Compare commits

...

22 Commits

Author SHA1 Message Date
Kristoffer Dalby 0c7f1eac82 Merge pull request #757 from juanfont/changelog-0.16.4 2022-08-21 11:15:30 +02:00
Juan Font Alonso 6fe895fd22 Updated changelog for 0.16.4 2022-08-21 10:51:58 +02:00
Juan Font 061e2fe4b4 Merge pull request #754 from Aluxima/expired-machine-registration
Fix cli registration of expired machines
2022-08-20 11:41:15 +02:00
Laurent Marchaud e85562268d Switch to using nodeKey instead of machineKey for expired machines registration
Signed-off-by: Laurent Marchaud <laurent@marchaud.com>
2022-08-19 15:48:35 +02:00
Laurent Marchaud fca33aacbe Fix rebased errors scope in machine.go
Signed-off-by: Laurent Marchaud <laurent@marchaud.com>
2022-08-19 15:07:01 +02:00
Laurent Marchaud a31432ee7b Fix changelog
Signed-off-by: Laurent Marchaud <laurent@marchaud.com>
2022-08-19 14:14:30 +02:00
Laurent Marchaud 0c66590108 Update changelog
Signed-off-by: Laurent Marchaud <laurent@marchaud.com>
2022-08-19 14:11:19 +02:00
Laurent Marchaud c6ea9b4b80 Fix cli registration of expired machines
Signed-off-by: Laurent Marchaud <laurent@marchaud.com>
2022-08-19 14:11:13 +02:00
Juan Font 19455399f4 Merge pull request #752 from juanfont/add-code-of-conduct
Create CODE_OF_CONDUCT.md
2022-08-19 00:38:01 +02:00
Juan Font 43ba1fb176 Prettier 2022-08-18 22:32:53 +00:00
Juan Font a6f56b4285 Create CODE_OF_CONDUCT.md 2022-08-18 22:08:33 +02:00
Juan Font 61bb6292b7 Merge pull request #746 from gozssky/patch-1
Fix charset typo in swagger.go
2022-08-18 12:23:45 +02:00
Juan Font 40e0ae99da Merge branch 'main' into patch-1 2022-08-18 11:49:15 +02:00
Juan Font 2dd615a4ef Merge pull request #745 from 617a7a/main
feat: add support for TLS with Postgres
2022-08-18 11:48:33 +02:00
Azz 7e06abdca2 chore: azz forgot how to write code 2022-08-17 20:12:45 +01:00
Azz c316f53e23 fix: ci happy now? 2022-08-17 19:32:20 +01:00
Azz b6d324be69 Merge branch 'main' of https://github.com/juanfont/headscale
# Conflicts:
#	CHANGELOG.md
2022-08-17 19:31:26 +01:00
Yujie Xia e03b3029e3 Fix charset typo in swagger.go 2022-08-17 12:27:58 +08:00
azz 701ad3e017 chore: update CHANGELOG.md 2022-08-16 09:09:28 +01:00
azz 0cc14d0aca feat: added db_ssl to config-example.yaml 2022-08-16 09:02:51 +01:00
Azz 3f5ea7998f Merge branch 'main' into main 2022-08-16 08:56:36 +01:00
azz 4c7f54020b feat: add support for TLS with Postgres 2022-08-16 08:50:30 +01:00
8 changed files with 168 additions and 3 deletions
+8 -1
View File
@@ -2,6 +2,13 @@
## 0.17.0 (2022-XX-XX)
## 0.16.4 (2022-08-21)
### Changes
- Add ability to connect to PostgreSQL over TLS/SSL [#745](https://github.com/juanfont/headscale/pull/745)
- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754)
## 0.16.3 (2022-08-17)
### Changes
@@ -131,7 +138,7 @@ This is a part of aligning `headscale`'s behaviour with Tailscale's upstream beh
- OpenID Connect users will be mapped per namespaces
- Each user will get its own namespace, created if it does not exist
- `oidc.domain_map` option has been removed
- `strip_email_domain` option has been added (see [config-example.yaml](./config_example.yaml))
- `strip_email_domain` option has been added (see [config-example.yaml](./config-example.yaml))
### Changes
+134
View File
@@ -0,0 +1,134 @@
# Contributor Covenant Code of Conduct
## Our Pledge
We as members, contributors, and leaders pledge to make participation
in our community a harassment-free experience for everyone, regardless
of age, body size, visible or invisible disability, ethnicity, sex
characteristics, gender identity and expression, level of experience,
education, socio-economic status, nationality, personal appearance,
race, religion, or sexual identity and orientation.
We pledge to act and interact in ways that contribute to an open,
welcoming, diverse, inclusive, and healthy community.
## Our Standards
Examples of behavior that contributes to a positive environment for
our community include:
- Demonstrating empathy and kindness toward other people
- Being respectful of differing opinions, viewpoints, and experiences
- Giving and gracefully accepting constructive feedback
- Accepting responsibility and apologizing to those affected by our
mistakes, and learning from the experience
- Focusing on what is best not just for us as individuals, but for the
overall community
Examples of unacceptable behavior include:
- The use of sexualized language or imagery, and sexual attention or
advances of any kind
- Trolling, insulting or derogatory comments, and personal or
political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or email
address, without their explicit permission
- Other conduct which could reasonably be considered inappropriate in
a professional setting
## Enforcement Responsibilities
Community leaders are responsible for clarifying and enforcing our
standards of acceptable behavior and will take appropriate and fair
corrective action in response to any behavior that they deem
inappropriate, threatening, offensive, or harmful.
Community leaders have the right and responsibility to remove, edit,
or reject comments, commits, code, wiki edits, issues, and other
contributions that are not aligned to this Code of Conduct, and will
communicate reasons for moderation decisions when appropriate.
## Scope
This Code of Conduct applies within all community spaces, and also
applies when an individual is officially representing the community in
