38 Commits

Author SHA1 Message Date
Juan Font Alonso
df37d1a639 Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb Renamed configuration items of the DERP server 2022-03-05 16:22:02 +01:00
Kristoffer Dalby
b61500670c
Merge branch 'main' into metrics-listen 2022-03-02 11:35:33 +00:00
Nico Rey
9a61725e9f Metrics: Disable toggle. Set default port to 9090 2022-02-28 10:40:02 -03:00
Kristoffer Dalby
6126d6d9b5
Merge branch 'main' into metrics-listen 2022-02-28 14:24:25 +01:00
Kristoffer Dalby
e0b9a317f4 Add note to config example 2022-02-27 09:05:08 +01:00
Nico Rey
06e6c29a5b metrics: make metrics endpoint toggleable 2022-02-25 18:36:03 -03:00
Nico Rey
a9122c3de3 prometheus: replace default port by a port between the recommended prometheus range 2022-02-25 18:21:20 -03:00
Nico
d55c79e75b
Merge branch 'main' into metrics-listen 2022-02-24 10:41:07 -03:00
Kristoffer Dalby
aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace 2022-02-24 11:40:34 +00:00
Adrien Raffin-Caboisse
4f1f235a2e feat: add strip_email_domain to normalization of namespace 2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
717250adb3 feat: removing matchmap from headscale 2022-02-22 20:58:08 +01:00
Nico Rey
45d5ab30ff metrics/cfg: add a new entry for the Prometheus listen address 2022-02-21 12:50:44 -03:00
Kristoffer Dalby
7bf2a91dd0
Merge branch 'main' into configurable-mtls 2022-02-20 14:33:23 +00:00
Justin Angel
385dd9cc34 refactoring 2022-02-20 09:06:14 -05:00
Kristoffer Dalby
4e54796384 Allow gRPC server to run insecure 2022-02-13 09:08:46 +00:00
Kristoffer Dalby
58bfea4e64 Update examples and docs 2022-02-12 19:08:59 +00:00
Kristoffer Dalby
168b1bd579
Merge branch 'main' into configurable-mtls 2022-01-31 12:28:00 +00:00
Justin Angel
52db80ab0d Merge branch 'configurable-mtls' of github.com:arch4ngel/headscale into configurable-mtls 2022-01-31 07:19:14 -05:00
Justin Angel
d44b2a7c01 adding default for tls_client_auth_mode 2022-01-30 07:26:28 -05:00
Kristoffer Dalby
6f6018bad5
Merge branch 'main' into ipv6 2022-01-30 08:21:11 +00:00
Csaba Sarkadi
bf7ee78324 config-example: add configuration for a dual-stack tailnet 2022-01-28 22:13:45 +01:00
Kristoffer Dalby
b4f8961e44 Make Unix socket permissions configurable 2022-01-28 18:58:22 +00:00
Kristoffer Dalby
25b5eb8d7f Update tests to aline with new config example 2022-01-02 23:17:42 +00:00
Kristoffer Dalby
5df100539c Remove outdated configuration page in favour of config-example 2022-01-02 19:42:35 +00:00
Kristoffer Dalby
271cb71754 Add more explaination and less redunancy with docs 2022-01-02 19:38:04 +00:00
Kristoffer Dalby
f9e6722635 Rewrite main documentation
This commit starts restructuring the documentation and updating it to be
compliant with 0.12.x+ releases.

The main change is that the documentation has been rewritten for the
ground up, and hopefully simplified.

The documentation has been split into an official documentation for
running headscale as a binary under Linux with SystemD and a "community"
provided documentation for Docker.

This should make the two documents a lot easier to read and follow than
the mishmash document we had.
2022-01-02 19:11:36 +01:00
Eugen
a6e99525ac Add log_level to config, more ACL debug log 2021-12-01 20:02:00 +01:00
Eugen
07a437c707 Add private_key_path to example config 2021-12-01 14:34:08 +01:00
Kristoffer Dalby
c63c259d31 Switch wgkey for types/key
We dont seem to need the wireguard key anymore, we generate a key on
startup based on the new library and the users fetch it from /key.

Clean up app.go and update docs
2021-11-26 23:28:06 +00:00
Kristoffer Dalby
264e5964f6
Resolve merge conflict 2021-10-31 09:40:43 +00:00
Kristoffer Dalby
cd2914dbc9 Make note about oidc being experimental 2021-10-30 15:35:58 +00:00
Kristoffer Dalby
cbf3f5d640 Resolve merge conflict 2021-10-30 15:33:01 +00:00
Kristoffer Dalby
6aacada852 Switch from gRPC localhost to socket
This commit changes the way CLI and grpc-gateway communicates with the
gRPC backend to socket, instead of localhost. Unauthenticated access now
goes on the socket, while the network interface will require API key (in
the future).
2021-10-30 14:08:16 +00:00
Kristoffer Dalby
746d4037da
Fix config and tests 2021-10-24 21:30:51 +01:00
Kristoffer Dalby
8853315dcc
Update config-example.yaml
Co-authored-by: Juan Font <juanfontalonso@gmail.com>
2021-10-23 10:40:15 +01:00
Kristoffer Dalby
4d4d0de356
Start adding comments to config 2021-10-22 18:27:11 +01:00
Kristoffer Dalby
b85adbc40a
Remove the need for multiple config files
This commit removes the almost a 100% redundant tests (two fields were
checked differently) and makes a single example configuration for users.
2021-10-22 18:14:29 +01:00