diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 00000000..ce38ba96 --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,38 @@ +{ + "baseBranches": ["main"], + "username": "renovate-release", + "gitAuthor": "Renovate Bot ", + "branchPrefix": "renovateaction/", + "onboarding": false, + "extends": ["config:base", ":rebaseStalePrs"], + "ignorePresets": [":prHourlyLimit2"], + "enabledManagers": ["dockerfile", "gomod", "github-actions","regex" ], + "includeForks": true, + "repositories": ["juanfont/headscale"], + "platform": "github", + "packageRules": [ + { + "matchDatasources": ["go"], + "groupName": "Go modules", + "groupSlug": "gomod", + "separateMajorMinor": false + }, + { + "matchDatasources": ["docker"], + "groupName": "Dockerfiles", + "groupSlug": "dockerfiles" + } + ], + "regexManagers": [ + { + "fileMatch": [ + ".github/workflows/.*.yml$" + ], + "matchStrings": [ + "\\s*go-version:\\s*\"?(?.*?)\"?\\n" + ], + "datasourceTemplate": "golang-version", + "depNameTemplate": "actions/go-version" + } + ] +} diff --git a/.github/workflows/renovatebot.yml b/.github/workflows/renovatebot.yml new file mode 100644 index 00000000..53b976ca --- /dev/null +++ b/.github/workflows/renovatebot.yml @@ -0,0 +1,27 @@ +--- +name: Renovate +on: + schedule: + - cron: "* * 5,20 * *" # Every 5th and 20th of the month + workflow_dispatch: +jobs: + renovate: + runs-on: ubuntu-latest + steps: + - name: Get token + id: get_token + uses: machine-learning-apps/actions-app-token@master + with: + APP_PEM: ${{ secrets.RENOVATEBOT_SECRET }} + APP_ID: ${{ secrets.RENOVATEBOT_APP_ID }} + + - name: Checkout + uses: actions/checkout@v2.0.0 + + - name: Self-hosted Renovate + uses: renovatebot/github-action@v31.81.3 + with: + configurationFile: .github/renovate.json + token: "x-access-token:${{ steps.get_token.outputs.app_token }}" + # env: + # LOG_LEVEL: "debug" diff --git a/README.md b/README.md index e7ba6649..d23a216a 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,7 @@ If you would like to sponsor features, bugs or prioritisation, reach out to one | ------- | ----------------------------------------------------------------------------------------------------------------- | | Linux | Yes | | OpenBSD | Yes | +| FreeBSD | Yes | | macOS | Yes (see `/apple` on your headscale for more information) | | Windows | Yes [docs](./docs/windows-client.md) | | Android | [You need to compile the client yourself](https://github.com/juanfont/headscale/issues/58#issuecomment-885255270) | @@ -150,6 +151,13 @@ make build ohdearaugustin + + + Adrien +
+ Adrien Raffin-Caboisse + + Alessandro @@ -157,6 +165,8 @@ make build Alessandro (Ale) Segala + + unreality/ @@ -164,8 +174,6 @@ make build unreality - - Eugen @@ -201,6 +209,8 @@ make build Michael G. + + Paul @@ -208,8 +218,6 @@ make build Paul Tötterman - - Casey @@ -245,6 +253,8 @@ make build thomas + + Abraham @@ -252,15 +262,6 @@ make build Abraham Ingersoll - - - - - Adrien -
- Adrien Raffin-Caboisse - - Artem @@ -305,6 +306,13 @@ make build JJGadgets + + + Jamie +
+ Jamie Greeff + + Jim @@ -333,6 +341,8 @@ make build Ryan Fowler + + Shaanan @@ -340,8 +350,6 @@ make build Shaanan Cohney - - Tanner/ @@ -377,6 +385,8 @@ make build Tjerk Woudsma + + Zakhar @@ -384,8 +394,6 @@ make build Zakhar Bessarab - - ZiYuan/ @@ -421,6 +429,15 @@ make build lion24 + + + + + pernila/ +
+ pernila + + Wakeful-Cloud/ @@ -428,8 +445,6 @@ make build Wakeful-Cloud - - zy/ diff --git a/machine.go b/machine.go index 4536ef3f..6aa034f4 100644 --- a/machine.go +++ b/machine.go @@ -172,21 +172,6 @@ func getFilteredByACLPeers( peers := make(map[uint64]Machine) // Aclfilter peers here. We are itering through machines in all namespaces and search through the computed aclRules // for match between rule SrcIPs and DstPorts. If the rule is a match we allow the machine to be viewable. - - // FIXME: On official control plane if a rule allow user A to talk to user B but NO rule allows user B to talk to - // user A. The behaviour is the following - // - // On official tailscale control plane: - // on first `tailscale status`` on node A we can see node B. The `tailscale status` command on node B doesn't show node A - // We can successfully establish a communication from A to B. When it's done, if we run the `tailscale status` command - // on node B again we can now see node A. It's not possible to establish a communication from node B to node A. - // On this implementation of the feature - // on any `tailscale status` command on node A we can see node B. The `tailscale status` command on node B DOES show A. - // - // I couldn't find a way to not clutter the output of `tailscale status` with all nodes that we could be talking to. - // In order to do this we would need to be able to identify that node A want to talk to node B but that Node B doesn't know - // how to talk to node A and then add the peering resource. - for _, peer := range machines { if peer.ID == machine.ID { continue