public/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-05-23 18:48:42 +09:00
Code Issues Packages Projects Releases Wiki Activity

types/node, policy/v2: drop taildrive caps from baseline emission

Browse Source 
Taildrive (drive:share and drive:access) is policy-driven per
Tailscale's documented behaviour
(https://tailscale.com/docs/features/taildrive). The previous
always-on baseline emission diverged from SaaS for every node not
targeted by a drive nodeAttr -- a real semantic divergence that the
compat suite caught once the test moved to comparing TailNode output
against the captured netmaps.

types.Node.TailNode no longer stamps the drive pair. Operators
wanting taildrive add a nodeAttrs entry:

  "nodeAttrs": [
    { "target": ["*"], "attr": ["drive:share", "drive:access"] }
  ]

unmodelledTailnetStateCaps shrinks accordingly. The baseline-divergence
group is gone; every entry left in the list is genuinely unmodelled
(user-role caps, unimplemented features, tailnet metadata, internal
tuning).

servertest's TestNodeAttrsBaselineCapsAlwaysOn expects the smaller
baseline (admin + ssh + file-sharing). Integration TestGrantCapDrive
grants the drive caps explicitly via NodeAttrs to exercise the
policy-driven emission path.
This commit is contained in:
Kristoffer Dalby
2026-05-11 14:54:03 +00:00
parent 5ebc53c29e
commit 8ea4cd3faa
5 changed files with 42 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
hscontrol/types/node.go
View File

@@ -1191,23 +1191,12 @@ func (nv NodeView) TailNode(
}
}
// Baseline caps every node receives regardless of the ACL policy.
// The set matches what Tailscale SaaS emits with default tailnet
// settings, anchored against captured netmaps in
// hscontrol/policy/v2/testdata/nodeattrs_results — including the
// nodeattrs-tailnet-* probe captures which exercise individual
// tailnet-settings overlays (devices_auto_updates_on, magic_dns)
// against the SaaS API and confirm the CapMap shape stays stable.
// Where headscale exposes an equivalent operator knob it gates
// the cap accordingly: cfg.Taildrop.Enabled gates
// CapabilityFileSharing, matching the SaaS admin-console
// "Send Files" toggle. Policy nodeAttrs add to this baseline in
// the mapper; they cannot remove from it.
// Baseline caps every node receives, regardless of policy. Mirrors
// what Tailscale SaaS emits for a default tailnet.
// cfg.Taildrop.Enabled gates CapabilityFileSharing.
capMap := tailcfg.NodeCapMap{
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
tailcfg.NodeAttrsTaildriveShare: []tailcfg.RawMessage{},
tailcfg.NodeAttrsTaildriveAccess: []tailcfg.RawMessage{},
tailcfg.CapabilityAdmin: []tailcfg.RawMessage{},
tailcfg.CapabilitySSH: []tailcfg.RawMessage{},
}
if cfg.Taildrop.Enabled {