mirror of
https://github.com/juanfont/headscale.git
synced 2024-12-30 00:09:42 +01:00
Merge branch 'main' into cli-unshare-node
This commit is contained in:
commit
244e79f575
25
api.go
25
api.go
@ -243,11 +243,7 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
profile := tailcfg.UserProfile{
|
profiles := getMapResponseUserProfiles(*m, peers)
|
||||||
ID: tailcfg.UserID(m.NamespaceID),
|
|
||||||
LoginName: m.Namespace.Name,
|
|
||||||
DisplayName: m.Namespace.Name,
|
|
||||||
}
|
|
||||||
|
|
||||||
nodePeers, err := peers.toNodes(h.cfg.BaseDomain, h.cfg.DNSConfig, true)
|
nodePeers, err := peers.toNodes(h.cfg.BaseDomain, h.cfg.DNSConfig, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -258,13 +254,13 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
var dnsConfig *tailcfg.DNSConfig
|
dnsConfig, err := getMapResponseDNSConfig(h.cfg.DNSConfig, h.cfg.BaseDomain, *m, peers)
|
||||||
if h.cfg.DNSConfig != nil && h.cfg.DNSConfig.Proxied { // if MagicDNS is enabled
|
if err != nil {
|
||||||
// Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN
|
log.Error().
|
||||||
dnsConfig = h.cfg.DNSConfig.Clone()
|
Str("func", "getMapResponse").
|
||||||
dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, h.cfg.BaseDomain))
|
Err(err).
|
||||||
} else {
|
Msg("Failed generate the DNSConfig")
|
||||||
dnsConfig = h.cfg.DNSConfig
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
resp := tailcfg.MapResponse{
|
resp := tailcfg.MapResponse{
|
||||||
@ -275,10 +271,9 @@ func (h *Headscale) getMapResponse(mKey wgkey.Key, req tailcfg.MapRequest, m *Ma
|
|||||||
Domain: h.cfg.BaseDomain,
|
Domain: h.cfg.BaseDomain,
|
||||||
PacketFilter: *h.aclRules,
|
PacketFilter: *h.aclRules,
|
||||||
DERPMap: h.cfg.DerpMap,
|
DERPMap: h.cfg.DerpMap,
|
||||||
|
UserProfiles: profiles,
|
||||||
// TODO(juanfont): We should send the profiles of all the peers (this own namespace + those from the shared peers)
|
|
||||||
UserProfiles: []tailcfg.UserProfile{profile},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Trace().
|
log.Trace().
|
||||||
Str("func", "getMapResponse").
|
Str("func", "getMapResponse").
|
||||||
Str("machine", req.Hostinfo.Hostname).
|
Str("machine", req.Hostinfo.Hostname).
|
||||||
|
31
dns.go
31
dns.go
@ -4,7 +4,9 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
"github.com/fatih/set"
|
||||||
"inet.af/netaddr"
|
"inet.af/netaddr"
|
||||||
|
"tailscale.com/tailcfg"
|
||||||
"tailscale.com/util/dnsname"
|
"tailscale.com/util/dnsname"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -29,15 +31,10 @@ import (
|
|||||||
// From the netmask we can find out the wildcard bits (the bits that are not set in the netmask).
|
// From the netmask we can find out the wildcard bits (the bits that are not set in the netmask).
|
||||||
// This allows us to then calculate the subnets included in the subsequent class block and generate the entries.
|
// This allows us to then calculate the subnets included in the subsequent class block and generate the entries.
|
||||||
func generateMagicDNSRootDomains(ipPrefix netaddr.IPPrefix, baseDomain string) ([]dnsname.FQDN, error) {
|
func generateMagicDNSRootDomains(ipPrefix netaddr.IPPrefix, baseDomain string) ([]dnsname.FQDN, error) {
|
||||||
base, err := dnsname.ToFQDN(baseDomain)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO(juanfont): we are not handing out IPv6 addresses yet
|
// TODO(juanfont): we are not handing out IPv6 addresses yet
|
||||||
// and in fact this is Tailscale.com's range (note the fd7a:115c:a1e0: range in the fc00::/7 network)
|
// and in fact this is Tailscale.com's range (note the fd7a:115c:a1e0: range in the fc00::/7 network)
|
||||||
ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.")
