Commit graph

2610 commits

Author SHA1 Message Date
Juan Font
d575dac73a
Merge pull request #823 from kradalby/sanitise-machine-key-url
Protect against user injection for registration CLI page
2022-10-04 16:01:19 +02:00
Juan Font
5333df283a
Merge branch 'main' into sanitise-machine-key-url 2022-10-04 14:31:28 +02:00
Kristoffer Dalby
d56ad2917d
Fix nolint comment
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-10-03 12:29:13 +02:00
Kristoffer Dalby
df36bcfd39
Fix machine test from marger
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-10-03 12:29:13 +02:00
github-actions[bot]
a3d3ad2208
docs(README): update contributors 2022-10-03 12:29:13 +02:00
phpmalik
0b0fb0af22
Minor change
Spelling mistake
listning -> listening
2022-10-03 12:59:39 +05:30
=
2aebd2927d
Random suffix only on collision.
0.16.0 introduced random suffixes to all machine given names
(DNS hostnames) regardless of collisions within a namespace.
This commit brings Headscale more inline with Tailscale by only
adding a suffix if the hostname will collide within the namespace.

The suffix generation differs from Tailscale.
See https://tailscale.com/kb/1098/machine-names/
2022-10-03 09:13:56 +02:00
Kristoffer Dalby
c00e5599b0
Merge pull request #840 from juanfont/update-contributors 2022-10-03 09:08:13 +02:00
github-actions[bot]
72e2fa46c7
docs(README): update contributors 2022-09-30 08:23:20 +00:00
Kristoffer Dalby
98f5b7f638
Merge pull request #837 from ShadowJonathan/patch-1 2022-09-30 10:22:38 +02:00
Jonathan de Jong
70ecda6fd1
Fix warning on success 2022-09-27 11:51:00 +02:00
Kristoffer Dalby
5fe6538c02
Merge pull request #831 from kradalby/fix-https-listen 2022-09-26 14:02:56 +02:00
Kristoffer Dalby
84c4b0336f
Merge branch 'main' into fix-https-listen 2022-09-26 12:13:16 +02:00
Kristoffer Dalby
8fbba1ac94
Merge pull request #830 from kradalby/nix-overlay 2022-09-26 12:13:05 +02:00
Kristoffer Dalby
1a30bcba91
Merge branch 'main' into nix-overlay 2022-09-26 11:50:25 +02:00
Kristoffer Dalby
ed58b2e4e2
Merge branch 'main' into fix-https-listen 2022-09-26 11:50:20 +02:00
Kristoffer Dalby
5f975cbb50
Merge pull request #829 from kradalby/oidc-dependency 2022-09-26 11:49:53 +02:00
Kristoffer Dalby
81dd9b2386
format
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 11:34:04 +02:00
Kristoffer Dalby
9088521252
Move lets enc listener into go routine
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 11:33:48 +02:00
Kristoffer Dalby
fc6a1e15fc
Revert overlay overlapping
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 11:13:42 +02:00
Kristoffer Dalby
94be5ca295
Nix update
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:50:41 +02:00
Kristoffer Dalby
804d9d8196
Format nix with alejandra
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:48:59 +02:00
Kristoffer Dalby
d0e945fdd7
_ unused variable
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:48:37 +02:00
Kristoffer Dalby
98e7842c26
Add nix overlay to flake
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:47:49 +02:00
Kristoffer Dalby
24629895c7
Add new config option to cli integration tests
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:14:46 +02:00
Kristoffer Dalby
256b6cb54d
Add new option to config-example
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:01:15 +02:00
Kristoffer Dalby
6b4d53315b
Update changelog
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 10:01:01 +02:00
Kristoffer Dalby
fb25a06a66
Preserve current behaviour with a config flag
Add a configuration flag (default true to preserve current behaviour) to
allow headscale to start without OIDC being able to initialise.

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 09:57:28 +02:00
Kristoffer Dalby
dbe58e53e4
Allow headscale to start if oidc setup fails.
This commit makes headscale fall back to CLI authentication if oidc
fails to initialised and posts a warning to users.

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 09:52:32 +02:00
Kristoffer Dalby
8dcc82ceb3
Use oidc if it initialised, not if it is configured
OIDC might be configured, but unable to be initialised, this only runs
the oidc cycle if it is actually successfully set up/initialised.

Prep for next commit

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-26 09:51:23 +02:00
Kristoffer Dalby
8be14ef6fe
gofumpt
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-23 11:53:42 +02:00
Kristoffer Dalby
2bb34751d1
Validate the incoming nodekey with regex before attempting to parse
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-23 11:53:42 +02:00
Kristoffer Dalby
d06ba7b522
Merge branch 'main' into sanitise-machine-key-url 2022-09-23 11:09:23 +02:00
Kristoffer Dalby
a507a04650
Merge pull request #763 from tsujamin/autoapprovers 2022-09-23 11:07:53 +02:00
Benjamin George Roberts
7761a7b23e fix autoapprover test following tagged authkey change 2022-09-23 18:46:35 +10:00
Benjamin George Roberts
6d2cfd52c5 Merge branch 'main' into autoapprovers 2022-09-23 18:44:36 +10:00
Kristoffer Dalby
75a8fc8b3e
Update changelog
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-23 10:44:29 +02:00
Kristoffer Dalby
8fa05c1e72
Merge pull request #767 from tsujamin/preauthkey-tags 2022-09-23 10:42:42 +02:00
Kristoffer Dalby
93082b8092
Protect against user injection for registration CLI page
This commit addresses a potential issue where we allowed unsanitised
content to be passed through a go template without validation.

We now try to unmarshall the incoming node key and fails to render the
template if it is not a valid node key.

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2022-09-23 10:39:42 +02:00
Benjamin George Roberts
d764f52f24 Update changelog 2022-09-23 18:16:16 +10:00
Benjamin George Roberts
e5decbd0fa Update changelog 2022-09-23 18:13:48 +10:00
Kristoffer Dalby
8a1c0e0e9b Merge branch 'main' into preauthkey-tags 2022-09-23 18:11:27 +10:00
Benjamin Roberts
5b12ab9894
Merge branch 'main' into autoapprovers 2022-09-23 18:06:31 +10:00
Benjamin George Roberts
c52e3aafe6 remove unnecessary checks on slices 2022-09-23 18:04:30 +10:00
Juan Font
a46170e2a1
Merge pull request #793 from juanfont/remove-sponsorship
Remove sponsor buttons
2022-09-21 19:50:11 +02:00
Juan Font
aca1c1b156
Merge branch 'main' into remove-sponsorship 2022-09-21 18:13:00 +02:00
Juan Font
09863b540d
Merge branch 'main' into preauthkey-tags 2022-09-21 18:03:35 +02:00
Juan Font
adb352e663
Merge branch 'main' into autoapprovers 2022-09-21 17:53:17 +02:00
Juan Font
c9b39da6b9
Merge pull request #790 from mike-lloyd03/reverse-proxy
Add reverse proxy documentation
2022-09-21 17:52:59 +02:00
Juan Font
6fe86dff00
Merge branch 'main' into remove-sponsorship 2022-09-21 17:47:43 +02:00