Commit Graph

221 Commits

Author SHA1 Message Date
Juan Font Alonso fdd0c50402 Added helper method to fetch machines by any nodekey + tests 2022-08-13 21:03:02 +02:00
Juan Font Alonso 030d7264e6 Fixed comment for linting 2022-08-10 16:03:33 +02:00
Juan Font Alonso e950b3be29 Add method to fetch by nodekey 2022-08-10 13:15:31 +02:00
Grigoriy Mikhalkin 911e6ba6de exported API errors 2022-07-29 17:35:21 +02:00
Adrien Raffin-Caboisse c46a34e6b8
fix(machine): remove duplicate in forcedTags 2022-07-25 11:04:30 +02:00
Juan Font Alonso 10cd87e5a2 Lint fixes 1/n 2022-06-26 11:43:17 +02:00
Juan Font Alonso 66fffd69ce Send Online field of tailcfg.Node based on LastSeen 2022-06-16 18:43:50 +02:00
Kristoffer Dalby a19af04582 Fix errors introduced by merge 2022-05-31 11:03:08 +02:00
Kristoffer Dalby 0676aa11a9
Merge branch 'main' into db-error-handling 2022-05-31 10:18:13 +02:00
Kristoffer Dalby 5ecfbbaf5d Fix pointer in machine save call 2022-05-31 10:05:00 +02:00
Kristoffer Dalby 52cc3bc8eb Check all errors for db.Save 2022-05-30 15:31:06 +02:00
Kristoffer Dalby a443255b3e Validate isOutdated against all namespaces
This commit makes isOutdated validate a nodes necessity to update
against all namespaces, and not just the nodes own namespace (which made
more sense before).

getLastStateChange is now uses the passed namespaces as a filter,
meaning that not requesting any namespace will give you the total last
updated state.

In addition, the sync.Map is exchanged for a variant that uses generics
which allows us to remove some casting logic.
2022-05-30 13:35:40 +02:00
Kristoffer Dalby a992840c9b Give UpdateMachine a more meaningful name 2022-05-30 13:35:40 +02:00
Kristoffer Dalby 59a1a85a2b Change to a go generics set implementation, no more casting 🎉 2022-05-30 11:49:35 +02:00
Kristoffer Dalby e631c6f7e0 Merge master 2022-05-16 21:41:46 +02:00
Kristoffer Dalby 4aae917f74 Require GivenName to be unique 2022-05-16 20:33:47 +02:00
Kristoffer Dalby 177c21b294 Add helper function to create a unique givenname 2022-05-16 20:30:43 +02:00
Adrien Raffin-Caboisse 4435a4f19d
chore: apply lint recommendations 2022-05-16 14:59:46 +02:00
Adrien Raffin-Caboisse ca71830963
docs: add small documentation on getTags func 2022-05-16 11:16:07 +02:00
Adrien Raffin-Caboisse fcdc292647
fix: update tag in db if acl is enabled 2022-05-13 13:00:32 +02:00
Adrien Raffin-Caboisse 16f9691e80
fix: ignore emptyPolicy errors for db insertion 2022-05-13 11:20:40 +02:00
Adrien Raffin-Caboisse ad4401aa40
fix: remove debug code 2022-05-13 10:14:36 +02:00
Adrien Raffin-Caboisse dc8c20e002
fix: handle empty aclPolicy for integration tests 2022-05-04 22:56:55 +02:00
Adrien Raffin-Caboisse 2c448d4a5c
chore: apply linting 2022-04-25 22:27:44 +02:00
Adrien Raffin-Caboisse 3d302441b6 fix: order error in the tests 2022-04-25 22:17:23 +02:00
Adrien Raffin-Caboisse 8061abe279 refact: use generics for contains functions 2022-04-25 22:17:23 +02:00
Adrien Raffin-Caboisse ea9aaa6022 feat: update functions to use set command 2022-04-25 22:17:23 +02:00
Kristoffer Dalby 7ef8cd881c Fix comment 2022-04-24 21:10:50 +01:00
Kristoffer Dalby 6e2768097a Rename name -> hostname, nickname -> givenname 2022-04-24 20:54:38 +01:00
Adrien Raffin-Caboisse b9fee36f6e
fix: linting 2022-04-21 23:56:58 +02:00
Adrien Raffin-Caboisse 17d6624bb9
chore: fix lint 2022-04-21 23:49:21 +02:00
Adrien Raffin-Caboisse 89a1a56328
feat: add unit tests and fmt 2022-04-16 13:15:04 +02:00
Adrien Raffin-Caboisse db1528bc73
feat: add invalid and valid tags to grpc response 2022-04-16 12:27:54 +02:00
Adrien Raffin-Caboisse 98f54c9f7f
chore: apply format and lint 2022-04-15 18:27:57 +02:00
Adrien Raffin-Caboisse 02f68ebac8
feat: add forcedTags field and update proto 2022-04-15 16:00:08 +02:00
bravechamp 60ee04674d Normalize nickname before saving to database 2022-03-13 21:55:36 +00:00
bravechamp 663e8384a3 Nickname support 2022-03-13 21:03:20 +00:00
Kristoffer Dalby 5b169010be Resolve merge conflict 2022-03-02 08:11:50 +00:00
Kristoffer Dalby e4d81bbb16
Merge branch 'main' into registration-simplification 2022-03-02 07:31:02 +00:00
Kristoffer Dalby ef422e6988 Protect against expiry nil 2022-03-02 07:29:56 +00:00
Adrien Raffin-Caboisse 361b4f7f4f
fix(machine): allow to use * in ACL sources 2022-03-01 22:48:21 +01:00
Kristoffer Dalby 8a95fe517a Use specific types for all fields on machine (no datatypes.json)
This commit removes the need for datatypes.JSON and makes the code a bit
cleaner by allowing us to use proper types throughout the code when it
comes to hostinfo and other datatypes on the machine object.

