mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-29 18:33:05 +00:00
Compare commits
91 commits
ca9938f4e9
...
0c98d09783
Author | SHA1 | Date | |
---|---|---|---|
|
0c98d09783 | ||
|
e2d5ee0927 | ||
|
028d9aab73 | ||
|
b6dc6eb36c | ||
|
45c9585b52 | ||
|
cc42fc394a | ||
|
52a3b54ba2 | ||
|
0602304cea | ||
|
8c7d8ee34f | ||
|
b3cda08af6 | ||
|
101ca7f4a2 | ||
|
24e7851a40 | ||
|
9515040161 | ||
|
e16ea2ee69 | ||
|
218138afee | ||
|
bc9e83b52e | ||
|
3964dec1c6 | ||
|
63035cdb5a | ||
|
5eda9c8d2d | ||
|
49ce5734fc | ||
|
204a102389 | ||
|
2c974dd72d | ||
|
e367454745 | ||
|
4f2fb65929 | ||
|
07b596d3cc | ||
|
f3fca8302a | ||
|
1e61084898 | ||
|
10a72e8d54 | ||
|
ed78ecda12 | ||
|
6cbbcd859c | ||
|
e9d9c0773c | ||
|
fe68f50328 | ||
|
c3ef90a7f7 | ||
|
064c46f2a5 | ||
|
64319f79ff | ||
|
4b02dc9565 | ||
|
7be8796d87 | ||
|
99f18f9cd9 | ||
|
c3b260a6f7 | ||
|
60b94b0467 | ||
|
bac7ea67f4 | ||
|
5597edac1e | ||
|
8a3a0fee3c | ||
|
f368ed01ed | ||
|
adc084f20f | ||
|
42d2c27853 | ||
|
1c34101e72 | ||
|
6609f60938 | ||
|
35bfe7ced0 | ||
|
e43d6a0361 | ||
|
f039caf134 | ||
|
d66c5e144f | ||
|
3101f895a7 | ||
|
aa0f3d43cc | ||
|
ed71d230eb | ||
|
976cbfa630 | ||
|
a9a1a07e37 | ||
|
1193a50e9e | ||
|
cb0e2e4476 | ||
|
2b5e52b08b | ||
|
fffd9d7ee9 | ||
|
76515d12d6 | ||
|
34361c6f82 | ||
|
f4427dd29e | ||
|
cf6a606d74 | ||
|
827e3e83ae | ||
|
9c4c286696 | ||
|
a68854ac33 | ||
|
9bed76d481 | ||
|
84cb5d0aed | ||
|
f99497340b | ||
|
fdc034e8ae | ||
|
ac8491efec | ||
|
022fb24cd9 | ||
|
fcd1183805 | ||
|
ece907d878 | ||
|
948d53f934 | ||
|
06f07053eb | ||
|
4ad3f3c484 | ||
|
db7a4358e9 | ||
|
b799245f1e | ||
|
8571513e3c | ||
|
ca47d6f353 | ||
|
11fde62b8c | ||
|
9e523d4687 | ||
|
7e62031444 | ||
|
58bd38a609 | ||
|
00ff288f0c | ||
|
8823778d05 | ||
|
74d27ee5fa | ||
|
3f60ab23a6 |
183 changed files with 8521 additions and 6040 deletions
15
.coderabbit.yaml
Normal file
15
.coderabbit.yaml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
|
||||||
|
language: "en-GB"
|
||||||
|
early_access: false
|
||||||
|
reviews:
|
||||||
|
profile: "chill"
|
||||||
|
request_changes_workflow: false
|
||||||
|
high_level_summary: true
|
||||||
|
poem: true
|
||||||
|
review_status: true
|
||||||
|
collapse_walkthrough: false
|
||||||
|
auto_review:
|
||||||
|
enabled: true
|
||||||
|
drafts: true
|
||||||
|
chat:
|
||||||
|
auto_reply: true
|
4
.github/ISSUE_TEMPLATE/feature_request.yaml
vendored
4
.github/ISSUE_TEMPLATE/feature_request.yaml
vendored
|
@ -25,9 +25,9 @@ body:
|
||||||
description: Are you willing to contribute to the implementation of this feature?
|
description: Are you willing to contribute to the implementation of this feature?
|
||||||
options:
|
options:
|
||||||
- label: I can write the design doc for this feature
|
- label: I can write the design doc for this feature
|
||||||
required: true
|
required: false
|
||||||
- label: I can contribute this feature
|
- label: I can contribute this feature
|
||||||
required: true
|
required: false
|
||||||
- type: textarea
|
- type: textarea
|
||||||
attributes:
|
attributes:
|
||||||
label: How can it be implemented?
|
label: How can it be implemented?
|
||||||
|
|
2
.github/workflows/lint.yml
vendored
2
.github/workflows/lint.yml
vendored
|
@ -31,7 +31,7 @@ jobs:
|
||||||
|
|
||||||
- name: golangci-lint
|
- name: golangci-lint
|
||||||
if: steps.changed-files.outputs.files == 'true'
|
if: steps.changed-files.outputs.files == 'true'
|
||||||
run: nix develop --command -- golangci-lint run --new-from-rev=${{github.event.pull_request.base.sha}} --out-format=github-actions .
|
run: nix develop --command -- golangci-lint run --new-from-rev=${{github.event.pull_request.base.sha}} --out-format=colored-line-number
|
||||||
|
|
||||||
prettier-lint:
|
prettier-lint:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|
1
.github/workflows/stale.yml
vendored
1
.github/workflows/stale.yml
vendored
|
@ -20,4 +20,5 @@ jobs:
|
||||||
close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale."
|
close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale."
|
||||||
days-before-pr-stale: -1
|
days-before-pr-stale: -1
|
||||||
days-before-pr-close: -1
|
days-before-pr-close: -1
|
||||||
|
exempt-issue-labels: "no-stale-bot"
|
||||||
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
|
12
.github/workflows/test-integration.yaml
vendored
12
.github/workflows/test-integration.yaml
vendored
|
@ -18,6 +18,7 @@ jobs:
|
||||||
- TestACLNamedHostsCanReachBySubnet
|
- TestACLNamedHostsCanReachBySubnet
|
||||||
- TestACLNamedHostsCanReach
|
- TestACLNamedHostsCanReach
|
||||||
- TestACLDevice1CanAccessDevice2
|
- TestACLDevice1CanAccessDevice2
|
||||||
|
- TestPolicyUpdateWhileRunningWithCLIInDatabase
|
||||||
- TestOIDCAuthenticationPingAll
|
- TestOIDCAuthenticationPingAll
|
||||||
- TestOIDCExpireNodesBasedOnTokenExpiry
|
- TestOIDCExpireNodesBasedOnTokenExpiry
|
||||||
- TestAuthWebFlowAuthenticationPingAll
|
- TestAuthWebFlowAuthenticationPingAll
|
||||||
|
@ -35,20 +36,29 @@ jobs:
|
||||||
- TestNodeExpireCommand
|
- TestNodeExpireCommand
|
||||||
- TestNodeRenameCommand
|
- TestNodeRenameCommand
|
||||||
- TestNodeMoveCommand
|
- TestNodeMoveCommand
|
||||||
|
- TestPolicyCommand
|
||||||
|
- TestPolicyBrokenConfigCommand
|
||||||
|
- TestResolveMagicDNS
|
||||||
|
- TestValidateResolvConf
|
||||||
- TestDERPServerScenario
|
- TestDERPServerScenario
|
||||||
|
- TestDERPServerWebsocketScenario
|
||||||
- TestPingAllByIP
|
- TestPingAllByIP
|
||||||
- TestPingAllByIPPublicDERP
|
- TestPingAllByIPPublicDERP
|
||||||
- TestAuthKeyLogoutAndRelogin
|
- TestAuthKeyLogoutAndRelogin
|
||||||
- TestEphemeral
|
- TestEphemeral
|
||||||
|
- TestEphemeralInAlternateTimezone
|
||||||
|
- TestEphemeral2006DeletedTooQuickly
|
||||||
- TestPingAllByHostname
|
- TestPingAllByHostname
|
||||||
- TestTaildrop
|
- TestTaildrop
|
||||||
- TestResolveMagicDNS
|
- TestUpdateHostnameFromClient
|
||||||
- TestExpireNode
|
- TestExpireNode
|
||||||
- TestNodeOnlineStatus
|
- TestNodeOnlineStatus
|
||||||
- TestPingAllByIPManyUpDown
|
- TestPingAllByIPManyUpDown
|
||||||
|
- Test2118DeletingOnlineNodePanics
|
||||||
- TestEnablingRoutes
|
- TestEnablingRoutes
|
||||||
- TestHASubnetRouterFailover
|
- TestHASubnetRouterFailover
|
||||||
- TestEnableDisableAutoApprovedRoute
|
- TestEnableDisableAutoApprovedRoute
|
||||||
|
- TestAutoApprovedSubRoute2068
|
||||||
- TestSubnetRouteACL
|
- TestSubnetRouteACL
|
||||||
- TestHeadscale
|
- TestHeadscale
|
||||||
- TestCreateTailscale
|
- TestCreateTailscale
|
||||||
|
|
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
|
@ -34,4 +34,4 @@ jobs:
|
||||||
|
|
||||||
- name: Run tests
|
- name: Run tests
|
||||||
if: steps.changed-files.outputs.files == 'true'
|
if: steps.changed-files.outputs.files == 'true'
|
||||||
run: nix develop --check
|
run: nix develop --command -- gotestsum
|
||||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -22,6 +22,7 @@ dist/
|
||||||
/headscale
|
/headscale
|
||||||
config.json
|
config.json
|
||||||
config.yaml
|
config.yaml
|
||||||
|
config*.yaml
|
||||||
derp.yaml
|
derp.yaml
|
||||||
*.hujson
|
*.hujson
|
||||||
*.key
|
*.key
|
||||||
|
|
|
@ -12,19 +12,13 @@ linters:
|
||||||
disable:
|
disable:
|
||||||
- depguard
|
- depguard
|
||||||
|
|
||||||
- exhaustivestruct
|
|
||||||
- revive
|
- revive
|
||||||
- lll
|
- lll
|
||||||
- interfacer
|
|
||||||
- scopelint
|
|
||||||
- maligned
|
|
||||||
- golint
|
|
||||||
- gofmt
|
- gofmt
|
||||||
- gochecknoglobals
|
- gochecknoglobals
|
||||||
- gochecknoinits
|
- gochecknoinits
|
||||||
- gocognit
|
- gocognit
|
||||||
- funlen
|
- funlen
|
||||||
- exhaustivestruct
|
|
||||||
- tagliatelle
|
- tagliatelle
|
||||||
- godox
|
- godox
|
||||||
- ireturn
|
- ireturn
|
||||||
|
@ -34,13 +28,6 @@ linters:
|
||||||
- musttag # causes issues with imported libs
|
- musttag # causes issues with imported libs
|
||||||
- depguard
|
- depguard
|
||||||
|
|
||||||
# deprecated
|
|
||||||
- structcheck # replaced by unused
|
|
||||||
- ifshort # deprecated by the owner
|
|
||||||
- varcheck # replaced by unused
|
|
||||||
- nosnakecase # replaced by revive
|
|
||||||
- deadcode # replaced by unused
|
|
||||||
|
|
||||||
# We should strive to enable these:
|
# We should strive to enable these:
|
||||||
- wrapcheck
|
- wrapcheck
|
||||||
- dupl
|
- dupl
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
---
|
---
|
||||||
|
version: 2
|
||||||
before:
|
before:
|
||||||
hooks:
|
hooks:
|
||||||
- go mod tidy -compat=1.22
|
- go mod tidy -compat=1.22
|
||||||
|
@ -184,7 +185,7 @@ kos:
|
||||||
checksum:
|
checksum:
|
||||||
name_template: "checksums.txt"
|
name_template: "checksums.txt"
|
||||||
snapshot:
|
snapshot:
|
||||||
name_template: "{{ .Tag }}-next"
|
version_template: "{{ .Tag }}-next"
|
||||||
changelog:
|
changelog:
|
||||||
sort: asc
|
sort: asc
|
||||||
filters:
|
filters:
|
||||||
|
|
|
@ -1,6 +1,2 @@
|
||||||
.github/workflows/test-integration-v2*
|
.github/workflows/test-integration-v2*
|
||||||
docs/dns-records.md
|
docs/about/features.md
|
||||||
docs/running-headscale-container.md
|
|
||||||
docs/running-headscale-linux-manual.md
|
|
||||||
docs/running-headscale-linux.md
|
|
||||||
docs/running-headscale-openbsd.md
|
|
||||||
|
|
45
CHANGELOG.md
45
CHANGELOG.md
|
@ -1,8 +1,32 @@
|
||||||
# CHANGELOG
|
# CHANGELOG
|
||||||
|
|
||||||
## 0.23.0 (2023-XX-XX)
|
## Next
|
||||||
|
|
||||||
This release is mainly a code reorganisation and refactoring, significantly improving the maintainability of the codebase. This should allow us to improve further and make it easier for the maintainers to keep on top of the project.
|
### BREAKING
|
||||||
|
|
||||||
|
- Remove `dns.use_username_in_magic_dns` configuration option [#2020](https://github.com/juanfont/headscale/pull/2020)
|
||||||
|
- Having usernames in magic DNS is no longer possible.
|
||||||
|
- Redo OpenID Connect configuration [#2020](https://github.com/juanfont/headscale/pull/2020)
|
||||||
|
- `strip_email_domain` has been removed, domain is _always_ part of the username for OIDC.
|
||||||
|
- Users are now identified by `sub` claim in the ID token instead of username, allowing the username, name and email to be updated.
|
||||||
|
- User has been extended to store username, display name, profile picture url and email.
|
||||||
|
- These fields are forwarded to the client, and shows up nicely in the user switcher.
|
||||||
|
- These fields can be made available via the API/CLI for non-OIDC users in the future.
|
||||||
|
- Remove versions older than 1.56 [#2149](https://github.com/juanfont/headscale/pull/2149)
|
||||||
|
- Clean up old code required by old versions
|
||||||
|
|
||||||
|
### Changes
|
||||||
|
|
||||||
|
- Improved compatibilty of built-in DERP server with clients connecting over WebSocket.
|
||||||
|
- Allow nodes to use SSH agent forwarding [#2145](https://github.com/juanfont/headscale/pull/2145)
|
||||||
|
- Fixed processing of fields in post request in MoveNode rpc [#2179](https://github.com/juanfont/headscale/pull/2179)
|
||||||
|
- Added conversion of 'Hostname' to 'givenName' in a node with FQDN rules applied [#2198](https://github.com/juanfont/headscale/pull/2198)
|
||||||
|
- Fixed updating of hostname and givenName when it is updated in HostInfo [#2199](https://github.com/juanfont/headscale/pull/2199)
|
||||||
|
|
||||||
|
## 0.23.0 (2024-09-18)
|
||||||
|
|
||||||
|
This release was intended to be mainly a code reorganisation and refactoring, significantly improving the maintainability of the codebase. This should allow us to improve further and make it easier for the maintainers to keep on top of the project.
|
||||||
|
However, as you all have noticed, it turned out to become a much larger, much longer release cycle than anticipated. It has ended up to be a release with a lot of rewrites and changes to the code base and functionality of Headscale, cleaning up a lot of technical debt and introducing a lot of improvements. This does come with some breaking changes,
|
||||||
|
|
||||||
**Please remember to always back up your database between versions**
|
**Please remember to always back up your database between versions**
|
||||||
|
|
||||||
|
@ -16,7 +40,7 @@ The [“poller”, or streaming logic](https://github.com/juanfont/headscale/blo
|
||||||
|
|
||||||
Headscale now supports sending “delta” updates, thanks to the new mapper and poller logic, allowing us to only inform nodes about new nodes, changed nodes and removed nodes. Previously we sent the entire state of the network every time an update was due.
|
Headscale now supports sending “delta” updates, thanks to the new mapper and poller logic, allowing us to only inform nodes about new nodes, changed nodes and removed nodes. Previously we sent the entire state of the network every time an update was due.
|
||||||
|
|
||||||
While we have a pretty good [test harness](https://github.com/search?q=repo%3Ajuanfont%2Fheadscale+path%3A_test.go&type=code) for validating our changes, we have rewritten over [10000 lines of code](https://github.com/juanfont/headscale/compare/b01f1f1867136d9b2d7b1392776eb363b482c525...main) and bugs are expected. We need help testing this release. In addition, while we think the performance should in general be better, there might be regressions in parts of the platform, particularly where we prioritised correctness over speed.
|
While we have a pretty good [test harness](https://github.com/search?q=repo%3Ajuanfont%2Fheadscale+path%3A_test.go&type=code) for validating our changes, the changes came down to [284 changed files with 32,316 additions and 24,245 deletions](https://github.com/juanfont/headscale/compare/b01f1f1867136d9b2d7b1392776eb363b482c525...ed78ecd) and bugs are expected. We need help testing this release. In addition, while we think the performance should in general be better, there might be regressions in parts of the platform, particularly where we prioritised correctness over speed.
|
||||||
|
|
||||||
There are also several bugfixes that has been encountered and fixed as part of implementing these changes, particularly
|
There are also several bugfixes that has been encountered and fixed as part of implementing these changes, particularly
|
||||||
after improving the test harness as part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
after improving the test harness as part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||||
|
@ -29,7 +53,7 @@ after improving the test harness as part of adopting [#1460](https://github.com/
|
||||||
- Adds additional configuration for PostgreSQL for setting max open, idle connection and idle connection lifetime.
|
- Adds additional configuration for PostgreSQL for setting max open, idle connection and idle connection lifetime.
|
||||||
- API: Machine is now Node [#1553](https://github.com/juanfont/headscale/pull/1553)
|
- API: Machine is now Node [#1553](https://github.com/juanfont/headscale/pull/1553)
|
||||||
- Remove support for older Tailscale clients [#1611](https://github.com/juanfont/headscale/pull/1611)
|
- Remove support for older Tailscale clients [#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||||
- The latest supported client is 1.38
|
- The oldest supported client is 1.42
|
||||||
- Headscale checks that _at least_ one DERP is defined at start [#1564](https://github.com/juanfont/headscale/pull/1564)
|
- Headscale checks that _at least_ one DERP is defined at start [#1564](https://github.com/juanfont/headscale/pull/1564)
|
||||||
- If no DERP is configured, the server will fail to start, this can be because it cannot load the DERPMap from file or url.
|
- If no DERP is configured, the server will fail to start, this can be because it cannot load the DERPMap from file or url.
|
||||||
- Embedded DERP server requires a private key [#1611](https://github.com/juanfont/headscale/pull/1611)
|
- Embedded DERP server requires a private key [#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||||
|
@ -43,7 +67,12 @@ after improving the test harness as part of adopting [#1460](https://github.com/
|
||||||
- MagicDNS domains no longer contain usernames []()
|
- MagicDNS domains no longer contain usernames []()
|
||||||
- This is in preperation to fix Headscales implementation of tags which currently does not correctly remove the link between a tagged device and a user. As tagged devices will not have a user, this will require a change to the DNS generation, removing the username, see [#1369](https://github.com/juanfont/headscale/issues/1369) for more information.
|
- This is in preperation to fix Headscales implementation of tags which currently does not correctly remove the link between a tagged device and a user. As tagged devices will not have a user, this will require a change to the DNS generation, removing the username, see [#1369](https://github.com/juanfont/headscale/issues/1369) for more information.
|
||||||
- `use_username_in_magic_dns` can be used to turn this behaviour on again, but note that this option _will be removed_ when tags are fixed.
|
- `use_username_in_magic_dns` can be used to turn this behaviour on again, but note that this option _will be removed_ when tags are fixed.
|
||||||
- This option brings Headscales behaviour in line with Tailscale.
|
- dns.base_domain can no longer be the same as (or part of) server_url.
|
||||||
|
- This option brings Headscales behaviour in line with Tailscale.
|
||||||
|
- YAML files are no longer supported for headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||||
|
- HuJSON is now the only supported format for policy.
|
||||||
|
- DNS configuration has been restructured [#2034](https://github.com/juanfont/headscale/pull/2034)
|
||||||
|
- Please review the new [config-example.yaml](./config-example.yaml) for the new structure.
|
||||||
|
|
||||||
### Changes
|
### Changes
|
||||||
|
|
||||||
|
@ -64,6 +93,12 @@ after improving the test harness as part of adopting [#1460](https://github.com/
|
||||||
- Restore foreign keys and add constraints [#1562](https://github.com/juanfont/headscale/pull/1562)
|
- Restore foreign keys and add constraints [#1562](https://github.com/juanfont/headscale/pull/1562)
|
||||||
- Make registration page easier to use on mobile devices
|
- Make registration page easier to use on mobile devices
|
||||||
- Make write-ahead-log default on and configurable for SQLite [#1985](https://github.com/juanfont/headscale/pull/1985)
|
- Make write-ahead-log default on and configurable for SQLite [#1985](https://github.com/juanfont/headscale/pull/1985)
|
||||||
|
- Add APIs for managing headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||||
|
- Fix for registering nodes using preauthkeys when running on a postgres database in a non-UTC timezone. [#764](https://github.com/juanfont/headscale/issues/764)
|
||||||
|
- Make sure integration tests cover postgres for all scenarios
|
||||||
|
- CLI commands (all except `serve`) only requires minimal configuration, no more errors or warnings from unset settings [#2109](https://github.com/juanfont/headscale/pull/2109)
|
||||||
|
- CLI results are now concistently sent to stdout and errors to stderr [#2109](https://github.com/juanfont/headscale/pull/2109)
|
||||||
|
- Fix issue where shutting down headscale would hang [#2113](https://github.com/juanfont/headscale/pull/2113)
|
||||||
|
|
||||||
## 0.22.3 (2023-05-12)
|
## 0.22.3 (2023-05-12)
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@ Headscale has a small maintainer team that tries to balance working on the proje
|
||||||
|
|
||||||
When we work on issues ourselves, we develop first hand knowledge of the code and it makes it possible for us to maintain and own the code as the project develops.
|
When we work on issues ourselves, we develop first hand knowledge of the code and it makes it possible for us to maintain and own the code as the project develops.
|
||||||
|
|
||||||
Code contributions are seen as a positive thing. People enjoy and engage with our project, but it also comes with some challenges; we have to understand the code, we have to understand the feature, we might have to become familiar with external libraries or services and we think about security implications. All those steps are required during the reviewing process. After the code has been merged, the feature has to be maintained. Any changes reliant on external services must be updated and expanded accordingly.
|
Code contributions are seen as a positive thing. People enjoy and engage with our project, but it also comes with some challenges; we have to understand the code, we have to understand the feature, we might have to become familiar with external libraries or services and we think about security implications. All those steps are required during the reviewing process. After the code has been merged, the feature has to be maintained. Any changes reliant on external services must be updated and expanded accordingly.
|
||||||
|
|
||||||
The review and day-1 maintenance adds a significant burden on the maintainers. Often we hope that the contributor will help out, but we found that most of the time, they disappear after their new feature was added.
|
The review and day-1 maintenance adds a significant burden on the maintainers. Often we hope that the contributor will help out, but we found that most of the time, they disappear after their new feature was added.
|
||||||
|
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
# and are in no way endorsed by Headscale's maintainers as an
|
# and are in no way endorsed by Headscale's maintainers as an
|
||||||
# official nor supported release or distribution.
|
# official nor supported release or distribution.
|
||||||
|
|
||||||
FROM docker.io/golang:1.22-bookworm
|
FROM docker.io/golang:1.23-bookworm
|
||||||
ARG VERSION=dev
|
ARG VERSION=dev
|
||||||
ENV GOPATH /go
|
ENV GOPATH /go
|
||||||
WORKDIR /go/src/headscale
|
WORKDIR /go/src/headscale
|
||||||
|
|
||||||
RUN apt-get update \
|
RUN apt-get update \
|
||||||
&& apt-get install --no-install-recommends --yes less jq \
|
&& apt-get install --no-install-recommends --yes less jq sqlite3 \
|
||||||
&& rm -rf /var/lib/apt/lists/* \
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
&& apt-get clean
|
&& apt-get clean
|
||||||
RUN mkdir -p /var/run/headscale
|
RUN mkdir -p /var/run/headscale
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
# This Dockerfile is more or less lifted from tailscale/tailscale
|
# This Dockerfile is more or less lifted from tailscale/tailscale
|
||||||
# to ensure a similar build process when testing the HEAD of tailscale.
|
# to ensure a similar build process when testing the HEAD of tailscale.
|
||||||
|
|
||||||
FROM golang:1.22-alpine AS build-env
|
FROM golang:1.23-alpine AS build-env
|
||||||
|
|
||||||
WORKDIR /go/src
|
WORKDIR /go/src
|
||||||
|
|
||||||
|
|
27
README.md
27
README.md
|
@ -46,32 +46,11 @@ buttons available in the repo.
|
||||||
|
|
||||||
## Features
|
## Features
|
||||||
|
|
||||||
- Full "base" support of Tailscale's features
|
Please see ["Features" in the documentation](https://headscale.net/about/features/).
|
||||||
- Configurable DNS
|
|
||||||
- [Split DNS](https://tailscale.com/kb/1054/dns/#using-dns-settings-in-the-admin-console)
|
|
||||||
- Node registration
|
|
||||||
- Single-Sign-On (via Open ID Connect)
|
|
||||||
- Pre authenticated key
|
|
||||||
- Taildrop (File Sharing)
|
|
||||||
- [Access control lists](https://tailscale.com/kb/1018/acls/)
|
|
||||||
- [MagicDNS](https://tailscale.com/kb/1081/magicdns)
|
|
||||||
- Support for multiple IP ranges in the tailnet
|
|
||||||
- Dual stack (IPv4 and IPv6)
|
|
||||||
- Routing advertising (including exit nodes)
|
|
||||||
- Ephemeral nodes
|
|
||||||
- Embedded [DERP server](https://tailscale.com/blog/how-tailscale-works/#encrypted-tcp-relays-derp)
|
|
||||||
|
|
||||||
## Client OS support
|
## Client OS support
|
||||||
|
|
||||||
| OS | Supports headscale |
|
Please see ["Client and operating system support" in the documentation](https://headscale.net/about/clients/).
|
||||||
| ------- | --------------------------------------------------------- |
|
|
||||||
| Linux | Yes |
|
|
||||||
| OpenBSD | Yes |
|
|
||||||
| FreeBSD | Yes |
|
|
||||||
| macOS | Yes (see `/apple` on your headscale for more information) |
|
|
||||||
| Windows | Yes [docs](./docs/windows-client.md) |
|
|
||||||
| Android | Yes [docs](./docs/android-client.md) |
|
|
||||||
| iOS | Yes [docs](./docs/iOS-client.md) |
|
|
||||||
|
|
||||||
## Running headscale
|
## Running headscale
|
||||||
|
|
||||||
|
@ -100,7 +79,7 @@ Please read the [CONTRIBUTING.md](./CONTRIBUTING.md) file.
|
||||||
### Requirements
|
### Requirements
|
||||||
|
|
||||||
To contribute to headscale you would need the latest version of [Go](https://golang.org)
|
To contribute to headscale you would need the latest version of [Go](https://golang.org)
|
||||||
and [Buf](https://buf.build)(Protobuf generator).
|
and [Buf](https://buf.build) (Protobuf generator).
|
||||||
|
|
||||||
We recommend using [Nix](https://nixos.org/) to setup a development environment. This can
|
We recommend using [Nix](https://nixos.org/) to setup a development environment. This can
|
||||||
be done with `nix develop`, which will install the tools and give you a shell.
|
be done with `nix develop`, which will install the tools and give you a shell.
|
||||||
|
|
|
@ -54,7 +54,7 @@ var listAPIKeys = &cobra.Command{
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
output, _ := cmd.Flags().GetString("output")
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -67,14 +67,10 @@ var listAPIKeys = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting the list of keys: %s", err),
|
fmt.Sprintf("Error getting the list of keys: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetApiKeys(), "", output)
|
SuccessOutput(response.GetApiKeys(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tableData := pterm.TableData{
|
tableData := pterm.TableData{
|
||||||
|
@ -102,8 +98,6 @@ var listAPIKeys = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to render pterm table: %s", err),
|
fmt.Sprintf("Failed to render pterm table: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -119,9 +113,6 @@ If you loose a key, create a new one and revoke (expire) the old one.`,
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
output, _ := cmd.Flags().GetString("output")
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
|
||||||
log.Trace().
|
|
||||||
Msg("Preparing to create ApiKey")
|
|
||||||
|
|
||||||
request := &v1.CreateApiKeyRequest{}
|
request := &v1.CreateApiKeyRequest{}
|
||||||
|
|
||||||
durationStr, _ := cmd.Flags().GetString("expiration")
|
durationStr, _ := cmd.Flags().GetString("expiration")
|
||||||
|
@ -133,19 +124,13 @@ If you loose a key, create a new one and revoke (expire) the old one.`,
|
||||||
fmt.Sprintf("Could not parse duration: %s\n", err),
|
fmt.Sprintf("Could not parse duration: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
expiration := time.Now().UTC().Add(time.Duration(duration))
|
expiration := time.Now().UTC().Add(time.Duration(duration))
|
||||||
|
|
||||||
log.Trace().
|
|
||||||
Dur("expiration", time.Duration(duration)).
|
|
||||||
Msg("expiration has been set")
|
|
||||||
|
|
||||||
request.Expiration = timestamppb.New(expiration)
|
request.Expiration = timestamppb.New(expiration)
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -156,8 +141,6 @@ If you loose a key, create a new one and revoke (expire) the old one.`,
|
||||||
fmt.Sprintf("Cannot create Api Key: %s\n", err),
|
fmt.Sprintf("Cannot create Api Key: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response.GetApiKey(), response.GetApiKey(), output)
|
SuccessOutput(response.GetApiKey(), response.GetApiKey(), output)
|
||||||
|
@ -178,11 +161,9 @@ var expireAPIKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting prefix from CLI flag: %s", err),
|
fmt.Sprintf("Error getting prefix from CLI flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -197,8 +178,6 @@ var expireAPIKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot expire Api Key: %s\n", err),
|
fmt.Sprintf("Cannot expire Api Key: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response, "Key expired", output)
|
SuccessOutput(response, "Key expired", output)
|
||||||
|
@ -219,11 +198,9 @@ var deleteAPIKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting prefix from CLI flag: %s", err),
|
fmt.Sprintf("Error getting prefix from CLI flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -238,8 +215,6 @@ var deleteAPIKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot delete Api Key: %s\n", err),
|
fmt.Sprintf("Cannot delete Api Key: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response, "Key deleted", output)
|
SuccessOutput(response, "Key deleted", output)
|
||||||
|
|
|
@ -14,7 +14,7 @@ var configTestCmd = &cobra.Command{
|
||||||
Short: "Test the configuration.",
|
Short: "Test the configuration.",
|
||||||
Long: "Run a test of the configuration and exit.",
|
Long: "Run a test of the configuration and exit.",
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
_, err := getHeadscaleApp()
|
_, err := newHeadscaleServerWithConfig()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal().Caller().Err(err).Msg("Error initializing")
|
log.Fatal().Caller().Err(err).Msg("Error initializing")
|
||||||
}
|
}
|
||||||
|
|
|
@ -64,11 +64,9 @@ var createNodeCmd = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -79,8 +77,6 @@ var createNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting node from flag: %s", err),
|
fmt.Sprintf("Error getting node from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
machineKey, err := cmd.Flags().GetString("key")
|
machineKey, err := cmd.Flags().GetString("key")
|
||||||
|
@ -90,8 +86,6 @@ var createNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting key from flag: %s", err),
|
fmt.Sprintf("Error getting key from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var mkey key.MachinePublic
|
var mkey key.MachinePublic
|
||||||
|
@ -102,8 +96,6 @@ var createNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to parse machine key from flag: %s", err),
|
fmt.Sprintf("Failed to parse machine key from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
routes, err := cmd.Flags().GetStringSlice("route")
|
routes, err := cmd.Flags().GetStringSlice("route")
|
||||||
|
@ -113,8 +105,6 @@ var createNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting routes from flag: %s", err),
|
fmt.Sprintf("Error getting routes from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
request := &v1.DebugCreateNodeRequest{
|
request := &v1.DebugCreateNodeRequest{
|
||||||
|
@ -131,8 +121,6 @@ var createNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot create node: %s", status.Convert(err).Message()),
|
fmt.Sprintf("Cannot create node: %s", status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response.GetNode(), "Node created", output)
|
SuccessOutput(response.GetNode(), "Node created", output)
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
|
"slices"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
@ -115,11 +116,9 @@ var registerNodeCmd = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -130,8 +129,6 @@ var registerNodeCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting node key from flag: %s", err),
|
fmt.Sprintf("Error getting node key from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
request := &v1.RegisterNodeRequest{
|
request := &v1.RegisterNodeRequest{
|
||||||
|
@ -149,8 +146,6 @@ var registerNodeCmd = &cobra.Command{
|
||||||
),
|
),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(
|
SuccessOutput(
|
||||||
|
@ -168,17 +163,13 @@ var listNodesCmd = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
showTags, err := cmd.Flags().GetBool("tags")
|
showTags, err := cmd.Flags().GetBool("tags")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting tags flag: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting tags flag: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -193,21 +184,15 @@ var listNodesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot get nodes: %s", status.Convert(err).Message()),
|
fmt.Sprintf("Cannot get nodes: %s", status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetNodes(), "", output)
|
SuccessOutput(response.GetNodes(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tableData, err := nodesToPtables(user, showTags, response.GetNodes())
|
tableData, err := nodesToPtables(user, showTags, response.GetNodes())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error converting to table: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error converting to table: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
err = pterm.DefaultTable.WithHasHeader().WithData(tableData).Render()
|
err = pterm.DefaultTable.WithHasHeader().WithData(tableData).Render()
|
||||||
|
@ -217,8 +202,6 @@ var listNodesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to render pterm table: %s", err),
|
fmt.Sprintf("Failed to render pterm table: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -242,7 +225,7 @@ var expireNodeCmd = &cobra.Command{
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -285,7 +268,7 @@ var renameNodeCmd = &cobra.Command{
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -334,7 +317,7 @@ var deleteNodeCmd = &cobra.Command{
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -434,7 +417,7 @@ var moveNodeCmd = &cobra.Command{
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -507,7 +490,7 @@ be assigned to nodes.`,
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if confirm {
|
if confirm {
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -617,14 +600,14 @@ func nodesToPtables(
|
||||||
forcedTags = strings.TrimLeft(forcedTags, ",")
|
forcedTags = strings.TrimLeft(forcedTags, ",")
|
||||||
var invalidTags string
|
var invalidTags string
|
||||||
for _, tag := range node.GetInvalidTags() {
|
for _, tag := range node.GetInvalidTags() {
|
||||||
if !contains(node.GetForcedTags(), tag) {
|
if !slices.Contains(node.GetForcedTags(), tag) {
|
||||||
invalidTags += "," + pterm.LightRed(tag)
|
invalidTags += "," + pterm.LightRed(tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
invalidTags = strings.TrimLeft(invalidTags, ",")
|
invalidTags = strings.TrimLeft(invalidTags, ",")
|
||||||
var validTags string
|
var validTags string
|
||||||
for _, tag := range node.GetValidTags() {
|
for _, tag := range node.GetValidTags() {
|
||||||
if !contains(node.GetForcedTags(), tag) {
|
if !slices.Contains(node.GetForcedTags(), tag) {
|
||||||
validTags += "," + pterm.LightGreen(tag)
|
validTags += "," + pterm.LightGreen(tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -680,7 +663,7 @@ var tagCmd = &cobra.Command{
|
||||||
Aliases: []string{"tags", "t"},
|
Aliases: []string{"tags", "t"},
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
output, _ := cmd.Flags().GetString("output")
|
output, _ := cmd.Flags().GetString("output")
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
|
87
cmd/headscale/cli/policy.go
Normal file
87
cmd/headscale/cli/policy.go
Normal file
|
@ -0,0 +1,87 @@
|
||||||
|
package cli
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"os"
|
||||||
|
|
||||||
|
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
||||||
|
"github.com/rs/zerolog/log"
|
||||||
|
"github.com/spf13/cobra"
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
rootCmd.AddCommand(policyCmd)
|
||||||
|
policyCmd.AddCommand(getPolicy)
|
||||||
|
|
||||||
|
setPolicy.Flags().StringP("file", "f", "", "Path to a policy file in HuJSON format")
|
||||||
|
if err := setPolicy.MarkFlagRequired("file"); err != nil {
|
||||||
|
log.Fatal().Err(err).Msg("")
|
||||||
|
}
|
||||||
|
policyCmd.AddCommand(setPolicy)
|
||||||
|
}
|
||||||
|
|
||||||
|
var policyCmd = &cobra.Command{
|
||||||
|
Use: "policy",
|
||||||
|
Short: "Manage the Headscale ACL Policy",
|
||||||
|
}
|
||||||
|
|
||||||
|
var getPolicy = &cobra.Command{
|
||||||
|
Use: "get",
|
||||||
|
Short: "Print the current ACL Policy",
|
||||||
|
Aliases: []string{"show", "view", "fetch"},
|
||||||
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
|
defer cancel()
|
||||||
|
defer conn.Close()
|
||||||
|
|
||||||
|
request := &v1.GetPolicyRequest{}
|
||||||
|
|
||||||
|
response, err := client.GetPolicy(ctx, request)
|
||||||
|
if err != nil {
|
||||||
|
ErrorOutput(err, fmt.Sprintf("Failed loading ACL Policy: %s", err), output)
|
||||||
|
}
|
||||||
|
|
||||||
|
// TODO(pallabpain): Maybe print this better?
|
||||||
|
// This does not pass output as we dont support yaml, json or json-line
|
||||||
|
// output for this command. It is HuJSON already.
|
||||||
|
SuccessOutput("", response.GetPolicy(), "")
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
var setPolicy = &cobra.Command{
|
||||||
|
Use: "set",
|
||||||
|
Short: "Updates the ACL Policy",
|
||||||
|
Long: `
|
||||||
|
Updates the existing ACL Policy with the provided policy. The policy must be a valid HuJSON object.
|
||||||
|
This command only works when the acl.policy_mode is set to "db", and the policy will be stored in the database.`,
|
||||||
|
Aliases: []string{"put", "update"},
|
||||||
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
policyPath, _ := cmd.Flags().GetString("file")
|
||||||
|
|
||||||
|
f, err := os.Open(policyPath)
|
||||||
|
if err != nil {
|
||||||
|
ErrorOutput(err, fmt.Sprintf("Error opening the policy file: %s", err), output)
|
||||||
|
}
|
||||||
|
defer f.Close()
|
||||||
|
|
||||||
|
policyBytes, err := io.ReadAll(f)
|
||||||
|
if err != nil {
|
||||||
|
ErrorOutput(err, fmt.Sprintf("Error reading the policy file: %s", err), output)
|
||||||
|
}
|
||||||
|
|
||||||
|
request := &v1.SetPolicyRequest{Policy: string(policyBytes)}
|
||||||
|
|
||||||
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
|
defer cancel()
|
||||||
|
defer conn.Close()
|
||||||
|
|
||||||
|
if _, err := client.SetPolicy(ctx, request); err != nil {
|
||||||
|
ErrorOutput(err, fmt.Sprintf("Failed to set ACL Policy: %s", err), output)
|
||||||
|
}
|
||||||
|
|
||||||
|
SuccessOutput(nil, "Policy updated.", "")
|
||||||
|
},
|
||||||
|
}
|
|
@ -60,11 +60,9 @@ var listPreAuthKeys = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -85,8 +83,6 @@ var listPreAuthKeys = &cobra.Command{
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetPreAuthKeys(), "", output)
|
SuccessOutput(response.GetPreAuthKeys(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tableData := pterm.TableData{
|
tableData := pterm.TableData{
|
||||||
|
@ -134,8 +130,6 @@ var listPreAuthKeys = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to render pterm table: %s", err),
|
fmt.Sprintf("Failed to render pterm table: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -150,20 +144,12 @@ var createPreAuthKeyCmd = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
reusable, _ := cmd.Flags().GetBool("reusable")
|
reusable, _ := cmd.Flags().GetBool("reusable")
|
||||||
ephemeral, _ := cmd.Flags().GetBool("ephemeral")
|
ephemeral, _ := cmd.Flags().GetBool("ephemeral")
|
||||||
tags, _ := cmd.Flags().GetStringSlice("tags")
|
tags, _ := cmd.Flags().GetStringSlice("tags")
|
||||||
|
|
||||||
log.Trace().
|
|
||||||
Bool("reusable", reusable).
|
|
||||||
Bool("ephemeral", ephemeral).
|
|
||||||
Str("user", user).
|
|
||||||
Msg("Preparing to create preauthkey")
|
|
||||||
|
|
||||||
request := &v1.CreatePreAuthKeyRequest{
|
request := &v1.CreatePreAuthKeyRequest{
|
||||||
User: user,
|
User: user,
|
||||||
Reusable: reusable,
|
Reusable: reusable,
|
||||||
|
@ -180,8 +166,6 @@ var createPreAuthKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Could not parse duration: %s\n", err),
|
fmt.Sprintf("Could not parse duration: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
expiration := time.Now().UTC().Add(time.Duration(duration))
|
expiration := time.Now().UTC().Add(time.Duration(duration))
|
||||||
|
@ -192,7 +176,7 @@ var createPreAuthKeyCmd = &cobra.Command{
|
||||||
|
|
||||||
request.Expiration = timestamppb.New(expiration)
|
request.Expiration = timestamppb.New(expiration)
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -203,8 +187,6 @@ var createPreAuthKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot create Pre Auth Key: %s\n", err),
|
fmt.Sprintf("Cannot create Pre Auth Key: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response.GetPreAuthKey(), response.GetPreAuthKey().GetKey(), output)
|
SuccessOutput(response.GetPreAuthKey(), response.GetPreAuthKey().GetKey(), output)
|
||||||
|
@ -227,11 +209,9 @@ var expirePreAuthKeyCmd = &cobra.Command{
|
||||||
user, err := cmd.Flags().GetString("user")
|
user, err := cmd.Flags().GetString("user")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error getting user: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -247,8 +227,6 @@ var expirePreAuthKeyCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot expire Pre Auth Key: %s\n", err),
|
fmt.Sprintf("Cannot expire Pre Auth Key: %s\n", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response, "Key expired", output)
|
SuccessOutput(response, "Key expired", output)
|
||||||
|
|
|
@ -9,6 +9,7 @@ import (
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
"github.com/spf13/viper"
|
||||||
"github.com/tcnksm/go-latest"
|
"github.com/tcnksm/go-latest"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -49,11 +50,6 @@ func initConfig() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
cfg, err := types.GetHeadscaleConfig()
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal().Err(err).Msg("Failed to read headscale configuration")
|
|
||||||
}
|
|
||||||
|
|
||||||
machineOutput := HasMachineOutputFlag()
|
machineOutput := HasMachineOutputFlag()
|
||||||
|
|
||||||
// If the user has requested a "node" readable format,
|
// If the user has requested a "node" readable format,
|
||||||
|
@ -62,11 +58,13 @@ func initConfig() {
|
||||||
zerolog.SetGlobalLevel(zerolog.Disabled)
|
zerolog.SetGlobalLevel(zerolog.Disabled)
|
||||||
}
|
}
|
||||||
|
|
||||||
if cfg.Log.Format == types.JSONLogFormat {
|
// logFormat := viper.GetString("log.format")
|
||||||
log.Logger = log.Output(os.Stdout)
|
// if logFormat == types.JSONLogFormat {
|
||||||
}
|
// log.Logger = log.Output(os.Stdout)
|
||||||
|
// }
|
||||||
|
|
||||||
if !cfg.DisableUpdateCheck && !machineOutput {
|
disableUpdateCheck := viper.GetBool("disable_check_updates")
|
||||||
|
if !disableUpdateCheck && !machineOutput {
|
||||||
if (runtime.GOOS == "linux" || runtime.GOOS == "darwin") &&
|
if (runtime.GOOS == "linux" || runtime.GOOS == "darwin") &&
|
||||||
Version != "dev" {
|
Version != "dev" {
|
||||||
githubTag := &latest.GithubTag{
|
githubTag := &latest.GithubTag{
|
||||||
|
|
|
@ -7,10 +7,10 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
|
|
||||||
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
|
||||||
"github.com/pterm/pterm"
|
"github.com/pterm/pterm"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
"google.golang.org/grpc/status"
|
"google.golang.org/grpc/status"
|
||||||
|
"tailscale.com/net/tsaddr"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -64,11 +64,9 @@ var listRoutesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -82,14 +80,10 @@ var listRoutesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot get nodes: %s", status.Convert(err).Message()),
|
fmt.Sprintf("Cannot get nodes: %s", status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetRoutes(), "", output)
|
SuccessOutput(response.GetRoutes(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
routes = response.GetRoutes()
|
routes = response.GetRoutes()
|
||||||
|
@ -103,14 +97,10 @@ var listRoutesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot get routes for node %d: %s", machineID, status.Convert(err).Message()),
|
fmt.Sprintf("Cannot get routes for node %d: %s", machineID, status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetRoutes(), "", output)
|
SuccessOutput(response.GetRoutes(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
routes = response.GetRoutes()
|
routes = response.GetRoutes()
|
||||||
|
@ -119,8 +109,6 @@ var listRoutesCmd = &cobra.Command{
|
||||||
tableData := routesToPtables(routes)
|
tableData := routesToPtables(routes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ErrorOutput(err, fmt.Sprintf("Error converting to table: %s", err), output)
|
ErrorOutput(err, fmt.Sprintf("Error converting to table: %s", err), output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
err = pterm.DefaultTable.WithHasHeader().WithData(tableData).Render()
|
err = pterm.DefaultTable.WithHasHeader().WithData(tableData).Render()
|
||||||
|
@ -130,8 +118,6 @@ var listRoutesCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to render pterm table: %s", err),
|
fmt.Sprintf("Failed to render pterm table: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -150,11 +136,9 @@ var enableRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -167,14 +151,10 @@ var enableRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot enable route %d: %s", routeID, status.Convert(err).Message()),
|
fmt.Sprintf("Cannot enable route %d: %s", routeID, status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response, "", output)
|
SuccessOutput(response, "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -193,11 +173,9 @@ var disableRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -210,14 +188,10 @@ var disableRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot disable route %d: %s", routeID, status.Convert(err).Message()),
|
fmt.Sprintf("Cannot disable route %d: %s", routeID, status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response, "", output)
|
SuccessOutput(response, "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -236,11 +210,9 @@ var deleteRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
fmt.Sprintf("Error getting machine id from flag: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -253,14 +225,10 @@ var deleteRouteCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot delete route %d: %s", routeID, status.Convert(err).Message()),
|
fmt.Sprintf("Cannot delete route %d: %s", routeID, status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response, "", output)
|
SuccessOutput(response, "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -277,7 +245,7 @@ func routesToPtables(routes []*v1.Route) pterm.TableData {
|
||||||
|
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if prefix == types.ExitRouteV4 || prefix == types.ExitRouteV6 {
|
if tsaddr.IsExitRoute(prefix) {
|
||||||
isPrimaryStr = "-"
|
isPrimaryStr = "-"
|
||||||
} else {
|
} else {
|
||||||
isPrimaryStr = strconv.FormatBool(route.GetIsPrimary())
|
isPrimaryStr = strconv.FormatBool(route.GetIsPrimary())
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
|
"net/http"
|
||||||
|
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
)
|
)
|
||||||
|
@ -16,14 +19,14 @@ var serveCmd = &cobra.Command{
|
||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
app, err := getHeadscaleApp()
|
app, err := newHeadscaleServerWithConfig()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal().Caller().Err(err).Msg("Error initializing")
|
log.Fatal().Caller().Err(err).Msg("Error initializing")
|
||||||
}
|
}
|
||||||
|
|
||||||
err = app.Serve()
|
err = app.Serve()
|
||||||
if err != nil {
|
if err != nil && !errors.Is(err, http.ErrServerClosed) {
|
||||||
log.Fatal().Caller().Err(err).Msg("Error starting server")
|
log.Fatal().Caller().Err(err).Msg("Headscale ran into an error and had to shut down.")
