Kristoffer Dalby
2b7bcb77a5
Stop using deprecated string function
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
97a909866d
Use pingAll helper for all integration pinging
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
feeb5d334b
Populate the tags field on node
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
a840a2e6ee
Sort tailcfg.Node creation as upstream
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
4183345020
Do not collect services, we dont support it
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
50fb7ad6ce
Add TODOs for only sending patch updates
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
88a9f4b44c
Send control time in map response
...
This gives all the nodes the same constant time to work from
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-03 09:26:22 +01:00
Kristoffer Dalby
00fbd8dd93
Remove all tests before generating new ones
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-02 17:55:19 +01:00
Kristoffer Dalby
ce587d2421
Update test workflows
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-01 10:58:37 +01:00
Kristoffer Dalby
e1eb30084d
Remove new line at start of test template
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-01 10:58:37 +01:00
Kristoffer Dalby
673638afe7
Use ripgrep to find list of tests
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-02-01 10:58:37 +01:00
Kristoffer Dalby
da48cf64b3
Set OpenID Connect Expiry
...
This commit adds a default OpenID Connect expiry to 180d to align with
Tailscale SaaS (previously infinite or based on token expiry).
In addition, it adds an option use the expiry time from the Token sent
by the OpenID provider. This will typically cause really short expiry
and you should only turn on this option if you know what you are
desiring.
This fixes #1176 .
Co-authored-by: Even Holthe <even.holthe@bekk.no>
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-31 18:55:16 +01:00
Dominic Bevacqua
385fd93e73
Update changelog
2023-01-31 00:15:48 +01:00
Dominic Bevacqua
26edf24477
Allow split DNS configuration without requiring global nameservers
...
Align behaviour of dns_config.restricted_nameservers to tailscale.
Tailscale allows split DNS configuration without requiring global nameservers.
In addition, as per [the docs](https://tailscale.com/kb/1054/dns/#using-dns-settings-in-the-admin-console ):
> These nameservers also configure search domains for your devices
This commit aligns headscale to tailscale by:
* honouring dns_config.restricted_nameservers regardless of whether any global resolvers are configured
* adding a search domain for each restricted_nameserver
2023-01-31 00:15:48 +01:00
Kristoffer Dalby
83a538cc95
Rename IP specific function, add missing test case
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-30 15:56:38 +01:00
Kristoffer Dalby
cffa040474
Cancel old builds if new commits appear
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-30 14:57:10 +01:00
Kristoffer Dalby
727d95b477
Improve generated integration tests
...
- Save logs from control(headscale) on every run to tmp
- Upgrade nix-actions
- Cancel builds if new commit is pushed
- Fix a sorting bug in user command test
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-30 14:43:03 +01:00
Juan Font
640bb94119
Do not show IsPrimary field as false in exit nodes
2023-01-29 14:54:09 +01:00
Juan Font
0f65918a25
Update tests
...
Fixed linting
2023-01-29 12:25:37 +01:00
Juan Font
3ac2e0b253
Enable both exit node routes (IPv4 and IPv6) at the same time.
...
As indicated by bradfitz in https://github.com/juanfont/headscale/issues/804#issuecomment-1399314002 ,
both routes for the exit node must be enabled at the same time. If a user tries to enable one of the exit node routes,
the other gets activated too.
This commit also reduces the API surface, making private a method that didnt need to be exposed.
2023-01-29 12:25:37 +01:00
Juan Font
b322cdf251
Updated changelog for v0.20.0
2023-01-29 11:46:37 +01:00
Johan Siebens
e128796b59
use smallzstd and sync pool
v0.19.0
2023-01-27 12:03:24 +01:00
Kristoffer Dalby
6d669c6b9c
Migrate namespace_id to user_id column in machine and pak
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
v0.19.0-beta2
2023-01-26 11:07:26 +01:00
Kristoffer Dalby
8dadb045cf
Mark -n and --namespace as deprecated
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-26 10:22:38 +01:00
Christian Heusel
9f6e546522
modify the test to reflect the changes on the webinterface
...
related to 2d44a1c99c17
Signed-off-by: Christian Heusel <christian@heusel.eu>
2023-01-26 08:33:44 +01:00
Juan Font
9714900db9
Target Tailscale 1.36.0
2023-01-26 07:50:03 +01:00
Jan Hartkopf
cb25f0d650
Add hint for reverse proxying with Apache
2023-01-23 15:51:20 +01:00
caelansar
9c2e580ab5
put Where before Find
2023-01-20 10:50:29 +01:00
Christian Heusel
0ffff2c994
Update the node join instruction to reference "username"
...
related to https://github.com/juanfont/headscale/pull/1144
Signed-off-by: Christian Heusel <christian@heusel.eu>
2023-01-20 09:50:49 +01:00
Christian Heusel
c720af66d6
permalink in the limitations section to tailscale
...
The relative link was broken after one commit to the file
Signed-off-by: Christian Heusel <christian@heusel.eu>
2023-01-20 09:19:26 +01:00
Kristoffer Dalby
86a7129027
Update changelog, more explicit backup note
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
v0.19.0-beta1
2023-01-19 12:54:34 +01:00
Kristoffer Dalby
9eaa8dd049
Migrate DB: rename table is plural, order matters
...
The calls to AutoMigrate to other classes that refer to users will
create the table and it will break, it needs to be done before
everything else.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-19 12:54:34 +01:00
Kristoffer Dalby
81441afe70
update changelog
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
f19e8aa7f0
Fix failing tests
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
90287a6735
gofumpt
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
fb3e2dcf10
Rename namespace to user in docs
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
bf0b85f382
Rename acl test file
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
5da0963aac
Migrate DB: rename namespace, automigrate user
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
da5c051d73
Lint fix
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
b98bf199dd
Regenerate go from proto
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
428d7c86ce
Rename namespace in protobuf files
...
While this truly breaks the point of the backwards compatible stuff with
protobuf, it does not seem worth it to attempt to glue together a
compatible API.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
af1ec5a593
Rename .go namespace files
...
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Kristoffer Dalby
e3a2593344
Rename [Nn]amespace -> [Uu]ser in go code
...
Use gopls, ag and perl to rename all occurances of Namespace
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-18 15:40:04 +01:00
Motiejus Jakštys
bafb6791d3
oidc: allow reading the client secret from a file
...
Currently the most "secret" way to specify the oidc client secret is via
an environment variable `OIDC_CLIENT_SECRET`, which is problematic[1].
Lets allow reading oidc client secret from a file. For extra convenience
the path to the secret will resolve the environment variables.
[1]: https://systemd.io/CREDENTIALS/
v0.18.0
2023-01-14 17:03:57 +01:00
Motiejus Jakštys
6edac4863a
Makefile: remove a missing target
...
test_integration_oidc was removed in 0525bea59310a8e3e8e7d9feebcbd909f482cc92
2023-01-14 13:42:48 +01:00
Even Holthe
e27e01c09f
nodes list: expose expiration time
v0.18.0-beta4
2023-01-12 13:43:21 +01:00
Even Holthe
dd173ecc1f
Refresh machines with correct new expiry
2023-01-12 13:43:21 +01:00
Kristoffer Dalby
8ca0fb7ed0
update ip_prefixes docs
...
we cant actually have arbitrary ip ranges, add a note about that.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-01-12 11:39:39 +01:00
Juan Font
6c714e88ee
Added entry for performance improvements in ACLs
2023-01-11 08:58:03 +01:00
Allen
a6c8718a97
ToStringSlice will lead to high CPU usage, early conversion can reduce cpu usage
2023-01-11 08:45:54 +01:00