully save the VPN profile.
4) The default polling interval of 15 minutes is restored (previously set to 30 seconds during testing).

So far in manual testing I've confirmed that I do not lose the tunnel to my lighthouse even after the original 30 minute expiration of a certificate.  This confirms that reloads are occurring correctly.  Additionally, duplicate sites are not created when updates occur while the site is disconnected.
2024-10-18 12:32:48 -04:00
Ian VanSchooten fb664308ae
Add providerBundleIdentifier to avoid permissions errors (#185) 2024-10-17 11:08:34 -04:00
Ian VanSchooten c8994e98a5
Add smoke-build CI workflow (#169)
This adds a workflow into PRs to build the iOS and Android apps, just to verify that they aren't completely broken / unable to build. They're debug builds, so it won't completely mirror the release build, but that allows us to avoid getting signing keys in the workflow.
2024-10-17 09:38:50 -04:00
John Maguire 43fad65cf7
Use correct relay key in Nebula config (#184) 2024-10-16 17:13:44 -04:00
John Maguire 470578865b
Update to support netip use in Nebula 1.9.4 (#182) 2024-10-16 17:02:28 -04:00
Ian VanSchooten 494f071ed5
Move print logs to OSLogger (#179)
This aids in debugging in console.app, since print statements from the PacketTunnelProvider are not shown in xcode's console.
2024-10-16 14:28:07 -04:00
John Maguire 2d74360bc2
Update Nebula to v1.9.4 (#180) 2024-10-15 14:56:41 -04:00
John Maguire 6d9bcc9ba1
Pop confirmation modal only for changed forms (#178) 2024-10-11 11:34:44 -04:00
Ian VanSchooten fcf21f6f6b
Fix issues with new xcode builds (#177)
John found an issue in gomobile that seems to be the culprit of one of these issues: https://github.com/golang/go/issues/53316#issuecomment-2407626810
2024-10-11 11:21:34 -04:00
John Maguire 998d0459ad
Fix Nebula reloading on managed update (#176) 2024-10-10 09:59:00 -04:00
Ian VanSchooten 1d1a280a9c
Specify correct ndk version (#172) 2024-10-08 12:33:06 -04:00
Ian VanSchooten 667ad112d4
Update proguard rules for missing classes (#171)
Addresses the errors seen in DefinedNet/mobile_nebula/actions/runs/11221064890/job/31190581077#step:13:1260

Locally I am able to perform most of a release build after removing these proguard rules which were previously added to avoid minification stripping out flutter code. That seems to no longer be required, though.
2024-10-08 12:27:32 -04:00
Ian VanSchooten cc0ee7cbc2
Flutter format is removed, now dart format (#168)
It was removed in 3.12: https://github.com/flutter/flutter/pull/129360

This updates the README and our CI job.
2024-10-07 11:38:00 -04:00
Ian VanSchooten 13b75cdbb4
Update java to 17 (#167)
This updates the version of java used during release builds to 17, the minimum required by our version of AGP. https://developer.android.com/build/releases/gradle-plugin#compatibility

It also uses a java toolchain and resolver plugin to automatically download and use the desired version of java, which will hopefully simplify things for others to get spun up on mobile app dev.  Reference https://stefma.medium.com/sourcecompatibility-targetcompatibility-and-jvm-toolchains-in-gradle-explained-d2c17c8cff7c for some explanation of toolchains and compatibility targets, and https://docs.gradle.org/current/userguide/toolchains.html#sec:provisioning for notes about automatic provisioning via toolchain.
2024-10-07 08:22:21 -04:00
Ian VanSchooten 79795ffe63
Remove media and audio pickers (#170)
And target iphoneos 12, to avoid some warnings.

We only use the file picker to allow users to load in nebula certs/keys, we don't need access to pictures.
2024-10-01 13:25:31 -04:00
Ian VanSchooten 2b900fe982
Update Android dependencies and AGP (#165)
This updates kotlin, gson, AGP, and WorkManager to the latest versions.

It also updates the README to include the correct ndk version for our AGP, as specified here: developer.android.com/build/releases/gradle-plugin#compatibility
2024-09-26 16:27:10 -04:00
Ian VanSchooten a6398d6813
Support android API 34 (#164) 2024-09-26 14:43:55 -04:00
Ian VanSchooten 6f12f5a328
Update fastlane (#163) 2024-09-24 11:38:54 -04:00
Ian VanSchooten 78640437f1
Update Gradle, replace QR code reader library (#162)
I ran the Gradle Upgrade Assistant to get us on the latest version of gradle, but two of our dependencies didn't support it.

- https://pub.dev/documentation/package_info/latest/
- https://github.com/AmolGangadhare/flutter_barcode_scanner

`pacakge_info` is officially deprecated and replaced by `package_info_plus`, which is what I've swapped to here.

A bigger change was switching to https://github.com/juliansteenbakker/mobile_scanner.  It does seem to work a bit better than the other one, and does not throw an error now when cancelling the QR code collection, as it did before.  I've tested on android in the simulator, and iOS with an actual device.  