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
|
@ -44,7 +44,7 @@ var createUserCmd = &cobra.Command{
|
||||||
|
|
||||||
userName := args[0]
|
userName := args[0]
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -63,8 +63,6 @@ var createUserCmd = &cobra.Command{
|
||||||
),
|
),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response.GetUser(), "User created", output)
|
SuccessOutput(response.GetUser(), "User created", output)
|
||||||
|
@ -91,7 +89,7 @@ var destroyUserCmd = &cobra.Command{
|
||||||
Name: userName,
|
Name: userName,
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -102,8 +100,6 @@ var destroyUserCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Error: %s", status.Convert(err).Message()),
|
fmt.Sprintf("Error: %s", status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
confirm := false
|
confirm := false
|
||||||
|
@ -134,8 +130,6 @@ var destroyUserCmd = &cobra.Command{
|
||||||
),
|
),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
SuccessOutput(response, "User destroyed", output)
|
SuccessOutput(response, "User destroyed", output)
|
||||||
} else {
|
} else {
|
||||||
|
@ -151,7 +145,7 @@ var listUsersCmd = &cobra.Command{
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
output, _ := cmd.Flags().GetString("output")
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -164,23 +158,21 @@ var listUsersCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Cannot get users: %s", status.Convert(err).Message()),
|
fmt.Sprintf("Cannot get users: %s", status.Convert(err).Message()),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if output != "" {
|
if output != "" {
|
||||||
SuccessOutput(response.GetUsers(), "", output)
|
SuccessOutput(response.GetUsers(), "", output)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
tableData := pterm.TableData{{"ID", "Name", "Created"}}
|
tableData := pterm.TableData{{"ID", "Name", "Username", "Email", "Created"}}
|
||||||
for _, user := range response.GetUsers() {
|
for _, user := range response.GetUsers() {
|
||||||
tableData = append(
|
tableData = append(
|
||||||
tableData,
|
tableData,
|
||||||
[]string{
|
[]string{
|
||||||
user.GetId(),
|
user.GetId(),
|
||||||
|
user.GetDisplayName(),
|
||||||
user.GetName(),
|
user.GetName(),
|
||||||
|
user.GetEmail(),
|
||||||
user.GetCreatedAt().AsTime().Format("2006-01-02 15:04:05"),
|
user.GetCreatedAt().AsTime().Format("2006-01-02 15:04:05"),
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
@ -192,8 +184,6 @@ var listUsersCmd = &cobra.Command{
|
||||||
fmt.Sprintf("Failed to render pterm table: %s", err),
|
fmt.Sprintf("Failed to render pterm table: %s", err),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -213,7 +203,7 @@ var renameUserCmd = &cobra.Command{
|
||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
output, _ := cmd.Flags().GetString("output")
|
output, _ := cmd.Flags().GetString("output")
|
||||||
|
|
||||||
ctx, client, conn, cancel := getHeadscaleCLIClient()
|
ctx, client, conn, cancel := newHeadscaleCLIWithConfig()
|
||||||
defer cancel()
|
defer cancel()
|
||||||
defer conn.Close()
|
defer conn.Close()
|
||||||
|
|
||||||
|
@ -232,8 +222,6 @@ var renameUserCmd = &cobra.Command{
|
||||||
),
|
),
|
||||||
output,
|
output,
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(response.GetUser(), "User renamed", output)
|
SuccessOutput(response.GetUser(), "User renamed", output)
|
||||||
|
|
|
@ -6,11 +6,9 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"reflect"
|
|
||||||
|
|
||||||
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
|
||||||
"github.com/juanfont/headscale/hscontrol"
|
"github.com/juanfont/headscale/hscontrol"
|
||||||
"github.com/juanfont/headscale/hscontrol/policy"
|
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
|
@ -25,8 +23,8 @@ const (
|
||||||
SocketWritePermissions = 0o666
|
SocketWritePermissions = 0o666
|
||||||
)
|
)
|
||||||
|
|
||||||
func getHeadscaleApp() (*hscontrol.Headscale, error) {
|
func newHeadscaleServerWithConfig() (*hscontrol.Headscale, error) {
|
||||||
cfg, err := types.GetHeadscaleConfig()
|
cfg, err := types.LoadServerConfig()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf(
|
return nil, fmt.Errorf(
|
||||||
"failed to load configuration while creating headscale instance: %w",
|
"failed to load configuration while creating headscale instance: %w",
|
||||||
|
@ -39,26 +37,11 @@ func getHeadscaleApp() (*hscontrol.Headscale, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// We are doing this here, as in the future could be cool to have it also hot-reload
|
|
||||||
|
|
||||||
if cfg.ACL.PolicyPath != "" {
|
|
||||||
aclPath := util.AbsolutePathFromConfigPath(cfg.ACL.PolicyPath)
|
|
||||||
pol, err := policy.LoadACLPolicyFromPath(aclPath)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal().
|
|
||||||
Str("path", aclPath).
|
|
||||||
Err(err).
|
|
||||||
Msg("Could not load the ACL policy")
|
|
||||||
}
|
|
||||||
|
|
||||||
app.ACLPolicy = pol
|
|
||||||
}
|
|
||||||
|
|
||||||
return app, nil
|
return app, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func getHeadscaleCLIClient() (context.Context, v1.HeadscaleServiceClient, *grpc.ClientConn, context.CancelFunc) {
|
func newHeadscaleCLIWithConfig() (context.Context, v1.HeadscaleServiceClient, *grpc.ClientConn, context.CancelFunc) {
|
||||||
cfg, err := types.GetHeadscaleConfig()
|
cfg, err := types.LoadCLIConfig()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal().
|
log.Fatal().
|
||||||
Err(err).
|
Err(err).
|
||||||
|
@ -89,7 +72,7 @@ func getHeadscaleCLIClient() (context.Context, v1.HeadscaleServiceClient, *grpc.
|
||||||
|
|
||||||
// Try to give the user better feedback if we cannot write to the headscale
|
// Try to give the user better feedback if we cannot write to the headscale
|
||||||
// socket.
|
// socket.
|
||||||
socket, err := os.OpenFile(cfg.UnixSocket, os.O_WRONLY, SocketWritePermissions) //nolint
|
socket, err := os.OpenFile(cfg.UnixSocket, os.O_WRONLY, SocketWritePermissions) // nolint
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if os.IsPermission(err) {
|
if os.IsPermission(err) {
|
||||||
log.Fatal().
|
log.Fatal().
|
||||||
|
@ -147,7 +130,7 @@ func getHeadscaleCLIClient() (context.Context, v1.HeadscaleServiceClient, *grpc.
|
||||||
return ctx, client, conn, cancel
|
return ctx, client, conn, cancel
|
||||||
}
|
}
|
||||||
|
|
||||||
func SuccessOutput(result interface{}, override string, outputFormat string) {
|
func output(result interface{}, override string, outputFormat string) string {
|
||||||
var jsonBytes []byte
|
var jsonBytes []byte
|
||||||
var err error
|
var err error
|
||||||
switch outputFormat {
|
switch outputFormat {
|
||||||
|
@ -167,22 +150,27 @@ func SuccessOutput(result interface{}, override string, outputFormat string) {
|
||||||
log.Fatal().Err(err).Msg("failed to unmarshal output")
|
log.Fatal().Err(err).Msg("failed to unmarshal output")
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
//nolint
|
// nolint
|
||||||
fmt.Println(override)
|
return override
|
||||||
|
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//nolint
|
return string(jsonBytes)
|
||||||
fmt.Println(string(jsonBytes))
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SuccessOutput prints the result to stdout and exits with status code 0.
|
||||||
|
func SuccessOutput(result interface{}, override string, outputFormat string) {
|
||||||
|
fmt.Println(output(result, override, outputFormat))
|
||||||
|
os.Exit(0)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ErrorOutput prints an error message to stderr and exits with status code 1.
|
||||||
func ErrorOutput(errResult error, override string, outputFormat string) {
|
func ErrorOutput(errResult error, override string, outputFormat string) {
|
||||||
type errOutput struct {
|
type errOutput struct {
|
||||||
Error string `json:"error"`
|
Error string `json:"error"`
|
||||||
}
|
}
|
||||||
|
|
||||||
SuccessOutput(errOutput{errResult.Error()}, override, outputFormat)
|
fmt.Fprintf(os.Stderr, "%s\n", output(errOutput{errResult.Error()}, override, outputFormat))
|
||||||
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
|
|
||||||
func HasMachineOutputFlag() bool {
|
func HasMachineOutputFlag() bool {
|
||||||
|
@ -212,13 +200,3 @@ func (t tokenAuth) GetRequestMetadata(
|
||||||
func (tokenAuth) RequireTransportSecurity() bool {
|
func (tokenAuth) RequireTransportSecurity() bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func contains[T string](ts []T, t T) bool {
|
|
||||||
for _, v := range ts {
|
|
||||||
if reflect.DeepEqual(v, t) {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
|
@ -4,7 +4,6 @@ import (
|
||||||
"io/fs"
|
"io/fs"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
|
@ -60,10 +59,9 @@ func (*Suite) TestConfigFileLoading(c *check.C) {
|
||||||
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
||||||
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
||||||
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_hostname"), check.Equals, "")
|
c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_listen"), check.Equals, ":http")
|
c.Assert(viper.GetString("tls_letsencrypt_listen"), check.Equals, ":http")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
c.Assert(viper.GetString("tls_letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
||||||
c.Assert(viper.GetStringSlice("dns_config.nameservers")[0], check.Equals, "1.1.1.1")
|
|
||||||
c.Assert(
|
c.Assert(
|
||||||
util.GetFileMode("unix_socket_permission"),
|
util.GetFileMode("unix_socket_permission"),
|
||||||
check.Equals,
|
check.Equals,
|
||||||
|
@ -103,10 +101,9 @@ func (*Suite) TestConfigLoading(c *check.C) {
|
||||||
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090")
|
||||||
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
c.Assert(viper.GetString("database.type"), check.Equals, "sqlite")
|
||||||
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
c.Assert(viper.GetString("database.sqlite.path"), check.Equals, "/var/lib/headscale/db.sqlite")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_hostname"), check.Equals, "")
|
c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_listen"), check.Equals, ":http")
|
c.Assert(viper.GetString("tls_letsencrypt_listen"), check.Equals, ":http")
|
||||||
c.Assert(viper.GetString("tls.letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
c.Assert(viper.GetString("tls_letsencrypt_challenge_type"), check.Equals, "HTTP-01")
|
||||||
c.Assert(viper.GetStringSlice("dns_config.nameservers")[0], check.Equals, "1.1.1.1")
|
|
||||||
c.Assert(
|
c.Assert(
|
||||||
util.GetFileMode("unix_socket_permission"),
|
util.GetFileMode("unix_socket_permission"),
|
||||||
check.Equals,
|
check.Equals,
|
||||||
|
@ -115,95 +112,3 @@ func (*Suite) TestConfigLoading(c *check.C) {
|
||||||
c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false)
|
c.Assert(viper.GetBool("logtail.enabled"), check.Equals, false)
|
||||||
c.Assert(viper.GetBool("randomize_client_port"), check.Equals, false)
|
c.Assert(viper.GetBool("randomize_client_port"), check.Equals, false)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (*Suite) TestDNSConfigLoading(c *check.C) {
|
|
||||||
tmpDir, err := os.MkdirTemp("", "headscale")
|
|
||||||
if err != nil {
|
|
||||||
c.Fatal(err)
|
|
||||||
}
|
|
||||||
defer os.RemoveAll(tmpDir)
|
|
||||||
|
|
||||||
path, err := os.Getwd()
|
|
||||||
if err != nil {
|
|
||||||
c.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Symlink the example config file
|
|
||||||
err = os.Symlink(
|
|
||||||
filepath.Clean(path+"/../../config-example.yaml"),
|
|
||||||
filepath.Join(tmpDir, "config.yaml"),
|
|
||||||
)
|
|
||||||
if err != nil {
|
|
||||||
c.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Load example config, it should load without validation errors
|
|
||||||
err = types.LoadConfig(tmpDir, false)
|
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
|
|
||||||
dnsConfig, baseDomain := types.GetDNSConfig()
|
|
||||||
|
|
||||||
c.Assert(dnsConfig.Nameservers[0].String(), check.Equals, "1.1.1.1")
|
|
||||||
c.Assert(dnsConfig.Resolvers[0].Addr, check.Equals, "1.1.1.1")
|
|
||||||
c.Assert(dnsConfig.Proxied, check.Equals, true)
|
|
||||||
c.Assert(baseDomain, check.Equals, "example.com")
|
|
||||||
}
|
|
||||||
|
|
||||||
func writeConfig(c *check.C, tmpDir string, configYaml []byte) {
|
|
||||||
// Populate a custom config file
|
|
||||||
configFile := filepath.Join(tmpDir, "config.yaml")
|
|
||||||
err := os.WriteFile(configFile, configYaml, 0o600)
|
|
||||||
if err != nil {
|
|
||||||
c.Fatalf("Couldn't write file %s", configFile)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (*Suite) TestTLSConfigValidation(c *check.C) {
|
|
||||||
tmpDir, err := os.MkdirTemp("", "headscale")
|
|
||||||
if err != nil {
|
|
||||||
c.Fatal(err)
|
|
||||||
}
|
|
||||||
// defer os.RemoveAll(tmpDir)
|
|
||||||
configYaml := []byte(`---
|
|
||||||
tls_letsencrypt_hostname: example.com
|
|
||||||
tls_letsencrypt_challenge_type: ""
|
|
||||||
tls_cert_path: abc.pem
|
|
||||||
noise:
|
|
||||||
private_key_path: noise_private.key`)
|
|
||||||
writeConfig(c, tmpDir, configYaml)
|
|
||||||
|
|
||||||
// Check configuration validation errors (1)
|
|
||||||
err = types.LoadConfig(tmpDir, false)
|
|
||||||
c.Assert(err, check.NotNil)
|
|
||||||
// check.Matches can not handle multiline strings
|
|
||||||
tmp := strings.ReplaceAll(err.Error(), "\n", "***")
|
|
||||||
c.Assert(
|
|
||||||
tmp,
|
|
||||||
check.Matches,
|
|
||||||
".*Fatal config error: set either tls.letsencrypt_hostname or tls.cert_path/tls.key_path, not both.*",
|
|
||||||
)
|
|
||||||
c.Assert(
|
|
||||||
tmp,
|
|
||||||
check.Matches,
|
|
||||||
".*Fatal config error: the only supported values for tls.letsencrypt_challenge_type are.*",
|
|
||||||
)
|
|
||||||
c.Assert(
|
|
||||||
tmp,
|
|
||||||
check.Matches,
|
|
||||||
".*Fatal config error: server_url must start with https:// or http://.*",
|
|
||||||
)
|
|
||||||
|
|
||||||
viper.Reset()
|
|
||||||
|
|
||||||
// Check configuration validation errors (2)
|
|
||||||
configYaml = []byte(`---
|
|
||||||
noise:
|
|
||||||
private_key_path: noise_private.key
|
|
||||||
server_url: http://127.0.0.1:8080
|
|
||||||
tls_letsencrypt_hostname: example.com
|
|
||||||
tls_letsencrypt_challenge_type: TLS-ALPN-01
|
|
||||||
`)
|
|
||||||
writeConfig(c, tmpDir, configYaml)
|
|
||||||
err = types.LoadConfig(tmpDir, false)
|
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
}
|
|
||||||
|
|
|
@ -24,22 +24,21 @@ listen_addr: 127.0.0.1:8080
|
||||||
#
|
#
|
||||||
metrics_listen_addr: 127.0.0.1:9090
|
metrics_listen_addr: 127.0.0.1:9090
|
||||||
|
|
||||||
|
# Address to listen for gRPC.
|
||||||
# gRPC is used for controlling a headscale server
|
# gRPC is used for controlling a headscale server
|
||||||
# remotely with the CLI
|
# remotely with the CLI
|
||||||
grpc:
|
# Note: Remote access _only_ works if you have
|
||||||
# Address to listen for gRPC.
|
# valid certificates.
|
||||||
# Note: Remote access _only_ works if you have
|
#
|
||||||
# valid certificates.
|
# For production:
|
||||||
#
|
# grpc_listen_addr: 0.0.0.0:50443
|
||||||
# For production:
|
grpc_listen_addr: 127.0.0.1:50443
|
||||||
# listen_addr: 0.0.0.0:50443
|
|
||||||
listen_addr: 127.0.0.1:50443
|
|
||||||
|
|
||||||
# Allow the gRPC admin interface to run in INSECURE
|
# Allow the gRPC admin interface to run in INSECURE
|
||||||
# mode. This is not recommended as the traffic will
|
# mode. This is not recommended as the traffic will
|
||||||
# be unencrypted. Only enable if you know what you
|
# be unencrypted. Only enable if you know what you
|
||||||
# are doing.
|
# are doing.
|
||||||
allow_insecure: false
|
grpc_allow_insecure: false
|
||||||
|
|
||||||
# The Noise section includes specific configuration for the
|
# The Noise section includes specific configuration for the
|
||||||
# TS2021 Noise protocol
|
# TS2021 Noise protocol
|
||||||
|
@ -139,8 +138,28 @@ disable_check_updates: false
|
||||||
ephemeral_node_inactivity_timeout: 30m
|
ephemeral_node_inactivity_timeout: 30m
|
||||||
|
|
||||||
database:
|
database:
|
||||||
|
# Database type. Available options: sqlite, postgres
|
||||||
|
# Please note that using Postgres is highly discouraged as it is only supported for legacy reasons.
|
||||||
|
# All new development, testing and optimisations are done with SQLite in mind.
|
||||||
type: sqlite
|
type: sqlite
|
||||||
|
|
||||||
|
# Enable debug mode. This setting requires the log.level to be set to "debug" or "trace".
|
||||||
|
debug: false
|
||||||
|
|
||||||
|
# GORM configuration settings.
|
||||||
|
gorm:
|
||||||
|
# Enable prepared statements.
|
||||||
|
prepare_stmt: true
|
||||||
|
|
||||||
|
# Enable parameterized queries.
|
||||||
|
parameterized_queries: true
|
||||||
|
|
||||||
|
# Skip logging "record not found" errors.
|
||||||
|
skip_err_record_not_found: true
|
||||||
|
|
||||||
|
# Threshold for slow queries in milliseconds.
|
||||||
|
slow_threshold: 1000
|
||||||
|
|
||||||
# SQLite config
|
# SQLite config
|
||||||
sqlite:
|
sqlite:
|
||||||
path: /var/lib/headscale/db.sqlite
|
path: /var/lib/headscale/db.sqlite
|
||||||
|
@ -150,6 +169,8 @@ database:
|
||||||
write_ahead_log: true
|
write_ahead_log: true
|
||||||
|
|
||||||
# # Postgres config
|
# # Postgres config
|
||||||
|
# Please note that using Postgres is highly discouraged as it is only supported for legacy reasons.
|
||||||
|
# See database.type for more information.
|
||||||
# postgres:
|
# postgres:
|
||||||
# # If using a Unix socket to connect to Postgres, set the socket path in the 'host' field and leave 'port' blank.
|
# # If using a Unix socket to connect to Postgres, set the socket path in the 'host' field and leave 'port' blank.
|
||||||
# host: localhost
|
# host: localhost
|
||||||
|
@ -166,54 +187,55 @@ database:
|
||||||
# ssl: false
|
# ssl: false
|
||||||
|
|
||||||
### TLS configuration
|
### TLS configuration
|
||||||
tls:
|
#
|
||||||
## Let's encrypt / ACME
|
## Let's encrypt / ACME
|
||||||
#
|
#
|
||||||
# headscale supports automatically requesting and setting up
|
# headscale supports automatically requesting and setting up
|
||||||
# TLS for a domain with Let's Encrypt.
|
# TLS for a domain with Let's Encrypt.
|
||||||
#
|
#
|
||||||
# URL to ACME directory
|
# URL to ACME directory
|
||||||
acme_url: https://acme-v02.api.letsencrypt.org/directory
|
acme_url: https://acme-v02.api.letsencrypt.org/directory
|
||||||
|
|
||||||
# Email to register with ACME provider
|
# Email to register with ACME provider
|
||||||
acme_email: ""
|
acme_email: ""
|
||||||
|
|
||||||
# Domain name to request a TLS certificate for:
|
# Domain name to request a TLS certificate for:
|
||||||
letsencrypt_hostname: ""
|
tls_letsencrypt_hostname: ""
|
||||||
|
|
||||||
# Path to store certificates and metadata needed by
|
# Path to store certificates and metadata needed by
|
||||||
# letsencrypt
|
# letsencrypt
|
||||||
# For production:
|
# For production:
|
||||||
letsencrypt_cache_dir: /var/lib/headscale/cache
|
tls_letsencrypt_cache_dir: /var/lib/headscale/cache
|
||||||
|
|
||||||
# Type of ACME challenge to use, currently supported types:
|
# Type of ACME challenge to use, currently supported types:
|
||||||
# HTTP-01 or TLS-ALPN-01
|
# HTTP-01 or TLS-ALPN-01
|
||||||
# See [docs/tls.md](docs/tls.md) for more information
|
# See: docs/ref/tls.md for more information
|
||||||
letsencrypt_challenge_type: HTTP-01
|
tls_letsencrypt_challenge_type: HTTP-01
|
||||||
# When HTTP-01 challenge is chosen, letsencrypt must set up a
|
# When HTTP-01 challenge is chosen, letsencrypt must set up a
|
||||||
# verification endpoint, and it will be listening on:
|
# verification endpoint, and it will be listening on:
|
||||||
# :http = port 80
|
# :http = port 80
|
||||||
letsencrypt_listen: ":http"
|
tls_letsencrypt_listen: ":http"
|
||||||
|
|
||||||
## Use already defined certificates:
|
## Use already defined certificates:
|
||||||
cert_path: ""
|
tls_cert_path: ""
|
||||||
key_path: ""
|
tls_key_path: ""
|
||||||
|
|
||||||
# Use a separate x509 certificate for gRPC, this is used
|
|
||||||
# instead of the global certificate.
|
|
||||||
grpc:
|
|
||||||
cert_path: ""
|
|
||||||
key_path: ""
|
|
||||||
|
|
||||||
log:
|
log:
|
||||||
# Output formatting for logs: text or json
|
# Output formatting for logs: text or json
|
||||||
format: text
|
format: text
|
||||||
level: info
|
level: info
|
||||||
|
|
||||||
# Path to a file containing ACL policies.
|
## Policy
|
||||||
# ACLs can be defined as YAML or HUJSON.
|
# headscale supports Tailscale's ACL policies.
|
||||||
# https://tailscale.com/kb/1018/acls/
|
# Please have a look to their KB to better
|
||||||
acl_policy_path: ""
|
# understand the concepts: https://tailscale.com/kb/1018/acls/
|
||||||
|
policy:
|
||||||
|
# The mode can be "file" or "database" that defines
|
||||||
|
# where the ACL policies are stored and read from.
|
||||||
|
mode: file
|
||||||
|
# If the mode is set to "file", the path to a
|
||||||
|
# HuJSON file containing ACL policies.
|
||||||
|
path: ""
|
||||||
|
|
||||||
## DNS
|
## DNS
|
||||||
#
|
#
|
||||||
|
@ -224,43 +246,59 @@ acl_policy_path: ""
|
||||||
# - https://tailscale.com/kb/1081/magicdns/
|
# - https://tailscale.com/kb/1081/magicdns/
|
||||||
# - https://tailscale.com/blog/2021-09-private-dns-with-magicdns/
|
# - https://tailscale.com/blog/2021-09-private-dns-with-magicdns/
|
||||||
#
|
#
|
||||||
dns_config:
|
# Please note that for the DNS configuration to have any effect,
|
||||||
# Whether to prefer using Headscale provided DNS or use local.
|
# clients must have the `--accept-dns=true` option enabled. This is the
|
||||||
override_local_dns: true
|
# default for the Tailscale client. This option is enabled by default
|
||||||
|
# in the Tailscale client.
|
||||||
|
#
|
||||||
|
# Setting _any_ of the configuration and `--accept-dns=true` on the
|
||||||
|
# clients will integrate with the DNS manager on the client or
|
||||||
|
# overwrite /etc/resolv.conf.
|
||||||
|
# https://tailscale.com/kb/1235/resolv-conf
|
||||||
|
#
|
||||||
|
# If you want stop Headscale from managing the DNS configuration
|
||||||
|
# all the fields under `dns` should be set to empty values.
|
||||||
|
dns:
|
||||||
|
# Whether to use [MagicDNS](https://tailscale.com/kb/1081/magicdns/).
|
||||||
|
magic_dns: true
|
||||||
|
|
||||||
|
# Defines the base domain to create the hostnames for MagicDNS.
|
||||||
|
# This domain _must_ be different from the server_url domain.
|
||||||
|
# `base_domain` must be a FQDN, without the trailing dot.
|
||||||
|
# The FQDN of the hosts will be
|
||||||
|
# `hostname.base_domain` (e.g., _myhost.example.com_).
|
||||||
|
base_domain: example.com
|
||||||
|
|
||||||
# List of DNS servers to expose to clients.
|
# List of DNS servers to expose to clients.
|
||||||
nameservers:
|
nameservers:
|
||||||
- 1.1.1.1
|
global:
|
||||||
|
- 1.1.1.1
|
||||||
|
- 1.0.0.1
|
||||||
|
- 2606:4700:4700::1111
|
||||||
|
- 2606:4700:4700::1001
|
||||||
|
|
||||||
# NextDNS (see https://tailscale.com/kb/1218/nextdns/).
|
# NextDNS (see https://tailscale.com/kb/1218/nextdns/).
|
||||||
# "abc123" is example NextDNS ID, replace with yours.
|
# "abc123" is example NextDNS ID, replace with yours.
|
||||||
#
|
# - https://dns.nextdns.io/abc123
|
||||||
# With metadata sharing:
|
|
||||||
# nameservers:
|
|
||||||
# - https://dns.nextdns.io/abc123
|
|
||||||
#
|
|
||||||
# Without metadata sharing:
|
|
||||||
# nameservers:
|
|
||||||
# - 2a07:a8c0::ab:c123
|
|
||||||
# - 2a07:a8c1::ab:c123
|
|
||||||
|
|
||||||
# Split DNS (see https://tailscale.com/kb/1054/dns/),
|
# Split DNS (see https://tailscale.com/kb/1054/dns/),
|
||||||
# list of search domains and the DNS to query for each one.
|
# a map of domains and which DNS server to use for each.
|
||||||
#
|
split:
|
||||||
# restricted_nameservers:
|
{}
|
||||||
# foo.bar.com:
|
# foo.bar.com:
|
||||||
# - 1.1.1.1
|
# - 1.1.1.1
|
||||||
# darp.headscale.net:
|
# darp.headscale.net:
|
||||||
# - 1.1.1.1
|
# - 1.1.1.1
|
||||||
# - 8.8.8.8
|
# - 8.8.8.8
|
||||||
|
|
||||||
# Search domains to inject.
|
# Set custom DNS search domains. With MagicDNS enabled,
|
||||||
domains: []
|
# your tailnet base_domain is always the first search domain.
|
||||||
|
search_domains: []
|
||||||
|
|
||||||
# Extra DNS records
|
# Extra DNS records
|
||||||
# so far only A-records are supported (on the tailscale side)
|
# so far only A-records are supported (on the tailscale side)
|
||||||
# See https://github.com/juanfont/headscale/blob/main/docs/dns-records.md#Limitations
|
# See: docs/ref/dns.md
|
||||||
# extra_records:
|
extra_records: []
|
||||||
# - name: "grafana.myvpn.example.com"
|
# - name: "grafana.myvpn.example.com"
|
||||||
# type: "A"
|
# type: "A"
|
||||||
# value: "100.64.0.3"
|
# value: "100.64.0.3"
|
||||||
|
@ -268,10 +306,6 @@ dns_config:
|
||||||
# # you can also put it in one line
|
# # you can also put it in one line
|
||||||
# - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.3" }
|
# - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.3" }
|
||||||
|
|
||||||
# Whether to use [MagicDNS](https://tailscale.com/kb/1081/magicdns/).
|
|
||||||
# Only works if there is at least a nameserver defined.
|
|
||||||
magic_dns: true
|
|
||||||
|
|
||||||
# DEPRECATED
|
# DEPRECATED
|
||||||
# Use the username as part of the DNS name for nodes, with this option enabled:
|
# Use the username as part of the DNS name for nodes, with this option enabled:
|
||||||
# node1.username.example.com
|
# node1.username.example.com
|
||||||
|
@ -281,12 +315,6 @@ dns_config:
|
||||||
# while in upstream Tailscale, the username is not included.
|
# while in upstream Tailscale, the username is not included.
|
||||||
use_username_in_magic_dns: false
|
use_username_in_magic_dns: false
|
||||||
|
|
||||||
# Defines the base domain to create the hostnames for MagicDNS.
|
|
||||||
# `base_domain` must be a FQDNs, without the trailing dot.
|
|
||||||
# The FQDN of the hosts will be
|
|
||||||
# `hostname.user.base_domain` (e.g., _myhost.myuser.example.com_).
|
|
||||||
base_domain: example.com
|
|
||||||
|
|
||||||
# Unix socket used for the CLI to connect without authentication
|
# Unix socket used for the CLI to connect without authentication
|
||||||
# Note: for production you will want to set this to something like:
|
# Note: for production you will want to set this to something like:
|
||||||
unix_socket: /var/run/headscale/headscale.sock
|
unix_socket: /var/run/headscale/headscale.sock
|
||||||
|
|
15
docs/about/clients.md
Normal file
15
docs/about/clients.md
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
# Client and operating system support
|
||||||
|
|
||||||
|
We aim to support the [**last 10 releases** of the Tailscale client](https://tailscale.com/changelog#client) on all
|
||||||
|
provided operating systems and platforms. Some platforms might require additional configuration to connect with
|
||||||
|
headscale.
|
||||||
|
|
||||||
|
| OS | Supports headscale |
|
||||||
|
| ------- | ----------------------------------------------------------------------------------------------------- |
|
||||||
|
| Linux | Yes |
|
||||||
|
| OpenBSD | Yes |
|
||||||
|
| FreeBSD | Yes |
|
||||||
|
| Windows | Yes (see [docs](../usage/connect/windows.md) and `/windows` on your headscale for more information) |
|
||||||
|
| Android | Yes (see [docs](../usage/connect/android.md)) |
|
||||||
|
| macOS | Yes (see [docs](../usage/connect/apple.md#macos) and `/apple` on your headscale for more information) |
|
||||||
|
| iOS | Yes (see [docs](../usage/connect/apple.md#ios) and `/apple` on your headscale for more information) |
|
3
docs/about/contributing.md
Normal file
3
docs/about/contributing.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
{%
|
||||||
|
include-markdown "../../CONTRIBUTING.md"
|
||||||
|
%}
|
54
docs/about/faq.md
Normal file
54
docs/about/faq.md
Normal file
|
@ -0,0 +1,54 @@
|
||||||
|
# Frequently Asked Questions
|
||||||
|
|
||||||
|
## What is the design goal of headscale?
|
||||||
|
|
||||||
|
Headscale aims to implement a self-hosted, open source alternative to the [Tailscale](https://tailscale.com/)
|
||||||
|
control server.
|
||||||
|
Headscale's goal is to provide self-hosters and hobbyists with an open-source
|
||||||
|
server they can use for their projects and labs.
|
||||||
|
It implements a narrow scope, a _single_ Tailnet, suitable for a personal use, or a small
|
||||||
|
open-source organisation.
|
||||||
|
|
||||||
|
## How can I contribute?
|
||||||
|
|
||||||
|
Headscale is "Open Source, acknowledged contribution", this means that any
|
||||||
|
contribution will have to be discussed with the Maintainers before being submitted.
|
||||||
|
|
||||||
|
Please see [Contributing](contributing.md) for more information.
|
||||||
|
|
||||||
|
## Why is 'acknowledged contribution' the chosen model?
|
||||||
|
|
||||||
|
Both maintainers have full-time jobs and families, and we want to avoid burnout. We also want to avoid frustration from contributors when their PRs are not accepted.
|
||||||
|
|
||||||
|
We are more than happy to exchange emails, or to have dedicated calls before a PR is submitted.
|
||||||
|
|
||||||
|
## When/Why is Feature X going to be implemented?
|
||||||
|
|
||||||
|
We don't know. We might be working on it. If you're interested in contributing, please post a feature request about it.
|
||||||
|
|
||||||
|
Please be aware that there are a number of reasons why we might not accept specific contributions:
|
||||||
|
|
||||||
|
- It is not possible to implement the feature in a way that makes sense in a self-hosted environment.
|
||||||
|
- Given that we are reverse-engineering Tailscale to satisfy our own curiosity, we might be interested in implementing the feature ourselves.
|
||||||
|
- You are not sending unit and integration tests with it.
|
||||||
|
|
||||||
|
## Do you support Y method of deploying headscale?
|
||||||
|
|
||||||
|
We currently support deploying headscale using our binaries and the DEB packages. Visit our [installation guide using
|
||||||
|
official releases](../setup/install/official.md) for more information.
|
||||||
|
|
||||||
|
In addition to that, you may use packages provided by the community or from distributions. Learn more in the
|
||||||
|
[installation guide using community packages](../setup/install/community.md).
|
||||||
|
|
||||||
|
For convenience, we also [build Docker images with headscale](../setup/install/container.md). But **please be aware that
|
||||||
|
we don't officially support deploying headscale using Docker**. We have a [Discord
|
||||||
|
channel](https://discord.com/channels/896711691637780480/1070619770942148618) where you can ask for Docker-specific help
|
||||||
|
to the community.
|
||||||
|
|
||||||
|
## Why is my reverse proxy not working with headscale?
|
||||||
|
|
||||||
|
We don't know. We don't use reverse proxies with headscale ourselves, so we don't have any experience with them. We have [community documentation](../ref/integration/reverse-proxy.md) on how to configure various reverse proxies, and a dedicated [Discord channel](https://discord.com/channels/896711691637780480/1070619818346164324) where you can ask for help to the community.
|
||||||
|
|
||||||
|
## Can I use headscale and tailscale on the same machine?
|
||||||
|
|
||||||
|
Running headscale on a machine that is also in the tailnet can cause problems with subnet routers, traffic relay nodes, and MagicDNS. It might work, but it is not supported.
|
31
docs/about/features.md
Normal file
31
docs/about/features.md
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
# Features
|
||||||
|
|
||||||
|
Headscale aims to implement a self-hosted, open source alternative to the Tailscale control server. Headscale's goal is
|
||||||
|
to provide self-hosters and hobbyists with an open-source server they can use for their projects and labs. This page
|
||||||
|
provides on overview of headscale's feature and compatibility with the Tailscale control server:
|
||||||
|
|
||||||
|
- [x] Full "base" support of Tailscale's features
|
||||||
|
- [x] Node registration
|
||||||
|
- [x] Interactive
|
||||||
|
- [x] Pre authenticated key
|
||||||
|
- [x] [DNS](https://tailscale.com/kb/1054/dns)
|
||||||
|
- [x] [MagicDNS](https://tailscale.com/kb/1081/magicdns)
|
||||||
|
- [x] [Global and restricted nameservers (split DNS)](https://tailscale.com/kb/1054/dns#nameservers)
|
||||||
|
- [x] [search domains](https://tailscale.com/kb/1054/dns#search-domains)
|
||||||
|
- [x] [Extra DNS records (headscale only)](../ref/dns.md#setting-custom-dns-records)
|
||||||
|
- [x] [Taildrop (File Sharing)](https://tailscale.com/kb/1106/taildrop)
|
||||||
|
- [x] Routing advertising (including exit nodes)
|
||||||
|
- [x] Dual stack (IPv4 and IPv6)
|
||||||
|
- [x] Ephemeral nodes
|
||||||
|
- [x] Embedded [DERP server](https://tailscale.com/kb/1232/derp-servers)
|
||||||
|
- [x] Access control lists ([GitHub label "policy"](https://github.com/juanfont/headscale/labels/policy%20%F0%9F%93%9D))
|
||||||
|
- [x] ACL management via API
|
||||||
|
- [x] `autogroup:internet`
|
||||||
|
- [ ] `autogroup:self`
|
||||||
|
- [ ] `autogroup:member`
|
||||||
|
* [ ] Node registration using Single-Sign-On (OpenID Connect) ([GitHub label "OIDC"](https://github.com/juanfont/headscale/labels/OIDC))
|
||||||
|
- [x] Basic registration
|
||||||
|
- [ ] Dynamic ACL support
|
||||||
|
- [ ] OIDC groups cannot be used in ACLs
|
||||||
|
- [ ] [Funnel](https://tailscale.com/kb/1223/funnel) ([#1040](https://github.com/juanfont/headscale/issues/1040))
|
||||||
|
- [ ] [Serve](https://tailscale.com/kb/1312/serve) ([#1234](https://github.com/juanfont/headscale/issues/1921))
|
11
docs/about/help.md
Normal file
11
docs/about/help.md
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
# Getting help
|
||||||
|
|
||||||
|
Join our Discord server for announcements and community support:
|
||||||
|
|
||||||
|
- [announcements](https://discord.com/channels/896711691637780480/896711692120129538)
|
||||||
|
- [general](https://discord.com/channels/896711691637780480/896711692120129540)
|
||||||
|
- [docker-issues](https://discord.com/channels/896711691637780480/1070619770942148618)
|
||||||
|
- [reverse-proxy-issues](https://discord.com/channels/896711691637780480/1070619818346164324)
|
||||||
|
- [web-interfaces](https://discord.com/channels/896711691637780480/1105842846386356294)
|
||||||
|
|
||||||
|
Please report bugs via [GitHub issues](https://github.com/juanfont/headscale/issues)
|
10
docs/about/releases.md
Normal file
10
docs/about/releases.md
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
# Releases
|
||||||
|
|
||||||
|
All headscale releases are available on the [GitHub release page](https://github.com/juanfont/headscale/releases). Those
|
||||||
|
releases are available as binaries for various platforms and architectures, packages for Debian based systems and source
|
||||||
|
code archives. Container images are available on [Docker Hub](https://hub.docker.com/r/headscale/headscale).
|
||||||
|
|
||||||
|
An Atom/RSS feed of headscale releases is available [here](https://github.com/juanfont/headscale/releases.atom).
|
||||||
|
|
||||||
|
Join the ["announcements" channel on Discord](https://discord.com/channels/896711691637780480/896711692120129538) for
|
||||||
|
news about headscale.
|
4
docs/about/sponsor.md
Normal file
4
docs/about/sponsor.md
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# Sponsor
|
||||||
|
|
||||||
|
If you like to support the development of headscale, please consider a donation via
|
||||||
|
[ko-fi.com/headscale](https://ko-fi.com/headscale). Thank you!
|
|
@ -1,92 +0,0 @@
|
||||||
# Setting custom DNS records
|
|
||||||
|
|
||||||
!!! warning "Community documentation"
|
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
|
||||||
written by community members. It is _not_ verified by `headscale` developers.
|
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing how a user can set custom DNS records with `headscale`s magic dns.
|
|
||||||
An example use case is to serve apps on the same host via a reverse proxy like NGINX, in this case a Prometheus monitoring stack. This allows to nicely access the service with "http://grafana.myvpn.example.com" instead of the hostname and portnum combination "http://hostname-in-magic-dns.myvpn.example.com:3000".
|
|
||||||
|
|
||||||
## Setup
|
|
||||||
|
|
||||||
### 1. Change the configuration
|
|
||||||
|
|
||||||
1. Change the `config.yaml` to contain the desired records like so:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
dns_config:
|
|
||||||
...
|
|
||||||
extra_records:
|
|
||||||
- name: "prometheus.myvpn.example.com"
|
|
||||||
type: "A"
|
|
||||||
value: "100.64.0.3"
|
|
||||||
|
|
||||||
- name: "grafana.myvpn.example.com"
|
|
||||||
type: "A"
|
|
||||||
value: "100.64.0.3"
|
|
||||||
...
