| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | // Copyright (c) Tailscale Inc & AUTHORS | 
					
						
							|  |  |  | // SPDX-License-Identifier: BSD-3-Clause | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | package ipn | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"net/netip" | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	"tailscale.com/tailcfg" | 
					
						
							|  |  |  | 	"tailscale.com/types/opt" | 
					
						
							|  |  |  | 	"tailscale.com/types/preftype" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | // ConfigVAlpha is the config file format for the "alpha0" version. | 
					
						
							|  |  |  | type ConfigVAlpha struct { | 
					
						
							| 
									
										
										
										
											2023-10-16 12:15:03 -07:00
										 |  |  | 	Version string   // "alpha0" for now | 
					
						
							|  |  |  | 	Locked  opt.Bool `json:",omitempty"` // whether the config is locked from being changed by 'tailscale set'; it defaults to true | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	ServerURL *string  `json:",omitempty"` // defaults to https://controlplane.tailscale.com | 
					
						
							| 
									
										
										
										
											2023-10-16 12:15:03 -07:00
										 |  |  | 	AuthKey   *string  `json:",omitempty"` // as needed if NeedsLogin. either key or path to a file (if prefixed with "file:") | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	Enabled   opt.Bool `json:",omitempty"` // wantRunning; empty string defaults to true | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	OperatorUser *string `json:",omitempty"` // local user name who is allowed to operate tailscaled without being root or using sudo | 
					
						
							|  |  |  | 	Hostname     *string `json:",omitempty"` | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-19 14:54:17 +00:00
										 |  |  | 	AcceptDNS    opt.Bool `json:"acceptDNS,omitempty"`    // --accept-dns | 
					
						
							|  |  |  | 	AcceptRoutes opt.Bool `json:"acceptRoutes,omitempty"` // --accept-routes defaults to true | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	ExitNode                   *string  `json:"exitNode,omitempty"` // IP, StableID, or MagicDNS base name | 
					
						
							|  |  |  | 	AllowLANWhileUsingExitNode opt.Bool `json:"allowLANWhileUsingExitNode,omitempty"` | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	AdvertiseRoutes []netip.Prefix `json:",omitempty"` | 
					
						
							|  |  |  | 	DisableSNAT     opt.Bool       `json:",omitempty"` | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-05-10 16:32:37 +01:00
										 |  |  | 	NetfilterMode       *string  `json:",omitempty"` // "on", "off", "nodivert" | 
					
						
							|  |  |  | 	NoStatefulFiltering opt.Bool `json:",omitempty"` | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	PostureChecking opt.Bool         `json:",omitempty"` | 
					
						
							|  |  |  | 	RunSSHServer    opt.Bool         `json:",omitempty"` // Tailscale SSH | 
					
						
							| 
									
										
										
										
											2023-10-26 11:35:41 -07:00
										 |  |  | 	RunWebClient    opt.Bool         `json:",omitempty"` | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	ShieldsUp       opt.Bool         `json:",omitempty"` | 
					
						
							|  |  |  | 	AutoUpdate      *AutoUpdatePrefs `json:",omitempty"` | 
					
						
							|  |  |  | 	ServeConfigTemp *ServeConfig     `json:",omitempty"` // TODO(bradfitz,maisem): make separate stable type for this | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-07-23 18:50:55 +03:00
										 |  |  | 	// StaticEndpoints are additional, user-defined endpoints that this node | 
					
						
							|  |  |  | 	// should advertise amongst its wireguard endpoints. | 
					
						
							|  |  |  | 	StaticEndpoints []netip.AddrPort `json:",omitempty"` | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	// TODO(bradfitz,maisem): future something like: | 
					
						
							|  |  |  | 	// Profile map[string]*Config // keyed by alice@gmail.com, corp.com (TailnetSID) | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | func (c *ConfigVAlpha) ToPrefs() (MaskedPrefs, error) { | 
					
						
							|  |  |  | 	var mp MaskedPrefs | 
					
						
							|  |  |  | 	if c == nil { | 
					
						
							|  |  |  | 		return mp, nil | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-05-10 16:32:37 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-16 12:15:03 -07:00
										 |  |  | 	mp.WantRunning = !c.Enabled.EqualBool(false) | 
					
						
							|  |  |  | 	mp.WantRunningSet = mp.WantRunning || c.Enabled != "" | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	if c.ServerURL != nil { | 
					
