diff --git a/app.go b/app.go index 861b9558..1a7ba720 100644 --- a/app.go +++ b/app.go @@ -84,6 +84,8 @@ type Headscale struct { privateKey *key.MachinePrivate noisePrivateKey *key.MachinePrivate + noiseMux *mux.Router + DERPMap *tailcfg.DERPMap DERPServer *DERPServer @@ -430,6 +432,8 @@ func (h *Headscale) ensureUnixSocketIsAbsent() error { func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *mux.Router { router := mux.NewRouter() + router.HandleFunc(ts2021UpgradePath, h.NoiseUpgradeHandler).Methods(http.MethodPost) + router.HandleFunc("/health", h.HealthHandler).Methods(http.MethodGet) router.HandleFunc("/key", h.KeyHandler).Methods(http.MethodGet) router.HandleFunc("/register/{nkey}", h.RegisterWebAPI).Methods(http.MethodGet) @@ -459,6 +463,15 @@ func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *mux.Router { return router } +func (h *Headscale) createNoiseMux() *mux.Router { + router := mux.NewRouter() + + //router.HandleFunc("/machine/register", h.NoiseRegistrationHandler).Methods(http.MethodPost) + //router.HandleFunc("/machine/map", h.NoisePollNetMapHandler).Methods(http.MethodPost) + + return router +} + // Serve launches a GIN server with the Headscale API. func (h *Headscale) Serve() error { var err error @@ -612,9 +625,16 @@ func (h *Headscale) Serve() error { // // HTTP setup // - + // This is the regular router that we expose + // over our main Addr. It also serves the legacy Tailcale API router := h.createRouter(grpcGatewayMux) + // This router is served only over the Noise connection, and exposes only the new API. + // + // The HTTP2 server that exposes this router is created for + // a single hijacked connection from /ts2021, using netutil.NewOneConnListener + h.noiseMux = h.createNoiseMux() + httpServer := &http.Server{ Addr: h.cfg.Addr, Handler: router,