428 Commits

Author SHA1 Message Date
Kristoffer Dalby
72d1d2630e
Update cmd/headscale/cli/utils.go 2022-06-26 09:52:04 +02:00
Juan Font Alonso
c8378e8b7d Quick fix to segfault on CLI when Headscale is not running (fix #652) 2022-06-22 14:40:40 +02:00
Kristoffer Dalby
95824ac2ec MOve ephemeral inactivity config check to all the other config check 2022-06-12 13:12:43 +00:00
Kristoffer Dalby
3f7749c6d4
Merge branch 'main' into feature/configure-randomize-port 2022-06-11 10:55:05 +01:00
Anton Schubert
34be10840c add ability to set randomizeClientPort 2022-06-09 21:26:40 +02:00
Jiang Zhu
bcb04d38a5 Merge branch 'main' into enhance_cli_config
Extract LoadConfig from GetHeadscaleConfig, as they are conceptually
different operation, e.g.,
1) you can reload config through LoadConfig and do not get config
2) you can get config without reload config
2022-06-07 22:51:47 +08:00
Kristoffer Dalby
90f6be0c98 Rename one char var 2022-06-05 17:52:28 +02:00
Kristoffer Dalby
af891808f6 Make get config load the config, use config in main method 2022-06-05 17:47:12 +02:00
Jiang Zhu
ce13596077 add integration test for headscale -c 2022-06-05 23:13:58 +08:00
Jiang Zhu
402a29e50c impl heascale -c to specify config file 2022-06-05 18:25:09 +08:00
Jiang Zhu
0363e58467 cli.LoadConfig accepts config file now 2022-06-05 17:55:27 +08:00
Kristoffer Dalby
5514a862dc Update headscale read config tests 2022-06-03 09:26:46 +02:00
Kristoffer Dalby
1ea8bb782c Move all read config logic to config.go 2022-06-03 09:26:36 +02:00
Kristoffer Dalby
35722cd5aa Move FilePerm function from cli to headscale 2022-06-03 09:24:36 +02:00
Kristoffer Dalby
36dca3516a Move Abspath function to headscale utils 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
06129277ed Rename abspath function to describe what it does 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
6b1482daee Use config object instead of viper for policy path 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
24e4787a64 Make ACL policy part of the config struct 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
5bfae22c8f Make config get function global 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
3e078f0494 Fix logtail config function name 2022-05-31 14:28:01 +02:00
Kristoffer Dalby
f7edea5f40
Merge branch 'main' into rename-fixess 2022-05-31 09:42:20 +02:00
Kristoffer Dalby
d860270733 Use Prometheus duration parser (support days and weeks) 2022-05-30 16:10:39 +02:00
Kristoffer Dalby
9175aca094
Merge branch 'main' into rename-fixess 2022-05-30 15:29:50 +02:00
Kristoffer Dalby
7f66d9184b Add config test 2022-05-30 14:57:43 +02:00
Kristoffer Dalby
a0c465c2eb Wire up setting to enable/disable logtail 2022-05-30 14:47:41 +02:00
Kristoffer Dalby
e631c6f7e0 Merge master 2022-05-16 21:41:46 +02:00
Kristoffer Dalby
f4873d9387 Fix rename cli error 2022-05-16 20:29:31 +02:00
Adrien Raffin-Caboisse
4435a4f19d
chore: apply lint recommendations 2022-05-16 14:59:46 +02:00
Kristoffer Dalby
a28eebfca3
Merge branch 'main' into feat-list-tags-of-machines 2022-05-15 12:11:28 +01:00
Adrien Raffin-Caboisse
72c1edaaa4
Merge remote-tracking branch 'origin/main' into feat-list-tags-of-machines 2022-05-13 11:56:06 +02:00
Adrien Raffin-Caboisse
63d920510d
feat: improve nodes list with inputs from @deonthomasgy
cf: https://github.com/juanfont/headscale/compare/main...deonthomasgy:dev/thomas/show-tags
2022-05-13 11:46:28 +02:00
Adrien Raffin-Caboisse
62cfd60e38
feat: add validation of tags 2022-05-13 10:18:01 +02:00
Samuel Lock
c26280c331 modified code to satisfy golangci-lint and added integration test 2022-05-11 09:31:24 +10:00
Samuel Lock
8be9e9655c fixed issue #360 2022-05-10 20:51:14 +10:00
Deon Thomas
6ed79b7bb8
order Ip Address, IPv4 first, cleanup 2022-05-08 15:21:10 -04:00
Deon Thomas
b4f5ed6618
order ip address output, IPv4 first 2022-05-08 15:06:12 -04:00
Adrien Raffin-Caboisse
dc8c20e002
fix: handle empty aclPolicy for integration tests 2022-05-04 22:56:55 +02:00
Adrien Raffin-Caboisse
a2fb5b2b9d
Merge remote-tracking branch 'origin/main' into feat-list-tags-of-machines 2022-05-03 20:35:28 +02:00
Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow.
