From 004ebcaba1dea344d3407ac77713322512ab0471 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Wed, 24 Aug 2022 20:53:55 +1000 Subject: [PATCH 01/16] initial implementation of autoApprovers support --- acls_types.go | 18 +++++++--- machine.go | 75 +++++++++++++++++++++++++++++++++++++++++ protocol_common_poll.go | 7 ++++ 3 files changed, 95 insertions(+), 5 deletions(-) diff --git a/acls_types.go b/acls_types.go index 0f73d6fd..b9a5d4da 100644 --- a/acls_types.go +++ b/acls_types.go @@ -11,11 +11,12 @@ import ( // ACLPolicy represents a Tailscale ACL Policy. type ACLPolicy struct { - Groups Groups `json:"groups" yaml:"groups"` - Hosts Hosts `json:"hosts" yaml:"hosts"` - TagOwners TagOwners `json:"tagOwners" yaml:"tagOwners"` - ACLs []ACL `json:"acls" yaml:"acls"` - Tests []ACLTest `json:"tests" yaml:"tests"` + Groups Groups `json:"groups" yaml:"groups"` + Hosts Hosts `json:"hosts" yaml:"hosts"` + TagOwners TagOwners `json:"tagOwners" yaml:"tagOwners"` + ACLs []ACL `json:"acls" yaml:"acls"` + Tests []ACLTest `json:"tests" yaml:"tests"` + AutoApprovers AutoApprovers `json:"autoApprovers" yaml:"autoApprovers"` } // ACL is a basic rule for the ACL Policy. @@ -42,6 +43,13 @@ type ACLTest struct { Deny []string `json:"deny,omitempty" yaml:"deny,omitempty"` } +// AutoApprovers specify which users (namespaces?), groups or tags have their advertised routes +// or exit node status automatically enabled +type AutoApprovers struct { + Routes map[string][]string `json:"routes" yaml:"routes"` + ExitNode []string `json:"exitNode" yaml:"exitNode"` +} + // UnmarshalJSON allows to parse the Hosts directly into netaddr objects. func (hosts *Hosts) UnmarshalJSON(data []byte) error { newHosts := Hosts{} diff --git a/machine.go b/machine.go index 4399029c..928f78e2 100644 --- a/machine.go +++ b/machine.go @@ -930,6 +930,81 @@ func (h *Headscale) EnableRoutes(machine *Machine, routeStrs ...string) error { return nil } +// Enabled any routes advertised by a machine that match the ACL autoApprovers policy +// TODO simplify by expanding only for current machine, and by checking if approvedIPs contains machine.IPs[0] +func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { + approvedRoutes := make([]netaddr.IPPrefix, 0, len(machine.HostInfo.RoutableIPs)) + machines, err := h.ListMachines() + + if err != nil { + log.Err(err) + return err + } + + for _, advertisedRoute := range machine.HostInfo.RoutableIPs { + log.Debug(). + Uint64("machine", machine.ID). + Str("advertisedRoute", advertisedRoute.String()). + Msg("Client requested to advertise route") + + approved := false + routeApprovers := h.aclPolicy.AutoApprovers.Routes[advertisedRoute.String()] + + if advertisedRoute.Bits() == 0 { + routeApprovers = h.aclPolicy.AutoApprovers.ExitNode + } + + if len(routeApprovers) > 0 { + for _, approvedAlias := range routeApprovers { + + approvedIps, err := expandAlias(machines, *h.aclPolicy, approvedAlias, h.cfg.OIDC.StripEmaildomain) + + if err != nil { + log.Err(err). + Str("alias", approvedAlias). + Msg("Failed to expand alias when processing autoApprovers policy") + return err + } + + for _, machineIp := range machine.IPAddresses { + for _, approvedIp := range approvedIps { + approved = machineIp.String() == approvedIp + + if approved { + break + } + } + + if approved { + break + } + } + } + } else { + log.Debug(). + Uint64("client", machine.ID). + Str("advertisedRoute", advertisedRoute.String()). + Msg("Advertised route is not automatically approved") + } + + if approved { + approvedRoutes = append(approvedRoutes, advertisedRoute) + } + } + + for _, approvedRoute := range approvedRoutes { + if !contains(machine.EnabledRoutes, approvedRoute) { + log.Info(). + Str("route", approvedRoute.String()). + Uint64("client", machine.ID). + Msg("Enabling autoApproved route for client") + machine.EnabledRoutes = append(machine.EnabledRoutes, approvedRoute) + } + } + + return nil +} + func (machine *Machine) RoutesToProto() *v1.Routes { availableRoutes := machine.GetAdvertisedRoutes() diff --git a/protocol_common_poll.go b/protocol_common_poll.go index 65dcb556..d6a8fff2 100644 --- a/protocol_common_poll.go +++ b/protocol_common_poll.go @@ -42,7 +42,14 @@ func (h *Headscale) handlePollCommon( Str("machine", machine.Hostname). Err(err) } + + // update routes with peer information + err = h.EnableAutoApprovedRoutes(machine) + if err != nil { + //TODO + } } + // From Tailscale client: // // ReadOnly is whether the client just wants to fetch the MapResponse, From 7653ad40d6900f06ec6817440c05132912f92ae7 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Wed, 24 Aug 2022 21:30:04 +1000 Subject: [PATCH 02/16] Split GetRouteApprovers from EnableAutoApprovedRoutes --- acls_types.go | 25 +++++++++++++++++ machine.go | 78 ++++++++++++++++++++++----------------------------- 2 files changed, 58 insertions(+), 45 deletions(-) diff --git a/acls_types.go b/acls_types.go index b9a5d4da..94461449 100644 --- a/acls_types.go +++ b/acls_types.go @@ -108,3 +108,28 @@ func (policy ACLPolicy) IsZero() bool { return false } + +// Returns the list of autoApproving namespaces, groups or tags for a given IPPrefix +func (autoApprovers *AutoApprovers) GetRouteApprovers( + prefix netaddr.IPPrefix, +) ([]string, error) { + if prefix.Bits() == 0 { + return autoApprovers.ExitNode, nil // 0.0.0.0/0, ::/0 or equivalent + } + + approverAliases := []string{} + + for autoApprovedPrefix, autoApproverAliases := range autoApprovers.Routes { + autoApprovedPrefix, err := netaddr.ParseIPPrefix(autoApprovedPrefix) + if err != nil { + return nil, err + } + + if autoApprovedPrefix.Bits() >= prefix.Bits() && + autoApprovedPrefix.Contains(prefix.IP()) { + approverAliases = append(approverAliases, autoApproverAliases...) + } + } + + return approverAliases, nil +} diff --git a/machine.go b/machine.go index 928f78e2..43ec4720 100644 --- a/machine.go +++ b/machine.go @@ -931,60 +931,48 @@ func (h *Headscale) EnableRoutes(machine *Machine, routeStrs ...string) error { } // Enabled any routes advertised by a machine that match the ACL autoApprovers policy -// TODO simplify by expanding only for current machine, and by checking if approvedIPs contains machine.IPs[0] func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { - approvedRoutes := make([]netaddr.IPPrefix, 0, len(machine.HostInfo.RoutableIPs)) - machines, err := h.ListMachines() - - if err != nil { - log.Err(err) - return err + if len(machine.IPAddresses) == 0 { + return nil // This machine has no IPAddresses, so can't possibly match any autoApprovers ACLs } + approvedRoutes := make([]netaddr.IPPrefix, 0, len(machine.HostInfo.RoutableIPs)) + thisMachine := []Machine{*machine} + for _, advertisedRoute := range machine.HostInfo.RoutableIPs { - log.Debug(). - Uint64("machine", machine.ID). - Str("advertisedRoute", advertisedRoute.String()). - Msg("Client requested to advertise route") - approved := false - routeApprovers := h.aclPolicy.AutoApprovers.Routes[advertisedRoute.String()] - - if advertisedRoute.Bits() == 0 { - routeApprovers = h.aclPolicy.AutoApprovers.ExitNode + if contains(machine.EnabledRoutes, advertisedRoute) { + continue // Skip routes that are already enabled for the node } - if len(routeApprovers) > 0 { - for _, approvedAlias := range routeApprovers { + approved := false + routeApprovers, err := h.aclPolicy.AutoApprovers.GetRouteApprovers(advertisedRoute) - approvedIps, err := expandAlias(machines, *h.aclPolicy, approvedAlias, h.cfg.OIDC.StripEmaildomain) - - if err != nil { - log.Err(err). - Str("alias", approvedAlias). - Msg("Failed to expand alias when processing autoApprovers policy") - return err - } - - for _, machineIp := range machine.IPAddresses { - for _, approvedIp := range approvedIps { - approved = machineIp.String() == approvedIp - - if approved { - break - } - } - - if approved { - break - } - } - } - } else { - log.Debug(). - Uint64("client", machine.ID). + if err != nil { + log.Err(err). Str("advertisedRoute", advertisedRoute.String()). - Msg("Advertised route is not automatically approved") + Uint64("machineId", machine.ID). + Msg("Failed to resolve autoApprovers for advertised route") + return err + } + + for _, approvedAlias := range routeApprovers { + + approvedIps, err := expandAlias(thisMachine, *h.aclPolicy, approvedAlias, h.cfg.OIDC.StripEmaildomain) + + if err != nil { + log.Err(err). + Str("alias", approvedAlias). + Msg("Failed to expand alias when processing autoApprovers policy") + return err + } + + // approvedIPs should contain all of machine's IPs if it matches the rule, so check for first + approved = contains(approvedIps, machine.IPAddresses[0].String()) + + if approved { + break + } } if approved { From 60cc9ddb3b7951290d74e91dad365c8609227b1a Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Wed, 24 Aug 2022 22:09:06 +1000 Subject: [PATCH 03/16] Add test for autoApprovers feature --- machine.go | 38 +++++++++----------- machine_test.go | 41 ++++++++++++++++++++++ protocol_common_poll.go | 5 +-- tests/acls/acl_policy_autoapprovers.hujson | 24 +++++++++++++ 4 files changed, 83 insertions(+), 25 deletions(-) create mode 100644 tests/acls/acl_policy_autoapprovers.hujson diff --git a/machine.go b/machine.go index 43ec4720..099f7fac 100644 --- a/machine.go +++ b/machine.go @@ -945,9 +945,9 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { continue // Skip routes that are already enabled for the node } - approved := false - routeApprovers, err := h.aclPolicy.AutoApprovers.GetRouteApprovers(advertisedRoute) - + routeApprovers, err := h.aclPolicy.AutoApprovers.GetRouteApprovers( + advertisedRoute, + ) if err != nil { log.Err(err). Str("advertisedRoute", advertisedRoute.String()). @@ -957,26 +957,22 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { } for _, approvedAlias := range routeApprovers { + if approvedAlias == machine.Namespace.Name { + approvedRoutes = append(approvedRoutes, advertisedRoute) + } else { + approvedIps, err := expandAlias(thisMachine, *h.aclPolicy, approvedAlias, h.cfg.OIDC.StripEmaildomain) + if err != nil { + log.Err(err). + Str("alias", approvedAlias). + Msg("Failed to expand alias when processing autoApprovers policy") + return err + } - approvedIps, err := expandAlias(thisMachine, *h.aclPolicy, approvedAlias, h.cfg.OIDC.StripEmaildomain) - - if err != nil { - log.Err(err). - Str("alias", approvedAlias). - Msg("Failed to expand alias when processing autoApprovers policy") - return err + // approvedIPs should contain all of machine's IPs if it matches the rule, so check for first + if contains(approvedIps, machine.IPAddresses[0].String()) { + approvedRoutes = append(approvedRoutes, advertisedRoute) + } } - - // approvedIPs should contain all of machine's IPs if it matches the rule, so check for first - approved = contains(approvedIps, machine.IPAddresses[0].String()) - - if approved { - break - } - } - - if approved { - approvedRoutes = append(approvedRoutes, advertisedRoute) } } diff --git a/machine_test.go b/machine_test.go index 5da0906f..2c0c91d6 100644 --- a/machine_test.go +++ b/machine_test.go @@ -1051,3 +1051,44 @@ func TestHeadscale_GenerateGivenName(t *testing.T) { }) } } + +func (s *Suite) TestAutoApproveRoutes(c *check.C) { + err := app.LoadACLPolicy("./tests/acls/acl_policy_autoapprovers.hujson") + c.Assert(err, check.IsNil) + + namespace, err := app.CreateNamespace("test") + c.Assert(err, check.IsNil) + + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + c.Assert(err, check.IsNil) + + nodeKey := key.NewNode() + + defaultRoute := netaddr.MustParseIPPrefix("0.0.0.0/0") + route1 := netaddr.MustParseIPPrefix("10.10.0.0/16") + route2 := netaddr.MustParseIPPrefix("10.11.0.0/16") + + machine := Machine{ + ID: 0, + MachineKey: "foo", + NodeKey: NodePublicKeyStripPrefix(nodeKey.Public()), + DiscoKey: "faa", + Hostname: "test", + NamespaceID: namespace.ID, + RegisterMethod: RegisterMethodAuthKey, + AuthKeyID: uint(pak.ID), + HostInfo: HostInfo{ + RequestTags: []string{"tag:exit"}, + RoutableIPs: []netaddr.IPPrefix{defaultRoute, route1, route2}, + }, + IPAddresses: []netaddr.IP{netaddr.MustParseIP("100.64.0.1")}, + } + + app.db.Save(&machine) + + machine0ByID, err := app.GetMachineByID(0) + c.Assert(err, check.IsNil) + + app.EnableAutoApprovedRoutes(machine0ByID) + c.Assert(machine0ByID.GetEnabledRoutes(), check.HasLen, 3) +} diff --git a/protocol_common_poll.go b/protocol_common_poll.go index d6a8fff2..37e2dbc7 100644 --- a/protocol_common_poll.go +++ b/protocol_common_poll.go @@ -44,10 +44,7 @@ func (h *Headscale) handlePollCommon( } // update routes with peer information - err = h.EnableAutoApprovedRoutes(machine) - if err != nil { - //TODO - } + h.EnableAutoApprovedRoutes(machine) } // From Tailscale client: diff --git a/tests/acls/acl_policy_autoapprovers.hujson b/tests/acls/acl_policy_autoapprovers.hujson new file mode 100644 index 00000000..bf564d88 --- /dev/null +++ b/tests/acls/acl_policy_autoapprovers.hujson @@ -0,0 +1,24 @@ +// This ACL validates autoApprovers support for +// exit nodes and advertised routes + +{ + "tagOwners": { + "tag:exit": ["test"], + }, + + "groups": { + "group:test": ["test"] + }, + + "acls": [ + {"action": "accept", "users": ["*"], "ports": ["*:*"]}, + ], + + "autoApprovers": { + "exitNode": ["tag:exit"], + "routes": { + "10.10.0.0/16": ["group:test"], + "10.11.0.0/16": ["test"], + } + } +} \ No newline at end of file From e27a4db28196b7a36718e1518ad87241390c1b5e Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Thu, 25 Aug 2022 16:12:50 +1000 Subject: [PATCH 04/16] add acl_tags to PreAuthKey proto --- gen/go/headscale/v1/apikey.pb.go | 2 +- gen/go/headscale/v1/device.pb.go | 2 +- gen/go/headscale/v1/headscale.pb.go | 2 +- gen/go/headscale/v1/headscale.pb.gw.go | 528 ++++++++++-------- gen/go/headscale/v1/headscale_grpc.pb.go | 4 + gen/go/headscale/v1/machine.pb.go | 2 +- gen/go/headscale/v1/namespace.pb.go | 2 +- gen/go/headscale/v1/preauthkey.pb.go | 93 +-- gen/go/headscale/v1/routes.pb.go | 2 +- .../headscale/v1/headscale.swagger.json | 12 + proto/headscale/v1/preauthkey.proto | 2 + 11 files changed, 388 insertions(+), 263 deletions(-) diff --git a/gen/go/headscale/v1/apikey.pb.go b/gen/go/headscale/v1/apikey.pb.go index 9e6fddb7..4e29272c 100644 --- a/gen/go/headscale/v1/apikey.pb.go +++ b/gen/go/headscale/v1/apikey.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/apikey.proto diff --git a/gen/go/headscale/v1/device.pb.go b/gen/go/headscale/v1/device.pb.go index 26607019..dc8f4980 100644 --- a/gen/go/headscale/v1/device.pb.go +++ b/gen/go/headscale/v1/device.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/device.proto diff --git a/gen/go/headscale/v1/headscale.pb.go b/gen/go/headscale/v1/headscale.pb.go index 50867b53..eeb2c7cc 100644 --- a/gen/go/headscale/v1/headscale.pb.go +++ b/gen/go/headscale/v1/headscale.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/headscale.proto diff --git a/gen/go/headscale/v1/headscale.pb.gw.go b/gen/go/headscale/v1/headscale.pb.gw.go index 68487b85..13d5f938 100644 --- a/gen/go/headscale/v1/headscale.pb.gw.go +++ b/gen/go/headscale/v1/headscale.pb.gw.go @@ -1055,20 +1055,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_GetNamespace_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_GetNamespace_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1078,20 +1080,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_CreateNamespace_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_CreateNamespace_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreateNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreateNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1101,20 +1105,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{old_name}/rename/{new_name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{old_name}/rename/{new_name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_RenameNamespace_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_RenameNamespace_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RenameNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RenameNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1124,20 +1130,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_DeleteNamespace_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_DeleteNamespace_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DeleteNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DeleteNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1147,20 +1155,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListNamespaces", runtime.WithHTTPPathPattern("/api/v1/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListNamespaces", runtime.WithHTTPPathPattern("/api/v1/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ListNamespaces_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ListNamespaces_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListNamespaces_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListNamespaces_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1170,20 +1180,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreatePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreatePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_CreatePreAuthKey_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_CreatePreAuthKey_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreatePreAuthKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreatePreAuthKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1193,20 +1205,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpirePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpirePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ExpirePreAuthKey_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ExpirePreAuthKey_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpirePreAuthKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpirePreAuthKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1216,20 +1230,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListPreAuthKeys", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListPreAuthKeys", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ListPreAuthKeys_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ListPreAuthKeys_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListPreAuthKeys_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListPreAuthKeys_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1239,20 +1255,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DebugCreateMachine", runtime.WithHTTPPathPattern("/api/v1/debug/machine")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DebugCreateMachine", runtime.WithHTTPPathPattern("/api/v1/debug/machine")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_DebugCreateMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_DebugCreateMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DebugCreateMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DebugCreateMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1262,20 +1280,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_GetMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_GetMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1285,20 +1305,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetTags", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/tags")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetTags", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/tags")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_SetTags_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_SetTags_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_SetTags_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_SetTags_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1308,20 +1330,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RegisterMachine", runtime.WithHTTPPathPattern("/api/v1/machine/register")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RegisterMachine", runtime.WithHTTPPathPattern("/api/v1/machine/register")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_RegisterMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_RegisterMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RegisterMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RegisterMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1331,20 +1355,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_DeleteMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_DeleteMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DeleteMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DeleteMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1354,20 +1380,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ExpireMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ExpireMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpireMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpireMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1377,20 +1405,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/rename/{new_name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/rename/{new_name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_RenameMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_RenameMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RenameMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RenameMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1400,20 +1430,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListMachines", runtime.WithHTTPPathPattern("/api/v1/machine")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListMachines", runtime.WithHTTPPathPattern("/api/v1/machine")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ListMachines_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ListMachines_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListMachines_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListMachines_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1423,20 +1455,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/MoveMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/MoveMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_MoveMachine_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_MoveMachine_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_MoveMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_MoveMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1446,20 +1480,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachineRoute", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachineRoute", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_GetMachineRoute_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_GetMachineRoute_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetMachineRoute_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetMachineRoute_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1469,20 +1505,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/EnableMachineRoutes", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/EnableMachineRoutes", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_EnableMachineRoutes_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_EnableMachineRoutes_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_EnableMachineRoutes_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_EnableMachineRoutes_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1492,20 +1530,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_CreateApiKey_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_CreateApiKey_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreateApiKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreateApiKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1515,20 +1555,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ExpireApiKey_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ExpireApiKey_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpireApiKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpireApiKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1538,20 +1580,22 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser var stream runtime.ServerTransportStream ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListApiKeys", runtime.WithHTTPPathPattern("/api/v1/apikey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListApiKeys", runtime.WithHTTPPathPattern("/api/v1/apikey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := local_request_HeadscaleService_ListApiKeys_0(rctx, inboundMarshaler, server, req, pathParams) + resp, md, err := local_request_HeadscaleService_ListApiKeys_0(annotatedContext, inboundMarshaler, server, req, pathParams) md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) - ctx = runtime.NewServerMetadataContext(ctx, md) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListApiKeys_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListApiKeys_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1600,19 +1644,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_GetNamespace_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_GetNamespace_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1620,19 +1666,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_CreateNamespace_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_CreateNamespace_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreateNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreateNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1640,19 +1688,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{old_name}/rename/{new_name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{old_name}/rename/{new_name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_RenameNamespace_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_RenameNamespace_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RenameNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RenameNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1660,19 +1710,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteNamespace", runtime.WithHTTPPathPattern("/api/v1/namespace/{name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_DeleteNamespace_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_DeleteNamespace_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DeleteNamespace_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DeleteNamespace_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1680,19 +1732,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListNamespaces", runtime.WithHTTPPathPattern("/api/v1/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListNamespaces", runtime.WithHTTPPathPattern("/api/v1/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ListNamespaces_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ListNamespaces_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListNamespaces_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListNamespaces_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1700,19 +1754,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreatePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreatePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_CreatePreAuthKey_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_CreatePreAuthKey_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreatePreAuthKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreatePreAuthKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1720,19 +1776,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpirePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpirePreAuthKey", runtime.WithHTTPPathPattern("/api/v1/preauthkey/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ExpirePreAuthKey_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ExpirePreAuthKey_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpirePreAuthKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpirePreAuthKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1740,19 +1798,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListPreAuthKeys", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListPreAuthKeys", runtime.WithHTTPPathPattern("/api/v1/preauthkey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ListPreAuthKeys_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ListPreAuthKeys_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListPreAuthKeys_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListPreAuthKeys_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1760,19 +1820,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DebugCreateMachine", runtime.WithHTTPPathPattern("/api/v1/debug/machine")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DebugCreateMachine", runtime.WithHTTPPathPattern("/api/v1/debug/machine")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_DebugCreateMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_DebugCreateMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DebugCreateMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DebugCreateMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1780,19 +1842,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_GetMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_GetMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1800,19 +1864,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetTags", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/tags")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetTags", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/tags")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_SetTags_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_SetTags_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_SetTags_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_SetTags_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1820,19 +1886,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RegisterMachine", runtime.WithHTTPPathPattern("/api/v1/machine/register")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RegisterMachine", runtime.WithHTTPPathPattern("/api/v1/machine/register")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_RegisterMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_RegisterMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RegisterMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RegisterMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1840,19 +1908,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/DeleteMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_DeleteMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_DeleteMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_DeleteMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_DeleteMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1860,19 +1930,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ExpireMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ExpireMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpireMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpireMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1880,19 +1952,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/rename/{new_name}")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/RenameMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/rename/{new_name}")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_RenameMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_RenameMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_RenameMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_RenameMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1900,19 +1974,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListMachines", runtime.WithHTTPPathPattern("/api/v1/machine")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListMachines", runtime.WithHTTPPathPattern("/api/v1/machine")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ListMachines_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ListMachines_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListMachines_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListMachines_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1920,19 +1996,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/MoveMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/namespace")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/MoveMachine", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/namespace")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_MoveMachine_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_MoveMachine_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_MoveMachine_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_MoveMachine_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1940,19 +2018,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachineRoute", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetMachineRoute", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_GetMachineRoute_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_GetMachineRoute_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_GetMachineRoute_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_GetMachineRoute_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1960,19 +2040,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/EnableMachineRoutes", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/EnableMachineRoutes", runtime.WithHTTPPathPattern("/api/v1/machine/{machine_id}/routes")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_EnableMachineRoutes_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_EnableMachineRoutes_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_EnableMachineRoutes_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_EnableMachineRoutes_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -1980,19 +2062,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/CreateApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_CreateApiKey_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_CreateApiKey_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_CreateApiKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_CreateApiKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -2000,19 +2084,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey/expire")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ExpireApiKey", runtime.WithHTTPPathPattern("/api/v1/apikey/expire")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ExpireApiKey_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ExpireApiKey_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ExpireApiKey_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ExpireApiKey_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) @@ -2020,19 +2106,21 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser ctx, cancel := context.WithCancel(req.Context()) defer cancel() inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) - rctx, err := runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListApiKeys", runtime.WithHTTPPathPattern("/api/v1/apikey")) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/ListApiKeys", runtime.WithHTTPPathPattern("/api/v1/apikey")) if err != nil { runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) return } - resp, md, err := request_HeadscaleService_ListApiKeys_0(rctx, inboundMarshaler, client, req, pathParams) - ctx = runtime.NewServerMetadataContext(ctx, md) + resp, md, err := request_HeadscaleService_ListApiKeys_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) if err != nil { - runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) return } - forward_HeadscaleService_ListApiKeys_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + forward_HeadscaleService_ListApiKeys_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) }) diff --git a/gen/go/headscale/v1/headscale_grpc.pb.go b/gen/go/headscale/v1/headscale_grpc.pb.go index c19dd327..7884423a 100644 --- a/gen/go/headscale/v1/headscale_grpc.pb.go +++ b/gen/go/headscale/v1/headscale_grpc.pb.go @@ -1,4 +1,8 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.2.0 +// - protoc (unknown) +// source: headscale/v1/headscale.proto package v1 diff --git a/gen/go/headscale/v1/machine.pb.go b/gen/go/headscale/v1/machine.pb.go index 4b887ea6..3fe37af0 100644 --- a/gen/go/headscale/v1/machine.pb.go +++ b/gen/go/headscale/v1/machine.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/machine.proto diff --git a/gen/go/headscale/v1/namespace.pb.go b/gen/go/headscale/v1/namespace.pb.go index f0893653..cf6bd374 100644 --- a/gen/go/headscale/v1/namespace.pb.go +++ b/gen/go/headscale/v1/namespace.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/namespace.proto diff --git a/gen/go/headscale/v1/preauthkey.pb.go b/gen/go/headscale/v1/preauthkey.pb.go index 645a0f03..3549681f 100644 --- a/gen/go/headscale/v1/preauthkey.pb.go +++ b/gen/go/headscale/v1/preauthkey.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/preauthkey.proto @@ -34,6 +34,7 @@ type PreAuthKey struct { Used bool `protobuf:"varint,6,opt,name=used,proto3" json:"used,omitempty"` Expiration *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=expiration,proto3" json:"expiration,omitempty"` CreatedAt *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + AclTags []string `protobuf:"bytes,9,rep,name=acl_tags,json=aclTags,proto3" json:"acl_tags,omitempty"` } func (x *PreAuthKey) Reset() { @@ -124,6 +125,13 @@ func (x *PreAuthKey) GetCreatedAt() *timestamppb.Timestamp { return nil } +func (x *PreAuthKey) GetAclTags() []string { + if x != nil { + return x.AclTags + } + return nil +} + type CreatePreAuthKeyRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -133,6 +141,7 @@ type CreatePreAuthKeyRequest struct { Reusable bool `protobuf:"varint,2,opt,name=reusable,proto3" json:"reusable,omitempty"` Ephemeral bool `protobuf:"varint,3,opt,name=ephemeral,proto3" json:"ephemeral,omitempty"` Expiration *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=expiration,proto3" json:"expiration,omitempty"` + AclTags []string `protobuf:"bytes,5,rep,name=acl_tags,json=aclTags,proto3" json:"acl_tags,omitempty"` } func (x *CreatePreAuthKeyRequest) Reset() { @@ -195,6 +204,13 @@ func (x *CreatePreAuthKeyRequest) GetExpiration() *timestamppb.Timestamp { return nil } +func (x *CreatePreAuthKeyRequest) GetAclTags() []string { + if x != nil { + return x.AclTags + } + return nil +} + type CreatePreAuthKeyResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -436,7 +452,7 @@ var file_headscale_v1_preauthkey_proto_rawDesc = []byte{ 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b, 0x65, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, - 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x91, + 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xac, 0x02, 0x0a, 0x0a, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, @@ -454,42 +470,45 @@ var file_headscale_v1_preauthkey_proto_rawDesc = []byte{ 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, - 0x41, 0x74, 0x22, 0xad, 0x01, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, - 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, - 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, - 0x72, 0x65, 0x75, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, - 0x72, 0x65, 0x75, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x65, 0x70, 0x68, 0x65, - 0x6d, 0x65, 0x72, 0x61, 0x6c, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x65, 0x70, 0x68, - 0x65, 0x6d, 0x65, 0x72, 0x61, 0x6c, 0x12, 0x3a, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, - 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x22, 0x56, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, - 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, - 0x0a, 0x0c, 0x70, 0x72, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, - 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x0a, - 0x70, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x22, 0x49, 0x0a, 0x17, 0x45, 0x78, - 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, - 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, - 0x61, 0x63, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22, 0x1a, 0x0a, 0x18, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, - 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x22, 0x36, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, - 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, + 0x41, 0x74, 0x12, 0x19, 0x0a, 0x08, 0x61, 0x63, 0x6c, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18, 0x09, + 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x61, 0x63, 0x6c, 0x54, 0x61, 0x67, 0x73, 0x22, 0xc8, 0x01, + 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, + 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, + 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, + 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x75, 0x73, 0x61, + 0x62, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x75, 0x73, 0x61, + 0x62, 0x6c, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x65, 0x70, 0x68, 0x65, 0x6d, 0x65, 0x72, 0x61, 0x6c, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x65, 0x70, 0x68, 0x65, 0x6d, 0x65, 0x72, 0x61, + 0x6c, 0x12, 0x3a, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, + 0x70, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x19, 0x0a, + 0x08, 0x61, 0x63, 0x6c, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, + 0x07, 0x61, 0x63, 0x6c, 0x54, 0x61, 0x67, 0x73, 0x22, 0x56, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3a, 0x0a, 0x0c, 0x70, 0x72, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, + 0x5f, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x68, 0x65, 0x61, + 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, + 0x68, 0x4b, 0x65, 0x79, 0x52, 0x0a, 0x70, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, + 0x22, 0x49, 0x0a, 0x17, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, + 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, - 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x22, 0x57, 0x0a, 0x17, 0x4c, 0x69, 0x73, - 0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3c, 0x0a, 0x0d, 0x70, 0x72, 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, - 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x68, 0x65, - 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, 0x65, 0x41, 0x75, - 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x0b, 0x70, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, - 0x79, 0x73, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, - 0x2f, 0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, - 0x61, 0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x22, 0x1a, 0x0a, 0x18, 0x45, + 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x36, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x50, + 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x22, + 0x57, 0x0a, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, + 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3c, 0x0a, 0x0d, 0x70, 0x72, + 0x65, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6b, 0x65, 0x79, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x18, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, + 0x2e, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x0b, 0x70, 0x72, 0x65, + 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, + 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, + 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/gen/go/headscale/v1/routes.pb.go b/gen/go/headscale/v1/routes.pb.go index 5ab4bbdc..2e977c65 100644 --- a/gen/go/headscale/v1/routes.pb.go +++ b/gen/go/headscale/v1/routes.