Commit graph

88 commits

Author SHA1 Message Date
Kristoffer Dalby
b91c115ade
Remove "auth skip" for socket traffic 2021-10-31 19:57:42 +00:00
Kristoffer Dalby
8db45a4e75
Setup a seperate, non-tls, no auth, socket grpc 2021-10-31 19:52:34 +00:00
Kristoffer Dalby
1c9b1ea91a
Add todo 2021-10-31 16:34:20 +00:00
Kristoffer Dalby
3f30bf1e33
Ensure we set up TLS for http 2021-10-31 16:19:38 +00:00
Kristoffer Dalby
264e5964f6
Resolve merge conflict 2021-10-31 09:40:43 +00:00
Kristoffer Dalby
cbf3f5d640 Resolve merge conflict 2021-10-30 15:33:01 +00:00
Kristoffer Dalby
482a31b66b Setup swagger and swagger UI properly 2021-10-30 14:29:53 +00:00
Kristoffer Dalby
434fac52b7 Fix lint error 2021-10-30 14:29:03 +00:00
Kristoffer Dalby
6aacada852 Switch from gRPC localhost to socket
This commit changes the way CLI and grpc-gateway communicates with the
gRPC backend to socket, instead of localhost. Unauthenticated access now
goes on the socket, while the network interface will require API key (in
the future).
2021-10-30 14:08:16 +00:00
Kristoffer Dalby
68dab0fe7b Move localhost check to utils 2021-10-29 17:04:58 +00:00
Kristoffer Dalby
a23d82e33a Setup API and prepare for API keys
This commit sets up the API and gRPC endpoints and adds authentication
to them. Currently there is no actual authentication implemented but it
has been prepared for API keys.

In addition, there is a allow put in place for gRPC traffic over
localhost. This has two purposes:

1. grpc-gateway, which is the base of the API, connects to the gRPC
   service over localhost.
2. We do not want to break current "on server" behaviour which allows
   users to use the cli on the server without any fuzz
2021-10-29 16:45:06 +00:00
Kristoffer Dalby
2f045b20fb Refactor tls and wire up grpc, grpc gateway/api
This commit moves the TLS configuration into a seperate function.

It also wires up the gRPC interface and prepares handing the API
endpoints to the grpc gateway.
2021-10-26 20:42:56 +00:00
Kristoffer Dalby
57f46ded83 Split derp into its own config struct 2021-10-22 16:55:14 +00:00
Juan Font
41c5a0ddf5
Apply suggestions from code review
Co-authored-by: Kristoffer Dalby <kradalby@kradalby.no>
2021-10-20 09:35:56 +02:00
Juan Font Alonso
18b00b5d8d Add support for Split DNS (implements #179) 2021-10-19 20:51:43 +02:00
Kristoffer Dalby
677bd9b657 Implement namespace matching 2021-10-18 19:27:52 +00:00
unreality
afbfc1d370
Merge branch 'main' into main 2021-10-16 22:31:37 +08:00
Juan Font Alonso
5ce1526a06 Do not return a pointer 2021-10-10 12:43:41 +02:00
Raal Goff
74e6c1479e updates from code review 2021-10-10 17:22:42 +08:00
Juan Font
c4487b73c4
Merge branch 'main' into magic-dns-support 2021-10-09 12:24:07 +02:00
Juan Font Alonso
fc5153af3e Generate MagicDNS search domains for any tailnet range 2021-10-09 12:22:13 +02:00
Kristoffer Dalby
2997f4d251
Merge branch 'main' into main 2021-10-08 22:21:41 +01:00
Raal Goff
e407d423d4 updates from code review 2021-10-08 17:43:52 +08:00
Kristoffer Dalby
f0c54490ed Allow multiple namespaces to be checked for state at the same time 2021-10-06 22:06:07 +00:00
Kristoffer Dalby
ba391bc2ed Account for updates in shared namespaces 2021-10-06 19:32:15 +00:00
Raal Goff
c487591437 use go-oidc instead of verifying and extracting tokens ourselves, rename oidc_endpoint to oidc_issuer to be more inline with spec 2021-10-06 17:19:15 +08:00
Kristoffer Dalby
a01a0d1039 Remove unstable update channel, replace with state updates 2021-10-05 16:24:46 +00:00
Juan Font Alonso
2eef535b4b Merged main 2021-10-04 23:43:42 +02:00
Juan Font
040a18e6f8
Merge branch 'main' into magic-dns-support 2021-10-04 19:45:12 +02:00
Kristoffer Dalby
94ba5181fc Resolve merge conflict 2021-10-04 16:38:52 +00:00
Kristoffer Dalby
1d5b090579 Initial work on Prometheus metrics
This commit adds some Prometheus metrics to /metrics in headscale.