Adds knobs to configure three aspects of the OpenID Connect flow:

 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals.
2022-05-02 17:11:07 +02:00
Igor Perepilitsyn
12d8f0f4b0 remove redundant lines of code, fix response when output is not plain text 2022-05-02 14:00:00 +04:00
Igor Perepilitsyn
1b3a7bbf03 apply styling fixes 2022-05-02 08:32:33 +04:00
Igor Perepilitsyn
bc055edf12 add command for moving node between namespaces 2022-05-01 17:55:34 +04:00
Adrien Raffin-Caboisse
fec8cda16a
fix: fix linting issue on my computer 2022-04-25 22:33:53 +02:00
Adrien Raffin-Caboisse
2c448d4a5c
chore: apply linting 2022-04-25 22:27:44 +02:00
Adrien Raffin-Caboisse
8061abe279 refact: use generics for contains functions 2022-04-25 22:17:23 +02:00
Adrien Raffin-Caboisse
cc9eeda889 feat: updating cli to match the set command 2022-04-25 22:17:23 +02:00
Kristoffer Dalby
79704dc9b0 Update command with new fields 2022-04-24 20:57:15 +01:00
Kristoffer Dalby
8845938881
Merge branch 'main' into main 2022-04-24 09:48:00 +02:00
Adrien Raffin-Caboisse
f53bb63b2d
fix: move tag command to subcommand of nodes 2022-04-21 23:43:20 +02:00
Adrien Raffin-Caboisse
4651c44dde
feat: print tags in nodes list 2022-04-16 13:32:00 +02:00
Adrien Raffin-Caboisse
98f54c9f7f
chore: apply format and lint 2022-04-15 18:27:57 +02:00
Adrien Raffin-Caboisse
9de9bc23f8
feat(cli): add tag subcommand to add and remove tags 2022-04-15 16:12:35 +02:00
Nico Rey
6e08241712 Exit Headscale if ACL policy file cannot be parsed 2022-04-06 11:05:08 -03:00
henning mueller
b2ae9b6cac
fix: Remove days from expiry option value examples 2022-04-05 18:45:29 +02:00
Kristoffer Dalby
c8aa653275
Merge branch 'main' into main 2022-03-19 09:36:36 +00:00
Juan Font Alonso
2e6687209b Make STUN server mandatory if DERP embedded is enabled 2022-03-18 12:58:00 +01:00
Juan Font Alonso
b8aad5451d Make STUN run by default when embedded DERP is enabled
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
2022-03-15 13:22:25 +01:00
bravechamp
9901d6b2e7 Ability to clear nickname 2022-03-13 21:10:41 +00:00
bravechamp
663e8384a3 Nickname support 2022-03-13 21:03:20 +00:00
Juan Font Alonso
de2ea83b3b Linting here and there 2022-03-06 17:35:54 +01:00
Juan Font Alonso
eb06054a7b Make DERP Region configurable 2022-03-06 17:25:21 +01:00
Juan Font Alonso
eb500155e8 Make STUN server configurable 2022-03-06 17:00:56 +01:00
Juan Font Alonso
dc909ba6d7 Improved logging on startup 2022-03-06 16:54:19 +01:00
Juan Font Alonso
df37d1a639 Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb Renamed configuration items of the DERP server 2022-03-05 16:22:02 +01:00
Juan Font Alonso
23cde8445f Merge branch 'main' into embedded-derp 2022-03-04 00:04:59 +01:00
Juan Font Alonso
897d480f4d Add an embedded DERP server to Headscale
This series of commit will be adding an embedded DERP server (and STUN) to Headscale,
thus making it completely self-contained and not dependant in other infrastructure.
