1
0
mirror of https://github.com/juanfont/headscale.git synced 2024-12-20 19:09:07 +01:00
Commit Graph

130 Commits

Author SHA1 Message Date
Adrien Raffin-Caboisse
79688e6187
chore(all): apply formater 2022-08-04 10:47:00 +02:00
Kristoffer Dalby
34f489b1f4
Update cmd/headscale/cli/utils.go 2022-06-26 09:52:11 +02:00
Kristoffer Dalby
72d1d2630e
Update cmd/headscale/cli/utils.go 2022-06-26 09:52:04 +02:00
Juan Font Alonso
c8378e8b7d Quick fix to segfault on CLI when Headscale is not running (fix #652) 2022-06-22 14:40:40 +02:00
Kristoffer Dalby
95824ac2ec MOve ephemeral inactivity config check to all the other config check 2022-06-12 13:12:43 +00:00
Kristoffer Dalby
af891808f6 Make get config load the config, use config in main method 2022-06-05 17:47:12 +02:00
Kristoffer Dalby
1ea8bb782c Move all read config logic to config.go 2022-06-03 09:26:36 +02:00
Kristoffer Dalby
35722cd5aa Move FilePerm function from cli to headscale 2022-06-03 09:24:36 +02:00
Kristoffer Dalby
36dca3516a Move Abspath function to headscale utils 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
06129277ed Rename abspath function to describe what it does 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
6b1482daee Use config object instead of viper for policy path 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
24e4787a64 Make ACL policy part of the config struct 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
5bfae22c8f Make config get function global 2022-05-31 14:28:23 +02:00
Kristoffer Dalby
3e078f0494 Fix logtail config function name 2022-05-31 14:28:01 +02:00
Kristoffer Dalby
a0c465c2eb Wire up setting to enable/disable logtail 2022-05-30 14:47:41 +02:00
Adrien Raffin-Caboisse
a2fb5b2b9d
Merge remote-tracking branch 'origin/main' into feat-list-tags-of-machines 2022-05-03 20:35:28 +02:00
Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow.
Adds knobs to configure three aspects of the OpenID Connect flow:

 * Custom scopes to override the default "openid profile email".
 * Custom parameters to be added to the Authorize Endpoint request.
 * Domain allowlisting for authenticated principals.
 * User allowlisting for authenticated principals.
2022-05-02 17:11:07 +02:00
Adrien Raffin-Caboisse
fec8cda16a
fix: fix linting issue on my computer 2022-04-25 22:33:53 +02:00
Adrien Raffin-Caboisse
2c448d4a5c
chore: apply linting 2022-04-25 22:27:44 +02:00
Adrien Raffin-Caboisse
8061abe279 refact: use generics for contains functions 2022-04-25 22:17:23 +02:00
Adrien Raffin-Caboisse
f53bb63b2d
fix: move tag command to subcommand of nodes 2022-04-21 23:43:20 +02:00
Adrien Raffin-Caboisse
98f54c9f7f
chore: apply format and lint 2022-04-15 18:27:57 +02:00
Nico Rey
6e08241712 Exit Headscale if ACL policy file cannot be parsed 2022-04-06 11:05:08 -03:00
Juan Font Alonso
2e6687209b Make STUN server mandatory if DERP embedded is enabled 2022-03-18 12:58:00 +01:00
Juan Font Alonso
b8aad5451d Make STUN run by default when embedded DERP is enabled
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
2022-03-15 13:22:25 +01:00
Juan Font Alonso
eb06054a7b Make DERP Region configurable 2022-03-06 17:25:21 +01:00
Juan Font Alonso
eb500155e8 Make STUN server configurable 2022-03-06 17:00:56 +01:00
Juan Font Alonso
df37d1a639 Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb Renamed configuration items of the DERP server 2022-03-05 16:22:02 +01:00
Juan Font Alonso
23cde8445f Merge branch 'main' into embedded-derp 2022-03-04 00:04:59 +01:00
Juan Font Alonso
897d480f4d Add an embedded DERP server to Headscale
This series of commit will be adding an embedded DERP server (and STUN) to Headscale,
thus making it completely self-contained and not dependant in other infrastructure.
2022-03-04 00:01:31 +01:00
Nico Rey
9a61725e9f Metrics: Disable toggle. Set default port to 9090 2022-02-28 10:40:02 -03:00
Kristoffer Dalby
6126d6d9b5
Merge branch 'main' into metrics-listen 2022-02-28 14:24:25 +01:00
Nico Rey
06e6c29a5b metrics: make metrics endpoint toggleable 2022-02-25 18:36:03 -03:00
Nico
d55c79e75b
Merge branch 'main' into metrics-listen 2022-02-24 10:41:07 -03:00
Kristoffer Dalby
aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace 2022-02-24 11:40:34 +00:00
Kristoffer Dalby
8c33907655 Sort lint 2022-02-24 11:10:40 +00:00
Adrien Raffin-Caboisse
4f1f235a2e feat: add strip_email_domain to normalization of namespace 2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
717250adb3 feat: removing matchmap from headscale 2022-02-22 20:58:08 +01:00
Nico Rey
45d5ab30ff metrics/cfg: add a new entry for the Prometheus listen address 2022-02-21 12:50:44 -03:00
Justin Angel
daa75da277 Linting and updating tests 2022-02-21 10:09:23 -05:00
Kristoffer Dalby
7bf2a91dd0
Merge branch 'main' into configurable-mtls 2022-02-20 14:33:23 +00:00
Justin Angel
385dd9cc34 refactoring 2022-02-20 09:06:14 -05:00
Kristoffer Dalby
4e54796384 Allow gRPC server to run insecure 2022-02-13 09:08:46 +00:00
Kristoffer Dalby
c3b68adfed Fix lint 2022-02-13 08:46:35 +00:00
Kristoffer Dalby
0018a78d5a Add insecure option
Add option to not _validate_ if the certificate served from headscale is
trusted.
2022-02-13 08:41:49 +00:00
Kristoffer Dalby
315ff9daf0 Remove insecure, only allow valid certs 2022-02-12 19:35:55 +00:00
Kristoffer Dalby
e18078d7f8 Rename j 2022-02-12 19:08:41 +00:00
Kristoffer Dalby
c73b57e7dc Use undeprecated method for insecure 2022-02-12 19:08:33 +00:00
Kristoffer Dalby
811d3d510c Add grpc_listen_addr config option 2022-02-12 16:14:33 +00:00