Commit Graph

207 Commits

Author SHA1 Message Date
Juan Font Alonso ef0f7c0c09 Integration tests for MagicDNS working 2021-10-04 18:04:08 +02:00
Aaron Bieber 8fa0fe65ba Add the ability to specify registration ACME email and ACME URL. 2021-10-03 12:26:38 -06:00
Kristoffer Dalby ed728f57e0
Remove WriteTimeout from HTTP
Golangs built in HTTP server does not allow different HTTP timeout for
different types of handlers, so we cannot have a write timeout as we
attempt to do long polling (my bad).

See linked article.

Also removed redundant server declaration
2021-10-02 15:29:27 +01:00
Juan Font Alonso 8d60ae2c7e Tidy gomod 2021-10-02 13:03:41 +02:00
Juan Font Alonso 45e71ecba0 Generated MagicDNS search domains (only in 100.64.0.0/10) 2021-10-02 12:13:05 +02:00
Juan Font Alonso 656237e167 Propagate dns config vales across Headscale 2021-10-02 11:20:42 +02:00
Kristoffer Dalby cc054d71fe
Merge branch 'main' into main 2021-09-26 21:35:26 +01:00
Raal Goff e7a2501fe8 initial work on OIDC (SSO) integration 2021-09-26 16:53:05 +08:00
Kristoffer Dalby 2d39d6602c Merge remote-tracking branch 'upstream/main' into apple-mobileconfig 2021-09-19 18:00:40 +01:00
Kristoffer Dalby dfcab2b6d5
Wire up new handlers 2021-09-19 17:56:29 +01:00
Kristoffer Dalby 987bbee1db
Add DNSConfig field to configuration 2021-08-24 07:09:47 +01:00
Kristoffer Dalby 88d7ac04bf
Account for racecondition in deleting/closing update channel
This commit tries to address the possible raceondition  that can happen
if a client closes its connection after we have fetched it from the
syncmap before sending the message.

To try to avoid introducing new dead lock conditions, all messages sent
to updateChannel has been moved into a function, which handles the
locking (instead of calling it all over the place)

The same lock is used around the delete/close function.
2021-08-20 16:52:34 +01:00
Kristoffer Dalby 53168d54d8
Make http timeout 30s instead of 10s 2021-08-19 22:29:03 +01:00
Kristoffer Dalby b0ec945dbb
Make lastStateChange namespaced 2021-08-19 18:19:26 +01:00
Kristoffer Dalby 57b79aa852 Set timeout, add lastupdate field
This commit makes two reasonably major changes:

Set a default timeout for the go HTTP server (which gin uses), which
allows us to actually have broken long poll sessions fail so we can have
the client re-establish them.
The current 10s number is chosen randomly and we need more testing to
ensure that the feature work as intended.

The second is adding a last updated field to keep track of the last time
we had an update that needs to be propagated to all of our
clients/nodes. This will be used to keep track of our machines and if
they are up to date or need us to push an update.
2021-08-18 23:21:11 +01:00
Kristoffer Dalby 9698abbfd5
Resolve merge conflict 2021-08-13 10:33:19 +01:00
Juan Font 8eb7d47072 Fixed linting 2021-08-12 21:57:20 +02:00
Juan Font ab61c87701 Also notify peers when deleting ephemerals 2021-08-12 21:53:37 +02:00
Juan Font c1e6157847 Expire ephemeral is internal 2021-08-12 21:45:40 +02:00
Juan Font 4c849539fc Expire the ephemeral nodes in the Serve method 2021-08-12 21:44:12 +02:00
Kristoffer Dalby 149279f3d5 Add health endpoint
Allow us to tell when the server is up and running and can answer
requests
2021-08-08 17:36:25 +01:00
Kristoffer Dalby 99fd126219
Remove unused mutex 2021-08-06 21:11:38 +01:00
Kristoffer Dalby 1abc68ccf4 Removes locks causing deadlock
This commit removes most of the locks in the PollingMap handler as there
was combinations that caused deadlocks. Instead of doing a plain map and
doing the locking ourselves, we use sync.Map which handles it for us.
2021-08-05 22:14:37 +01:00
Kristoffer Dalby a8c8a358d0
Make log keys lowercase 2021-08-05 20:57:47 +01:00
Kristoffer Dalby ee704f8ef3
Initial port to zerologger 2021-08-05 18:11:26 +01:00
Juan Font 6091373b53
Merge pull request #63 from juanfont/use-kv-for-updates
Added communication between Serve and CLI using KV table
2021-08-03 20:30:33 +02:00
Kristoffer Dalby 309f868a21 Make IP prefix configurable
This commit makes the IP prefix used to generate addresses configurable
to users. This can be useful if you would like to use a smaller range or
if your current setup is overlapping with the current range.