This allows us to remove alot of unmarshal/marshal operations and remove
a lot of obsolete error checks.

This following commits will clean away a lot of untyped data and
uneccessary error checks.
2022-03-01 16:31:25 +00:00
Kristoffer Dalby a9d4fa89dc
Merge branch 'main' into registration-simplification 2022-03-01 15:53:06 +01:00
Kristoffer Dalby 1cb39d914c Update dependencies 2022-03-01 07:35:17 +00:00
Kristoffer Dalby 82cb6b9ddc Cleanup some unreachable code 2022-02-28 23:00:41 +00:00
Kristoffer Dalby 5e92ddad43 Remove redundant caches
This commit removes the two extra caches (oidc, requested time) and uses
the new central registration cache instead. The requested time is
unified into the main machine object and the oidc key is just added to
the same cache, as a string with the state as a key instead of machine
key.
2022-02-28 22:42:30 +00:00
Kristoffer Dalby 78251ce8ec Remove registrated field
This commit removes the field from the database and does a DB migration
**removing** all unregistered machines from headscale.

This means that from this version, all machines in the database is
considered registered.
2022-02-28 18:05:03 +00:00
Kristoffer Dalby 16b21e8158 Remove all references to Machine.Registered 2022-02-28 16:55:57 +00:00
Kristoffer Dalby 402a76070f Reuse machine structure for parameters, named parameters 2022-02-28 16:34:28 +00:00
Kristoffer Dalby 469551bc5d Register new machines needing callback in memory
This commit stores temporary registration data in cache, instead of
memory allowing us to only have actually registered machines in the
database.
2022-02-28 08:06:39 +00:00
Kristoffer Dalby 1caa6f5d69 Add todo for JSON datatype 2022-02-27 18:48:25 +01:00
Kristoffer Dalby c58ce6f60c Generalise the registration method to DRY stuff up 2022-02-27 18:40:10 +01:00
Adrien Raffin-Caboisse b39faa124a
Merge remote-tracking branch 'origin/main' into feat-oidc-login-as-namespace 2022-02-25 11:28:17 +01:00
Kristoffer Dalby bae8ed3e70
Merge branch 'main' into make-namespace-to-users 2022-02-25 10:39:12 +01:00
Kristoffer Dalby e03b3d558f Remove boundries between namespaces 2022-02-25 10:26:34 +01:00
Kristoffer Dalby 2fd36dd254 Resolve merge 2022-02-25 09:08:15 +00:00
Kristoffer Dalby eda0a9f88a Lock allocation of IP address
current logic is not safe as it will allow an IP that isnt persisted to
the DB to be given out multiple times if machines joins in quick
succession.