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.27.1 +// protoc-gen-go v1.28.1 // protoc (unknown) // source: headscale/v1/routes.proto diff --git a/gen/openapiv2/headscale/v1/headscale.swagger.json b/gen/openapiv2/headscale/v1/headscale.swagger.json index 128e55b7..9b8d471d 100644 --- a/gen/openapiv2/headscale/v1/headscale.swagger.json +++ b/gen/openapiv2/headscale/v1/headscale.swagger.json @@ -824,6 +824,12 @@ "expiration": { "type": "string", "format": "date-time" + }, + "aclTags": { + "type": "array", + "items": { + "type": "string" + } } } }, @@ -1102,6 +1108,12 @@ "createdAt": { "type": "string", "format": "date-time" + }, + "aclTags": { + "type": "array", + "items": { + "type": "string" + } } } }, diff --git a/proto/headscale/v1/preauthkey.proto b/proto/headscale/v1/preauthkey.proto index a945ba01..decd2a36 100644 --- a/proto/headscale/v1/preauthkey.proto +++ b/proto/headscale/v1/preauthkey.proto @@ -13,6 +13,7 @@ message PreAuthKey { bool used = 6; google.protobuf.Timestamp expiration = 7; google.protobuf.Timestamp created_at = 8; + repeated string acl_tags = 9; } message CreatePreAuthKeyRequest { @@ -20,6 +21,7 @@ message CreatePreAuthKeyRequest { bool reusable = 2; bool ephemeral = 3; google.protobuf.Timestamp expiration = 4; + repeated string acl_tags = 5; } message CreatePreAuthKeyResponse { From 791272e408d50000d5668ed4adb0505bef1e5139 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Thu, 25 Aug 2022 20:03:38 +1000 Subject: [PATCH 05/16] Adds grpc/cli support for preauthkey tags --- cmd/headscale/cli/preauthkeys.go | 26 ++++++++++++++- db.go | 5 +++ grpcv1.go | 4 ++- preauth_keys.go | 56 +++++++++++++++++++++++++++----- 4 files changed, 81 insertions(+), 10 deletions(-) diff --git a/cmd/headscale/cli/preauthkeys.go b/cmd/headscale/cli/preauthkeys.go index 8d8e2093..f6f643a4 100644 --- a/cmd/headscale/cli/preauthkeys.go +++ b/cmd/headscale/cli/preauthkeys.go @@ -3,6 +3,7 @@ package cli import ( "fmt" "strconv" + "strings" "time" v1 "github.com/juanfont/headscale/gen/go/headscale/v1" @@ -33,6 +34,8 @@ func init() { Bool("ephemeral", false, "Preauthkey for ephemeral nodes") createPreAuthKeyCmd.Flags(). StringP("expiration", "e", DefaultPreAuthKeyExpiry, "Human-readable expiration of the key (e.g. 30m, 24h)") + createPreAuthKeyCmd.Flags(). + StringSlice("tags", []string{}, "Tags to automatically assign to node") } var preauthkeysCmd = &cobra.Command{ @@ -81,7 +84,16 @@ var listPreAuthKeys = &cobra.Command{ } tableData := pterm.TableData{ - {"ID", "Key", "Reusable", "Ephemeral", "Used", "Expiration", "Created"}, + { + "ID", + "Key", + "Reusable", + "Ephemeral", + "Used", + "Expiration", + "Created", + "Tags", + }, } for _, key := range response.PreAuthKeys { expiration := "-" @@ -96,6 +108,15 @@ var listPreAuthKeys = &cobra.Command{ reusable = fmt.Sprintf("%v", key.GetReusable()) } + var aclTags string + + if len(key.AclTags) > 0 { + for _, tag := range key.AclTags { + aclTags += "," + tag + } + aclTags = strings.TrimLeft(aclTags, ",") + } + tableData = append(tableData, []string{ key.GetId(), key.GetKey(), @@ -104,6 +125,7 @@ var listPreAuthKeys = &cobra.Command{ strconv.FormatBool(key.GetUsed()), expiration, key.GetCreatedAt().AsTime().Format("2006-01-02 15:04:05"), + aclTags, }) } @@ -136,6 +158,7 @@ var createPreAuthKeyCmd = &cobra.Command{ reusable, _ := cmd.Flags().GetBool("reusable") ephemeral, _ := cmd.Flags().GetBool("ephemeral") + tags, _ := cmd.Flags().GetStringSlice("tags") log.Trace(). Bool("reusable", reusable). @@ -147,6 +170,7 @@ var createPreAuthKeyCmd = &cobra.Command{ Namespace: namespace, Reusable: reusable, Ephemeral: ephemeral, + AclTags: tags, } durationStr, _ := cmd.Flags().GetString("expiration") diff --git a/db.go b/db.go index f0a0a598..e29256b2 100644 --- a/db.go +++ b/db.go @@ -131,6 +131,11 @@ func (h *Headscale) initDB() error { return err } + err = db.AutoMigrate(&PreAuthKeyAclTag{}) + if err != nil { + return err + } + _ = db.Migrator().DropTable("shared_machines") err = db.AutoMigrate(&APIKey{}) diff --git a/grpcv1.go b/grpcv1.go index e3db5dd4..620b8fe0 100644 --- a/grpcv1.go +++ b/grpcv1.go @@ -1,4 +1,4 @@ -//nolint +// nolint package headscale import ( @@ -111,6 +111,7 @@ func (api headscaleV1APIServer) CreatePreAuthKey( request.GetReusable(), request.GetEphemeral(), &expiration, + request.AclTags, ) if err != nil { return nil, err @@ -141,6 +142,7 @@ func (api headscaleV1APIServer) ListPreAuthKeys( request *v1.ListPreAuthKeysRequest, ) (*v1.ListPreAuthKeysResponse, error) { preAuthKeys, err := api.h.ListPreAuthKeys(request.GetNamespace()) + if err != nil { return nil, err } diff --git a/preauth_keys.go b/preauth_keys.go index f120f452..8359d287 100644 --- a/preauth_keys.go +++ b/preauth_keys.go @@ -29,17 +29,26 @@ type PreAuthKey struct { Reusable bool Ephemeral bool `gorm:"default:false"` Used bool `gorm:"default:false"` + AclTags []PreAuthKeyAclTag CreatedAt *time.Time Expiration *time.Time } +// PreAuthKeyAclTag describes an autmatic tag applied to a node when registered with the associated PreAuthKey +type PreAuthKeyAclTag struct { + ID uint64 `gorm:"primary_key"` + PreAuthKeyID uint64 + Tag string +} + // CreatePreAuthKey creates a new PreAuthKey in a namespace, and returns it. func (h *Headscale) CreatePreAuthKey( namespaceName string, reusable bool, ephemeral bool, expiration *time.Time, + aclTags []string, ) (*PreAuthKey, error) { namespace, err := h.GetNamespace(namespaceName) if err != nil { @@ -62,8 +71,26 @@ func (h *Headscale) CreatePreAuthKey( Expiration: expiration, } - if err := h.db.Save(&key).Error; err != nil { - return nil, fmt.Errorf("failed to create key in the database: %w", err) + err = h.db.Transaction(func(db *gorm.DB) error { + if err := db.Save(&key).Error; err != nil { + return fmt.Errorf("failed to create key in the database: %w", err) + } + + if len(aclTags) > 0 { + for _, tag := range aclTags { + if err := db.Save(&PreAuthKeyAclTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil { + return fmt.Errorf( + "failed to create key tag in the database: %w", + err, + ) + } + } + } + return nil + }) + + if err != nil { + return nil, err } return &key, nil @@ -77,7 +104,7 @@ func (h *Headscale) ListPreAuthKeys(namespaceName string) ([]PreAuthKey, error) } keys := []PreAuthKey{} - if err := h.db.Preload("Namespace").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil { + if err := h.db.Preload("Namespace").Preload("AclTags").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil { return nil, err } @@ -101,11 +128,17 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er // DestroyPreAuthKey destroys a preauthkey. Returns error if the PreAuthKey // does not exist. func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error { - if result := h.db.Unscoped().Delete(pak); result.Error != nil { - return result.Error - } + return h.db.Transaction(func(db *gorm.DB) error { + if result := db.Unscoped().Delete(PreAuthKeyAclTag{PreAuthKeyID: pak.ID}); result.Error != nil { + return result.Error + } - return nil + if result := db.Unscoped().Delete(pak); result.Error != nil { + return result.Error + } + + return nil + }) } // MarkExpirePreAuthKey marks a PreAuthKey as expired. @@ -131,7 +164,7 @@ func (h *Headscale) UsePreAuthKey(k *PreAuthKey) error { // If returns no error and a PreAuthKey, it can be used. func (h *Headscale) checkKeyValidity(k string) (*PreAuthKey, error) { pak := PreAuthKey{} - if result := h.db.Preload("Namespace").First(&pak, "key = ?", k); errors.Is( + if result := h.db.Preload("Namespace").Preload("AclTags").First(&pak, "key = ?", k); errors.Is( result.Error, gorm.ErrRecordNotFound, ) { @@ -176,6 +209,7 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { Ephemeral: key.Ephemeral, Reusable: key.Reusable, Used: key.Used, + AclTags: make([]string, len(key.AclTags)), } if key.Expiration != nil { @@ -186,5 +220,11 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { protoKey.CreatedAt = timestamppb.New(*key.CreatedAt) } + if len(key.AclTags) > 0 { + for idx := range key.AclTags { + protoKey.AclTags[idx] = key.AclTags[0].Tag + } + } + return &protoKey } From 6faa1d2e4acd7645475732300f03b16edda1c865 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Thu, 25 Aug 2022 20:12:41 +1000 Subject: [PATCH 06/16] Fix tests broken by preauthkey tags --- acls_test.go | 12 ++++++------ dns_test.go | 8 ++++++++ machine_test.go | 16 ++++++++-------- namespaces_test.go | 10 +++++++--- preauth_keys.go | 2 +- preauth_keys_test.go | 20 ++++++++++---------- routes_test.go | 4 ++-- utils_test.go | 6 +++--- 8 files changed, 45 insertions(+), 33 deletions(-) diff --git a/acls_test.go b/acls_test.go index fe2217c3..e25e71b5 100644 --- a/acls_test.go +++ b/acls_test.go @@ -114,7 +114,7 @@ func (s *Suite) TestValidExpandTagOwnersInSources(c *check.C) { namespace, err := app.CreateNamespace("user1") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("user1", "testmachine") @@ -164,7 +164,7 @@ func (s *Suite) TestValidExpandTagOwnersInDestinations(c *check.C) { namespace, err := app.CreateNamespace("user1") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("user1", "testmachine") @@ -214,7 +214,7 @@ func (s *Suite) TestInvalidTagValidNamespace(c *check.C) { namespace, err := app.CreateNamespace("user1") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("user1", "testmachine") @@ -263,7 +263,7 @@ func (s *Suite) TestValidTagInvalidNamespace(c *check.C) { namespace, err := app.CreateNamespace("user1") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("user1", "webserver") @@ -395,7 +395,7 @@ func (s *Suite) TestPortNamespace(c *check.C) { namespace, err := app.CreateNamespace("testnamespace") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("testnamespace", "testmachine") @@ -437,7 +437,7 @@ func (s *Suite) TestPortGroup(c *check.C) { namespace, err := app.CreateNamespace("testnamespace") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("testnamespace", "testmachine") diff --git a/dns_test.go b/dns_test.go index a2bb9aec..2de6e083 100644 --- a/dns_test.go +++ b/dns_test.go @@ -126,6 +126,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -134,6 +135,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -142,6 +144,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -150,6 +153,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -269,6 +273,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -277,6 +282,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -285,6 +291,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -293,6 +300,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) diff --git a/machine_test.go b/machine_test.go index 5da0906f..86dbabfd 100644 --- a/machine_test.go +++ b/machine_test.go @@ -18,7 +18,7 @@ func (s *Suite) TestGetMachine(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") @@ -44,7 +44,7 @@ func (s *Suite) TestGetMachineByID(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachineByID(0) @@ -70,7 +70,7 @@ func (s *Suite) TestGetMachineByNodeKey(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachineByID(0) @@ -98,7 +98,7 @@ func (s *Suite) TestGetMachineByAnyNodeKey(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachineByID(0) @@ -171,7 +171,7 @@ func (s *Suite) TestListPeers(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachineByID(0) @@ -214,7 +214,7 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) { for _, name := range []string{"test", "admin"} { namespace, err := app.CreateNamespace(name) c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) stor = append(stor, base{namespace, pak}) } @@ -294,7 +294,7 @@ func (s *Suite) TestExpireMachine(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") @@ -350,7 +350,7 @@ func (s *Suite) TestSetTags(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") diff --git a/namespaces_test.go b/namespaces_test.go index 6f33585f..a8022883 100644 --- a/namespaces_test.go +++ b/namespaces_test.go @@ -31,7 +31,7 @@ func (s *Suite) TestDestroyNamespaceErrors(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) err = app.DestroyNamespace("test") @@ -44,7 +44,7 @@ func (s *Suite) TestDestroyNamespaceErrors(c *check.C) { namespace, err = app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err = app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err = app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) machine := Machine{ @@ -107,6 +107,7 @@ func (s *Suite) TestGetMapResponseUserProfiles(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -115,6 +116,7 @@ func (s *Suite) TestGetMapResponseUserProfiles(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -123,6 +125,7 @@ func (s *Suite) TestGetMapResponseUserProfiles(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -131,6 +134,7 @@ func (s *Suite) TestGetMapResponseUserProfiles(c *check.C) { false, false, nil, + nil, ) c.Assert(err, check.IsNil) @@ -380,7 +384,7 @@ func (s *Suite) TestSetMachineNamespace(c *check.C) { newNamespace, err := app.CreateNamespace("new") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(oldNamespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(oldNamespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) machine := Machine{ diff --git a/preauth_keys.go b/preauth_keys.go index 8359d287..7995acb6 100644 --- a/preauth_keys.go +++ b/preauth_keys.go @@ -129,7 +129,7 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er // does not exist. func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error { return h.db.Transaction(func(db *gorm.DB) error { - if result := db.Unscoped().Delete(PreAuthKeyAclTag{PreAuthKeyID: pak.ID}); result.Error != nil { + if result := db.Unscoped().Where(PreAuthKeyAclTag{PreAuthKeyID: pak.ID}).Delete(&PreAuthKeyAclTag{}); result.Error != nil { return result.Error } diff --git a/preauth_keys_test.go b/preauth_keys_test.go index cd9c66aa..fe108337 100644 --- a/preauth_keys_test.go +++ b/preauth_keys_test.go @@ -7,14 +7,14 @@ import ( ) func (*Suite) TestCreatePreAuthKey(c *check.C) { - _, err := app.CreatePreAuthKey("bogus", true, false, nil) + _, err := app.CreatePreAuthKey("bogus", true, false, nil, nil) c.Assert(err, check.NotNil) namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - key, err := app.CreatePreAuthKey(namespace.Name, true, false, nil) + key, err := app.CreatePreAuthKey(namespace.Name, true, false, nil, nil) c.Assert(err, check.IsNil) // Did we get a valid key? @@ -40,7 +40,7 @@ func (*Suite) TestExpiredPreAuthKey(c *check.C) { c.Assert(err, check.IsNil) now := time.Now() - pak, err := app.CreatePreAuthKey(namespace.Name, true, false, &now) + pak, err := app.CreatePreAuthKey(namespace.Name, true, false, &now, nil) c.Assert(err, check.IsNil) key, err := app.checkKeyValidity(pak.Key) @@ -58,7 +58,7 @@ func (*Suite) TestValidateKeyOk(c *check.C) { namespace, err := app.CreateNamespace("test3") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil, nil) c.Assert(err, check.IsNil) key, err := app.checkKeyValidity(pak.Key) @@ -70,7 +70,7 @@ func (*Suite) TestAlreadyUsedKey(c *check.C) { namespace, err := app.CreateNamespace("test4") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) machine := Machine{ @@ -94,7 +94,7 @@ func (*Suite) TestReusableBeingUsedKey(c *check.C) { namespace, err := app.CreateNamespace("test5") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil, nil) c.Assert(err, check.IsNil) machine := Machine{ @@ -118,7 +118,7 @@ func (*Suite) TestNotReusableNotBeingUsedKey(c *check.C) { namespace, err := app.CreateNamespace("test6") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) key, err := app.checkKeyValidity(pak.Key) @@ -130,7 +130,7 @@ func (*Suite) TestEphemeralKey(c *check.C) { namespace, err := app.CreateNamespace("test7") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, true, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, true, nil, nil) c.Assert(err, check.IsNil) now := time.Now() @@ -165,7 +165,7 @@ func (*Suite) TestExpirePreauthKey(c *check.C) { namespace, err := app.CreateNamespace("test3") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, true, false, nil, nil) c.Assert(err, check.IsNil) c.Assert(pak.Expiration, check.IsNil) @@ -182,7 +182,7 @@ func (*Suite) TestNotReusableMarkedAsUsed(c *check.C) { namespace, err := app.CreateNamespace("test6") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) pak.Used = true app.db.Save(&pak) diff --git a/routes_test.go b/routes_test.go index 89b712b5..e0b7cafd 100644 --- a/routes_test.go +++ b/routes_test.go @@ -10,7 +10,7 @@ func (s *Suite) TestGetRoutes(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "test_get_route_machine") @@ -54,7 +54,7 @@ func (s *Suite) TestGetEnableRoutes(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "test_enable_route_machine") diff --git a/utils_test.go b/utils_test.go index 07fa62d8..6ef6f834 100644 --- a/utils_test.go +++ b/utils_test.go @@ -23,7 +23,7 @@ func (s *Suite) TestGetUsedIps(c *check.C) { namespace, err := app.CreateNamespace("test-ip") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") @@ -71,7 +71,7 @@ func (s *Suite) TestGetMultiIp(c *check.C) { ips, err := app.getAvailableIPs() c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") @@ -161,7 +161,7 @@ func (s *Suite) TestGetAvailableIpMachineWithoutIP(c *check.C) { namespace, err := app.CreateNamespace("test-ip") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) _, err = app.GetMachine("test", "testmachine") From ac18723dd417946501a2ab4cc26d79b522c12f64 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Thu, 25 Aug 2022 20:43:15 +1000 Subject: [PATCH 07/16] Set tags as part of handleAuthKeyCommon --- grpcv1.go | 12 ++++++++++++ integration_cli_test.go | 7 +++++++ preauth_keys.go | 24 ++++++++++++++++++------ preauth_keys_test.go | 17 +++++++++++++++++ protocol_common.go | 21 +++++++++++++++++++++ 5 files changed, 75 insertions(+), 6 deletions(-) diff --git a/grpcv1.go b/grpcv1.go index 620b8fe0..cadd6304 100644 --- a/grpcv1.go +++ b/grpcv1.go @@ -106,6 +106,18 @@ func (api headscaleV1APIServer) CreatePreAuthKey( expiration = request.GetExpiration().AsTime() } + if len(request.AclTags) > 0 { + for _, tag := range request.AclTags { + err := validateTag(tag) + + if err != nil { + return &v1.CreatePreAuthKeyResponse{ + PreAuthKey: nil, + }, status.Error(codes.InvalidArgument, err.Error()) + } + } + } + preAuthKey, err := api.h.CreatePreAuthKey( request.GetNamespace(), request.GetReusable(), diff --git a/integration_cli_test.go b/integration_cli_test.go index d2e28bee..b016ac29 100644 --- a/integration_cli_test.go +++ b/integration_cli_test.go @@ -260,6 +260,8 @@ func (s *IntegrationCLITestSuite) TestPreAuthKeyCommand() { "24h", "--output", "json", + "--tags", + "tag:test1,tag:test2", }, []string{}, ) @@ -333,6 +335,11 @@ func (s *IntegrationCLITestSuite) TestPreAuthKeyCommand() { listedPreAuthKeys[4].Expiration.AsTime().Before(time.Now().Add(time.Hour*26)), ) + // Test that tags are present + for i := 0; i < count; i++ { + assert.DeepEquals(listedPreAuthKeys[i].AclTags, []string{"tag:test1,", "tag:test2"}) + } + // Expire three keys for i := 0; i < 3; i++ { _, err := ExecuteCommand( diff --git a/preauth_keys.go b/preauth_keys.go index 7995acb6..6ebd6560 100644 --- a/preauth_keys.go +++ b/preauth_keys.go @@ -6,6 +6,7 @@ import ( "errors" "fmt" "strconv" + "strings" "time" v1 "github.com/juanfont/headscale/gen/go/headscale/v1" @@ -55,6 +56,12 @@ func (h *Headscale) CreatePreAuthKey( return nil, err } + for _, tag := range aclTags { + if !strings.HasPrefix(tag, "tag:") { + return nil, fmt.Errorf("aclTag '%s' did not begin with 'tag:'", tag) + } + } + now := time.Now().UTC() kstr, err := h.generateKey() if err != nil { @@ -77,12 +84,17 @@ func (h *Headscale) CreatePreAuthKey( } if len(aclTags) > 0 { + seenTags := map[string]bool{} + for _, tag := range aclTags { - if err := db.Save(&PreAuthKeyAclTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil { - return fmt.Errorf( - "failed to create key tag in the database: %w", - err, - ) + if seenTags[tag] == false { + if