Commit Graph

1264 Commits

Author SHA1 Message Date
Juan Font
d421c7b665
Merge pull request #74 from kradalby/deadlock-logging
Switch to a structured logger
2021-08-06 00:18:40 +02:00
Kristoffer Dalby
1abc68ccf4 Removes locks causing deadlock
This commit removes most of the locks in the PollingMap handler as there
was combinations that caused deadlocks. Instead of doing a plain map and
doing the locking ourselves, we use sync.Map which handles it for us.
2021-08-05 22:14:37 +01:00
Kristoffer Dalby
575b15e5fa
Add more trace logging 2021-08-05 21:47:06 +01:00
Kristoffer Dalby
a8c8a358d0
Make log keys lowercase 2021-08-05 20:57:47 +01:00
Kristoffer Dalby
cd2ca137c0
Make log_level user configurable 2021-08-05 19:19:25 +01:00
Kristoffer Dalby
0660867a16
Correct url 2021-08-05 18:58:15 +01:00
Kristoffer Dalby
b1200140b8
Convert cli/utils.go 2021-08-05 18:26:49 +01:00
Kristoffer Dalby
d10b57b317
Convert namespaces.go 2021-08-05 18:23:02 +01:00
Kristoffer Dalby
42bf566fff
Convert acls.go 2021-08-05 18:18:18 +01:00
Kristoffer Dalby
0bb2fabc6c
Convert missing from api.go 2021-08-05 18:16:21 +01:00
Kristoffer Dalby
ee704f8ef3
Initial port to zerologger 2021-08-05 18:11:26 +01:00
Juan Font
4aad3b7933
Improved README.md on ip_prefix 2021-08-03 20:38:23 +02:00
Juan Font
6091373b53
Merge pull request #63 from juanfont/use-kv-for-updates
Added communication between Serve and CLI using KV table
2021-08-03 20:30:33 +02:00
Juan Font
3879120967
Merge pull request #72 from kradalby/ip-pool
Make IP Prefix configurable and available ip deterministic
2021-08-03 20:27:42 +02:00
Kristoffer Dalby
465669f650
Merge pull request #1 from kradalby/ip-pool-test
Fix empty ip issue and remove network/broadcast addresses
2021-08-03 10:12:09 +01:00
Kristoffer Dalby
ea615e3a26
Do not issue "network" or "broadcast" addresses (0 or 255) 2021-08-03 10:06:42 +01:00
Kristoffer Dalby
d3349aa4d1
Add test to ensure we can deal with empty ips from database 2021-08-03 09:26:28 +01:00
Kristoffer Dalby
73207decfd Check that IP is set before parsing
Machine is saved to db before it is assigned an ip, so we might have
empty ip fields coming back.
2021-08-03 07:42:11 +01:00
Kristoffer Dalby
eda6e560c3
debug logging 2021-08-02 22:51:50 +01:00
Kristoffer Dalby
95de823b72
Add test to ensure we can read back ips 2021-08-02 22:39:18 +01:00
Kristoffer Dalby
9f85efffd5
Update readme 2021-08-02 22:06:15 +01:00
Kristoffer Dalby
b5841c8a8b Rework getAvailableIp
This commit reworks getAvailableIp with a "simpler" version that will
look for the first available IP address in our IP Prefix.

There is a couple of ideas behind this:

* Make the host IPs reasonably predictable and in within similar
  subnets, which should simplify ACLs for subnets
* The code is not random, but deterministic so we can have tests
* The code is a bit more understandable (no bit shift magic)
2021-08-02 21:57:45 +01:00
Kristoffer Dalby
309f868a21 Make IP prefix configurable
This commit makes the IP prefix used to generate addresses configurable
to users. This can be useful if you would like to use a smaller range or
if your current setup is overlapping with the current range.

