juanfont/headscale
1
1
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2024-11-10 09:02:30 +08:00
Code Issues Projects Releases Packages Wiki Activity
2694 commits 53 branches 130 tags 28 MiB
Commit graph

61 commits

Author SHA1 Message Date
Juan Font
87bfb53c1c Remove unused function 2022-11-26 09:59:56 +00:00
LiuHanCheng
bf87b33292
feat: add information to the /apple page for the macOS standalone client user (#915) 
Co-authored-by: Kristoffer Dalby <kristoffer@dalby.cc>
 2022-11-04 12:27:23 +01:00
Kristoffer Dalby
8be14ef6fe
gofumpt 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
 2022-09-23 11:53:42 +02:00
Kristoffer Dalby
2bb34751d1
Validate the incoming nodekey with regex before attempting to parse 
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
 2022-09-23 11:53:42 +02:00
Juan Font Alonso
cdf48b1216 Migrate utils to net/netip 2022-09-02 00:05:18 +02:00
Juan Font Alonso
43ad0d4416 Removed unused method 2022-08-19 14:24:43 +02:00
Juan Font Alonso
5cf9eedf42 Minor logging corrections 2022-08-15 10:43:39 +02:00
Juan Font Alonso
0d0042b7e6 Added zstd constant for linting 2022-08-14 17:04:07 +02:00
Grigoriy Mikhalkin
cc1343d31d fixed typo in ErrCannotDecryptResponse name 2022-08-05 00:00:36 +02:00
Grigoriy Mikhalkin
911e6ba6de exported API errors 2022-07-29 17:35:21 +02:00
Juan Font Alonso
a913d1b521 Lint fixes 2/n 2022-06-26 11:55:37 +02:00
Anton Schubert
8f31ed51e1 fix occasional panic on registration 
GenerateRandomStringDNSSafe will panic occasionally if the random base64
string contains too many - and _ due to the replacement. Fix by looping.
 2022-06-15 12:22:57 +02:00
Kristoffer Dalby
35722cd5aa Move FilePerm function from cli to headscale 2022-06-03 09:24:36 +02:00
Kristoffer Dalby
36dca3516a Move Abspath function to headscale utils 2022-05-31 14:28:23 +02:00
Juan Font Alonso
4f3f0542d4 Fix some issues in testing with new hostname handling 2022-05-28 12:54:57 +02:00
Kristoffer Dalby
e631c6f7e0 Merge master 2022-05-16 21:41:46 +02:00
Kristoffer Dalby
177c21b294 Add helper function to create a unique givenname 2022-05-16 20:30:43 +02:00
Adrien Raffin-Caboisse
4435a4f19d
chore: apply lint recommendations 2022-05-16 14:59:46 +02:00
Adrien Raffin-Caboisse
a2fb5b2b9d
Merge remote-tracking branch 'origin/main' into feat-list-tags-of-machines 2022-05-03 20:35:28 +02:00
Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow. 
Adds knobs to configure three aspects of the OpenID Connect flow:

 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals.
 2022-05-02 17:11:07 +02:00
Adrien Raffin-Caboisse
8061abe279 refact: use generics for contains functions 2022-04-25 22:17:23 +02:00
Kristoffer Dalby
67d6c8f946 Remove oversensitive tracing output 2022-02-27 09:04:27 +01:00
Kristoffer Dalby
ebe59a5a27 Fix utils tests, use ipset datastructure 2022-02-25 08:28:22 +00:00
Kristoffer Dalby
eda0a9f88a Lock allocation of IP address 
current logic is not safe as it will allow an IP that isnt persisted to
the DB to be given out multiple times if machines joins in quick
succession.

This adds a lock around the "get ip" and machine registration and save
to DB so we ensure thiis isnt happning.

