Merge 0c1309b7e2 into 6275399327

Update tls.md to mention using the full cert chain (#2243 )
Misc doc fixes (#2240 )
2024-11-29 18:33:05 +00:00 · 2024-11-20 14:40:42 +01:00 · 2024-11-18 06:12:12 +00:00 · 2024-11-18 05:46:58 +01:00 · 2024-11-17 19:38:50 +00:00 · 2024-10-02 15:11:26 +09:00
9 changed files with 25 additions and 17 deletions
--- a/.github/workflows/test-integration.yaml
+++ b/.github/workflows/test-integration.yaml
@ -108,7 +108,7 @@ jobs:
              --volume $PWD/control_logs:/tmp/control \
              --env HEADSCALE_INTEGRATION_POSTGRES=${{env.USE_POSTGRES}} \
              golang:1 \
-                go run gotest.tools/gotestsum@latest -- ./... \
+                go run gotest.tools/gotestsum@latest -- -race ./... \
                  -failfast \
                  -timeout 120m \
                  -parallel 1 \
--- a/4
+++ b/4
@ -22,7 +22,7 @@ build:
 dev: lint test build
 test:
-	gotestsum -- -short -coverprofile=coverage.out ./...
+	gotestsum -- -short -race -coverprofile=coverage.out ./...
 test_integration:
 	docker run \
@ -33,7 +33,7 @@ test_integration:
 		-v /var/run/docker.sock:/var/run/docker.sock \
 		-v $$PWD/control_logs:/tmp/control \
 		golang:1 \
-		go run gotest.tools/gotestsum@latest -- -failfast ./... -timeout 120m -parallel 8
+		go run gotest.tools/gotestsum@latest -- -race -failfast ./... -timeout 120m -parallel 8
 lint:
 	golangci-lint run --fix --timeout 10m
--- a/docs/ref/acls.md
+++ b/docs/ref/acls.md
@ -45,11 +45,11 @@ headscale server.
 ACLs have to be written in [huJSON](https://github.com/tailscale/hujson).
-When registering the servers we will need to add the flag
+When [registering the servers](../usage/getting-started.md#register-a-node) we
-`--advertise-tags=tag:<tag1>,tag:<tag2>`, and the user that is
+will need to add the flag `--advertise-tags=tag:<tag1>,tag:<tag2>`, and the user
-registering the server should be allowed to do it. Since anyone can add tags to
+that is registering the server should be allowed to do it. Since anyone can add
-a server they can register, the check of the tags is done on headscale server
+tags to a server they can register, the check of the tags is done on headscale
-and only valid tags are applied. A tag is valid if the user that is
+server and only valid tags are applied. A tag is valid if the user that is
 registering it is allowed to do it.
 To use ACLs in headscale, you must edit your `config.yaml` file. In there you will find a `policy.path` parameter. This will need to point to your ACL file. More info on how these policies are written can be found [here](https://tailscale.com/kb/1018/acls/).
--- a/docs/ref/tls.md
+++ b/docs/ref/tls.md
@ -9,6 +9,8 @@ tls_cert_path: ""
 tls_key_path: ""
 ```
 The certificate should contain the full chain, else some clients, like the Tailscale Android client, will reject it.
 ## Let's Encrypt / ACME
 To get a certificate automatically via [Let's Encrypt](https://letsencrypt.org/), set `tls_letsencrypt_hostname` to the desired certificate hostname. This name must resolve to the IP address(es) headscale is reachable on (i.e., it must correspond to the `server_url` configuration parameter). The certificate and Let's Encrypt account credentials will be stored in the directory configured in `tls_letsencrypt_cache_dir`. If the path is relative, it will be interpreted as relative to the directory the configuration file was read from.
--- a/docs/usage/connect/apple.md
+++ b/docs/usage/connect/apple.md
@ -60,7 +60,7 @@ Install the official Tailscale tvOS client from the [App Store](https://apps.app
 ### Configuring the headscale URL
- Go Settings (the apple tvOS settings) > Apps > Tailscale
+- Open Settings (the Apple tvOS settings) > Apps > Tailscale
 - Under `ALTERNATE COORDINATION SERVER URL`, select `URL`
 - Enter the URL of your headscale instance (e.g `https://headscale.example.com`) and press `OK`
 - Return to the tvOS Home screen
--- a/docs/usage/getting-started.md
+++ b/docs/usage/getting-started.md
@ -9,6 +9,8 @@ This page helps you get started with headscale and provides a few usage examples
      installation instructions.
