Commit Graph

65 Commits

Author SHA1 Message Date
Kristoffer Dalby c7b459b615
Fix issue where ACL * would filter out returning connections (#1279) 2023-03-27 19:19:32 +02:00
Kristoffer Dalby a5562850a7
MapResponse optimalisations, peer list integration tests (#1254)
Co-authored-by: Allen <979347228@qq.com>
2023-03-06 17:50:26 +01:00
Kristoffer Dalby 90287a6735 gofumpt
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby e3a2593344 Rename [Nn]amespace -> [Uu]ser in go code
Use gopls, ag and perl to rename all occurances of Namespace

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Juan Font 593040b73d Run the Noise handlers under a new struct so we can access the noiseConn from the handlers
In TS2021 the MachineKey can be obtained from noiseConn.Peer() - contrary to what I thought before,
where I assumed MachineKey was dropped in TS2021.

By having a ts2021App and hanging from there the TS2021 handlers, we can fetch again the MachineKey.
2022-12-21 20:52:08 +01:00
Juan Font 8170f5e693 Removed unused code and linting fixes
Another bunch of gosec/golint related fixes

Remove method no longer used
2022-12-06 08:17:14 +01:00
Juan Font b62acff2e3 Refactor machine.go, and move functionality to routes.go + unit tests
Port routes tests to new model

Mark as primary the first instance of subnet + tests

In preparation for subnet failover, mark the initial occurrence of a subnet as the primary one.
2022-12-06 08:17:14 +01:00
Benjamin Roberts 8a07381e3a
Fix prefix length comparison bug in AutoApprovers route evaluation (#862) 2022-11-01 12:00:40 +01:00
Kristoffer Dalby 2d170fe339
update tests
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-10-21 14:54:57 +02:00
Kristoffer Dalby df36bcfd39
Fix machine test from marger
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-10-03 12:29:13 +02:00
= 2aebd2927d
Random suffix only on collision.
0.16.0 introduced random suffixes to all machine given names
(DNS hostnames) regardless of collisions within a namespace.
This commit brings Headscale more inline with Tailscale by only
adding a suffix if the hostname will collide within the namespace.

The suffix generation differs from Tailscale.
See https://tailscale.com/kb/1098/machine-names/
2022-10-03 09:13:56 +02:00
Benjamin George Roberts 7761a7b23e fix autoapprover test following tagged authkey change 2022-09-23 18:46:35 +10:00
Benjamin George Roberts 6d2cfd52c5 Merge branch 'main' into autoapprovers 2022-09-23 18:44:36 +10:00
Benjamin George Roberts 842c28adff replace netaddr usage with netip 2022-09-05 09:33:53 +10:00
Juan Font 9810d84e2d
Merge branch 'main' into autoapprovers 2022-09-04 22:40:08 +02:00
Juan Font f6153a9b5d
Merge branch 'main' into preauthkey-tags 2022-09-04 22:35:51 +02:00
Juan Font Alonso 7a78314d9d Remove nolint directives 2022-09-04 11:44:24 +02:00
Juan Font Alonso a24710a961 Migrate machine to net/netip 2022-09-02 00:04:31 +02:00
Benjamin George Roberts 6faa1d2e4a Fix tests broken by preauthkey tags 2022-08-25 22:23:52 +10:00
Benjamin George Roberts 60cc9ddb3b Add test for autoApprovers feature 2022-08-25 22:15:19 +10:00
Juan Font Alonso fdd0c50402 Added helper method to fetch machines by any nodekey + tests 2022-08-13 21:03:02 +02:00
Adrien Raffin-Caboisse 79688e6187
chore(all): apply formater 2022-08-04 10:47:00 +02:00
Adrien Raffin-Caboisse c46a34e6b8
fix(machine): remove duplicate in forcedTags 2022-07-25 11:04:30 +02:00
Juan Font Alonso ffcc72876c Lint fixes 7/n 2022-06-26 12:30:52 +02:00
Juan Font Alonso 10cd87e5a2 Lint fixes 1/n 2022-06-26 11:43:17 +02:00
Juan Font Alonso 3e353004b8 Migrate ACLs syntax to new Tailscale format
Implements #617.

