From 85bcc2e3bddf3e44cf671c7464ef902543ab0f27 Mon Sep 17 00:00:00 2001
From: Kot <kot@kot.pink>
Date: Fri, 28 Mar 2025 14:17:13 -0700
Subject: [PATCH] cmd/tsidp: use advertised env vars for config Fixes #14491

Signed-off-by: Kot <kot@kot.pink>
---
 cmd/tsidp/Dockerfile |  4 ++--
 cmd/tsidp/README.md  |  6 +++---
 cmd/tsidp/tsidp.go   | 12 ++++++++++--
 3 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/cmd/tsidp/Dockerfile b/cmd/tsidp/Dockerfile
index 605a7ba2e..c3ae480b7 100644
--- a/cmd/tsidp/Dockerfile
+++ b/cmd/tsidp/Dockerfile
@@ -31,11 +31,11 @@ WORKDIR /app
 
 # Environment variables
 ENV TAILSCALE_USE_WIP_CODE=1 \
-    TS_HOSTNAME=tsidp \
+    TS_HOSTNAME=idp \
     TS_STATE_DIR=/var/lib/tsidp
 
 # Expose the default port
 EXPOSE 443
 
 # Run the application
-ENTRYPOINT ["/app/tsidp"]
\ No newline at end of file
+ENTRYPOINT ["/app/tsidp"]
diff --git a/cmd/tsidp/README.md b/cmd/tsidp/README.md
index d51138b6d..143e448ce 100644
--- a/cmd/tsidp/README.md
+++ b/cmd/tsidp/README.md
@@ -38,7 +38,7 @@
      --name `tsidp` \
      -p 443:443 \
      -e TS_AUTHKEY=YOUR_TAILSCALE_AUTHKEY \
-     -e TS_HOSTNAME=tsidp \
+     -e TS_HOSTNAME=idp \
      -v tsidp-data:/var/lib/tsidp \
      tsidp:latest
    ```
@@ -88,7 +88,7 @@ The `tsidp` server supports several command-line flags:
 
 - `TS_AUTHKEY`: Your Tailscale authentication key (required)
 - `TS_HOSTNAME`: Hostname for the `tsidp` server (default: "idp")
-- `TS_STATE_DIR`: State directory (default: "/var/lib/tsidp")
+- `TS_STATE_DIR`: State directory (default: "/var/lib/tsidp" in Docker, otherwise tsnet default)
 - `TAILSCALE_USE_WIP_CODE`: Enable work-in-progress code (default: "1")
 
 ## Support
@@ -97,4 +97,4 @@ This is an [experimental](https://tailscale.com/kb/1167/release-stages#experimen
 
 ## License
 
-BSD-3-Clause License. See [LICENSE](../../LICENSE) for details.
\ No newline at end of file
+BSD-3-Clause License. See [LICENSE](../../LICENSE) for details.
diff --git a/cmd/tsidp/tsidp.go b/cmd/tsidp/tsidp.go
index 95ab2b2eb..17ef3729d 100644
--- a/cmd/tsidp/tsidp.go
+++ b/cmd/tsidp/tsidp.go
@@ -65,9 +65,17 @@ var (
 	flagLocalPort          = flag.Int("local-port", -1, "allow requests from localhost")
 	flagUseLocalTailscaled = flag.Bool("use-local-tailscaled", false, "use local tailscaled instead of tsnet")
 	flagFunnel             = flag.Bool("funnel", false, "use Tailscale Funnel to make tsidp available on the public internet")
-	flagDir                = flag.String("dir", "", "tsnet state directory; a default one will be created if not provided")
+	flagHostname           = flag.String("hostname", envOr("TS_HOSTNAME", "idp"), "tsnet hostname to use instead of idp")
+	flagDir                = flag.String("dir", envOr("TS_STATE_DIR", ""), "tsnet state directory; a default one will be created if not provided")
 )
 
+func envOr(key, defaultVal string) string {
+	if result, ok := os.LookupEnv(key); ok {
+		return result
+	}
+	return defaultVal
+}
+
 func main() {
 	flag.Parse()
 	ctx := context.Background()
@@ -121,7 +129,7 @@ func main() {
 		defer cleanup()
 	} else {
 		ts := &tsnet.Server{
-			Hostname: "idp",
+			Hostname: *flagHostname,
 			Dir:      *flagDir,
 		}
 		if *flagVerbose {