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Restart your headscale instance.
|
|
||||||
|
|
||||||
!!! warning
|
|
||||||
|
|
||||||
Beware of the limitations listed later on!
|
|
||||||
|
|
||||||
### 2. Verify that the records are set
|
|
||||||
|
|
||||||
You can use a DNS querying tool of your choice on one of your hosts to verify that your newly set records are actually available in MagicDNS, here we used [`dig`](https://man.archlinux.org/man/dig.1.en):
|
|
||||||
|
|
||||||
```
|
|
||||||
$ dig grafana.myvpn.example.com
|
|
||||||
|
|
||||||
; <<>> DiG 9.18.10 <<>> grafana.myvpn.example.com
|
|
||||||
;; global options: +cmd
|
|
||||||
;; Got answer:
|
|
||||||
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44054
|
|
||||||
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
|
|
||||||
|
|
||||||
;; OPT PSEUDOSECTION:
|
|
||||||
; EDNS: version: 0, flags:; udp: 65494
|
|
||||||
;; QUESTION SECTION:
|
|
||||||
;grafana.myvpn.example.com. IN A
|
|
||||||
|
|
||||||
;; ANSWER SECTION:
|
|
||||||
grafana.myvpn.example.com. 593 IN A 100.64.0.3
|
|
||||||
|
|
||||||
;; Query time: 0 msec
|
|
||||||
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
|
|
||||||
;; WHEN: Sat Dec 31 11:46:55 CET 2022
|
|
||||||
;; MSG SIZE rcvd: 66
|
|
||||||
```
|
|
||||||
|
|
||||||
### 3. Optional: Setup the reverse proxy
|
|
||||||
|
|
||||||
The motivating example here was to be able to access internal monitoring services on the same host without specifying a port:
|
|
||||||
|
|
||||||
```
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
|
|
||||||
server_name grafana.myvpn.example.com;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:3000;
|
|
||||||
proxy_set_header Host $http_host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Limitations
|
|
||||||
|
|
||||||
[Not all types of records are supported](https://github.com/tailscale/tailscale/blob/6edf357b96b28ee1be659a70232c0135b2ffedfd/ipn/ipnlocal/local.go#L2989-L3007), especially no CNAME records.
|
|
57
docs/faq.md
57
docs/faq.md
|
@ -1,57 +0,0 @@
|
||||||
---
|
|
||||||
hide:
|
|
||||||
- navigation
|
|
||||||
---
|
|
||||||
|
|
||||||
# Frequently Asked Questions
|
|
||||||
|
|
||||||
## What is the design goal of headscale?
|
|
||||||
|
|
||||||
`headscale` aims to implement a self-hosted, open source alternative to the [Tailscale](https://tailscale.com/)
|
|
||||||
control server.
|
|
||||||
`headscale`'s goal is to provide self-hosters and hobbyists with an open-source
|
|
||||||
server they can use for their projects and labs.
|
|
||||||
It implements a narrow scope, a _single_ Tailnet, suitable for a personal use, or a small
|
|
||||||
open-source organisation.
|
|
||||||
|
|
||||||
## How can I contribute?
|
|
||||||
|
|
||||||
Headscale is "Open Source, acknowledged contribution", this means that any
|
|
||||||
contribution will have to be discussed with the Maintainers before being submitted.
|
|
||||||
|
|
||||||
Headscale is open to code contributions for bug fixes without discussion.
|
|
||||||
|
|
||||||
If you find mistakes in the documentation, please also submit a fix to the documentation.
|
|
||||||
|
|
||||||
## Why is 'acknowledged contribution' the chosen model?
|
|
||||||
|
|
||||||
Both maintainers have full-time jobs and families, and we want to avoid burnout. We also want to avoid frustration from contributors when their PRs are not accepted.
|
|
||||||
|
|
||||||
We are more than happy to exchange emails, or to have dedicated calls before a PR is submitted.
|
|
||||||
|
|
||||||
## When/Why is Feature X going to be implemented?
|
|
||||||
|
|
||||||
We don't know. We might be working on it. If you want to help, please send us a PR.
|
|
||||||
|
|
||||||
Please be aware that there are a number of reasons why we might not accept specific contributions:
|
|
||||||
|
|
||||||
- It is not possible to implement the feature in a way that makes sense in a self-hosted environment.
|
|
||||||
- Given that we are reverse-engineering Tailscale to satisfy our own curiosity, we might be interested in implementing the feature ourselves.
|
|
||||||
- You are not sending unit and integration tests with it.
|
|
||||||
|
|
||||||
## Do you support Y method of deploying Headscale?
|
|
||||||
|
|
||||||
We currently support deploying `headscale` using our binaries and the DEB packages. Both can be found in the
|
|
||||||
[GitHub releases page](https://github.com/juanfont/headscale/releases).
|
|
||||||
|
|
||||||
In addition to that, there are semi-official RPM packages by the Fedora infra team https://copr.fedorainfracloud.org/coprs/jonathanspw/headscale/
|
|
||||||
|
|
||||||
For convenience, we also build Docker images with `headscale`. But **please be aware that we don't officially support deploying `headscale` using Docker**. We have a [Discord channel](https://discord.com/channels/896711691637780480/1070619770942148618) where you can ask for Docker-specific help to the community.
|
|
||||||
|
|
||||||
## Why is my reverse proxy not working with Headscale?
|
|
||||||
|
|
||||||
We don't know. We don't use reverse proxies with `headscale` ourselves, so we don't have any experience with them. We have [community documentation](https://headscale.net/reverse-proxy/) on how to configure various reverse proxies, and a dedicated [Discord channel](https://discord.com/channels/896711691637780480/1070619818346164324) where you can ask for help to the community.
|
|
||||||
|
|
||||||
## Can I use headscale and tailscale on the same machine?
|
|
||||||
|
|
||||||
Running headscale on a machine that is also in the tailnet can cause problems with subnet routers, traffic relay nodes, and MagicDNS. It might work, but it is not supported.
|
|
|
@ -1,6 +0,0 @@
|
||||||
# Glossary
|
|
||||||
|
|
||||||
| Term | Description |
|
|
||||||
| --------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
||||||
| Machine | A machine is a single entity connected to `headscale`, typically an installation of Tailscale. Also known as **Node** |
|
|
||||||
| Namespace | A namespace was a logical grouping of machines "owned" by the same entity, in Tailscale, this is typically a User (This is now called user) |
|
|
|
@ -1,30 +0,0 @@
|
||||||
# Connecting an iOS client
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing how a user can use the official iOS [Tailscale](https://tailscale.com) client with `headscale`.
|
|
||||||
|
|
||||||
## Installation
|
|
||||||
|
|
||||||
Install the official Tailscale iOS client from the [App Store](https://apps.apple.com/app/tailscale/id1470499037).
|
|
||||||
|
|
||||||
Ensure that the installed version is at least 1.38.1, as that is the first release to support alternate control servers.
|
|
||||||
|
|
||||||
## Configuring the headscale URL
|
|
||||||
|
|
||||||
!!! info "Apple devices"
|
|
||||||
|
|
||||||
An endpoint with information on how to connect your Apple devices
|
|
||||||
(currently macOS only) is available at `/apple` on your running instance.
|
|
||||||
|
|
||||||
Ensure that the tailscale app is logged out before proceeding.
|
|
||||||
|
|
||||||
Go to iOS settings, scroll down past game center and tv provider to the tailscale app and select it. The headscale URL can be entered into the _"ALTERNATE COORDINATION SERVER URL"_ box.
|
|
||||||
|
|
||||||
> **Note**
|
|
||||||
>
|
|
||||||
> If the app was previously logged into tailscale, toggle on the _Reset Keychain_ switch.
|
|
||||||
|
|
||||||
Restart the app by closing it from the iOS app switcher, open the app and select the regular _Sign in_ option (non-SSO), and it should open up to the headscale authentication page.
|
|
||||||
|
|
||||||
Enter your credentials and log in. Headscale should now be working on your iOS device.
|
|
Binary file not shown.
Before Width: | Height: | Size: 35 KiB |
Binary file not shown.
Before Width: | Height: | Size: 35 KiB |
Binary file not shown.
Before Width: | Height: | Size: 101 KiB |
|
@ -4,11 +4,11 @@ hide:
|
||||||
- toc
|
- toc
|
||||||
---
|
---
|
||||||
|
|
||||||
# headscale
|
# Welcome to headscale
|
||||||
|
|
||||||
`headscale` is an open source, self-hosted implementation of the Tailscale control server.
|
Headscale is an open source, self-hosted implementation of the Tailscale control server.
|
||||||
|
|
||||||
This page contains the documentation for the latest version of headscale. Please also check our [FAQ](faq.md).
|
This page contains the documentation for the latest version of headscale. Please also check our [FAQ](./about/faq.md).
|
||||||
|
|
||||||
Join our [Discord](https://discord.gg/c84AZQhmpx) server for a chat and community support.
|
Join our [Discord](https://discord.gg/c84AZQhmpx) server for a chat and community support.
|
||||||
|
|
||||||
|
@ -23,21 +23,15 @@ open-source organisation.
|
||||||
|
|
||||||
## Supporting headscale
|
## Supporting headscale
|
||||||
|
|
||||||
If you like `headscale` and find it useful, there is a sponsorship and donation
|
Please see [Sponsor](about/sponsor.md) for more information.
|
||||||
buttons available in the repo.
|
|
||||||
|
|
||||||
## Contributing
|
## Contributing
|
||||||
|
|
||||||
Headscale is "Open Source, acknowledged contribution", this means that any
|
Headscale is "Open Source, acknowledged contribution", this means that any
|
||||||
contribution will have to be discussed with the Maintainers before being submitted.
|
contribution will have to be discussed with the Maintainers before being submitted.
|
||||||
|
|
||||||
This model has been chosen to reduce the risk of burnout by limiting the
|
Please see [Contributing](about/contributing.md) for more information.
|
||||||
maintenance overhead of reviewing and validating third-party code.
|
|
||||||
|
|
||||||
Headscale is open to code contributions for bug fixes without discussion.
|
|
||||||
|
|
||||||
If you find mistakes in the documentation, please submit a fix to the documentation.
|
|
||||||
|
|
||||||
## About
|
## About
|
||||||
|
|
||||||
`headscale` is maintained by [Kristoffer Dalby](https://kradalby.no/) and [Juan Font](https://font.eu).
|
Headscale is maintained by [Kristoffer Dalby](https://kradalby.no/) and [Juan Font](https://font.eu).
|
||||||
|
|
|
@ -9,6 +9,7 @@ Type=simple
|
||||||
User=headscale
|
User=headscale
|
||||||
Group=headscale
|
Group=headscale
|
||||||
ExecStart=/usr/bin/headscale serve
|
ExecStart=/usr/bin/headscale serve
|
||||||
|
ExecReload=/usr/bin/kill -HUP $MAINPID
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=5
|
RestartSec=5
|
||||||
|
|
||||||
|
|
|
@ -6,8 +6,10 @@
|
||||||
HEADSCALE_EXE="/usr/bin/headscale"
|
HEADSCALE_EXE="/usr/bin/headscale"
|
||||||
BSD_HIER=""
|
BSD_HIER=""
|
||||||
HEADSCALE_RUN_DIR="/var/run/headscale"
|
HEADSCALE_RUN_DIR="/var/run/headscale"
|
||||||
|
HEADSCALE_HOME_DIR="/var/lib/headscale"
|
||||||
HEADSCALE_USER="headscale"
|
HEADSCALE_USER="headscale"
|
||||||
HEADSCALE_GROUP="headscale"
|
HEADSCALE_GROUP="headscale"
|
||||||
|
HEADSCALE_SHELL="/usr/sbin/nologin"
|
||||||
|
|
||||||
ensure_sudo() {
|
ensure_sudo() {
|
||||||
if [ "$(id -u)" = "0" ]; then
|
if [ "$(id -u)" = "0" ]; then
|
||||||
|
@ -29,7 +31,7 @@ ensure_headscale_path() {
|
||||||
|
|
||||||
create_headscale_user() {
|
create_headscale_user() {
|
||||||
printf "PostInstall: Adding headscale user %s\n" "$HEADSCALE_USER"
|
printf "PostInstall: Adding headscale user %s\n" "$HEADSCALE_USER"
|
||||||
useradd -s /bin/sh -c "headscale default user" headscale
|
useradd -s "$HEADSCALE_SHELL" -d "$HEADSCALE_HOME_DIR" -c "headscale default user" "$HEADSCALE_USER"
|
||||||
}
|
}
|
||||||
|
|
||||||
create_headscale_group() {
|
create_headscale_group() {
|
||||||
|
|
|
@ -1,362 +0,0 @@
|
||||||
# ACLs
|
|
||||||
|
|
||||||
A key component of tailscale is the notion of Tailnet. This notion is hidden
|
|
||||||
but the implications that it have on how to use tailscale are not.
|
|
||||||
|
|
||||||
For tailscale an [tailnet](https://tailscale.com/kb/1136/tailnet/) is the
|
|
||||||
following:
|
|
||||||
|
|
||||||
> For personal users, you are a tailnet of many devices and one person. Each
|
|
||||||
> device gets a private Tailscale IP address in the CGNAT range and every
|
|
||||||
> device can talk directly to every other device, wherever they are on the
|
|
||||||
> internet.
|
|
||||||
>
|
|
||||||
> For businesses and organizations, a tailnet is many devices and many users.
|
|
||||||
> It can be based on your Microsoft Active Directory, your Google Workspace, a
|
|
||||||
> GitHub organization, Okta tenancy, or other identity provider namespace. All
|
|
||||||
> of the devices and users in your tailnet can be seen by the tailnet
|
|
||||||
> administrators in the Tailscale admin console. There you can apply
|
|
||||||
> tailnet-wide configuration, such as ACLs that affect visibility of devices
|
|
||||||
> inside your tailnet, DNS settings, and more.
|
|
||||||
|
|
||||||
## Current implementation and issues
|
|
||||||
|
|
||||||
Currently in headscale, the namespaces are used both as tailnet and users. The
|
|
||||||
issue is that if we want to use the ACL's we can't use both at the same time.
|
|
||||||
|
|
||||||
Tailnet's cannot communicate with each others. So we can't have an ACL that
|
|
||||||
authorize tailnet (namespace) A to talk to tailnet (namespace) B.
|
|
||||||
|
|
||||||
We also can't write ACLs based on the users (namespaces in headscale) since all
|
|
||||||
devices belong to the same user.
|
|
||||||
|
|
||||||
With the current implementation the only ACL that we can user is to associate
|
|
||||||
each headscale IP to a host manually then write the ACLs according to this
|
|
||||||
manual mapping.
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"hosts": {
|
|
||||||
"host1": "100.64.0.1",
|
|
||||||
"server": "100.64.0.2"
|
|
||||||
},
|
|
||||||
"acls": [
|
|
||||||
{ "action": "accept", "users": ["host1"], "ports": ["host2:80,443"] }
|
|
||||||
]
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
While this works, it requires a lot of manual editing on the configuration and
|
|
||||||
to keep track of all devices IP address.
|
|
||||||
|
|
||||||
## Proposition for a next implementation
|
|
||||||
|
|
||||||
In order to ease the use of ACL's we need to split the tailnet and users
|
|
||||||
notion.
|
|
||||||
|
|
||||||
A solution could be to consider a headscale server (in it's entirety) as a
|
|
||||||
tailnet.
|
|
||||||
|
|
||||||
For personal users the default behavior could either allow all communications
|
|
||||||
between all namespaces (like tailscale) or disallow all communications between
|
|
||||||
namespaces (current behavior).
|
|
||||||
|
|
||||||
For businesses and organisations, viewing a headscale instance a single tailnet
|
|
||||||
would allow users (namespace) to talk to each other with the ACLs. As described
|
|
||||||
in tailscale's documentation [[1]], a server should be tagged and personal
|
|
||||||
devices should be tied to a user. Translated in headscale's terms each user can
|
|
||||||
have multiple devices and all those devices should be in the same namespace.
|
|
||||||
The servers should be tagged and used as such.
|
|
||||||
|
|
||||||
This implementation would render useless the sharing feature that is currently
|
|
||||||
implemented since an ACL could do the same. Simplifying to only one user
|
|
||||||
interface to do one thing is easier and less confusing for the users.
|
|
||||||
|
|
||||||
To better suit the ACLs in this proposition, it's advised to consider that each
|
|
||||||
namespaces belong to one person. This person can have multiple devices, they
|
|
||||||
will all be considered as the same user in the ACLs. OIDC feature wouldn't need
|
|
||||||
to map people to namespace, just create a namespace if the person isn't
|
|
||||||
registered yet.
|
|
||||||
|
|
||||||
As a sidenote, users would like to write ACLs as YAML. We should offer users
|
|
||||||
the ability to rules in either format (HuJSON or YAML).
|
|
||||||
|
|
||||||
[1]: https://tailscale.com/kb/1068/acl-tags/
|
|
||||||
|
|
||||||
## Example
|
|
||||||
|
|
||||||
Let's build an example use case for a small business (It may be the place where
|
|
||||||
ACL's are the most useful).
|
|
||||||
|
|
||||||
We have a small company with a boss, an admin, two developer and an intern.
|
|
||||||
|
|
||||||
The boss should have access to all servers but not to the users hosts. Admin
|
|
||||||
should also have access to all hosts except that their permissions should be
|
|
||||||
limited to maintaining the hosts (for example purposes). The developers can do
|
|
||||||
anything they want on dev hosts, but only watch on productions hosts. Intern
|
|
||||||
can only interact with the development servers.
|
|
||||||
|
|
||||||
Each user have at least a device connected to the network and we have some
|
|
||||||
servers.
|
|
||||||
|
|
||||||
- database.prod
|
|
||||||
- database.dev
|
|
||||||
- app-server1.prod
|
|
||||||
- app-server1.dev
|
|
||||||
- billing.internal
|
|
||||||
|
|
||||||
### Current headscale implementation
|
|
||||||
|
|
||||||
Let's create some namespaces
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale namespaces create prod
|
|
||||||
headscale namespaces create dev
|
|
||||||
headscale namespaces create internal
|
|
||||||
headscale namespaces create users
|
|
||||||
|
|
||||||
headscale nodes register -n users boss-computer
|
|
||||||
headscale nodes register -n users admin1-computer
|
|
||||||
headscale nodes register -n users dev1-computer
|
|
||||||
headscale nodes register -n users dev1-phone
|
|
||||||
headscale nodes register -n users dev2-computer
|
|
||||||
headscale nodes register -n users intern1-computer
|
|
||||||
|
|
||||||
headscale nodes register -n prod database
|
|
||||||
headscale nodes register -n prod app-server1
|
|
||||||
|
|
||||||
headscale nodes register -n dev database
|
|
||||||
headscale nodes register -n dev app-server1
|
|
||||||
|
|
||||||
headscale nodes register -n internal billing
|
|
||||||
|
|
||||||
headscale nodes list
|
|
||||||
ID | Name | Namespace | IP address
|
|
||||||
1 | boss-computer | users | 100.64.0.1
|
|
||||||
2 | admin1-computer | users | 100.64.0.2
|
|
||||||
3 | dev1-computer | users | 100.64.0.3
|
|
||||||
4 | dev1-phone | users | 100.64.0.4
|
|
||||||
5 | dev2-computer | users | 100.64.0.5
|
|
||||||
6 | intern1-computer | users | 100.64.0.6
|
|
||||||
7 | database | prod | 100.64.0.7
|
|
||||||
8 | app-server1 | prod | 100.64.0.8
|
|
||||||
9 | database | dev | 100.64.0.9
|
|
||||||
10 | app-server1 | dev | 100.64.0.10
|
|
||||||
11 | internal | internal | 100.64.0.11
|
|
||||||
```
|
|
||||||
|
|
||||||
In order to only allow the communications related to our description above we
|
|
||||||
need to add the following ACLs
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
"hosts": {
|
|
||||||
"boss-computer": "100.64.0.1",
|
|
||||||
"admin1-computer": "100.64.0.2",
|
|
||||||
"dev1-computer": "100.64.0.3",
|
|
||||||
"dev1-phone": "100.64.0.4",
|
|
||||||
"dev2-computer": "100.64.0.5",
|
|
||||||
"intern1-computer": "100.64.0.6",
|
|
||||||
"prod-app-server1": "100.64.0.8"
|
|
||||||
},
|
|
||||||
"groups": {
|
|
||||||
"group:dev": ["dev1-computer", "dev1-phone", "dev2-computer"],
|
|
||||||
"group:admin": ["admin1-computer"],
|
|
||||||
"group:boss": ["boss-computer"],
|
|
||||||
"group:intern": ["intern1-computer"]
|
|
||||||
},
|
|
||||||
"acls": [
|
|
||||||
// boss have access to all servers but no users hosts
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:boss"],
|
|
||||||
"ports": ["prod:*", "dev:*", "internal:*"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// admin have access to administration port (lets only consider port 22 here)
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:admin"],
|
|
||||||
"ports": ["prod:22", "dev:22", "internal:22"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// dev can do anything on dev servers and check access on prod servers
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:dev"],
|
|
||||||
"ports": ["dev:*", "prod-app-server1:80,443"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// interns only have access to port 80 and 443 on dev servers (lame internship)
|
|
||||||
{ "action": "accept", "users": ["group:intern"], "ports": ["dev:80,443"] },
|
|
||||||
|
|
||||||
// users can access their own devices
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["dev1-computer"],
|
|
||||||
"ports": ["dev1-phone:*"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["dev1-phone"],
|
|
||||||
"ports": ["dev1-computer:*"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// internal namespace communications should still be allowed within the namespace
|
|
||||||
{ "action": "accept", "users": ["dev"], "ports": ["dev:*"] },
|
|
||||||
{ "action": "accept", "users": ["prod"], "ports": ["prod:*"] },
|
|
||||||
{ "action": "accept", "users": ["internal"], "ports": ["internal:*"] }
|
|
||||||
]
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
Since communications between namespace isn't possible we also have to share the
|
|
||||||
devices between the namespaces.
|
|
||||||
|
|
||||||
```bash
|
|
||||||
|
|
||||||
// add boss host to prod, dev and internal network
|
|
||||||
headscale nodes share -i 1 -n prod
|
|
||||||
headscale nodes share -i 1 -n dev
|
|
||||||
headscale nodes share -i 1 -n internal
|
|
||||||
|
|
||||||
// add admin computer to prod, dev and internal network
|
|
||||||
headscale nodes share -i 2 -n prod
|
|
||||||
headscale nodes share -i 2 -n dev
|
|
||||||
headscale nodes share -i 2 -n internal
|
|
||||||
|
|
||||||
// add all dev to prod and dev network
|
|
||||||
headscale nodes share -i 3 -n dev
|
|
||||||
headscale nodes share -i 4 -n dev
|
|
||||||
headscale nodes share -i 3 -n prod
|
|
||||||
headscale nodes share -i 4 -n prod
|
|
||||||
headscale nodes share -i 5 -n dev
|
|
||||||
headscale nodes share -i 5 -n prod
|
|
||||||
|
|
||||||
headscale nodes share -i 6 -n dev
|
|
||||||
```
|
|
||||||
|
|
||||||
This fake network have not been tested but it should work. Operating it could
|
|
||||||
be quite tedious if the company grows. Each time a new user join we have to add
|
|
||||||
it to a group, and share it to the correct namespaces. If the user want
|
|
||||||
multiple devices we have to allow communication to each of them one by one. If
|
|
||||||
business conduct a change in the organisations we may have to rewrite all acls
|
|
||||||
and reorganise all namespaces.
|
|
||||||
|
|
||||||
If we add servers in production we should also update the ACLs to allow dev
|
|
||||||
access to certain category of them (only app servers for example).
|
|
||||||
|
|
||||||
### example based on the proposition in this document
|
|
||||||
|
|
||||||
Let's create the namespaces
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale namespaces create boss
|
|
||||||
headscale namespaces create admin1
|
|
||||||
headscale namespaces create dev1
|
|
||||||
headscale namespaces create dev2
|
|
||||||
headscale namespaces create intern1
|
|
||||||
```
|
|
||||||
|
|
||||||
We don't need to create namespaces for the servers because the servers will be
|
|
||||||
tagged. When registering the servers we will need to add the flag
|
|
||||||
`--advertised-tags=tag:<tag1>,tag:<tag2>`, and the user (namespace) that is
|
|
||||||
registering the server should be allowed to do it. Since anyone can add tags to
|
|
||||||
a server they can register, the check of the tags is done on headscale server
|
|
||||||
and only valid tags are applied. A tag is valid if the namespace that is
|
|
||||||
registering it is allowed to do it.
|
|
||||||
|
|
||||||
Here are the ACL's to implement the same permissions as above:
|
|
||||||
|
|
||||||
```json
|
|
||||||
{
|
|
||||||
// groups are simpler and only list the namespaces name
|
|
||||||
"groups": {
|
|
||||||
"group:boss": ["boss"],
|
|
||||||
"group:dev": ["dev1", "dev2"],
|
|
||||||
"group:admin": ["admin1"],
|
|
||||||
"group:intern": ["intern1"]
|
|
||||||
},
|
|
||||||
"tagOwners": {
|
|
||||||
// the administrators can add servers in production
|
|
||||||
"tag:prod-databases": ["group:admin"],
|
|
||||||
"tag:prod-app-servers": ["group:admin"],
|
|
||||||
|
|
||||||
// the boss can tag any server as internal
|
|
||||||
"tag:internal": ["group:boss"],
|
|
||||||
|
|
||||||
// dev can add servers for dev purposes as well as admins
|
|
||||||
"tag:dev-databases": ["group:admin", "group:dev"],
|
|
||||||
"tag:dev-app-servers": ["group:admin", "group:dev"]
|
|
||||||
|
|
||||||
// interns cannot add servers
|
|
||||||
},
|
|
||||||
"acls": [
|
|
||||||
// boss have access to all servers
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:boss"],
|
|
||||||
"ports": [
|
|
||||||
"tag:prod-databases:*",
|
|
||||||
"tag:prod-app-servers:*",
|
|
||||||
"tag:internal:*",
|
|
||||||
"tag:dev-databases:*",
|
|
||||||
"tag:dev-app-servers:*"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
|
|
||||||
// admin have only access to administrative ports of the servers
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:admin"],
|
|
||||||
"ports": [
|
|
||||||
"tag:prod-databases:22",
|
|
||||||
"tag:prod-app-servers:22",
|
|
||||||
"tag:internal:22",
|
|
||||||
"tag:dev-databases:22",
|
|
||||||
"tag:dev-app-servers:22"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:dev"],
|
|
||||||
"ports": [
|
|
||||||
"tag:dev-databases:*",
|
|
||||||
"tag:dev-app-servers:*",
|
|
||||||
"tag:prod-app-servers:80,443"
|
|
||||||
]
|
|
||||||
},
|
|
||||||
|
|
||||||
// servers should be able to talk to database. Database should not be able to initiate connections to server
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["tag:dev-app-servers"],
|
|
||||||
"ports": ["tag:dev-databases:5432"]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["tag:prod-app-servers"],
|
|
||||||
"ports": ["tag:prod-databases:5432"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// interns have access to dev-app-servers only in reading mode
|
|
||||||
{
|
|
||||||
"action": "accept",
|
|
||||||
"users": ["group:intern"],
|
|
||||||
"ports": ["tag:dev-app-servers:80,443"]
|
|
||||||
},
|
|
||||||
|
|
||||||
// we still have to allow internal namespaces communications since nothing guarantees that each user have their own namespaces. This could be talked over.
|
|
||||||
{ "action": "accept", "users": ["boss"], "ports": ["boss:*"] },
|
|
||||||
{ "action": "accept", "users": ["dev1"], "ports": ["dev1:*"] },
|
|
||||||
{ "action": "accept", "users": ["dev2"], "ports": ["dev2:*"] },
|
|
||||||
{ "action": "accept", "users": ["admin1"], "ports": ["admin1:*"] },
|
|
||||||
{ "action": "accept", "users": ["intern1"], "ports": ["intern1:*"] }
|
|
||||||
]
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
With this implementation, the sharing step is not necessary. Maintenance cost
|
|
||||||
of the ACL file is lower and less tedious (no need to map hostname and IP's
|
|
||||||
into it).
|
|
|
@ -1,48 +0,0 @@
|
||||||
# Better route management
|
|
||||||
|
|
||||||
As of today, route management in Headscale is very basic and does not allow for much flexibility, including implementing subnet HA, 4via6 or more advanced features. We also have a number of bugs (e.g., routes exposed by ephemeral nodes)
|
|
||||||
|
|
||||||
This proposal aims to improve the route management.
|
|
||||||
|
|
||||||
## Current situation
|
|
||||||
|
|
||||||
Routes advertised by the nodes are read from the Hostinfo struct. If approved from the the CLI or via autoApprovers, the route is added to the EnabledRoutes field in `Machine`.
|
|
||||||
|
|
||||||
This means that the advertised routes are not persisted in the database, as Hostinfo is always replaced. In the same way, EnabledRoutes can get out of sync with the actual routes in the node.
|
|
||||||
|
|
||||||
In case of colliding routes (i.e., subnets that are exposed from multiple nodes), we are currently just sending all of them in `PrimaryRoutes`... and hope for the best. (`PrimaryRoutes` is the field in `Node` used for subnet failover).
|
|
||||||
|
|
||||||
## Proposal
|
|
||||||
|
|
||||||
The core part is to create a new `Route` struct (and DB table), with the following fields:
|
|
||||||
|
|
||||||
```go
|
|
||||||
type Route struct {
|
|
||||||
ID uint64 `gorm:"primary_key"`
|
|
||||||
|
|
||||||
Machine *Machine
|
|
||||||
Prefix IPPrefix
|
|
||||||
|
|
||||||
Advertised bool
|
|
||||||
Enabled bool
|
|
||||||
IsPrimary bool
|
|
||||||
|
|
||||||
|
|
||||||
CreatedAt *time.Time
|
|
||||||
UpdatedAt *time.Time
|
|
||||||
DeletedAt *time.Time
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
- The `Advertised` field is set to true if the route is being advertised by the node. It is set to false if the route is removed. This way we can indicate if a later enabled route has stopped being advertised. A similar behaviour happens in the Tailscale.com control panel.
|
|
||||||
|
|
||||||
- The `Enabled` field is set to true if the route is enabled - via CLI or autoApprovers.
|
|
||||||
|
|
||||||
- `IsPrimary` indicates if Headscale has selected this route as the primary route for that particular subnet. This allows us to implement subnet failover. This would be fully automatic if there is more than subnet routers advertising the same network - which is the behaviour of Tailscale.com.
|
|
||||||
|
|
||||||
## Stuff to bear in mind
|
|
||||||
|
|
||||||
- We need to make sure to migrate the current `EnabledRoutes` of `Machine` into the new table.
|
|
||||||
- When a node stops sharing a subnet, I reckon we should mark it both as not `Advertised` and not `Enabled`. Users should re-enable it if the node advertises it again.
|
|
||||||
- If only one subnet router is advertising a subnet, we should mark it as primary.
|
|
||||||
- Regarding subnet failover, the current behaviour of Tailscale.com is to perform the failover after 15 seconds from the node disconnecting from their control panel. I reckon we cannot do the same currently. Our maximum granularity is the keep alive period.
|
|
|
@ -3,7 +3,7 @@ Headscale implements the same policy ACLs as Tailscale.com, adapted to the self-
|
||||||
For instance, instead of referring to users when defining groups you must
|
For instance, instead of referring to users when defining groups you must
|
||||||
use users (which are the equivalent to user/logins in Tailscale.com).
|
use users (which are the equivalent to user/logins in Tailscale.com).
|
||||||
|
|
||||||
Please check https://tailscale.com/kb/1018/acls/, and `./tests/acls/` in this repo for working examples.
|
Please check https://tailscale.com/kb/1018/acls/ for further information.
|
||||||
|
|
||||||
When using ACL's the User borders are no longer applied. All machines
|
When using ACL's the User borders are no longer applied. All machines
|
||||||
whichever the User have the ability to communicate with other hosts as
|
whichever the User have the ability to communicate with other hosts as
|
||||||
|
@ -36,15 +36,14 @@ servers.
|
||||||
- billing.internal
|
- billing.internal
|
||||||
- router.internal
|
- router.internal
|
||||||
|
|
||||||
![ACL implementation example](images/headscale-acl-network.png)
|
![ACL implementation example](../images/headscale-acl-network.png)
|
||||||
|
|
||||||
## ACL setup
|
## ACL setup
|
||||||
|
|
||||||
Note: Users will be created automatically when users authenticate with the
|
Note: Users will be created automatically when users authenticate with the
|
||||||
Headscale server.
|
headscale server.
|
||||||
|
|
||||||
ACLs could be written either on [huJSON](https://github.com/tailscale/hujson)
|
ACLs have to be written in [huJSON](https://github.com/tailscale/hujson).
|
||||||
or YAML. Check the [test ACLs](../tests/acls) for further information.
|
|
||||||
|
|
||||||
When registering the servers we will need to add the flag
|
When registering the servers we will need to add the flag
|
||||||
`--advertise-tags=tag:<tag1>,tag:<tag2>`, and the user that is
|
`--advertise-tags=tag:<tag1>,tag:<tag2>`, and the user that is
|
||||||
|
@ -53,7 +52,7 @@ a server they can register, the check of the tags is done on headscale server
|
||||||
and only valid tags are applied. A tag is valid if the user that is
|
and only valid tags are applied. A tag is valid if the user that is
|
||||||
registering it is allowed to do it.
|
registering it is allowed to do it.
|
||||||
|
|
||||||
To use ACLs in headscale, you must edit your config.yaml file. In there you will find a `acl_policy_path: ""` parameter. This will need to point to your ACL file. More info on how these policies are written can be found [here](https://tailscale.com/kb/1018/acls/).
|
To use ACLs in headscale, you must edit your `config.yaml` file. In there you will find a `policy.path` parameter. This will need to point to your ACL file. More info on how these policies are written can be found [here](https://tailscale.com/kb/1018/acls/).
|
||||||
|
|
||||||
Here are the ACL's to implement the same permissions as above:
|
Here are the ACL's to implement the same permissions as above:
|
||||||
|
|
||||||
|
@ -88,7 +87,7 @@ Here are the ACL's to implement the same permissions as above:
|
||||||
// to define a single host, use a /32 mask. You cannot use DNS entries here,
|
// to define a single host, use a /32 mask. You cannot use DNS entries here,
|
||||||
// as they're prone to be hijacked by replacing their IP addresses.
|
// as they're prone to be hijacked by replacing their IP addresses.
|
||||||
// see https://github.com/tailscale/tailscale/issues/3800 for more information.
|
// see https://github.com/tailscale/tailscale/issues/3800 for more information.
|
||||||
"Hosts": {
|
"hosts": {
|
||||||
"postgresql.internal": "10.20.0.2/32",
|
"postgresql.internal": "10.20.0.2/32",
|
||||||
"webservers.internal": "10.20.10.1/29"
|
"webservers.internal": "10.20.10.1/29"
|
||||||
},
|
},
|
39
docs/ref/configuration.md
Normal file
39
docs/ref/configuration.md
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
# Configuration
|
||||||
|
|
||||||
|
- Headscale loads its configuration from a YAML file
|
||||||
|
- It searches for `config.yaml` in the following paths:
|
||||||
|
- `/etc/headscale`
|
||||||
|
- `$HOME/.headscale`
|
||||||
|
- the current working directory
|
||||||
|
- Use the command line flag `-c`, `--config` to load the configuration from a different path
|
||||||
|
- Validate the configuration file with: `headscale configtest`
|
||||||
|
|
||||||
|
!!! example "Get the [example configuration from the GitHub repository](https://github.com/juanfont/headscale/blob/main/config-example.yaml)"
|
||||||
|
|
||||||
|
Always select the [same GitHub tag](https://github.com/juanfont/headscale/tags) as the released version you use to
|
||||||
|
ensure you have the correct example configuration. The `main` branch might contain unreleased changes.
|
||||||
|
|
||||||
|
=== "View on GitHub"
|
||||||
|
|
||||||
|
* Development version: <https://github.com/juanfont/headscale/blob/main/config-example.yaml>
|
||||||
|
* Version {{ headscale.version }}: <https://github.com/juanfont/headscale/blob/v{{ headscale.version }}/config-example.yaml>
|
||||||
|
|
||||||
|
=== "Download with `wget`"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Development version
|
||||||
|
wget -O config.yaml https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml
|
||||||
|
|
||||||
|
# Version {{ headscale.version }}
|
||||||
|
wget -O config.yaml https://raw.githubusercontent.com/juanfont/headscale/v{{ headscale.version }}/config-example.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Download with `curl`"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Development version
|
||||||
|
curl -o config.yaml https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml
|
||||||
|
|
||||||
|
# Version {{ headscale.version }}
|
||||||
|
curl -o config.yaml https://raw.githubusercontent.com/juanfont/headscale/v{{ headscale.version }}/config-example.yaml
|
||||||
|
```
|
80
docs/ref/dns.md
Normal file
80
docs/ref/dns.md
Normal file
|
@ -0,0 +1,80 @@
|
||||||
|
# DNS
|
||||||
|
|
||||||
|
Headscale supports [most DNS features](../about/features.md) from Tailscale and DNS releated settings can be configured
|
||||||
|
in the [configuration file](./configuration.md) within the `dns` section.
|
||||||
|
|
||||||
|
## Setting custom DNS records
|
||||||
|
|
||||||
|
!!! warning "Community documentation"
|
||||||
|
|
||||||
|
This page is not actively maintained by the headscale authors and is
|
||||||
|
written by community members. It is _not_ verified by headscale developers.
|
||||||
|
|
||||||
|
**It might be outdated and it might miss necessary steps**.
|
||||||
|
|
||||||
|
Headscale allows to set custom DNS records which are made available via
|
||||||
|
[MagicDNS](https://tailscale.com/kb/1081/magicdns). An example use case is to serve multiple apps on the same host via a
|
||||||
|
reverse proxy like NGINX, in this case a Prometheus monitoring stack. This allows to nicely access the service with
|
||||||
|
"http://grafana.myvpn.example.com" instead of the hostname and port combination
|
||||||
|
"http://hostname-in-magic-dns.myvpn.example.com:3000".
|
||||||
|
|
||||||
|
!!! warning "Limitations"
|
||||||
|
|
||||||
|
[Not all types of records are supported](https://github.com/tailscale/tailscale/blob/6edf357b96b28ee1be659a70232c0135b2ffedfd/ipn/ipnlocal/local.go#L2989-L3007), especially no CNAME records.
|
||||||
|
|
||||||
|
1. Update the [configuration file](./configuration.md) to contain the desired records like so:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
dns:
|
||||||
|
...
|
||||||
|
extra_records:
|
||||||
|
- name: "prometheus.myvpn.example.com"
|
||||||
|
type: "A"
|
||||||
|
value: "100.64.0.3"
|
||||||
|
|
||||||
|
- name: "grafana.myvpn.example.com"
|
||||||
|
type: "A"
|
||||||
|
value: "100.64.0.3"
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Restart your headscale instance.
|
||||||
|
|
||||||
|
1. Verify that DNS records are properly set using the DNS querying tool of your choice:
|
||||||
|
|
||||||
|
=== "Query with dig"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
dig +short grafana.myvpn.example.com
|
||||||
|
100.64.0.3
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Query with drill"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
drill -Q grafana.myvpn.example.com
|
||||||
|
100.64.0.3
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Optional: Setup the reverse proxy
|
||||||
|
|
||||||
|
The motivating example here was to be able to access internal monitoring services on the same host without
|
||||||
|
specifying a port, depicted as NGINX configuration snippet:
|
||||||
|
|
||||||
|
```
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name grafana.myvpn.example.com;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:3000;
|
||||||
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
```
|
|
@ -5,7 +5,7 @@
|
||||||
Register the node and make it advertise itself as an exit node:
|
Register the node and make it advertise itself as an exit node:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ sudo tailscale up --login-server https://my-server.com --advertise-exit-node
|
$ sudo tailscale up --login-server https://headscale.example.com --advertise-exit-node
|
||||||
```
|
```
|
||||||
|
|
||||||
If the node is already registered, it can advertise exit capabilities like this:
|
If the node is already registered, it can advertise exit capabilities like this:
|
||||||
|
@ -21,21 +21,23 @@ To use a node as an exit node, IP forwarding must be enabled on the node. Check
|
||||||
```console
|
```console
|
||||||
$ # list nodes
|
$ # list nodes
|
||||||
$ headscale routes list
|
$ headscale routes list
|
||||||
ID | Machine | Prefix | Advertised | Enabled | Primary
|
ID | Node | Prefix | Advertised | Enabled | Primary
|
||||||
1 | | 0.0.0.0/0 | false | false | -
|
1 | | 0.0.0.0/0 | false | false | -
|
||||||
2 | | ::/0 | false | false | -
|
2 | | ::/0 | false | false | -
|
||||||
3 | phobos | 0.0.0.0/0 | true | false | -
|
3 | phobos | 0.0.0.0/0 | true | false | -
|
||||||
4 | phobos | ::/0 | true | false | -
|
4 | phobos | ::/0 | true | false | -
|
||||||
|
|
||||||
$ # enable routes for phobos
|
$ # enable routes for phobos
|
||||||
$ headscale routes enable -r 3
|
$ headscale routes enable -r 3
|
||||||
$ headscale routes enable -r 4
|
$ headscale routes enable -r 4
|
||||||
|
|
||||||
$ # Check node list again. The routes are now enabled.
|
$ # Check node list again. The routes are now enabled.
|
||||||
$ headscale routes list
|
$ headscale routes list
|
||||||
ID | Machine | Prefix | Advertised | Enabled | Primary
|
ID | Node | Prefix | Advertised | Enabled | Primary
|
||||||
1 | | 0.0.0.0/0 | false | false | -
|
1 | | 0.0.0.0/0 | false | false | -
|
||||||
2 | | ::/0 | false | false | -
|
2 | | ::/0 | false | false | -
|
||||||
3 | phobos | 0.0.0.0/0 | true | true | -
|
3 | phobos | 0.0.0.0/0 | true | true | -
|
||||||
4 | phobos | ::/0 | true | true | -
|
4 | phobos | ::/0 | true | true | -
|
||||||
```
|
```
|
||||||
|
|
||||||
## On the client
|
## On the client
|
||||||
|
@ -46,4 +48,4 @@ The exit node can now be used with:
|
||||||
$ sudo tailscale set --exit-node phobos
|
$ sudo tailscale set --exit-node phobos
|
||||||
```
|
```
|
||||||
|
|
||||||
Check the official [Tailscale documentation](https://tailscale.com/kb/1103/exit-nodes/?q=exit#step-3-use-the-exit-node) for how to do it on your device.
|
Check the official [Tailscale documentation](https://tailscale.com/kb/1103/exit-nodes#use-the-exit-node) for how to do it on your device.
|
|
@ -3,7 +3,7 @@
|
||||||
!!! warning "Community documentation"
|
!!! warning "Community documentation"
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
This page is not actively maintained by the headscale authors and is
|
||||||
written by community members. It is _not_ verified by `headscale` developers.
|
written by community members. It is _not_ verified by headscale developers.