err := db.Save(&PreAuthKeyAclTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil { + return fmt.Errorf( + "failed to ceate key tag in the database: %w", + err, + ) + } + seenTags[tag] = true } } } @@ -222,7 +234,7 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { if len(key.AclTags) > 0 { for idx := range key.AclTags { - protoKey.AclTags[idx] = key.AclTags[0].Tag + protoKey.AclTags[idx] = key.AclTags[idx].Tag } } diff --git a/preauth_keys_test.go b/preauth_keys_test.go index fe108337..ffcaf9a4 100644 --- a/preauth_keys_test.go +++ b/preauth_keys_test.go @@ -190,3 +190,20 @@ func (*Suite) TestNotReusableMarkedAsUsed(c *check.C) { _, err = app.checkKeyValidity(pak.Key) c.Assert(err, check.Equals, ErrSingleUseAuthKeyHasBeenUsed) } + +func (*Suite) TestPreAuthKeyAclTags(c *check.C) { + namespace, err := app.CreateNamespace("test8") + c.Assert(err, check.IsNil) + + _, err = app.CreatePreAuthKey(namespace.Name, false, false, nil, []string{"badtag"}) + c.Assert(err, check.NotNil) // Confirm that malformed tags are rejected + + tags := []string{"tag:test1", "tag:test2"} + tagsWithDuplicate := []string{"tag:test1", "tag:test2", "tag:test2"} + _, err = app.CreatePreAuthKey(namespace.Name, false, false, nil, tagsWithDuplicate) + c.Assert(err, check.IsNil) + + listedPaks, err := app.ListPreAuthKeys("test8") + c.Assert(err, check.IsNil) + c.Assert(listedPaks[0].toProto().AclTags, check.DeepEquals, tags) +} diff --git a/protocol_common.go b/protocol_common.go index 154c14c9..72b38f4b 100644 --- a/protocol_common.go +++ b/protocol_common.go @@ -345,6 +345,7 @@ func (h *Headscale) handleAuthKeyCommon( machine.NodeKey = nodeKey machine.AuthKeyID = uint(pak.ID) err := h.RefreshMachine(machine, registerRequest.Expiry) + if err != nil { log.Error(). Caller(). @@ -355,6 +356,25 @@ func (h *Headscale) handleAuthKeyCommon( return } + + aclTags := pak.toProto().AclTags + if len(aclTags) > 0 { + // This conditional preserves the existing behaviour, although SaaS would reset the tags on auth-key login + err = h.SetTags(machine, aclTags) + } + + if err != nil { + log.Error(). + Caller(). + Bool("noise", machineKey.IsZero()). + Str("machine", machine.Hostname). + Strs("aclTags", aclTags). + Err(err). + Msg("Failed to set tags after refreshing machine") + + return + } + } else { now := time.Now().UTC() @@ -380,6 +400,7 @@ func (h *Headscale) handleAuthKeyCommon( NodeKey: nodeKey, LastSeen: &now, AuthKeyID: uint(pak.ID), + ForcedTags: pak.toProto().AclTags, } machine, err = h.RegisterMachine( From 842c28adff914d6b6e6ba6cc4461df99b8f88175 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Mon, 5 Sep 2022 09:33:53 +1000 Subject: [PATCH 08/16] replace netaddr usage with netip --- acls_types.go | 7 ++++--- machine.go | 2 +- machine_test.go | 10 +++++----- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/acls_types.go b/acls_types.go index 0289e099..6ee5bfdb 100644 --- a/acls_types.go +++ b/acls_types.go @@ -111,7 +111,7 @@ func (policy ACLPolicy) IsZero() bool { // Returns the list of autoApproving namespaces, groups or tags for a given IPPrefix func (autoApprovers *AutoApprovers) GetRouteApprovers( - prefix netaddr.IPPrefix, + prefix netip.Prefix, ) ([]string, error) { if prefix.Bits() == 0 { return autoApprovers.ExitNode, nil // 0.0.0.0/0, ::/0 or equivalent @@ -120,13 +120,14 @@ func (autoApprovers *AutoApprovers) GetRouteApprovers( approverAliases := []string{} for autoApprovedPrefix, autoApproverAliases := range autoApprovers.Routes { - autoApprovedPrefix, err := netaddr.ParseIPPrefix(autoApprovedPrefix) + autoApprovedPrefix, err := netip.ParsePrefix(autoApprovedPrefix) + if err != nil { return nil, err } if autoApprovedPrefix.Bits() >= prefix.Bits() && - autoApprovedPrefix.Contains(prefix.IP()) { + autoApprovedPrefix.Contains(prefix.Masked().Addr()) { approverAliases = append(approverAliases, autoApproverAliases...) } } diff --git a/machine.go b/machine.go index 54984d8d..5b53ef22 100644 --- a/machine.go +++ b/machine.go @@ -936,7 +936,7 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { return nil // This machine has no IPAddresses, so can't possibly match any autoApprovers ACLs } - approvedRoutes := make([]netaddr.IPPrefix, 0, len(machine.HostInfo.RoutableIPs)) + approvedRoutes := make([]netip.Prefix, 0, len(machine.HostInfo.RoutableIPs)) thisMachine := []Machine{*machine} for _, advertisedRoute := range machine.HostInfo.RoutableIPs { diff --git a/machine_test.go b/machine_test.go index e8c9e9a0..7d50db79 100644 --- a/machine_test.go +++ b/machine_test.go @@ -1063,9 +1063,9 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) { nodeKey := key.NewNode() - defaultRoute := netaddr.MustParseIPPrefix("0.0.0.0/0") - route1 := netaddr.MustParseIPPrefix("10.10.0.0/16") - route2 := netaddr.MustParseIPPrefix("10.11.0.0/16") + defaultRoute := netip.MustParsePrefix("0.0.0.0/0") + route1 := netip.MustParsePrefix("10.10.0.0/16") + route2 := netip.MustParsePrefix("10.11.0.0/16") machine := Machine{ ID: 0, @@ -1078,9 +1078,9 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) { AuthKeyID: uint(pak.ID), HostInfo: HostInfo{ RequestTags: []string{"tag:exit"}, - RoutableIPs: []netaddr.IPPrefix{defaultRoute, route1, route2}, + RoutableIPs: []netip.Prefix{defaultRoute, route1, route2}, }, - IPAddresses: []netaddr.IP{netaddr.MustParseIP("100.64.0.1")}, + IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.1")}, } app.db.Save(&machine) From 72a43007d8e573e3a97ba881170184623c1855c6 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Mon, 5 Sep 2022 09:44:55 +1000 Subject: [PATCH 09/16] fix broken preauth-key tag test --- integration_cli_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/integration_cli_test.go b/integration_cli_test.go index b016ac29..284dd485 100644 --- a/integration_cli_test.go +++ b/integration_cli_test.go @@ -337,7 +337,7 @@ func (s *IntegrationCLITestSuite) TestPreAuthKeyCommand() { // Test that tags are present for i := 0; i < count; i++ { - assert.DeepEquals(listedPreAuthKeys[i].AclTags, []string{"tag:test1,", "tag:test2"}) + assert.Equals(listedPreAuthKeys[i].AclTags, []string{"tag:test1,", "tag:test2"}) } // Expire three keys From 688cba7292219b5e311a62938c909b3319515b1d Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Wed, 7 Sep 2022 21:39:56 +1000 Subject: [PATCH 10/16] fix linting mistakes --- acls_types.go | 3 +-- machine.go | 15 +++++++-------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/acls_types.go b/acls_types.go index 6ee5bfdb..903f848b 100644 --- a/acls_types.go +++ b/acls_types.go @@ -109,7 +109,7 @@ func (policy ACLPolicy) IsZero() bool { return false } -// Returns the list of autoApproving namespaces, groups or tags for a given IPPrefix +// Returns the list of autoApproving namespaces, groups or tags for a given IPPrefix. func (autoApprovers *AutoApprovers) GetRouteApprovers( prefix netip.Prefix, ) ([]string, error) { @@ -121,7 +121,6 @@ func (autoApprovers *AutoApprovers) GetRouteApprovers( for autoApprovedPrefix, autoApproverAliases := range autoApprovers.Routes { autoApprovedPrefix, err := netip.ParsePrefix(autoApprovedPrefix) - if err != nil { return nil, err } diff --git a/machine.go b/machine.go index 5b53ef22..ec0ab464 100644 --- a/machine.go +++ b/machine.go @@ -930,17 +930,16 @@ func (h *Headscale) EnableRoutes(machine *Machine, routeStrs ...string) error { return nil } -// Enabled any routes advertised by a machine that match the ACL autoApprovers policy -func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { +// Enabled any routes advertised by a machine that match the ACL autoApprovers policy. +func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) { if len(machine.IPAddresses) == 0 { - return nil // This machine has no IPAddresses, so can't possibly match any autoApprovers ACLs + return // This machine has no IPAddresses, so can't possibly match any autoApprovers ACLs } approvedRoutes := make([]netip.Prefix, 0, len(machine.HostInfo.RoutableIPs)) thisMachine := []Machine{*machine} for _, advertisedRoute := range machine.HostInfo.RoutableIPs { - if contains(machine.EnabledRoutes, advertisedRoute) { continue // Skip routes that are already enabled for the node } @@ -953,7 +952,8 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { Str("advertisedRoute", advertisedRoute.String()). Uint64("machineId", machine.ID). Msg("Failed to resolve autoApprovers for advertised route") - return err + + return } for _, approvedAlias := range routeApprovers { @@ -965,7 +965,8 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { log.Err(err). Str("alias", approvedAlias). Msg("Failed to expand alias when processing autoApprovers policy") - return err + + return } // approvedIPs should contain all of machine's IPs if it matches the rule, so check for first @@ -985,8 +986,6 @@ func (h *Headscale) EnableAutoApprovedRoutes(machine *Machine) error { machine.EnabledRoutes = append(machine.EnabledRoutes, approvedRoute) } } - - return nil } func (machine *Machine) RoutesToProto() *v1.Routes { From 8a8ec7476d2ca2c03e0b9f9fe026fbedd7327eb1 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Wed, 7 Sep 2022 22:12:29 +1000 Subject: [PATCH 11/16] fix linting issues in preauthkey tags --- db.go | 2 +- grpcv1.go | 2 +- integration_cli_test.go | 2 +- preauth_keys.go | 28 +++++++++++++++------------- preauth_keys_test.go | 2 +- protocol_common.go | 2 -- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/db.go b/db.go index 6edb19a2..fc539cc3 100644 --- a/db.go +++ b/db.go @@ -131,7 +131,7 @@ func (h *Headscale) initDB() error { return err } - err = db.AutoMigrate(&PreAuthKeyAclTag{}) + err = db.AutoMigrate(&PreAuthKeyACLTag{}) if err != nil { return err } diff --git a/grpcv1.go b/grpcv1.go index cadd6304..917c2a14 100644 --- a/grpcv1.go +++ b/grpcv1.go @@ -1,4 +1,4 @@ -// nolint +//nolint package headscale import ( diff --git a/integration_cli_test.go b/integration_cli_test.go index 284dd485..d3b31507 100644 --- a/integration_cli_test.go +++ b/integration_cli_test.go @@ -337,7 +337,7 @@ func (s *IntegrationCLITestSuite) TestPreAuthKeyCommand() { // Test that tags are present for i := 0; i < count; i++ { - assert.Equals(listedPreAuthKeys[i].AclTags, []string{"tag:test1,", "tag:test2"}) + assert.Equal(s.T(), listedPreAuthKeys[i].AclTags, []string{"tag:test1", "tag:test2"}) } // Expire three keys diff --git a/preauth_keys.go b/preauth_keys.go index 6ebd6560..5206c43c 100644 --- a/preauth_keys.go +++ b/preauth_keys.go @@ -19,6 +19,7 @@ const ( ErrPreAuthKeyExpired = Error("AuthKey expired") ErrSingleUseAuthKeyHasBeenUsed = Error("AuthKey has already been