tsnet,client/tailscale: add APIClient which runs API over Noise.

Updates tailscale/corp#4383 Signed-off-by: Maisem Ali <maisem@tailscale.com>
2025-08-12 05:37:32 +00:00 · 2022-10-16 13:56:46 -07:00
parent e8a11f6181
commit 630bcb5b67
3 changed files with 60 additions and 0 deletions
--- a/tsnet/tsnet.go
+++ b/tsnet/tsnet.go
@@ -9,6 +9,7 @@ package tsnet

 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"log"
@@ -481,6 +482,25 @@ func getTSNetDir(logf logger.Logf, confDir, prog string) (string, error) {
 	return newPath, nil
 }

+// APIClient returns a tailscale.Client that can be used to make authenticated
+// requests to the Tailscale control server.
+// It requires the user to set tailscale.I_Acknowledge_This_API_Is_Unstable.
+func (s *Server) APIClient() (*tailscale.Client, error) {
+	if !tailscale.I_Acknowledge_This_API_Is_Unstable {
+		return nil, errors.New("use of Client without setting I_Acknowledge_This_API_Is_Unstable")
+	}
+	if err := s.Start(); err != nil {
+		return nil, err
+	}
+
+	nm := s.lb.NetMap()
+	if nm == nil {
+		return nil, errors.New("no netmap, not logged in?")
+	}
+	c := tailscale.NewNoiseClient(nm.Domain, s.lb.NoiseRoundTripper(), nm.NodeKey)
+	return c, nil
+}
+
 // Listen announces only on the Tailscale network.
 // It will start the server if it has not been started yet.
 func (s *Server) Listen(network, addr string) (net.Listener, error) {