assorted: plumb tka initialization & network-lock key into tailscaled

- A network-lock key is generated if it doesn't already exist, and stored in the StateStore. The public component is communicated to control during registration. - If TKA state exists on the filesystem, a tailnet key authority is initialized (but nothing is done with it for now). Signed-off-by: Tom DNetto <tom@tailscale.com>
2025-10-10 09:14:57 +00:00 · 2022-08-01 15:46:41 -07:00
parent 8d45d7e312
commit 4001d0bf25
8 changed files with 124 additions and 1 deletions
--- a/tailcfg/tailcfg.go
+++ b/tailcfg/tailcfg.go
@@ -763,6 +763,7 @@ type RegisterRequest struct {

 	NodeKey    key.NodePublic
 	OldNodeKey key.NodePublic
+	NLKey      key.NLPublic
 	Auth       struct {
 		_ structs.Incomparable
 		// One of Provider/LoginName, Oauth2Token, or AuthKey is set.