Commit Graph

59 Commits

Author SHA1 Message Date
Juan Font Alonso 4424a9abc0 Noise private key now a nested field in config 2022-08-21 10:42:23 +02:00
Juan Font 67ffebc30a
Merge branch 'main' into hs2021-v2 2022-08-18 17:56:56 +02:00
azz 0cc14d0aca
feat: added `db_ssl` to config-example.yaml 2022-08-16 09:02:51 +01:00
Juan Font c701f9e817
Merge branch 'main' into hs2021-v2 2022-08-15 22:56:39 +02:00
Victor Freire 0a5db52855 Add ability to connect to PostgreSQL via unix socket 2022-08-15 11:55:38 -03:00
Victor Freire ec5acf7be2 Add ability to connect to PostgreSQL via unix socket 2022-08-13 11:34:12 -03:00
Juan Font Alonso 6e8e2bf508 Generate and read the Noise private key 2022-08-13 11:14:38 +02:00
Juan Font Alonso 5b5298b025 Renamed config param for node update check internal 2022-07-12 12:52:03 +02:00
Juan Font Alonso cf3fc85196 Make tailnet updates check configurable 2022-07-12 12:27:28 +02:00
Anton Schubert 34be10840c add ability to set randomizeClientPort 2022-06-09 21:26:40 +02:00
Kristoffer Dalby df7d5fa2b9 Fix lint 2022-05-30 14:58:40 +02:00
Kristoffer Dalby a0c465c2eb Wire up setting to enable/disable logtail 2022-05-30 14:47:41 +02:00
Antoine POPINEAU 7cc58af932
Allow more configuration over the OIDC flow.
Adds knobs to configure three aspects of the OpenID Connect flow:

 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals.
2022-05-02 17:11:07 +02:00
Juan Font Alonso d5ce7d7523 Prettier 2022-03-18 13:09:57 +01:00
Juan Font Alonso 2e6687209b Make STUN server mandatory if DERP embedded is enabled 2022-03-18 12:58:00 +01:00
Juan Font Alonso b8aad5451d Make STUN run by default when embedded DERP is enabled
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
2022-03-15 13:22:25 +01:00
Juan Font Alonso 580db9b58f Mention that STUN is UDP 2022-03-06 23:19:21 +01:00
Juan Font Alonso eb06054a7b Make DERP Region configurable 2022-03-06 17:25:21 +01:00
Juan Font Alonso eb500155e8 Make STUN server configurable 2022-03-06 17:00:56 +01:00
Juan Font Alonso 237f7f1027 Merge branch 'main' into embedded-derp 2022-03-05 19:42:29 +01:00
Juan Font Alonso df37d1a639 Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso 758b1ba1cb Renamed configuration items of the DERP server 2022-03-05 16:22:02 +01:00
zakaria 745696b310 docs: fix mistake in ACME challenge type comment 2022-03-04 12:11:43 +10:00
Kristoffer Dalby b61500670c
Merge branch 'main' into metrics-listen 2022-03-02 11:35:33 +00:00
Nico Rey 9a61725e9f Metrics: Disable toggle. Set default port to 9090 2022-02-28 10:40:02 -03:00
Kristoffer Dalby 6126d6d9b5
Merge branch 'main' into metrics-listen 2022-02-28 14:24:25 +01:00
Kristoffer Dalby e0b9a317f4 Add note to config example 2022-02-27 09:05:08 +01:00
Nico Rey 06e6c29a5b metrics: make metrics endpoint toggleable 2022-02-25 18:36:03 -03:00
Nico Rey a9122c3de3 prometheus: replace default port by a port between the recommended prometheus range 2022-02-25 18:21:20 -03:00
Nico d55c79e75b
Merge branch 'main' into metrics-listen 2022-02-24 10:41:07 -03:00
Kristoffer Dalby aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace 2022-02-24 11:40:34 +00:00
Adrien Raffin-Caboisse 4f1f235a2e feat: add strip_email_domain to normalization of namespace 2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse 717250adb3 feat: removing matchmap from headscale 2022-02-22 20:58:08 +01:00
Nico Rey 45d5ab30ff metrics/cfg: add a new entry for the Prometheus listen address 2022-02-21 12:50:44 -03:00
Kristoffer Dalby 7bf2a91dd0
Merge branch 'main' into configurable-mtls 2022-02-20 14:33:23 +00:00
Justin Angel 385dd9cc34 refactoring 2022-02-20 09:06:14 -05:00
Kristoffer Dalby 4e54796384 Allow gRPC server to run insecure 2022-02-13 09:08:46 +00:00
Kristoffer Dalby 58bfea4e64 Update examples and docs 2022-02-12 19:08:59 +00:00
Kristoffer Dalby 168b1bd579
Merge branch 'main' into configurable-mtls 2022-01-31 12:28:00 +00:00
Justin Angel 52db80ab0d Merge branch 'configurable-mtls' of github.com:arch4ngel/headscale into configurable-mtls 2022-01-31 07:19:14 -05:00
Justin Angel d44b2a7c01 adding default for tls_client_auth_mode 2022-01-30 07:26:28 -05:00
Kristoffer Dalby 6f6018bad5
Merge branch 'main' into ipv6 2022-01-30 08:21:11 +00:00
Csaba Sarkadi bf7ee78324 config-example: add configuration for a dual-stack tailnet 2022-01-28 22:13:45 +01:00
Kristoffer Dalby b4f8961e44 Make Unix socket permissions configurable 2022-01-28 18:58:22 +00:00
Kristoffer Dalby 25b5eb8d7f Update tests to aline with new config example 2022-01-02 23:17:42 +00:00
Kristoffer Dalby 5df100539c Remove outdated configuration page in favour of config-example 2022-01-02 19:42:35 +00:00
Kristoffer Dalby 271cb71754 Add more explaination and less redunancy with docs 2022-01-02 19:38:04 +00:00
Kristoffer Dalby f9e6722635 Rewrite main documentation
This commit starts restructuring the documentation and updating it to be
compliant with 0.12.x+ releases.

The main change is that the documentation has been rewritten for the
ground up, and hopefully simplified.

The documentation has been split into an official documentation for
running headscale as a binary under Linux with SystemD and a "community"
provided documentation for Docker.

This should make the two documents a lot easier to read and follow than
the mishmash document we had.
2022-01-02 19:11:36 +01:00
Eugen a6e99525ac Add log_level to config, more ACL debug log 2021-12-01 20:02:00 +01:00
Eugen 07a437c707 Add private_key_path to example config 2021-12-01 14:34:08 +01:00