2022-03-04 00:01:31 +01:00
Kristoffer Dalby
b61500670c
Merge branch 'main' into metrics-listen 2022-03-02 11:35:33 +00:00
zakaria
12b3b5f8f1 feat(aliases): add aliases for preauthkeys command
- `preauthkey`, `authkey`, `pre` are aliases for `preauthkey` command
- `ls`, `show` are aliases for `list` subcommand
- `c`, `new` are aliases for `create` subcommand
- `revoke`, `exp`, `e` are aliases for `expire` subcommand
2022-03-02 15:42:12 +10:00
zakaria
052dbfe440 feat(aliases): add aliases for apikeys command
- `apikey`, `api` are aliases for `apikeys` command
- `ls`, `show` are aliases for `list` subcommand
- `c`, `new` are aliases for `create` subcommand
- `revoke`, `exp`, `e` are aliases for the `expire` subcommand
2022-03-02 15:32:35 +10:00
zakaria
5310f8692b feat(aliases): add aliases for namespaces command
- `namespace`, `ns`, `user`, `users` are aliases for `namespaces`
   command
- `c`, `new` are aliases for the `create` subcommand
- `delete` is an alias for the `destroy` subcommand
- `mv` is an alias for the `rename` subcommand
- `ls`, `show` are aliases for the `list` subcommand
2022-03-02 14:35:20 +10:00
zakaria
aff6b84250 feat(aliases): add 'gen' alias for 'generate' command 2022-03-02 14:29:33 +10:00
zakaria
21eee912a3 feat(aliases): add aliases for nodes command
- `node`, `machine`, `machines` are aliases for `nodes` command
- `ls`, `show` aliases for `list` subcommand
- `logout`, `exp`, `e` are aliases for `expire` subcommand
- `del` is an alias for `delete` subcommand
2022-03-02 14:28:03 +10:00
zakaria
dbb2af0238 feat(aliases): add aliases for route command
- `r` is alias for `route` command
- `ls`, or `show` is alias for `list` subcommand
2022-03-02 14:27:56 +10:00
Nico Rey
9a61725e9f Metrics: Disable toggle. Set default port to 9090 2022-02-28 10:40:02 -03:00
Kristoffer Dalby
6126d6d9b5
Merge branch 'main' into metrics-listen 2022-02-28 14:24:25 +01:00
Nico Rey
06e6c29a5b metrics: make metrics endpoint toggleable 2022-02-25 18:36:03 -03:00
Nico Rey
a9122c3de3 prometheus: replace default port by a port between the recommended prometheus range 2022-02-25 18:21:20 -03:00
Adrien Raffin-Caboisse
b39faa124a
Merge remote-tracking branch 'origin/main' into feat-oidc-login-as-namespace 2022-02-25 11:28:17 +01:00
Nico
d55c79e75b
Merge branch 'main' into metrics-listen 2022-02-24 10:41:07 -03:00
Kristoffer Dalby
aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace 2022-02-24 11:40:34 +00:00
Kristoffer Dalby
9c2c09fce7
Merge branch 'main' into remove-shared 2022-02-24 11:39:44 +00:00
Kristoffer Dalby
8c33907655 Sort lint 2022-02-24 11:10:40 +00:00
Adrien Raffin-Caboisse
4f1f235a2e feat: add strip_email_domain to normalization of namespace 2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
717250adb3 feat: removing matchmap from headscale 2022-02-22 20:58:08 +01:00
Kristoffer Dalby
9ceac5c0fc Remove CLI and tests for Shared node 2022-02-21 22:44:08 +00:00
Nico Rey
fbc1843889 metrics/tests: update tests 2022-02-21 12:51:05 -03:00
Nico Rey
45d5ab30ff metrics/cfg: add a new entry for the Prometheus listen address 2022-02-21 12:50:44 -03:00
Justin Angel
daa75da277 Linting and updating tests 2022-02-21 10:09:23 -05:00
Kristoffer Dalby
7bf2a91dd0
Merge branch 'main' into configurable-mtls 2022-02-20 14:33:23 +00:00
Justin Angel
385dd9cc34 refactoring 2022-02-20 09:06:14 -05:00
Kristoffer Dalby
4e54796384 Allow gRPC server to run insecure 2022-02-13 09:08:46 +00:00
Kristoffer Dalby
c3b68adfed Fix lint 2022-02-13 08:46:35 +00:00
Kristoffer Dalby
0018a78d5a Add insecure option
Add option to not _validate_ if the certificate served from headscale is
trusted.