    * The configuration file exists and is adjusted to suit your environment, see
      [Configuration](../ref/configuration.md) for details.
    * Headscale is reachable from the Internet. Verify this by opening client specific setup instructions in your
      browser, e.g. https://headscale.example.com/windows
    * The Tailscale client is installed, see [Client and operating system support](../about/clients.md) for more
      information.
--- a/flake.lock
+++ b/flake.lock
@ -5,11 +5,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1726560853,
+        "lastModified": 1731533236,
-        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
@ -20,11 +20,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1730958623,
+        "lastModified": 1731763621,
-        "narHash": "sha256-JwQZIGSYnRNOgDDoIgqKITrPVil+RMWHsZH1eE1VGN0=",
+        "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "85f7e662eda4fa3a995556527c87b2524b691933",
+        "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d",
        "type": "github"
      },
      "original": {
--- a/integration/dockertestutil/execute.go
+++ b/integration/dockertestutil/execute.go
@ -4,6 +4,7 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
 	"sync"
 	"time"
 	"github.com/ory/dockertest/v3"
@ -25,7 +26,6 @@ type ExecuteCommandOption func(*ExecuteCommandConfig) error
 func ExecuteCommandTimeout(timeout time.Duration) ExecuteCommandOption {
 	return ExecuteCommandOption(func(conf *ExecuteCommandConfig) error {
 		conf.timeout = timeout
 		return nil
 	})
 }
@ -67,6 +67,7 @@ func ExecuteCommand(
 				StdErr: &stderr,
 			},
 		)
 		resultChan <- result{exitCode, err}
 	}()
@ -88,7 +89,6 @@ func ExecuteCommand(
 		return stdout.String(), stderr.String(), nil
 	case <-time.After(execConfig.timeout):
 		return stdout.String(), stderr.String(), ErrDockertestCommandTimeout
 	}
 }
--- a/integration/scenario.go
+++ b/integration/scenario.go
@ -351,18 +351,22 @@ func (s *Scenario) CreateTailscaleNodesInUser(
 			cert := headscale.GetCert()
 			hostname := headscale.GetHostname()
 			s.mu.Lock()
 			opts = append(opts,
 				tsic.WithHeadscaleTLS(cert),
 				tsic.WithHeadscaleName(hostname),
 			)
 			s.mu.Unlock()
 			user.createWaitGroup.Go(func() error {
 				s.mu.Lock()
 				tsClient, err := tsic.New(
 					s.pool,
 					version,
 					s.network,
 					opts...,
 				)
 				s.mu.Unlock()
 				if err != nil {
 					return fmt.Errorf(
 						"failed to create tailscale (%s) node: %w",
Author	SHA1	Message	Date
Dongjun Na	67aa922629	Merge `0c1309b7e2` into `6275399327`	2024-11-20 14:40:42 +01:00
Nathan Sweet	6275399327	Update tls.md to mention using the full cert chain (#2243 ) Some checks failed Build / build (push) Has been cancelled Details Build documentation / build (push) Has been cancelled Details Tests / test (push) Has been cancelled Details Build documentation / deploy (push) Has been cancelled Details	2024-11-18 06:12:12 +00:00
nblock	29119bb7f4	Misc doc fixes (#2240 ) Some checks are pending Build / build (push) Waiting to run Details Build documentation / build (push) Waiting to run Details Build documentation / deploy (push) Blocked by required conditions Details Tests / test (push) Waiting to run Details * Link back to node registration docs * adjust wording in apple docs * Mention client specific page to check if headscale works Ref: #2238	2024-11-18 05:46:58 +01:00
github-actions[bot]	93ba21ede5	flake.lock: Update (#2239 ) Some checks are pending Build / build (push) Waiting to run Details Build documentation / build (push) Waiting to run Details Build documentation / deploy (push) Blocked by required conditions Details Tests / test (push) Waiting to run Details	2024-11-17 19:38:50 +00:00
nadongjun	0c1309b7e2	Merge branch 'main' into add-race-option	2024-10-02 15:11:26 +09:00
Dongjun Na	126177c7ab	Fix data race in ExecuteCommand by using local buffers and mutex Signed-off-by: Dongjun Na <kmu5544616@gmail.com>	2024-08-20 18:21:54 +09:00
Dongjun Na	fd3968882d	Add -race flag to Makefile and integration tests; fix data race in CreateTailscaleNodesInUser	2024-07-30 22:27:12 +09:00