After some more tests in tailscale I couldn't replicate the behavior
described in there.
When adding a rule, allowing A to talk to B the reverse connection was
instantly added to B to allow communication to B.
The previous assumption was probably wrong.
Using h.ListAllMachines also listed the current machine in the result. It's unnecessary (I don't know if it's harmful).
Breaking the check with the `matchSourceAndDestinationWithRule` broke the tests. We have a specificity with the '*' destination that isn't symetrical.
I need to think of a better way to do this. It too hard to read.
Rewrite some function to get rid of the dependency on Headscale object. This allows us
to write succinct test that are more easy to review and implement.
The improvements of the tests allowed to write the removal of the tagged hosts
from the namespace as specified here: https://tailscale.com/kb/1068/acl-tags/
This commit change the default behaviour and remove the notion of namespaces between the hosts. It allows all namespaces to be only filtered by the ACLs. This behavior is closer to tailsnet.
This commit converts all the uses of wgkey to the new key interfaces.
It now has specific machine, node and discovery keys and we now should
use them correctly.
Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.
In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
This commit adds a sentral cache to keep track of clients whom has
requested an expiry time, but were we need to keep hold of it until the
second request comes in.
This commit moves the routes lookup functions to be subcommands of
Machine, making them a lot simpler and more specific/composable.
It also moves the register command from cli.go into machine, so we can
clear out the extra file.
Finally a toProto function has been added to convert between the machine
database model and the proto/rpc model.
This tries to make the same functions emit and consume the same type of
data all over the application.
If a function transform data, it should emit new data, not a pointer.
This commit adds some Prometheus metrics to /metrics in headscale.
It will add the standard go metrics, some automatic gin metrics and some
initial headscale specific ones.
Some of them has been added to aid debugging #97 (loop bug)
In the future, we can use the metrics to get rid of the sleep in the
integration tests by checking that our expected number of nodes has been
registered:
```
headscale_machine_registrations_total
```
This commit moves toNode to the bottom of the file, and adds a helper
function for lists of Machines to be converted.
It also adds string helpers for Machines and lists of machines.
Lastly it splits getPeers into getDirectPeers, which exist in the same
namespace, and getShared, which is nodes shared with the namespace.
getPeers is kept as a function putting together the two lists for
convenience.
This commit rewrites a bunch of the code to always use *Machine instead
of a mix of both, and a mix of tailcfg.Node and Machine.
Now we use *Machine, and if tailcfg.Node is needed, it is converted just
before needed.
If a node does not have an update channel, it is probably not connected,
clarify the log messages and make sure we dont print that it was updated
successfully (continue, not return)
This commit tries to address the possible raceondition that can happen
if a client closes its connection after we have fetched it from the
syncmap before sending the message.
To try to avoid introducing new dead lock conditions, all messages sent
to updateChannel has been moved into a function, which handles the
locking (instead of calling it all over the place)
The same lock is used around the delete/close function.
This commit adds a new field to machine, lastSuccessfulUpdate which
tracks when we last was able to send a proper mapupdate to the node. The
purpose of this is to be able to compare to a "global" last updated time
and determine if we need to send an update map request to a node.
In addition it allows us to create a scheduled check to see if all known
nodes are up to date.
Also, add a helper function to send a message to the update channel of a
machine.
tests for that feature.
Other fixes: clean up a few typos in comments. Fix a bug that caused the
tests to run four times each. Be more consistent in the use of log
rather than fmt to print errors and notices.
Kristoffer Dalby
Adrien Raffin-Caboisse
Adrien Raffin
Jamie Greeff
Csaba Sarkadi
Raal Goff
Juan Font Alonso
unreality
Ward Vandewege