Currently this had to be done three places, which is silly, and outlined
in #294.
 2022-02-24 13:18:18 +00:00
Adrien Raffin-Caboisse
5f642eef76
chore(lint): more lint fixing 2022-02-17 09:32:54 +01:00
Adrien Raffin
e482dfeed4
feat(machine): add ACLFilter if ACL's are enabled. 
This commit change the default behaviour and remove the notion of namespaces between the hosts. It allows all namespaces to be only filtered by the ACLs. This behavior is closer to tailsnet.
 2022-02-17 09:30:05 +01:00
Kristoffer Dalby
ead8b68a03 Fix lint 2022-02-12 19:42:55 +00:00
Kristoffer Dalby
3393363a67 Add safe random hash generators 2022-01-25 22:11:15 +00:00
Kristoffer Dalby
445c04baf7 Fix lint 2022-01-30 08:35:10 +00:00
Csaba Sarkadi
6220836050 utils: extract GetIPPrefixEndpoints from anonymous function 2022-01-29 15:26:28 +01:00
Csaba Sarkadi
1a6e5d8770 Add support for multiple IP prefixes 2022-01-16 14:18:22 +01:00
Csaba Sarkadi
46cdce00af Do not assume IPv4 during address generation 2022-01-15 16:06:34 +01:00
Kristoffer Dalby
34f4109fbd Add back privatekey, but automatically generate it if it does not exist 2021-11-28 09:17:18 +00:00
Kristoffer Dalby
59aeaa8476 Ensure we always have the key prefix when needed 2021-11-27 20:25:12 +00:00
Kristoffer Dalby
c38f00fab8 Unmarshal keys in the non-deprecated way 2021-11-26 23:50:42 +00:00
Kristoffer Dalby
cfd53bc4aa Factor wgkey to types/key 
This commit converts all the uses of wgkey to the new key interfaces.

It now has specific  machine, node and discovery keys and we now should
use them correctly.

Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.

In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
 2021-11-26 23:30:42 +00:00
Kristoffer Dalby
d6739386a0
Get rid of dynamic errors 2021-11-15 19:18:14 +00:00
Kristoffer Dalby
715542ac1c
Add and fix stylecheck (golint replacement) 2021-11-15 17:24:24 +00:00
Kristoffer Dalby
0c45f8d252
Add and fix errorlint 2021-11-15 16:26:41 +00:00
Kristoffer Dalby
471c0b4993
Initial work eliminating one/two letter variables 2021-11-14 20:32:03 +01:00
Kristoffer Dalby
89eb13c6cb
Add and fix nlreturn (new line return) 2021-11-14 16:46:09 +01:00
Kristoffer Dalby
2634215f12 golangci-lint --fix 2021-11-13 08:39:04 +00:00
Kristoffer Dalby
03b7ec62ca Go format with shorter lines 2021-11-13 08:36:45 +00:00
Kristoffer Dalby
9acc3e0e73 Add a set of ip prefix convert helpers 2021-11-04 22:17:44 +00:00
Kristoffer Dalby
434fac52b7 Fix lint error 2021-10-30 14:29:03 +00:00
Kristoffer Dalby
6aacada852 Switch from gRPC localhost to socket 
This commit changes the way CLI and grpc-gateway communicates with the
gRPC backend to socket, instead of localhost. Unauthenticated access now
goes on the socket, while the network interface will require API key (in
the future).
 2021-10-30 14:08:16 +00:00
Kristoffer Dalby
68dab0fe7b Move localhost check to utils 2021-10-29 17:04:58 +00:00
Kristoffer Dalby
9698abbfd5
Resolve merge conflict 2021-08-13 10:33:19 +01:00
Kristoffer Dalby
ea615e3a26
Do not issue "network" or "broadcast" addresses (0 or 255) 2021-08-03 10:06:42 +01:00
Kristoffer Dalby
73207decfd Check that IP is set before parsing 
Machine is saved to db before it is assigned an ip, so we might have
empty ip fields coming back.
 2021-08-03 07:42:11 +01:00