|
ipv6base := dnsname.FQDN("0.e.1.a.c.5.1.1.a.7.d.f.ip6.arpa.")
|
||||||
fqdns := []dnsname.FQDN{base, ipv6base}
|
fqdns := []dnsname.FQDN{ipv6base}
|
||||||
|
|
||||||
// Conversion to the std lib net.IPnet, a bit easier to operate
|
// Conversion to the std lib net.IPnet, a bit easier to operate
|
||||||
netRange := ipPrefix.IPNet()
|
netRange := ipPrefix.IPNet()
|
||||||
@ -71,3 +68,25 @@ func generateMagicDNSRootDomains(ipPrefix netaddr.IPPrefix, baseDomain string) (
|
|||||||
}
|
}
|
||||||
return fqdns, nil
|
return fqdns, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func getMapResponseDNSConfig(dnsConfigOrig *tailcfg.DNSConfig, baseDomain string, m Machine, peers Machines) (*tailcfg.DNSConfig, error) {
|
||||||
|
var dnsConfig *tailcfg.DNSConfig
|
||||||
|
if dnsConfigOrig != nil && dnsConfigOrig.Proxied { // if MagicDNS is enabled
|
||||||
|
// Only inject the Search Domain of the current namespace - shared nodes should use their full FQDN
|
||||||
|
dnsConfig = dnsConfigOrig.Clone()
|
||||||
|
dnsConfig.Domains = append(dnsConfig.Domains, fmt.Sprintf("%s.%s", m.Namespace.Name, baseDomain))
|
||||||
|
|
||||||
|
namespaceSet := set.New(set.ThreadSafe)
|
||||||
|
namespaceSet.Add(m.Namespace)
|
||||||
|
for _, p := range peers {
|
||||||
|
namespaceSet.Add(p.Namespace)
|
||||||
|
}
|
||||||
|
for _, namespace := range namespaceSet.List() {
|
||||||
|
dnsRoute := fmt.Sprintf("%s.%s", namespace.(Namespace).Name, baseDomain)
|
||||||
|
dnsConfig.Routes[dnsRoute] = nil
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
dnsConfig = dnsConfigOrig
|
||||||
|
}
|
||||||
|
return dnsConfig, nil
|
||||||
|
}
|
||||||
|
245
dns_test.go
245
dns_test.go
@ -1,13 +1,17 @@
|
|||||||
package headscale
|
package headscale
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
"gopkg.in/check.v1"
|
"gopkg.in/check.v1"
|
||||||
"inet.af/netaddr"
|
"inet.af/netaddr"
|
||||||
|
"tailscale.com/tailcfg"
|
||||||
|
"tailscale.com/types/dnstype"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (s *Suite) TestMagicDNSRootDomains100(c *check.C) {
|
func (s *Suite) TestMagicDNSRootDomains100(c *check.C) {
|
||||||
prefix := netaddr.MustParseIPPrefix("100.64.0.0/10")
|
prefix := netaddr.MustParseIPPrefix("100.64.0.0/10")
|
||||||
domains, err := generateMagicDNSRootDomains(prefix, "headscale.net")
|
domains, err := generateMagicDNSRootDomains(prefix, "foobar.headscale.net")
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
found := false
|
found := false
|
||||||
@ -61,3 +65,242 @@ func (s *Suite) TestMagicDNSRootDomains172(c *check.C) {
|
|||||||
}
|
}
|
||||||
c.Assert(found, check.Equals, true)
|
c.Assert(found, check.Equals, true)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) {
|
||||||
|
n1, err := h.CreateNamespace("shared1")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n2, err := h.CreateNamespace("shared2")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n3, err := h.CreateNamespace("shared3")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak1n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak2n2, err := h.CreatePreAuthKey(n2.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak3n3, err := h.CreatePreAuthKey(n3.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak4n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, "test_get_shared_nodes_1")
|
||||||
|
c.Assert(err, check.NotNil)
|
||||||
|
|
||||||
|
m1 := &Machine{
|
||||||
|
ID: 1,
|
||||||
|
MachineKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
NodeKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
DiscoKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
Name: "test_get_shared_nodes_1",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.1",
|
||||||
|
AuthKeyID: uint(pak1n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m1)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, m1.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m2 := &Machine{