To test adding a cert:
1. Create a CA on your computer with `nebula-cert ca -name test-mobile`.  This will create a `ca.crt` and `ca.key`
2. Tap the + button in the mobile app to add a site
3. Tap the "Certificate" row
4. Copy the public key to a file on your computer like `test.pub`
5. Create a signed cert with `nebula-cert sign -name test-mobile -ip 192.168.0.20/24 -in-pub test.pub`
6. Create a QR code for it: `nebula-cert print -out-qr "qr.png" -path ./test-mobile.crt`
7. In Android studio, in the "Running devices" tab, open the simulator's extended controls:  
<img width="509" alt="Android Studio 2024-09-23 13 08 08" src="https://github.com/user-attachments/assets/c1f8288e-374c-457c-942a-4109240102ab">

8. Choose the Camera option, and add the qr code image to the wall of the virtual scene
<img width="679" alt="image" src="https://github.com/user-attachments/assets/bafaa9af-72e4-4444-9704-9876c53c883c">

9. Back in the app, when you choose QR Code and "Scan a QR code`, the virtual scene should open.  Hold shift, then move your mouse to look around.  Turn around 180 degrees, and walk forward into the other room (can go through the walls) using the `w` key.  When you get the QR code into the white border, the scanner should close and apply the certificate settings.  If you use a nonsense QR code, or a QR code with a non-matching key, or a CA QR code, you should get an error message when it scans.

The process for scanning a CA qr code is similar.  

1. Run `nebula-cert print -out-qr "qr-ca.png" -path ./ca.crt`
2. Replace the QR in the extended controls
3. Tap CA when adding a site
4. The rest of the process is the same as above.

iOS is similar, except you'll need to use a real device, as the simulator does not include a virtual scene like Android does.
2024-09-24 07:25:09 -04:00
Ian VanSchooten 64d45f66c7
Update Flutter, target android SDK 34 (#160)
This updates flutter to 3.24.1, the latest stable version, and also updates our flutter dependencies to latest.

It targets the latest android sdk, 34, which is required if we want to publish a new version to the Google Play store.

I also needed to make a few adjustments to handle deprecations. The biggest change is that I needed to wrap the main widget in MaterialApp to avoid problems with AdaptiveSwitch in iOS.
2024-09-20 14:19:23 -04:00
John Maguire f576aa0c50
Update Nebula and dnapi (#158)
* Update Nebula and dnapi

* Update Go
2024-06-20 15:24:00 -04:00
John Maguire 2353eaf4e3
Update Nebula to latest upstream (#154) 2024-03-07 15:57:34 -05:00
John Maguire 76f0ba17df
Don't use Nebula tunnel for app traffic on Android (#153) 2024-03-07 15:57:26 -05:00
John Maguire 3d7bad5649
Fix Github PAT appearing in Android and iOS app builds (#151)
Also adds a regression test.
2024-01-31 15:42:45 -05:00
John Maguire 7a048d88d7
Update Nebula to v1.8.1 (#147) 2023-12-19 16:54:20 -05:00
John Maguire c64577f42e
Remove cachedPackets from HostInfo (#145) 2023-12-07 15:11:50 -05:00
John Maguire 8edd43230b
Update to Nebula 1.8.0 (#144)
* Update to Nebula 1.8.0

* Update code for Nebula 1.8 changes

* Update to fixed Nebula build
2023-12-06 17:09:22 -05:00
John Maguire ec1af2974a
Fix encryption errors after restoring to a new phone (#143)
When a user restores to a new phone, their TPM will no longer be able to
decrypt the encrypted credentials.

We have code already in place to delete "invalid" sites, which cleans
these up by removing them.

However, when trying to save a new site, Android continues to try to use
the old keys which are no longer decryptable. So, when saving new
encrypted files, simply reset the crypto keys if we are unable to
encrypt.
2023-12-01 15:26:21 -05:00
John Maguire fbd2759d4f
Replace 'DN' with 'Managed Nebula' (#139) 2023-10-05 14:41:40 -04:00
Nate Brown 83145f6fa4
Update nebula to 1.7.2 (#134) 2023-06-01 13:39:40 -05:00
Nate Brown 81901b5dae
Rework the ios startup flow slightly to avoid crashing on ios 16.5 (#132) 2023-05-23 17:31:07 -05:00
John Maguire dcf54b1c38
Update nebula to v1.7.1 (#130) 2023-05-18 16:05:23 -04:00
John Maguire 096bad25ee
Update nebula to v1.7.0 (#129) 2023-05-17 12:38:31 -04:00
John Maguire 693c7b6346
Hide CA expiration errors on managed sites (#128) 2023-05-17 12:10:11 -04:00
Nate Brown 69d0641874
Store the raw dn managed config to be consumed by nebula later (#127) 2023-05-16 10:25:24 -05:00
Nate Brown 450e7c714c
Unblock the UI when trying to update dn managed sites (#125) 2023-05-15 16:10:50 -05:00
John Maguire cfca253ec1
Disallow some problematic app from the VPN (#126) 2023-05-15 17:10:20 -04:00
John Maguire f7a7093879
Fix share button on iPad (#124) 2023-05-15 16:12:24 -04:00
Nate Brown 5ae4c20c70
Use go 1.20 (#122) 2023-05-12 12:42:58 -05:00