2022-02-13 08:41:49 +00:00
Kristoffer Dalby
ead8b68a03 Fix lint 2022-02-12 19:42:55 +00:00
Kristoffer Dalby
315ff9daf0 Remove insecure, only allow valid certs 2022-02-12 19:35:55 +00:00
Kristoffer Dalby
e18078d7f8 Rename j 2022-02-12 19:08:41 +00:00
Kristoffer Dalby
c73b57e7dc Use undeprecated method for insecure 2022-02-12 19:08:33 +00:00
Kristoffer Dalby
811d3d510c Add grpc_listen_addr config option 2022-02-12 16:14:33 +00:00
Kristoffer Dalby
168b1bd579
Merge branch 'main' into configurable-mtls 2022-01-31 12:28:00 +00:00
Justin Angel
9de5c7f8b8 updating default 2022-01-31 07:22:17 -05:00
Kristoffer Dalby
6f6018bad5
Merge branch 'main' into ipv6 2022-01-30 08:21:11 +00:00
Kristoffer Dalby
0609c97459
Merge branch 'main' into configurable-mtls 2022-01-29 20:15:58 +00:00
Kristoffer Dalby
cd0df1e46f
Merge branch 'main' into socket-permission 2022-01-29 19:30:49 +00:00
Justin Angel
c98a559b4d linting/formatting 2022-01-29 14:15:33 -05:00
Justin Angel
5935b13b67 refining 2022-01-29 13:35:08 -05:00
Justin Angel
9e619fc020 Making client authentication mode configurable 2022-01-29 12:59:31 -05:00
Csaba Sarkadi
45bcf39894 fixup! fixup! cmd/headscale/cli/utils: merge ip_prefix with ip_prefixes in config 2022-01-29 16:52:27 +01:00
Csaba Sarkadi
0a1db89d33 fixup! cmd/headscale/cli/utils: merge ip_prefix with ip_prefixes in config 2022-01-29 16:27:36 +01:00
Csaba Sarkadi
e66f8b0eeb cmd/headscale/cli/utils: merge ip_prefix with ip_prefixes in config 2022-01-29 16:04:15 +01:00
Kristoffer Dalby
b4f8961e44 Make Unix socket permissions configurable 2022-01-28 18:58:22 +00:00
Kristoffer Dalby
126e694f26 Add generate private-key command
This commit adds a command to generate a private key for headscale.

Mostly useful for systems were you drive the deployment from another
machine and use a secret management system.
2022-01-28 18:08:52 +00:00
Kristoffer Dalby
05db1b7109 Formatting and improving logs for config loading 2022-01-25 22:11:15 +00:00
Kristoffer Dalby
6e14fdf0d3 More reusable stuff in cli 2022-01-25 22:11:15 +00:00
Kristoffer Dalby
1fd57a3375 Add apikeys command to create, list and expire 2022-01-25 22:11:15 +00:00
Kristoffer Dalby
b4259fcd79 Add helper function for colouring expiries 2022-01-25 22:11:15 +00:00
Csaba Sarkadi
1a6e5d8770 Add support for multiple IP prefixes 2022-01-16 14:18:22 +01:00
Kristoffer Dalby
25b5eb8d7f Update tests to aline with new config example 2022-01-02 23:17:42 +00:00
Kristoffer Dalby
8932133ae7
Merge branch 'main' into kradalby-patch-2 2021-11-28 09:28:32 +00:00
Kristoffer Dalby
34f4109fbd Add back privatekey, but automatically generate it if it does not exist 2021-11-28 09:17:18 +00:00
Kristoffer Dalby
ef81845deb
Merge branch 'main' into kradalby-patch-2 2021-11-27 20:30:27 +00:00
Kristoffer Dalby
59aeaa8476 Ensure we always have the key prefix when needed 2021-11-27 20:25:12 +00:00
Ward Vandewege
cb2ea300ad Fix linter errors. 2021-11-27 13:59:39 -05:00
Kristoffer Dalby
c38f00fab8 Unmarshal keys in the non-deprecated way 2021-11-26 23:50:42 +00:00
Kristoffer Dalby
cfd53bc4aa Factor wgkey to types/key
This commit converts all the uses of wgkey to the new key interfaces.