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
**It might be outdated and it might miss necessary steps**.
|
||||||
|
|
||||||
|
@ -11,9 +11,9 @@ Running headscale behind a reverse proxy is useful when running multiple applica
|
||||||
|
|
||||||
### WebSockets
|
### WebSockets
|
||||||
|
|
||||||
The reverse proxy MUST be configured to support WebSockets, as it is needed for clients running Tailscale v1.30+.
|
The reverse proxy MUST be configured to support WebSockets to communicate with Tailscale clients.
|
||||||
|
|
||||||
WebSockets support is required when using the headscale embedded DERP server. In this case, you will also need to expose the UDP port used for STUN (by default, udp/3478). Please check our [config-example.yaml](https://github.com/juanfont/headscale/blob/main/config-example.yaml).
|
WebSockets support is also required when using the headscale embedded DERP server. In this case, you will also need to expose the UDP port used for STUN (by default, udp/3478). Please check our [config-example.yaml](https://github.com/juanfont/headscale/blob/main/config-example.yaml).
|
||||||
|
|
||||||
### Cloudflare
|
### Cloudflare
|
||||||
|
|
||||||
|
@ -80,7 +80,7 @@ Sending local reply with details upgrade_failed
|
||||||
|
|
||||||
### Envoy
|
### Envoy
|
||||||
|
|
||||||
You need add a new upgrade_type named `tailscale-control-protocol`. [see detail](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-upgradeconfig)
|
You need to add a new upgrade_type named `tailscale-control-protocol`. [see details](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto#extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-upgradeconfig)
|
||||||
|
|
||||||
### Istio
|
### Istio
|
||||||
|
|
||||||
|
@ -121,11 +121,11 @@ The following Caddyfile is all that is necessary to use Caddy as a reverse proxy
|
||||||
|
|
||||||
Caddy v2 will [automatically](https://caddyserver.com/docs/automatic-https) provision a certificate for your domain/subdomain, force HTTPS, and proxy websockets - no further configuration is necessary.
|
Caddy v2 will [automatically](https://caddyserver.com/docs/automatic-https) provision a certificate for your domain/subdomain, force HTTPS, and proxy websockets - no further configuration is necessary.
|
||||||
|
|
||||||
For a slightly more complex configuration which utilizes Docker containers to manage Caddy, Headscale, and Headscale-UI, [Guru Computing's guide](https://blog.gurucomputing.com.au/smart-vpns-with-headscale/) is an excellent reference.
|
For a slightly more complex configuration which utilizes Docker containers to manage Caddy, headscale, and Headscale-UI, [Guru Computing's guide](https://blog.gurucomputing.com.au/smart-vpns-with-headscale/) is an excellent reference.
|
||||||
|
|
||||||
## Apache
|
## Apache
|
||||||
|
|
||||||
The following minimal Apache config will proxy traffic to the Headscale instance on `<IP:PORT>`. Note that `upgrade=any` is required as a parameter for `ProxyPass` so that WebSockets traffic whose `Upgrade` header value is not equal to `WebSocket` (i. e. Tailscale Control Protocol) is forwarded correctly. See the [Apache docs](https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html) for more information on this.
|
The following minimal Apache config will proxy traffic to the headscale instance on `<IP:PORT>`. Note that `upgrade=any` is required as a parameter for `ProxyPass` so that WebSockets traffic whose `Upgrade` header value is not equal to `WebSocket` (i. e. Tailscale Control Protocol) is forwarded correctly. See the [Apache docs](https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html) for more information on this.
|
||||||
|
|
||||||
```
|
```
|
||||||
<VirtualHost *:443>
|
<VirtualHost *:443>
|
|
@ -3,13 +3,15 @@
|
||||||
!!! warning "Community contributions"
|
!!! warning "Community contributions"
|
||||||
|
|
||||||
This page contains community contributions. The projects listed here are not
|
This page contains community contributions. The projects listed here are not
|
||||||
maintained by the Headscale authors and are written by community members.
|
maintained by the headscale authors and are written by community members.
|
||||||
|
|
||||||
| Name | Repository Link | Description | Status |
|
| Name | Repository Link | Description | Status |
|
||||||
| --------------- | ------------------------------------------------------- | --------------------------------------------------------------------------- | ------ |
|
| --------------- | ------------------------------------------------------- | ----------------------------------------------------------------------------------- | ------ |
|
||||||
| headscale-webui | [Github](https://github.com/ifargle/headscale-webui) | A simple Headscale web UI for small-scale deployments. | Alpha |
|
| headscale-webui | [Github](https://github.com/ifargle/headscale-webui) | A simple headscale web UI for small-scale deployments. | Alpha |
|
||||||
| headscale-ui | [Github](https://github.com/gurucomputing/headscale-ui) | A web frontend for the headscale Tailscale-compatible coordination server | Alpha |
|
| headscale-ui | [Github](https://github.com/gurucomputing/headscale-ui) | A web frontend for the headscale Tailscale-compatible coordination server | Alpha |
|
||||||
| HeadscaleUi | [GitHub](https://github.com/simcu/headscale-ui) | A static headscale admin ui, no backend enviroment required | Alpha |
|
| HeadscaleUi | [GitHub](https://github.com/simcu/headscale-ui) | A static headscale admin ui, no backend enviroment required | Alpha |
|
||||||
| headscale-admin | [Github](https://github.com/GoodiesHQ/headscale-admin) | Headscale-Admin is meant to be a simple, modern web interface for Headscale | Beta |
|
| Headplane | [GitHub](https://github.com/tale/headplane) | An advanced Tailscale inspired frontend for headscale | Alpha |
|
||||||
|
| headscale-admin | [Github](https://github.com/GoodiesHQ/headscale-admin) | Headscale-Admin is meant to be a simple, modern web interface for headscale | Beta |
|
||||||
|
| ouroboros | [Github](https://github.com/yellowsink/ouroboros) | Ouroboros is designed for users to manage their own devices, rather than for admins | Stable |
|
||||||
|
|
||||||
You can ask for support on our dedicated [Discord channel](https://discord.com/channels/896711691637780480/1105842846386356294).
|
You can ask for support on our dedicated [Discord channel](https://discord.com/channels/896711691637780480/1105842846386356294).
|
|
@ -1,4 +1,4 @@
|
||||||
# Configuring Headscale to use OIDC authentication
|
# Configuring headscale to use OIDC authentication
|
||||||
|
|
||||||
In order to authenticate users through a centralized solution one must enable the OIDC integration.
|
In order to authenticate users through a centralized solution one must enable the OIDC integration.
|
||||||
|
|
||||||
|
@ -54,7 +54,7 @@ oidc:
|
||||||
|
|
||||||
## Azure AD example
|
## Azure AD example
|
||||||
|
|
||||||
In order to integrate Headscale with Azure Active Directory, we'll need to provision an App Registration with the correct scopes and redirect URI. Here with Terraform:
|
In order to integrate headscale with Azure Active Directory, we'll need to provision an App Registration with the correct scopes and redirect URI. Here with Terraform:
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
resource "azuread_application" "headscale" {
|
resource "azuread_application" "headscale" {
|
||||||
|
@ -84,7 +84,7 @@ resource "azuread_application" "headscale" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
web {
|
web {
|
||||||
# Points at your running Headscale instance
|
# Points at your running headscale instance
|
||||||
redirect_uris = ["https://headscale.example.com/oidc/callback"]
|
redirect_uris = ["https://headscale.example.com/oidc/callback"]
|
||||||
|
|
||||||
implicit_grant {
|
implicit_grant {
|
||||||
|
@ -125,7 +125,7 @@ output "headscale_client_secret" {
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
And in your Headscale `config.yaml`:
|
And in your headscale `config.yaml`:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
oidc:
|
oidc:
|
||||||
|
@ -144,7 +144,7 @@ oidc:
|
||||||
|
|
||||||
## Google OAuth Example
|
## Google OAuth Example
|
||||||
|
|
||||||
In order to integrate Headscale with Google, you'll need to have a [Google Cloud Console](https://console.cloud.google.com) account.
|
In order to integrate headscale with Google, you'll need to have a [Google Cloud Console](https://console.cloud.google.com) account.
|
||||||
|
|
||||||
Google OAuth has a [verification process](https://support.google.com/cloud/answer/9110914?hl=en) if you need to have users authenticate who are outside of your domain. If you only need to authenticate users from your domain name (ie `@example.com`), you don't need to go through the verification process.
|
Google OAuth has a [verification process](https://support.google.com/cloud/answer/9110914?hl=en) if you need to have users authenticate who are outside of your domain. If you only need to authenticate users from your domain name (ie `@example.com`), you don't need to go through the verification process.
|
||||||
|
|
||||||
|
@ -158,17 +158,16 @@ However if you don't have a domain, or need to add users outside of your domain,
|
||||||
4. Click `Create Credentials` -> `OAuth client ID`
|
4. Click `Create Credentials` -> `OAuth client ID`
|
||||||
5. Under `Application Type`, choose `Web Application`
|
5. Under `Application Type`, choose `Web Application`
|
||||||
6. For `Name`, enter whatever you like
|
6. For `Name`, enter whatever you like
|
||||||
7. Under `Authorised redirect URIs`, use `https://example.com/oidc/callback`, replacing example.com with your Headscale URL.
|
7. Under `Authorised redirect URIs`, use `https://example.com/oidc/callback`, replacing example.com with your headscale URL.
|
||||||
8. Click `Save` at the bottom of the form
|
8. Click `Save` at the bottom of the form
|
||||||
9. Take note of the `Client ID` and `Client secret`, you can also download it for reference if you need it.
|
9. Take note of the `Client ID` and `Client secret`, you can also download it for reference if you need it.
|
||||||
10. Edit your headscale config, under `oidc`, filling in your `client_id` and `client_secret`:
|
10. Edit your headscale config, under `oidc`, filling in your `client_id` and `client_secret`:
|
||||||
|
```yaml
|
||||||
```yaml
|
oidc:
|
||||||
oidc:
|
issuer: "https://accounts.google.com"
|
||||||
issuer: "https://accounts.google.com"
|
client_id: ""
|
||||||
client_id: ""
|
client_secret: ""
|
||||||
client_secret: ""
|
scope: ["openid", "profile", "email"]
|
||||||
scope: ["openid", "profile", "email"]
|
```
|
||||||
```
|
|
||||||
|
|
||||||
You can also use `allowed_domains` and `allowed_users` to restrict the users who can authenticate.
|
You can also use `allowed_domains` and `allowed_users` to restrict the users who can authenticate.
|
98
docs/ref/remote-cli.md
Normal file
98
docs/ref/remote-cli.md
Normal file
|
@ -0,0 +1,98 @@
|
||||||
|
# Controlling headscale with remote CLI
|
||||||
|
|
||||||
|
This documentation has the goal of showing a user how-to set control a headscale instance
|
||||||
|
from a remote machine with the `headscale` command line binary.
|
||||||
|
|
||||||
|
## Prerequisite
|
||||||
|
|
||||||
|
- A workstation to run headscale (could be Linux, macOS, other supported platforms)
|
||||||
|
- A headscale server (version `0.13.0` or newer)
|
||||||
|
- Access to create API keys (local access to the headscale server)
|
||||||
|
- headscale _must_ be served over TLS/HTTPS
|
||||||
|
- Remote access does _not_ support unencrypted traffic.
|
||||||
|
- Port `50443` must be open in the firewall (or port overridden by `grpc_listen_addr` option)
|
||||||
|
|
||||||
|
## Create an API key
|
||||||
|
|
||||||
|
We need to create an API key to authenticate our remote headscale when using it from our workstation.
|
||||||
|
|
||||||
|
To create a API key, log into your headscale server and generate a key:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale apikeys create --expiration 90d
|
||||||
|
```
|
||||||
|
|
||||||
|
Copy the output of the command and save it for later. Please note that you can not retrieve a key again,
|
||||||
|
if the key is lost, expire the old one, and create a new key.
|
||||||
|
|
||||||
|
To list the keys currently assosicated with the server:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale apikeys list
|
||||||
|
```
|
||||||
|
|
||||||
|
and to expire a key:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale apikeys expire --prefix "<PREFIX>"
|
||||||
|
```
|
||||||
|
|
||||||
|
## Download and configure headscale
|
||||||
|
|
||||||
|
1. Download the latest [`headscale` binary from GitHub's release page](https://github.com/juanfont/headscale/releases):
|
||||||
|
|
||||||
|
1. Put the binary somewhere in your `PATH`, e.g. `/usr/local/bin/headscale`
|
||||||
|
|
||||||
|
1. Make `headscale` executable:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
chmod +x /usr/local/bin/headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Configure the CLI through environment variables
|
||||||
|
|
||||||
|
```shell
|
||||||
|
export HEADSCALE_CLI_ADDRESS="<HEADSCALE ADDRESS>:<PORT>"
|
||||||
|
export HEADSCALE_CLI_API_KEY="<API KEY FROM PREVIOUS STAGE>"
|
||||||
|
```
|
||||||
|
|
||||||
|
for example:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
export HEADSCALE_CLI_ADDRESS="headscale.example.com:50443"
|
||||||
|
export HEADSCALE_CLI_API_KEY="abcde12345"
|
||||||
|
```
|
||||||
|
|
||||||
|
This will tell the `headscale` binary to connect to a remote instance, instead of looking
|
||||||
|
for a local instance (which is what it does on the server).
|
||||||
|
|
||||||
|
The API key is needed to make sure that you are allowed to access the server. The key is _not_
|
||||||
|
needed when running directly on the server, as the connection is local.
|
||||||
|
|
||||||
|
1. Test the connection
|
||||||
|
|
||||||
|
Let us run the headscale command to verify that we can connect by listing our nodes:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale nodes list
|
||||||
|
```
|
||||||
|
|
||||||
|
You should now be able to see a list of your nodes from your workstation, and you can
|
||||||
|
now control the headscale server from your workstation.
|
||||||
|
|
||||||
|
## Behind a proxy
|
||||||
|
|
||||||
|
It is possible to run the gRPC remote endpoint behind a reverse proxy, like Nginx, and have it run on the _same_ port as headscale.
|
||||||
|
|
||||||
|
While this is _not a supported_ feature, an example on how this can be set up on
|
||||||
|
[NixOS is shown here](https://github.com/kradalby/dotfiles/blob/4489cdbb19cddfbfae82cd70448a38fde5a76711/machines/headscale.oracldn/headscale.nix#L61-L91).
|
||||||
|
|
||||||
|
## Troubleshooting
|
||||||
|
|
||||||
|
Checklist:
|
||||||
|
|
||||||
|
- Make sure you have the _same_ headscale version on your server and workstation
|
||||||
|
- Make sure you use version `0.13.0` or newer.
|
||||||
|
- Verify that your TLS certificate is valid and trusted
|
||||||
|
- If you do not have access to a trusted certificate (e.g. from Let's Encrypt), add your self signed certificate to the trust store of your OS or
|
||||||
|
- Set `HEADSCALE_CLI_INSECURE` to 0 in your environment
|
|
@ -47,7 +47,7 @@ Headscale uses [autocert](https://pkg.go.dev/golang.org/x/crypto/acme/autocert),
|
||||||
|
|
||||||
If you want to validate that certificate renewal completed successfully, this can be done either manually, or through external monitoring software. Two examples of doing this manually:
|
If you want to validate that certificate renewal completed successfully, this can be done either manually, or through external monitoring software. Two examples of doing this manually:
|
||||||
|
|
||||||
1. Open the URL for your Headscale server in your browser of choice, and manually inspecting the expiry date of the certificate you receive.
|
1. Open the URL for your headscale server in your browser of choice, and manually inspecting the expiry date of the certificate you receive.
|
||||||
2. Or, check remotely from CLI using `openssl`:
|
2. Or, check remotely from CLI using `openssl`:
|
||||||
|
|
||||||
```bash
|
```bash
|
|
@ -1,100 +0,0 @@
|
||||||
# Controlling `headscale` with remote CLI
|
|
||||||
|
|
||||||
## Prerequisite
|
|
||||||
|
|
||||||
- A workstation to run `headscale` (could be Linux, macOS, other supported platforms)
|
|
||||||
- A `headscale` server (version `0.13.0` or newer)
|
|
||||||
- Access to create API keys (local access to the `headscale` server)
|
|
||||||
- `headscale` _must_ be served over TLS/HTTPS
|
|
||||||
- Remote access does _not_ support unencrypted traffic.
|
|
||||||
- Port `50443` must be open in the firewall (or port overridden by `grpc.listen_addr` option)
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to set control a `headscale` instance
|
|
||||||
from a remote machine with the `headscale` command line binary.
|
|
||||||
|
|
||||||
## Create an API key
|
|
||||||
|
|
||||||
We need to create an API key to authenticate our remote `headscale` when using it from our workstation.
|
|
||||||
|
|
||||||
To create a API key, log into your `headscale` server and generate a key:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale apikeys create --expiration 90d
|
|
||||||
```
|
|
||||||
|
|
||||||
Copy the output of the command and save it for later. Please note that you can not retrieve a key again,
|
|
||||||
if the key is lost, expire the old one, and create a new key.
|
|
||||||
|
|
||||||
To list the keys currently assosicated with the server:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale apikeys list
|
|
||||||
```
|
|
||||||
|
|
||||||
and to expire a key:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale apikeys expire --prefix "<PREFIX>"
|
|
||||||
```
|
|
||||||
|
|
||||||
## Download and configure `headscale`
|
|
||||||
|
|
||||||
1. Download the latest [`headscale` binary from GitHub's release page](https://github.com/juanfont/headscale/releases):
|
|
||||||
|
|
||||||
2. Put the binary somewhere in your `PATH`, e.g. `/usr/local/bin/headscale`
|
|
||||||
|
|
||||||
3. Make `headscale` executable:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
chmod +x /usr/local/bin/headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
4. Configure the CLI through Environment Variables
|
|
||||||
|
|
||||||
```shell
|
|
||||||
export HEADSCALE_CLI_ADDRESS="<HEADSCALE ADDRESS>:<PORT>"
|
|
||||||
export HEADSCALE_CLI_API_KEY="<API KEY FROM PREVIOUS STAGE>"
|
|
||||||
```
|
|
||||||
|
|
||||||
for example:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
export HEADSCALE_CLI_ADDRESS="headscale.example.com:50443"
|
|
||||||
export HEADSCALE_CLI_API_KEY="abcde12345"
|
|
||||||
```
|
|
||||||
|
|
||||||
This will tell the `headscale` binary to connect to a remote instance, instead of looking
|
|
||||||
for a local instance (which is what it does on the server).
|
|
||||||
|
|
||||||
The API key is needed to make sure that your are allowed to access the server. The key is _not_
|
|
||||||
needed when running directly on the server, as the connection is local.
|
|
||||||
|
|
||||||
5. Test the connection
|
|
||||||
|
|
||||||
Let us run the headscale command to verify that we can connect by listing our nodes:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale nodes list
|
|
||||||
```
|
|
||||||
|
|
||||||
You should now be able to see a list of your nodes from your workstation, and you can
|
|
||||||
now control the `headscale` server from your workstation.
|
|
||||||
|
|
||||||
## Behind a proxy
|
|
||||||
|
|
||||||
It is possible to run the gRPC remote endpoint behind a reverse proxy, like Nginx, and have it run on the _same_ port as `headscale`.
|
|
||||||
|
|
||||||
While this is _not a supported_ feature, an example on how this can be set up on
|
|
||||||
[NixOS is shown here](https://github.com/kradalby/dotfiles/blob/4489cdbb19cddfbfae82cd70448a38fde5a76711/machines/headscale.oracldn/headscale.nix#L61-L91).
|
|
||||||
|
|
||||||
## Troubleshooting
|
|
||||||
|
|
||||||
Checklist:
|
|
||||||
|
|
||||||
- Make sure you have the _same_ `headscale` version on your server and workstation
|
|
||||||
- Make sure you use version `0.13.0` or newer.
|
|
||||||
- Verify that your TLS certificate is valid and trusted
|
|
||||||
- If you do not have access to a trusted certificate (e.g. from Let's Encrypt), add your self signed certificate to the trust store of your OS or
|
|
||||||
- Set `HEADSCALE_CLI_INSECURE` to 0 in your environment
|
|
|
@ -1,4 +1,7 @@
|
||||||
cairosvg~=2.7.1
|
cairosvg~=2.7.1
|
||||||
|
mkdocs-include-markdown-plugin~=6.2.2
|
||||||
|
mkdocs-macros-plugin~=1.2.0
|
||||||
mkdocs-material~=9.5.18
|
mkdocs-material~=9.5.18
|
||||||
mkdocs-minify-plugin~=0.7.1
|
mkdocs-minify-plugin~=0.7.1
|
||||||
|
mkdocs-redirects~=1.2.1
|
||||||
pillow~=10.1.0
|
pillow~=10.1.0
|
||||||
|
|
|
@ -1,195 +0,0 @@
|
||||||
# Running headscale in a container
|
|
||||||
|
|
||||||
!!! warning "Community documentation"
|
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
|
||||||
written by community members. It is _not_ verified by `headscale` developers.
|
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to set up and run `headscale` in a container.
|
|
||||||
[Docker](https://www.docker.com) is used as the reference container implementation, but there is no reason that it should
|
|
||||||
not work with alternatives like [Podman](https://podman.io). The Docker image can be found on Docker Hub [here](https://hub.docker.com/r/headscale/headscale).
|
|
||||||
|
|
||||||
## Configure and run `headscale`
|
|
||||||
|
|
||||||
1. Prepare a directory on the host Docker node in your directory of choice, used to hold `headscale` configuration and the [SQLite](https://www.sqlite.org/) database:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
mkdir -p ./headscale/config
|
|
||||||
cd ./headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create an empty SQlite datebase in the headscale directory:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch ./config/db.sqlite
|
|
||||||
```
|
|
||||||
|
|
||||||
1. **(Strongly Recommended)** Download a copy of the [example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml) from the headscale repository.
|
|
||||||
|
|
||||||
- Using `wget`:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
wget -O ./config/config.yaml https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
- Using `curl`:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl https://raw.githubusercontent.com/juanfont/headscale/main/config-example.yaml -o ./config/config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
- **(Advanced)** If you would like to hand craft a config file **instead** of downloading the example config file, create a blank `headscale` configuration in the headscale directory to edit:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch ./config/config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
Modify the config file to your preferences before launching Docker container.
|
|
||||||
Here are some settings that you likely want:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
# Change to your hostname or host IP
|
|
||||||
server_url: http://your-host-name:8080
|
|
||||||
# Listen to 0.0.0.0 so it's accessible outside the container
|
|
||||||
metrics_listen_addr: 0.0.0.0:9090
|
|
||||||
# The default /var/lib/headscale path is not writable in the container
|
|
||||||
noise:
|
|
||||||
private_key_path: /etc/headscale/noise_private.key
|
|
||||||
# The default /var/lib/headscale path is not writable in the container
|
|
||||||
derp:
|
|
||||||
private_key_path: /etc/headscale/private.key
|
|
||||||
# The default /var/run/headscale path is not writable in the container
|
|
||||||
unix_socket: /etc/headscale/headscale.sock
|
|
||||||
# The default /var/lib/headscale path is not writable in the container
|
|
||||||
database.type: sqlite3
|
|
||||||
database.sqlite.path: /etc/headscale/db.sqlite
|
|
||||||
```
|
|
||||||
|
|
||||||
Alternatively, you can mount `/var/lib` and `/var/run` from your host system by adding
|
|
||||||
`--volume $(pwd)/lib:/var/lib/headscale` and `--volume $(pwd)/run:/var/run/headscale`
|
|
||||||
in the next step.
|
|
||||||
|
|
||||||
1. Start the headscale server while working in the host headscale directory:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker run \
|
|
||||||
--name headscale \
|
|
||||||
--detach \
|
|
||||||
--volume $(pwd)/config:/etc/headscale/ \
|
|
||||||
--publish 127.0.0.1:8080:8080 \
|
|
||||||
--publish 127.0.0.1:9090:9090 \
|
|
||||||
headscale/headscale:<VERSION> \
|
|
||||||
headscale serve
|
|
||||||
```
|
|
||||||
|
|
||||||
Note: use `0.0.0.0:8080:8080` instead of `127.0.0.1:8080:8080` if you want to expose the container externally.
|
|
||||||
|
|
||||||
This command will mount `config/` under `/etc/headscale`, forward port 8080 out of the container so the
|
|
||||||
`headscale` instance becomes available and then detach so headscale runs in the background.
|
|
||||||
|
|
||||||
Example `docker-compose.yaml`
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
version: "3.7"
|
|
||||||
|
|
||||||
services:
|
|
||||||
headscale:
|
|
||||||
image: headscale/headscale:0.22.3
|
|
||||||
restart: unless-stopped
|
|
||||||
container_name: headscale
|
|
||||||
ports:
|
|
||||||
- "127.0.0.1:8080:8080"
|
|
||||||
- "127.0.0.1:9090:9090"
|
|
||||||
volumes:
|
|
||||||
# pls change [config_path] to the fullpath of the config folder just created
|
|
||||||
- [config_path]:/etc/headscale
|
|
||||||
command: headscale serve
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Verify `headscale` is running:
|
|
||||||
Follow the container logs:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker logs --follow headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
Verify running containers:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker ps
|
|
||||||
```
|
|
||||||
|
|
||||||
Verify `headscale` is available:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl http://127.0.0.1:9090/metrics
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a user ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker exec headscale \
|
|
||||||
headscale users create myfirstuser
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register a machine (normal login)
|
|
||||||
|
|
||||||
On a client machine, execute the `tailscale` login command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server YOUR_HEADSCALE_URL
|
|
||||||
```
|
|
||||||
|
|
||||||
To register a machine when running `headscale` in a container, take the headscale command and pass it to the container:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker exec headscale \
|
|
||||||
headscale --user myfirstuser nodes register --key <YOU_+MACHINE_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register machine using a pre authenticated key
|
|
||||||
|
|
||||||
Generate a key using the command line:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
docker exec headscale \
|
|
||||||
headscale --user myfirstuser preauthkeys create --reusable --expiration 24h
|
|
||||||
```
|
|
||||||
|
|
||||||
This will return a pre-authenticated key that can be used to connect a node to `headscale` during the `tailscale` command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
## Debugging headscale running in Docker
|
|
||||||
|
|
||||||
The `headscale/headscale` Docker container is based on a "distroless" image that does not contain a shell or any other debug tools. If you need to debug your application running in the Docker container, you can use the `-debug` variant, for example `headscale/headscale:x.x.x-debug`.
|
|
||||||
|
|
||||||
### Running the debug Docker container
|
|
||||||
|
|
||||||
To run the debug Docker container, use the exact same commands as above, but replace `headscale/headscale:x.x.x` with `headscale/headscale:x.x.x-debug` (`x.x.x` is the version of headscale). The two containers are compatible with each other, so you can alternate between them.
|
|
||||||
|
|
||||||
### Executing commands in the debug container
|
|
||||||
|
|
||||||
The default command in the debug container is to run `headscale`, which is located at `/bin/headscale` inside the container.
|
|
||||||
|
|
||||||
Additionally, the debug container includes a minimalist Busybox shell.
|
|
||||||
|
|
||||||
To launch a shell in the container, use:
|
|
||||||
|
|
||||||
```
|
|
||||||
docker run -it headscale/headscale:x.x.x-debug sh
|
|
||||||
```
|
|
||||||
|
|
||||||
You can also execute commands directly, such as `ls /bin` in this example:
|
|
||||||
|
|
||||||
```
|
|
||||||
docker run headscale/headscale:x.x.x-debug ls /bin
|
|
||||||
```
|
|
||||||
|
|
||||||
Using `docker exec` allows you to run commands in an existing container.
|
|
|
@ -1,197 +0,0 @@
|
||||||
# Running headscale on Linux
|
|
||||||
|
|
||||||
## Note: Outdated and "advanced"
|
|
||||||
|
|
||||||
This documentation is considered the "legacy"/advanced/manual version of the documentation, you most likely do not
|
|
||||||
want to use this documentation and rather look at the distro specific documentation (TODO LINK)[].
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to set up and run `headscale` on Linux.
|
|
||||||
In additional to the "get up and running section", there is an optional [SystemD section](#running-headscale-in-the-background-with-systemd)
|
|
||||||
describing how to make `headscale` run properly in a server environment.
|
|
||||||
|
|
||||||
## Configure and run `headscale`
|
|
||||||
|
|
||||||
1. Download the latest [`headscale` binary from GitHub's release page](https://github.com/juanfont/headscale/releases):
|
|
||||||
|
|
||||||
```shell
|
|
||||||
wget --output-document=/usr/local/bin/headscale \
|
|
||||||
https://github.com/juanfont/headscale/releases/download/v<HEADSCALE VERSION>/headscale_<HEADSCALE VERSION>_linux_<ARCH>
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Make `headscale` executable:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
chmod +x /usr/local/bin/headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Prepare a directory to hold `headscale` configuration and the [SQLite](https://www.sqlite.org/) database:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
# Directory for configuration
|
|
||||||
|
|
||||||
mkdir -p /etc/headscale
|
|
||||||
|
|
||||||
# Directory for Database, and other variable data (like certificates)
|
|
||||||
mkdir -p /var/lib/headscale
|
|
||||||
# or if you create a headscale user:
|
|
||||||
useradd \
|
|
||||||
--create-home \
|
|
||||||
--home-dir /var/lib/headscale/ \
|
|
||||||
--system \
|
|
||||||
--user-group \
|
|
||||||
--shell /usr/sbin/nologin \
|
|
||||||
headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create an empty SQLite database:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch /var/lib/headscale/db.sqlite
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a `headscale` configuration:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch /etc/headscale/config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
**(Strongly Recommended)** Download a copy of the [example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml) from the headscale repository.
|
|
||||||
|
|
||||||
1. Start the headscale server:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale serve
|
|
||||||
```
|
|
||||||
|
|
||||||
This command will start `headscale` in the current terminal session.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
To continue the tutorial, open a new terminal and let it run in the background.
|
|
||||||
Alternatively use terminal emulators like [tmux](https://github.com/tmux/tmux) or [screen](https://www.gnu.org/software/screen/).
|
|
||||||
|
|
||||||
To run `headscale` in the background, please follow the steps in the [SystemD section](#running-headscale-in-the-background-with-systemd) before continuing.
|
|
||||||
|
|
||||||
1. Verify `headscale` is running:
|
|
||||||
Verify `headscale` is available:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl http://127.0.0.1:9090/metrics
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a user ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale users create myfirstuser
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register a machine (normal login)
|
|
||||||
|
|
||||||
On a client machine, execute the `tailscale` login command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server YOUR_HEADSCALE_URL
|
|
||||||
```
|
|
||||||
|
|
||||||
Register the machine:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser nodes register --key <YOUR_MACHINE_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register machine using a pre authenticated key
|
|
||||||
|
|
||||||
Generate a key using the command line:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser preauthkeys create --reusable --expiration 24h
|
|
||||||
```
|
|
||||||
|
|
||||||
This will return a pre-authenticated key that can be used to connect a node to `headscale` during the `tailscale` command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
## Running `headscale` in the background with SystemD
|
|
||||||
|
|
||||||
:warning: **Deprecated**: This part is very outdated and you should use the [pre-packaged Headscale for this](./running-headscale-linux.md)
|
|
||||||
|
|
||||||
This section demonstrates how to run `headscale` as a service in the background with [SystemD](https://www.freedesktop.org/wiki/Software/systemd/).
|
|
||||||
This should work on most modern Linux distributions.
|
|
||||||
|
|
||||||
1. Create a SystemD service configuration at `/etc/systemd/system/headscale.service` containing:
|
|
||||||
|
|
||||||
```systemd
|
|
||||||
[Unit]
|
|
||||||
Description=headscale controller
|
|
||||||
After=syslog.target
|
|
||||||
After=network.target
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
User=headscale
|
|
||||||
Group=headscale
|
|
||||||
ExecStart=/usr/local/bin/headscale serve
|
|
||||||
Restart=always
|
|
||||||
RestartSec=5
|
|
||||||
|
|
||||||
# Optional security enhancements
|
|
||||||
NoNewPrivileges=yes
|
|
||||||
PrivateTmp=yes
|
|
||||||
ProtectSystem=strict
|
|
||||||
ProtectHome=yes
|
|
||||||
WorkingDirectory=/var/lib/headscale
|
|
||||||
ReadWritePaths=/var/lib/headscale /var/run/headscale
|
|
||||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
||||||
RuntimeDirectory=headscale
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
||||||
```
|
|
||||||
|
|
||||||
Note that when running as the headscale user ensure that, either you add your current user to the headscale group:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
usermod -a -G headscale current_user
|
|
||||||
```
|
|
||||||
|
|
||||||
or run all headscale commands as the headscale user:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
su - headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. In `/etc/headscale/config.yaml`, override the default `headscale` unix socket with path that is writable by the `headscale` user or group:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
unix_socket: /var/run/headscale/headscale.sock
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Reload SystemD to load the new configuration file:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
systemctl daemon-reload
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Enable and start the new `headscale` service:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
systemctl enable --now headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Verify the headscale service:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
systemctl status headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
Verify `headscale` is available:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl http://127.0.0.1:9090/metrics
|
|
||||||
```
|
|
||||||
|
|
||||||
`headscale` will now run in the background and start at boot.
|
|
|
@ -1,97 +0,0 @@
|
||||||
# Running headscale on Linux
|
|
||||||
|
|
||||||
## Requirements
|
|
||||||
|
|
||||||
- Ubuntu 20.04 or newer, Debian 11 or newer.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
Get Headscale up and running.
|
|
||||||
|
|
||||||
This includes running Headscale with SystemD.
|
|
||||||
|
|
||||||
## Migrating from manual install
|
|
||||||
|
|
||||||
If you are migrating from the old manual install, the best thing would be to remove
|
|
||||||
the files installed by following [the guide in reverse](./running-headscale-linux-manual.md).
|
|
||||||
|
|
||||||
You should _not_ delete the database (`/var/lib/headscale/db.sqlite`) and the
|
|
||||||
configuration (`/etc/headscale/config.yaml`).
|
|
||||||
|
|
||||||
## Installation
|
|
||||||
|
|
||||||
1. Download the [latest Headscale package](https://github.com/juanfont/headscale/releases/latest) for your platform (`.deb` for Ubuntu and Debian).
|
|
||||||
|
|
||||||
```shell
|
|
||||||
HEADSCALE_VERSION="" # See above URL for latest version, e.g. "X.Y.Z" (NOTE: do not add the "v" prefix!)
|
|
||||||
HEADSCALE_ARCH="" # Your system architecture, e.g. "amd64"
|
|
||||||
wget --output-document=headscale.deb \
|
|
||||||
"https://github.com/juanfont/headscale/releases/download/v${HEADSCALE_VERSION}/headscale_${HEADSCALE_VERSION}_linux_${HEADSCALE_ARCH}.deb"
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Install Headscale:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
sudo apt install ./headscale.deb
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Enable Headscale service, this will start Headscale at boot:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
sudo systemctl enable headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Configure Headscale by editing the configuration file:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
nano /etc/headscale/config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Start Headscale:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
sudo systemctl start headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Check that Headscale is running as intended:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
systemctl status headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
## Using Headscale
|
|
||||||
|
|
||||||
### Create a user
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale users create myfirstuser
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register a machine (normal login)
|
|
||||||
|
|
||||||
On a client machine, run the `tailscale` login command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL>
|
|
||||||
```
|
|
||||||
|
|
||||||
Register the machine:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser nodes register --key <YOUR_MACHINE_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register machine using a pre authenticated key
|
|
||||||
|
|
||||||
Generate a key using the command line:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser preauthkeys create --reusable --expiration 24h
|
|
||||||
```
|
|
||||||
|
|
||||||
This will return a pre-authenticated key that is used to
|
|
||||||
connect a node to `headscale` during the `tailscale` command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
|
||||||
```
|
|
|
@ -1,208 +0,0 @@
|
||||||
# Running headscale on OpenBSD
|
|
||||||
|
|
||||||
!!! warning "Community documentation"
|
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
|
||||||
written by community members. It is _not_ verified by `headscale` developers.
|
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to install and run `headscale` on OpenBSD.
|
|
||||||
In additional to the "get up and running section", there is an optional [rc.d section](#running-headscale-in-the-background-with-rcd)
|
|
||||||
describing how to make `headscale` run properly in a server environment.
|
|
||||||
|
|
||||||
## Install `headscale`
|
|
||||||
|
|
||||||
1. Install from ports
|
|
||||||
|
|
||||||
You can install headscale from ports by running `pkg_add headscale`.
|
|
||||||
|
|
||||||
1. Install from source
|
|
||||||
|
|
||||||
```shell
|
|
||||||
# Install prerequistes
|
|
||||||
pkg_add go
|
|
||||||
|
|
||||||
git clone https://github.com/juanfont/headscale.git
|
|
||||||
|
|
||||||
cd headscale
|
|
||||||
|
|
||||||
# optionally checkout a release
|
|
||||||
# option a. you can find official release at https://github.com/juanfont/headscale/releases/latest
|
|
||||||
# option b. get latest tag, this may be a beta release
|
|
||||||
latestTag=$(git describe --tags `git rev-list --tags --max-count=1`)
|
|
||||||
|
|
||||||
git checkout $latestTag
|
|
||||||
|
|
||||||
go build -ldflags="-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$latestTag" github.com/juanfont/headscale
|
|
||||||
|
|
||||||
# make it executable
|
|
||||||
chmod a+x headscale
|
|
||||||
|
|
||||||
# copy it to /usr/local/sbin
|
|
||||||
cp headscale /usr/local/sbin
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Install from source via cross compile
|
|
||||||
|
|
||||||
```shell
|
|
||||||
# Install prerequistes
|
|
||||||
# 1. go v1.20+: headscale newer than 0.21 needs go 1.20+ to compile
|
|
||||||
# 2. gmake: Makefile in the headscale repo is written in GNU make syntax
|
|
||||||
|
|
||||||
git clone https://github.com/juanfont/headscale.git
|
|
||||||
|
|
||||||
cd headscale
|
|
||||||
|
|
||||||
# optionally checkout a release
|
|
||||||
# option a. you can find official release at https://github.com/juanfont/headscale/releases/latest
|
|
||||||
# option b. get latest tag, this may be a beta release
|
|
||||||
latestTag=$(git describe --tags `git rev-list --tags --max-count=1`)
|
|
||||||
|
|
||||||
git checkout $latestTag
|
|
||||||
|
|
||||||
make build GOOS=openbsd
|
|
||||||
|
|
||||||
# copy headscale to openbsd machine and put it in /usr/local/sbin
|
|
||||||
```
|
|
||||||
|
|
||||||
## Configure and run `headscale`
|
|
||||||
|
|
||||||
1. Prepare a directory to hold `headscale` configuration and the [SQLite](https://www.sqlite.org/) database:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
# Directory for configuration
|
|
||||||
|
|
||||||
mkdir -p /etc/headscale
|
|
||||||
|
|
||||||
# Directory for Database, and other variable data (like certificates)
|
|
||||||
mkdir -p /var/lib/headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create an empty SQLite database:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch /var/lib/headscale/db.sqlite
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a `headscale` configuration:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
touch /etc/headscale/config.yaml
|
|
||||||
```
|
|
||||||
|
|
||||||
**(Strongly Recommended)** Download a copy of the [example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml) from the headscale repository.
|
|
||||||
|
|
||||||
1. Start the headscale server:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale serve
|
|
||||||
```
|
|
||||||
|
|
||||||
This command will start `headscale` in the current terminal session.
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
To continue the tutorial, open a new terminal and let it run in the background.
|
|
||||||
Alternatively use terminal emulators like [tmux](https://github.com/tmux/tmux).
|
|
||||||
|
|
||||||
To run `headscale` in the background, please follow the steps in the [rc.d section](#running-headscale-in-the-background-with-rcd) before continuing.
|
|
||||||
|
|
||||||
1. Verify `headscale` is running:
|
|
||||||
|
|
||||||
Verify `headscale` is available:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl http://127.0.0.1:9090/metrics
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a user ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale users create myfirstuser
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register a machine (normal login)
|
|
||||||
|
|
||||||
On a client machine, execute the `tailscale` login command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server YOUR_HEADSCALE_URL
|
|
||||||
```
|
|
||||||
|
|
||||||
Register the machine:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser nodes register --key <YOU_+MACHINE_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register machine using a pre authenticated key
|
|
||||||
|
|
||||||
Generate a key using the command line:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale --user myfirstuser preauthkeys create --reusable --expiration 24h
|
|
||||||
```
|
|
||||||
|
|
||||||
This will return a pre-authenticated key that can be used to connect a node to `headscale` during the `tailscale` command:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
## Running `headscale` in the background with rc.d
|
|
||||||
|
|
||||||
This section demonstrates how to run `headscale` as a service in the background with [rc.d](https://man.openbsd.org/rc.d).
|
|
||||||
|
|
||||||
1. Create a rc.d service at `/etc/rc.d/headscale` containing:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
#!/bin/ksh
|
|
||||||
|
|
||||||
daemon="/usr/local/sbin/headscale"
|
|
||||||
daemon_logger="daemon.info"
|
|
||||||
daemon_user="root"
|
|
||||||
daemon_flags="serve"
|
|
||||||
daemon_timeout=60
|
|
||||||
|
|
||||||
. /etc/rc.d/rc.subr
|
|
||||||
|
|
||||||
rc_bg=YES
|
|
||||||
rc_reload=NO
|
|
||||||
|
|
||||||
rc_cmd $1
|
|
||||||
```
|
|
||||||
|
|
||||||
1. `/etc/rc.d/headscale` needs execute permission:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
chmod a+x /etc/rc.d/headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Start `headscale` service:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
rcctl start headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Make `headscale` service start at boot:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
rcctl enable headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Verify the headscale service:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
rcctl check headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
Verify `headscale` is available:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
curl http://127.0.0.1:9090/metrics
|
|
||||||
```
|
|
||||||
|
|
||||||
`headscale` will now run in the background and start at boot.
|
|
|
@ -1,136 +0,0 @@
|
||||||
# Running headscale on Sealos
|
|
||||||
|
|
||||||
!!! warning "Community documentation"
|
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
|
||||||
written by community members. It is _not_ verified by `headscale` developers.
|
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to run `headscale` on Sealos.
|
|
||||||
|
|
||||||
## Running headscale server
|
|
||||||
|
|
||||||
1. Click the following prebuilt template(version [0.23.0-alpha2](https://github.com/juanfont/headscale/releases/tag/v0.23.0-alpha2)):
|
|
||||||
|
|
||||||
[![](https://cdn.jsdelivr.net/gh/labring-actions/templates@main/Deploy-on-Sealos.svg)](https://cloud.sealos.io/?openapp=system-template%3FtemplateName%3Dheadscale)
|
|
||||||
|
|
||||||
2. Click "Deploy Application" on the template page to start deployment. Upon completion, two applications appear: Headscale, and its [visual interface](https://github.com/GoodiesHQ/headscale-admin).
|
|
||||||
3. Once deployment concludes, click 'Details' on the Headscale application page to navigate to the application's details.
|
|
||||||
4. Wait for the application's status to switch to running. For accessing the headscale server, the Public Address associated with port 8080 is the address of the headscale server. To access the Headscale console, simply append `/admin/` to the Headscale public URL.
|
|
||||||
|
|
||||||
![](./images/headscale-sealos-url.png)
|
|
||||||
|
|
||||||
5. Click on 'Terminal' button on the right side of the details to access the Terminal of the headscale application. then create a user ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale users create myfirstuser
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register a machine (normal login)
|
|
||||||
|
|
||||||
On a client machine, execute the `tailscale` login command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# replace <YOUR_HEADSCALE_URL> with the public domain provided by Sealos
|
|
||||||
tailscale up --login-server YOUR_HEADSCALE_URL
|
|
||||||
```
|
|
||||||
|
|
||||||
To register a machine when running headscale in [Sealos](https://sealos.io), click on 'Terminal' button on the right side of the headscale application's detail page to access the Terminal of the headscale application, then take the headscale command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale --user myfirstuser nodes register --key <YOU_+MACHINE_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
### Register machine using a pre authenticated key
|
|
||||||
|
|
||||||
click on 'Terminal' button on the right side of the headscale application's detail page to access the Terminal of the headscale application, then generate a key using the command line:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale --user myfirstuser preauthkeys create --reusable --expiration 24h
|
|
||||||
```
|
|
||||||
|
|
||||||
This will return a pre-authenticated key that can be used to connect a node to `headscale` during the `tailscale` command:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
|
||||||
```
|
|
||||||
|
|
||||||
## Controlling headscale with remote CLI
|
|
||||||
|
|
||||||
This documentation has the goal of showing a user how-to set control a headscale instance from a remote machine with the headscale command line binary.
|
|
||||||
|
|
||||||
### Create an API key
|
|
||||||
|
|
||||||
We need to create an API key to authenticate our remote headscale when using it from our workstation.
|
|
||||||
|
|
||||||
To create a API key, click on 'Terminal' button on the right side of the headscale application's detail page to access the Terminal of the headscale application, then generate a key:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale apikeys create --expiration 90d
|
|
||||||
```
|
|
||||||
|
|
||||||
Copy the output of the command and save it for later. Please note that you can not retrieve a key again, if the key is lost, expire the old one, and create a new key.
|
|
||||||
|
|
||||||
To list the keys currently assosicated with the server:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale apikeys list
|
|
||||||
```
|
|
||||||
|
|
||||||
and to expire a key:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
headscale apikeys expire --prefix "<PREFIX>"
|
|
||||||
```
|
|
||||||
|
|
||||||
### Download and configure `headscale` client
|
|
||||||
|
|
||||||
1. Download the latest [`headscale` binary from GitHub's release page](https://github.com/juanfont/headscale/releases):
|
|
||||||
|
|
||||||
2. Put the binary somewhere in your `PATH`, e.g. `/usr/local/bin/headscale`
|
|
||||||
|
|
||||||
3. Make `headscale` executable:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
chmod +x /usr/local/bin/headscale
|
|
||||||
```
|
|
||||||
|
|
||||||
4. Configure the CLI through Environment Variables
|
|
||||||
|
|
||||||
```shell
|
|
||||||
export HEADSCALE_CLI_ADDRESS="<HEADSCALE ADDRESS>:443"
|
|
||||||
export HEADSCALE_CLI_API_KEY="<API KEY FROM PREVIOUS STAGE>"
|
|
||||||
```
|
|
||||||
|
|
||||||
In the headscale application's detail page, The Public Address corresponding to port 50443 corresponds to the value of <HEADSCALE ADDRESS>.
|
|
||||||
|
|
||||||
![](./images/headscale-sealos-grpc-url.png)
|
|
||||||
|
|
||||||
for example:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
export HEADSCALE_CLI_ADDRESS="pwnjnnly.cloud.sealos.io:443"
|
|
||||||
export HEADSCALE_CLI_API_KEY="abcde12345"
|
|
||||||
```
|
|
||||||
|
|
||||||
This will tell the `headscale` binary to connect to a remote instance, instead of looking
|
|
||||||
for a local instance.
|
|
||||||
|
|
||||||
The API key is needed to make sure that your are allowed to access the server. The key is _not_
|
|
||||||
needed when running directly on the server, as the connection is local.
|
|
||||||
|
|
||||||
1. Test the connection
|
|
||||||
|
|
||||||
Let us run the headscale command to verify that we can connect by listing our nodes:
|
|
||||||
|
|
||||||
```shell
|
|
||||||
headscale nodes list
|
|
||||||
```
|
|
||||||
|
|
||||||
You should now be able to see a list of your nodes from your workstation, and you can
|
|
||||||
now control the `headscale` server from your workstation.
|
|
||||||
|
|
||||||
> Reference: [Headscale Deployment and Usage Guide: Mastering Tailscale's Self-Hosting Basics](https://icloudnative.io/en/posts/how-to-set-up-or-migrate-headscale/)
|
|
25
docs/setup/install/cloud.md
Normal file
25
docs/setup/install/cloud.md
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
# Running headscale in a cloud
|
||||||
|
|
||||||
|
!!! warning "Community documentation"
|
||||||
|
|
||||||
|
This page is not actively maintained by the headscale authors and is
|
||||||
|
written by community members. It is _not_ verified by headscale developers.
|
||||||
|
|
||||||
|
**It might be outdated and it might miss necessary steps**.
|
||||||
|
|
||||||
|
## Sealos
|
||||||
|
|
||||||
|
[Deploy headscale as service on Sealos.](https://icloudnative.io/en/posts/how-to-set-up-or-migrate-headscale/)
|
||||||
|
|
||||||
|
1. Click the following prebuilt template:
|
||||||
|
|
||||||
|
[![](https://cdn.jsdelivr.net/gh/labring-actions/templates@main/Deploy-on-Sealos.svg)](https://cloud.sealos.io/?openapp=system-template%3FtemplateName%3Dheadscale)
|
||||||
|
|
||||||
|
2. Click "Deploy Application" on the template page to start deployment. Upon completion, two applications appear: headscale, and one of its [web interfaces](../../ref/integration/web-ui.md).
|
||||||
|
3. Once deployment concludes, click 'Details' on the headscale application page to navigate to the application's details.
|
||||||
|
4. Wait for the application's status to switch to running. For accessing the headscale server, the Public Address associated with port 8080 is the address of the headscale server. To access the headscale console, simply append `/admin/` to the headscale public URL.
|
||||||
|
|
||||||
|
!!! tip "Remote CLI"
|
||||||
|
|
||||||
|
Headscale can be managed remotely via its remote CLI support. See our [Controlling headscale with remote
|
||||||
|
CLI](../../ref/remote-cli.md) documentation for details.
