Merge pull request #768 from kazauwa/feature/json-logs

toggle json logging via config
Merge branch 'main' into feature/json-logs
2025-08-15 05:47:40 +00:00 · 2022-09-20 23:32:10 +02:00 · 2022-09-20 23:11:29 +02:00 · 2022-09-18 21:59:25 +02:00 · 2022-09-18 12:14:49 +02:00 · 2022-09-18 11:37:38 +02:00
13 changed files with 114 additions and 47 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,11 +2,19 @@

 ## 0.17.0 (2022-XX-XX)

+### BREAKING
+
+- Log level option `log_level` was moved to a distinct `log` config section and renamed to `level` [#768](https://github.com/juanfont/headscale/pull/768)
+
+### Changes
+
 - Added support for Tailscale TS2021 protocol [#738](https://github.com/juanfont/headscale/pull/738)
 - Add ability to specify config location via env var `HEADSCALE_CONFIG` [#674](https://github.com/juanfont/headscale/issues/674)
 - Target Go 1.19 for Headscale [#778](https://github.com/juanfont/headscale/pull/778)
 - Target Tailscale v1.30.0 to build Headscale [#780](https://github.com/juanfont/headscale/pull/780)
 - Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
+- Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811)
+- Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653)

 ## 0.16.4 (2022-08-21)

--- a/cmd/headscale/cli/root.go
+++ b/cmd/headscale/cli/root.go
@@ -47,7 +47,7 @@ func initConfig() {

 	machineOutput := HasMachineOutputFlag()

-	zerolog.SetGlobalLevel(cfg.LogLevel)
+	zerolog.SetGlobalLevel(cfg.Log.Level)

 	// If the user has requested a "machine" readable format,
 	// then disable login so the output remains valid.
@@ -55,6 +55,10 @@ func initConfig() {
 		zerolog.SetGlobalLevel(zerolog.Disabled)
 	}

+	if cfg.Log.Format == headscale.JSONLogFormat {
+		log.Logger = log.Output(os.Stdout)
+	}
+
 	if !cfg.DisableUpdateCheck && !machineOutput {
 		if (runtime.GOOS == "linux" || runtime.GOOS == "darwin") &&
 			Version != "dev" {
--- a/config-example.yaml
+++ b/config-example.yaml
@@ -172,7 +172,10 @@ tls_letsencrypt_listen: ":http"
 tls_cert_path: ""
 tls_key_path: ""

-log_level: info
+log:
+  # Output formatting for logs: text or json
+  format: text
+  level: info

 # Path to a file containg ACL policies.
 # ACLs can be defined as YAML or HUJSON.
--- a/config.go
+++ b/config.go
@@ -22,6 +22,9 @@ import (
 const (
 	tlsALPN01ChallengeType = "TLS-ALPN-01"
 	http01ChallengeType    = "HTTP-01"
+
+	JSONLogFormat = "json"
+	TextLogFormat = "text"
 )

 // Config contains the initial Headscale configuration.
@@ -37,7 +40,7 @@ type Config struct {
 	PrivateKeyPath                 string
 	NoisePrivateKeyPath            string
 	BaseDomain                     string
-	LogLevel                       zerolog.Level
+	Log                            LogConfig
 	DisableUpdateCheck             bool

 	DERP DERPConfig
@@ -124,6 +127,11 @@ type ACLConfig struct {
 	PolicyPath string
 }

+type LogConfig struct {
+	Format string
+	Level  zerolog.Level
+}
+
 func LoadConfig(path string, isFile bool) error {
 	if isFile {
 		viper.SetConfigFile(path)
@@ -147,7 +155,8 @@ func LoadConfig(path string, isFile bool) error {
 	viper.SetDefault("tls_letsencrypt_challenge_type", http01ChallengeType)
 	viper.SetDefault("tls_client_auth_mode", "relaxed")

-	viper.SetDefault("log_level", "info")
+	viper.SetDefault("log.level", "info")
+	viper.SetDefault("log.format", TextLogFormat)

 	viper.SetDefault("dns_config", nil)

