Mirrors/juanfont.headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-10-28 10:51:44 +01:00
Code Issues Projects Releases Wiki Activity

Do not include BaseDomain as full route in DNSConfig + code reorg

Browse Source
This commit is contained in:
Juan Font Alonso 2021-10-17 11:57:53 +02:00
parent a9a1a8fb3c
commit 061efa1822
2 changed files with 32 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
api.go
View File

@ -258,13 +258,13 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma
return nil, err
}
var dnsConfig *tailcfg.DNSConfig
if h.cfg.DNSConfig != nil && h.cfg.DNSConfig.Proxied { // if MagicDNS is enabled
// Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN
dnsConfig = h.cfg.DNSConfig.Clone()
dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, h.cfg.BaseDomain))
} else {
dnsConfig = h.cfg.DNSConfig
dnsConfig, err := h.getMapResponseDNSConfig(*m, peers)
if err != nil {
log.Error().
Str("func", "getMapResponse").
Err(err).
Msg("Failed generate the DNSConfig")
return nil, err
}
resp := tailcfg.MapResponse{

31
dns.go
View File

@ -4,7 +4,9 @@ import (
"fmt"
"strings"
"github.com/fatih/set"
"inet.af/netaddr"
"tailscale.com/tailcfg"
"tailscale.com/util/dnsname"
)
@ -29,15 +31,10 @@ import (
// From the netmask we can find out the wildcard bits (the bits that are not set in the netmask).
// This allows us to then calculate the subnets included in the subsequent class block and generate the entries.
func generateMagicDNSRootDomains(ipPrefix netaddr.IPPrefix, baseDomain string) ([]dnsname.FQDN, error) {
base, err := dnsname.ToFQDN(baseDomain)
if err != nil {
return nil, err
}
// TODO(juanfont): we are not handing out IPv6 addresses yet
// and in fact this is Tailscale.com's range (note the fd7a:115c:a1e0: range in the fc00::/7 network)
ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.")
fqdns := []dnsname.FQDN{base, ipv6base}
fqdns := []dnsname.FQDN{ipv6base}
// Conversion to the std lib net.IPnet, a bit easier to operate
netRange := ipPrefix.IPNet()
@ -71,3 +68,25 @@ func generateMagicDNSRootDomains(ipPrefix netaddr.IPPrefix, baseDomain string) (
}
return fqdns, nil
}
func (h *Headscale) getMapResponseDNSConfig(m Machine, peers Machines) (*tailcfg.DNSConfig, error) {
var dnsConfig *tailcfg.DNSConfig
if h.cfg.DNSConfig != nil && h.cfg.DNSConfig.Proxied { // if MagicDNS is enabled
// Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN
dnsConfig = h.cfg.DNSConfig.Clone()
dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, h.cfg.BaseDomain))
namespaceSet := set.New(set.ThreadSafe)
namespaceSet.Add(m.Namespace)
for _, p := range peers {
namespaceSet.Add(p.Namespace)
}
for _, namespace := range namespaceSet.List() {
dnsRoute := dnsname.FQDN(fmt.Sprintf("%s.%s", namespace.(Namespace).Name, h.cfg.BaseDomain))
dnsConfig.Routes[dnsRoute.WithoutTrailingDot()] = nil
}
} else {
dnsConfig = h.cfg.DNSConfig
}
return dnsConfig, nil
}