TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 03:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/tailscale: add node attribute instructions to share command help

Browse Source 
This adds details on how to configure node attributes to allow
sharing and accessing shares.

Updates tailscale/corp#16827

Signed-off-by: Percy Wegmann <percy@tailscale.com>
This commit is contained in:
Percy Wegmann 2024-02-23 11:34:11 -06:00 committed by Percy Wegmann
parent 131f9094fd
commit 15b2c674bf
1 changed files with 52 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
cmd/tailscale/cli/share.go
View File

@ -140,6 +140,21 @@ func buildShareLongHelp() string {
var shareLongHelpBase = `Tailscale share allows you to share directories with other machines on your tailnet. var shareLongHelpBase = `Tailscale share allows you to share directories with other machines on your tailnet.
In order to share folders, your node needs to have the node attribute "tailfs:share".
In order to access shares, your node needs to have the node attribute "tailfs:access".
For example, to enable sharing and accessing shares for all member nodes:
"nodeAttrs": [
{
"target": ["autogroup:member"],
"attr": [
"tailfs:share",
"tailfs:access",
],
}]
Each share is identified by a name and points to a directory at a specific path. For example, to share the path /Users/me/Documents under the name "docs", you would run: Each share is identified by a name and points to a directory at a specific path. For example, to share the path /Users/me/Documents under the name "docs", you would run:
$ tailscale share add docs /Users/me/Documents $ tailscale share add docs /Users/me/Documents
@ -158,6 +173,7 @@ func buildShareLongHelp() string {
Permissions to access shares are controlled via ACLs. For example, to give yourself read/write access and give the group "home" read-only access to the above share, use the below ACL grants: Permissions to access shares are controlled via ACLs. For example, to give yourself read/write access and give the group "home" read-only access to the above share, use the below ACL grants:
"grants": [
{ {
"src": ["mylogin@domain.com"], "src": ["mylogin@domain.com"],
"dst": ["mylaptop's ip address"], "dst": ["mylaptop's ip address"],
@ -177,9 +193,11 @@ func buildShareLongHelp() string {
"access": "ro" "access": "ro"
}] }]
} }
} }]
To categorically give yourself access to all your shares, you can use the below ACL grant: To categorically give yourself access to all your shares, you can use the below ACL grant:
"grants": [
{ {
"src": ["autogroup:member"], "src": ["autogroup:member"],
"dst": ["autogroup:self"], "dst": ["autogroup:self"],
@ -189,8 +207,7 @@ func buildShareLongHelp() string {
"access": "rw" "access": "rw"
}] }]
} }
}, }]
Whenever either you or anyone in the group "home" connects to the share, they connect as if they are using your local machine user. They'll be able to read the same files as your user and if they create files, those files will be owned by your user.%s Whenever either you or anyone in the group "home" connects to the share, they connect as if they are using your local machine user. They'll be able to read the same files as your user and if they create files, those files will be owned by your user.%s