@@ -334,6 +343,34 @@ func GetACLConfig() ACLConfig {
 	}
 }

+func GetLogConfig() LogConfig {
+	logLevelStr := viper.GetString("log.level")
+	logLevel, err := zerolog.ParseLevel(logLevelStr)
+	if err != nil {
+		logLevel = zerolog.DebugLevel
+	}
+
+	logFormatOpt := viper.GetString("log.format")
+	var logFormat string
+	switch logFormatOpt {
+	case "json":
+		logFormat = JSONLogFormat
+	case "text":
+		logFormat = TextLogFormat
+	case "":
+		logFormat = TextLogFormat
+	default:
+		log.Error().
+			Str("func", "GetLogConfig").
+			Msgf("Could not parse log format: %s. Valid choices are 'json' or 'text'", logFormatOpt)
+	}
+
+	return LogConfig{
+		Format: logFormat,
+		Level:  logLevel,
+	}
+}
+
 func GetDNSConfig() (*tailcfg.DNSConfig, string) {
 	if viper.IsSet("dns_config") {
 		dnsConfig := &tailcfg.DNSConfig{}
@@ -430,12 +467,6 @@ func GetHeadscaleConfig() (*Config, error) {
 	configuredPrefixes := viper.GetStringSlice("ip_prefixes")
 	parsedPrefixes := make([]netip.Prefix, 0, len(configuredPrefixes)+1)

-	logLevelStr := viper.GetString("log_level")
-	logLevel, err := zerolog.ParseLevel(logLevelStr)
-	if err != nil {
-		logLevel = zerolog.DebugLevel
-	}
-
 	legacyPrefixField := viper.GetString("ip_prefix")
 	if len(legacyPrefixField) > 0 {
 		log.
@@ -488,7 +519,6 @@ func GetHeadscaleConfig() (*Config, error) {
 		GRPCAddr:           viper.GetString("grpc_listen_addr"),
 		GRPCAllowInsecure:  viper.GetBool("grpc_allow_insecure"),
 		DisableUpdateCheck: viper.GetBool("disable_check_updates"),
-		LogLevel:           logLevel,

 		IPPrefixes: prefixes,
 		PrivateKeyPath: AbsolutePathFromConfigPath(
@@ -550,5 +580,7 @@ func GetHeadscaleConfig() (*Config, error) {
 		},

 		ACL: GetACLConfig(),
+
+		Log: GetLogConfig(),
 	}, nil
 }
--- a/docs/running-headscale-container.md
+++ b/docs/running-headscale-container.md
@@ -66,7 +66,6 @@ db_path: /etc/headscale/db.sqlite
 docker run \
  --name headscale \
  --detach \
-  --rm \
  --volume $(pwd)/config:/etc/headscale/ \
  --publish 127.0.0.1:8080:8080 \
  --publish 127.0.0.1:9090:9090 \
--- a/integration_test/etc/alt-config.dump.gold.yaml
+++ b/integration_test/etc/alt-config.dump.gold.yaml
@@ -28,7 +28,9 @@ ip_prefixes:
  - fd7a:115c:a1e0::/48
  - 100.64.0.0/10
 listen_addr: 0.0.0.0:18080
-log_level: disabled
+log:
+  level: disabled
+  format: text
 logtail:
  enabled: false
 metrics_listen_addr: 127.0.0.1:19090
--- a/integration_test/etc/alt-config.yaml
+++ b/integration_test/etc/alt-config.yaml
@@ -1,4 +1,5 @@
-log_level: trace
+log:
+  level: trace
 acl_policy_path: ""
 db_type: sqlite3
 ephemeral_node_inactivity_timeout: 30m
--- a/integration_test/etc/alt-env-config.dump.gold.yaml
+++ b/integration_test/etc/alt-env-config.dump.gold.yaml
@@ -27,7 +27,9 @@ ip_prefixes:
  - fd7a:115c:a1e0::/48
  - 100.64.0.0/10
 listen_addr: 0.0.0.0:18080
-log_level: disabled
+log:
+  level: disabled
+  format: text
 logtail:
  enabled: false
 metrics_listen_addr: 127.0.0.1:19090
--- a/integration_test/etc/alt-env-config.yaml
+++ b/integration_test/etc/alt-env-config.yaml
@@ -1,4 +1,5 @@
-log_level: trace
+log:
+  level: trace
 acl_policy_path: ""
 db_type: sqlite3
 ephemeral_node_inactivity_timeout: 30m
--- a/integration_test/etc/config.dump.gold.yaml
+++ b/integration_test/etc/config.dump.gold.yaml
@@ -28,7 +28,9 @@ ip_prefixes:
  - fd7a:115c:a1e0::/48
  - 100.64.0.0/10
 listen_addr: 0.0.0.0:8080
-log_level: disabled
+log:
+  format: text
+  level: disabled
 logtail:
  enabled: false
 metrics_listen_addr: 127.0.0.1:9090
--- a/integration_test/etc/config.yaml
+++ b/integration_test/etc/config.yaml
@@ -1,4 +1,5 @@
-log_level: trace
+log:
+  level: trace
 acl_policy_path: ""
 db_type: sqlite3
 ephemeral_node_inactivity_timeout: 30m
--- a/machine.go
+++ b/machine.go
@@ -26,15 +26,22 @@ const (
 	)
 	ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface")
 	ErrHostnameTooLong                 = Error("Hostname too long")
-	ErrDifferentRegisteredNamespace    = Error("machine was previously registered with a different namespace")
-	MachineGivenNameHashLength         = 8
-	MachineGivenNameTrimSize           = 2
+	ErrDifferentRegisteredNamespace    = Error(
+		"machine was previously registered with a different namespace",
+	)
+	MachineGivenNameHashLength = 8
+	MachineGivenNameTrimSize   = 2
 )