It will add the standard go metrics, some automatic gin metrics and some
initial headscale specific ones.

Some of them has been added to aid debugging #97 (loop bug)

In the future, we can use the metrics to get rid of the sleep in the
integration tests by checking that our expected number of nodes has been
registered:

```
headscale_machine_registrations_total
```
2021-10-04 16:28:07 +00:00
Juan Font Alonso
ef0f7c0c09 Integration tests for MagicDNS working 2021-10-04 18:04:08 +02:00
Aaron Bieber
8fa0fe65ba Add the ability to specify registration ACME email and ACME URL. 2021-10-03 12:26:38 -06:00
Kristoffer Dalby
ed728f57e0
Remove WriteTimeout from HTTP
Golangs built in HTTP server does not allow different HTTP timeout for
different types of handlers, so we cannot have a write timeout as we
attempt to do long polling (my bad).

See linked article.

Also removed redundant server declaration
2021-10-02 15:29:27 +01:00
Juan Font Alonso
8d60ae2c7e Tidy gomod 2021-10-02 13:03:41 +02:00
Juan Font Alonso
45e71ecba0 Generated MagicDNS search domains (only in 100.64.0.0/10) 2021-10-02 12:13:05 +02:00
Juan Font Alonso
656237e167 Propagate dns config vales across Headscale 2021-10-02 11:20:42 +02:00
Kristoffer Dalby
cc054d71fe
Merge branch 'main' into main 2021-09-26 21:35:26 +01:00
Raal Goff
e7a2501fe8 initial work on OIDC (SSO) integration 2021-09-26 16:53:05 +08:00
Kristoffer Dalby
2d39d6602c Merge remote-tracking branch 'upstream/main' into apple-mobileconfig 2021-09-19 18:00:40 +01:00
Kristoffer Dalby
dfcab2b6d5
Wire up new handlers 2021-09-19 17:56:29 +01:00
Kristoffer Dalby
987bbee1db
Add DNSConfig field to configuration 2021-08-24 07:09:47 +01:00
Kristoffer Dalby
88d7ac04bf
Account for racecondition in deleting/closing update channel
This commit tries to address the possible raceondition  that can happen
if a client closes its connection after we have fetched it from the
syncmap before sending the message.

To try to avoid introducing new dead lock conditions, all messages sent
to updateChannel has been moved into a function, which handles the
locking (instead of calling it all over the place)

The same lock is used around the delete/close function.
2021-08-20 16:52:34 +01:00
Kristoffer Dalby
53168d54d8
Make http timeout 30s instead of 10s 2021-08-19 22:29:03 +01:00
Kristoffer Dalby
b0ec945dbb
Make lastStateChange namespaced 2021-08-19 18:19:26 +01:00
Kristoffer Dalby
57b79aa852 Set timeout, add lastupdate field
This commit makes two reasonably major changes:

Set a default timeout for the go HTTP server (which gin uses), which
allows us to actually have broken long poll sessions fail so we can have
the client re-establish them.
The current 10s number is chosen randomly and we need more testing to
ensure that the feature work as intended.

The second is adding a last updated field to keep track of the last time
we had an update that needs to be propagated to all of our
clients/nodes. This will be used to keep track of our machines and if
they are up to date or need us to push an update.
2021-08-18 23:21:11 +01:00
Kristoffer Dalby
9698abbfd5
Resolve merge conflict 2021-08-13 10:33:19 +01:00
Juan Font
8eb7d47072 Fixed linting 2021-08-12 21:57:20 +02:00
Juan Font
ab61c87701 Also notify peers when deleting ephemerals 2021-08-12 21:53:37 +02:00
Juan Font
c1e6157847 Expire ephemeral is internal 2021-08-12 21:45:40 +02:00