Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow.
...
Adds knobs to configure three aspects of the OpenID Connect flow:
* Custom scopes to override the default "openid profile email".
* Custom parameters to be added to the Authorize Endpoint request.
* Domain allowlisting for authenticated principals.
* User allowlisting for authenticated principals.
2022-05-02 17:11:07 +02:00
Juan Font Alonso
d5ce7d7523
Prettier
2022-03-18 13:09:57 +01:00
Juan Font Alonso
2e6687209b
Make STUN server mandatory if DERP embedded is enabled
2022-03-18 12:58:00 +01:00
Juan Font Alonso
b8aad5451d
Make STUN run by default when embedded DERP is enabled
...
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
2022-03-15 13:22:25 +01:00
Juan Font Alonso
580db9b58f
Mention that STUN is UDP
2022-03-06 23:19:21 +01:00
Juan Font Alonso
eb06054a7b
Make DERP Region configurable
2022-03-06 17:25:21 +01:00
Juan Font Alonso
eb500155e8
Make STUN server configurable
2022-03-06 17:00:56 +01:00
Juan Font Alonso
237f7f1027
Merge branch 'main' into embedded-derp
2022-03-05 19:42:29 +01:00
Juan Font Alonso
df37d1a639
Do not offer the option to be DERP insecure
...
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb
Renamed configuration items of the DERP server
2022-03-05 16:22:02 +01:00
zakaria
745696b310
docs: fix mistake in ACME challenge type comment
2022-03-04 12:11:43 +10:00
Kristoffer Dalby
b61500670c
Merge branch 'main' into metrics-listen
2022-03-02 11:35:33 +00:00
Nico Rey
9a61725e9f
Metrics: Disable toggle. Set default port to 9090
2022-02-28 10:40:02 -03:00
Kristoffer Dalby
6126d6d9b5
Merge branch 'main' into metrics-listen
2022-02-28 14:24:25 +01:00
Kristoffer Dalby
e0b9a317f4
Add note to config example
2022-02-27 09:05:08 +01:00
Nico Rey
06e6c29a5b
metrics: make metrics endpoint toggleable
2022-02-25 18:36:03 -03:00
Nico Rey
a9122c3de3
prometheus: replace default port by a port between the recommended prometheus range
2022-02-25 18:21:20 -03:00
Nico
d55c79e75b
Merge branch 'main' into metrics-listen
2022-02-24 10:41:07 -03:00
Kristoffer Dalby
aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace
2022-02-24 11:40:34 +00:00
Adrien Raffin-Caboisse
4f1f235a2e
feat: add strip_email_domain to normalization of namespace
2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
717250adb3
feat: removing matchmap from headscale
2022-02-22 20:58:08 +01:00
Nico Rey
45d5ab30ff
metrics/cfg: add a new entry for the Prometheus listen address
2022-02-21 12:50:44 -03:00
Kristoffer Dalby
7bf2a91dd0
Merge branch 'main' into configurable-mtls
2022-02-20 14:33:23 +00:00
Justin Angel
385dd9cc34
refactoring
2022-02-20 09:06:14 -05:00
Kristoffer Dalby
4e54796384
Allow gRPC server to run insecure
2022-02-13 09:08:46 +00:00
Kristoffer Dalby
58bfea4e64
Update examples and docs
2022-02-12 19:08:59 +00:00
Kristoffer Dalby
168b1bd579
Merge branch 'main' into configurable-mtls
2022-01-31 12:28:00 +00:00
Justin Angel
52db80ab0d
Merge branch 'configurable-mtls' of github.com:arch4ngel/headscale into configurable-mtls
2022-01-31 07:19:14 -05:00
Justin Angel
d44b2a7c01
adding default for tls_client_auth_mode
2022-01-30 07:26:28 -05:00
Kristoffer Dalby
6f6018bad5
Merge branch 'main' into ipv6
2022-01-30 08:21:11 +00:00
Csaba Sarkadi
bf7ee78324
config-example: add configuration for a dual-stack tailnet
2022-01-28 22:13:45 +01:00
Kristoffer Dalby
b4f8961e44
Make Unix socket permissions configurable
2022-01-28 18:58:22 +00:00
Kristoffer Dalby
25b5eb8d7f
Update tests to aline with new config example
2022-01-02 23:17:42 +00:00
Kristoffer Dalby
5df100539c
Remove outdated configuration page in favour of config-example
2022-01-02 19:42:35 +00:00
Kristoffer Dalby
271cb71754
Add more explaination and less redunancy with docs
2022-01-02 19:38:04 +00:00
Kristoffer Dalby
f9e6722635
Rewrite main documentation
...
This commit starts restructuring the documentation and updating it to be
compliant with 0.12.x+ releases.
The main change is that the documentation has been rewritten for the
ground up, and hopefully simplified.
The documentation has been split into an official documentation for
running headscale as a binary under Linux with SystemD and a "community"
provided documentation for Docker.
This should make the two documents a lot easier to read and follow than
the mishmash document we had.
2022-01-02 19:11:36 +01:00
Eugen
a6e99525ac
Add log_level to config, more ACL debug log
2021-12-01 20:02:00 +01:00
Eugen
07a437c707
Add private_key_path to example config
2021-12-01 14:34:08 +01:00
Kristoffer Dalby
c63c259d31
Switch wgkey for types/key
...
We dont seem to need the wireguard key anymore, we generate a key on
startup based on the new library and the users fetch it from /key.
Clean up app.go and update docs
2021-11-26 23:28:06 +00:00
Kristoffer Dalby
264e5964f6
Resolve merge conflict
2021-10-31 09:40:43 +00:00
Kristoffer Dalby
cd2914dbc9
Make note about oidc being experimental
2021-10-30 15:35:58 +00:00
Kristoffer Dalby
cbf3f5d640
Resolve merge conflict
2021-10-30 15:33:01 +00:00
Kristoffer Dalby
6aacada852
Switch from gRPC localhost to socket
...
This commit changes the way CLI and grpc-gateway communicates with the
gRPC backend to socket, instead of localhost. Unauthenticated access now
goes on the socket, while the network interface will require API key (in
the future).
2021-10-30 14:08:16 +00:00
Kristoffer Dalby
746d4037da
Fix config and tests
2021-10-24 21:30:51 +01:00
Kristoffer Dalby
8853315dcc
Update config-example.yaml
...
Co-authored-by: Juan Font <juanfontalonso@gmail.com>
2021-10-23 10:40:15 +01:00
Kristoffer Dalby
4d4d0de356
Start adding comments to config
2021-10-22 18:27:11 +01:00
Kristoffer Dalby
b85adbc40a
Remove the need for multiple config files
...
This commit removes the almost a 100% redundant tests (two fields were
checked differently) and makes a single example configuration for users.
2021-10-22 18:14:29 +01:00