|
55
docs/setup/install/community.md
Normal file
55
docs/setup/install/community.md
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
# Community packages
|
||||||
|
|
||||||
|
Several Linux distributions and community members provide packages for headscale. Those packages may be used instead of
|
||||||
|
the [official releases](./official.md) provided by the headscale maintainers. Such packages offer improved integration
|
||||||
|
for their targeted operating system and usually:
|
||||||
|
|
||||||
|
- setup a dedicated user account to run headscale
|
||||||
|
- provide a default configuration
|
||||||
|
- install headscale as system service
|
||||||
|
|
||||||
|
!!! warning "Community packages might be outdated"
|
||||||
|
|
||||||
|
The packages mentioned on this page might be outdated or unmaintained. Use the [official releases](./official.md) to
|
||||||
|
get the current stable version or to test pre-releases.
|
||||||
|
|
||||||
|
[![Packaging status](https://repology.org/badge/vertical-allrepos/headscale.svg)](https://repology.org/project/headscale/versions)
|
||||||
|
|
||||||
|
## Arch Linux
|
||||||
|
|
||||||
|
Arch Linux offers a package for headscale, install via:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
pacman -S headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
The [AUR package `headscale-git`](https://aur.archlinux.org/packages/headscale-git) can be used to build the current
|
||||||
|
development version.
|
||||||
|
|
||||||
|
## Fedora, RHEL, CentOS
|
||||||
|
|
||||||
|
A 3rd-party repository for various RPM based distributions is available at:
|
||||||
|
<https://copr.fedorainfracloud.org/coprs/jonathanspw/headscale/>. The site provides detailed setup and installation
|
||||||
|
instructions.
|
||||||
|
|
||||||
|
## Nix, NixOS
|
||||||
|
|
||||||
|
A Nix package is available as: `headscale`. See the [NixOS package site for installation
|
||||||
|
details](https://search.nixos.org/packages?show=headscale).
|
||||||
|
|
||||||
|
## Gentoo
|
||||||
|
|
||||||
|
```shell
|
||||||
|
emerge --ask net-vpn/headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
Gentoo specific documentation is available [here](https://wiki.gentoo.org/wiki/User:Maffblaster/Drafts/Headscale).
|
||||||
|
|
||||||
|
## OpenBSD
|
||||||
|
|
||||||
|
Headscale is available in ports. The port installs headscale as system service with `rc.d` and provides usage
|
||||||
|
instructions upon installation.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
pkg_add headscale
|
||||||
|
```
|
155
docs/setup/install/container.md
Normal file
155
docs/setup/install/container.md
Normal file
|
@ -0,0 +1,155 @@
|
||||||
|
# Running headscale in a container
|
||||||
|
|
||||||
|
!!! warning "Community documentation"
|
||||||
|
|
||||||
|
This page is not actively maintained by the headscale authors and is
|
||||||
|
written by community members. It is _not_ verified by headscale developers.
|
||||||
|
|
||||||
|
**It might be outdated and it might miss necessary steps**.
|
||||||
|
|
||||||
|
This documentation has the goal of showing a user how-to set up and run headscale in a container.
|
||||||
|
[Docker](https://www.docker.com) is used as the reference container implementation, but there is no reason that it should
|
||||||
|
not work with alternatives like [Podman](https://podman.io). The Docker image can be found on Docker Hub [here](https://hub.docker.com/r/headscale/headscale).
|
||||||
|
|
||||||
|
## Configure and run headscale
|
||||||
|
|
||||||
|
1. Prepare a directory on the host Docker node in your directory of choice, used to hold headscale configuration and the [SQLite](https://www.sqlite.org/) database:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
mkdir -p ./headscale/config
|
||||||
|
cd ./headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Download the example configuration for your chosen version and save it as: `/etc/headscale/config.yaml`. Adjust the
|
||||||
|
configuration to suit your local environment. See [Configuration](../../ref/configuration.md) for details.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo mkdir -p /etc/headscale
|
||||||
|
sudo nano /etc/headscale/config.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
Alternatively, you can mount `/var/lib` and `/var/run` from your host system by adding
|
||||||
|
`--volume $(pwd)/lib:/var/lib/headscale` and `--volume $(pwd)/run:/var/run/headscale`
|
||||||
|
in the next step.
|
||||||
|
|
||||||
|
1. Start the headscale server while working in the host headscale directory:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker run \
|
||||||
|
--name headscale \
|
||||||
|
--detach \
|
||||||
|
--volume $(pwd)/config:/etc/headscale/ \
|
||||||
|
--publish 127.0.0.1:8080:8080 \
|
||||||
|
--publish 127.0.0.1:9090:9090 \
|
||||||
|
headscale/headscale:<VERSION> \
|
||||||
|
serve
|
||||||
|
```
|
||||||
|
|
||||||
|
Note: use `0.0.0.0:8080:8080` instead of `127.0.0.1:8080:8080` if you want to expose the container externally.
|
||||||
|
|
||||||
|
This command will mount `config/` under `/etc/headscale`, forward port 8080 out of the container so the
|
||||||
|
headscale instance becomes available and then detach so headscale runs in the background.
|
||||||
|
|
||||||
|
Example `docker-compose.yaml`
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
version: "3.7"
|
||||||
|
|
||||||
|
services:
|
||||||
|
headscale:
|
||||||
|
image: headscale/headscale:<VERSION>
|
||||||
|
restart: unless-stopped
|
||||||
|
container_name: headscale
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:8080:8080"
|
||||||
|
- "127.0.0.1:9090:9090"
|
||||||
|
volumes:
|
||||||
|
# Please change <CONFIG_PATH> to the fullpath of the config folder just created
|
||||||
|
- <CONFIG_PATH>:/etc/headscale
|
||||||
|
command: serve
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Verify headscale is running:
|
||||||
|
|
||||||
|
Follow the container logs:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker logs --follow headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
Verify running containers:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker ps
|
||||||
|
```
|
||||||
|
|
||||||
|
Verify headscale is available:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
curl http://127.0.0.1:9090/metrics
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Create a user ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale users create myfirstuser
|
||||||
|
```
|
||||||
|
|
||||||
|
### Register a machine (normal login)
|
||||||
|
|
||||||
|
On a client machine, execute the `tailscale` login command:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
tailscale up --login-server YOUR_HEADSCALE_URL
|
||||||
|
```
|
||||||
|
|
||||||
|
To register a machine when running headscale in a container, take the headscale command and pass it to the container:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale nodes register --user myfirstuser --key <YOUR_MACHINE_KEY>
|
||||||
|
```
|
||||||
|
|
||||||
|
### Register machine using a pre authenticated key
|
||||||
|
|
||||||
|
Generate a key using the command line:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale preauthkeys create --user myfirstuser --reusable --expiration 24h
|
||||||
|
```
|
||||||
|
|
||||||
|
This will return a pre-authenticated key that can be used to connect a node to headscale during the `tailscale` command:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
||||||
|
```
|
||||||
|
|
||||||
|
## Debugging headscale running in Docker
|
||||||
|
|
||||||
|
The `headscale/headscale` Docker container is based on a "distroless" image that does not contain a shell or any other debug tools. If you need to debug your application running in the Docker container, you can use the `-debug` variant, for example `headscale/headscale:x.x.x-debug`.
|
||||||
|
|
||||||
|
### Running the debug Docker container
|
||||||
|
|
||||||
|
To run the debug Docker container, use the exact same commands as above, but replace `headscale/headscale:x.x.x` with `headscale/headscale:x.x.x-debug` (`x.x.x` is the version of headscale). The two containers are compatible with each other, so you can alternate between them.
|
||||||
|
|
||||||
|
### Executing commands in the debug container
|
||||||
|
|
||||||
|
The default command in the debug container is to run `headscale`, which is located at `/ko-app/headscale` inside the container.
|
||||||
|
|
||||||
|
Additionally, the debug container includes a minimalist Busybox shell.
|
||||||
|
|
||||||
|
To launch a shell in the container, use:
|
||||||
|
|
||||||
|
```
|
||||||
|
docker run -it headscale/headscale:x.x.x-debug sh
|
||||||
|
```
|
||||||
|
|
||||||
|
You can also execute commands directly, such as `ls /ko-app` in this example:
|
||||||
|
|
||||||
|
```
|
||||||
|
docker run headscale/headscale:x.x.x-debug ls /ko-app
|
||||||
|
```
|
||||||
|
|
||||||
|
Using `docker exec -it` allows you to run commands in an existing container.
|
117
docs/setup/install/official.md
Normal file
117
docs/setup/install/official.md
Normal file
|
@ -0,0 +1,117 @@
|
||||||
|
# Official releases
|
||||||
|
|
||||||
|
Official releases for headscale are available as binaries for various platforms and DEB packages for Debian and Ubuntu.
|
||||||
|
Both are available on the [GitHub releases page](https://github.com/juanfont/headscale/releases).
|
||||||
|
|
||||||
|
## Using packages for Debian/Ubuntu (recommended)
|
||||||
|
|
||||||
|
It is recommended to use our DEB packages to install headscale on a Debian based system as those packages configure a
|
||||||
|
user to run headscale, provide a default configuration and ship with a systemd service file. Supported distributions are
|
||||||
|
Ubuntu 20.04 or newer, Debian 11 or newer.
|
||||||
|
|
||||||
|
1. Download the [latest headscale package](https://github.com/juanfont/headscale/releases/latest) for your platform (`.deb` for Ubuntu and Debian).
|
||||||
|
|
||||||
|
```shell
|
||||||
|
HEADSCALE_VERSION="" # See above URL for latest version, e.g. "X.Y.Z" (NOTE: do not add the "v" prefix!)
|
||||||
|
HEADSCALE_ARCH="" # Your system architecture, e.g. "amd64"
|
||||||
|
wget --output-document=headscale.deb \
|
||||||
|
"https://github.com/juanfont/headscale/releases/download/v${HEADSCALE_VERSION}/headscale_${HEADSCALE_VERSION}_linux_${HEADSCALE_ARCH}.deb"
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Install headscale:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo apt install ./headscale.deb
|
||||||
|
```
|
||||||
|
|
||||||
|
1. [Configure headscale by editing the configuration file](../../ref/configuration.md):
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo nano /etc/headscale/config.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Enable and start the headscale service:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo systemctl enable --now headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Verify that headscale is running as intended:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo systemctl status headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
## Using standalone binaries (advanced)
|
||||||
|
|
||||||
|
!!! warning "Advanced"
|
||||||
|
|
||||||
|
This installation method is considered advanced as one needs to take care of the headscale user and the systemd
|
||||||
|
service themselves. If possible, use the [DEB packages](#using-packages-for-debianubuntu-recommended) or a
|
||||||
|
[community package](./community.md) instead.
|
||||||
|
|
||||||
|
This section describes the installation of headscale according to the [Requirements and
|
||||||
|
assumptions](../requirements.md#assumptions). Headscale is run by a dedicated user and the service itself is managed by
|
||||||
|
systemd.
|
||||||
|
|
||||||
|
1. Download the latest [`headscale` binary from GitHub's release page](https://github.com/juanfont/headscale/releases):
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo wget --output-document=/usr/local/bin/headscale \
|
||||||
|
https://github.com/juanfont/headscale/releases/download/v<HEADSCALE VERSION>/headscale_<HEADSCALE VERSION>_linux_<ARCH>
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Make `headscale` executable:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo chmod +x /usr/local/bin/headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Add a dedicated user to run headscale:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo useradd \
|
||||||
|
--create-home \
|
||||||
|
--home-dir /var/lib/headscale/ \
|
||||||
|
--system \
|
||||||
|
--user-group \
|
||||||
|
--shell /usr/sbin/nologin \
|
||||||
|
headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Download the example configuration for your chosen version and save it as: `/etc/headscale/config.yaml`. Adjust the
|
||||||
|
configuration to suit your local environment. See [Configuration](../../ref/configuration.md) for details.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
sudo mkdir -p /etc/headscale
|
||||||
|
sudo nano /etc/headscale/config.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Copy [headscale's systemd service file](../../packaging/headscale.systemd.service) to
|
||||||
|
`/etc/systemd/system/headscale.service` and adjust it to suit your local setup. The following parameters likely need
|
||||||
|
to be modified: `ExecStart`, `WorkingDirectory`, `ReadWritePaths`.
|
||||||
|
|
||||||
|
1. In `/etc/headscale/config.yaml`, override the default `headscale` unix socket with a path that is writable by the
|
||||||
|
`headscale` user or group:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
unix_socket: /var/run/headscale/headscale.sock
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Reload systemd to load the new configuration file:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
systemctl daemon-reload
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Enable and start the new headscale service:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
systemctl enable --now headscale
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Verify that headscale is running as intended:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
systemctl status headscale
|
||||||
|
```
|
63
docs/setup/install/source.md
Normal file
63
docs/setup/install/source.md
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
# Build from source
|
||||||
|
|
||||||
|
!!! warning "Community documentation"
|
||||||
|
|
||||||
|
This page is not actively maintained by the headscale authors and is
|
||||||
|
written by community members. It is _not_ verified by headscale developers.
|
||||||
|
|
||||||
|
**It might be outdated and it might miss necessary steps**.
|
||||||
|
|
||||||
|
Headscale can be built from source using the latest version of [Go](https://golang.org) and [Buf](https://buf.build)
|
||||||
|
(Protobuf generator). See the [Contributing section in the GitHub
|
||||||
|
README](https://github.com/juanfont/headscale#contributing) for more information.
|
||||||
|
|
||||||
|
## OpenBSD
|
||||||
|
|
||||||
|
### Install from source
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Install prerequistes
|
||||||
|
pkg_add go
|
||||||
|
|
||||||
|
git clone https://github.com/juanfont/headscale.git
|
||||||
|
|
||||||
|
cd headscale
|
||||||
|
|
||||||
|
# optionally checkout a release
|
||||||
|
# option a. you can find official release at https://github.com/juanfont/headscale/releases/latest
|
||||||
|
# option b. get latest tag, this may be a beta release
|
||||||
|
latestTag=$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||||
|
|
||||||
|
git checkout $latestTag
|
||||||
|
|
||||||
|
go build -ldflags="-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$latestTag" github.com/juanfont/headscale
|
||||||
|
|
||||||
|
# make it executable
|
||||||
|
chmod a+x headscale
|
||||||
|
|
||||||
|
# copy it to /usr/local/sbin
|
||||||
|
cp headscale /usr/local/sbin
|
||||||
|
```
|
||||||
|
|
||||||
|
### Install from source via cross compile
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Install prerequistes
|
||||||
|
# 1. go v1.20+: headscale newer than 0.21 needs go 1.20+ to compile
|
||||||
|
# 2. gmake: Makefile in the headscale repo is written in GNU make syntax
|
||||||
|
|
||||||
|
git clone https://github.com/juanfont/headscale.git
|
||||||
|
|
||||||
|
cd headscale
|
||||||
|
|
||||||
|
# optionally checkout a release
|
||||||
|
# option a. you can find official release at https://github.com/juanfont/headscale/releases/latest
|
||||||
|
# option b. get latest tag, this may be a beta release
|
||||||
|
latestTag=$(git describe --tags `git rev-list --tags --max-count=1`)
|
||||||
|
|
||||||
|
git checkout $latestTag
|
||||||
|
|
||||||
|
make build GOOS=openbsd
|
||||||
|
|
||||||
|
# copy headscale to openbsd machine and put it in /usr/local/sbin
|
||||||
|
```
|
28
docs/setup/requirements.md
Normal file
28
docs/setup/requirements.md
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
# Requirements
|
||||||
|
|
||||||
|
Headscale should just work as long as the following requirements are met:
|
||||||
|
|
||||||
|
- A server with a public IP address for headscale. A dual-stack setup with a public IPv4 and a public IPv6 address is
|
||||||
|
recommended.
|
||||||
|
- Headscale is served via HTTPS on port 443[^1].
|
||||||
|
- A reasonably modern Linux or BSD based operating system.
|
||||||
|
- A dedicated user account to run headscale.
|
||||||
|
- A little bit of command line knowledge to configure and operate headscale.
|
||||||
|
|
||||||
|
## Assumptions
|
||||||
|
|
||||||
|
The headscale documentation and the provided examples are written with a few assumptions in mind:
|
||||||
|
|
||||||
|
- Headscale is running as system service via a dedicated user `headscale`.
|
||||||
|
- The [configuration](../ref/configuration.md) is loaded from `/etc/headscale/config.yaml`.
|
||||||
|
- SQLite is used as database.
|
||||||
|
- The data directory for headscale (used for private keys, ACLs, SQLite database, …) is located in `/var/lib/headscale`.
|
||||||
|
- URLs and values that need to be replaced by the user are either denoted as `<VALUE_TO_CHANGE>` or use placeholder
|
||||||
|
values such as `headscale.example.com`.
|
||||||
|
|
||||||
|
Please adjust to your local environment accordingly.
|
||||||
|
|
||||||
|
[^1]:
|
||||||
|
The Tailscale client assumes HTTPS on port 443 in certain situations. Serving headscale either via HTTP or via HTTPS
|
||||||
|
on a port other than 443 is possible but sticking with HTTPS on port 443 is strongly recommended for production
|
||||||
|
setups. See [issue 2164](https://github.com/juanfont/headscale/issues/2164) for more information.
|
10
docs/setup/upgrade.md
Normal file
10
docs/setup/upgrade.md
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
# Upgrade an existing installation
|
||||||
|
|
||||||
|
An existing headscale installation can be updated to a new version:
|
||||||
|
|
||||||
|
- Read the announcement on the [GitHub releases](https://github.com/juanfont/headscale/releases) page for the new
|
||||||
|
version. It lists the changes of the release along with possible breaking changes.
|
||||||
|
- **Create a backup of your database.**
|
||||||
|
- Update headscale to the new version, preferably by following the same installation method.
|
||||||
|
- Compare and update the [configuration](../ref/configuration.md) file.
|
||||||
|
- Restart headscale.
|
|
@ -1,19 +1,14 @@
|
||||||
# Connecting an Android client
|
# Connecting an Android client
|
||||||
|
|
||||||
## Goal
|
This documentation has the goal of showing how a user can use the official Android [Tailscale](https://tailscale.com) client with headscale.
|
||||||
|
|
||||||
This documentation has the goal of showing how a user can use the official Android [Tailscale](https://tailscale.com) client with `headscale`.
|
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
Install the official Tailscale Android client from the [Google Play Store](https://play.google.com/store/apps/details?id=com.tailscale.ipn) or [F-Droid](https://f-droid.org/packages/com.tailscale.ipn/).
|
Install the official Tailscale Android client from the [Google Play Store](https://play.google.com/store/apps/details?id=com.tailscale.ipn) or [F-Droid](https://f-droid.org/packages/com.tailscale.ipn/).
|
||||||
|
|
||||||
Ensure that the installed version is at least 1.30.0, as that is the first release to support custom URLs.
|
|
||||||
|
|
||||||
## Configuring the headscale URL
|
## Configuring the headscale URL
|
||||||
|
|
||||||
After opening the app:
|
- Open the app and select the settings menu in the upper-right corner
|
||||||
|
- Tap on `Accounts`
|
||||||
- Open setting and go into account settings
|
- In the kebab menu icon (three dots) in the upper-right corner select `Use an alternate server`
|
||||||
- In the kebab menu icon (three dots) on the top bar on the right select “Use an alternate server”
|
- Enter your server URL (e.g `https://headscale.example.com`) and follow the instructions
|
||||||
- Enter your server URL and follow the instructions
|
|
49
docs/usage/connect/apple.md
Normal file
49
docs/usage/connect/apple.md
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
# Connecting an Apple client
|
||||||
|
|
||||||
|
This documentation has the goal of showing how a user can use the official iOS and macOS [Tailscale](https://tailscale.com) clients with headscale.
|
||||||
|
|
||||||
|
!!! info "Instructions on your headscale instance"
|
||||||
|
|
||||||
|
An endpoint with information on how to connect your Apple device
|
||||||
|
is also available at `/apple` on your running instance.
|
||||||
|
|
||||||
|
## iOS
|
||||||
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
Install the official Tailscale iOS client from the [App Store](https://apps.apple.com/app/tailscale/id1470499037).
|
||||||
|
|
||||||
|
### Configuring the headscale URL
|
||||||
|
|
||||||
|
- Open Tailscale and make sure you are _not_ logged in to any account
|
||||||
|
- Open Settings on the iOS device
|
||||||
|
- Scroll down to the `third party apps` section, under `Game Center` or `TV Provider`
|
||||||
|
- Find Tailscale and select it
|
||||||
|
- If the iOS device was previously logged into Tailscale, switch the `Reset Keychain` toggle to `on`
|
||||||
|
- Enter the URL of your headscale instance (e.g `https://headscale.example.com`) under `Alternate Coordination Server URL`
|
||||||
|
- Restart the app by closing it from the iOS app switcher, open the app and select the regular sign in option
|
||||||
|
_(non-SSO)_. It should open up to the headscale authentication page.
|
||||||
|
- Enter your credentials and log in. Headscale should now be working on your iOS device.
|
||||||
|
|
||||||
|
## macOS
|
||||||
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
Choose one of the available [Tailscale clients for macOS](https://tailscale.com/kb/1065/macos-variants) and install it.
|
||||||
|
|
||||||
|
### Configuring the headscale URL
|
||||||
|
|
||||||
|
#### Command line
|
||||||
|
|
||||||
|
Use Tailscale's login command to connect with your headscale instance (e.g `https://headscale.example.com`):
|
||||||
|
|
||||||
|
```
|
||||||
|
tailscale login --login-server <YOUR_HEADSCALE_URL>
|
||||||
|
```
|
||||||
|
|
||||||
|
#### GUI
|
||||||
|
|
||||||
|
- ALT + Click the Tailscale icon in the menu and hover over the Debug menu
|
||||||
|
- Under `Custom Login Server`, select `Add Account...`
|
||||||
|
- Enter the URL of your headscale instance (e.g `https://headscale.example.com`) and press `Add Account`
|
||||||
|
- Follow the login procedure in the browser
|
59
docs/usage/connect/windows.md
Normal file
59
docs/usage/connect/windows.md
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
# Connecting a Windows client
|
||||||
|
|
||||||
|
This documentation has the goal of showing how a user can use the official Windows [Tailscale](https://tailscale.com) client with headscale.
|
||||||
|
|
||||||
|
!!! info "Instructions on your headscale instance"
|
||||||
|
|
||||||
|
An endpoint with information on how to connect your Windows device
|
||||||
|
is also available at `/windows` on your running instance.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
Download the [Official Windows Client](https://tailscale.com/download/windows) and install it.
|
||||||
|
|
||||||
|
## Configuring the headscale URL
|
||||||
|
|
||||||
|
Open a Command Prompt or Powershell and use Tailscale's login command to connect with your headscale instance (e.g
|
||||||
|
`https://headscale.example.com`):
|
||||||
|
|
||||||
|
```
|
||||||
|
tailscale login --login-server <YOUR_HEADSCALE_URL>
|
||||||
|
```
|
||||||
|
|
||||||
|
Follow the instructions in the opened browser window to finish the configuration.
|
||||||
|
|
||||||
|
## Troubleshooting
|
||||||
|
|
||||||
|
### Unattended mode
|
||||||
|
|
||||||
|
By default, Tailscale's Windows client is only running when the user is logged in. If you want to keep Tailscale running
|
||||||
|
all the time, please enable "Unattended mode":
|
||||||
|
|
||||||
|
- Click on the Tailscale tray icon and select `Preferences`
|
||||||
|
- Enable `Run unattended`
|
||||||
|
- Confirm the "Unattended mode" message
|
||||||
|
|
||||||
|
See also [Keep Tailscale running when I'm not logged in to my computer](https://tailscale.com/kb/1088/run-unattended)
|
||||||
|
|
||||||
|
### Failing node registration
|
||||||
|
|
||||||
|
If you are seeing repeated messages like:
|
||||||
|
|
||||||
|
```
|
||||||
|
[GIN] 2022/02/10 - 16:39:34 | 200 | 1.105306ms | 127.0.0.1 | POST "/machine/redacted"
|
||||||
|
```
|
||||||
|
|
||||||
|
in your headscale output, turn on `DEBUG` logging and look for:
|
||||||
|
|
||||||
|
```
|
||||||
|
2022-02-11T00:59:29Z DBG Machine registration has expired. Sending a authurl to register machine=redacted
|
||||||
|
```
|
||||||
|
|
||||||
|
This typically means that the registry keys above was not set appropriately.
|
||||||
|
|
||||||
|
To reset and try again, it is important to do the following:
|
||||||
|
|
||||||
|
1. Shut down the Tailscale service (or the client running in the tray)
|
||||||
|
2. Delete Tailscale Application data folder, located at `C:\Users\<USERNAME>\AppData\Local\Tailscale` and try to connect again.
|
||||||
|
3. Ensure the Windows node is deleted from headscale (to ensure fresh setup)
|
||||||
|
4. Start Tailscale on the Windows machine and retry the login.
|
132
docs/usage/getting-started.md
Normal file
132
docs/usage/getting-started.md
Normal file
|
@ -0,0 +1,132 @@
|
||||||
|
# Getting started
|
||||||
|
|
||||||
|
This page helps you get started with headscale and provides a few usage examples for the headscale command line tool
|
||||||
|
`headscale`.
|
||||||
|
|
||||||
|
!!! note "Prerequisites"
|
||||||
|
|
||||||
|
* Headscale is installed and running as system service. Read the [setup section](../setup/requirements.md) for
|
||||||
|
installation instructions.
|
||||||
|
* The configuration file exists and is adjusted to suit your environment, see
|
||||||
|
[Configuration](../ref/configuration.md) for details.
|
||||||
|
* The Tailscale client is installed, see [Client and operating system support](../about/clients.md) for more
|
||||||
|
information.
|
||||||
|
|
||||||
|
## Getting help
|
||||||
|
|
||||||
|
The `headscale` command line tool provides built-in help. To show available commands along with their arguments and
|
||||||
|
options, run:
|
||||||
|
|
||||||
|
=== "Native"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Show help
|
||||||
|
headscale help
|
||||||
|
|
||||||
|
# Show help for a specific command
|
||||||
|
headscale <COMMAND> --help
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Container"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# Show help
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale help
|
||||||
|
|
||||||
|
# Show help for a specific command
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale <COMMAND> --help
|
||||||
|
```
|
||||||
|
|
||||||
|
## Manage users
|
||||||
|
|
||||||
|
In headscale, a node (also known as machine or device) is always assigned to a specific user, a
|
||||||
|
[tailnet](https://tailscale.com/kb/1136/tailnet/). Such users can be managed with the `headscale users` command. Invoke
|
||||||
|
the built-in help for more information: `headscale users --help`.
|
||||||
|
|
||||||
|
### Create a user
|
||||||
|
|
||||||
|
=== "Native"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale users create <USER>
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Container"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale users create <USER>
|
||||||
|
```
|
||||||
|
|
||||||
|
### List existing users
|
||||||
|
|
||||||
|
=== "Native"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale users list
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Container"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale users list
|
||||||
|
```
|
||||||
|
|
||||||
|
## Register a node
|
||||||
|
|
||||||
|
One has to register a node first to use headscale as coordination with Tailscale. The following examples work for the
|
||||||
|
Tailscale client on Linux/BSD operating systems. Alternatively, follow the instructions to connect
|
||||||
|
[Android](connect/android.md), [Apple](connect/apple.md) or [Windows](connect/windows.md) devices.
|
||||||
|
|
||||||
|
### Normal, interactive login
|
||||||
|
|
||||||
|
On a client machine, run the `tailscale up` command and provide the FQDN of your headscale instance as argument:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
tailscale up --login-server <YOUR_HEADSCALE_URL>
|
||||||
|
```
|
||||||
|
|
||||||
|
Usually, a browser window with further instructions is opened and contains the value for `<YOUR_MACHINE_KEY>`. Approve
|
||||||
|
and register the node on your headscale server:
|
||||||
|
|
||||||
|
=== "Native"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale nodes register --user <USER> --key <YOUR_MACHINE_KEY>
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Container"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale nodes register --user <USER> --key <YOUR_MACHINE_KEY>
|
||||||
|
```
|
||||||
|
|
||||||
|
### Using a preauthkey
|
||||||
|
|
||||||
|
It is also possible to generate a preauthkey and register a node non-interactively. First, generate a preauthkey on the
|
||||||
|
headscale instance. By default, the key is valid for one hour and can only be used once (see `headscale preauthkeys
|
||||||
|
--help` for other options):
|
||||||
|
|
||||||
|
=== "Native"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
headscale preauthkeys create --user <USER>
|
||||||
|
```
|
||||||
|
|
||||||
|
=== "Container"
|
||||||
|
|
||||||
|
```shell
|
||||||
|
docker exec -it headscale \
|
||||||
|
headscale preauthkeys create --user <USER>
|
||||||
|
```
|
||||||
|
|
||||||
|
The command returns the preauthkey on success which is used to connect a node to the headscale instance via the
|
||||||
|
`tailscale up` command:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
|
||||||
|
```
|
|
@ -1,60 +0,0 @@
|
||||||
# Connecting a Windows client
|
|
||||||
|
|
||||||
## Goal
|
|
||||||
|
|
||||||
This documentation has the goal of showing how a user can use the official Windows [Tailscale](https://tailscale.com) client with `headscale`.
|
|
||||||
|
|
||||||
## Add registry keys
|
|
||||||
|
|
||||||
To make the Windows client behave as expected and to run well with `headscale`, two registry keys **must** be set:
|
|
||||||
|
|
||||||
- `HKLM:\SOFTWARE\Tailscale IPN\UnattendedMode` must be set to `always` as a `string` type, to allow Tailscale to run properly in the background
|
|
||||||
- `HKLM:\SOFTWARE\Tailscale IPN\LoginURL` must be set to `<YOUR HEADSCALE URL>` as a `string` type, to ensure Tailscale contacts the correct control server.
|
|
||||||
|
|
||||||
You can set these using the Windows Registry Editor:
|
|
||||||
|
|
||||||
![windows-registry](./images/windows-registry.png)
|
|
||||||
|
|
||||||
Or via the following Powershell commands (right click Powershell icon and select "Run as administrator"):
|
|
||||||
|
|
||||||
```
|
|
||||||
New-Item -Path "HKLM:\SOFTWARE\Tailscale IPN"
|
|
||||||
New-ItemProperty -Path 'HKLM:\Software\Tailscale IPN' -Name UnattendedMode -PropertyType String -Value always
|
|
||||||
New-ItemProperty -Path 'HKLM:\Software\Tailscale IPN' -Name LoginURL -PropertyType String -Value https://YOUR-HEADSCALE-URL
|
|
||||||
```
|
|
||||||
|
|
||||||
The Tailscale Windows client has been observed to reset its configuration on logout/reboot and these two keys [resolves that issue](https://github.com/tailscale/tailscale/issues/2798).
|
|
||||||
|
|
||||||
For a guide on how to edit registry keys, [check out Computer Hope](https://www.computerhope.com/issues/ch001348.htm).
|
|
||||||
|
|
||||||
## Installation
|
|
||||||
|
|
||||||
Download the [Official Windows Client](https://tailscale.com/download/windows) and install it.
|
|
||||||
|
|
||||||
When the installation has finished, start Tailscale and log in (you might have to click the icon in the system tray).
|
|
||||||
|
|
||||||
The log in should open a browser Window and direct you to your `headscale` instance.
|
|
||||||
|
|
||||||
## Troubleshooting
|
|
||||||
|
|
||||||
If you are seeing repeated messages like:
|
|
||||||
|
|
||||||
```
|
|
||||||
[GIN] 2022/02/10 - 16:39:34 | 200 | 1.105306ms | 127.0.0.1 | POST "/machine/redacted"
|
|
||||||
```
|
|
||||||
|
|
||||||
in your `headscale` output, turn on `DEBUG` logging and look for:
|
|
||||||
|
|
||||||
```
|
|
||||||
2022-02-11T00:59:29Z DBG Machine registration has expired. Sending a authurl to register machine=redacted
|
|
||||||
```
|
|
||||||
|
|
||||||
This typically means that the registry keys above was not set appropriately.
|
|
||||||
|
|
||||||
To reset and try again, it is important to do the following:
|
|
||||||
|
|
||||||
1. Ensure the registry keys from the previous guide is correctly set.
|
|
||||||
2. Shut down the Tailscale service (or the client running in the tray)
|
|
||||||
3. Delete Tailscale Application data folder, located at `C:\Users\<USERNAME>\AppData\Local\Tailscale` and try to connect again.
|
|
||||||
4. Ensure the Windows node is deleted from headscale (to ensure fresh setup)
|
|
||||||
5. Start Tailscale on the windows machine and retry the login.
|
|
12
flake.lock
12
flake.lock
|
@ -5,11 +5,11 @@
|
||||||
"systems": "systems"
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1710146030,
|
"lastModified": 1726560853,
|
||||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -20,11 +20,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720181791,
|
"lastModified": 1729850857,
|
||||||
"narHash": "sha256-i4vJL12/AdyuQuviMMd1Hk2tsGt02hDNhA0Zj1m16N8=",
|
"narHash": "sha256-WvLXzNNnnw+qpFOmgaM3JUlNEH+T4s22b5i2oyyCpXE=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "4284c2b73c8bce4b46a6adf23e16d9e2ec8da4bb",
|
"rev": "41dea55321e5a999b17033296ac05fe8a8b5a257",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
38
flake.nix
38
flake.nix
|
@ -20,8 +20,9 @@
|
||||||
{
|
{
|
||||||
overlay = _: prev: let
|
overlay = _: prev: let
|
||||||
pkgs = nixpkgs.legacyPackages.${prev.system};
|
pkgs = nixpkgs.legacyPackages.${prev.system};
|
||||||
|
buildGo = pkgs.buildGo123Module;
|
||||||
in rec {
|
in rec {
|
||||||
headscale = pkgs.buildGo122Module rec {
|
headscale = buildGo rec {
|
||||||
pname = "headscale";
|
pname = "headscale";
|
||||||
version = headscaleVersion;
|
version = headscaleVersion;
|
||||||
src = pkgs.lib.cleanSource self;
|
src = pkgs.lib.cleanSource self;
|
||||||
|
@ -31,30 +32,52 @@
|
||||||
|
|
||||||
# When updating go.mod or go.sum, a new sha will need to be calculated,
|
# When updating go.mod or go.sum, a new sha will need to be calculated,
|
||||||
# update this if you have a mismatch after doing a change to thos files.
|
# update this if you have a mismatch after doing a change to thos files.
|
||||||
vendorHash = "sha256-EorT2AVwA3usly/LcNor6r5UIhLCdj3L4O4ilgTIC2o=";
|
vendorHash = "sha256-CMkYTRjmhvTTrB7JbLj0cj9VEyzpG0iUWXkaOagwYTk=";
|
||||||
|
|
||||||
subPackages = ["cmd/headscale"];
|
subPackages = ["cmd/headscale"];
|
||||||
|
|
||||||
ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"];
|
ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"];
|
||||||
};
|
};
|
||||||
|
|
||||||
protoc-gen-grpc-gateway = pkgs.buildGoModule rec {
|
protoc-gen-grpc-gateway = buildGo rec {
|
||||||
pname = "grpc-gateway";
|
pname = "grpc-gateway";
|
||||||
version = "2.19.1";
|
version = "2.22.0";
|
||||||
|
|
||||||
src = pkgs.fetchFromGitHub {
|
src = pkgs.fetchFromGitHub {
|
||||||
owner = "grpc-ecosystem";
|
owner = "grpc-ecosystem";
|
||||||
repo = "grpc-gateway";
|
repo = "grpc-gateway";
|
||||||
rev = "v${version}";
|
rev = "v${version}";
|
||||||
sha256 = "sha256-CdGQpQfOSimeio8v1lZ7xzE/oAS2qFyu+uN+H9i7vpo=";
|
sha256 = "sha256-I1w3gfV06J8xG1xJ+XuMIGkV2/Ofszo7SCC+z4Xb6l4=";
|
||||||
};
|
};
|
||||||
|
|
||||||
vendorHash = "sha256-no7kZGpf/VOuceC3J+izGFQp5aMS3b+Rn+x4BFZ2zgs=";
|
vendorHash = "sha256-S4hcD5/BSGxM2qdJHMxOkxsJ5+Ks6m4lKHSS9+yZ17c=";
|
||||||
|
|
||||||
nativeBuildInputs = [pkgs.installShellFiles];
|
nativeBuildInputs = [pkgs.installShellFiles];
|
||||||
|
|
||||||
subPackages = ["protoc-gen-grpc-gateway" "protoc-gen-openapiv2"];
|
subPackages = ["protoc-gen-grpc-gateway" "protoc-gen-openapiv2"];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Upstream does not override buildGoModule properly,