public spaces. Examples of representing our community include using an
official e-mail address, posting via an official social media account,
or acting as an appointed representative at an online or offline
event.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior
may be reported to the community leaders responsible for enforcement
at our Discord channel. All complaints
will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and
security of the reporter of any incident.
## Enforcement Guidelines
Community leaders will follow these Community Impact Guidelines in
determining the consequences for any action they deem in violation of
this Code of Conduct:
### 1. Correction
**Community Impact**: Use of inappropriate language or other behavior
deemed unprofessional or unwelcome in the community.
**Consequence**: A private, written warning from community leaders,
providing clarity around the nature of the violation and an
explanation of why the behavior was inappropriate. A public apology
may be requested.
### 2. Warning
**Community Impact**: A violation through a single incident or series
of actions.
**Consequence**: A warning with consequences for continued
behavior. No interaction with the people involved, including
unsolicited interaction with those enforcing the Code of Conduct, for
a specified period of time. This includes avoiding interactions in
community spaces as well as external channels like social
media. Violating these terms may lead to a temporary or permanent ban.
### 3. Temporary Ban
**Community Impact**: A serious violation of community standards,
including sustained inappropriate behavior.
**Consequence**: A temporary ban from any sort of interaction or
public communication with the community for a specified period of
time. No public or private interaction with the people involved,
including unsolicited interaction with those enforcing the Code of
Conduct, is allowed during this period. Violating these terms may lead
to a permanent ban.
### 4. Permanent Ban
**Community Impact**: Demonstrating a pattern of violation of
community standards, including sustained inappropriate behavior,
harassment of an individual, or aggression toward or disparagement of
classes of individuals.
**Consequence**: A permanent ban from any sort of public interaction
within the community.
## Attribution
This Code of Conduct is adapted from the [Contributor
Covenant][homepage], version 2.0, available at
https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
Community Impact Guidelines were inspired by [Mozilla's code of
conduct enforcement ladder](https://github.com/mozilla/diversity).
[homepage]: https://www.contributor-covenant.org
For answers to common questions about this code of conduct, see the
FAQ at https://www.contributor-covenant.org/faq. Translations are
available at https://www.contributor-covenant.org/translations.
+7
View File
@@ -346,6 +346,13 @@ func (h *Headscale) RegistrationHandler(
// The machine has expired
h.handleMachineExpired(writer, req, machineKey, registerRequest, *machine)
machine.Expiry = &time.Time{}
h.registrationCache.Set(
NodePublicKeyStripPrefix(registerRequest.NodeKey),
*machine,
registerCacheExpiration,
)
return
}
}
+5 -1
View File
@@ -129,12 +129,16 @@ func NewHeadscale(cfg *Config) (*Headscale, error) {
switch cfg.DBtype {
case Postgres:
dbString = fmt.Sprintf(
"host=%s dbname=%s user=%s sslmode=disable",
"host=%s dbname=%s user=%s",
cfg.DBhost,
cfg.DBname,
cfg.DBuser,
)
if !cfg.DBssl {
dbString += " sslmode=disable"
}
if cfg.DBport != 0 {
dbString += fmt.Sprintf(" port=%d", cfg.DBport)
}
+1
View File
@@ -121,6 +121,7 @@ db_path: /var/lib/headscale/db.sqlite
# db_name: headscale
# db_user: foo
# db_pass: bar
# db_ssl: false
### TLS configuration
#
+2
View File
@@ -47,6 +47,7 @@ type Config struct {
DBname string
DBuser string
DBpass string
DBssl bool
TLS TLSConfig
@@ -506,6 +507,7 @@ func GetHeadscaleConfig() (*Config, error) {
DBname: viper.GetString("db_name"),
DBuser: viper.GetString("db_user"),
DBpass: viper.GetString("db_pass"),
DBssl: viper.GetBool("db_ssl"),
TLS: GetTLSConfig(),
+10
View File
@@ -26,6 +26,7 @@ const (
)
ErrCouldNotConvertMachineInterface = Error("failed to convert machine interface")
ErrHostnameTooLong = Error("Hostname too long")
ErrDifferentRegisteredNamespace = Error("machine was previously registered with a different namespace")
MachineGivenNameHashLength = 8
MachineGivenNameTrimSize = 2
)
@@ -789,6 +790,11 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
)
}
// Registration of expired machine with different namespace
if registrationMachine.ID != 0 && registrationMachine.NamespaceID != namespace.ID {
return nil, ErrDifferentRegisteredNamespace
}
registrationMachine.NamespaceID = namespace.ID
registrationMachine.RegisterMethod = registrationMethod
@@ -796,6 +802,10 @@ func (h *Headscale) RegisterMachineFromAuthCallback(
registrationMachine,
)
if err == nil {
h.registrationCache.Delete(nodeKeyStr)
}
return machine, err
} else {
return nil, ErrCouldNotConvertMachineInterface
+1 -1
View File
@@ -83,7 +83,7 @@ func SwaggerAPIv1(
writer http.ResponseWriter,
req *http.Request,
) {
writer.Header().Set("Content-Type", "application/json; charset=utf-88")
writer.Header().Set("Content-Type", "application/json; charset=utf-8")
writer.WriteHeader(http.StatusOK)
if _, err := writer.Write(apiV1JSON); err != nil {
log.Error().