Merge branch 'main' into mandatory-stun

Merge pull request #509 from kradalby/go118
Added missing file
2025-08-23 07:27:46 +00:00 · 2022-03-18 17:44:12 +00:00 · 2022-03-18 17:43:41 +00:00 · 2022-03-18 13:10:35 +01:00 · 2022-03-18 13:09:57 +01:00 · 2022-03-18 12:58:00 +01:00
16 changed files with 66 additions and 44 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -31,7 +31,7 @@ jobs:
        if: steps.changed-files.outputs.any_changed == 'true'
        uses: actions/setup-go@v2
        with:
-          go-version: "1.17.7"
+          go-version: "1.18.0"
      - name: Install dependencies
        if: steps.changed-files.outputs.any_changed == 'true'
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v2
        with:
-          go-version: 1.17.7
+          go-version: 1.18.0
      - name: Install dependencies
        run: |
--- a/.github/workflows/test-integration.yml
+++ b/.github/workflows/test-integration.yml
@@ -25,7 +25,7 @@ jobs:
        if: steps.changed-files.outputs.any_changed == 'true'
        uses: actions/setup-go@v2
        with:
-          go-version: "1.17.7"
+          go-version: "1.18.0"
      - name: Run Integration tests
        if: steps.changed-files.outputs.any_changed == 'true'
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -25,7 +25,7 @@ jobs:
        if: steps.changed-files.outputs.any_changed == 'true'
        uses: actions/setup-go@v2
        with:
-          go-version: "1.17.7"
+          go-version: "1.18.0"
      - name: Install dependencies
        if: steps.changed-files.outputs.any_changed == 'true'
--- a/2
+++ b/2
@@ -1,5 +1,5 @@
 # Builder image
-FROM docker.io/golang:1.17.8-bullseye AS build
+FROM docker.io/golang:1.18.0-bullseye AS build
 ENV GOPATH /go
 WORKDIR /go/src/headscale
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -1,5 +1,5 @@
 # Builder image
-FROM docker.io/golang:1.17.8-alpine AS build
+FROM docker.io/golang:1.18.0-alpine AS build
 ENV GOPATH /go
 WORKDIR /go/src/headscale
--- a/Dockerfile.debug
+++ b/Dockerfile.debug
@@ -1,5 +1,5 @@
 # Builder image
-FROM docker.io/golang:1.17.8-bullseye AS build
+FROM docker.io/golang:1.18.0-bullseye AS build
 ENV GOPATH /go
 WORKDIR /go/src/headscale
--- a/README.md
+++ b/README.md
@@ -447,6 +447,15 @@ make build
            <sub style="font-size:14px"><b>Tjerk Woudsma</b></sub>
        </a>
    </td>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/y0ngb1n>
            <img src=https://avatars.githubusercontent.com/u/25719408?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=Yang Bin/>
            <br />
            <sub style="font-size:14px"><b>Yang Bin</b></sub>
        </a>
    </td>
 </tr>
 <tr>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/zekker6>
            <img src=https://avatars.githubusercontent.com/u/1367798?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=Zakhar Bessarab/>
@@ -454,8 +463,6 @@ make build
            <sub style="font-size:14px"><b>Zakhar Bessarab</b></sub>
        </a>
    </td>
 </tr>
 <tr>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/Bpazy>
            <img src=https://avatars.githubusercontent.com/u/9838749?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=ZiYuan/>
@@ -463,6 +470,13 @@ make build
            <sub style="font-size:14px"><b>ZiYuan</b></sub>
        </a>
    </td>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/bravechamp>
            <img src=https://avatars.githubusercontent.com/u/48980452?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=bravechamp/>
            <br />
            <sub style="font-size:14px"><b>bravechamp</b></sub>
        </a>
    </td>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/derelm>
            <img src=https://avatars.githubusercontent.com/u/465155?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=derelm/>
@@ -484,6 +498,8 @@ make build
            <sub style="font-size:14px"><b>lion24</b></sub>
