metal-stack
diff --git a/‎_typos.toml‎
Lines changed: 1 addition & 0 deletions b/‎_typos.toml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎doc/index.html‎
Lines changed: 292 additions & 3 deletions b/‎doc/index.html‎
Lines changed: 292 additions & 3 deletions
diff --git a/‎go.mod‎
Lines changed: 4 additions & 4 deletions b/‎go.mod‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎go.sum‎
Lines changed: 8 additions & 8 deletions b/‎go.sum‎
Lines changed: 8 additions & 8 deletions
@@ -7,6 +7,7 @@ extend-ignore-re = [
 ]
 
 [default.extend-words]
+PN = "PN"
 
 [files]
 extend-exclude = [
 
@@ -1782,6 +1782,52 @@ <h2>Table of Contents</h2>
           </li>
 
 
+          <li>
+            <a href="#metalstack%2fapi%2fv2%2fvpn.proto">metalstack/api/v2/vpn.proto</a>
+            <ul>
+              
+                <li>
+                  <a href="#metalstack.api.v2.VPNNode"><span class="badge">M</span>VPNNode</a>
+                </li>
+              
+              
+              
+              
+            </ul>
+          </li>
+        
+          
+          <li>
+            <a href="#metalstack%2fadmin%2fv2%2fvpn.proto">metalstack/admin/v2/vpn.proto</a>
+            <ul>
+              
+                <li>
+                  <a href="#metalstack.admin.v2.VPNServiceAuthKeyRequest"><span class="badge">M</span>VPNServiceAuthKeyRequest</a>
+                </li>
+              
+                <li>
+                  <a href="#metalstack.admin.v2.VPNServiceAuthKeyResponse"><span class="badge">M</span>VPNServiceAuthKeyResponse</a>
+                </li>
+              
+                <li>
+                  <a href="#metalstack.admin.v2.VPNServiceListNodesRequest"><span class="badge">M</span>VPNServiceListNodesRequest</a>
+                </li>
+              
+                <li>
+                  <a href="#metalstack.admin.v2.VPNServiceListNodesResponse"><span class="badge">M</span>VPNServiceListNodesResponse</a>
+                </li>
+              
+              
+              
+              
+                <li>
+                  <a href="#metalstack.admin.v2.VPNService"><span class="badge">S</span>VPNService</a>
+                </li>
+              
+            </ul>
+          </li>
+        
+          
           <li>
             <a href="#metalstack%2fapi%2fv2%2fhealth.proto">metalstack/api/v2/health.proto</a>
             <ul>
@@ -7290,6 +7336,13 @@ <h3 id="metalstack.api.v2.MachineAllocationQuery">MachineAllocationQuery</h3>
                   <td><p>Labels for which this machine allocation should get filtered </p></td>
                 </tr>
 
+                <tr>
+                  <td>vpn</td>
+                  <td><a href="#metalstack.api.v2.MachineVPN">MachineVPN</a></td>
+                  <td>optional</td>
+                  <td><p>VPN query if this machine has a vpn configuration </p></td>
+                </tr>
+              
             </tbody>
           </table>
 
@@ -8615,9 +8668,14 @@ <h3 id="metalstack.api.v2.MachineVPN">MachineVPN</h3>
                   <td>connected</td>
                   <td><a href="#bool">bool</a></td>
                   <td></td>
-                  <td><p>Connected indicate if this machine is connected to the VPN
-
-TODO add machine ips </p></td>
+                  <td><p>Connected indicate if this machine is connected to the VPN </p></td>
+                </tr>
+              
+                <tr>
+                  <td>ips</td>
+                  <td><a href="#string">string</a></td>
+                  <td>repeated</td>
+                  <td><p>IPs of the machine connected to the vpn </p></td>
                 </tr>
 
             </tbody>
@@ -14598,6 +14656,237 @@ <h3 id="metalstack.admin.v2.TokenService">TokenService</h3>
 
 
 
