add ability to set randomizeClientPort

This commit is contained in:
Anton Schubert 2022-06-09 21:20:11 +02:00
parent e918ea89a3
commit 34be10840c
4 changed files with 14 additions and 3 deletions

3
api.go
View File

@ -279,7 +279,8 @@ func (h *Headscale) getMapResponse(
DERPMap: h.DERPMap, DERPMap: h.DERPMap,
UserProfiles: profiles, UserProfiles: profiles,
Debug: &tailcfg.Debug{ Debug: &tailcfg.Debug{
DisableLogTail: !h.cfg.LogTail.Enabled, DisableLogTail: !h.cfg.LogTail.Enabled,
RandomizeClientPort: h.cfg.RandomizeClientPort,
}, },
} }

View File

@ -68,6 +68,7 @@ func (*Suite) TestConfigLoading(c *check.C) {
fs.FileMode(0o770), fs.FileMode(0o770),
) )
c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false) c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false)
c.Assert(viper.GetBool("randomize_client_port"), check.Equals, false)
} }
func (*Suite) TestDNSConfigLoading(c *check.C) { func (*Suite) TestDNSConfigLoading(c *check.C) {

View File

@ -244,3 +244,8 @@ logtail:
# As there is currently no support for overriding the log server in headscale, this is # As there is currently no support for overriding the log server in headscale, this is
# disabled by default. Enabling this will make your clients send logs to Tailscale Inc. # disabled by default. Enabling this will make your clients send logs to Tailscale Inc.
enabled: false enabled: false
# Enabling this option makes devices prefer a random port for WireGuard traffic over the
# default static port 41641. This option is intended as a workaround for some buggy
# firewall devices. See https://tailscale.com/kb/1181/firewalls/ for more information.
randomize_client_port: false

View File

@ -54,7 +54,8 @@ type Config struct {
OIDC OIDCConfig OIDC OIDCConfig
LogTail LogTailConfig LogTail LogTailConfig
RandomizeClientPort bool
CLI CLIConfig CLI CLIConfig
@ -153,6 +154,7 @@ func LoadConfig(path string) error {
viper.SetDefault("oidc.strip_email_domain", true) viper.SetDefault("oidc.strip_email_domain", true)
viper.SetDefault("logtail.enabled", false) viper.SetDefault("logtail.enabled", false)
viper.SetDefault("randomize_client_port", false)
if err := viper.ReadInConfig(); err != nil { if err := viper.ReadInConfig(); err != nil {
return fmt.Errorf("fatal error reading config file: %w", err) return fmt.Errorf("fatal error reading config file: %w", err)
@ -385,6 +387,7 @@ func GetHeadscaleConfig() (*Config, error) {
dnsConfig, baseDomain := GetDNSConfig() dnsConfig, baseDomain := GetDNSConfig()
derpConfig := GetDERPConfig() derpConfig := GetDERPConfig()
logConfig := GetLogTailConfig() logConfig := GetLogTailConfig()
randomizeClientPort := viper.GetBool("randomize_client_port")
configuredPrefixes := viper.GetStringSlice("ip_prefixes") configuredPrefixes := viper.GetStringSlice("ip_prefixes")
parsedPrefixes := make([]netaddr.IPPrefix, 0, len(configuredPrefixes)+1) parsedPrefixes := make([]netaddr.IPPrefix, 0, len(configuredPrefixes)+1)
@ -490,7 +493,8 @@ func GetHeadscaleConfig() (*Config, error) {
StripEmaildomain: viper.GetBool("oidc.strip_email_domain"), StripEmaildomain: viper.GetBool("oidc.strip_email_domain"),
}, },
LogTail: logConfig, LogTail: logConfig,
RandomizeClientPort: randomizeClientPort,
CLI: CLIConfig{ CLI: CLIConfig{
Address: viper.GetString("cli.address"), Address: viper.GetString("cli.address"),