 const (
 	maxHostnameLength = 255
 )

+var (
+	ExitRouteV4 = netip.MustParsePrefix("0.0.0.0/0")
+	ExitRouteV6 = netip.MustParsePrefix("::/0")
+)
+
 // Machine is a Headscale client.
 type Machine struct {
 	ID          uint64 `gorm:"primary_key"`
@@ -633,10 +640,22 @@ func (machine Machine) toNode(
 		[]netip.Prefix{},
 		addrs...) // we append the node own IP, as it is required by the clients

-	// TODO(kradalby): Needs investigation, We probably dont need this condition
-	// now that we dont have shared nodes
-	if includeRoutes {
-		allowedIPs = append(allowedIPs, machine.EnabledRoutes...)
+	allowedIPs = append(allowedIPs, machine.EnabledRoutes...)
+
+	// TODO(kradalby): This is kind of a hack where we say that
+	// all the announced routes (except exit), is presented as primary
+	// routes. This might be problematic if two nodes expose the same route.
+	// This was added to address an issue where subnet routers stopped working
+	// when we only populated AllowedIPs.
+	primaryRoutes := []netip.Prefix{}
+	if len(machine.EnabledRoutes) > 0 {
+		for _, route := range machine.EnabledRoutes {
+			if route == ExitRouteV4 || route == ExitRouteV6 {
+				continue
+			}
+
+			primaryRoutes = append(primaryRoutes, route)
+		}
 	}

 	var derp string
@@ -683,16 +702,17 @@ func (machine Machine) toNode(
 		StableID: tailcfg.StableNodeID(
 			strconv.FormatUint(machine.ID, Base10),
 		), // in headscale, unlike tailcontrol server, IDs are permanent
-		Name:       hostname,
-		User:       tailcfg.UserID(machine.NamespaceID),
-		Key:        nodeKey,
-		KeyExpiry:  keyExpiry,
-		Machine:    machineKey,
-		DiscoKey:   discoKey,
-		Addresses:  addrs,
-		AllowedIPs: allowedIPs,
-		Endpoints:  machine.Endpoints,
-		DERP:       derp,
+		Name:          hostname,
+		User:          tailcfg.UserID(machine.NamespaceID),
+		Key:           nodeKey,
+		KeyExpiry:     keyExpiry,
+		Machine:       machineKey,
+		DiscoKey:      discoKey,
+		Addresses:     addrs,
+		AllowedIPs:    allowedIPs,
+		PrimaryRoutes: primaryRoutes,
+		Endpoints:     machine.Endpoints,
+		DERP:          derp,

 		Online:   &online,
 		Hostinfo: hostInfo.View(),
@@ -807,7 +827,8 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
 			}

 			// Registration of expired machine with different namespace
-			if registrationMachine.ID != 0 && registrationMachine.NamespaceID != namespace.ID {
+			if registrationMachine.ID != 0 &&
+				registrationMachine.NamespaceID != namespace.ID {
 				return nil, ErrDifferentRegisteredNamespace
 			}