+      <div class="file-heading">
+        <h2 id="metalstack/api/v2/vpn.proto">metalstack/api/v2/vpn.proto</h2><a href="#title">Top</a>
+      </div>
+      <p></p>
+
+      
+        <h3 id="metalstack.api.v2.VPNNode">VPNNode</h3>
+        <p>VPNNode is a machine connected to the vpn</p>
+
+        
+          <table class="field-table">
+            <thead>
+              <tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
+            </thead>
+            <tbody>
+              
+                <tr>
+                  <td>id</td>
+                  <td><a href="#uint64">uint64</a></td>
+                  <td></td>
+                  <td><p>Id of this node </p></td>
+                </tr>
+              
+                <tr>
+                  <td>name</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>Name of this node </p></td>
+                </tr>
+              
+                <tr>
+                  <td>project</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>Project of this node, maps to a project </p></td>
+                </tr>
+              
+                <tr>
+                  <td>ip_addresses</td>
+                  <td><a href="#string">string</a></td>
+                  <td>repeated</td>
+                  <td><p>IPAddresses of this node in the vpn </p></td>
+                </tr>
+              
+                <tr>
+                  <td>last_seen</td>
+                  <td><a href="#google.protobuf.Timestamp">google.protobuf.Timestamp</a></td>
+                  <td></td>
+                  <td><p>LastSeen timestamp when this node reached out the the control plane </p></td>
+                </tr>
+              
+                <tr>
+                  <td>online</td>
+                  <td><a href="#bool">bool</a></td>
+                  <td></td>
+                  <td><p>Online indicates if this node is online </p></td>
+                </tr>
+              
+            </tbody>
+          </table>
+
+          
+
+        
+      
+
+      
+
+      
+
+      
+    
+      
+      <div class="file-heading">
+        <h2 id="metalstack/admin/v2/vpn.proto">metalstack/admin/v2/vpn.proto</h2><a href="#title">Top</a>
+      </div>
+      <p></p>
+
+      
+        <h3 id="metalstack.admin.v2.VPNServiceAuthKeyRequest">VPNServiceAuthKeyRequest</h3>
+        <p>VPNServiceAuthKeyRequest is the request payload for a vpn authkey request.</p>
+
+        
+          <table class="field-table">
+            <thead>
+              <tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
+            </thead>
+            <tbody>
+              
+                <tr>
+                  <td>project</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>Project for which a vpn authkey should be generated. </p></td>
+                </tr>
+              
+                <tr>
+                  <td>ephemeral</td>
+                  <td><a href="#bool">bool</a></td>
+                  <td></td>
+                  <td><p>Ephemeral defines if the authkey should be ephemeral. </p></td>
+                </tr>
+              
+                <tr>
+                  <td>expires</td>
+                  <td><a href="#google.protobuf.Duration">google.protobuf.Duration</a></td>
+                  <td></td>
+                  <td><p>Expires defines the duration after which the authkey expires. </p></td>
+                </tr>
+              
+            </tbody>
+          </table>
+
+          
+
+        
+      
+        <h3 id="metalstack.admin.v2.VPNServiceAuthKeyResponse">VPNServiceAuthKeyResponse</h3>
+        <p>VPNServiceAuthKeyResponse is the request payload for a authkey response</p>
+
+        
+          <table class="field-table">
+            <thead>
+              <tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
+            </thead>
+            <tbody>
+              
+                <tr>
+                  <td>address</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>Address is the address of the vpn control plane. </p></td>
+                </tr>
+              
+                <tr>
+                  <td>auth_key</td>
+                  <td><a href="#string">string</a></td>
+                  <td></td>
+                  <td><p>AuthKey is the key to connect to the vpn at the given address.
+This key can only be seen once. </p></td>
+                </tr>
+              
+            </tbody>
+          </table>
+
+          
+
+        
+      
+        <h3 id="metalstack.admin.v2.VPNServiceListNodesRequest">VPNServiceListNodesRequest</h3>
+        <p>VPNServiceListNodesRequest is the request payload for a vpn list nodes request</p>
+
+        
+          <table class="field-table">
+            <thead>
+              <tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
+            </thead>
+            <tbody>
+              
+                <tr>
+                  <td>project</td>
+                  <td><a href="#string">string</a></td>
+                  <td>optional</td>
+                  <td><p>Project if given only nodes of this user are returned </p></td>
+                </tr>
+              
+            </tbody>
+          </table>
+
+          
+
+        
+      
+        <h3 id="metalstack.admin.v2.VPNServiceListNodesResponse">VPNServiceListNodesResponse</h3>
+        <p>VPNServiceListNodesResponse is the response payload for a vpn list nodes request</p>
+
+        
+          <table class="field-table">
+            <thead>
+              <tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
+            </thead>
+            <tbody>
+              
+                <tr>
+                  <td>nodes</td>
+                  <td><a href="#metalstack.api.v2.VPNNode">metalstack.api.v2.VPNNode</a></td>
+                  <td>repeated</td>
+                  <td><p>Nodes connected to the vpn </p></td>
+                </tr>
+              
+            </tbody>
+          </table>
+
+          
+
+        
+      
+
+      
+
+      
+
+      
+        <h3 id="metalstack.admin.v2.VPNService">VPNService</h3>
+        <p>VPNService serves vpn related functions</p>
+        <table class="enum-table">
+          <thead>
+            <tr><td>Method Name</td><td>Request Type</td><td>Response Type</td><td>Description</td></tr>
+          </thead>
+          <tbody>
+            
+              <tr>
+                <td>AuthKey</td>
+                <td><a href="#metalstack.admin.v2.VPNServiceAuthKeyRequest">VPNServiceAuthKeyRequest</a></td>
+                <td><a href="#metalstack.admin.v2.VPNServiceAuthKeyResponse">VPNServiceAuthKeyResponse</a></td>
+                <td><p>AuthKey generates a authkey for a project to join a machine to the project vpn</p></td>
+              </tr>
+            
+              <tr>
+                <td>ListNodes</td>
+                <td><a href="#metalstack.admin.v2.VPNServiceListNodesRequest">VPNServiceListNodesRequest</a></td>
+                <td><a href="#metalstack.admin.v2.VPNServiceListNodesResponse">VPNServiceListNodesResponse</a></td>
+                <td><p>ListNodes returns a list of machines actually connected to the vpn</p></td>
+              </tr>
+            
+          </tbody>
+        </table>
+
+        
+    
+      
       <div class="file-heading">
         <h2 id="metalstack/api/v2/health.proto">metalstack/api/v2/health.proto</h2><a href="#title">Top</a>
       </div>
 
