mirror of
https://github.com/siderolabs/omni.git
synced 2026-04-14 12:31:02 +02:00
72cb85a4ff
Introduce token-bucket based bandwidth rate limiting for the SideroLink WireGuard tunnel, configurable via services.siderolink.bandwidthLimitMbps and services.siderolink.bandwidthLimitBurstBytes config fields (with corresponding CLI flag fallbacks). Rate limiting is applied in both directions: outbound via a wrapped conn.Bind and inbound via a TUN input packet filter. A shared limiter drops packets exceeding the budget, relying on TCP congestion control to throttle senders. Disabled by default (0 = unlimited). Also adds a Grafana service to docker-compose with pre-built Omni dashboards for local development observability. Signed-off-by: Oguz Kilcan <oguz.kilcan@siderolabs.com>