headscale

mirror of https://github.com/juanfont/headscale.git synced 2026-04-10 15:07:47 +09:00

Author	SHA1	Message	Date
Kristoffer Dalby	bca6e6334d	integration: add custom subnet support and fix exit node tests Add NetworkSpec struct with optional Subnet field to ScenarioSpec.Networks. When Subnet is set, the Docker network is created with that specific CIDR instead of Docker's auto-assigned RFC1918 range. Fix all exit node integration tests to use curl + traceroute. Tailscale exit nodes strip locally-connected subnets from their forwarding filter (shrinkDefaultRoute + localInterfaceRoutes), so exit nodes cannot forward to IPs on their Docker network via the default route alone. This is by design: exit nodes provide internet access, not LAN access. To also get LAN access, the subnet must be explicitly advertised as a route — matching real-world Tailscale deployment requirements. - TestSubnetRouterMultiNetworkExitNode: advertise usernet1 subnet alongside exit route, upgraded from ping to curl + traceroute - TestGrantViaExitNodeSteering: usernet1 subnet in via grants and auto-approvers alongside autogroup:internet - TestGrantViaMixedSteering: externet subnet in auto-approvers and route advertisement for exit traffic Updates #2180	2026-04-01 14:10:42 +01:00
Kristoffer Dalby	ce580f8245	all: fix golangci-lint issues (#3064 ) Some checks failed Build / build-nix (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=linux) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=linux) (push) Has been cancelled Check Generated Files / check-generated (push) Has been cancelled NixOS Module Tests / nix-module-check (push) Has been cancelled Tests / test (push) Has been cancelled	2026-02-06 21:45:32 +01:00
Kristoffer Dalby	ed78bf4b98	cmd/hi: improve test cleanup to reduce CI disk usage (#2881 )	2025-11-28 16:59:54 +01:00
Kristoffer Dalby	9b962956b5	integration: Eventually, debug output, lint and format Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	2025-09-09 09:40:00 +02:00
Kristoffer Dalby	a058bf3cd3	mapper: produce map before poll (#2628 ) Some checks failed Build / build-nix (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=linux) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=linux) (push) Has been cancelled Check Generated Files / check-generated (push) Has been cancelled Tests / test (push) Has been cancelled update-flake-lock / lockfile (push) Has been cancelled GitHub Actions Version Updater / build (push) Has been cancelled	2025-07-28 11:15:53 +02:00
Kristoffer Dalby	afc11e1f0c	cmd/hi: fixes and qol (#2649 )	2025-06-23 13:43:14 +02:00
Kristoffer Dalby	f1206328dc	fix webauth + autoapprove routes (#2528 ) Some checks are pending Build / build-nix (push) Waiting to run Build / build-cross (GOARCH=386 GOOS=linux) (push) Waiting to run Build / build-cross (GOARCH=amd64 GOOS=darwin) (push) Waiting to run Build / build-cross (GOARCH=amd64 GOOS=linux) (push) Waiting to run Build / build-cross (GOARCH=arm GOOS=linux GOARM=5) (push) Waiting to run Build / build-cross (GOARCH=arm GOOS=linux GOARM=6) (push) Waiting to run Build / build-cross (GOARCH=arm GOOS=linux GOARM=7) (push) Waiting to run Build / build-cross (GOARCH=arm64 GOOS=darwin) (push) Waiting to run Build / build-cross (GOARCH=arm64 GOOS=linux) (push) Waiting to run Tests / test (push) Waiting to run * types/node: add helper funcs for node tags Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * types/node: add DebugString method for node Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * policy/v2: add String func to AutoApprover interface Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * policy/v2: simplify, use slices.Contains Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * policy/v2: debug, use nodes.DebugString Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * policy/v1: fix potential nil pointer in NodeCanApproveRoute Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * policy/v1: slices.Contains Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration/tsic: fix diff in login commands Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: fix webauth running with wrong scenario Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: move common oidc opts to func Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: require node count, more verbose Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * auth: remove uneffective route approve Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * .github/workflows: fmt Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration/tsic: add id func Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: remove call that might be nil Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: test autoapprovers against web/authkey x group/tag/user Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: unique network id per scenario Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * Revert "integration: move common oidc opts to func" This reverts commit 7e9d165d4a900c304f1083b665f1a24a26e06e55. * remove cmd Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: clean docker images between runs in ci Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration: run autoapprove test against differnt policy modes Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * integration/tsic: append, not overrwrite extra login args Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * .github/workflows: remove polv2 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	2025-04-30 07:54:04 +02:00
Kristoffer Dalby	f783555469	integration: clean up unreferenced hs- networks (#2534 )	2025-04-18 12:06:28 +02:00
Nbelles	22277d1fc7	Spell check Some checks failed Build / build-nix (push) Has been cancelled Build / build-cross (GOARCH=386 GOOS=linux) (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=amd64 GOOS=linux) (push) Has been cancelled Build / build-cross (GOARCH=arm GOOS=linux GOARM=5) (push) Has been cancelled Build / build-cross (GOARCH=arm GOOS=linux GOARM=6) (push) Has been cancelled Build / build-cross (GOARCH=arm GOOS=linux GOARM=7) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=darwin) (push) Has been cancelled Build / build-cross (GOARCH=arm64 GOOS=linux) (push) Has been cancelled Deploy docs / deploy (push) Has been cancelled Tests / test (push) Has been cancelled update-flake-lock / lockfile (push) Has been cancelled GitHub Actions Version Updater / build (push) Has been cancelled	2025-02-05 17:29:30 +01:00
Kristoffer Dalby	8b92c017ec	add 1.80 to capver and update deps (#2394 )	2025-02-05 07:17:51 +01:00
Even Holthe	23a595c26f	oidc: add test for expiring nodes after token expiration	2023-01-04 09:23:52 +01:00
Kristoffer Dalby	f109b54e79	Join test suite container to network, allowing seperate networks Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	2022-10-18 15:37:11 +02:00
Kristoffer Dalby	f68ba7504f	Move some helper functions into dockertestutil package Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	2022-10-18 15:37:11 +02:00

13 Commits