@@ -3,7 +3,7 @@ module github.com/metal-stack/api
 go 1.25
 
 require (
-	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.10-20251209175733-2a1774d88802.1
+	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20251209175733-2a1774d88802.1
 	buf.build/go/protovalidate v1.1.0
 	connectrpc.com/connect v1.19.1
 	github.com/bufbuild/protocompile v0.14.1
@@ -12,7 +12,7 @@ require (
 	github.com/google/go-cmp v0.7.0
 	github.com/klauspost/connect-compress/v2 v2.1.0
 	github.com/stretchr/testify v1.11.1
-	google.golang.org/protobuf v1.36.10
+	google.golang.org/protobuf v1.36.11
 )
 
 require (
@@ -28,8 +28,8 @@ require (
 	github.com/stretchr/objx v0.5.3 // indirect
 	golang.org/x/exp v0.0.0-20251209150349-8475f28825e9 // indirect
 	golang.org/x/text v0.32.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20251213004720-97cd9d5aeac2 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251213004720-97cd9d5aeac2 // indirect
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
@@ -1,5 +1,5 @@
-buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.10-20251209175733-2a1774d88802.1 h1:ZnX3qpF/pDiYrf+Q3p+/zCzZ5ELSpszy5hdVarDMSV4=
-buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.10-20251209175733-2a1774d88802.1/go.mod h1:fUl8CEN/6ZAMk6bP8ahBJPUJw7rbp+j4x+wCcYi2IG4=
+buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20251209175733-2a1774d88802.1 h1:j9yeqTWEFrtimt8Nng2MIeRrpoCvQzM9/g25XTvqUGg=
+buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20251209175733-2a1774d88802.1/go.mod h1:tvtbpgaVXZX4g6Pn+AnzFycuRK3MOz5HJfEGeEllXYM=
 buf.build/go/protovalidate v1.1.0 h1:pQqEQRpOo4SqS60qkvmhLTTQU9JwzEvdyiqAtXa5SeY=
 buf.build/go/protovalidate v1.1.0/go.mod h1:bGZcPiAQDC3ErCHK3t74jSoJDFOs2JH3d7LWuTEIdss=
 cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4=
@@ -60,12 +60,12 @@ golang.org/x/exp v0.0.0-20251209150349-8475f28825e9 h1:MDfG8Cvcqlt9XXrmEiD4epKn7
 golang.org/x/exp v0.0.0-20251209150349-8475f28825e9/go.mod h1:EPRbTFwzwjXj9NpYyyrvenVh9Y+GFeEvMNh7Xuz7xgU=
 golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
 golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
-google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 h1:fCvbg86sFXwdrl5LgVcTEvNC+2txB5mgROGmRL5mrls=
-google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
-google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
-google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
+google.golang.org/genproto/googleapis/api v0.0.0-20251213004720-97cd9d5aeac2 h1:7LRqPCEdE4TP4/9psdaB7F2nhZFfBiGJomA5sojLWdU=
+google.golang.org/genproto/googleapis/api v0.0.0-20251213004720-97cd9d5aeac2/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251213004720-97cd9d5aeac2 h1:2I6GHUeJ/4shcDpoUlLs/2WPnhg7yJwvXtqcMJt9liA=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20251213004720-97cd9d5aeac2/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk=
+google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
+google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ extend-ignore-re = [`
`7`	`7`	`]`
`8`	`8`
`9`	`9`	`[default.extend-words]`
	`10`	`+PN = "PN"`
`10`	`11`
`11`	`12`	`[files]`
`12`	`13`	`extend-exclude = [`