Make STUN server mandatory if DERP embedded is enabled

This commit is contained in:
Juan Font Alonso 2022-03-18 12:58:00 +01:00
parent 8f5875efe4
commit 2e6687209b
3 changed files with 11 additions and 12 deletions

View file

@ -124,8 +124,11 @@ func GetDERPConfig() headscale.DERPConfig {
serverRegionID := viper.GetInt("derp.server.region_id") serverRegionID := viper.GetInt("derp.server.region_id")
serverRegionCode := viper.GetString("derp.server.region_code") serverRegionCode := viper.GetString("derp.server.region_code")
serverRegionName := viper.GetString("derp.server.region_name") serverRegionName := viper.GetString("derp.server.region_name")
stunEnabled := viper.GetBool("derp.server.stun.enabled") stunAddr := viper.GetString("derp.server.stun_listen_addr")
stunAddr := viper.GetString("derp.server.stun.listen_addr")
if serverEnabled && stunAddr == "" {
log.Fatal().Msg("derp.server.stun_listen_addr must be set if derp.server.enabled is true")
}
urlStrs := viper.GetStringSlice("derp.urls") urlStrs := viper.GetStringSlice("derp.urls")
@ -152,7 +155,6 @@ func GetDERPConfig() headscale.DERPConfig {
ServerRegionID: serverRegionID, ServerRegionID: serverRegionID,
ServerRegionCode: serverRegionCode, ServerRegionCode: serverRegionCode,
ServerRegionName: serverRegionName, ServerRegionName: serverRegionName,
STUNEnabled: stunEnabled,
STUNAddr: stunAddr, STUNAddr: stunAddr,
URLs: urls, URLs: urls,
Paths: paths, Paths: paths,

View file

@ -69,14 +69,12 @@ derp:
region_code: "headscale" region_code: "headscale"
region_name: "Headscale Embedded DERP" region_name: "Headscale Embedded DERP"
# Enabled by default when embedded DERP is enabled. Listens in UDP at the configured address for STUN connections
# to help on NAT traversal. # Listens in UDP at the configured address for STUN connections to help on NAT traversal.
# If DERP is enabled, but STUN is disabled you still need to input an external STUN server in the listen_addr field. # When the embedded DERP server is enabled stun_listen_addr MUST be defined.
# #
# For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/ # For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
stun: stun_listen_addr: "0.0.0.0:3478"
enabled: true
listen_addr: "0.0.0.0:3478"
# List of externally available DERP maps encoded in JSON # List of externally available DERP maps encoded in JSON
urls: urls:

View file

@ -24,6 +24,5 @@ derp:
region_id: 999 region_id: 999
region_code: "headscale" region_code: "headscale"
region_name: "Headscale Embedded DERP" region_name: "Headscale Embedded DERP"
stun:
enabled: true stun_listen_addr: "0.0.0.0:3478"
listen_addr: "0.0.0.0:3478"