Kristoffer Dalby
3c20d2a178
Update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
da48cf64b3
Set OpenID Connect Expiry
...
This commit adds a default OpenID Connect expiry to 180d to align with
Tailscale SaaS (previously infinite or based on token expiry).
In addition, it adds an option use the expiry time from the Token sent
by the OpenID provider. This will typically cause really short expiry
and you should only turn on this option if you know what you are
desiring.
This fixes #1176 .
Co-authored-by: Even Holthe <even.holthe@bekk.no>
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-31 18:55:16 +01:00
Dominic Bevacqua
385fd93e73
Update changelog
2023-01-31 00:15:48 +01:00
Juan Font
640bb94119
Do not show IsPrimary field as false in exit nodes
2023-01-29 14:54:09 +01:00
Juan Font
b322cdf251
Updated changelog for v0.20.0
2023-01-29 11:46:37 +01:00
Kristoffer Dalby
8dadb045cf
Mark -n and --namespace as deprecated
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-26 10:22:38 +01:00
Kristoffer Dalby
86a7129027
Update changelog, more explicit backup note
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-19 12:54:34 +01:00
Kristoffer Dalby
81441afe70
update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Motiejus Jakštys
bafb6791d3
oidc: allow reading the client secret from a file
...
Currently the most "secret" way to specify the oidc client secret is via
an environment variable `OIDC_CLIENT_SECRET`, which is problematic[1].
Lets allow reading oidc client secret from a file. For extra convenience
the path to the secret will resolve the environment variables.
[1]: https://systemd.io/CREDENTIALS/
2023-01-14 17:03:57 +01:00
Juan Font
6c714e88ee
Added entry for performance improvements in ACLs
2023-01-11 08:58:03 +01:00
Juan Font
2084464225
Update CHANGELOG.md
...
Co-authored-by: Kristoffer Dalby <kristoffer@dalby.cc>
2023-01-05 14:59:02 +01:00
Juan Font
afae1ff7b6
Delete ephemeral machines on logout
...
Update changelog
Use dedicated method to delete
2023-01-05 14:59:02 +01:00
Even Holthe
6db9656008
oidc: update changelog
2023-01-04 09:23:52 +01:00
Christian Heusel
1f4efbcd3b
add changelog entry
2023-01-01 22:45:16 +01:00
Juan Font
593040b73d
Run the Noise handlers under a new struct so we can access the noiseConn from the handlers
...
In TS2021 the MachineKey can be obtained from noiseConn.Peer() - contrary to what I thought before,
where I assumed MachineKey was dropped in TS2021.
By having a ts2021App and hanging from there the TS2021 handlers, we can fetch again the MachineKey.
2022-12-21 20:52:08 +01:00
Juan Font
ca37dc6268
Update changelog
2022-12-15 00:13:53 -08:00
Kristoffer Dalby
134c72f4fb
Set db_ssl to false by default, fixes #1043
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-12-07 14:58:47 +01:00
Zachary Newell
70f2f5d750
Added an OIDC AllowGroups option for authorization.
2022-12-07 08:53:16 +01:00
Juan Font
34107f9a0f
Updated changelog
2022-12-06 08:17:14 +01:00
Kristoffer Dalby
68c72d03b5
Prep changelog for new release
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-12-05 20:41:15 +01:00
Kristoffer Dalby
bd4b2da06e
Add changelog entry to correct version
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-12-05 20:41:15 +01:00
Kristoffer Dalby
a58a552f0e
Update macos/windows doc
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-12-05 20:41:15 +01:00
Juan Font
89c12072ba
added changelog for 0.17.1
2022-12-03 16:34:23 +01:00
Kristoffer Dalby
63cd3122e6
Add breaking change about noise private path
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-12-01 14:47:19 +01:00
Kristoffer Dalby
eb072a1a74
mark some changes as more important
...