|
||||||
|
ID: 2,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_2",
|
||||||
|
NamespaceID: n2.ID,
|
||||||
|
Namespace: *n2,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.2",
|
||||||
|
AuthKeyID: uint(pak2n2.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m2)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n2.Name, m2.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m3 := &Machine{
|
||||||
|
ID: 3,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_3",
|
||||||
|
NamespaceID: n3.ID,
|
||||||
|
Namespace: *n3,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.3",
|
||||||
|
AuthKeyID: uint(pak3n3.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m3)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n3.Name, m3.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m4 := &Machine{
|
||||||
|
ID: 4,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_4",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.4",
|
||||||
|
AuthKeyID: uint(pak4n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m4)
|
||||||
|
|
||||||
|
err = h.AddSharedMachineToNamespace(m2, n1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
baseDomain := "foobar.headscale.net"
|
||||||
|
dnsConfigOrig := tailcfg.DNSConfig{
|
||||||
|
Routes: make(map[string][]dnstype.Resolver),
|
||||||
|
Domains: []string{baseDomain},
|
||||||
|
Proxied: true,
|
||||||
|
}
|
||||||
|
|
||||||
|
m1peers, err := h.getPeers(m1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
dnsConfig, err := getMapResponseDNSConfig(&dnsConfigOrig, baseDomain, *m1, m1peers)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
c.Assert(dnsConfig, check.NotNil)
|
||||||
|
c.Assert(len(dnsConfig.Routes), check.Equals, 2)
|
||||||
|
|
||||||
|
routeN1 := fmt.Sprintf("%s.%s", n1.Name, baseDomain)
|
||||||
|
_, ok := dnsConfig.Routes[routeN1]
|
||||||
|
c.Assert(ok, check.Equals, true)
|
||||||
|
|
||||||
|
routeN2 := fmt.Sprintf("%s.%s", n2.Name, baseDomain)
|
||||||
|
_, ok = dnsConfig.Routes[routeN2]
|
||||||
|
c.Assert(ok, check.Equals, true)
|
||||||
|
|
||||||
|
routeN3 := fmt.Sprintf("%s.%s", n3.Name, baseDomain)
|
||||||
|
_, ok = dnsConfig.Routes[routeN3]
|
||||||
|
c.Assert(ok, check.Equals, false)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) {
|
||||||
|
n1, err := h.CreateNamespace("shared1")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n2, err := h.CreateNamespace("shared2")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n3, err := h.CreateNamespace("shared3")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak1n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak2n2, err := h.CreatePreAuthKey(n2.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak3n3, err := h.CreatePreAuthKey(n3.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak4n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, "test_get_shared_nodes_1")
|
||||||
|
c.Assert(err, check.NotNil)
|
||||||
|
|
||||||
|
m1 := &Machine{
|
||||||
|
ID: 1,
|
||||||
|
MachineKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
NodeKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
DiscoKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
Name: "test_get_shared_nodes_1",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.1",
|
||||||
|
AuthKeyID: uint(pak1n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m1)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, m1.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m2 := &Machine{
|
||||||
|
ID: 2,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_2",
|
||||||
|
NamespaceID: n2.ID,
|
||||||
|
Namespace: *n2,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.2",
|
||||||
|
AuthKeyID: uint(pak2n2.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m2)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n2.Name, m2.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m3 := &Machine{
|
||||||
|