|
||||||
|
# importing a specific module, so comment out for now.
|
||||||
|
# golangci-lint = prev.golangci-lint.override {
|
||||||
|
# buildGoModule = buildGo;
|
||||||
|
# };
|
||||||
|
|
||||||
|
goreleaser = prev.goreleaser.override {
|
||||||
|
buildGoModule = buildGo;
|
||||||
|
};
|
||||||
|
|
||||||
|
gotestsum = prev.gotestsum.override {
|
||||||
|
buildGoModule = buildGo;
|
||||||
|
};
|
||||||
|
|
||||||
|
gotests = prev.gotests.override {
|
||||||
|
buildGoModule = buildGo;
|
||||||
|
};
|
||||||
|
|
||||||
|
gofumpt = prev.gofumpt.override {
|
||||||
|
buildGoModule = buildGo;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
// flake-utils.lib.eachDefaultSystem
|
// flake-utils.lib.eachDefaultSystem
|
||||||
|
@ -63,7 +86,7 @@
|
||||||
overlays = [self.overlay];
|
overlays = [self.overlay];
|
||||||
inherit system;
|
inherit system;
|
||||||
};
|
};
|
||||||
buildDeps = with pkgs; [git go_1_22 gnumake];
|
buildDeps = with pkgs; [git go_1_23 gnumake];
|
||||||
devDeps = with pkgs;
|
devDeps = with pkgs;
|
||||||
buildDeps
|
buildDeps
|
||||||
++ [
|
++ [
|
||||||
|
@ -74,6 +97,7 @@
|
||||||
nfpm
|
nfpm
|
||||||
gotestsum
|
gotestsum
|
||||||
gotests
|
gotests
|
||||||
|
gofumpt
|
||||||
ksh
|
ksh
|
||||||
ko
|
ko
|
||||||
yq-go
|
yq-go
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/apikey.proto
|
// source: headscale/v1/apikey.proto
|
||||||
|
|
||||||
|
@ -512,7 +512,7 @@ func file_headscale_v1_apikey_proto_rawDescGZIP() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_apikey_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
|
var file_headscale_v1_apikey_proto_msgTypes = make([]protoimpl.MessageInfo, 9)
|
||||||
var file_headscale_v1_apikey_proto_goTypes = []interface{}{
|
var file_headscale_v1_apikey_proto_goTypes = []any{
|
||||||
(*ApiKey)(nil), // 0: headscale.v1.ApiKey
|
(*ApiKey)(nil), // 0: headscale.v1.ApiKey
|
||||||
(*CreateApiKeyRequest)(nil), // 1: headscale.v1.CreateApiKeyRequest
|
(*CreateApiKeyRequest)(nil), // 1: headscale.v1.CreateApiKeyRequest
|
||||||
(*CreateApiKeyResponse)(nil), // 2: headscale.v1.CreateApiKeyResponse
|
(*CreateApiKeyResponse)(nil), // 2: headscale.v1.CreateApiKeyResponse
|
||||||
|
@ -543,7 +543,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_apikey_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ApiKey); i {
|
switch v := v.(*ApiKey); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -555,7 +555,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreateApiKeyRequest); i {
|
switch v := v.(*CreateApiKeyRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -567,7 +567,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreateApiKeyResponse); i {
|
switch v := v.(*CreateApiKeyResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -579,7 +579,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpireApiKeyRequest); i {
|
switch v := v.(*ExpireApiKeyRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -591,7 +591,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpireApiKeyResponse); i {
|
switch v := v.(*ExpireApiKeyResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -603,7 +603,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListApiKeysRequest); i {
|
switch v := v.(*ListApiKeysRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -615,7 +615,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListApiKeysResponse); i {
|
switch v := v.(*ListApiKeysResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -627,7 +627,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[7].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteApiKeyRequest); i {
|
switch v := v.(*DeleteApiKeyRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -639,7 +639,7 @@ func file_headscale_v1_apikey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_apikey_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_apikey_proto_msgTypes[8].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteApiKeyResponse); i {
|
switch v := v.(*DeleteApiKeyResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/device.proto
|
// source: headscale/v1/device.proto
|
||||||
|
|
||||||
|
@ -925,7 +925,7 @@ func file_headscale_v1_device_proto_rawDescGZIP() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_device_proto_msgTypes = make([]protoimpl.MessageInfo, 12)
|
var file_headscale_v1_device_proto_msgTypes = make([]protoimpl.MessageInfo, 12)
|
||||||
var file_headscale_v1_device_proto_goTypes = []interface{}{
|
var file_headscale_v1_device_proto_goTypes = []any{
|
||||||
(*Latency)(nil), // 0: headscale.v1.Latency
|
(*Latency)(nil), // 0: headscale.v1.Latency
|
||||||
(*ClientSupports)(nil), // 1: headscale.v1.ClientSupports
|
(*ClientSupports)(nil), // 1: headscale.v1.ClientSupports
|
||||||
(*ClientConnectivity)(nil), // 2: headscale.v1.ClientConnectivity
|
(*ClientConnectivity)(nil), // 2: headscale.v1.ClientConnectivity
|
||||||
|
@ -961,7 +961,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_device_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*Latency); i {
|
switch v := v.(*Latency); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -973,7 +973,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ClientSupports); i {
|
switch v := v.(*ClientSupports); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -985,7 +985,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ClientConnectivity); i {
|
switch v := v.(*ClientConnectivity); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -997,7 +997,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetDeviceRequest); i {
|
switch v := v.(*GetDeviceRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1009,7 +1009,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetDeviceResponse); i {
|
switch v := v.(*GetDeviceResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1021,7 +1021,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteDeviceRequest); i {
|
switch v := v.(*DeleteDeviceRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1033,7 +1033,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteDeviceResponse); i {
|
switch v := v.(*DeleteDeviceResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1045,7 +1045,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[7].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetDeviceRoutesRequest); i {
|
switch v := v.(*GetDeviceRoutesRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1057,7 +1057,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[8].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetDeviceRoutesResponse); i {
|
switch v := v.(*GetDeviceRoutesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1069,7 +1069,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[9].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*EnableDeviceRoutesRequest); i {
|
switch v := v.(*EnableDeviceRoutesRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1081,7 +1081,7 @@ func file_headscale_v1_device_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_device_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_device_proto_msgTypes[10].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*EnableDeviceRoutesResponse); i {
|
switch v := v.(*EnableDeviceRoutesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/headscale.proto
|
// source: headscale/v1/headscale.proto
|
||||||
|
|
||||||
|
@ -36,213 +36,228 @@ var file_headscale_v1_headscale_proto_rawDesc = []byte{
|
||||||
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73,
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73,
|
||||||
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
0x65, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
|
0x65, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74,
|
||||||
0x6f, 0x32, 0x80, 0x19, 0x0a, 0x10, 0x48, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x53,
|
0x6f, 0x1a, 0x19, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x76, 0x31, 0x2f,
|
||||||
0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x63, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65,
|
0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x32, 0xd2, 0x1a, 0x0a,
|
||||||
0x72, 0x12, 0x1c, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
0x10, 0x48, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
|
||||||
0x2e, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
0x65, 0x12, 0x63, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x12, 0x1c, 0x2e, 0x68,
|
||||||
0x1d, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47,
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x55,
|
||||||
0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1b,
|
0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x68, 0x65, 0x61,
|
||||||
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x12, 0x13, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65,
|
||||||
0x75, 0x73, 0x65, 0x72, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x68, 0x0a, 0x0a, 0x43,
|
0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1b, 0x82, 0xd3, 0xe4, 0x93, 0x02,
|
||||||
0x72, 0x65, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
0x15, 0x12, 0x13, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f,
|
||||||
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x55,
|
0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x68, 0x0a, 0x0a, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65,
|
||||||
0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61,
|
|
||||||
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65,
|
|
||||||
0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x17, 0x82, 0xd3,
|
|
||||||
0xe4, 0x93, 0x02, 0x11, 0x3a, 0x01, 0x2a, 0x22, 0x0c, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31,
|
|
||||||
0x2f, 0x75, 0x73, 0x65, 0x72, 0x12, 0x82, 0x01, 0x0a, 0x0a, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65,
|
|
||||||
0x55, 0x73, 0x65, 0x72, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65,
|
0x55, 0x73, 0x65, 0x72, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65,
|
||||||
0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65,
|
0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65,
|
||||||
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52,
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||||
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x31, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2b, 0x22,
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x17, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x11, 0x3a,
|
||||||
0x29, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x7b, 0x6f,
|
0x01, 0x2a, 0x22, 0x0c, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72,
|
||||||
0x6c, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x2f, 0x72, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x2f,
|
0x12, 0x82, 0x01, 0x0a, 0x0a, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x12,
|
||||||
0x7b, 0x6e, 0x65, 0x77, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x6c, 0x0a, 0x0a, 0x44, 0x65,
|
0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52,
|
||||||
0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
|
||||||
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73,
|
0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
||||||
0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||||
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55,
|
0x73, 0x65, 0x22, 0x31, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2b, 0x22, 0x29, 0x2f, 0x61, 0x70, 0x69,
|
||||||
0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1b, 0x82, 0xd3, 0xe4,
|
0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x7b, 0x6f, 0x6c, 0x64, 0x5f, 0x6e, 0x61,
|
||||||
0x93, 0x02, 0x15, 0x2a, 0x13, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65,
|
0x6d, 0x65, 0x7d, 0x2f, 0x72, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x2f, 0x7b, 0x6e, 0x65, 0x77, 0x5f,
|
||||||
0x72, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x62, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74,
|
0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x6c, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55,
|
||||||
0x55, 0x73, 0x65, 0x72, 0x73, 0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
0x73, 0x65, 0x72, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
||||||
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65,
|
0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71,
|
||||||
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65,
|
||||||
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65,
|
0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65,
|
||||||
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x12, 0x0c,
|
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1b, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x2a, 0x13,
|
||||||
0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x12, 0x80, 0x01, 0x0a,
|
0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x7b, 0x6e, 0x61,
|
||||||
0x10, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65,
|
0x6d, 0x65, 0x7d, 0x12, 0x62, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73,
|
||||||
0x79, 0x12, 0x25, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
||||||
0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65,
|
0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
|
||||||
0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
||||||
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72,
|
0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
||||||
0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
0x65, 0x22, 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x12, 0x0c, 0x2f, 0x61, 0x70, 0x69, 0x2f,
|
||||||
|
0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x12, 0x80, 0x01, 0x0a, 0x10, 0x43, 0x72, 0x65, 0x61,
|
||||||
|
0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x12, 0x25, 0x2e, 0x68,
|
||||||
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61,
|
||||||
|
0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75,
|
||||||
|
0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
||||||
|
0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68,
|
||||||
|
0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1d, 0x82, 0xd3, 0xe4,
|
||||||
|
0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
||||||
|
0x70, 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b, 0x65, 0x79, 0x12, 0x87, 0x01, 0x0a, 0x10, 0x45,
|
||||||
|
0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x12,
|
||||||
|
0x25, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45,
|
||||||
|
0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52,
|
||||||
|
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41,
|
||||||
|
0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x24,
|
||||||
|
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1e, 0x3a, 0x01, 0x2a, 0x22, 0x19, 0x2f, 0x61, 0x70, 0x69, 0x2f,
|
||||||
|
0x76, 0x31, 0x2f, 0x70, 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b, 0x65, 0x79, 0x2f, 0x65, 0x78,
|
||||||
|
0x70, 0x69, 0x72, 0x65, 0x12, 0x7a, 0x0a, 0x0f, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x65, 0x41,
|
||||||
|
0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x24, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
||||||
|
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x65, 0x41, 0x75,
|
||||||
|
0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e,
|
||||||
|
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73,
|
||||||
|
0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70,
|
||||||
|
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x61,
|
||||||
|
0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b, 0x65, 0x79,
|
||||||
|
0x12, 0x7d, 0x0a, 0x0f, 0x44, 0x65, 0x62, 0x75, 0x67, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4e,
|
||||||
|
0x6f, 0x64, 0x65, 0x12, 0x24, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
||||||
|
0x76, 0x31, 0x2e, 0x44, 0x65, 0x62, 0x75, 0x67, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4e, 0x6f,
|
||||||
|
0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
||||||
|
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x62, 0x75, 0x67, 0x43, 0x72,
|
||||||
|
0x65, 0x61, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
0x22, 0x1d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, 0x2f, 0x61, 0x70,
|
0x22, 0x1d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, 0x2f, 0x61, 0x70,
|
||||||
0x69, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b, 0x65, 0x79, 0x12,
|
0x69, 0x2f, 0x76, 0x31, 0x2f, 0x64, 0x65, 0x62, 0x75, 0x67, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x12,
|
||||||
0x87, 0x01, 0x0a, 0x10, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74,
|
0x66, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1c, 0x2e, 0x68, 0x65, 0x61,
|
||||||
0x68, 0x4b, 0x65, 0x79, 0x12, 0x25, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65,
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64,
|
||||||
0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74,
|
0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
||||||
0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x68, 0x65,
|
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52,
|
||||||
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72,
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x12,
|
||||||
0x65, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f,
|
0x16, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e,
|
||||||
0x6e, 0x73, 0x65, 0x22, 0x24, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1e, 0x3a, 0x01, 0x2a, 0x22, 0x19,
|
0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x12, 0x6e, 0x0a, 0x07, 0x53, 0x65, 0x74, 0x54, 0x61,
|
||||||
0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x72, 0x65, 0x61, 0x75, 0x74, 0x68, 0x6b,
|
0x67, 0x73, 0x12, 0x1c, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76,
|
||||||
0x65, 0x79, 0x2f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x12, 0x7a, 0x0a, 0x0f, 0x4c, 0x69, 0x73,
|
0x31, 0x2e, 0x53, 0x65, 0x74, 0x54, 0x61, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
|
||||||
0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x24, 0x2e, 0x68,
|
0x1a, 0x1d, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
||||||
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74,
|
0x53, 0x65, 0x74, 0x54, 0x61, 0x67, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
|
||||||
0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
|
0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x20, 0x3a, 0x01, 0x2a, 0x22, 0x1b, 0x2f, 0x61, 0x70, 0x69,
|
||||||
0x73, 0x74, 0x1a, 0x25, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76,
|
0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69,
|
||||||
0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x72, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4b, 0x65, 0x79,
|
0x64, 0x7d, 0x2f, 0x74, 0x61, 0x67, 0x73, 0x12, 0x74, 0x0a, 0x0c, 0x52, 0x65, 0x67, 0x69, 0x73,
|
||||||
0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1a, 0x82, 0xd3, 0xe4, 0x93, 0x02,
|
0x74, 0x65, 0x72, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
||||||
0x14, 0x12, 0x12, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x72, 0x65, 0x61, 0x75,
|
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x4e,
|
||||||
0x74, 0x68, 0x6b, 0x65, 0x79, 0x12, 0x7d, 0x0a, 0x0f, 0x44, 0x65, 0x62, 0x75, 0x67, 0x43, 0x72,
|
0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68, 0x65, 0x61,
|
||||||
0x65, 0x61, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x24, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74,
|
||||||
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x62, 0x75, 0x67, 0x43, 0x72, 0x65,
|
0x65, 0x72, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1d,
|
||||||
0x61, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25,
|
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x22, 0x15, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
||||||
0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65,
|
0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x12, 0x6f, 0x0a,
|
||||||
0x62, 0x75, 0x67, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73,
|
0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1f, 0x2e, 0x68, 0x65,
|
||||||
0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a,
|
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74,
|
||||||
0x22, 0x12, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x64, 0x65, 0x62, 0x75, 0x67, 0x2f,
|
0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68,
|
||||||
0x6e, 0x6f, 0x64, 0x65, 0x12, 0x66, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x12,
|
|
||||||
0x1c, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47,
|
|
||||||
0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e,
|
|
||||||
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74,
|
|
||||||
0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3,
|
|
||||||
0xe4, 0x93, 0x02, 0x18, 0x12, 0x16, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f,
|
|
||||||
0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x12, 0x6e, 0x0a, 0x07,
|
|
||||||
0x53, 0x65, 0x74, 0x54, 0x61, 0x67, 0x73, 0x12, 0x1c, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
|
||||||
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x54, 0x61, 0x67, 0x73, 0x52, 0x65,
|
|
||||||
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
|
||||||
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x54, 0x61, 0x67, 0x73, 0x52, 0x65, 0x73, 0x70,
|
|
||||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x20, 0x3a, 0x01, 0x2a, 0x22,
|
|
||||||
0x1b, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e,
|
|
||||||
0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x74, 0x61, 0x67, 0x73, 0x12, 0x74, 0x0a, 0x0c,
|
|
||||||
0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x21, 0x2e, 0x68,
|
|
||||||
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x67, 0x69,
|
|
||||||
0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
|
||||||
0x22, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52,
|
|
||||||
0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f,
|
|
||||||
0x6e, 0x73, 0x65, 0x22, 0x1d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x22, 0x15, 0x2f, 0x61, 0x70,
|
|
||||||
0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74,
|
|
||||||
0x65, 0x72, 0x12, 0x6f, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65,
|
|
||||||
0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
|
||||||
0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
|
||||||
0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
|
||||||
0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f,
|
|
||||||
0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x2a, 0x16, 0x2f, 0x61, 0x70,
|
|
||||||
0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f,
|
|
||||||
0x69, 0x64, 0x7d, 0x12, 0x76, 0x0a, 0x0a, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x4e, 0x6f, 0x64,
|
|
||||||
0x65, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
|
||||||
0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
|
|
||||||
0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76,
|
|
||||||
0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70,
|
|
||||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1f, 0x22, 0x1d, 0x2f, 0x61,
|
|
||||||
0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65,
|
|
||||||
0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x12, 0x81, 0x01, 0x0a, 0x0a,
|
|
||||||
0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61,
|
|
||||||
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65,
|
|
||||||
0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65,
|
|
||||||
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d,
|
|
||||||
0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x30, 0x82,
|
|
||||||
0xd3, 0xe4, 0x93, 0x02, 0x2a, 0x22, 0x28, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e,
|
|
||||||
0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x72, 0x65,
|
|
||||||
0x6e, 0x61, 0x6d, 0x65, 0x2f, 0x7b, 0x6e, 0x65, 0x77, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12,
|
|
||||||
0x62, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x68,
|
|
||||||
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74,
|
|
||||||
0x4e, 0x6f, 0x64, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x68,
|
|
||||||
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74,
|
|
||||||
0x4e, 0x6f, 0x64, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x14, 0x82,
|
|
||||||
0xd3, 0xe4, 0x93, 0x02, 0x0e, 0x12, 0x0c, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e,
|
|
||||||
0x6f, 0x64, 0x65, 0x12, 0x6e, 0x0a, 0x08, 0x4d, 0x6f, 0x76, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12,
|
|
||||||
0x1d, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4d,
|
|
||||||
0x6f, 0x76, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e,
|
|
||||||
0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x6f,
|
|
||||||
0x76, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23,
|
|
||||||
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x22, 0x1b, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
|
||||||
0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x75,
|
|
||||||
0x73, 0x65, 0x72, 0x12, 0x80, 0x01, 0x0a, 0x0f, 0x42, 0x61, 0x63, 0x6b, 0x66, 0x69, 0x6c, 0x6c,
|
|
||||||
0x4e, 0x6f, 0x64, 0x65, 0x49, 0x50, 0x73, 0x12, 0x24, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
|
||||||
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x66, 0x69, 0x6c, 0x6c, 0x4e,
|
|
||||||
0x6f, 0x64, 0x65, 0x49, 0x50, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e,
|
|
||||||
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x63,
|
|
||||||
0x6b, 0x66, 0x69, 0x6c, 0x6c, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x50, 0x73, 0x52, 0x65, 0x73, 0x70,
|
|
||||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x20, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x22, 0x18, 0x2f, 0x61,
|
|
||||||
0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x66,
|
|
||||||
0x69, 0x6c, 0x6c, 0x69, 0x70, 0x73, 0x12, 0x64, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75,
|
|
||||||
0x74, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
|
||||||
0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75,
|
|
||||||
0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
|
||||||
0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70,
|
|
||||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, 0x2f, 0x61,
|
|
||||||
0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x7c, 0x0a, 0x0b,
|
|
||||||
0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x20, 0x2e, 0x68, 0x65,
|
|
||||||
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x61, 0x62, 0x6c,
|
|
||||||
0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e,
|
|
||||||
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x61,
|
|
||||||
0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
|
||||||
0x22, 0x28, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x22, 0x22, 0x20, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
|
|
||||||
0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
|
|
||||||
0x69, 0x64, 0x7d, 0x2f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x80, 0x01, 0x0a, 0x0c, 0x44,
|
|
||||||
0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x21, 0x2e, 0x68, 0x65,
|
|
||||||
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x69, 0x73, 0x61, 0x62,
|
|
||||||
0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22,
|
|
||||||
0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x69,
|
|
||||||
0x73, 0x61, 0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
|
||||||
0x73, 0x65, 0x22, 0x29, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x22, 0x21, 0x2f, 0x61, 0x70, 0x69,
|
|
||||||
0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74,
|
|
||||||
0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x7f, 0x0a,
|
|
||||||
0x0d, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x22,
|
|
||||||
0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65,
|
|
||||||
0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
|
|
||||||
0x73, 0x74, 0x1a, 0x23, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76,
|
|
||||||
0x31, 0x2e, 0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52,
|
|
||||||
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1f, 0x12,
|
|
||||||
0x1d, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e,
|
|
||||||
0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x75,
|
|
||||||
0x0a, 0x0b, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x20, 0x2e,
|
|
||||||
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c,
|
|
||||||
0x65, 0x74, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
|
||||||
0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44,
|
|
||||||
0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
|
||||||
0x73, 0x65, 0x22, 0x21, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1b, 0x2a, 0x19, 0x2f, 0x61, 0x70, 0x69,
|
|
||||||
0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74,
|
|
||||||
0x65, 0x5f, 0x69, 0x64, 0x7d, 0x12, 0x70, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41,
|
|
||||||
0x70, 0x69, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
|
||||||
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65,
|
|
||||||
0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
|
||||||
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70,
|
|
||||||
0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, 0x82, 0xd3,
|
|
||||||
0xe4, 0x93, 0x02, 0x13, 0x3a, 0x01, 0x2a, 0x22, 0x0e, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31,
|
|
||||||
0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x12, 0x77, 0x0a, 0x0c, 0x45, 0x78, 0x70, 0x69, 0x72,
|
|
||||||
0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
|
||||||
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x41, 0x70, 0x69,
|
|
||||||
0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68, 0x65, 0x61,
|
|
||||||
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65,
|
|
||||||
0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x20,
|
|
||||||
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, 0x61, 0x70, 0x69, 0x2f,
|
|
||||||
0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65,
|
|
||||||
0x12, 0x6a, 0x0a, 0x0b, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x12,
|
|
||||||
0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c,
|
|
||||||
0x69, 0x73, 0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
|
||||||
0x74, 0x1a, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
|
||||||
0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70,
|
|
||||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, 0x2f, 0x61,
|
|
||||||
0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x12, 0x76, 0x0a, 0x0c,
|
|
||||||
0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68,
|
|
||||||
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65,
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65,
|
||||||
0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
0x74, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e,
|
||||||
0x22, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44,
|
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x2a, 0x16, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
||||||
0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f,
|
0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x12, 0x76,
|
||||||
0x6e, 0x73, 0x65, 0x22, 0x1f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x2a, 0x17, 0x2f, 0x61, 0x70,
|
0x0a, 0x0a, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1f, 0x2e, 0x68,
|
||||||
0x69, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2f, 0x7b, 0x70, 0x72, 0x65,
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69,
|
||||||
0x66, 0x69, 0x78, 0x7d, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63,
|
0x72, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e,
|
||||||
0x6f, 0x6d, 0x2f, 0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64,
|
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70,
|
||||||
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62,
|
0x69, 0x72, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
|
||||||
0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
0x25, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1f, 0x22, 0x1d, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31,
|
||||||
|
0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f,
|
||||||
|
0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x12, 0x81, 0x01, 0x0a, 0x0a, 0x52, 0x65, 0x6e, 0x61, 0x6d,
|
||||||
|
0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x52,
|
||||||
|
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x4e, 0x6f, 0x64, 0x65,
|
||||||
|
0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x30, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2a,
|
||||||
|
0x22, 0x28, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b,
|
||||||
|
0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x72, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x2f,
|
||||||
|
0x7b, 0x6e, 0x65, 0x77, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x62, 0x0a, 0x09, 0x4c, 0x69,
|
||||||
|
0x73, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x73, 0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
||||||
|
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x73,
|
||||||
|
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
||||||
|
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x73,
|
||||||
|
0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x14, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0e,
|
||||||
|
0x12, 0x0c, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x12, 0x71,
|
||||||
|
0x0a, 0x08, 0x4d, 0x6f, 0x76, 0x65, 0x4e, 0x6f, 0x64, 0x65, 0x12, 0x1d, 0x2e, 0x68, 0x65, 0x61,
|
||||||
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x6f, 0x76, 0x65, 0x4e, 0x6f,
|
||||||
|
0x64, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
||||||
|
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x6f, 0x76, 0x65, 0x4e, 0x6f, 0x64,
|
||||||
|
0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02,
|
||||||
|
0x20, 0x3a, 0x01, 0x2a, 0x22, 0x1b, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f,
|
||||||
|
0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x75, 0x73, 0x65,
|
||||||
|
0x72, 0x12, 0x80, 0x01, 0x0a, 0x0f, 0x42, 0x61, 0x63, 0x6b, 0x66, 0x69, 0x6c, 0x6c, 0x4e, 0x6f,
|
||||||
|
0x64, 0x65, 0x49, 0x50, 0x73, 0x12, 0x24, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x66, 0x69, 0x6c, 0x6c, 0x4e, 0x6f, 0x64,
|
||||||
|
0x65, 0x49, 0x50, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x68, 0x65,
|
||||||
|
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x42, 0x61, 0x63, 0x6b, 0x66,
|
||||||
|
0x69, 0x6c, 0x6c, 0x4e, 0x6f, 0x64, 0x65, 0x49, 0x50, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||||
|
0x73, 0x65, 0x22, 0x20, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x22, 0x18, 0x2f, 0x61, 0x70, 0x69,
|
||||||
|
0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x62, 0x61, 0x63, 0x6b, 0x66, 0x69, 0x6c,
|
||||||
|
0x6c, 0x69, 0x70, 0x73, 0x12, 0x64, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75, 0x74, 0x65,
|
||||||
|
0x73, 0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
||||||
|
0x2e, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
||||||
|
0x74, 0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31,
|
||||||
|
0x2e, 0x47, 0x65, 0x74, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||||
|
0x73, 0x65, 0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, 0x2f, 0x61, 0x70, 0x69,
|
||||||
|
0x2f, 0x76, 0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x7c, 0x0a, 0x0b, 0x45, 0x6e,
|
||||||
|
0x61, 0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x20, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
||||||
|
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x52,
|
||||||
|
0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x68, 0x65,
|
||||||
|
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x61, 0x62, 0x6c,
|
||||||
|
0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x28,
|
||||||
|
0x82, 0xd3, 0xe4, 0x93, 0x02, 0x22, 0x22, 0x20, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f,
|
||||||
|
0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f, 0x69, 0x64,
|
||||||
|
0x7d, 0x2f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x80, 0x01, 0x0a, 0x0c, 0x44, 0x69, 0x73,
|
||||||
|
0x61, 0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64,
|
||||||
|
0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65,
|
||||||
|
0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68,
|
||||||
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x69, 0x73, 0x61,
|
||||||
|
0x62, 0x6c, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
|
0x22, 0x29, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x22, 0x21, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
|
||||||
|
0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
|
||||||
|
0x69, 0x64, 0x7d, 0x2f, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x12, 0x7f, 0x0a, 0x0d, 0x47,
|
||||||
|
0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x22, 0x2e, 0x68,
|
||||||
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x4e,
|
||||||
|
0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
|
||||||
|
0x1a, 0x23, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e,
|
||||||
|
0x47, 0x65, 0x74, 0x4e, 0x6f, 0x64, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73,
|
||||||
|
0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1f, 0x12, 0x1d, 0x2f,
|
||||||
|
0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x6e, 0x6f, 0x64, 0x65, 0x2f, 0x7b, 0x6e, 0x6f, 0x64,
|
||||||
|
0x65, 0x5f, 0x69, 0x64, 0x7d, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x12, 0x75, 0x0a, 0x0b,
|
||||||
|
0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x20, 0x2e, 0x68, 0x65,
|
||||||
|
0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74,
|
||||||
|
0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e,
|
||||||
|
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c,
|
||||||
|
0x65, 0x74, 0x65, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
|
0x22, 0x21, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1b, 0x2a, 0x19, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
|
||||||
|
0x31, 0x2f, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x73, 0x2f, 0x7b, 0x72, 0x6f, 0x75, 0x74, 0x65, 0x5f,
|
||||||
|
0x69, 0x64, 0x7d, 0x12, 0x70, 0x0a, 0x0c, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x69,
|
||||||
|
0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e,
|
||||||
|
0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52,
|
||||||
|
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b,
|
||||||
|
0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, 0x82, 0xd3, 0xe4, 0x93,
|
||||||
|
0x02, 0x13, 0x3a, 0x01, 0x2a, 0x22, 0x0e, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x61,
|
||||||
|
0x70, 0x69, 0x6b, 0x65, 0x79, 0x12, 0x77, 0x0a, 0x0c, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x41,
|
||||||
|
0x70, 0x69, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65,
|
||||||
|
0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73,
|
||||||
|
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x78, 0x70, 0x69, 0x72, 0x65, 0x41, 0x70,
|
||||||
|
0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x20, 0x82, 0xd3,
|
||||||
|
0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31,
|
||||||
|
0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2f, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x12, 0x6a,
|
||||||
|
0x0a, 0x0b, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x12, 0x20, 0x2e,
|
||||||
|
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73,
|
||||||
|
0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
||||||
|
0x21, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x4c,
|
||||||
|
0x69, 0x73, 0x74, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||||
|
0x73, 0x65, 0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, 0x2f, 0x61, 0x70, 0x69,
|
||||||
|
0x2f, 0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x12, 0x76, 0x0a, 0x0c, 0x44, 0x65,
|
||||||
|
0x6c, 0x65, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x12, 0x21, 0x2e, 0x68, 0x65, 0x61,
|
||||||
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65,
|
||||||
|
0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e,
|
||||||
|
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c,
|
||||||
|
0x65, 0x74, 0x65, 0x41, 0x70, 0x69, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
||||||
|
0x65, 0x22, 0x1f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x2a, 0x17, 0x2f, 0x61, 0x70, 0x69, 0x2f,
|
||||||
|
0x76, 0x31, 0x2f, 0x61, 0x70, 0x69, 0x6b, 0x65, 0x79, 0x2f, 0x7b, 0x70, 0x72, 0x65, 0x66, 0x69,
|
||||||
|
0x78, 0x7d, 0x12, 0x64, 0x0a, 0x09, 0x47, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12,
|
||||||
|
0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47,
|
||||||
|
0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a,
|
||||||
|
0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x47,
|
||||||
|
0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
|
0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76,
|
||||||
|
0x31, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x67, 0x0a, 0x09, 0x53, 0x65, 0x74, 0x50,
|
||||||
|
0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x1e, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65,
|
||||||
|
0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65,
|
||||||
|
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x3a, 0x01,
|
||||||
|
0x2a, 0x1a, 0x0e, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63,
|
||||||
|
0x79, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
|
||||||
|
0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72,
|
||||||
|
0x6f, 0x74, 0x6f, 0x33,
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_headscale_proto_goTypes = []interface{}{
|
var file_headscale_v1_headscale_proto_goTypes = []any{
|
||||||
(*GetUserRequest)(nil), // 0: headscale.v1.GetUserRequest
|
(*GetUserRequest)(nil), // 0: headscale.v1.GetUserRequest
|
||||||
(*CreateUserRequest)(nil), // 1: headscale.v1.CreateUserRequest
|
(*CreateUserRequest)(nil), // 1: headscale.v1.CreateUserRequest
|
||||||
(*RenameUserRequest)(nil), // 2: headscale.v1.RenameUserRequest
|
(*RenameUserRequest)(nil), // 2: headscale.v1.RenameUserRequest
|
||||||
|
@ -270,33 +285,37 @@ var file_headscale_v1_headscale_proto_goTypes = []interface{}{
|
||||||
(*ExpireApiKeyRequest)(nil), // 24: headscale.v1.ExpireApiKeyRequest
|
(*ExpireApiKeyRequest)(nil), // 24: headscale.v1.ExpireApiKeyRequest
|
||||||
(*ListApiKeysRequest)(nil), // 25: headscale.v1.ListApiKeysRequest
|
(*ListApiKeysRequest)(nil), // 25: headscale.v1.ListApiKeysRequest
|
||||||
(*DeleteApiKeyRequest)(nil), // 26: headscale.v1.DeleteApiKeyRequest
|
(*DeleteApiKeyRequest)(nil), // 26: headscale.v1.DeleteApiKeyRequest
|
||||||
(*GetUserResponse)(nil), // 27: headscale.v1.GetUserResponse
|
(*GetPolicyRequest)(nil), // 27: headscale.v1.GetPolicyRequest
|
||||||
(*CreateUserResponse)(nil), // 28: headscale.v1.CreateUserResponse
|
(*SetPolicyRequest)(nil), // 28: headscale.v1.SetPolicyRequest
|
||||||
(*RenameUserResponse)(nil), // 29: headscale.v1.RenameUserResponse
|
(*GetUserResponse)(nil), // 29: headscale.v1.GetUserResponse
|
||||||
(*DeleteUserResponse)(nil), // 30: headscale.v1.DeleteUserResponse
|
(*CreateUserResponse)(nil), // 30: headscale.v1.CreateUserResponse
|
||||||
(*ListUsersResponse)(nil), // 31: headscale.v1.ListUsersResponse
|
(*RenameUserResponse)(nil), // 31: headscale.v1.RenameUserResponse
|
||||||
(*CreatePreAuthKeyResponse)(nil), // 32: headscale.v1.CreatePreAuthKeyResponse
|
(*DeleteUserResponse)(nil), // 32: headscale.v1.DeleteUserResponse
|
||||||
(*ExpirePreAuthKeyResponse)(nil), // 33: headscale.v1.ExpirePreAuthKeyResponse
|
(*ListUsersResponse)(nil), // 33: headscale.v1.ListUsersResponse
|
||||||
(*ListPreAuthKeysResponse)(nil), // 34: headscale.v1.ListPreAuthKeysResponse
|
(*CreatePreAuthKeyResponse)(nil), // 34: headscale.v1.CreatePreAuthKeyResponse
|
||||||
(*DebugCreateNodeResponse)(nil), // 35: headscale.v1.DebugCreateNodeResponse
|
(*ExpirePreAuthKeyResponse)(nil), // 35: headscale.v1.ExpirePreAuthKeyResponse
|
||||||
(*GetNodeResponse)(nil), // 36: headscale.v1.GetNodeResponse
|
(*ListPreAuthKeysResponse)(nil), // 36: headscale.v1.ListPreAuthKeysResponse
|
||||||
(*SetTagsResponse)(nil), // 37: headscale.v1.SetTagsResponse
|
(*DebugCreateNodeResponse)(nil), // 37: headscale.v1.DebugCreateNodeResponse
|
||||||
(*RegisterNodeResponse)(nil), // 38: headscale.v1.RegisterNodeResponse
|
(*GetNodeResponse)(nil), // 38: headscale.v1.GetNodeResponse
|
||||||
(*DeleteNodeResponse)(nil), // 39: headscale.v1.DeleteNodeResponse
|
(*SetTagsResponse)(nil), // 39: headscale.v1.SetTagsResponse
|
||||||
(*ExpireNodeResponse)(nil), // 40: headscale.v1.ExpireNodeResponse
|
(*RegisterNodeResponse)(nil), // 40: headscale.v1.RegisterNodeResponse
|
||||||
(*RenameNodeResponse)(nil), // 41: headscale.v1.RenameNodeResponse
|
(*DeleteNodeResponse)(nil), // 41: headscale.v1.DeleteNodeResponse
|
||||||
(*ListNodesResponse)(nil), // 42: headscale.v1.ListNodesResponse
|
(*ExpireNodeResponse)(nil), // 42: headscale.v1.ExpireNodeResponse
|
||||||
(*MoveNodeResponse)(nil), // 43: headscale.v1.MoveNodeResponse
|
(*RenameNodeResponse)(nil), // 43: headscale.v1.RenameNodeResponse
|
||||||
(*BackfillNodeIPsResponse)(nil), // 44: headscale.v1.BackfillNodeIPsResponse
|
(*ListNodesResponse)(nil), // 44: headscale.v1.ListNodesResponse
|
||||||
(*GetRoutesResponse)(nil), // 45: headscale.v1.GetRoutesResponse
|
(*MoveNodeResponse)(nil), // 45: headscale.v1.MoveNodeResponse
|
||||||
(*EnableRouteResponse)(nil), // 46: headscale.v1.EnableRouteResponse
|
(*BackfillNodeIPsResponse)(nil), // 46: headscale.v1.BackfillNodeIPsResponse
|
||||||
(*DisableRouteResponse)(nil), // 47: headscale.v1.DisableRouteResponse
|
(*GetRoutesResponse)(nil), // 47: headscale.v1.GetRoutesResponse
|
||||||
(*GetNodeRoutesResponse)(nil), // 48: headscale.v1.GetNodeRoutesResponse
|
(*EnableRouteResponse)(nil), // 48: headscale.v1.EnableRouteResponse
|
||||||
(*DeleteRouteResponse)(nil), // 49: headscale.v1.DeleteRouteResponse
|
(*DisableRouteResponse)(nil), // 49: headscale.v1.DisableRouteResponse
|
||||||
(*CreateApiKeyResponse)(nil), // 50: headscale.v1.CreateApiKeyResponse
|
(*GetNodeRoutesResponse)(nil), // 50: headscale.v1.GetNodeRoutesResponse
|
||||||
(*ExpireApiKeyResponse)(nil), // 51: headscale.v1.ExpireApiKeyResponse
|
(*DeleteRouteResponse)(nil), // 51: headscale.v1.DeleteRouteResponse
|
||||||
(*ListApiKeysResponse)(nil), // 52: headscale.v1.ListApiKeysResponse
|
(*CreateApiKeyResponse)(nil), // 52: headscale.v1.CreateApiKeyResponse
|
||||||
(*DeleteApiKeyResponse)(nil), // 53: headscale.v1.DeleteApiKeyResponse
|
(*ExpireApiKeyResponse)(nil), // 53: headscale.v1.ExpireApiKeyResponse
|
||||||
|
(*ListApiKeysResponse)(nil), // 54: headscale.v1.ListApiKeysResponse
|
||||||
|
(*DeleteApiKeyResponse)(nil), // 55: headscale.v1.DeleteApiKeyResponse
|
||||||
|
(*GetPolicyResponse)(nil), // 56: headscale.v1.GetPolicyResponse
|
||||||
|
(*SetPolicyResponse)(nil), // 57: headscale.v1.SetPolicyResponse
|
||||||
}
|
}
|
||||||
var file_headscale_v1_headscale_proto_depIdxs = []int32{
|
var file_headscale_v1_headscale_proto_depIdxs = []int32{
|
||||||
0, // 0: headscale.v1.HeadscaleService.GetUser:input_type -> headscale.v1.GetUserRequest
|
0, // 0: headscale.v1.HeadscaleService.GetUser:input_type -> headscale.v1.GetUserRequest
|
||||||
|
@ -326,35 +345,39 @@ var file_headscale_v1_headscale_proto_depIdxs = []int32{
|
||||||
24, // 24: headscale.v1.HeadscaleService.ExpireApiKey:input_type -> headscale.v1.ExpireApiKeyRequest
|
24, // 24: headscale.v1.HeadscaleService.ExpireApiKey:input_type -> headscale.v1.ExpireApiKeyRequest
|
||||||
25, // 25: headscale.v1.HeadscaleService.ListApiKeys:input_type -> headscale.v1.ListApiKeysRequest
|
25, // 25: headscale.v1.HeadscaleService.ListApiKeys:input_type -> headscale.v1.ListApiKeysRequest
|
||||||
26, // 26: headscale.v1.HeadscaleService.DeleteApiKey:input_type -> headscale.v1.DeleteApiKeyRequest
|
26, // 26: headscale.v1.HeadscaleService.DeleteApiKey:input_type -> headscale.v1.DeleteApiKeyRequest
|
||||||
27, // 27: headscale.v1.HeadscaleService.GetUser:output_type -> headscale.v1.GetUserResponse
|
27, // 27: headscale.v1.HeadscaleService.GetPolicy:input_type -> headscale.v1.GetPolicyRequest
|
||||||
28, // 28: headscale.v1.HeadscaleService.CreateUser:output_type -> headscale.v1.CreateUserResponse
|
28, // 28: headscale.v1.HeadscaleService.SetPolicy:input_type -> headscale.v1.SetPolicyRequest
|
||||||
29, // 29: headscale.v1.HeadscaleService.RenameUser:output_type -> headscale.v1.RenameUserResponse
|
29, // 29: headscale.v1.HeadscaleService.GetUser:output_type -> headscale.v1.GetUserResponse
|
||||||
30, // 30: headscale.v1.HeadscaleService.DeleteUser:output_type -> headscale.v1.DeleteUserResponse
|
30, // 30: headscale.v1.HeadscaleService.CreateUser:output_type -> headscale.v1.CreateUserResponse
|
||||||
31, // 31: headscale.v1.HeadscaleService.ListUsers:output_type -> headscale.v1.ListUsersResponse
|
31, // 31: headscale.v1.HeadscaleService.RenameUser:output_type -> headscale.v1.RenameUserResponse
|
||||||
32, // 32: headscale.v1.HeadscaleService.CreatePreAuthKey:output_type -> headscale.v1.CreatePreAuthKeyResponse
|
32, // 32: headscale.v1.HeadscaleService.DeleteUser:output_type -> headscale.v1.DeleteUserResponse
|
||||||
33, // 33: headscale.v1.HeadscaleService.ExpirePreAuthKey:output_type -> headscale.v1.ExpirePreAuthKeyResponse
|
33, // 33: headscale.v1.HeadscaleService.ListUsers:output_type -> headscale.v1.ListUsersResponse
|
||||||
34, // 34: headscale.v1.HeadscaleService.ListPreAuthKeys:output_type -> headscale.v1.ListPreAuthKeysResponse
|
34, // 34: headscale.v1.HeadscaleService.CreatePreAuthKey:output_type -> headscale.v1.CreatePreAuthKeyResponse
|
||||||
35, // 35: headscale.v1.HeadscaleService.DebugCreateNode:output_type -> headscale.v1.DebugCreateNodeResponse
|
35, // 35: headscale.v1.HeadscaleService.ExpirePreAuthKey:output_type -> headscale.v1.ExpirePreAuthKeyResponse
|
||||||
36, // 36: headscale.v1.HeadscaleService.GetNode:output_type -> headscale.v1.GetNodeResponse
|
36, // 36: headscale.v1.HeadscaleService.ListPreAuthKeys:output_type -> headscale.v1.ListPreAuthKeysResponse
|
||||||
37, // 37: headscale.v1.HeadscaleService.SetTags:output_type -> headscale.v1.SetTagsResponse
|
37, // 37: headscale.v1.HeadscaleService.DebugCreateNode:output_type -> headscale.v1.DebugCreateNodeResponse
|
||||||
38, // 38: headscale.v1.HeadscaleService.RegisterNode:output_type -> headscale.v1.RegisterNodeResponse
|
38, // 38: headscale.v1.HeadscaleService.GetNode:output_type -> headscale.v1.GetNodeResponse
|
||||||
39, // 39: headscale.v1.HeadscaleService.DeleteNode:output_type -> headscale.v1.DeleteNodeResponse
|
39, // 39: headscale.v1.HeadscaleService.SetTags:output_type -> headscale.v1.SetTagsResponse
|
||||||
40, // 40: headscale.v1.HeadscaleService.ExpireNode:output_type -> headscale.v1.ExpireNodeResponse
|
40, // 40: headscale.v1.HeadscaleService.RegisterNode:output_type -> headscale.v1.RegisterNodeResponse
|
||||||
41, // 41: headscale.v1.HeadscaleService.RenameNode:output_type -> headscale.v1.RenameNodeResponse
|
41, // 41: headscale.v1.HeadscaleService.DeleteNode:output_type -> headscale.v1.DeleteNodeResponse
|
||||||
42, // 42: headscale.v1.HeadscaleService.ListNodes:output_type -> headscale.v1.ListNodesResponse
|
42, // 42: headscale.v1.HeadscaleService.ExpireNode:output_type -> headscale.v1.ExpireNodeResponse
|
||||||
43, // 43: headscale.v1.HeadscaleService.MoveNode:output_type -> headscale.v1.MoveNodeResponse
|
43, // 43: headscale.v1.HeadscaleService.RenameNode:output_type -> headscale.v1.RenameNodeResponse
|
||||||
44, // 44: headscale.v1.HeadscaleService.BackfillNodeIPs:output_type -> headscale.v1.BackfillNodeIPsResponse
|
44, // 44: headscale.v1.HeadscaleService.ListNodes:output_type -> headscale.v1.ListNodesResponse
|
||||||
45, // 45: headscale.v1.HeadscaleService.GetRoutes:output_type -> headscale.v1.GetRoutesResponse
|
45, // 45: headscale.v1.HeadscaleService.MoveNode:output_type -> headscale.v1.MoveNodeResponse
|
||||||
46, // 46: headscale.v1.HeadscaleService.EnableRoute:output_type -> headscale.v1.EnableRouteResponse
|
46, // 46: headscale.v1.HeadscaleService.BackfillNodeIPs:output_type -> headscale.v1.BackfillNodeIPsResponse
|
||||||
47, // 47: headscale.v1.HeadscaleService.DisableRoute:output_type -> headscale.v1.DisableRouteResponse
|
47, // 47: headscale.v1.HeadscaleService.GetRoutes:output_type -> headscale.v1.GetRoutesResponse
|
||||||
48, // 48: headscale.v1.HeadscaleService.GetNodeRoutes:output_type -> headscale.v1.GetNodeRoutesResponse
|
48, // 48: headscale.v1.HeadscaleService.EnableRoute:output_type -> headscale.v1.EnableRouteResponse
|
||||||
49, // 49: headscale.v1.HeadscaleService.DeleteRoute:output_type -> headscale.v1.DeleteRouteResponse
|
49, // 49: headscale.v1.HeadscaleService.DisableRoute:output_type -> headscale.v1.DisableRouteResponse
|
||||||
50, // 50: headscale.v1.HeadscaleService.CreateApiKey:output_type -> headscale.v1.CreateApiKeyResponse
|
50, // 50: headscale.v1.HeadscaleService.GetNodeRoutes:output_type -> headscale.v1.GetNodeRoutesResponse
|
||||||
51, // 51: headscale.v1.HeadscaleService.ExpireApiKey:output_type -> headscale.v1.ExpireApiKeyResponse
|
51, // 51: headscale.v1.HeadscaleService.DeleteRoute:output_type -> headscale.v1.DeleteRouteResponse
|
||||||
52, // 52: headscale.v1.HeadscaleService.ListApiKeys:output_type -> headscale.v1.ListApiKeysResponse
|
52, // 52: headscale.v1.HeadscaleService.CreateApiKey:output_type -> headscale.v1.CreateApiKeyResponse
|
||||||
53, // 53: headscale.v1.HeadscaleService.DeleteApiKey:output_type -> headscale.v1.DeleteApiKeyResponse
|
53, // 53: headscale.v1.HeadscaleService.ExpireApiKey:output_type -> headscale.v1.ExpireApiKeyResponse
|
||||||
27, // [27:54] is the sub-list for method output_type
|
54, // 54: headscale.v1.HeadscaleService.ListApiKeys:output_type -> headscale.v1.ListApiKeysResponse
|
||||||
0, // [0:27] is the sub-list for method input_type
|
55, // 55: headscale.v1.HeadscaleService.DeleteApiKey:output_type -> headscale.v1.DeleteApiKeyResponse
|
||||||
|
56, // 56: headscale.v1.HeadscaleService.GetPolicy:output_type -> headscale.v1.GetPolicyResponse
|
||||||
|
57, // 57: headscale.v1.HeadscaleService.SetPolicy:output_type -> headscale.v1.SetPolicyResponse
|
||||||
|
29, // [29:58] is the sub-list for method output_type
|
||||||
|
0, // [0:29] is the sub-list for method input_type
|
||||||
0, // [0:0] is the sub-list for extension type_name
|
0, // [0:0] is the sub-list for extension type_name
|
||||||
0, // [0:0] is the sub-list for extension extendee
|
0, // [0:0] is the sub-list for extension extendee
|
||||||
0, // [0:0] is the sub-list for field type_name
|
0, // [0:0] is the sub-list for field type_name
|
||||||
|
@ -370,6 +393,7 @@ func file_headscale_v1_headscale_proto_init() {
|
||||||
file_headscale_v1_node_proto_init()
|
file_headscale_v1_node_proto_init()
|
||||||
file_headscale_v1_routes_proto_init()
|
file_headscale_v1_routes_proto_init()
|
||||||
file_headscale_v1_apikey_proto_init()
|
file_headscale_v1_apikey_proto_init()
|
||||||
|
file_headscale_v1_policy_proto_init()
|
||||||
type x struct{}
|
type x struct{}
|
||||||
out := protoimpl.TypeBuilder{
|
out := protoimpl.TypeBuilder{
|
||||||
File: protoimpl.DescBuilder{
|
File: protoimpl.DescBuilder{
|
||||||
|
|
|
@ -725,14 +725,14 @@ func local_request_HeadscaleService_ListNodes_0(ctx context.Context, marshaler r
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
|
||||||
filter_HeadscaleService_MoveNode_0 = &utilities.DoubleArray{Encoding: map[string]int{"node_id": 0}, Base: []int{1, 1, 0}, Check: []int{0, 1, 2}}
|
|
||||||
)
|
|
||||||
|
|
||||||
func request_HeadscaleService_MoveNode_0(ctx context.Context, marshaler runtime.Marshaler, client HeadscaleServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
func request_HeadscaleService_MoveNode_0(ctx context.Context, marshaler runtime.Marshaler, client HeadscaleServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
||||||
var protoReq MoveNodeRequest
|
var protoReq MoveNodeRequest
|
||||||
var metadata runtime.ServerMetadata
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil && err != io.EOF {
|
||||||
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
val string
|
val string
|
||||||
ok bool
|
ok bool
|
||||||
|
@ -750,13 +750,6 @@ func request_HeadscaleService_MoveNode_0(ctx context.Context, marshaler runtime.