It now has specific  machine, node and discovery keys and we now should
use them correctly.

Please note the new logic which strips a key prefix (in utils.go) that
is now standard inside tailscale.

In theory we could put it in the database, but to preserve backwards
compatibility and not spend a lot of resources on accounting for both,
we just strip them.
2021-11-26 23:30:42 +00:00
Kristoffer Dalby
07418140a2 Remove config loading of private key path 2021-11-26 23:29:41 +00:00
Ward Vandewege
b6ae60cc44 The create-node subcommand under debug needs a 64 character key. 2021-11-26 14:49:51 -05:00
Ward Vandewege
c7f3e0632b When creating a preauthkey, the default expiration was passed through as
a nil value, instead of the default value (1h). This resulted in the
preauthkey being created with expiration key '0001-01-01 00:00:00',
which meant the key would not work, because it was already expired.

This commit applies the default expiration time (1h) when a preauthkey
is created without a specific expiration. It also updates an integration
test to make sure this bug does not reoccur.
2021-11-26 10:04:26 -05:00
Kristoffer Dalby
e8faff4fe2 Use uint64 straight instead of converting 2021-11-22 17:22:22 +00:00
Kristoffer Dalby
fac33e46e1
Add long description for expire 2021-11-21 21:35:36 +00:00
Kristoffer Dalby
b152e53b13
Use correct type for nodes command 2021-11-21 21:34:03 +00:00
Kristoffer Dalby
a2b9f3bede Add expire (logout) machine command 2021-11-21 13:40:44 +00:00
Kristoffer Dalby
f85a77edb5 Remove println statement 2021-11-21 09:48:59 +00:00
Kristoffer Dalby
1c7aff5dd9 Add expired column to machine list command 2021-11-21 09:44:38 +00:00
Kristoffer Dalby
6a9dd2029e Remove expiry logic, this needs to be redone 2021-11-19 09:02:49 +00:00
Kristoffer Dalby
d6739386a0
Get rid of dynamic errors 2021-11-15 19:18:14 +00:00
Kristoffer Dalby
db8be91d8b
Add and fix forbidigo 2021-11-15 18:36:02 +00:00
Kristoffer Dalby
c4d4c9c4e4
Add and fix gosec 2021-11-15 18:31:52 +00:00
Kristoffer Dalby
715542ac1c
Add and fix stylecheck (golint replacement) 2021-11-15 17:24:24 +00:00
Kristoffer Dalby
0c45f8d252
Add and fix errorlint 2021-11-15 16:26:41 +00:00
Kristoffer Dalby
471c0b4993
Initial work eliminating one/two letter variables 2021-11-14 20:32:03 +01:00
Kristoffer Dalby
85f28a3f4a
Remove all instances of undefined numbers (gonmd) 2021-11-14 18:31:51 +01:00
Kristoffer Dalby
796072a5a4
Add and fix ifshort 2021-11-14 18:09:22 +01:00
Kristoffer Dalby
c9c16c7fb8
Remove unused params or returns 2021-11-14 18:03:21 +01:00
Kristoffer Dalby
19cd7a4eac
Add and fix exhaustive 2021-11-14 17:52:55 +01:00
Kristoffer Dalby
89eb13c6cb
Add and fix nlreturn (new line return) 2021-11-14 16:46:09 +01:00
Kristoffer Dalby
052883aa55 Fix merge conflict 2021-11-14 08:30:48 +00:00
Ward Vandewege
acf7e462ad Improvements for namespace deletion: add a confirmation prompt, and make
sure to also delete any associated preauthkeys.
2021-11-13 14:01:05 -05:00
Kristoffer Dalby
2634215f12 golangci-lint --fix 2021-11-13 08:39:04 +00:00
Kristoffer Dalby
03b7ec62ca Go format with shorter lines 2021-11-13 08:36:45 +00:00