        </a>
    </td>
 </tr>
 <tr>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/pernila>
            <img src=https://avatars.githubusercontent.com/u/12460060?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=pernila/>
@@ -498,8 +514,6 @@ make build
            <sub style="font-size:14px"><b>Wakeful-Cloud</b></sub>
        </a>
    </td>
 </tr>
 <tr>
    <td align="center" style="word-wrap: break-word; width: 150.0; height: 150.0">
        <a href=https://github.com/xpzouying>
            <img src=https://avatars.githubusercontent.com/u/3946563?v=4 width="100;"  style="border-radius:50%;align-items:center;justify-content:center;overflow:hidden;padding-top:10px" alt=zy/>
--- a/app.go
+++ b/app.go
@@ -47,6 +47,14 @@ import (
 	"tailscale.com/types/key"
 )
 const (
 	errSTUNAddressNotSet                   = Error("STUN address not set")
 	errUnsupportedDatabase                 = Error("unsupported DB")
 	errUnsupportedLetsEncryptChallengeType = Error(
 		"unknown value for Lets Encrypt challenge type",
 	)
 )
 const (
 	AuthPrefix         = "Bearer "
 	Postgres           = "postgres"
@@ -58,11 +66,6 @@ const (
 	registerCacheExpiration = time.Minute * 15
 	registerCacheCleanup    = time.Minute * 20
 	errUnsupportedDatabase                 = Error("unsupported DB")
 	errUnsupportedLetsEncryptChallengeType = Error(
 		"unknown value for Lets Encrypt challenge type",
 	)
 	DisabledClientAuth = "disabled"
 	RelaxedClientAuth  = "relaxed"
 	EnforcedClientAuth = "enforced"
@@ -124,7 +127,6 @@ type DERPConfig struct {
 	ServerRegionID   int
 	ServerRegionCode string
 	ServerRegionName string
 	STUNEnabled      bool
 	STUNAddr         string
 	URLs             []url.URL
 	Paths            []string
@@ -500,10 +502,13 @@ func (h *Headscale) Serve() error {
 	h.DERPMap = GetDERPMap(h.cfg.DERP)
 	if h.cfg.DERP.ServerEnabled {
-		h.DERPMap.Regions[h.DERPServer.region.RegionID] = &h.DERPServer.region
+		// When embedded DERP is enabled we always need a STUN server
-		if h.cfg.DERP.STUNEnabled {
+		if h.cfg.DERP.STUNAddr == "" {
-			go h.ServeSTUN()
+			return errSTUNAddressNotSet
 		}
 		h.DERPMap.Regions[h.DERPServer.region.RegionID] = &h.DERPServer.region
 		go h.ServeSTUN()
 	}
 	if h.cfg.DERP.AutoUpdate {
--- a/cmd/headscale/cli/utils.go
+++ b/cmd/headscale/cli/utils.go
@@ -55,6 +55,9 @@ func LoadConfig(path string) error {
 	viper.SetDefault("dns_config", nil)
 	viper.SetDefault("derp.server.enabled", false)
 	viper.SetDefault("derp.server.stun.enabled", true)
 	viper.SetDefault("unix_socket", "/var/run/headscale.sock")
 	viper.SetDefault("unix_socket_permission", "0o770")
@@ -121,8 +124,11 @@ func GetDERPConfig() headscale.DERPConfig {
 	serverRegionID := viper.GetInt("derp.server.region_id")
 	serverRegionCode := viper.GetString("derp.server.region_code")
 	serverRegionName := viper.GetString("derp.server.region_name")
-	stunEnabled := viper.GetBool("derp.server.stun.enabled")
+	stunAddr := viper.GetString("derp.server.stun_listen_addr")
-	stunAddr := viper.GetString("derp.server.stun.listen_addr")
+
 	if serverEnabled && stunAddr == "" {
 		log.Fatal().Msg("derp.server.stun_listen_addr must be set if derp.server.enabled is true")
 	}
 	urlStrs := viper.GetStringSlice("derp.urls")
@@ -149,7 +155,6 @@ func GetDERPConfig() headscale.DERPConfig {
 		ServerRegionID:   serverRegionID,
 		ServerRegionCode: serverRegionCode,
 		ServerRegionName: serverRegionName,
 		STUNEnabled:      stunEnabled,
 		STUNAddr:         stunAddr,
 		URLs:             urls,
 		Paths:            paths,
--- a/config-example.yaml
+++ b/config-example.yaml
@@ -69,11 +69,11 @@ derp:
    region_code: "headscale"
    region_name: "Headscale Embedded DERP"
-    # If enabled, also listens in UDP at the configured address for STUN connections to help on NAT traversal
+    # Listens in UDP at the configured address for STUN connections to help on NAT traversal.
