mirror of
https://github.com/juanfont/headscale.git
synced 2024-12-30 00:09:42 +01:00
Merge branch 'main' into reverse-proxy
This commit is contained in:
commit
44be239723
@ -7,7 +7,7 @@
|
|||||||
- Target Go 1.19 for Headscale [#778](https://github.com/juanfont/headscale/pull/778)
|
- Target Go 1.19 for Headscale [#778](https://github.com/juanfont/headscale/pull/778)
|
||||||
- Target Tailscale v1.30.0 to build Headscale [#780](https://github.com/juanfont/headscale/pull/780)
|
- Target Tailscale v1.30.0 to build Headscale [#780](https://github.com/juanfont/headscale/pull/780)
|
||||||
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
|
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
|
||||||
- Add documentation for running behind a reverse proxy. [#790](https://github.com/juanfont/headscale/pull/790)
|
- Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811)
|
||||||
|
|
||||||
## 0.16.4 (2022-08-21)
|
## 0.16.4 (2022-08-21)
|
||||||
|
|
||||||
|
@ -66,7 +66,6 @@ db_path: /etc/headscale/db.sqlite
|
|||||||
docker run \
|
docker run \
|
||||||
--name headscale \
|
--name headscale \
|
||||||
--detach \
|
--detach \
|
||||||
--rm \
|
|
||||||
--volume $(pwd)/config:/etc/headscale/ \
|
--volume $(pwd)/config:/etc/headscale/ \
|
||||||
--publish 127.0.0.1:8080:8080 \
|
--publish 127.0.0.1:8080:8080 \
|
||||||
--publish 127.0.0.1:9090:9090 \
|
--publish 127.0.0.1:9090:9090 \
|
||||||
|
57
machine.go
57
machine.go
@ -26,15 +26,22 @@ const (
|
|||||||
)
|
)
|
||||||
ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface")
|
ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface")
|
||||||
ErrHostnameTooLong = Error("Hostname too long")
|
ErrHostnameTooLong = Error("Hostname too long")
|
||||||
ErrDifferentRegisteredNamespace = Error("machine was previously registered with a different namespace")
|
ErrDifferentRegisteredNamespace = Error(
|
||||||
MachineGivenNameHashLength = 8
|
"machine was previously registered with a different namespace",
|
||||||
MachineGivenNameTrimSize = 2
|
)
|
||||||
|
MachineGivenNameHashLength = 8
|
||||||
|
MachineGivenNameTrimSize = 2
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
maxHostnameLength = 255
|
maxHostnameLength = 255
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ExitRouteV4 = netip.MustParsePrefix("0.0.0.0/0")
|
||||||
|
ExitRouteV6 = netip.MustParsePrefix("::/0")
|
||||||
|
)
|
||||||
|
|
||||||
// Machine is a Headscale client.
|
// Machine is a Headscale client.
|
||||||
type Machine struct {
|
type Machine struct {
|
||||||
ID uint64 `gorm:"primary_key"`
|
ID uint64 `gorm:"primary_key"`
|
||||||
@ -633,10 +640,22 @@ func (machine Machine) toNode(
|
|||||||
[]netip.Prefix{},
|
[]netip.Prefix{},
|
||||||
addrs...) // we append the node own IP, as it is required by the clients
|
addrs...) // we append the node own IP, as it is required by the clients
|
||||||
|
|
||||||
// TODO(kradalby): Needs investigation, We probably dont need this condition
|
allowedIPs = append(allowedIPs, machine.EnabledRoutes...)
|
||||||
// now that we dont have shared nodes
|
|
||||||
if includeRoutes {
|
// TODO(kradalby): This is kind of a hack where we say that
|
||||||
allowedIPs = append(allowedIPs, machine.EnabledRoutes...)
|
// all the announced routes (except exit), is presented as primary
|
||||||
|
// routes. This might be problematic if two nodes expose the same route.
|
||||||
|
// This was added to address an issue where subnet routers stopped working
|
||||||
|
// when we only populated AllowedIPs.
|
||||||
|
primaryRoutes := []netip.Prefix{}
|
||||||
|
if len(machine.EnabledRoutes) > 0 {
|
||||||
|
for _, route := range machine.EnabledRoutes {
|
||||||
|
if route == ExitRouteV4 || route == ExitRouteV6 {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
primaryRoutes = append(primaryRoutes, route)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
var derp string
|
var derp string
|
||||||
@ -683,16 +702,17 @@ func (machine Machine) toNode(
|
|||||||
StableID: tailcfg.StableNodeID(
|
StableID: tailcfg.StableNodeID(
|
||||||
strconv.FormatUint(machine.ID, Base10),
|
strconv.FormatUint(machine.ID, Base10),
|
||||||
), // in headscale, unlike tailcontrol server, IDs are permanent
|
), // in headscale, unlike tailcontrol server, IDs are permanent
|
||||||
Name: hostname,
|
Name: hostname,
|
||||||
User: tailcfg.UserID(machine.NamespaceID),
|
User: tailcfg.UserID(machine.NamespaceID),
|
||||||
Key: nodeKey,
|
Key: nodeKey,
|
||||||
KeyExpiry: keyExpiry,
|
KeyExpiry: keyExpiry,
|
||||||
Machine: machineKey,
|
Machine: machineKey,
|
||||||
DiscoKey: discoKey,
|
DiscoKey: discoKey,
|
||||||
Addresses: addrs,
|
Addresses: addrs,
|
||||||
AllowedIPs: allowedIPs,
|
AllowedIPs: allowedIPs,
|
||||||
Endpoints: machine.Endpoints,
|
PrimaryRoutes: primaryRoutes,
|
||||||
DERP: derp,
|
Endpoints: machine.Endpoints,
|
||||||
|
DERP: derp,
|
||||||
|
|
||||||
Online: &online,
|
Online: &online,
|
||||||
Hostinfo: hostInfo.View(),
|
Hostinfo: hostInfo.View(),
|
||||||
@ -807,7 +827,8 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Registration of expired machine with different namespace
|
// Registration of expired machine with different namespace
|
||||||
if registrationMachine.ID != 0 && registrationMachine.NamespaceID != namespace.ID {
|
if registrationMachine.ID != 0 &&
|
||||||
|
registrationMachine.NamespaceID != namespace.ID {
|
||||||
return nil, ErrDifferentRegisteredNamespace
|
return nil, ErrDifferentRegisteredNamespace
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user