Tailscale has changed the format of their ACLs to use a more firewall-y terms ("users" & "ports" -> "src" & "dst"). They have also started using all-lowercase tags. This PR applies these changes.
2022-06-08 13:40:15 +02:00
Kristoffer Dalby 78ed610b50 Switch config to pointer 2022-06-05 17:47:26 +02:00
Kristoffer Dalby e631c6f7e0 Merge master 2022-05-16 21:41:46 +02:00
Kristoffer Dalby 177c21b294 Add helper function to create a unique givenname 2022-05-16 20:30:43 +02:00
Adrien Raffin-Caboisse dc8c20e002
fix: handle empty aclPolicy for integration tests 2022-05-04 22:56:55 +02:00
Adrien Raffin-Caboisse 2c448d4a5c
chore: apply linting 2022-04-25 22:27:44 +02:00
Adrien Raffin-Caboisse 3d302441b6 fix: order error in the tests 2022-04-25 22:17:23 +02:00
Kristoffer Dalby 6e2768097a Rename name -> hostname, nickname -> givenname 2022-04-24 20:54:38 +01:00
Adrien Raffin-Caboisse 89a1a56328
feat: add unit tests and fmt 2022-04-16 13:15:04 +02:00
Kristoffer Dalby 5b169010be Resolve merge conflict 2022-03-02 08:11:50 +00:00
Kristoffer Dalby e4d81bbb16
Merge branch 'main' into registration-simplification 2022-03-02 07:31:02 +00:00
Adrien Raffin-Caboisse 361b4f7f4f
fix(machine): allow to use * in ACL sources 2022-03-01 22:48:21 +01:00
Kristoffer Dalby 49cd761bf6 Use new machine types in tests 2022-03-01 16:34:35 +00:00
Kristoffer Dalby a8649d83c4 Remove all references to Machine.Registered from tests 2022-02-28 17:42:03 +00:00
Kristoffer Dalby e03b3d558f Remove boundries between namespaces 2022-02-25 10:26:34 +01:00
Adrien Raffin-Caboisse 25550f8866 chore(format): run prettier on repo 2022-02-21 16:06:20 +01:00
Adrien Raffin-Caboisse 4bbe0051f6 chore(machines): apply lint 2022-02-21 10:02:59 +01:00
Adrien Raffin-Caboisse 5ab62378ae tests(machines): test all combinations of peer filtering 2022-02-21 09:58:19 +01:00
Adrien Raffin-Caboisse f006860136 feat(machines): untie dependency with class for filter func
The dependency to the `headscale` struct makes tests harder to do.

This change allow to easily add some tests for this quite sensible function.
2022-02-21 09:58:19 +01:00
Adrien Raffin-Caboisse d8c4c3163b
chore(fmt): apply make fmt command 2022-02-17 09:32:54 +01:00
Adrien Raffin-Caboisse 9cedbbafd4
chore(all): update some files for linter 2022-02-17 09:32:51 +01:00
Adrien Raffin fb45138fc1
feat(acls): check acl owners and add bunch of tests 2022-02-17 09:30:08 +01:00
Adrien Raffin e9949b4c70
feat(acls): simplify updating rules 2022-02-17 09:30:08 +01:00
Adrien Raffin e482dfeed4
feat(machine): add ACLFilter if ACL's are enabled.
This commit change the default behaviour and remove the notion of namespaces between the hosts. It allows all namespaces to be only filtered by the ACLs. This behavior is closer to tailsnet.
2022-02-17 09:30:05 +01:00
Kristoffer Dalby 2bc8051ae5 Remove kv-namespace-worker
This commit removes the namespace kv worker and related code, now that
we talk over gRPC to the server, and not directly to the DB, we should
not need this anymore.
2022-02-12 20:46:05 +00:00