Signed-off-by: Kristoffer Dalby <kradalby@kradalby.no>
2022-11-26 12:01:12 +01:00
Kristoffer Dalby
36b8862e7c
Add notes about current ssh status
...
Signed-off-by: Kristoffer Dalby <kradalby@kradalby.no>
2022-11-26 11:53:31 +01:00
Even Holthe
c28ca27133
Add SSH ACL to changelog
2022-11-26 11:53:31 +01:00
Orville Q. Song
25195b8d73
Update CHANGELOG.md
2022-11-24 16:13:47 +01:00
Arnar Gauti Ingason
6d3ede1367
Add support for NextDNS resolver
2022-11-18 09:38:46 +01:00
Juan Font Alonso
2d79179141
Updated changelog
2022-11-15 21:28:26 +01:00
Juan Font
6391555dab
Updated changelog
2022-11-15 08:42:29 +01:00
Kristoffer Dalby
527b580f5e
Add build flag to enable TS2019 ( #928 )
2022-11-04 11:26:33 +01:00
Benjamin Roberts
8a07381e3a
Fix prefix length comparison bug in AutoApprovers route evaluation ( #862 )
2022-11-01 12:00:40 +01:00
Kristoffer Dalby
ca8bca98ed
Add support for "override local DNS" ( #905 )
...
* Add support for "override local DNS"
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* Update changelog
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* Update cli dump test
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-10-31 16:26:18 +01:00
Jiang Zhu
4e8b95e6cd
Fix issue 660 ( #874 )
...
Co-authored-by: Juan Font <juanfontalonso@gmail.com>
2022-10-31 15:59:50 +01:00
Kristoffer Dalby
94ad0a1555
Remove ip_prefix, its been deprecated for a long time ( #899 )
...
* Remove ip_prefix, its been deprecated for a long time
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* update changelog
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Co-authored-by: Juan Font <juanfontalonso@gmail.com>
2022-10-30 22:31:18 +01:00
Kristoffer Dalby
03194e2d66
Merge branch 'main' into feature-random-suffix-on-collision
2022-10-11 08:24:21 +02:00
Juan Font
5333df283a
Merge branch 'main' into sanitise-machine-key-url
2022-10-04 14:31:28 +02:00
=
2aebd2927d
Random suffix only on collision.
...
0.16.0 introduced random suffixes to all machine given names
(DNS hostnames) regardless of collisions within a namespace.
This commit brings Headscale more inline with Tailscale by only
adding a suffix if the hostname will collide within the namespace.
The suffix generation differs from Tailscale.
See https://tailscale.com/kb/1098/machine-names/
2022-10-03 09:13:56 +02:00
Kristoffer Dalby
6b4d53315b
Update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:01:01 +02:00
Kristoffer Dalby
d06ba7b522
Merge branch 'main' into sanitise-machine-key-url
2022-09-23 11:09:23 +02:00
Benjamin George Roberts
6d2cfd52c5
Merge branch 'main' into autoapprovers
2022-09-23 18:44:36 +10:00
Kristoffer Dalby
75a8fc8b3e
Update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-23 10:44:29 +02:00
Benjamin George Roberts
d764f52f24
Update changelog
2022-09-23 18:16:16 +10:00
Benjamin George Roberts
e5decbd0fa
Update changelog
2022-09-23 18:13:48 +10:00
Juan Font
397754753f
Merge branch 'main' into feature/json-logs
2022-09-20 23:11:29 +02:00
Kristoffer Dalby
f2da1a1665
Add comment and update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@dalby.cc>
2022-09-18 12:14:49 +02:00
Igor Perepilitsyn
874d6aaf6b
Make styling fixes
2022-09-11 21:44:28 +02:00
Igor Perepilitsyn
ae4f2cc4b5
Update changelog
2022-09-11 21:37:38 +02:00
Juan Font Alonso
c28e559da4
Updated changelog
2022-09-04 16:23:46 +02:00