ID: 3,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_3",
|
||||||
|
NamespaceID: n3.ID,
|
||||||
|
Namespace: *n3,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.3",
|
||||||
|
AuthKeyID: uint(pak3n3.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m3)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n3.Name, m3.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m4 := &Machine{
|
||||||
|
ID: 4,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_4",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.4",
|
||||||
|
AuthKeyID: uint(pak4n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m4)
|
||||||
|
|
||||||
|
err = h.AddSharedMachineToNamespace(m2, n1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
baseDomain := "foobar.headscale.net"
|
||||||
|
dnsConfigOrig := tailcfg.DNSConfig{
|
||||||
|
Routes: make(map[string][]dnstype.Resolver),
|
||||||
|
Domains: []string{baseDomain},
|
||||||
|
Proxied: false,
|
||||||
|
}
|
||||||
|
|
||||||
|
m1peers, err := h.getPeers(m1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
dnsConfig, err := getMapResponseDNSConfig(&dnsConfigOrig, baseDomain, *m1, m1peers)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
c.Assert(dnsConfig, check.NotNil)
|
||||||
|
c.Assert(len(dnsConfig.Routes), check.Equals, 0)
|
||||||
|
c.Assert(len(dnsConfig.Domains), check.Equals, 1)
|
||||||
|
}
|
||||||
|
@ -86,7 +86,7 @@ func (h *Headscale) getShared(m *Machine) (Machines, error) {
|
|||||||
Msg("Finding shared peers")
|
Msg("Finding shared peers")
|
||||||
|
|
||||||
sharedMachines := []SharedMachine{}
|
sharedMachines := []SharedMachine{}
|
||||||
if err := h.db.Preload("Namespace").Preload("Machine").Where("namespace_id = ?",
|
if err := h.db.Preload("Namespace").Preload("Machine").Preload("Machine.Namespace").Where("namespace_id = ?",
|
||||||
m.NamespaceID).Find(&sharedMachines).Error; err != nil {
|
m.NamespaceID).Find(&sharedMachines).Error; err != nil {
|
||||||
return Machines{}, err
|
return Machines{}, err
|
||||||
}
|
}
|
||||||
@ -113,7 +113,7 @@ func (h *Headscale) getSharedTo(m *Machine) (Machines, error) {
|
|||||||
Msg("Finding peers in namespaces this machine is shared with")
|
Msg("Finding peers in namespaces this machine is shared with")
|
||||||
|
|
||||||
sharedMachines := []SharedMachine{}
|
sharedMachines := []SharedMachine{}
|
||||||
if err := h.db.Preload("Namespace").Preload("Machine").Where("machine_id = ?",
|
if err := h.db.Preload("Namespace").Preload("Machine").Preload("Machine.Namespace").Where("machine_id = ?",
|
||||||
m.ID).Find(&sharedMachines).Error; err != nil {
|
m.ID).Find(&sharedMachines).Error; err != nil {
|
||||||
return Machines{}, err
|
return Machines{}, err
|
||||||
}
|
}
|
||||||
|
@ -245,3 +245,22 @@ func (n *Namespace) toUser() *tailcfg.User {
|
|||||||
}
|
}
|
||||||
return &u
|
return &u
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func getMapResponseUserProfiles(m Machine, peers Machines) []tailcfg.UserProfile {
|
||||||
|
namespaceMap := make(map[string]Namespace)
|
||||||
|
namespaceMap[m.Namespace.Name] = m.Namespace
|
||||||
|
for _, p := range peers {
|
||||||
|
namespaceMap[p.Namespace.Name] = p.Namespace // not worth checking if already is there
|
||||||
|
}
|
||||||
|
|
||||||
|
profiles := []tailcfg.UserProfile{}
|
||||||
|
for _, namespace := range namespaceMap {
|
||||||
|
profiles = append(profiles,
|
||||||
|
tailcfg.UserProfile{
|
||||||
|
ID: tailcfg.UserID(namespace.ID),
|
||||||
|
LoginName: namespace.Name,
|
||||||
|
DisplayName: namespace.Name,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
return profiles
|
||||||
|
}
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package headscale
|
package headscale
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"github.com/rs/zerolog/log"
|
||||||
"gopkg.in/check.v1"
|
"gopkg.in/check.v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -75,3 +76,126 @@ func (s *Suite) TestRenameNamespace(c *check.C) {