--- a/proto/buf.lock
+++ b/proto/buf.lock
@@ -4,21 +4,12 @@ deps:
  - remote: buf.build
    owner: googleapis
    repository: googleapis
-    branch: main
-    commit: cd101b0abb7b4404a0b1ecc1afd4ce10
-    digest: b1-H4GHwHVHcJBbVPg-Cdmnx812reFCDQws_QoQ0W2hYQA=
-    create_time: 2021-10-23T15:04:06.087748Z
+    commit: 62f35d8aed1149c291d606d958a7ce32
  - remote: buf.build
    owner: grpc-ecosystem
    repository: grpc-gateway
-    branch: main
-    commit: ff83506eb9cc4cf8972f49ce87e6ed3e
-    digest: b1-iLPHgLaoeWWinMiXXqPnxqE4BThtY3eSbswVGh9GOGI=
-    create_time: 2021-10-23T16:26:52.283938Z
+    commit: bc28b723cd774c32b6fbc77621518765
  - remote: buf.build
    owner: ufoundit-dev
    repository: protoc-gen-gorm
-    branch: main
    commit: e2ecbaa0d37843298104bd29fd866df8
-    digest: b1-SV9yKH_8P-IKTOlHZxP-bb0ALANYeEqH_mtPA0EWfLc=
-    create_time: 2021-10-08T06:03:05.64876Z
Author	SHA1	Message	Date
Juan Font	cdc8bab7d9	Merge pull request #768 from kazauwa/feature/json-logs toggle json logging via config	2022-09-20 23:32:10 +02:00
Juan Font	397754753f	Merge branch 'main' into feature/json-logs	2022-09-20 23:11:29 +02:00
Juan Font	42ef71bff9	Merge pull request #811 from kradalby/primary-routes Fix subnet routers	2022-09-18 21:59:25 +02:00
Kristoffer Dalby	f2da1a1665	Add comment and update changelog Signed-off-by: Kristoffer Dalby <kristoffer@dalby.cc>	2022-09-18 12:14:49 +02:00
Kristoffer Dalby	356b76fc56	Format Signed-off-by: Kristoffer Dalby <kristoffer@dalby.cc>	2022-09-18 11:37:38 +02:00
Kristoffer Dalby	33ae56acfa	Add primary routes to node Signed-off-by: Kristoffer Dalby <kristoffer@dalby.cc>	2022-09-18 11:36:35 +02:00
Juan Font	9923adcb8b	Merge branch 'main' into feature/json-logs	2022-09-15 00:22:18 +02:00
Igor Perepilitsyn	874d6aaf6b	Make styling fixes	2022-09-11 21:44:28 +02:00
Igor Perepilitsyn	ae4f2cc4b5	Update changelog	2022-09-11 21:37:38 +02:00
Igor Perepilitsyn	dd155dca97	Create a distinct log section in config	2022-09-11 21:37:23 +02:00
Juan Font	a0a463494b	Merge pull request #797 from madjam002/patch-1 Remove --rm flag from Docker example	2022-09-07 17:13:14 +02:00
Jamie Greeff	07dca79b20	Remove --rm flag from Docker example It appears to be causing confusion for users on Discord when copying/pasting from the example here, if Headscale crashes on launch then the container will be removed and logs can't be viewed with `docker logs`.	2022-09-07 14:16:04 +01:00
Juan Font	7247302f45	Merge branch 'main' into feature/json-logs	2022-09-07 00:05:38 +02:00
Juan Font	1a5a5b12b7	Merge pull request #795 from stefanvanburen/svanburen/buf-mod-update Run `buf mod update` in protos/	2022-09-06 23:49:32 +02:00
Stefan VanBuren	0099dd1724	Run `buf mod update`	2022-09-06 14:52:09 -04:00
Juan Font	1f131c6729	Merge branch 'main' into feature/json-logs	2022-09-06 20:18:35 +02:00
Juan Font	302a88bfdb	Merge branch 'main' into feature/json-logs	2022-09-04 22:32:58 +02:00
Juan Font	a9ede6a2bc	Merge branch 'main' into feature/json-logs	2022-09-03 12:39:04 +02:00
Igor Perepilitsyn	bb6b07dedc	FIXES #768 add new config entry to the old itegration tests	2022-08-26 13:43:25 +02:00
Igor Perepilitsyn	2403c0e198	toggle json logging via config	2022-08-26 13:10:51 +02:00