28 Commits

Author SHA1 Message Date
Aaron Bieber
69d77f6e9d Add a 'tls_letsencrypt_listen' config option
Currently the default (and non-configurable) Let's Encrypt listener will
bind to all IPs. This isn't ideal if we want to run headscale on a specific
IP only.

This also allows for one to set the listener to something other than
port 80. This is useful for OSs like OpenBSD which only allow root to
bind the lower port ranges (and don't have `setcap`) as we can now run
`headscale` as a non-privileged user while still using the baked in ACME
magic. Obviously this configuration would also require a reverse proxy
or firewall rule to redirect traffic. I attempted to outline that in the
README change.
2021-07-23 16:12:01 -06:00
Juan Font Alonso
0159649d0a Send the namespace name as user to the clients 2021-07-11 16:39:19 +02:00
Juan Font Alonso
cf9d920e4a Minor typo 2021-07-11 15:10:37 +02:00
Juan Font Alonso
d4b27fd54b Merge branch 'main' into acls 2021-07-04 21:54:55 +02:00
Juan Font Alonso
ff9d99b9ea Use gorm connection pool 2021-07-04 21:40:46 +02:00
Juan Font
202d6b506f Load ACL policy on headscale startup 2021-07-04 13:24:05 +02:00
Juan Font
136aab9dc8 Work in progress in rule generation 2021-07-03 17:31:32 +02:00
Juan Font Alonso
aa27709e60 Update code to Tailscale 1.10 2021-06-25 18:57:08 +02:00
Juan Font Alonso
69ba750b38 Update Headscale to depend on gorm v2 2021-06-24 15:44:19 +02:00
Ward Vandewege
d1c3faae5f Remove superfluous test support code. Fix bug in node list cli command.
Add tests.
2021-05-23 09:55:15 -04:00
Ward Vandewege
41f6740ddd Add support for ephemeral nodes via a special type of pre-auth key. Add
tests for that feature.

Other fixes: clean up a few typos in comments. Fix a bug that caused the
tests to run four times each. Be more consistent in the use of log
rather than fmt to print errors and notices.
2021-05-22 20:18:29 -04:00
Juan Font Alonso
216c6d85b2 Added support for sqlite as database backend 2021-05-15 14:32:26 +02:00
Ward Vandewege
b34e90c45d Fix bug in preauthkeys: namespace object was not populated in the return
value from CreatePreAuthKey and GetPreAuthKeys. Add tests for that bug,
and the rest of the preauthkeys functionality.

Fix path in `compress` Makefile target.
2021-05-02 14:58:05 -04:00
Ward Vandewege
f7b6c68d22 Address a bunch of golint warnings. 2021-04-24 11:26:50 -04:00
Ward Vandewege
426b4fd98a Add support for automatic TLS certificates via Let's Encrypt. Add a
configuration reference to the README.md file.
2021-04-23 22:55:01 -04:00
Ward Vandewege
252c68c50a Add HTTPS support for the web endpoint with manually configured
certificate/key files.
2021-04-23 17:18:00 -04:00
Juan Font Alonso
541d676b98 Minor code reorg 2021-04-08 23:57:31 +02:00
Juan Font Alonso
1fad8e6e5b Added basic routes functionality 2021-03-14 11:38:42 +01:00
Juan Font Alonso
b7655b1f68 Initial multi-user support using namespaces 2021-02-28 00:58:09 +01:00
Juan Font Alonso
06fb7d4587 WIP: Client updates. Long polling rewritten 2021-02-23 21:07:52 +01:00
Juan Font Alonso
563f3c4017 Fixes here and there 2021-02-21 23:54:15 +01:00
Juan Font Alonso
1b7d99d483 Improving code... 2021-02-21 22:14:38 +01:00
Juan Font Alonso
b1d06f3ffd headscale now has a CLI - registration of machines occurs there 2021-02-21 01:30:03 +01:00
Juan Font Alonso
a6100dc4d0 Load DERP servers from file 2021-02-20 23:57:06 +01:00
Juan Font Alonso
c5fbc5baa8 Bumped dependencies 2021-02-20 22:43:07 +01:00
Juan Font Alonso
1e1d577b83 Removed frontend stuff. We are not there yet... 2021-02-20 21:09:15 +01:00
Juan Font Alonso
1ddb4febe8 Embedding frontend via Pkger 2020-07-04 13:38:58 +02:00
Juan Font Alonso
7198c8bd77 Initial commit 2020-06-21 12:32:08 +02:00