|
|||||||
err = h.RenameNamespace("test2", "test_renamed")
|
err = h.RenameNamespace("test2", "test_renamed")
|
||||||
c.Assert(err, check.Equals, errorNamespaceExists)
|
c.Assert(err, check.Equals, errorNamespaceExists)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Suite) TestGetMapResponseUserProfiles(c *check.C) {
|
||||||
|
n1, err := h.CreateNamespace("shared1")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n2, err := h.CreateNamespace("shared2")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
n3, err := h.CreateNamespace("shared3")
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak1n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak2n2, err := h.CreatePreAuthKey(n2.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak3n3, err := h.CreatePreAuthKey(n3.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
pak4n1, err := h.CreatePreAuthKey(n1.Name, false, false, nil)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, "test_get_shared_nodes_1")
|
||||||
|
c.Assert(err, check.NotNil)
|
||||||
|
|
||||||
|
m1 := &Machine{
|
||||||
|
ID: 1,
|
||||||
|
MachineKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
NodeKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
DiscoKey: "686824e749f3b7f2a5927ee6c1e422aee5292592d9179a271ed7b3e659b44a66",
|
||||||
|
Name: "test_get_shared_nodes_1",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.1",
|
||||||
|
AuthKeyID: uint(pak1n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m1)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n1.Name, m1.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m2 := &Machine{
|
||||||
|
ID: 2,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_2",
|
||||||
|
NamespaceID: n2.ID,
|
||||||
|
Namespace: *n2,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.2",
|
||||||
|
AuthKeyID: uint(pak2n2.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m2)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n2.Name, m2.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m3 := &Machine{
|
||||||
|
ID: 3,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_3",
|
||||||
|
NamespaceID: n3.ID,
|
||||||
|
Namespace: *n3,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.3",
|
||||||
|
AuthKeyID: uint(pak3n3.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m3)
|
||||||
|
|
||||||
|
_, err = h.GetMachine(n3.Name, m3.Name)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
m4 := &Machine{
|
||||||
|
ID: 4,
|
||||||
|
MachineKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
NodeKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
DiscoKey: "dec46ef9dc45c7d2f03bfcd5a640d9e24e3cc68ce3d9da223867c9bc6d5e9863",
|
||||||
|
Name: "test_get_shared_nodes_4",
|
||||||
|
NamespaceID: n1.ID,
|
||||||
|
Namespace: *n1,
|
||||||
|
Registered: true,
|
||||||
|
RegisterMethod: "authKey",
|
||||||
|
IPAddress: "100.64.0.4",
|
||||||
|
AuthKeyID: uint(pak4n1.ID),
|
||||||
|
}
|
||||||
|
h.db.Save(m4)
|
||||||
|
|
||||||
|
err = h.AddSharedMachineToNamespace(m2, n1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
m1peers, err := h.getPeers(m1)
|
||||||
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
|
userProfiles := getMapResponseUserProfiles(*m1, m1peers)
|
||||||
|
|
||||||
|
log.Trace().Msgf("userProfiles %#v", userProfiles)
|
||||||
|
c.Assert(len(userProfiles), check.Equals, 2)
|
||||||
|
|
||||||
|
found := false
|
||||||
|
for _, up := range userProfiles {
|
||||||
|
if up.DisplayName == n1.Name {
|
||||||
|
found = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
c.Assert(found, check.Equals, true)
|
||||||
|
|
||||||
|
found = false
|
||||||
|
for _, up := range userProfiles {
|
||||||
|
if up.DisplayName == n2.Name {
|
||||||
|
found = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
c.Assert(found, check.Equals, true)
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user