juanfont/headscale
1
1
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-11-10 17:12:33 +08:00
Code Issues Projects Releases Packages Wiki Activity
2070 commits 53 branches 130 tags 28 MiB
Commit graph

219 commits

Author SHA1 Message Date
Juan Font Alonso
804d70386d Switch to nodekey in urls 2022-08-11 12:15:16 +02:00
Juan Font Alonso
fb3b2e6bc8 Improve protocol implementation for client registration (fixes #706) 2022-08-11 12:11:02 +02:00
Juan Font
abae078855
Merge branch 'main' into feature/db-health-check 2022-07-24 22:10:16 +02:00
Juan Font
7c87ef6c86
Merge branch 'main' into graceful-shutdown 2022-07-22 09:06:46 +02:00
Juan Font Alonso
a4d0efbe8d Fix API router 2022-07-21 23:57:07 +02:00
Grigoriy Mikhalkin
3f0639c87d graceful shutdown lint fixes 2022-07-21 23:47:20 +02:00
Grigoriy Mikhalkin
889eff265f graceful shutdown fix 2022-07-21 23:47:20 +02:00
Jiang Zhu
aca5646032 remove gin completely, ~2MB reduction on final binary 2022-07-16 02:03:46 +08:00
Anton Schubert
c6aaa37f2d ping db in health check 2022-07-12 22:56:53 +02:00
Juan Font Alonso
c810b24eb9 Lint fixes 5/n 2022-06-26 12:21:35 +02:00
Juan Font Alonso
c859bea0cf Lint fixes 3/n 2022-06-26 12:01:04 +02:00
Juan Font Alonso
a913d1b521 Lint fixes 2/n 2022-06-26 11:55:37 +02:00
Juan Font
bb4a9583a7
Merge branch 'main' into abandon-gin 2022-06-26 11:08:48 +02:00
Juan Font Alonso
39b58f7d4c Use a signal to close the longpolls on shutdown 2022-06-23 19:40:07 +02:00
Juan Font Alonso
116bef25a7 Fixed wrong copy paste in Header 2022-06-20 21:19:49 +02:00
Juan Font Alonso
396c3ecdf7 Remove Gin from the OIDC handlers 2022-06-20 12:31:19 +02:00
Juan Font Alonso
d89fb68a7a Switch to use gorilla's mux as muxer 2022-06-18 18:41:42 +02:00
Juan Font Alonso
d5e331a2fb Remove Gin from OIDC callback 2022-06-17 17:42:17 +02:00
Juan Font Alonso
367da0fcc2 Remove Gin from simple endpoints for TS2019 2022-06-17 16:48:04 +02:00
Anton Schubert
735440d1a3 add timeout for http shutdown, add db disconnect 2022-06-17 11:07:25 +02:00
Kristoffer Dalby
8d58894daa Tailscale 1.26 uses dnstype pointer 2022-06-11 15:34:02 +00:00
Kristoffer Dalby
0c2648c188 Update the nodes after we have reloaded the ACL policy with sighup 2022-06-11 12:54:44 +01:00
Kristoffer Dalby
7e6291c21c Change Set state change function to filter instead of single namespace 
This commit makes the setLastStateChangeToNow function take a list of
namespaces instead of a single namespace. If no namespaces is passed,
all namespaces will be updated. This means that the argument acts like a
filter.
 2022-06-11 12:53:02 +01:00
Kristoffer Dalby
78ed610b50 Switch config to pointer 2022-06-05 17:47:26 +02:00
Kristoffer Dalby
aee8aa1c61 Move TLS config into its own struct 2022-06-03 10:14:14 +02:00
Kristoffer Dalby
533ecee252 Move config struct to its own file 2022-06-03 09:05:41 +02:00
Kristoffer Dalby
2feed18b28 Support reloading ACLs with SIGHUP 
Also continously listen for signals, not just once.
 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
24e4787a64 Make ACL policy part of the config struct 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
0b4f59b82b Improve signal handling 
This commit starts to wire up better signal handling, it starts with
handling shutdown a bit better, using the graceful shutdown for all the
listeners we use.

It also adds the initial switch case for handling config and acl reload,
which is to be implemented.
 2022-05-31 14:28:00 +02:00
Kristoffer Dalby
9175aca094
Merge branch 'main' into rename-fixess 2022-05-30 15:29:50 +02:00
Kristoffer Dalby
a0c465c2eb Wire up setting to enable/disable logtail 2022-05-30 14:47:41 +02:00
Kristoffer Dalby
a443255b3e Validate isOutdated against all namespaces 
This commit makes isOutdated validate a nodes necessity to update
against all namespaces, and not just the nodes own namespace (which made
more sense before).

getLastStateChange is now uses the passed namespaces as a filter,
meaning that not requesting any namespace will give you the total last
updated state.

In addition, the sync.Map is exchanged for a variant that uses generics
which allows us to remove some casting logic.
 2022-05-30 13:35:40 +02:00
Kristoffer Dalby
e631c6f7e0 Merge master 2022-05-16 21:41:46 +02:00
Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow. 
Adds knobs to configure three aspects of the OpenID Connect flow:

 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals.
 2022-05-02 17:11:07 +02:00
Juan Font Alonso
01d9a2f589 Fixed linting issues 2022-04-30 23:48:28 +02:00
Juan Font
843e2bd9b6 Do not setLastStateChangeToNow every 5 seconds 2022-04-30 14:47:16 +00:00
Kristoffer Dalby
6e2768097a Rename name -> hostname, nickname -> givenname 2022-04-24 20:54:38 +01:00
Juan Font Alonso
db9ba17920 Added missing file 2022-03-18 13:10:35 +01:00
Juan Font Alonso
8f5875efe4 Reorg errors 2022-03-16 19:46:59 +01:00
Juan Font
98ac88d5ef
Changed comment position 
Co-authored-by: Kristoffer Dalby <kradalby@kradalby.no>
 2022-03-16 18:45:34 +01:00
Kristoffer Dalby
d13338a9fb
Merge branch 'main' into mandatory-stun 2022-03-16 07:18:18 +00:00
bravechamp
0bfa5302a7
Fix API access 
By allowing API keys to be validated
 2022-03-15 16:05:56 +03:00
Juan Font Alonso
b8aad5451d Make STUN run by default when embedded DERP is enabled 
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
 2022-03-15 13:22:25 +01:00
Juan Font Alonso
eb06054a7b Make DERP Region configurable 2022-03-06 17:25:21 +01:00
Juan Font Alonso
eb500155e8 Make STUN server configurable 2022-03-06 17:00:56 +01:00
Juan Font Alonso
54c3e00a1f Merge local DERP server region with other configured DERP sources 2022-03-05 20:04:31 +01:00
Juan Font Alonso
237f7f1027 Merge branch 'main' into embedded-derp 2022-03-05 19:42:29 +01:00
Juan Font Alonso
df37d1a639 Do not offer the option to be DERP insecure 
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
 2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb Renamed configuration items of the DERP server 2022-03-05 16:22:02 +01:00
Juan Font Alonso
607c1eb316 Be consistent with uppercase DERP 2022-03-04 11:31:41 +01:00