Kristoffer Dalby
af891808f6
Make get config load the config, use config in main method
2022-06-05 17:47:12 +02:00
Kristoffer Dalby
1ea8bb782c
Move all read config logic to config.go
2022-06-03 09:26:36 +02:00
Kristoffer Dalby
35722cd5aa
Move FilePerm function from cli to headscale
2022-06-03 09:24:36 +02:00
Kristoffer Dalby
36dca3516a
Move Abspath function to headscale utils
2022-05-31 14:28:23 +02:00
Kristoffer Dalby
06129277ed
Rename abspath function to describe what it does
2022-05-31 14:28:23 +02:00
Kristoffer Dalby
6b1482daee
Use config object instead of viper for policy path
2022-05-31 14:28:23 +02:00
Kristoffer Dalby
24e4787a64
Make ACL policy part of the config struct
2022-05-31 14:28:23 +02:00
Kristoffer Dalby
5bfae22c8f
Make config get function global
2022-05-31 14:28:23 +02:00
Kristoffer Dalby
3e078f0494
Fix logtail config function name
2022-05-31 14:28:01 +02:00
Kristoffer Dalby
a0c465c2eb
Wire up setting to enable/disable logtail
2022-05-30 14:47:41 +02:00
Adrien Raffin-Caboisse
a2fb5b2b9d
Merge remote-tracking branch 'origin/main' into feat-list-tags-of-machines
2022-05-03 20:35:28 +02:00
Antoine POPINEAU
7cc58af932
Allow more configuration over the OIDC flow.
...
Adds knobs to configure three aspects of the OpenID Connect flow:
* Custom scopes to override the default "openid profile email".
* Custom parameters to be added to the Authorize Endpoint request.
* Domain allowlisting for authenticated principals.
* User allowlisting for authenticated principals.
2022-05-02 17:11:07 +02:00
Adrien Raffin-Caboisse
fec8cda16a
fix: fix linting issue on my computer
2022-04-25 22:33:53 +02:00
Adrien Raffin-Caboisse
2c448d4a5c
chore: apply linting
2022-04-25 22:27:44 +02:00
Adrien Raffin-Caboisse
8061abe279
refact: use generics for contains functions
2022-04-25 22:17:23 +02:00
Adrien Raffin-Caboisse
f53bb63b2d
fix: move tag command to subcommand of nodes
2022-04-21 23:43:20 +02:00
Adrien Raffin-Caboisse
98f54c9f7f
chore: apply format and lint
2022-04-15 18:27:57 +02:00
Nico Rey
6e08241712
Exit Headscale if ACL policy file cannot be parsed
2022-04-06 11:05:08 -03:00
Juan Font Alonso
2e6687209b
Make STUN server mandatory if DERP embedded is enabled
2022-03-18 12:58:00 +01:00
Juan Font Alonso
b8aad5451d
Make STUN run by default when embedded DERP is enabled
...
This commit also allows to set an external STUN server, while running the embedded DERP server (without embedded STUN)
2022-03-15 13:22:25 +01:00
Juan Font Alonso
eb06054a7b
Make DERP Region configurable
2022-03-06 17:25:21 +01:00
Juan Font Alonso
eb500155e8
Make STUN server configurable
2022-03-06 17:00:56 +01:00
Juan Font Alonso
df37d1a639
Do not offer the option to be DERP insecure
...
Websockets, in which DERP is based, requires a TLS certificate. At the same time,
if we use a certificate it must be valid... otherwise Tailscale wont connect (does not
have an Insecure option). So there is no option to expose insecure here
2022-03-05 19:19:21 +01:00
Juan Font Alonso
758b1ba1cb
Renamed configuration items of the DERP server
2022-03-05 16:22:02 +01:00
Juan Font Alonso
23cde8445f
Merge branch 'main' into embedded-derp
2022-03-04 00:04:59 +01:00
Juan Font Alonso
897d480f4d
Add an embedded DERP server to Headscale
...
This series of commit will be adding an embedded DERP server (and STUN) to Headscale,
thus making it completely self-contained and not dependant in other infrastructure.
2022-03-04 00:01:31 +01:00
Nico Rey
9a61725e9f
Metrics: Disable toggle. Set default port to 9090
2022-02-28 10:40:02 -03:00
Kristoffer Dalby
6126d6d9b5
Merge branch 'main' into metrics-listen
2022-02-28 14:24:25 +01:00
Nico Rey
06e6c29a5b
metrics: make metrics endpoint toggleable
2022-02-25 18:36:03 -03:00
Nico
d55c79e75b
Merge branch 'main' into metrics-listen
2022-02-24 10:41:07 -03:00
Kristoffer Dalby
aa506503e2
Merge branch 'main' into feat-oidc-login-as-namespace
2022-02-24 11:40:34 +00:00
Kristoffer Dalby
8c33907655
Sort lint
2022-02-24 11:10:40 +00:00
Adrien Raffin-Caboisse
4f1f235a2e
feat: add strip_email_domain to normalization of namespace
2022-02-23 14:03:07 +01:00
Adrien Raffin-Caboisse
717250adb3
feat: removing matchmap from headscale
2022-02-22 20:58:08 +01:00
Nico Rey
45d5ab30ff
metrics/cfg: add a new entry for the Prometheus listen address
2022-02-21 12:50:44 -03:00
Justin Angel
daa75da277
Linting and updating tests
2022-02-21 10:09:23 -05:00
Kristoffer Dalby
7bf2a91dd0
Merge branch 'main' into configurable-mtls
2022-02-20 14:33:23 +00:00
Justin Angel
385dd9cc34
refactoring
2022-02-20 09:06:14 -05:00
Kristoffer Dalby
4e54796384
Allow gRPC server to run insecure
2022-02-13 09:08:46 +00:00
Kristoffer Dalby
c3b68adfed
Fix lint
2022-02-13 08:46:35 +00:00
Kristoffer Dalby
0018a78d5a
Add insecure option
...
Add option to not _validate_ if the certificate served from headscale is
trusted.
2022-02-13 08:41:49 +00:00
Kristoffer Dalby
315ff9daf0
Remove insecure, only allow valid certs
2022-02-12 19:35:55 +00:00
Kristoffer Dalby
e18078d7f8
Rename j
2022-02-12 19:08:41 +00:00
Kristoffer Dalby
c73b57e7dc
Use undeprecated method for insecure
2022-02-12 19:08:33 +00:00
Kristoffer Dalby
811d3d510c
Add grpc_listen_addr config option
2022-02-12 16:14:33 +00:00
Kristoffer Dalby
168b1bd579
Merge branch 'main' into configurable-mtls
2022-01-31 12:28:00 +00:00
Justin Angel
9de5c7f8b8
updating default
2022-01-31 07:22:17 -05:00
Kristoffer Dalby
6f6018bad5
Merge branch 'main' into ipv6
2022-01-30 08:21:11 +00:00
Kristoffer Dalby
0609c97459
Merge branch 'main' into configurable-mtls
2022-01-29 20:15:58 +00:00
Justin Angel
c98a559b4d
linting/formatting
2022-01-29 14:15:33 -05:00