This adds a lock around the "get ip" and machine registration and save
to DB so we ensure thiis isnt happning.

Currently this had to be done three places, which is silly, and outlined
in #294.
2022-02-24 13:18:18 +00:00
Adrien Raffin-Caboisse 95453cba75
Merge branch 'main' into feat-oidc-login-as-namespace 2022-02-23 17:56:45 +01:00
Adrien Raffin-Caboisse 972bef1194 feat: add length error if hostname too long 2022-02-23 14:21:46 +01:00
Adrien Raffin-Caboisse 92ffac625e
feat(namespace): add normalization function for namespace 2022-02-22 19:59:12 +01:00
Kristoffer Dalby ec58979ce0
Merge branch 'main' into remove-shared 2022-02-22 16:48:14 +00:00
Adrien Raffin-Caboisse f2f8d834e8
fix(machine): remove comment
After some more tests in tailscale I couldn't replicate the behavior
described in there.

When adding a rule, allowing A to talk to B the reverse connection was
instantly added to B to allow communication to B.

The previous assumption was probably wrong.
2022-02-22 11:26:21 +01:00
Kristoffer Dalby 24a8e198a1 Remove sharing references across the code 2022-02-21 23:01:35 +00:00
Adrien Raffin-Caboisse 650108c7c7 chore(fmt): apply fmt 2022-02-21 21:46:40 +01:00
Adrien Raffin-Caboisse 25550f8866 chore(format): run prettier on repo 2022-02-21 16:06:20 +01:00
Adrien Raffin-Caboisse 4bbe0051f6 chore(machines): apply lint 2022-02-21 10:02:59 +01:00
Adrien Raffin-Caboisse f006860136 feat(machines): untie dependency with class for filter func
The dependency to the `headscale` struct makes tests harder to do.

This change allow to easily add some tests for this quite sensible function.
2022-02-21 09:58:19 +01:00
Adrien Raffin-Caboisse 9c6ce02554 fix(machines): use ListAllMachines function
added a simple filter to remove the current node
2022-02-21 09:58:19 +01:00
Adrien Raffin-Caboisse 960412a335 fix(machines): simplify complex if check
This should fix the performance issue with computation of `dst` variable. It's also easier to read now.
2022-02-21 09:58:19 +01:00
Adrien Raffin-Caboisse 5242025ab3 fix(machines): renaming following review comments 2022-02-20 23:50:08 +01:00
Adrien Raffin-Caboisse b3d0fb7a93 fix(machine): revert modifications
Using h.ListAllMachines also listed the current machine in the result. It's unnecessary (I don't know if it's harmful).

Breaking the check with the `matchSourceAndDestinationWithRule` broke the tests. We have a specificity with the '*' destination that isn't symetrical.
I need to think of a better way to do this. It too hard to read.
2022-02-20 23:47:04 +01:00
Adrien Raffin-Caboisse d00251c63e fix(acls,machines): apply code review suggestions 2022-02-20 21:26:20 +01:00
Adrien Raffin-Caboisse d8c4c3163b
chore(fmt): apply make fmt command 2022-02-17 09:32:54 +01:00
Adrien Raffin-Caboisse 9cedbbafd4
chore(all): update some files for linter 2022-02-17 09:32:51 +01:00
Adrien Raffin de59946447
feat(acls): rewrite functions to be testable
Rewrite some function to get rid of the dependency on Headscale object. This allows us
to write succinct test that are more easy to review and implement.