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "node_id", err)
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "node_id", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := req.ParseForm(); err != nil {
|
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
|
||||||
}
|
|
||||||
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_HeadscaleService_MoveNode_0); err != nil {
|
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
msg, err := client.MoveNode(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
|
msg, err := client.MoveNode(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
|
||||||
return msg, metadata, err
|
return msg, metadata, err
|
||||||
|
|
||||||
|
@ -766,6 +759,10 @@ func local_request_HeadscaleService_MoveNode_0(ctx context.Context, marshaler ru
|
||||||
var protoReq MoveNodeRequest
|
var protoReq MoveNodeRequest
|
||||||
var metadata runtime.ServerMetadata
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil && err != io.EOF {
|
||||||
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
||||||
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
val string
|
val string
|
||||||
ok bool
|
ok bool
|
||||||
|
@ -783,13 +780,6 @@ func local_request_HeadscaleService_MoveNode_0(ctx context.Context, marshaler ru
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "node_id", err)
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "node_id", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := req.ParseForm(); err != nil {
|
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
|
||||||
}
|
|
||||||
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_HeadscaleService_MoveNode_0); err != nil {
|
|
||||||
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
msg, err := server.MoveNode(ctx, &protoReq)
|
msg, err := server.MoveNode(ctx, &protoReq)
|
||||||
return msg, metadata, err
|
return msg, metadata, err
|
||||||
|
|
||||||
|
@ -1179,10 +1169,55 @@ func local_request_HeadscaleService_DeleteApiKey_0(ctx context.Context, marshale
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func request_HeadscaleService_GetPolicy_0(ctx context.Context, marshaler runtime.Marshaler, client HeadscaleServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
||||||
|
var protoReq GetPolicyRequest
|
||||||
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
msg, err := client.GetPolicy(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
|
||||||
|
return msg, metadata, err
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func local_request_HeadscaleService_GetPolicy_0(ctx context.Context, marshaler runtime.Marshaler, server HeadscaleServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
||||||
|
var protoReq GetPolicyRequest
|
||||||
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
msg, err := server.GetPolicy(ctx, &protoReq)
|
||||||
|
return msg, metadata, err
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func request_HeadscaleService_SetPolicy_0(ctx context.Context, marshaler runtime.Marshaler, client HeadscaleServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
||||||
|
var protoReq SetPolicyRequest
|
||||||
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil && err != io.EOF {
|
||||||
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
msg, err := client.SetPolicy(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
|
||||||
|
return msg, metadata, err
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func local_request_HeadscaleService_SetPolicy_0(ctx context.Context, marshaler runtime.Marshaler, server HeadscaleServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
|
||||||
|
var protoReq SetPolicyRequest
|
||||||
|
var metadata runtime.ServerMetadata
|
||||||
|
|
||||||
|
if err := marshaler.NewDecoder(req.Body).Decode(&protoReq); err != nil && err != io.EOF {
|
||||||
|
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
msg, err := server.SetPolicy(ctx, &protoReq)
|
||||||
|
return msg, metadata, err
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// RegisterHeadscaleServiceHandlerServer registers the http handlers for service HeadscaleService to "mux".
|
// RegisterHeadscaleServiceHandlerServer registers the http handlers for service HeadscaleService to "mux".
|
||||||
// UnaryRPC :call HeadscaleServiceServer directly.
|
// UnaryRPC :call HeadscaleServiceServer directly.
|
||||||
// StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906.
|
// StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906.
|
||||||
// Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterHeadscaleServiceHandlerFromEndpoint instead.
|
// Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterHeadscaleServiceHandlerFromEndpoint instead.
|
||||||
|
// GRPC interceptors will not work for this type of registration. To use interceptors, you must use the "runtime.WithMiddlewares" option in the "runtime.NewServeMux" call.
|
||||||
func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server HeadscaleServiceServer) error {
|
func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.ServeMux, server HeadscaleServiceServer) error {
|
||||||
|
|
||||||
mux.Handle("GET", pattern_HeadscaleService_GetUser_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
mux.Handle("GET", pattern_HeadscaleService_GetUser_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
@ -1860,27 +1895,77 @@ func RegisterHeadscaleServiceHandlerServer(ctx context.Context, mux *runtime.Ser
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
|
mux.Handle("GET", pattern_HeadscaleService_GetPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
ctx, cancel := context.WithCancel(req.Context())
|
||||||
|
defer cancel()
|
||||||
|
var stream runtime.ServerTransportStream
|
||||||
|
ctx = grpc.NewContextWithServerTransportStream(ctx, &stream)
|
||||||
|
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
|
||||||
|
var err error
|
||||||
|
var annotatedContext context.Context
|
||||||
|
annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetPolicy", runtime.WithHTTPPathPattern("/api/v1/policy"))
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
resp, md, err := local_request_HeadscaleService_GetPolicy_0(annotatedContext, inboundMarshaler, server, req, pathParams)
|
||||||
|
md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer())
|
||||||
|
annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md)
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
forward_HeadscaleService_GetPolicy_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
|
||||||
|
|
||||||
|
})
|
||||||
|
|
||||||
|
mux.Handle("PUT", pattern_HeadscaleService_SetPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
ctx, cancel := context.WithCancel(req.Context())
|
||||||
|
defer cancel()
|
||||||
|
var stream runtime.ServerTransportStream
|
||||||
|
ctx = grpc.NewContextWithServerTransportStream(ctx, &stream)
|
||||||
|
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
|
||||||
|
var err error
|
||||||
|
var annotatedContext context.Context
|
||||||
|
annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetPolicy", runtime.WithHTTPPathPattern("/api/v1/policy"))
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
resp, md, err := local_request_HeadscaleService_SetPolicy_0(annotatedContext, inboundMarshaler, server, req, pathParams)
|
||||||
|
md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer())
|
||||||
|
annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md)
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
forward_HeadscaleService_SetPolicy_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
|
||||||
|
|
||||||
|
})
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// RegisterHeadscaleServiceHandlerFromEndpoint is same as RegisterHeadscaleServiceHandler but
|
// RegisterHeadscaleServiceHandlerFromEndpoint is same as RegisterHeadscaleServiceHandler but
|
||||||
// automatically dials to "endpoint" and closes the connection when "ctx" gets done.
|
// automatically dials to "endpoint" and closes the connection when "ctx" gets done.
|
||||||
func RegisterHeadscaleServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error) {
|
func RegisterHeadscaleServiceHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error) {
|
||||||
conn, err := grpc.DialContext(ctx, endpoint, opts...)
|
conn, err := grpc.NewClient(endpoint, opts...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
defer func() {
|
defer func() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if cerr := conn.Close(); cerr != nil {
|
if cerr := conn.Close(); cerr != nil {
|
||||||
grpclog.Infof("Failed to close conn to %s: %v", endpoint, cerr)
|
grpclog.Errorf("Failed to close conn to %s: %v", endpoint, cerr)
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
go func() {
|
go func() {
|
||||||
<-ctx.Done()
|
<-ctx.Done()
|
||||||
if cerr := conn.Close(); cerr != nil {
|
if cerr := conn.Close(); cerr != nil {
|
||||||
grpclog.Infof("Failed to close conn to %s: %v", endpoint, cerr)
|
grpclog.Errorf("Failed to close conn to %s: %v", endpoint, cerr)
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
}()
|
}()
|
||||||
|
@ -1898,7 +1983,7 @@ func RegisterHeadscaleServiceHandler(ctx context.Context, mux *runtime.ServeMux,
|
||||||
// to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "HeadscaleServiceClient".
|
// to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "HeadscaleServiceClient".
|
||||||
// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "HeadscaleServiceClient"
|
// Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "HeadscaleServiceClient"
|
||||||
// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
|
// doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in
|
||||||
// "HeadscaleServiceClient" to call the correct interceptors.
|
// "HeadscaleServiceClient" to call the correct interceptors. This client ignores the HTTP middlewares.
|
||||||
func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client HeadscaleServiceClient) error {
|
func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.ServeMux, client HeadscaleServiceClient) error {
|
||||||
|
|
||||||
mux.Handle("GET", pattern_HeadscaleService_GetUser_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
mux.Handle("GET", pattern_HeadscaleService_GetUser_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
@ -2495,6 +2580,50 @@ func RegisterHeadscaleServiceHandlerClient(ctx context.Context, mux *runtime.Ser
|
||||||
|
|
||||||
})
|
})
|
||||||
|
|
||||||
|
mux.Handle("GET", pattern_HeadscaleService_GetPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
ctx, cancel := context.WithCancel(req.Context())
|
||||||
|
defer cancel()
|
||||||
|
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
|
||||||
|
var err error
|
||||||
|
var annotatedContext context.Context
|
||||||
|
annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/GetPolicy", runtime.WithHTTPPathPattern("/api/v1/policy"))
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
resp, md, err := request_HeadscaleService_GetPolicy_0(annotatedContext, inboundMarshaler, client, req, pathParams)
|
||||||
|
annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md)
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
forward_HeadscaleService_GetPolicy_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
|
||||||
|
|
||||||
|
})
|
||||||
|
|
||||||
|
mux.Handle("PUT", pattern_HeadscaleService_SetPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
|
||||||
|
ctx, cancel := context.WithCancel(req.Context())
|
||||||
|
defer cancel()
|
||||||
|
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
|
||||||
|
var err error
|
||||||
|
var annotatedContext context.Context
|
||||||
|
annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/headscale.v1.HeadscaleService/SetPolicy", runtime.WithHTTPPathPattern("/api/v1/policy"))
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
resp, md, err := request_HeadscaleService_SetPolicy_0(annotatedContext, inboundMarshaler, client, req, pathParams)
|
||||||
|
annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md)
|
||||||
|
if err != nil {
|
||||||
|
runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
forward_HeadscaleService_SetPolicy_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
|
||||||
|
|
||||||
|
})
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2552,6 +2681,10 @@ var (
|
||||||
pattern_HeadscaleService_ListApiKeys_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"api", "v1", "apikey"}, ""))
|
pattern_HeadscaleService_ListApiKeys_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"api", "v1", "apikey"}, ""))
|
||||||
|
|
||||||
pattern_HeadscaleService_DeleteApiKey_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3}, []string{"api", "v1", "apikey", "prefix"}, ""))
|
pattern_HeadscaleService_DeleteApiKey_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3}, []string{"api", "v1", "apikey", "prefix"}, ""))
|
||||||
|
|
||||||
|
pattern_HeadscaleService_GetPolicy_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"api", "v1", "policy"}, ""))
|
||||||
|
|
||||||
|
pattern_HeadscaleService_SetPolicy_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"api", "v1", "policy"}, ""))
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -2608,4 +2741,8 @@ var (
|
||||||
forward_HeadscaleService_ListApiKeys_0 = runtime.ForwardResponseMessage
|
forward_HeadscaleService_ListApiKeys_0 = runtime.ForwardResponseMessage
|
||||||
|
|
||||||
forward_HeadscaleService_DeleteApiKey_0 = runtime.ForwardResponseMessage
|
forward_HeadscaleService_DeleteApiKey_0 = runtime.ForwardResponseMessage
|
||||||
|
|
||||||
|
forward_HeadscaleService_GetPolicy_0 = runtime.ForwardResponseMessage
|
||||||
|
|
||||||
|
forward_HeadscaleService_SetPolicy_0 = runtime.ForwardResponseMessage
|
||||||
)
|
)
|
||||||
|
|
|
@ -46,6 +46,8 @@ const (
|
||||||
HeadscaleService_ExpireApiKey_FullMethodName = "/headscale.v1.HeadscaleService/ExpireApiKey"
|
HeadscaleService_ExpireApiKey_FullMethodName = "/headscale.v1.HeadscaleService/ExpireApiKey"
|
||||||
HeadscaleService_ListApiKeys_FullMethodName = "/headscale.v1.HeadscaleService/ListApiKeys"
|
HeadscaleService_ListApiKeys_FullMethodName = "/headscale.v1.HeadscaleService/ListApiKeys"
|
||||||
HeadscaleService_DeleteApiKey_FullMethodName = "/headscale.v1.HeadscaleService/DeleteApiKey"
|
HeadscaleService_DeleteApiKey_FullMethodName = "/headscale.v1.HeadscaleService/DeleteApiKey"
|
||||||
|
HeadscaleService_GetPolicy_FullMethodName = "/headscale.v1.HeadscaleService/GetPolicy"
|
||||||
|
HeadscaleService_SetPolicy_FullMethodName = "/headscale.v1.HeadscaleService/SetPolicy"
|
||||||
)
|
)
|
||||||
|
|
||||||
// HeadscaleServiceClient is the client API for HeadscaleService service.
|
// HeadscaleServiceClient is the client API for HeadscaleService service.
|
||||||
|
@ -84,6 +86,9 @@ type HeadscaleServiceClient interface {
|
||||||
ExpireApiKey(ctx context.Context, in *ExpireApiKeyRequest, opts ...grpc.CallOption) (*ExpireApiKeyResponse, error)
|
ExpireApiKey(ctx context.Context, in *ExpireApiKeyRequest, opts ...grpc.CallOption) (*ExpireApiKeyResponse, error)
|
||||||
ListApiKeys(ctx context.Context, in *ListApiKeysRequest, opts ...grpc.CallOption) (*ListApiKeysResponse, error)
|
ListApiKeys(ctx context.Context, in *ListApiKeysRequest, opts ...grpc.CallOption) (*ListApiKeysResponse, error)
|
||||||
DeleteApiKey(ctx context.Context, in *DeleteApiKeyRequest, opts ...grpc.CallOption) (*DeleteApiKeyResponse, error)
|
DeleteApiKey(ctx context.Context, in *DeleteApiKeyRequest, opts ...grpc.CallOption) (*DeleteApiKeyResponse, error)
|
||||||
|
// --- Policy start ---
|
||||||
|
GetPolicy(ctx context.Context, in *GetPolicyRequest, opts ...grpc.CallOption) (*GetPolicyResponse, error)
|
||||||
|
SetPolicy(ctx context.Context, in *SetPolicyRequest, opts ...grpc.CallOption) (*SetPolicyResponse, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type headscaleServiceClient struct {
|
type headscaleServiceClient struct {
|
||||||
|
@ -337,6 +342,24 @@ func (c *headscaleServiceClient) DeleteApiKey(ctx context.Context, in *DeleteApi
|
||||||
return out, nil
|
return out, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *headscaleServiceClient) GetPolicy(ctx context.Context, in *GetPolicyRequest, opts ...grpc.CallOption) (*GetPolicyResponse, error) {
|
||||||
|
out := new(GetPolicyResponse)
|
||||||
|
err := c.cc.Invoke(ctx, HeadscaleService_GetPolicy_FullMethodName, in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *headscaleServiceClient) SetPolicy(ctx context.Context, in *SetPolicyRequest, opts ...grpc.CallOption) (*SetPolicyResponse, error) {
|
||||||
|
out := new(SetPolicyResponse)
|
||||||
|
err := c.cc.Invoke(ctx, HeadscaleService_SetPolicy_FullMethodName, in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
// HeadscaleServiceServer is the server API for HeadscaleService service.
|
// HeadscaleServiceServer is the server API for HeadscaleService service.
|
||||||
// All implementations must embed UnimplementedHeadscaleServiceServer
|
// All implementations must embed UnimplementedHeadscaleServiceServer
|
||||||
// for forward compatibility
|
// for forward compatibility
|
||||||
|
@ -373,6 +396,9 @@ type HeadscaleServiceServer interface {
|
||||||
ExpireApiKey(context.Context, *ExpireApiKeyRequest) (*ExpireApiKeyResponse, error)
|
ExpireApiKey(context.Context, *ExpireApiKeyRequest) (*ExpireApiKeyResponse, error)
|
||||||
ListApiKeys(context.Context, *ListApiKeysRequest) (*ListApiKeysResponse, error)
|
ListApiKeys(context.Context, *ListApiKeysRequest) (*ListApiKeysResponse, error)
|
||||||
DeleteApiKey(context.Context, *DeleteApiKeyRequest) (*DeleteApiKeyResponse, error)
|
DeleteApiKey(context.Context, *DeleteApiKeyRequest) (*DeleteApiKeyResponse, error)
|
||||||
|
// --- Policy start ---
|
||||||
|
GetPolicy(context.Context, *GetPolicyRequest) (*GetPolicyResponse, error)
|
||||||
|
SetPolicy(context.Context, *SetPolicyRequest) (*SetPolicyResponse, error)
|
||||||
mustEmbedUnimplementedHeadscaleServiceServer()
|
mustEmbedUnimplementedHeadscaleServiceServer()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -461,6 +487,12 @@ func (UnimplementedHeadscaleServiceServer) ListApiKeys(context.Context, *ListApi
|
||||||
func (UnimplementedHeadscaleServiceServer) DeleteApiKey(context.Context, *DeleteApiKeyRequest) (*DeleteApiKeyResponse, error) {
|
func (UnimplementedHeadscaleServiceServer) DeleteApiKey(context.Context, *DeleteApiKeyRequest) (*DeleteApiKeyResponse, error) {
|
||||||
return nil, status.Errorf(codes.Unimplemented, "method DeleteApiKey not implemented")
|
return nil, status.Errorf(codes.Unimplemented, "method DeleteApiKey not implemented")
|
||||||
}
|
}
|
||||||
|
func (UnimplementedHeadscaleServiceServer) GetPolicy(context.Context, *GetPolicyRequest) (*GetPolicyResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method GetPolicy not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedHeadscaleServiceServer) SetPolicy(context.Context, *SetPolicyRequest) (*SetPolicyResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method SetPolicy not implemented")
|
||||||
|
}
|
||||||
func (UnimplementedHeadscaleServiceServer) mustEmbedUnimplementedHeadscaleServiceServer() {}
|
func (UnimplementedHeadscaleServiceServer) mustEmbedUnimplementedHeadscaleServiceServer() {}
|
||||||
|
|
||||||
// UnsafeHeadscaleServiceServer may be embedded to opt out of forward compatibility for this service.
|
// UnsafeHeadscaleServiceServer may be embedded to opt out of forward compatibility for this service.
|
||||||
|
@ -960,6 +992,42 @@ func _HeadscaleService_DeleteApiKey_Handler(srv interface{}, ctx context.Context
|
||||||
return interceptor(ctx, in, info, handler)
|
return interceptor(ctx, in, info, handler)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func _HeadscaleService_GetPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(GetPolicyRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(HeadscaleServiceServer).GetPolicy(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: HeadscaleService_GetPolicy_FullMethodName,
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(HeadscaleServiceServer).GetPolicy(ctx, req.(*GetPolicyRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _HeadscaleService_SetPolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(SetPolicyRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(HeadscaleServiceServer).SetPolicy(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: HeadscaleService_SetPolicy_FullMethodName,
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(HeadscaleServiceServer).SetPolicy(ctx, req.(*SetPolicyRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
// HeadscaleService_ServiceDesc is the grpc.ServiceDesc for HeadscaleService service.
|
// HeadscaleService_ServiceDesc is the grpc.ServiceDesc for HeadscaleService service.
|
||||||
// It's only intended for direct use with grpc.RegisterService,
|
// It's only intended for direct use with grpc.RegisterService,
|
||||||
// and not to be introspected or modified (even as a copy)
|
// and not to be introspected or modified (even as a copy)
|
||||||
|
@ -1075,6 +1143,14 @@ var HeadscaleService_ServiceDesc = grpc.ServiceDesc{
|
||||||
MethodName: "DeleteApiKey",
|
MethodName: "DeleteApiKey",
|
||||||
Handler: _HeadscaleService_DeleteApiKey_Handler,
|
Handler: _HeadscaleService_DeleteApiKey_Handler,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
MethodName: "GetPolicy",
|
||||||
|
Handler: _HeadscaleService_GetPolicy_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "SetPolicy",
|
||||||
|
Handler: _HeadscaleService_SetPolicy_Handler,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
Streams: []grpc.StreamDesc{},
|
Streams: []grpc.StreamDesc{},
|
||||||
Metadata: "headscale/v1/headscale.proto",
|
Metadata: "headscale/v1/headscale.proto",
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/node.proto
|
// source: headscale/v1/node.proto
|
||||||
|
|
||||||
|
@ -1389,7 +1389,7 @@ func file_headscale_v1_node_proto_rawDescGZIP() []byte {
|
||||||
|
|
||||||
var file_headscale_v1_node_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
var file_headscale_v1_node_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
||||||
var file_headscale_v1_node_proto_msgTypes = make([]protoimpl.MessageInfo, 21)
|
var file_headscale_v1_node_proto_msgTypes = make([]protoimpl.MessageInfo, 21)
|
||||||
var file_headscale_v1_node_proto_goTypes = []interface{}{
|
var file_headscale_v1_node_proto_goTypes = []any{
|
||||||
(RegisterMethod)(0), // 0: headscale.v1.RegisterMethod
|
(RegisterMethod)(0), // 0: headscale.v1.RegisterMethod
|
||||||
(*Node)(nil), // 1: headscale.v1.Node
|
(*Node)(nil), // 1: headscale.v1.Node
|
||||||
(*RegisterNodeRequest)(nil), // 2: headscale.v1.RegisterNodeRequest
|
(*RegisterNodeRequest)(nil), // 2: headscale.v1.RegisterNodeRequest
|
||||||
|
@ -1446,7 +1446,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
file_headscale_v1_preauthkey_proto_init()
|
file_headscale_v1_preauthkey_proto_init()
|
||||||
file_headscale_v1_user_proto_init()
|
file_headscale_v1_user_proto_init()
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_node_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*Node); i {
|
switch v := v.(*Node); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1458,7 +1458,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RegisterNodeRequest); i {
|
switch v := v.(*RegisterNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1470,7 +1470,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RegisterNodeResponse); i {
|
switch v := v.(*RegisterNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1482,7 +1482,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetNodeRequest); i {
|
switch v := v.(*GetNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1494,7 +1494,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetNodeResponse); i {
|
switch v := v.(*GetNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1506,7 +1506,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*SetTagsRequest); i {
|
switch v := v.(*SetTagsRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1518,7 +1518,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*SetTagsResponse); i {
|
switch v := v.(*SetTagsResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1530,7 +1530,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[7].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteNodeRequest); i {
|
switch v := v.(*DeleteNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1542,7 +1542,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[8].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteNodeResponse); i {
|
switch v := v.(*DeleteNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1554,7 +1554,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[9].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpireNodeRequest); i {
|
switch v := v.(*ExpireNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1566,7 +1566,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[10].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpireNodeResponse); i {
|
switch v := v.(*ExpireNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1578,7 +1578,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[11].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RenameNodeRequest); i {
|
switch v := v.(*RenameNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1590,7 +1590,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[12].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RenameNodeResponse); i {
|
switch v := v.(*RenameNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1602,7 +1602,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[13].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListNodesRequest); i {
|
switch v := v.(*ListNodesRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1614,7 +1614,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[14].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListNodesResponse); i {
|
switch v := v.(*ListNodesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1626,7 +1626,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[15].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*MoveNodeRequest); i {
|
switch v := v.(*MoveNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1638,7 +1638,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[16].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*MoveNodeResponse); i {
|
switch v := v.(*MoveNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1650,7 +1650,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[17].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DebugCreateNodeRequest); i {
|
switch v := v.(*DebugCreateNodeRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1662,7 +1662,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[18].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DebugCreateNodeResponse); i {
|
switch v := v.(*DebugCreateNodeResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1674,7 +1674,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[19].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*BackfillNodeIPsRequest); i {
|
switch v := v.(*BackfillNodeIPsRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -1686,7 +1686,7 @@ func file_headscale_v1_node_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_node_proto_msgTypes[20].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*BackfillNodeIPsResponse); i {
|
switch v := v.(*BackfillNodeIPsResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
352
gen/go/headscale/v1/policy.pb.go
Normal file
352
gen/go/headscale/v1/policy.pb.go
Normal file
|
@ -0,0 +1,352 @@
|
||||||
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
|
// versions:
|
||||||
|
// protoc-gen-go v1.34.2
|
||||||
|
// protoc (unknown)
|
||||||
|
// source: headscale/v1/policy.proto
|
||||||
|
|
||||||
|
package v1
|
||||||
|
|
||||||
|
import (
|
||||||
|
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
||||||
|
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
||||||
|
timestamppb "google.golang.org/protobuf/types/known/timestamppb"
|
||||||
|
reflect "reflect"
|
||||||
|
sync "sync"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// Verify that this generated code is sufficiently up-to-date.
|
||||||
|
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
||||||
|
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
||||||
|
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
||||||
|
)
|
||||||
|
|
||||||
|
type SetPolicyRequest struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Policy string `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyRequest) Reset() {
|
||||||
|
*x = SetPolicyRequest{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[0]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyRequest) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*SetPolicyRequest) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *SetPolicyRequest) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[0]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use SetPolicyRequest.ProtoReflect.Descriptor instead.
|
||||||
|
func (*SetPolicyRequest) Descriptor() ([]byte, []int) {
|
||||||
|
return file_headscale_v1_policy_proto_rawDescGZIP(), []int{0}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyRequest) GetPolicy() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Policy
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
type SetPolicyResponse struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Policy string `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
|
||||||
|
UpdatedAt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyResponse) Reset() {
|
||||||
|
*x = SetPolicyResponse{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[1]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyResponse) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*SetPolicyResponse) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *SetPolicyResponse) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[1]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use SetPolicyResponse.ProtoReflect.Descriptor instead.
|
||||||
|
func (*SetPolicyResponse) Descriptor() ([]byte, []int) {
|
||||||
|
return file_headscale_v1_policy_proto_rawDescGZIP(), []int{1}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyResponse) GetPolicy() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Policy
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *SetPolicyResponse) GetUpdatedAt() *timestamppb.Timestamp {
|
||||||
|
if x != nil {
|
||||||
|
return x.UpdatedAt
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
type GetPolicyRequest struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyRequest) Reset() {
|
||||||
|
*x = GetPolicyRequest{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[2]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyRequest) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*GetPolicyRequest) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *GetPolicyRequest) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[2]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use GetPolicyRequest.ProtoReflect.Descriptor instead.
|
||||||
|
func (*GetPolicyRequest) Descriptor() ([]byte, []int) {
|
||||||
|
return file_headscale_v1_policy_proto_rawDescGZIP(), []int{2}
|
||||||
|
}
|
||||||
|
|
||||||
|
type GetPolicyResponse struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Policy string `protobuf:"bytes,1,opt,name=policy,proto3" json:"policy,omitempty"`
|
||||||
|
UpdatedAt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyResponse) Reset() {
|
||||||
|
*x = GetPolicyResponse{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[3]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyResponse) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*GetPolicyResponse) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *GetPolicyResponse) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_headscale_v1_policy_proto_msgTypes[3]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use GetPolicyResponse.ProtoReflect.Descriptor instead.
|
||||||
|
func (*GetPolicyResponse) Descriptor() ([]byte, []int) {
|
||||||
|
return file_headscale_v1_policy_proto_rawDescGZIP(), []int{3}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyResponse) GetPolicy() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Policy
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *GetPolicyResponse) GetUpdatedAt() *timestamppb.Timestamp {
|
||||||
|
if x != nil {
|
||||||
|
return x.UpdatedAt
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
var File_headscale_v1_policy_proto protoreflect.FileDescriptor
|
||||||
|
|
||||||
|
var file_headscale_v1_policy_proto_rawDesc = []byte{
|
||||||
|
0x0a, 0x19, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x70,
|
||||||
|
0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x68, 0x65, 0x61,
|
||||||
|
0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
||||||
|
0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73,
|
||||||
|
0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x2a, 0x0a, 0x10, 0x53, 0x65,
|
||||||
|
0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16,
|
||||||
|
0x0a, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06,
|
||||||
|
0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x22, 0x66, 0x0a, 0x11, 0x53, 0x65, 0x74, 0x50, 0x6f, 0x6c,
|
||||||
|
0x69, 0x63, 0x79, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x70,
|
||||||
|
0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x6f, 0x6c,
|
||||||
|
0x69, 0x63, 0x79, 0x12, 0x39, 0x0a, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61,
|
||||||
|
0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
|
||||||
|
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74,
|
||||||
|
0x61, 0x6d, 0x70, 0x52, 0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x22, 0x12,
|
||||||
|
0x0a, 0x10, 0x47, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65,
|
||||||
|
0x73, 0x74, 0x22, 0x66, 0x0a, 0x11, 0x47, 0x65, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52,
|
||||||
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63,
|
||||||
|
0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12,
|
||||||
|
0x39, 0x0a, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x02, 0x20,
|
||||||
|
0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
|
||||||
|
0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52,
|
||||||
|
0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69,
|
||||||
|
0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e,
|
||||||
|
0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f,
|
||||||
|
0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
||||||
|
}
|
||||||
|
|
||||||
|
var (
|
||||||
|
file_headscale_v1_policy_proto_rawDescOnce sync.Once
|
||||||
|
file_headscale_v1_policy_proto_rawDescData = file_headscale_v1_policy_proto_rawDesc
|
||||||
|
)
|
||||||
|
|
||||||
|
func file_headscale_v1_policy_proto_rawDescGZIP() []byte {
|
||||||
|
file_headscale_v1_policy_proto_rawDescOnce.Do(func() {
|
||||||
|
file_headscale_v1_policy_proto_rawDescData = protoimpl.X.CompressGZIP(file_headscale_v1_policy_proto_rawDescData)
|
||||||
|
})
|
||||||
|
return file_headscale_v1_policy_proto_rawDescData
|
||||||
|
}
|
||||||
|
|
||||||
|
var file_headscale_v1_policy_proto_msgTypes = make([]protoimpl.MessageInfo, 4)
|
||||||
|
var file_headscale_v1_policy_proto_goTypes = []any{
|
||||||
|
(*SetPolicyRequest)(nil), // 0: headscale.v1.SetPolicyRequest
|
||||||
|
(*SetPolicyResponse)(nil), // 1: headscale.v1.SetPolicyResponse
|
||||||
|
(*GetPolicyRequest)(nil), // 2: headscale.v1.GetPolicyRequest
|
||||||
|
(*GetPolicyResponse)(nil), // 3: headscale.v1.GetPolicyResponse
|
||||||
|
(*timestamppb.Timestamp)(nil), // 4: google.protobuf.Timestamp
|
||||||
|
}
|
||||||
|
var file_headscale_v1_policy_proto_depIdxs = []int32{
|
||||||
|
4, // 0: headscale.v1.SetPolicyResponse.updated_at:type_name -> google.protobuf.Timestamp
|
||||||
|
4, // 1: headscale.v1.GetPolicyResponse.updated_at:type_name -> google.protobuf.Timestamp
|
||||||
|
2, // [2:2] is the sub-list for method output_type
|
||||||
|
2, // [2:2] is the sub-list for method input_type
|
||||||
|
2, // [2:2] is the sub-list for extension type_name
|
||||||
|
2, // [2:2] is the sub-list for extension extendee
|
||||||
|
0, // [0:2] is the sub-list for field type_name
|
||||||
|
}
|
||||||
|
|
||||||
|
func init() { file_headscale_v1_policy_proto_init() }
|
||||||
|
func file_headscale_v1_policy_proto_init() {
|
||||||
|
if File_headscale_v1_policy_proto != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if !protoimpl.UnsafeEnabled {
|
||||||
|
file_headscale_v1_policy_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
|
switch v := v.(*SetPolicyRequest); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
file_headscale_v1_policy_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
|
switch v := v.(*SetPolicyResponse); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
file_headscale_v1_policy_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
|
switch v := v.(*GetPolicyRequest); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
file_headscale_v1_policy_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
|
switch v := v.(*GetPolicyResponse); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
type x struct{}
|
||||||
|
out := protoimpl.TypeBuilder{
|
||||||
|
File: protoimpl.DescBuilder{
|
||||||
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||||
|
RawDescriptor: file_headscale_v1_policy_proto_rawDesc,
|
||||||
|
NumEnums: 0,
|
||||||
|
NumMessages: 4,
|
||||||
|
NumExtensions: 0,
|
||||||
|
NumServices: 0,
|
||||||
|
},
|
||||||
|
GoTypes: file_headscale_v1_policy_proto_goTypes,
|
||||||
|
DependencyIndexes: file_headscale_v1_policy_proto_depIdxs,
|
||||||
|
MessageInfos: file_headscale_v1_policy_proto_msgTypes,
|
||||||
|
}.Build()
|
||||||
|
File_headscale_v1_policy_proto = out.File
|
||||||
|
file_headscale_v1_policy_proto_rawDesc = nil
|
||||||
|
file_headscale_v1_policy_proto_goTypes = nil
|
||||||
|
file_headscale_v1_policy_proto_depIdxs = nil
|
||||||
|
}
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/preauthkey.proto
|
// source: headscale/v1/preauthkey.proto
|
||||||
|
|
||||||
|
@ -522,7 +522,7 @@ func file_headscale_v1_preauthkey_proto_rawDescGZIP() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_preauthkey_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
|
var file_headscale_v1_preauthkey_proto_msgTypes = make([]protoimpl.MessageInfo, 7)
|
||||||
var file_headscale_v1_preauthkey_proto_goTypes = []interface{}{
|
var file_headscale_v1_preauthkey_proto_goTypes = []any{
|
||||||
(*PreAuthKey)(nil), // 0: headscale.v1.PreAuthKey
|
(*PreAuthKey)(nil), // 0: headscale.v1.PreAuthKey
|
||||||
(*CreatePreAuthKeyRequest)(nil), // 1: headscale.v1.CreatePreAuthKeyRequest
|
(*CreatePreAuthKeyRequest)(nil), // 1: headscale.v1.CreatePreAuthKeyRequest
|
||||||
(*CreatePreAuthKeyResponse)(nil), // 2: headscale.v1.CreatePreAuthKeyResponse
|
(*CreatePreAuthKeyResponse)(nil), // 2: headscale.v1.CreatePreAuthKeyResponse
|
||||||
|
@ -551,7 +551,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*PreAuthKey); i {
|
switch v := v.(*PreAuthKey); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -563,7 +563,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreatePreAuthKeyRequest); i {
|
switch v := v.(*CreatePreAuthKeyRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -575,7 +575,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreatePreAuthKeyResponse); i {
|
switch v := v.(*CreatePreAuthKeyResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -587,7 +587,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpirePreAuthKeyRequest); i {
|
switch v := v.(*ExpirePreAuthKeyRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -599,7 +599,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ExpirePreAuthKeyResponse); i {
|
switch v := v.(*ExpirePreAuthKeyResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -611,7 +611,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListPreAuthKeysRequest); i {
|
switch v := v.(*ListPreAuthKeysRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -623,7 +623,7 @@ func file_headscale_v1_preauthkey_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_preauthkey_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_preauthkey_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListPreAuthKeysResponse); i {
|
switch v := v.(*ListPreAuthKeysResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/routes.proto
|
// source: headscale/v1/routes.proto
|
||||||
|
|
||||||
|
@ -643,7 +643,7 @@ func file_headscale_v1_routes_proto_rawDescGZIP() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_routes_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
|
var file_headscale_v1_routes_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
|
||||||
var file_headscale_v1_routes_proto_goTypes = []interface{}{
|
var file_headscale_v1_routes_proto_goTypes = []any{
|
||||||
(*Route)(nil), // 0: headscale.v1.Route
|
(*Route)(nil), // 0: headscale.v1.Route
|
||||||
(*GetRoutesRequest)(nil), // 1: headscale.v1.GetRoutesRequest
|
(*GetRoutesRequest)(nil), // 1: headscale.v1.GetRoutesRequest
|
||||||
(*GetRoutesResponse)(nil), // 2: headscale.v1.GetRoutesResponse
|
(*GetRoutesResponse)(nil), // 2: headscale.v1.GetRoutesResponse
|
||||||
|
@ -679,7 +679,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
}
|
}
|
||||||
file_headscale_v1_node_proto_init()
|
file_headscale_v1_node_proto_init()
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_routes_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*Route); i {
|
switch v := v.(*Route); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -691,7 +691,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetRoutesRequest); i {
|
switch v := v.(*GetRoutesRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -703,7 +703,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetRoutesResponse); i {
|
switch v := v.(*GetRoutesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -715,7 +715,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*EnableRouteRequest); i {
|
switch v := v.(*EnableRouteRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -727,7 +727,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*EnableRouteResponse); i {
|
switch v := v.(*EnableRouteResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -739,7 +739,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DisableRouteRequest); i {
|
switch v := v.(*DisableRouteRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -751,7 +751,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DisableRouteResponse); i {
|
switch v := v.(*DisableRouteResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -763,7 +763,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[7].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetNodeRoutesRequest); i {
|
switch v := v.(*GetNodeRoutesRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -775,7 +775,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[8].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetNodeRoutesResponse); i {
|
switch v := v.(*GetNodeRoutesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -787,7 +787,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[9].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteRouteRequest); i {
|
switch v := v.(*DeleteRouteRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -799,7 +799,7 @@ func file_headscale_v1_routes_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_routes_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_routes_proto_msgTypes[10].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteRouteResponse); i {
|
switch v := v.(*DeleteRouteResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||||
// versions:
|
// versions:
|
||||||
// protoc-gen-go v1.33.0
|
// protoc-gen-go v1.34.2
|
||||||
// protoc (unknown)
|
// protoc (unknown)
|
||||||
// source: headscale/v1/user.proto
|
// source: headscale/v1/user.proto
|
||||||
|
|
||||||
|
@ -26,9 +26,14 @@ type User struct {
|
||||||
sizeCache protoimpl.SizeCache
|
sizeCache protoimpl.SizeCache
|
||||||
unknownFields protoimpl.UnknownFields
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
|
||||||
Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
|
Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
|
||||||
CreatedAt *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
|
CreatedAt *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
|
||||||
|
DisplayName string `protobuf:"bytes,4,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
|
||||||
|
Email string `protobuf:"bytes,5,opt,name=email,proto3" json:"email,omitempty"`
|
||||||
|
ProviderId string `protobuf:"bytes,6,opt,name=provider_id,json=providerId,proto3" json:"provider_id,omitempty"`
|
||||||
|
Provider string `protobuf:"bytes,7,opt,name=provider,proto3" json:"provider,omitempty"`
|
||||||
|
ProfilePicUrl string `protobuf:"bytes,8,opt,name=profile_pic_url,json=profilePicUrl,proto3" json:"profile_pic_url,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (x *User) Reset() {
|
func (x *User) Reset() {
|
||||||
|
@ -84,6 +89,41 @@ func (x *User) GetCreatedAt() *timestamppb.Timestamp {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (x *User) GetDisplayName() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.DisplayName
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *User) GetEmail() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Email
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *User) GetProviderId() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.ProviderId
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *User) GetProvider() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Provider
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *User) GetProfilePicUrl() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.ProfilePicUrl
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
type GetUserRequest struct {
|
type GetUserRequest struct {
|
||||||
state protoimpl.MessageState
|
state protoimpl.MessageState
|
||||||
sizeCache protoimpl.SizeCache
|
sizeCache protoimpl.SizeCache
|
||||||
|
@ -551,47 +591,57 @@ var file_headscale_v1_user_proto_rawDesc = []byte{
|
||||||
0x73, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x73,
|
0x73, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0c, 0x68, 0x65, 0x61, 0x64, 0x73,
|
||||||
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
|
0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f,
|
||||||
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
|
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
|
||||||
0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x65, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72,
|
0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x83, 0x02, 0x0a, 0x04, 0x55, 0x73, 0x65,
|
||||||
0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64,
|
0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69,
|
||||||
0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
|
0x64, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
|
||||||
0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f,
|
0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64,
|
||||||
0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
0x5f, 0x61, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
|
||||||
0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73,
|
0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
|
||||||
0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x22,
|
0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74,
|
||||||
0x24, 0x0a, 0x0e, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
0x12, 0x21, 0x0a, 0x0c, 0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
|
||||||
0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52,
|
0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x69, 0x73, 0x70, 0x6c, 0x61, 0x79, 0x4e,
|
||||||
0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x39, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72,
|
0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x05, 0x20, 0x01,
|
||||||
0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72,
|
0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x72, 0x6f,
|
||||||
0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a,
|
||||||
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72,
|
0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x72,
|
||||||
0x22, 0x27, 0x0a, 0x11, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65,
|
0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x72,
|
||||||
0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
|
0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x26, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c,
|
||||||
0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x3c, 0x0a, 0x12, 0x43, 0x72, 0x65,
|
0x65, 0x5f, 0x70, 0x69, 0x63, 0x5f, 0x75, 0x72, 0x6c, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52,
|
||||||
0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12,
|
0x0d, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x50, 0x69, 0x63, 0x55, 0x72, 0x6c, 0x22, 0x24,
|
||||||
0x26, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e,
|
0x0a, 0x0e, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74,
|
||||||
0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65,
|
0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
|
||||||
0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x49, 0x0a, 0x11, 0x52, 0x65, 0x6e, 0x61, 0x6d,
|
0x6e, 0x61, 0x6d, 0x65, 0x22, 0x39, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||||
0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x19, 0x0a, 0x08,
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18,
|
||||||
0x6f, 0x6c, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07,
|
0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
0x6f, 0x6c, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6e, 0x65, 0x77, 0x5f, 0x6e,
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22,
|
||||||
0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6e, 0x65, 0x77, 0x4e, 0x61,
|
0x27, 0x0a, 0x11, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71,
|
||||||
0x6d, 0x65, 0x22, 0x3c, 0x0a, 0x12, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72,
|
0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
|
||||||
0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72,
|
0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x3c, 0x0a, 0x12, 0x43, 0x72, 0x65, 0x61,
|
||||||
0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x26,
|
||||||
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72,
|
0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68,
|
||||||
0x22, 0x27, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65,
|
0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72,
|
||||||
0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
|
0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x49, 0x0a, 0x11, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65,
|
||||||
0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x14, 0x0a, 0x12, 0x44, 0x65, 0x6c,
|
0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x19, 0x0a, 0x08, 0x6f,
|
||||||
0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
|
0x6c, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6f,
|
||||||
0x12, 0x0a, 0x10, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75,
|
0x6c, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x6e, 0x65, 0x77, 0x5f, 0x6e, 0x61,
|
||||||
0x65, 0x73, 0x74, 0x22, 0x3d, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73,
|
0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6e, 0x65, 0x77, 0x4e, 0x61, 0x6d,
|
||||||
0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x28, 0x0a, 0x05, 0x75, 0x73, 0x65, 0x72,
|
0x65, 0x22, 0x3c, 0x0a, 0x12, 0x52, 0x65, 0x6e, 0x61, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||||
0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x26, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18,
|
||||||
0x61, 0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x05, 0x75, 0x73, 0x65,
|
0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61, 0x6c,
|
||||||
