This commit restructures the map session in to a struct
holding the state of what is needed during its lifetime.
For streaming sessions, the event loop is structured a
bit differently not hammering the clients with updates
but rather batching them over a short, configurable time
which should significantly improve cpu usage, and potentially
flakyness.
The use of Patch updates has been dialed back a little as
it does not look like its a 100% ready for prime time. Nodes
are now updated with full changes, except for a few things
like online status.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Fixes the issue reported in #1712. In Tailscale SaaS, ephemeral keys can be single-user or reusable. Until now, our ephemerals were only reusable. This PR makes us adhere to the .com behaviour.
A lot of things are breaking in 0.23 so instead of having this
be a long process, just rip of the plaster.
Updates #1758
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* rework docker tags
This commit tries to align the new docker tags with the old schema
A prerelease will end up with the following tags:
- unstable
- v0.23.0-alpha3
- 0.23.0.alpha3
- sha-1234adsfg
A release will end up with:
- latest
- stable
- v0.23.0
- v0.23
- v0
- 0.23.0
- 0.23
- 0
- sha-1234adsfg
All of the builds will also have a `-debug` version.
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* update changelog
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
---------
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* TLS documentation updates
Move "Bring your own certificates" to the top
since the letsencrypt section is now much longer, it seems wrong to
keep such a short section way down at the bottom.
Restructure "Challenge types" into separate sections
Add technical description of letsencrypt renewals
this aims to answer:
- what can be expected in terms of renewals
- what logs can be expected (none)
- how to validate that renewal happened successfully
- the reason for some of the 'acme/autocert' logs, or at least
some best-effort assumptions
* +prettier
* Add test because of issue 1604
* Add peer for routes
* Revert previous change to try different way to add peer
* Add traces
* Remove traces
* Make sure tests have IPPrefix comparator
* Get allowedIps before loop
* Remove comment
* Add composite literals :)
We currently do not have a way to clean up api keys. There may be cases
where users of headscale may generate a lot of api keys and these may
end up accumulating in the database. This commit adds the command to
delete an api key given a prefix.
* create channel before sending first update
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
* do not notify on register, wait for connect
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
---------
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
When Postgres is used as the backing database for headscale,
it does not set a limit on maximum open and idle connections
which leads to hundreds of open connections to the Postgres
server.
This commit introduces the configuration variables to set those
values and also sets default while opening a new postgres connection.