						
							|  |  |  | 		mp.ControlURL = *c.ServerURL | 
					
						
							|  |  |  | 		mp.ControlURLSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-10-16 12:15:03 -07:00
										 |  |  | 	if c.AuthKey != nil && *c.AuthKey != "" { | 
					
						
							|  |  |  | 		mp.LoggedOut = false | 
					
						
							|  |  |  | 		mp.LoggedOutSet = true | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	if c.OperatorUser != nil { | 
					
						
							|  |  |  | 		mp.OperatorUser = *c.OperatorUser | 
					
						
							|  |  |  | 		mp.OperatorUserSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.Hostname != nil { | 
					
						
							|  |  |  | 		mp.Hostname = *c.Hostname | 
					
						
							|  |  |  | 		mp.HostnameSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.AcceptDNS != "" { | 
					
						
							|  |  |  | 		mp.CorpDNS = c.AcceptDNS.EqualBool(true) | 
					
						
							|  |  |  | 		mp.CorpDNSSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.AcceptRoutes != "" { | 
					
						
							|  |  |  | 		mp.RouteAll = c.AcceptRoutes.EqualBool(true) | 
					
						
							|  |  |  | 		mp.RouteAllSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.ExitNode != nil { | 
					
						
							|  |  |  | 		ip, err := netip.ParseAddr(*c.ExitNode) | 
					
						
							|  |  |  | 		if err == nil { | 
					
						
							|  |  |  | 			mp.ExitNodeIP = ip | 
					
						
							|  |  |  | 			mp.ExitNodeIPSet = true | 
					
						
							|  |  |  | 		} else { | 
					
						
							|  |  |  | 			mp.ExitNodeID = tailcfg.StableNodeID(*c.ExitNode) | 
					
						
							|  |  |  | 			mp.ExitNodeIDSet = true | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.AllowLANWhileUsingExitNode != "" { | 
					
						
							|  |  |  | 		mp.ExitNodeAllowLANAccess = c.AllowLANWhileUsingExitNode.EqualBool(true) | 
					
						
							|  |  |  | 		mp.ExitNodeAllowLANAccessSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.AdvertiseRoutes != nil { | 
					
						
							|  |  |  | 		mp.AdvertiseRoutes = c.AdvertiseRoutes | 
					
						
							|  |  |  | 		mp.AdvertiseRoutesSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.DisableSNAT != "" { | 
					
						
							|  |  |  | 		mp.NoSNAT = c.DisableSNAT.EqualBool(true) | 
					
						
							|  |  |  | 		mp.NoSNAT = true | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-05-10 16:32:37 +01:00
										 |  |  | 	if c.NoStatefulFiltering != "" { | 
					
						
							|  |  |  | 		mp.NoStatefulFiltering = c.NoStatefulFiltering | 
					
						
							|  |  |  | 		mp.NoStatefulFilteringSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	if c.NetfilterMode != nil { | 
					
						
							|  |  |  | 		m, err := preftype.ParseNetfilterMode(*c.NetfilterMode) | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return mp, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		mp.NetfilterMode = m | 
					
						
							|  |  |  | 		mp.NetfilterModeSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.PostureChecking != "" { | 
					
						
							|  |  |  | 		mp.PostureChecking = c.PostureChecking.EqualBool(true) | 
					
						
							|  |  |  | 		mp.PostureCheckingSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.RunSSHServer != "" { | 
					
						
							|  |  |  | 		mp.RunSSH = c.RunSSHServer.EqualBool(true) | 
					
						
							|  |  |  | 		mp.RunSSHSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-10-26 11:35:41 -07:00
										 |  |  | 	if c.RunWebClient != "" { | 
					
						
							|  |  |  | 		mp.RunWebClient = c.RunWebClient.EqualBool(true) | 
					
						
							|  |  |  | 		mp.RunWebClientSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	if c.ShieldsUp != "" { | 
					
						
							|  |  |  | 		mp.ShieldsUp = c.ShieldsUp.EqualBool(true) | 
					
						
							|  |  |  | 		mp.ShieldsUpSet = true | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if c.AutoUpdate != nil { | 
					
						
							|  |  |  | 		mp.AutoUpdate = *c.AutoUpdate | 
					
						
							| 
									
										
										
										
											2023-12-08 12:19:25 -06:00
										 |  |  | 		mp.AutoUpdateSet = AutoUpdatePrefsMask{ApplySet: true, CheckSet: true} | 
					
						
							| 
									
										
										
										
											2023-10-11 13:55:57 -07:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	return mp, nil | 
					
						
							|  |  |  | } |