Return all peers instead of peers in same namespace

This commit is contained in:
Jamie Greeff 2021-12-29 09:58:10 +00:00 committed by Adrien Raffin-Caboisse
parent 73497382b7
commit 9b7d657cbe
No known key found for this signature in database
GPG key ID: 7FB60532DEBEAD6A
2 changed files with 67 additions and 26 deletions

6
dns.go
View file

@ -163,7 +163,11 @@ func getMapResponseDNSConfig(
dnsConfig = dnsConfigOrig.Clone() dnsConfig = dnsConfigOrig.Clone()
dnsConfig.Domains = append( dnsConfig.Domains = append(
dnsConfig.Domains, dnsConfig.Domains,
fmt.Sprintf("%s.%s", machine.Namespace.Name, baseDomain), fmt.Sprintf(
"%s.%s",
strings.Replace(machine.Namespace.Name, "@", ".", -1), // Replace @ with . for valid domain for machine
baseDomain,
),
) )
namespaceSet := set.New(set.ThreadSafe) namespaceSet := set.New(set.ThreadSafe)

View file

@ -119,6 +119,33 @@ func (machine Machine) isExpired() bool {
return time.Now().UTC().After(*machine.Expiry) return time.Now().UTC().After(*machine.Expiry)
} }
// Our Pineapple fork of Headscale ignores namespaces when dealing with peers
// and instead passes ALL peers across all namespaces to each client. Access between clients
// is then enforced with ACL policies.
func (h *Headscale) getAllPeers(machine *Machine) (Machines, error) {
log.Trace().
Caller().
Str("machine", machine.Name).
Msg("Finding all peers")
machines := Machines{}
if err := h.db.Preload("Namespace").Where("machine_key <> ? AND registered",
machine.MachineKey).Find(&machines).Error; err != nil {
log.Error().Err(err).Msg("Error accessing db")
return Machines{}, err
}
sort.Slice(machines, func(i, j int) bool { return machines[i].ID < machines[j].ID })
log.Trace().
Caller().
Str("machine", machine.Name).
Msgf("Found all machines: %s", machines.String())
return machines, nil
}
func (h *Headscale) getDirectPeers(machine *Machine) (Machines, error) { func (h *Headscale) getDirectPeers(machine *Machine) (Machines, error) {
log.Trace(). log.Trace().
Caller(). Caller().
@ -206,7 +233,40 @@ func (h *Headscale) getSharedTo(machine *Machine) (Machines, error) {
} }
func (h *Headscale) getPeers(machine *Machine) (Machines, error) { func (h *Headscale) getPeers(machine *Machine) (Machines, error) {
direct, err := h.getDirectPeers(machine) // direct, err := h.getDirectPeers(machine)
// if err != nil {
// log.Error().
// Caller().
// Err(err).
// Msg("Cannot fetch peers")
// return Machines{}, err
// }
// shared, err := h.getShared(machine)
// if err != nil {
// log.Error().
// Caller().
// Err(err).
// Msg("Cannot fetch peers")
// return Machines{}, err
// }
// sharedTo, err := h.getSharedTo(machine)
// if err != nil {
// log.Error().
// Caller().
// Err(err).
// Msg("Cannot fetch peers")
// return Machines{}, err
// }
// peers := append(direct, shared...)
// peers = append(peers, sharedTo...)
peers, err := h.getAllPeers(machine)
if err != nil { if err != nil {
log.Error(). log.Error().
Caller(). Caller().
@ -216,29 +276,6 @@ func (h *Headscale) getPeers(machine *Machine) (Machines, error) {
return Machines{}, err return Machines{}, err
} }
shared, err := h.getShared(machine)
if err != nil {
log.Error().
Caller().
Err(err).
Msg("Cannot fetch peers")
return Machines{}, err
}
sharedTo, err := h.getSharedTo(machine)
if err != nil {
log.Error().
Caller().
Err(err).
Msg("Cannot fetch peers")
return Machines{}, err
}
peers := append(direct, shared...)
peers = append(peers, sharedTo...)
sort.Slice(peers, func(i, j int) bool { return peers[i].ID < peers[j].ID }) sort.Slice(peers, func(i, j int) bool { return peers[i].ID < peers[j].ID })
log.Trace(). log.Trace().
@ -597,7 +634,7 @@ func (machine Machine) toNode(
hostname = fmt.Sprintf( hostname = fmt.Sprintf(
"%s.%s.%s", "%s.%s.%s",
machine.Name, machine.Name,
machine.Namespace.Name, strings.Replace(machine.Namespace.Name, "@", ".", -1), // Replace @ with . for valid domain for machine
baseDomain, baseDomain,
) )
} else { } else {