The improvements of the tests allowed to write the removal of the tagged hosts
from the namespace as specified here: https://tailscale.com/kb/1068/acl-tags/
2022-02-17 09:30:09 +01:00
Adrien Raffin e482dfeed4
feat(machine): add ACLFilter if ACL's are enabled.
This commit change the default behaviour and remove the notion of namespaces between the hosts. It allows all namespaces to be only filtered by the ACLs. This behavior is closer to tailsnet.
2022-02-17 09:30:05 +01:00
Jamie Greeff 9b7d657cbe
Return all peers instead of peers in same namespace 2022-02-17 09:27:59 +01:00
Kristoffer Dalby bb80b679bc Remove RequestMapUpdates function 2022-02-12 21:04:00 +00:00
Csaba Sarkadi c0c3b7d511 Merge remote-tracking branch 'origin/main' into ipv6 2022-01-29 15:27:49 +01:00
Csaba Sarkadi 25ccf5ef18 PollNetMapStream: do not create any rows during long-poll operation 2022-01-28 21:59:08 +01:00
Csaba Sarkadi 8f632e9062 machine: isOutdated: handle machines without LastSuccefulUpdate set 2022-01-16 14:18:22 +01:00
Csaba Sarkadi 1a6e5d8770 Add support for multiple IP prefixes 2022-01-16 14:18:22 +01:00
Csaba Sarkadi 7ec8346179 Do not assume IPv4 during Tailscale node construction 2022-01-15 16:06:34 +01:00
Kristoffer Dalby 59aeaa8476 Ensure we always have the key prefix when needed 2021-11-27 20:25:12 +00:00
Kristoffer Dalby c38f00fab8 Unmarshal keys in the non-deprecated way 2021-11-26 23:50:42 +00:00
Kristoffer Dalby cfd53bc4aa Factor wgkey to types/key
This commit converts all the uses of wgkey to the new key interfaces.

It now has specific  machine, node and discovery keys and we now should
use them correctly.

Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.

In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
2021-11-26 23:30:42 +00:00
Kristoffer Dalby 68dc2a70db Update neighbours if node is expired or refreshed
In addition, only pass the map of registered and not expired nodes to
clients.
2021-11-22 19:51:16 +00:00
Kristoffer Dalby 021c464148 Add cache for requested expiry times
This commit adds a sentral cache to keep track of clients whom has
requested an expiry time, but were we need to keep hold of it until the
second request comes in.
2021-11-22 19:32:52 +00:00
Kristoffer Dalby e600ead3e9 Make sure nodes can reauthenticate
This commit fixes an issue where nodes were not able to reauthenticate.
2021-11-22 19:32:11 +00:00
Kristoffer Dalby 5cbd4513a4 Simplify register function if 2021-11-22 17:21:56 +00:00
Kristoffer Dalby bd1d1b1a3b Implement ExpireMachine rpc 2021-11-21 13:40:19 +00:00
Kristoffer Dalby 9aac1fb255 Remove expiry logic, this needs to be redone 2021-11-19 09:02:29 +00:00
Kristoffer Dalby 106b1e7e8d Create constants for other reg methods 2021-11-18 17:51:54 +00:00
Kristoffer Dalby d6739386a0
Get rid of dynamic errors 2021-11-15 19:18:14 +00:00
Kristoffer Dalby 25b790d025
Add and fix forcetypeassert 2021-11-15 18:42:44 +00:00
Kristoffer Dalby 715542ac1c
Add and fix stylecheck (golint replacement) 2021-11-15 17:24:24 +00:00
Kristoffer Dalby 0c005a6b01
Add and fix errname 2021-11-15 16:33:16 +00:00
Kristoffer Dalby 0c45f8d252
Add and fix errorlint 2021-11-15 16:26:41 +00:00
Kristoffer Dalby 333be80f9c
Fix rest of var name in main code 2021-11-15 16:15:50 +00:00
Kristoffer Dalby 471c0b4993
Initial work eliminating one/two letter variables 2021-11-14 20:32:03 +01:00