    # When the embedded DERP server is enabled stun_listen_addr MUST be defined.
    #
    # For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
-    stun:
+    stun_listen_addr: "0.0.0.0:3478"
      enabled: false
      listen_addr: "0.0.0.0:3478"
  # List of externally available DERP maps encoded in JSON
  urls:
--- a/derp_server.go
+++ b/derp_server.go
@@ -77,17 +77,15 @@ func (h *Headscale) generateRegionLocalDERP() (tailcfg.DERPRegion, error) {
 		},
 	}
-	if h.cfg.DERP.STUNEnabled {
+	_, portSTUNStr, err := net.SplitHostPort(h.cfg.DERP.STUNAddr)
-		_, portStr, err := net.SplitHostPort(h.cfg.DERP.STUNAddr)
+	if err != nil {
-		if err != nil {
+		return tailcfg.DERPRegion{}, err
 			return tailcfg.DERPRegion{}, err
 		}
 		port, err := strconv.Atoi(portStr)
 		if err != nil {
 			return tailcfg.DERPRegion{}, err
 		}
 		localDERPregion.Nodes[0].STUNPort = port
 	}
 	portSTUN, err := strconv.Atoi(portSTUNStr)
 	if err != nil {
 		return tailcfg.DERPRegion{}, err
 	}
 	localDERPregion.Nodes[0].STUNPort = portSTUN
 	return localDERPregion, nil
 }
--- a/docs/running-headscale-container.md
+++ b/docs/running-headscale-container.md
@@ -55,6 +55,7 @@ docker run \
  --rm \
  --volume $(pwd)/config:/etc/headscale/ \
  --publish 127.0.0.1:8080:8080 \
  --publish 127.0.0.1:9090:9090 \
  headscale/headscale:<VERSION> \
  headscale serve
@@ -80,7 +81,7 @@ docker ps
 Verify `headscale` is available:
 ```shell
-curl http://127.0.0.1:8080/metrics
+curl http://127.0.0.1:9090/metrics
 ```
 6. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
--- a/docs/running-headscale-linux.md
+++ b/docs/running-headscale-linux.md
@@ -67,7 +67,7 @@ To run `headscale` in the background, please follow the steps in the [SystemD se
 Verify `headscale` is available:
 ```shell
-curl http://127.0.0.1:8080/metrics
+curl http://127.0.0.1:9090/metrics
 ```
 8. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
--- a/go.mod
+++ b/go.mod
@@ -1,9 +1,10 @@
 module github.com/juanfont/headscale
-go 1.17
+go 1.18
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.2
 	github.com/ccding/go-stun/stun v0.0.0-20200514191101-4dc67bcdb029
 	github.com/coreos/go-oidc/v3 v3.1.0
 	github.com/efekarakus/termcolor v1.0.1
 	github.com/fatih/set v0.2.1
@@ -49,7 +50,6 @@ require (
 	github.com/akutz/memconn v0.1.0 // indirect
 	github.com/atomicgo/cursor v0.0.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/ccding/go-stun/stun v0.0.0-20200514191101-4dc67bcdb029 // indirect
 	github.com/cenkalti/backoff/v4 v4.1.2 // indirect
 	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/containerd/continuity v0.2.2 // indirect
--- a/integration_test/etc_embedded_derp/config.yaml
+++ b/integration_test/etc_embedded_derp/config.yaml
@@ -24,6 +24,5 @@ derp:
    region_id: 999
    region_code: "headscale"
    region_name: "Headscale Embedded DERP"
-    stun:
+
-      enabled: true
+    stun_listen_addr: "0.0.0.0:3478"
      listen_addr: "0.0.0.0:3478"
Author	SHA1	Message	Date
Kristoffer Dalby	cd2914ab3b	Merge branch 'main' into mandatory-stun	2022-03-18 17:44:12 +00:00
Kristoffer Dalby	e85b97143c	Merge pull request #509 from kradalby/go118	2022-03-18 17:43:41 +00:00
Juan Font Alonso	db9ba17920	Added missing file	2022-03-18 13:10:35 +01:00
Juan Font Alonso	d5ce7d7523	Prettier	2022-03-18 13:09:57 +01:00
Juan Font Alonso	2e6687209b	Make STUN server mandatory if DERP embedded is enabled	2022-03-18 12:58:00 +01:00
Kristoffer Dalby	b781446e86	Upgrade to go 1.18	2022-03-17 17:43:11 +00:00
Kristoffer Dalby	1c9b1c0579	Merge pull request #507 from juanfont/update-contributors	2022-03-17 07:28:42 +00:00
github-actions[bot]	ade9552736	docs(README): update contributors	2022-03-17 06:38:00 +00:00
Kristoffer Dalby	68403cb76e	Merge pull request #505 from y0ngb1n/fix-docs-metrics-endpoint	2022-03-17 06:37:27 +00:00
Yang Bin	537ecb8db0	docs: fixed `/metrics` endpoint `8080 → 9090`, reference `config-example.yaml`	2022-03-17 09:25:42 +08:00
Juan Font Alonso	8f5875efe4	Reorg errors	2022-03-16 19:46:59 +01:00
Juan Font	98ac88d5ef	Changed comment position Co-authored-by: Kristoffer Dalby <kradalby@kradalby.no>	2022-03-16 18:45:34 +01:00
Kristoffer Dalby	d13338a9fb	Merge branch 'main' into mandatory-stun	2022-03-16 07:18:18 +00:00
Juan Font Alonso	b8aad5451d	Make STUN run by default when embedded DERP is enabled This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)	2022-03-15 13:22:25 +01:00