The current range is left as a default
2021-08-02 20:06:26 +01:00
Juan Font
6c903d4a2f Fixed missing nodes cmd 2021-07-31 23:14:24 +02:00
Juan Font
c3aa9a5d4c
Merge pull request #69 from juanfont/change-default-port
Use 8080 as default port in the example config
2021-07-31 11:47:15 +02:00
Juan Font Alonso
4fb55e1684 Use 8080 as default port, like in the Kubernetes yamls 2021-07-30 17:07:19 +02:00
Juan Font Alonso
91bfb481c1 Fix identation 2021-07-30 16:42:26 +02:00
Juan Font
201ba109c3
Merge pull request #62 from ohdearaugustin/topic/refactor-config
Topic/refactor config
2021-07-30 16:40:38 +02:00
Juan Font
d3f965d493
Merge pull request #66 from juanfont/remove-old-docker
Remove old docker code
2021-07-28 13:43:58 +02:00
Juan Font
f832d7325b
Merge pull request #67 from kradalby/patch-1
Fix typo in example
2021-07-27 19:58:15 +02:00
Kristoffer Dalby
b1d1bd32c3
Fix typo in example
The example command is missing the `s` in `preauthkeys`
2021-07-27 18:37:43 +01:00
Juan Font Alonso
df6d4de6fd Remove old docker code 2021-07-27 17:05:22 +02:00
Juan Font Alonso
461a893ee4 Added log message when sending updates 2021-07-25 20:47:51 +02:00
Juan Font Alonso
97f7c90092 Added communication between Serve and CLI using KV table (helps in #52) 2021-07-25 17:59:48 +02:00
ohdearaugustin
ea3043cdcb cmd: Add error check for Persistent Flags 2021-07-25 16:26:15 +02:00
ohdearaugustin
04dffcc4ae Refactor cli commands 2021-07-25 15:14:09 +02:00
ohdearaugustin
3a07360b6e Add root cmd 2021-07-25 15:10:34 +02:00
ohdearaugustin
b97d6f71b1 Refactor version cmd 2021-07-25 15:09:53 +02:00
ohdearaugustin
4915902e04 Refactor server cmd 2021-07-25 15:09:33 +02:00
ohdearaugustin
d87a4c87cc Refactor routes cmd 2021-07-25 15:08:40 +02:00
ohdearaugustin
e56755fd67 Refactor preauthkeys cmd 2021-07-25 15:07:27 +02:00
ohdearaugustin
2862c2034b Refactor nodes cmd 2021-07-25 15:04:06 +02:00
ohdearaugustin
53185eaa9e Refactor namespaces cmd 2021-07-25 15:03:45 +02:00
Juan Font
b83ecc3e6e
Merge pull request #61 from ohdearaugustin/topic/refactor-cli-versionCmd
Refactor cmdVersion to cli package
2021-07-25 12:00:06 +02:00
Juan Font
04fdd94201
Merge pull request #60 from cure/tls-more-readme-changes
Add some more detail to the README about the different Let's Encrypt
2021-07-25 11:38:31 +02:00
ohdearaugustin
48ec51d166 Refactor cmdVersion to cli package 2021-07-25 02:02:05 +02:00
Ward Vandewege
3260362436 Add some more detail to the README about the different Let's Encrypt
validation methods.
2021-07-24 09:20:38 -04:00
Ward Vandewege
5f60671d12
Merge pull request #59 from qbit/tls_letsencrypt_listen
Add a 'tls_letsencrypt_listen' config option
2021-07-24 09:03:04 -04:00
Aaron Bieber
69d77f6e9d Add a 'tls_letsencrypt_listen' config option
Currently the default (and non-configurable) Let's Encrypt listener will
bind to all IPs. This isn't ideal if we want to run headscale on a specific
IP only.

This also allows for one to set the listener to something other than
port 80. This is useful for OSs like OpenBSD which only allow root to
bind the lower port ranges (and don't have `setcap`) as we can now run
`headscale` as a non-privileged user while still using the baked in ACME
magic. Obviously this configuration would also require a reverse proxy
or firewall rule to redirect traffic. I attempted to outline that in the
README change.
2021-07-23 16:12:01 -06:00
Juan Font
1af9c11bdd
Merge pull request #54 from juanfont/delete-nodes
Implement node deletion
2021-07-19 16:18:09 +02:00