used") ErrNamespaceMismatch = Error("namespace mismatch") + ErrPreAuthKeyACLTagInvalid = Error("AuthKey tag is invalid") ) // PreAuthKey describes a pre-authorization key usable in a particular namespace. @@ -30,14 +31,14 @@ type PreAuthKey struct { Reusable bool Ephemeral bool `gorm:"default:false"` Used bool `gorm:"default:false"` - AclTags []PreAuthKeyAclTag + ACLTags []PreAuthKeyACLTag CreatedAt *time.Time Expiration *time.Time } -// PreAuthKeyAclTag describes an autmatic tag applied to a node when registered with the associated PreAuthKey -type PreAuthKeyAclTag struct { +// PreAuthKeyACLTag describes an autmatic tag applied to a node when registered with the associated PreAuthKey. +type PreAuthKeyACLTag struct { ID uint64 `gorm:"primary_key"` PreAuthKeyID uint64 Tag string @@ -58,7 +59,7 @@ func (h *Headscale) CreatePreAuthKey( for _, tag := range aclTags { if !strings.HasPrefix(tag, "tag:") { - return nil, fmt.Errorf("aclTag '%s' did not begin with 'tag:'", tag) + return nil, fmt.Errorf("%w: '%s' did not begin with 'tag:'", ErrPreAuthKeyACLTagInvalid, tag) } } @@ -87,8 +88,8 @@ func (h *Headscale) CreatePreAuthKey( seenTags := map[string]bool{} for _, tag := range aclTags { - if seenTags[tag] == false { - if err := db.Save(&PreAuthKeyAclTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil { + if !seenTags[tag] { + if err := db.Save(&PreAuthKeyACLTag{PreAuthKeyID: key.ID, Tag: tag}).Error; err != nil { return fmt.Errorf( "failed to ceate key tag in the database: %w", err, @@ -98,6 +99,7 @@ func (h *Headscale) CreatePreAuthKey( } } } + return nil }) @@ -116,7 +118,7 @@ func (h *Headscale) ListPreAuthKeys(namespaceName string) ([]PreAuthKey, error) } keys := []PreAuthKey{} - if err := h.db.Preload("Namespace").Preload("AclTags").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil { + if err := h.db.Preload("Namespace").Preload("ACLTags").Where(&PreAuthKey{NamespaceID: namespace.ID}).Find(&keys).Error; err != nil { return nil, err } @@ -141,7 +143,7 @@ func (h *Headscale) GetPreAuthKey(namespace string, key string) (*PreAuthKey, er // does not exist. func (h *Headscale) DestroyPreAuthKey(pak PreAuthKey) error { return h.db.Transaction(func(db *gorm.DB) error { - if result := db.Unscoped().Where(PreAuthKeyAclTag{PreAuthKeyID: pak.ID}).Delete(&PreAuthKeyAclTag{}); result.Error != nil { + if result := db.Unscoped().Where(PreAuthKeyACLTag{PreAuthKeyID: pak.ID}).Delete(&PreAuthKeyACLTag{}); result.Error != nil { return result.Error } @@ -176,7 +178,7 @@ func (h *Headscale) UsePreAuthKey(k *PreAuthKey) error { // If returns no error and a PreAuthKey, it can be used. func (h *Headscale) checkKeyValidity(k string) (*PreAuthKey, error) { pak := PreAuthKey{} - if result := h.db.Preload("Namespace").Preload("AclTags").First(&pak, "key = ?", k); errors.Is( + if result := h.db.Preload("Namespace").Preload("ACLTags").First(&pak, "key = ?", k); errors.Is( result.Error, gorm.ErrRecordNotFound, ) { @@ -221,7 +223,7 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { Ephemeral: key.Ephemeral, Reusable: key.Reusable, Used: key.Used, - AclTags: make([]string, len(key.AclTags)), + AclTags: make([]string, len(key.ACLTags)), } if key.Expiration != nil { @@ -232,9 +234,9 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { protoKey.CreatedAt = timestamppb.New(*key.CreatedAt) } - if len(key.AclTags) > 0 { - for idx := range key.AclTags { - protoKey.AclTags[idx] = key.AclTags[idx].Tag + if len(key.ACLTags) > 0 { + for idx := range key.ACLTags { + protoKey.AclTags[idx] = key.ACLTags[idx].Tag } } diff --git a/preauth_keys_test.go b/preauth_keys_test.go index ffcaf9a4..84977dbd 100644 --- a/preauth_keys_test.go +++ b/preauth_keys_test.go @@ -191,7 +191,7 @@ func (*Suite) TestNotReusableMarkedAsUsed(c *check.C) { c.Assert(err, check.Equals, ErrSingleUseAuthKeyHasBeenUsed) } -func (*Suite) TestPreAuthKeyAclTags(c *check.C) { +func (*Suite) TestPreAuthKeyACLTags(c *check.C) { namespace, err := app.CreateNamespace("test8") c.Assert(err, check.IsNil) diff --git a/protocol_common.go b/protocol_common.go index cbb35be8..9cb7c67f 100644 --- a/protocol_common.go +++ b/protocol_common.go @@ -343,7 +343,6 @@ func (h *Headscale) handleAuthKeyCommon( machine.NodeKey = nodeKey machine.AuthKeyID = uint(pak.ID) err := h.RefreshMachine(machine, registerRequest.Expiry) - if err != nil { log.Error(). Caller(). @@ -372,7 +371,6 @@ func (h *Headscale) handleAuthKeyCommon( return } - } else { now := time.Now().UTC() From 91e30397bdfc1ad825033a46809cfb1a1760c88a Mon Sep 17 00:00:00 2001 From: Jamie Greeff Date: Wed, 7 Sep 2022 14:16:04 +0100 Subject: [PATCH 12/16] Remove --rm flag from Docker example It appears to be causing confusion for users on Discord when copying/pasting from the example here, if Headscale crashes on launch then the container will be removed and logs can't be viewed with `docker logs`. --- docs/running-headscale-container.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/running-headscale-container.md b/docs/running-headscale-container.md index d341bb7c..f3626e9f 100644 --- a/docs/running-headscale-container.md +++ b/docs/running-headscale-container.md @@ -66,7 +66,6 @@ db_path: /etc/headscale/db.sqlite docker run \ --name headscale \ --detach \ - --rm \ --volume $(pwd)/config:/etc/headscale/ \ --publish 127.0.0.1:8080:8080 \ --publish 127.0.0.1:9090:9090 \ From c52e3aafe6ebf71547a19417c531609b9731f3aa Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Fri, 23 Sep 2022 17:58:06 +1000 Subject: [PATCH 13/16] remove unnecessary checks on slices --- cmd/headscale/cli/preauthkeys.go | 11 +++++------ grpcv1.go | 18 +++++++----------- preauth_keys.go | 6 ++---- protocol_common.go | 20 ++++++++++---------- 4 files changed, 24 insertions(+), 31 deletions(-) diff --git a/cmd/headscale/cli/preauthkeys.go b/cmd/headscale/cli/preauthkeys.go index f6f643a4..681731ae 100644 --- a/cmd/headscale/cli/preauthkeys.go +++ b/cmd/headscale/cli/preauthkeys.go @@ -108,15 +108,14 @@ var listPreAuthKeys = &cobra.Command{ reusable = fmt.Sprintf("%v", key.GetReusable()) } - var aclTags string + aclTags := "" - if len(key.AclTags) > 0 { - for _, tag := range key.AclTags { - aclTags += "," + tag - } - aclTags = strings.TrimLeft(aclTags, ",") + for _, tag := range key.AclTags { + aclTags += "," + tag } + aclTags = strings.TrimLeft(aclTags, ",") + tableData = append(tableData, []string{ key.GetId(), key.GetKey(), diff --git a/grpcv1.go b/grpcv1.go index 917c2a14..2535b280 100644 --- a/grpcv1.go +++ b/grpcv1.go @@ -1,4 +1,4 @@ -//nolint +// nolint package headscale import ( @@ -106,15 +106,12 @@ func (api headscaleV1APIServer) CreatePreAuthKey( expiration = request.GetExpiration().AsTime() } - if len(request.AclTags) > 0 { - for _, tag := range request.AclTags { - err := validateTag(tag) - - if err != nil { - return &v1.CreatePreAuthKeyResponse{ - PreAuthKey: nil, - }, status.Error(codes.InvalidArgument, err.Error()) - } + for _, tag := range request.AclTags { + err := validateTag(tag) + if err != nil { + return &v1.CreatePreAuthKeyResponse{ + PreAuthKey: nil, + }, status.Error(codes.InvalidArgument, err.Error()) } } @@ -154,7 +151,6 @@ func (api headscaleV1APIServer) ListPreAuthKeys( request *v1.ListPreAuthKeysRequest, ) (*v1.ListPreAuthKeysResponse, error) { preAuthKeys, err := api.h.ListPreAuthKeys(request.GetNamespace()) - if err != nil { return nil, err } diff --git a/preauth_keys.go b/preauth_keys.go index 5206c43c..1037bc87 100644 --- a/preauth_keys.go +++ b/preauth_keys.go @@ -234,10 +234,8 @@ func (key *PreAuthKey) toProto() *v1.PreAuthKey { protoKey.CreatedAt = timestamppb.New(*key.CreatedAt) } - if len(key.ACLTags) > 0 { - for idx := range key.ACLTags { - protoKey.AclTags[idx] = key.ACLTags[idx].Tag - } + for idx := range key.ACLTags { + protoKey.AclTags[idx] = key.ACLTags[idx].Tag } return &protoKey diff --git a/protocol_common.go b/protocol_common.go index 9cb7c67f..b4c6223c 100644 --- a/protocol_common.go +++ b/protocol_common.go @@ -358,18 +358,18 @@ func (h *Headscale) handleAuthKeyCommon( if len(aclTags) > 0 { // This conditional preserves the existing behaviour, although SaaS would reset the tags on auth-key login err = h.SetTags(machine, aclTags) - } - if err != nil { - log.Error(). - Caller(). - Bool("noise", machineKey.IsZero()). - Str("machine", machine.Hostname). - Strs("aclTags", aclTags). - Err(err). - Msg("Failed to set tags after refreshing machine") + if err != nil { + log.Error(). + Caller(). + Bool("noise", machineKey.IsZero()). + Str("machine", machine.Hostname). + Strs("aclTags", aclTags). + Err(err). + Msg("Failed to set tags after refreshing machine") - return + return + } } } else { now := time.Now().UTC() From e5decbd0fae168ffebd5f194883320f316f11f03 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Fri, 23 Sep 2022 18:13:48 +1000 Subject: [PATCH 14/16] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 443305da..1d690642 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ - Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788) - Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811) - Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653) +- Add support for generating pre-auth keys with tags [#767](https://github.com/juanfont/headscale/pull/767) ## 0.16.4 (2022-08-21) From d764f52f24ae63709b0597943c412b9b314da9c4 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Fri, 23 Sep 2022 18:08:59 +1000 Subject: [PATCH 15/16] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 443305da..58c7c2f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ - Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788) - Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811) - Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653) +- Add support for evaluating `autoApprovers` ACL entries when a machine is registered [#763](https://github.com/juanfont/headscale/pull/763) ## 0.16.4 (2022-08-21) From 7761a7b23ed411db526b0b6935c5f4975266ad93 Mon Sep 17 00:00:00 2001 From: Benjamin George Roberts Date: Fri, 23 Sep 2022 18:46:35 +1000 Subject: [PATCH 16/16] fix autoapprover test following tagged authkey change --- machine_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machine_test.go b/machine_test.go index 25075bc2..275ab14e 100644 --- a/machine_test.go +++ b/machine_test.go @@ -1058,7 +1058,7 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) { namespace, err := app.CreateNamespace("test") c.Assert(err, check.IsNil) - pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil) + pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil) c.Assert(err, check.IsNil) nodeKey := key.NewNode()