The current range is left as a default
2021-08-02 20:06:26 +01:00
Juan Font Alonso 97f7c90092 Added communication between Serve and CLI using KV table (helps in #52) 2021-07-25 17:59:48 +02:00
Ward Vandewege 3260362436 Add some more detail to the README about the different Let's Encrypt
validation methods.
2021-07-24 09:20:38 -04:00
Aaron Bieber 69d77f6e9d Add a 'tls_letsencrypt_listen' config option
Currently the default (and non-configurable) Let's Encrypt listener will
bind to all IPs. This isn't ideal if we want to run headscale on a specific
IP only.

This also allows for one to set the listener to something other than
port 80. This is useful for OSs like OpenBSD which only allow root to
bind the lower port ranges (and don't have `setcap`) as we can now run
`headscale` as a non-privileged user while still using the baked in ACME
magic. Obviously this configuration would also require a reverse proxy
or firewall rule to redirect traffic. I attempted to outline that in the
README change.
2021-07-23 16:12:01 -06:00
Juan Font Alonso 0159649d0a Send the namespace name as user to the clients 2021-07-11 16:39:19 +02:00
Juan Font Alonso cf9d920e4a Minor typo 2021-07-11 15:10:37 +02:00
Juan Font Alonso d4b27fd54b Merge branch 'main' into acls 2021-07-04 21:54:55 +02:00
Juan Font Alonso ff9d99b9ea Use gorm connection pool 2021-07-04 21:40:46 +02:00
Juan Font 202d6b506f Load ACL policy on headscale startup 2021-07-04 13:24:05 +02:00
Juan Font 136aab9dc8 Work in progress in rule generation 2021-07-03 17:31:32 +02:00
Juan Font Alonso aa27709e60 Update code to Tailscale 1.10 2021-06-25 18:57:08 +02:00
Juan Font Alonso 69ba750b38 Update Headscale to depend on gorm v2 2021-06-24 15:44:19 +02:00
Ward Vandewege d1c3faae5f Remove superfluous test support code. Fix bug in node list cli command.
Add tests.
2021-05-23 09:55:15 -04:00
Ward Vandewege 41f6740ddd Add support for ephemeral nodes via a special type of pre-auth key. Add
tests for that feature.

Other fixes: clean up a few typos in comments. Fix a bug that caused the
tests to run four times each. Be more consistent in the use of log
rather than fmt to print errors and notices.
2021-05-22 20:18:29 -04:00
Juan Font Alonso 216c6d85b2 Added support for sqlite as database backend 2021-05-15 14:32:26 +02:00
Ward Vandewege b34e90c45d Fix bug in preauthkeys: namespace object was not populated in the return
value from CreatePreAuthKey and GetPreAuthKeys. Add tests for that bug,
and the rest of the preauthkeys functionality.

Fix path in `compress` Makefile target.
2021-05-02 14:58:05 -04:00
Ward Vandewege f7b6c68d22 Address a bunch of golint warnings. 2021-04-24 11:26:50 -04:00
Ward Vandewege 426b4fd98a Add support for automatic TLS certificates via Let's Encrypt. Add a
configuration reference to the README.md file.
2021-04-23 22:55:01 -04:00
Ward Vandewege 252c68c50a Add HTTPS support for the web endpoint with manually configured
certificate/key files.
2021-04-23 17:18:00 -04:00
Juan Font Alonso 541d676b98 Minor code reorg 2021-04-08 23:57:31 +02:00
Juan Font Alonso 1fad8e6e5b Added basic routes functionality 2021-03-14 11:38:42 +01:00
Juan Font Alonso b7655b1f68 Initial multi-user support using namespaces 2021-02-28 00:58:09 +01:00
Juan Font Alonso 06fb7d4587 WIP: Client updates. Long polling rewritten 2021-02-23 21:07:52 +01:00
Juan Font Alonso 563f3c4017 Fixes here and there 2021-02-21 23:54:15 +01:00
Juan Font Alonso 1b7d99d483 Improving code... 2021-02-21 22:14:38 +01:00
Juan Font Alonso b1d06f3ffd headscale now has a CLI - registration of machines occurs there 2021-02-21 01:30:03 +01:00
Juan Font Alonso a6100dc4d0 Load DERP servers from file 2021-02-20 23:57:06 +01:00
Juan Font Alonso c5fbc5baa8 Bumped dependencies 2021-02-20 22:43:07 +01:00
Juan Font Alonso 1e1d577b83 Removed frontend stuff. We are not there yet... 2021-02-20 21:09:15 +01:00
Juan Font Alonso 1ddb4febe8 Embedding frontend via Pkger 2020-07-04 13:38:58 +02:00
Juan Font Alonso 7198c8bd77 Initial commit 2020-06-21 12:32:08 +02:00