Do not expose the general API router over the Noise connection

And do not expose the Noise API over the regular connection. Plus,
there are (more) changes coming to the API... so let's have different
API codebases.

app.go

@@ -152,7 +152,7 @@ type Headscale struct {
 	privateKey      *key.MachinePrivate
 	noisePrivateKey *key.MachinePrivate
 
-	router *gin.Engine
+	noiseRouter *gin.Engine
 
 	DERPMap    *tailcfg.DERPMap
 	DERPServer *DERPServer
@@ -510,6 +510,12 @@ func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *gin.Engine {
 	return router
 }
 
+func (h *Headscale) createNoiseRouter() *gin.Engine {
+	router := gin.Default()
+
+	return router
+}
+
 // Serve launches a GIN server with the Headscale API.
 func (h *Headscale) Serve() error {
 	var err error
@@ -675,11 +681,17 @@ func (h *Headscale) Serve() error {
 	// HTTP setup
 	//
 
-	h.router = h.createRouter(grpcGatewayMux)
+	// This is the regular router that we expose
+	// over our main Addr. It also serves the legacy Tailcale API
+	router := h.createRouter(grpcGatewayMux)
+
+	// This router is only served over the Noise connection,
+	// and exposes only the new API
+	h.noiseRouter = h.createNoiseRouter()
 
 	httpServer := &http.Server{
 		Addr:        h.cfg.Addr,
-		Handler:     h.router,
+		Handler:     router,
 		ReadTimeout: HTTPReadTimeout,
 		// Go does not handle timeouts in HTTP very well, and there is
 		// no good way to handle streaming timeouts, therefore we need to

noise.go

@@ -62,7 +62,7 @@ func (h *Headscale) NoiseUpgradeHandler(ctx *gin.Context) {
 	}
 
 	server := http.Server{}
-	server.Handler = h2c.NewHandler(h.router, &http2.Server{})
+	server.Handler = h2c.NewHandler(h.noiseRouter, &http2.Server{})
 	server.Serve(netutil.NewOneConnListener(noiseConn, nil))
 }
 

noise_api.go

@@ -0,0 +1 @@
+package headscale