0x72, 0x73, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d,
|
0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22,
|
||||||
0x2f, 0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63,
|
0x27, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71,
|
||||||
0x61, 0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70,
|
0x75, 0x65, 0x73, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
|
||||||
0x72, 0x6f, 0x74, 0x6f, 0x33,
|
0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x14, 0x0a, 0x12, 0x44, 0x65, 0x6c, 0x65,
|
||||||
|
0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x12,
|
||||||
|
0x0a, 0x10, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
|
||||||
|
0x73, 0x74, 0x22, 0x3d, 0x0a, 0x11, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52,
|
||||||
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x28, 0x0a, 0x05, 0x75, 0x73, 0x65, 0x72, 0x73,
|
||||||
|
0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x12, 0x2e, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x05, 0x75, 0x73, 0x65, 0x72,
|
||||||
|
0x73, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f,
|
||||||
|
0x6a, 0x75, 0x61, 0x6e, 0x66, 0x6f, 0x6e, 0x74, 0x2f, 0x68, 0x65, 0x61, 0x64, 0x73, 0x63, 0x61,
|
||||||
|
0x6c, 0x65, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x67, 0x6f, 0x2f, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72,
|
||||||
|
0x6f, 0x74, 0x6f, 0x33,
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -607,7 +657,7 @@ func file_headscale_v1_user_proto_rawDescGZIP() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
var file_headscale_v1_user_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
|
var file_headscale_v1_user_proto_msgTypes = make([]protoimpl.MessageInfo, 11)
|
||||||
var file_headscale_v1_user_proto_goTypes = []interface{}{
|
var file_headscale_v1_user_proto_goTypes = []any{
|
||||||
(*User)(nil), // 0: headscale.v1.User
|
(*User)(nil), // 0: headscale.v1.User
|
||||||
(*GetUserRequest)(nil), // 1: headscale.v1.GetUserRequest
|
(*GetUserRequest)(nil), // 1: headscale.v1.GetUserRequest
|
||||||
(*GetUserResponse)(nil), // 2: headscale.v1.GetUserResponse
|
(*GetUserResponse)(nil), // 2: headscale.v1.GetUserResponse
|
||||||
|
@ -640,7 +690,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !protoimpl.UnsafeEnabled {
|
if !protoimpl.UnsafeEnabled {
|
||||||
file_headscale_v1_user_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[0].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*User); i {
|
switch v := v.(*User); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -652,7 +702,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[1].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetUserRequest); i {
|
switch v := v.(*GetUserRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -664,7 +714,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[2].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*GetUserResponse); i {
|
switch v := v.(*GetUserResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -676,7 +726,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[3].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreateUserRequest); i {
|
switch v := v.(*CreateUserRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -688,7 +738,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[4].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*CreateUserResponse); i {
|
switch v := v.(*CreateUserResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -700,7 +750,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[5].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RenameUserRequest); i {
|
switch v := v.(*RenameUserRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -712,7 +762,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[6].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*RenameUserResponse); i {
|
switch v := v.(*RenameUserResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -724,7 +774,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[7].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteUserRequest); i {
|
switch v := v.(*DeleteUserRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -736,7 +786,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[8].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*DeleteUserResponse); i {
|
switch v := v.(*DeleteUserResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -748,7 +798,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[9].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListUsersRequest); i {
|
switch v := v.(*ListUsersRequest); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
@ -760,7 +810,7 @@ func file_headscale_v1_user_proto_init() {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_headscale_v1_user_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
|
file_headscale_v1_user_proto_msgTypes[10].Exporter = func(v any, i int) any {
|
||||||
switch v := v.(*ListUsersResponse); i {
|
switch v := v.(*ListUsersResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
|
|
|
@ -484,10 +484,65 @@
|
||||||
"format": "uint64"
|
"format": "uint64"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "user",
|
"name": "body",
|
||||||
"in": "query",
|
"in": "body",
|
||||||
"required": false,
|
"required": true,
|
||||||
"type": "string"
|
"schema": {
|
||||||
|
"$ref": "#/definitions/HeadscaleServiceMoveNodeBody"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"HeadscaleService"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"/api/v1/policy": {
|
||||||
|
"get": {
|
||||||
|
"summary": "--- Policy start ---",
|
||||||
|
"operationId": "HeadscaleService_GetPolicy",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/v1GetPolicyResponse"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "An unexpected error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/rpcStatus"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"tags": [
|
||||||
|
"HeadscaleService"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"put": {
|
||||||
|
"operationId": "HeadscaleService_SetPolicy",
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/v1SetPolicyResponse"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "An unexpected error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/rpcStatus"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"name": "body",
|
||||||
|
"in": "body",
|
||||||
|
"required": true,
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/v1SetPolicyRequest"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"tags": [
|
"tags": [
|
||||||
|
@ -853,6 +908,14 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"definitions": {
|
"definitions": {
|
||||||
|
"HeadscaleServiceMoveNodeBody": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"user": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"HeadscaleServiceSetTagsBody": {
|
"HeadscaleServiceSetTagsBody": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
@ -1091,6 +1154,18 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"v1GetPolicyResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"updatedAt": {
|
||||||
|
"type": "string",
|
||||||
|
"format": "date-time"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"v1GetRoutesResponse": {
|
"v1GetRoutesResponse": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
@ -1346,6 +1421,26 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"v1SetPolicyRequest": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"v1SetPolicyResponse": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"updatedAt": {
|
||||||
|
"type": "string",
|
||||||
|
"format": "date-time"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"v1SetTagsResponse": {
|
"v1SetTagsResponse": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
@ -1366,6 +1461,21 @@
|
||||||
"createdAt": {
|
"createdAt": {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"format": "date-time"
|
"format": "date-time"
|
||||||
|
},
|
||||||
|
"displayName": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"email": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"providerId": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"provider": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"profilePicUrl": {
|
||||||
|
"type": "string"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
44
gen/openapiv2/headscale/v1/policy.swagger.json
Normal file
44
gen/openapiv2/headscale/v1/policy.swagger.json
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
{
|
||||||
|
"swagger": "2.0",
|
||||||
|
"info": {
|
||||||
|
"title": "headscale/v1/policy.proto",
|
||||||
|
"version": "version not set"
|
||||||
|
},
|
||||||
|
"consumes": [
|
||||||
|
"application/json"
|
||||||
|
],
|
||||||
|
"produces": [
|
||||||
|
"application/json"
|
||||||
|
],
|
||||||
|
"paths": {},
|
||||||
|
"definitions": {
|
||||||
|
"protobufAny": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"@type": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"additionalProperties": {}
|
||||||
|
},
|
||||||
|
"rpcStatus": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"code": {
|
||||||
|
"type": "integer",
|
||||||
|
"format": "int32"
|
||||||
|
},
|
||||||
|
"message": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"details": {
|
||||||
|
"type": "array",
|
||||||
|
"items": {
|
||||||
|
"type": "object",
|
||||||
|
"$ref": "#/definitions/protobufAny"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
134
go.mod
134
go.mod
|
@ -1,62 +1,61 @@
|
||||||
module github.com/juanfont/headscale
|
module github.com/juanfont/headscale
|
||||||
|
|
||||||
go 1.22.0
|
go 1.23.1
|
||||||
|
|
||||||
toolchain go1.22.2
|
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/AlecAivazis/survey/v2 v2.3.7
|
github.com/AlecAivazis/survey/v2 v2.3.7
|
||||||
github.com/coreos/go-oidc/v3 v3.10.0
|
github.com/chasefleming/elem-go v0.29.0
|
||||||
|
github.com/coder/websocket v1.8.12
|
||||||
|
github.com/coreos/go-oidc/v3 v3.11.0
|
||||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
|
||||||
github.com/deckarep/golang-set/v2 v2.6.0
|
|
||||||
github.com/glebarez/sqlite v1.11.0
|
github.com/glebarez/sqlite v1.11.0
|
||||||
github.com/go-gormigrate/gormigrate/v2 v2.1.2
|
github.com/go-gormigrate/gormigrate/v2 v2.1.2
|
||||||
github.com/gofrs/uuid/v5 v5.2.0
|
github.com/gofrs/uuid/v5 v5.3.0
|
||||||
github.com/google/go-cmp v0.6.0
|
github.com/google/go-cmp v0.6.0
|
||||||
github.com/gorilla/mux v1.8.1
|
github.com/gorilla/mux v1.8.1
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
|
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0
|
||||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0
|
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0
|
||||||
github.com/jagottsicher/termcolor v1.0.2
|
github.com/jagottsicher/termcolor v1.0.2
|
||||||
github.com/klauspost/compress v1.17.8
|
github.com/klauspost/compress v1.17.9
|
||||||
github.com/oauth2-proxy/mockoidc v0.0.0-20240214162133-caebfff84d25
|
github.com/oauth2-proxy/mockoidc v0.0.0-20240214162133-caebfff84d25
|
||||||
github.com/ory/dockertest/v3 v3.10.0
|
github.com/ory/dockertest/v3 v3.11.0
|
||||||
github.com/patrickmn/go-cache v2.1.0+incompatible
|
|
||||||
github.com/philip-bui/grpc-zerolog v1.0.1
|
github.com/philip-bui/grpc-zerolog v1.0.1
|
||||||
github.com/pkg/profile v1.7.0
|
github.com/pkg/profile v1.7.0
|
||||||
github.com/prometheus/client_golang v1.18.0
|
github.com/prometheus/client_golang v1.20.2
|
||||||
github.com/prometheus/common v0.46.0
|
github.com/prometheus/common v0.58.0
|
||||||
github.com/pterm/pterm v0.12.79
|
github.com/pterm/pterm v0.12.79
|
||||||
github.com/puzpuzpuz/xsync/v3 v3.1.0
|
github.com/puzpuzpuz/xsync/v3 v3.4.0
|
||||||
github.com/rs/zerolog v1.32.0
|
github.com/rs/zerolog v1.33.0
|
||||||
github.com/samber/lo v1.39.0
|
github.com/samber/lo v1.47.0
|
||||||
github.com/sasha-s/go-deadlock v0.3.1
|
github.com/sasha-s/go-deadlock v0.3.5
|
||||||
github.com/spf13/cobra v1.8.0
|
github.com/spf13/cobra v1.8.1
|
||||||
github.com/spf13/viper v1.18.2
|
github.com/spf13/viper v1.20.0-alpha.6
|
||||||
github.com/stretchr/testify v1.9.0
|
github.com/stretchr/testify v1.9.0
|
||||||
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a
|
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a
|
||||||
github.com/tailscale/tailsql v0.0.0-20240418235827-820559f382c1
|
github.com/tailscale/tailsql v0.0.0-20240418235827-820559f382c1
|
||||||
github.com/tcnksm/go-latest v0.0.0-20170313132115-e3007ae9052e
|
github.com/tcnksm/go-latest v0.0.0-20170313132115-e3007ae9052e
|
||||||
go4.org/netipx v0.0.0-20231129151722-fdeea329fbba
|
go4.org/netipx v0.0.0-20231129151722-fdeea329fbba
|
||||||
golang.org/x/crypto v0.23.0
|
golang.org/x/crypto v0.26.0
|
||||||
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
|
golang.org/x/exp v0.0.0-20240823005443-9b4947da3948
|
||||||
golang.org/x/net v0.25.0
|
golang.org/x/net v0.28.0
|
||||||
golang.org/x/oauth2 v0.20.0
|
golang.org/x/oauth2 v0.22.0
|
||||||
golang.org/x/sync v0.7.0
|
golang.org/x/sync v0.8.0
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240515191416-fc5f0ca64291
|
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1
|
||||||
google.golang.org/grpc v1.64.0
|
google.golang.org/grpc v1.66.0
|
||||||
google.golang.org/protobuf v1.34.1
|
google.golang.org/protobuf v1.34.2
|
||||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
|
||||||
gopkg.in/yaml.v3 v3.0.1
|
gopkg.in/yaml.v3 v3.0.1
|
||||||
gorm.io/driver/postgres v1.5.7
|
gorm.io/driver/postgres v1.5.9
|
||||||
gorm.io/gorm v1.25.10
|
gorm.io/gorm v1.25.11
|
||||||
tailscale.com v1.66.3
|
tailscale.com v1.75.0-pre.0.20240926101731-7d1160ddaab7
|
||||||
|
zgo.at/zcache/v2 v2.1.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
atomicgo.dev/cursor v0.2.0 // indirect
|
atomicgo.dev/cursor v0.2.0 // indirect
|
||||||
atomicgo.dev/keyboard v0.2.9 // indirect
|
atomicgo.dev/keyboard v0.2.9 // indirect
|
||||||
atomicgo.dev/schedule v0.1.0 // indirect
|
atomicgo.dev/schedule v0.1.0 // indirect
|
||||||
dario.cat/mergo v1.0.0 // indirect
|
dario.cat/mergo v1.0.1 // indirect
|
||||||
filippo.io/edwards25519 v1.1.0 // indirect
|
filippo.io/edwards25519 v1.1.0 // indirect
|
||||||
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
|
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
|
||||||
github.com/Microsoft/go-winio v0.6.2 // indirect
|
github.com/Microsoft/go-winio v0.6.2 // indirect
|
||||||
|
@ -80,27 +79,28 @@ require (
|
||||||
github.com/beorn7/perks v1.0.1 // indirect
|
github.com/beorn7/perks v1.0.1 // indirect
|
||||||
github.com/bits-and-blooms/bitset v1.13.0 // indirect
|
github.com/bits-and-blooms/bitset v1.13.0 // indirect
|
||||||
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
|
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
|
||||||
github.com/cespare/xxhash/v2 v2.2.0 // indirect
|
github.com/cespare/xxhash/v2 v2.3.0 // indirect
|
||||||
github.com/containerd/console v1.0.4 // indirect
|
github.com/containerd/console v1.0.4 // indirect
|
||||||
github.com/containerd/continuity v0.4.3 // indirect
|
github.com/containerd/continuity v0.4.3 // indirect
|
||||||
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 // indirect
|
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 // indirect
|
||||||
github.com/creachadair/mds v0.14.5 // indirect
|
github.com/creachadair/mds v0.14.5 // indirect
|
||||||
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0 // indirect
|
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0 // indirect
|
||||||
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e // indirect
|
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e // indirect
|
||||||
github.com/docker/cli v26.1.3+incompatible // indirect
|
github.com/docker/cli v27.2.0+incompatible // indirect
|
||||||
github.com/docker/docker v26.1.3+incompatible // indirect
|
github.com/docker/docker v27.2.0+incompatible // indirect
|
||||||
github.com/docker/go-connections v0.5.0 // indirect
|
github.com/docker/go-connections v0.5.0 // indirect
|
||||||
github.com/docker/go-units v0.5.0 // indirect
|
github.com/docker/go-units v0.5.0 // indirect
|
||||||
github.com/dustin/go-humanize v1.0.1 // indirect
|
github.com/dustin/go-humanize v1.0.1 // indirect
|
||||||
github.com/felixge/fgprof v0.9.4 // indirect
|
github.com/felixge/fgprof v0.9.5 // indirect
|
||||||
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
||||||
github.com/fxamacker/cbor/v2 v2.5.0 // indirect
|
github.com/fxamacker/cbor/v2 v2.6.0 // indirect
|
||||||
github.com/gaissmai/bart v0.4.1 // indirect
|
github.com/gaissmai/bart v0.11.1 // indirect
|
||||||
github.com/glebarez/go-sqlite v1.22.0 // indirect
|
github.com/glebarez/go-sqlite v1.22.0 // indirect
|
||||||
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
|
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
|
||||||
github.com/go-jose/go-jose/v4 v4.0.1 // indirect
|
github.com/go-jose/go-jose/v4 v4.0.2 // indirect
|
||||||
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0 // indirect
|
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0 // indirect
|
||||||
github.com/go-ole/go-ole v1.3.0 // indirect
|
github.com/go-ole/go-ole v1.3.0 // indirect
|
||||||
|
github.com/go-viper/mapstructure/v2 v2.1.0 // indirect
|
||||||
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect
|
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect
|
||||||
github.com/gogo/protobuf v1.3.2 // indirect
|
github.com/gogo/protobuf v1.3.2 // indirect
|
||||||
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
|
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
|
||||||
|
@ -110,21 +110,20 @@ require (
|
||||||
github.com/google/go-github v17.0.0+incompatible // indirect
|
github.com/google/go-github v17.0.0+incompatible // indirect
|
||||||
github.com/google/go-querystring v1.1.0 // indirect
|
github.com/google/go-querystring v1.1.0 // indirect
|
||||||
github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806 // indirect
|
github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806 // indirect
|
||||||
github.com/google/pprof v0.0.0-20240509144519-723abb6459b7 // indirect
|
github.com/google/pprof v0.0.0-20240829160300-da1f7e9f2b25 // indirect
|
||||||
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
|
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
|
||||||
github.com/google/uuid v1.6.0 // indirect
|
github.com/google/uuid v1.6.0 // indirect
|
||||||
github.com/gookit/color v1.5.4 // indirect
|
github.com/gookit/color v1.5.4 // indirect
|
||||||
github.com/gorilla/csrf v1.7.2 // indirect
|
github.com/gorilla/csrf v1.7.2 // indirect
|
||||||
github.com/gorilla/securecookie v1.1.2 // indirect
|
github.com/gorilla/securecookie v1.1.2 // indirect
|
||||||
github.com/hashicorp/go-version v1.6.0 // indirect
|
github.com/hashicorp/go-version v1.7.0 // indirect
|
||||||
github.com/hashicorp/hcl v1.0.0 // indirect
|
|
||||||
github.com/hdevalence/ed25519consensus v0.2.0 // indirect
|
github.com/hdevalence/ed25519consensus v0.2.0 // indirect
|
||||||
github.com/illarion/gonotify v1.0.1 // indirect
|
github.com/illarion/gonotify/v2 v2.0.3 // indirect
|
||||||
github.com/inconshreveable/mousetrap v1.1.0 // indirect
|
github.com/inconshreveable/mousetrap v1.1.0 // indirect
|
||||||
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914 // indirect
|
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914 // indirect
|
||||||
github.com/jackc/pgpassfile v1.0.0 // indirect
|
github.com/jackc/pgpassfile v1.0.0 // indirect
|
||||||
github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 // indirect
|
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
|
||||||
github.com/jackc/pgx/v5 v5.5.5 // indirect
|
github.com/jackc/pgx/v5 v5.6.0 // indirect
|
||||||
github.com/jackc/puddle/v2 v2.2.1 // indirect
|
github.com/jackc/puddle/v2 v2.2.1 // indirect
|
||||||
github.com/jinzhu/inflection v1.0.0 // indirect
|
github.com/jinzhu/inflection v1.0.0 // indirect
|
||||||
github.com/jinzhu/now v1.1.5 // indirect
|
github.com/jinzhu/now v1.1.5 // indirect
|
||||||
|
@ -135,12 +134,10 @@ require (
|
||||||
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a // indirect
|
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a // indirect
|
||||||
github.com/kr/pretty v0.3.1 // indirect
|
github.com/kr/pretty v0.3.1 // indirect
|
||||||
github.com/kr/text v0.2.0 // indirect
|
github.com/kr/text v0.2.0 // indirect
|
||||||
github.com/lib/pq v1.10.7 // indirect
|
|
||||||
github.com/lithammer/fuzzysearch v1.1.8 // indirect
|
github.com/lithammer/fuzzysearch v1.1.8 // indirect
|
||||||
github.com/magiconair/properties v1.8.7 // indirect
|
|
||||||
github.com/mattn/go-colorable v0.1.13 // indirect
|
github.com/mattn/go-colorable v0.1.13 // indirect
|
||||||
github.com/mattn/go-isatty v0.0.20 // indirect
|
github.com/mattn/go-isatty v0.0.20 // indirect
|
||||||
github.com/mattn/go-runewidth v0.0.15 // indirect
|
github.com/mattn/go-runewidth v0.0.16 // indirect
|
||||||
github.com/mdlayher/genetlink v1.3.2 // indirect
|
github.com/mdlayher/genetlink v1.3.2 // indirect
|
||||||
github.com/mdlayher/netlink v1.7.2 // indirect
|
github.com/mdlayher/netlink v1.7.2 // indirect
|
||||||
github.com/mdlayher/sdnotify v1.0.0 // indirect
|
github.com/mdlayher/sdnotify v1.0.0 // indirect
|
||||||
|
@ -148,45 +145,44 @@ require (
|
||||||
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
|
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
|
||||||
github.com/miekg/dns v1.1.58 // indirect
|
github.com/miekg/dns v1.1.58 // indirect
|
||||||
github.com/mitchellh/go-ps v1.0.0 // indirect
|
github.com/mitchellh/go-ps v1.0.0 // indirect
|
||||||
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
|
||||||
github.com/moby/docker-image-spec v1.3.1 // indirect
|
github.com/moby/docker-image-spec v1.3.1 // indirect
|
||||||
github.com/moby/term v0.5.0 // indirect
|
github.com/moby/term v0.5.0 // indirect
|
||||||
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
||||||
github.com/ncruces/go-strftime v0.1.9 // indirect
|
github.com/ncruces/go-strftime v0.1.9 // indirect
|
||||||
github.com/opencontainers/go-digest v1.0.0 // indirect
|
github.com/opencontainers/go-digest v1.0.0 // indirect
|
||||||
github.com/opencontainers/image-spec v1.1.0 // indirect
|
github.com/opencontainers/image-spec v1.1.0 // indirect
|
||||||
github.com/opencontainers/runc v1.1.12 // indirect
|
github.com/opencontainers/runc v1.1.14 // indirect
|
||||||
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
|
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
|
||||||
github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 // indirect
|
github.com/petermattis/goid v0.0.0-20240813172612-4fcff4a6cae7 // indirect
|
||||||
github.com/pierrec/lz4/v4 v4.1.21 // indirect
|
github.com/pierrec/lz4/v4 v4.1.21 // indirect
|
||||||
github.com/pkg/errors v0.9.1 // indirect
|
github.com/pkg/errors v0.9.1 // indirect
|
||||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
||||||
github.com/prometheus/client_model v0.5.0 // indirect
|
github.com/prometheus-community/pro-bing v0.4.0 // indirect
|
||||||
github.com/prometheus/procfs v0.12.0 // indirect
|
github.com/prometheus/client_model v0.6.1 // indirect
|
||||||
|
github.com/prometheus/procfs v0.15.1 // indirect
|
||||||
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
|
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
|
||||||
github.com/rivo/uniseg v0.4.7 // indirect
|
github.com/rivo/uniseg v0.4.7 // indirect
|
||||||
github.com/rogpeppe/go-internal v1.12.0 // indirect
|
github.com/rogpeppe/go-internal v1.12.0 // indirect
|
||||||
github.com/safchain/ethtool v0.3.0 // indirect
|
github.com/safchain/ethtool v0.3.0 // indirect
|
||||||
github.com/sagikazarmark/locafero v0.4.0 // indirect
|
github.com/sagikazarmark/locafero v0.6.0 // indirect
|
||||||
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
|
|
||||||
github.com/sirupsen/logrus v1.9.3 // indirect
|
github.com/sirupsen/logrus v1.9.3 // indirect
|
||||||
github.com/sourcegraph/conc v0.3.0 // indirect
|
github.com/sourcegraph/conc v0.3.0 // indirect
|
||||||
github.com/spf13/afero v1.11.0 // indirect
|
github.com/spf13/afero v1.11.0 // indirect
|
||||||
github.com/spf13/cast v1.6.0 // indirect
|
github.com/spf13/cast v1.7.0 // indirect
|
||||||
github.com/spf13/pflag v1.0.5 // indirect
|
github.com/spf13/pflag v1.0.5 // indirect
|
||||||
github.com/subosito/gotenv v1.6.0 // indirect
|
github.com/subosito/gotenv v1.6.0 // indirect
|
||||||
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e // indirect
|
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e // indirect
|
||||||
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 // indirect
|
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 // indirect
|
||||||
github.com/tailscale/golang-x-crypto v0.0.0-20240108194725-7ce1f622c780 // indirect
|
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4 // indirect
|
||||||
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 // indirect
|
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 // indirect
|
||||||
github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85 // indirect
|
github.com/tailscale/netlink v1.1.1-0.20240822203006-4d49adab4de7 // indirect
|
||||||
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 // indirect
|
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 // indirect
|
||||||
github.com/tailscale/setec v0.0.0-20240314234648-9da8e7407257 // indirect
|
github.com/tailscale/setec v0.0.0-20240314234648-9da8e7407257 // indirect
|
||||||
github.com/tailscale/squibble v0.0.0-20240418235321-9ee0eeb78185 // indirect
|
github.com/tailscale/squibble v0.0.0-20240418235321-9ee0eeb78185 // indirect
|
||||||
github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 // indirect
|
github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 // indirect
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754 // indirect
|
github.com/tailscale/wireguard-go v0.0.0-20240905161824-799c1978fafc // indirect
|
||||||
github.com/tcnksm/go-httpstat v0.2.0 // indirect
|
github.com/tcnksm/go-httpstat v0.2.0 // indirect
|
||||||
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e // indirect
|
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e // indirect
|
||||||
github.com/vishvananda/netlink v1.2.1-beta.2 // indirect
|
|
||||||
github.com/vishvananda/netns v0.0.4 // indirect
|
github.com/vishvananda/netns v0.0.4 // indirect
|
||||||
github.com/x448/float16 v0.8.4 // indirect
|
github.com/x448/float16 v0.8.4 // indirect
|
||||||
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
|
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
|
||||||
|
@ -195,21 +191,19 @@ require (
|
||||||
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
|
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
|
||||||
go.uber.org/multierr v1.11.0 // indirect
|
go.uber.org/multierr v1.11.0 // indirect
|
||||||
go4.org/mem v0.0.0-20220726221520-4f986261bf13 // indirect
|
go4.org/mem v0.0.0-20220726221520-4f986261bf13 // indirect
|
||||||
golang.org/x/mod v0.17.0 // indirect
|
golang.org/x/mod v0.20.0 // indirect
|
||||||
golang.org/x/sys v0.20.0 // indirect
|
golang.org/x/sys v0.24.0 // indirect
|
||||||
golang.org/x/term v0.20.0 // indirect
|
golang.org/x/term v0.23.0 // indirect
|
||||||
golang.org/x/text v0.15.0 // indirect
|
golang.org/x/text v0.17.0 // indirect
|
||||||
golang.org/x/time v0.5.0 // indirect
|
golang.org/x/time v0.5.0 // indirect
|
||||||
golang.org/x/tools v0.21.0 // indirect
|
golang.org/x/tools v0.24.0 // indirect
|
||||||
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
|
golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
|
||||||
golang.zx2c4.com/wireguard/windows v0.5.3 // indirect
|
golang.zx2c4.com/wireguard/windows v0.5.3 // indirect
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
|
||||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
|
||||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||||
gvisor.dev/gvisor v0.0.0-20240306221502-ee1e1f6070e3 // indirect
|
gvisor.dev/gvisor v0.0.0-20240722211153-64c016c92987 // indirect
|
||||||
modernc.org/libc v1.50.6 // indirect
|
modernc.org/libc v1.60.1 // indirect
|
||||||
modernc.org/mathutil v1.6.0 // indirect
|
modernc.org/mathutil v1.6.0 // indirect
|
||||||
modernc.org/memory v1.8.0 // indirect
|
modernc.org/memory v1.8.0 // indirect
|
||||||
modernc.org/sqlite v1.29.9 // indirect
|
modernc.org/sqlite v1.32.0 // indirect
|
||||||
nhooyr.io/websocket v1.8.10 // indirect
|
|
||||||
)
|
)
|
||||||
|
|
317
go.sum
317
go.sum
|
@ -7,8 +7,8 @@ atomicgo.dev/keyboard v0.2.9/go.mod h1:BC4w9g00XkxH/f1HXhW2sXmJFOCWbKn9xrOunSFtE
|
||||||
atomicgo.dev/schedule v0.1.0 h1:nTthAbhZS5YZmgYbb2+DH8uQIZcTlIrd4eYr3UQxEjs=
|
atomicgo.dev/schedule v0.1.0 h1:nTthAbhZS5YZmgYbb2+DH8uQIZcTlIrd4eYr3UQxEjs=
|
||||||
atomicgo.dev/schedule v0.1.0/go.mod h1:xeUa3oAkiuHYh8bKiQBRojqAMq3PXXbJujjb0hw8pEU=
|
atomicgo.dev/schedule v0.1.0/go.mod h1:xeUa3oAkiuHYh8bKiQBRojqAMq3PXXbJujjb0hw8pEU=
|
||||||
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
|
dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
|
||||||
dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
|
dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
|
||||||
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
|
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
|
||||||
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
|
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
|
||||||
filippo.io/mkcert v1.4.4 h1:8eVbbwfVlaqUM7OwuftKc2nuYOoTDQWqsoXmzoXZdbc=
|
filippo.io/mkcert v1.4.4 h1:8eVbbwfVlaqUM7OwuftKc2nuYOoTDQWqsoXmzoXZdbc=
|
||||||
|
@ -18,8 +18,8 @@ github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1r
|
||||||
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
|
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
|
||||||
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
|
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
|
||||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
|
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs=
|
||||||
github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
|
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
|
||||||
github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs=
|
github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs=
|
||||||
github.com/MarvinJWendt/testza v0.2.1/go.mod h1:God7bhG8n6uQxwdScay+gjm9/LnO4D3kkcZX4hv9Rp8=
|
github.com/MarvinJWendt/testza v0.2.1/go.mod h1:God7bhG8n6uQxwdScay+gjm9/LnO4D3kkcZX4hv9Rp8=
|
||||||
github.com/MarvinJWendt/testza v0.2.8/go.mod h1:nwIcjmr0Zz+Rcwfh3/4UhBp7ePKVhuBExvZqnKYWlII=
|
github.com/MarvinJWendt/testza v0.2.8/go.mod h1:nwIcjmr0Zz+Rcwfh3/4UhBp7ePKVhuBExvZqnKYWlII=
|
||||||
|
@ -88,8 +88,10 @@ github.com/bits-and-blooms/bitset v1.13.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6
|
||||||
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
|
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
|
||||||
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
|
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
|
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
|
||||||
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||||
|
github.com/chasefleming/elem-go v0.29.0 h1:WwrjQcVn6xldhexluvl2Z3sgKi9HTMuzWeEXO4PHsmg=
|
||||||
|
github.com/chasefleming/elem-go v0.29.0/go.mod h1:hz73qILBIKnTgOujnSMtEj20/epI+f6vg71RUilJAA4=
|
||||||
github.com/chromedp/cdproto v0.0.0-20230802225258-3cf4e6d46a89/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
github.com/chromedp/cdproto v0.0.0-20230802225258-3cf4e6d46a89/go.mod h1:GKljq0VrfU4D5yc+2qA6OVr8pmO/MBbPEWqWQ/oqGEs=
|
||||||
github.com/chromedp/chromedp v0.9.2/go.mod h1:LkSXJKONWTCHAfQasKFUZI+mxqS4tZqhmtGzzhLsnLs=
|
github.com/chromedp/chromedp v0.9.2/go.mod h1:LkSXJKONWTCHAfQasKFUZI+mxqS4tZqhmtGzzhLsnLs=
|
||||||
github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moAV0xufSww=
|
github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moAV0xufSww=
|
||||||
|
@ -99,10 +101,12 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P
|
||||||
github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk=
|
github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk=
|
||||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||||
github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
|
github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
|
||||||
github.com/cilium/ebpf v0.12.3 h1:8ht6F9MquybnY97at+VDZb3eQQr8ev79RueWeVaEcG4=
|
github.com/cilium/ebpf v0.15.0 h1:7NxJhNiBT3NG8pZJ3c+yfrVdHY8ScgKD27sScgjLMMk=
|
||||||
github.com/cilium/ebpf v0.12.3/go.mod h1:TctK1ivibvI3znr66ljgi4hqOT8EYQjz1KWBfb1UVgM=
|
github.com/cilium/ebpf v0.15.0/go.mod h1:DHp1WyrLeiBh19Cf/tfiSMhqheEiK8fXFZ4No0P1Hso=
|
||||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||||
|
github.com/coder/websocket v1.8.12 h1:5bUXkEPPIbewrnkU8LTCLVaxi4N4J8ahufH2vlo4NAo=
|
||||||
|
github.com/coder/websocket v1.8.12/go.mod h1:LNVeNrXQZfe5qhS9ALED3uA+l5pPqvwXg3CKoDBB2gs=
|
||||||
github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
|
github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
|
||||||
github.com/containerd/console v1.0.4 h1:F2g4+oChYvBTsASRTz8NP6iIAi97J3TtSAsLbIFn4ro=
|
github.com/containerd/console v1.0.4 h1:F2g4+oChYvBTsASRTz8NP6iIAi97J3TtSAsLbIFn4ro=
|
||||||
github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk=
|
github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk=
|
||||||
|
@ -110,32 +114,30 @@ github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7b
|
||||||
github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ=
|
github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ=
|
||||||
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 h1:8h5+bWd7R6AYUslN6c6iuZWTKsKxUFDlpnmilO6R2n0=
|
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 h1:8h5+bWd7R6AYUslN6c6iuZWTKsKxUFDlpnmilO6R2n0=
|
||||||
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
|
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
|
||||||
github.com/coreos/go-oidc/v3 v3.10.0 h1:tDnXHnLyiTVyT/2zLDGj09pFPkhND8Gl8lnTRhoEaJU=
|
github.com/coreos/go-oidc/v3 v3.11.0 h1:Ia3MxdwpSw702YW0xgfmP1GVCMA9aEFWu12XUZ3/OtI=
|
||||||
github.com/coreos/go-oidc/v3 v3.10.0/go.mod h1:5j11xcw0D3+SGxn6Z/WFADsgcWVMyNAlSQupk0KK3ac=
|
github.com/coreos/go-oidc/v3 v3.11.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0=
|
||||||
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
|
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||||
github.com/creachadair/mds v0.14.5 h1:2amuO4yCbQkaAyDoLO5iCbwbTRQZz4EpRhOejQbf4+8=
|
github.com/creachadair/mds v0.14.5 h1:2amuO4yCbQkaAyDoLO5iCbwbTRQZz4EpRhOejQbf4+8=
|
||||||
github.com/creachadair/mds v0.14.5/go.mod h1:4vrFYUzTXMJpMBU+OA292I6IUxKWCCfZkgXg+/kBZMo=
|
github.com/creachadair/mds v0.14.5/go.mod h1:4vrFYUzTXMJpMBU+OA292I6IUxKWCCfZkgXg+/kBZMo=
|
||||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||||
github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
||||||
github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0=
|
github.com/creack/pty v1.1.23 h1:4M6+isWdcStXEf15G/RbrMPOQj1dZ7HPZCGwE4kOeP0=
|
||||||
github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
github.com/creack/pty v1.1.23/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
|
||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
||||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0 h1:vrC07UZcgPzu/OjWsmQKMGg3LoPSz9jh/pQXIrHjUj4=
|
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0 h1:vrC07UZcgPzu/OjWsmQKMGg3LoPSz9jh/pQXIrHjUj4=
|
||||||
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0/go.mod h1:Nx87SkVqTKd8UtT+xu7sM/l+LgXs6c0aHrlKusR+2EQ=
|
github.com/dblohm7/wingoes v0.0.0-20240123200102-b75a8a7d7eb0/go.mod h1:Nx87SkVqTKd8UtT+xu7sM/l+LgXs6c0aHrlKusR+2EQ=
|
||||||
github.com/deckarep/golang-set/v2 v2.6.0 h1:XfcQbWM1LlMB8BsJ8N9vW5ehnnPVIw0je80NsVHagjM=
|
|
||||||
github.com/deckarep/golang-set/v2 v2.6.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4=
|
|
||||||
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e h1:vUmf0yezR0y7jJ5pceLHthLaYf4bA5T14B6q39S4q2Q=
|
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e h1:vUmf0yezR0y7jJ5pceLHthLaYf4bA5T14B6q39S4q2Q=
|
||||||
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e/go.mod h1:YTIHhz/QFSYnu/EhlF2SpU2Uk+32abacUYA5ZPljz1A=
|
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e/go.mod h1:YTIHhz/QFSYnu/EhlF2SpU2Uk+32abacUYA5ZPljz1A=
|
||||||
github.com/djherbis/times v1.6.0 h1:w2ctJ92J8fBvWPxugmXIv7Nz7Q3iDMKNx9v5ocVH20c=
|
github.com/djherbis/times v1.6.0 h1:w2ctJ92J8fBvWPxugmXIv7Nz7Q3iDMKNx9v5ocVH20c=
|
||||||
github.com/djherbis/times v1.6.0/go.mod h1:gOHeRAz2h+VJNZ5Gmc/o7iD9k4wW7NMVqieYCY99oc0=
|
github.com/djherbis/times v1.6.0/go.mod h1:gOHeRAz2h+VJNZ5Gmc/o7iD9k4wW7NMVqieYCY99oc0=
|
||||||
github.com/docker/cli v26.1.3+incompatible h1:bUpXT/N0kDE3VUHI2r5VMsYQgi38kYuoC0oL9yt3lqc=
|
github.com/docker/cli v27.2.0+incompatible h1:yHD1QEB1/0vr5eBNpu8tncu8gWxg8EydFPOSKHzXSMM=
|
||||||
github.com/docker/cli v26.1.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
|
github.com/docker/cli v27.2.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
|
||||||
github.com/docker/docker v26.1.3+incompatible h1:lLCzRbrVZrljpVNobJu1J2FHk8V0s4BawoZippkc+xo=
|
github.com/docker/docker v27.2.0+incompatible h1:Rk9nIVdfH3+Vz4cyI/uhbINhEZ/oLmc+CBXmH6fbNk4=
|
||||||
github.com/docker/docker v26.1.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
|
github.com/docker/docker v27.2.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
|
||||||
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
|
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
|
||||||
github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
|
github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
|
||||||
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
|
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
|
||||||
|
@ -149,16 +151,16 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m
|
||||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||||
github.com/felixge/fgprof v0.9.3/go.mod h1:RdbpDgzqYVh/T9fPELJyV7EYJuHB55UTEULNun8eiPw=
|
github.com/felixge/fgprof v0.9.3/go.mod h1:RdbpDgzqYVh/T9fPELJyV7EYJuHB55UTEULNun8eiPw=
|
||||||
github.com/felixge/fgprof v0.9.4 h1:ocDNwMFlnA0NU0zSB3I52xkO4sFXk80VK9lXjLClu88=
|
github.com/felixge/fgprof v0.9.5 h1:8+vR6yu2vvSKn08urWyEuxx75NWPEvybbkBirEpsbVY=
|
||||||
github.com/felixge/fgprof v0.9.4/go.mod h1:yKl+ERSa++RYOs32d8K6WEXCB4uXdLls4ZaZPpayhMM=
|
github.com/felixge/fgprof v0.9.5/go.mod h1:yKl+ERSa++RYOs32d8K6WEXCB4uXdLls4ZaZPpayhMM=
|
||||||
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
|
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
|
||||||
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
|
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
|
||||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||||
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||||
github.com/fxamacker/cbor/v2 v2.5.0 h1:oHsG0V/Q6E/wqTS2O1Cozzsy69nqCiguo5Q1a1ADivE=
|
github.com/fxamacker/cbor/v2 v2.6.0 h1:sU6J2usfADwWlYDAFhZBQ6TnLFBHxgesMrQfQgk1tWA=
|
||||||
github.com/fxamacker/cbor/v2 v2.5.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
|
github.com/fxamacker/cbor/v2 v2.6.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
|
||||||
github.com/gaissmai/bart v0.4.1 h1:G1t58voWkNmT47lBDawH5QhtTDsdqRIO+ftq5x4P9Ls=
|
github.com/gaissmai/bart v0.11.1 h1:5Uv5XwsaFBRo4E5VBcb9TzY8B7zxFf+U7isDxqOrRfc=
|
||||||
github.com/gaissmai/bart v0.4.1/go.mod h1:KHeYECXQiBjTzQz/om2tqn3sZF1J7hw9m6z41ftj3fg=
|
github.com/gaissmai/bart v0.11.1/go.mod h1:KHeYECXQiBjTzQz/om2tqn3sZF1J7hw9m6z41ftj3fg=
|
||||||
github.com/github/fakeca v0.1.0 h1:Km/MVOFvclqxPM9dZBC4+QE564nU4gz4iZ0D9pMw28I=
|
github.com/github/fakeca v0.1.0 h1:Km/MVOFvclqxPM9dZBC4+QE564nU4gz4iZ0D9pMw28I=
|
||||||
github.com/github/fakeca v0.1.0/go.mod h1:+bormgoGMMuamOscx7N91aOuUST7wdaJ2rNjeohylyo=
|
github.com/github/fakeca v0.1.0/go.mod h1:+bormgoGMMuamOscx7N91aOuUST7wdaJ2rNjeohylyo=
|
||||||
github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
|
github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ=
|
||||||
|
@ -169,25 +171,27 @@ github.com/go-gormigrate/gormigrate/v2 v2.1.2 h1:F/d1hpHbRAvKezziV2CC5KUE82cVe9z
|
||||||
github.com/go-gormigrate/gormigrate/v2 v2.1.2/go.mod h1:9nHVX6z3FCMCQPA7PThGcA55t22yKQfK/Dnsf5i7hUo=
|
github.com/go-gormigrate/gormigrate/v2 v2.1.2/go.mod h1:9nHVX6z3FCMCQPA7PThGcA55t22yKQfK/Dnsf5i7hUo=
|
||||||
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
|
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
|
||||||
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
|
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
|
||||||
github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U=
|
github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk=
|
||||||
github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
|
github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
|
||||||
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0 h1:ymLjT4f35nQbASLnvxEde4XOBL+Sn7rFuV+FOJqkljg=
|
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0 h1:ymLjT4f35nQbASLnvxEde4XOBL+Sn7rFuV+FOJqkljg=
|
||||||
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0/go.mod h1:6daplAwHHGbUGib4990V3Il26O0OC4aRyvewaaAihaA=
|
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0/go.mod h1:6daplAwHHGbUGib4990V3Il26O0OC4aRyvewaaAihaA=
|
||||||
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
||||||
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
|
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
|
||||||
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
|
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
|
||||||
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
|
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
|
||||||
github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
|
github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
|
||||||
github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
|
||||||
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||||
|
github.com/go-viper/mapstructure/v2 v2.1.0 h1:gHnMa2Y/pIxElCH2GlZZ1lZSsn6XMtufpGyP1XxdC/w=
|
||||||
|
github.com/go-viper/mapstructure/v2 v2.1.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
|
||||||
github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
|
github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
|
||||||
github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
|
github.com/gobwas/pool v0.2.1/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
|
||||||
github.com/gobwas/ws v1.2.1/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY=
|
github.com/gobwas/ws v1.2.1/go.mod h1:hRKAFb8wOxFROYNsT1bqfWnhX+b5MFeJM9r2ZSwg/KY=
|
||||||
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
|
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
|
||||||
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 h1:sQspH8M4niEijh3PFscJRLDnkL547IeP7kpPe3uUhEg=
|
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 h1:sQspH8M4niEijh3PFscJRLDnkL547IeP7kpPe3uUhEg=
|
||||||
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466/go.mod h1:ZiQxhyQ+bbbfxUKVvjfO498oPYvtYhZzycal3G/NHmU=
|
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466/go.mod h1:ZiQxhyQ+bbbfxUKVvjfO498oPYvtYhZzycal3G/NHmU=
|
||||||
github.com/gofrs/uuid/v5 v5.2.0 h1:qw1GMx6/y8vhVsx626ImfKMuS5CvJmhIKKtuyvfajMM=
|
github.com/gofrs/uuid/v5 v5.3.0 h1:m0mUMr+oVYUdxpMLgSYCZiXe7PuVPnI94+OMeVBNedk=
|
||||||
github.com/gofrs/uuid/v5 v5.2.0/go.mod h1:CDOjlDMVAtN56jqyRUZh58JT31Tiw7/oQyEXZV+9bD8=
|
github.com/gofrs/uuid/v5 v5.3.0/go.mod h1:CDOjlDMVAtN56jqyRUZh58JT31Tiw7/oQyEXZV+9bD8=
|
||||||
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
||||||
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||||
github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
|
github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk=
|
||||||
|
@ -218,8 +222,8 @@ github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806 h1:wG8RYIyctLhdF
|
||||||
github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806/go.mod h1:Beg6V6zZ3oEn0JuiUQ4wqwuyqqzasOltcoXPtgLbFp4=
|
github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806/go.mod h1:Beg6V6zZ3oEn0JuiUQ4wqwuyqqzasOltcoXPtgLbFp4=
|
||||||
github.com/google/pprof v0.0.0-20211214055906-6f57359322fd/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
|
github.com/google/pprof v0.0.0-20211214055906-6f57359322fd/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
|
||||||
github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
|
github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
|
||||||
github.com/google/pprof v0.0.0-20240509144519-723abb6459b7 h1:velgFPYr1X9TDwLIfkV7fWqsFlf7TeP11M/7kPd/dVI=
|
github.com/google/pprof v0.0.0-20240829160300-da1f7e9f2b25 h1:sEDPKUw6iPjczdu33njxFjO6tYa9bfc0z/QyB/zSsBw=
|
||||||
github.com/google/pprof v0.0.0-20240509144519-723abb6459b7/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw=
|
github.com/google/pprof v0.0.0-20240829160300-da1f7e9f2b25/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
|
||||||
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
|
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
|
||||||
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
|
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
|
||||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||||
|
@ -236,33 +240,30 @@ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kX
|
||||||
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
|
github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI=
|
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI=
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8=
|
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8=
|
||||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0=
|
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 h1:asbCHRVmodnJTuQ3qamDwqVOIjwqUPTYmYuemVOx+Ys=
|
||||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k=
|
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0/go.mod h1:ggCgvZ2r7uOoQjOyu2Y1NhHmEPPzzuhWgcza5M1Ji1I=
|
||||||
github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek=
|
github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY=
|
||||||
github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
|
github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
|
||||||
github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
|
|
||||||
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
|
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
|
||||||
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
|
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
|
||||||
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
|
||||||
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
|
|
||||||
github.com/hdevalence/ed25519consensus v0.2.0 h1:37ICyZqdyj0lAZ8P4D1d1id3HqbbG1N3iBb1Tb4rdcU=
|
github.com/hdevalence/ed25519consensus v0.2.0 h1:37ICyZqdyj0lAZ8P4D1d1id3HqbbG1N3iBb1Tb4rdcU=
|
||||||
github.com/hdevalence/ed25519consensus v0.2.0/go.mod h1:w3BHWjwJbFU29IRHL1Iqkw3sus+7FctEyM4RqDxYNzo=
|
github.com/hdevalence/ed25519consensus v0.2.0/go.mod h1:w3BHWjwJbFU29IRHL1Iqkw3sus+7FctEyM4RqDxYNzo=
|
||||||
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog=
|
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog=
|
||||||
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68=
|
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w=
|
github.com/ianlancetaylor/demangle v0.0.0-20210905161508-09a460cdf81d/go.mod h1:aYm2/VgdVmcIU8iMfdMvDMsRAQjcfZSKFby6HOFvi/w=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
|
github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw=
|
||||||
github.com/illarion/gonotify v1.0.1 h1:F1d+0Fgbq/sDWjj/r66ekjDG+IDeecQKUFH4wNwsoio=
|
github.com/illarion/gonotify/v2 v2.0.3 h1:B6+SKPo/0Sw8cRJh1aLzNEeNVFfzE3c6N+o+vyxM+9A=
|
||||||
github.com/illarion/gonotify v1.0.1/go.mod h1:zt5pmDofZpU1f8aqlK0+95eQhoEAn/d4G4B/FjVW4jE=
|
github.com/illarion/gonotify/v2 v2.0.3/go.mod h1:38oIJTgFqupkEydkkClkbL6i5lXV/bxdH9do5TALPEE=
|
||||||
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
|
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
|
||||||
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
|
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
|
||||||
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914 h1:kD8PseueGeYiid/Mmcv17Q0Qqicc4F46jcX22L/e/Hs=
|
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914 h1:kD8PseueGeYiid/Mmcv17Q0Qqicc4F46jcX22L/e/Hs=
|
||||||
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914/go.mod h1:3A9PQ1cunSDF/1rbTq99Ts4pVnycWg+vlPkfeD2NLFI=
|
github.com/insomniacslk/dhcp v0.0.0-20240129002554-15c9b8791914/go.mod h1:3A9PQ1cunSDF/1rbTq99Ts4pVnycWg+vlPkfeD2NLFI=
|
||||||
github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
|
github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
|
||||||
github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
|
github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
|
||||||
github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 h1:L0QtFUgDarD7Fpv9jeVMgy/+Ec0mtnmYuImjTz6dtDA=
|
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
|
||||||
github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
|
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
|
||||||
github.com/jackc/pgx/v5 v5.5.5 h1:amBjrZVmksIdNjxGW/IiIMzxMKZFelXbUoPNb+8sjQw=
|
github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY=
|
||||||
github.com/jackc/pgx/v5 v5.5.5/go.mod h1:ez9gk+OAat140fv9ErkZDYFWmXLfV+++K0uAOiwgm1A=
|
github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw=
|
||||||
github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk=
|
github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk=
|
||||||
github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
|
github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
|
||||||
github.com/jagottsicher/termcolor v1.0.2 h1:fo0c51pQSuLBN1+yVX2ZE+hE+P7ULb/TY8eRowJnrsM=
|
github.com/jagottsicher/termcolor v1.0.2 h1:fo0c51pQSuLBN1+yVX2ZE+hE+P7ULb/TY8eRowJnrsM=
|
||||||
|
@ -287,13 +288,13 @@ github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNU
|
||||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
||||||
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
|
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
|
||||||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU=
|
github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
|
||||||
github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
|
github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
|
||||||
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
|
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
|
||||||
github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
|
github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
|
||||||
github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
|
github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
|
||||||
github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM=
|
github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y70BU=
|
||||||
github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
|
github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
|
||||||
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
|
||||||
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a h1:+RR6SqnTkDLWyICxS1xpjCi/3dhyV+TgZwA6Ww3KncQ=
|
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a h1:+RR6SqnTkDLWyICxS1xpjCi/3dhyV+TgZwA6Ww3KncQ=
|
||||||
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a/go.mod h1:YTtCCM3ryyfiu4F7t8HQ1mxvp1UBdWM2r6Xa+nGWvDk=
|
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a/go.mod h1:YTtCCM3ryyfiu4F7t8HQ1mxvp1UBdWM2r6Xa+nGWvDk=
|
||||||
|
@ -307,13 +308,13 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||||
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
|
||||||
|
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||||
|
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||||
github.com/ledongthuc/pdf v0.0.0-20220302134840-0c2507a12d80/go.mod h1:imJHygn/1yfhB7XSJJKlFZKl/J+dCPAknuiaGOshXAs=
|
github.com/ledongthuc/pdf v0.0.0-20220302134840-0c2507a12d80/go.mod h1:imJHygn/1yfhB7XSJJKlFZKl/J+dCPAknuiaGOshXAs=
|
||||||
github.com/lib/pq v1.10.7 h1:p7ZhMD+KsSRozJr34udlUrhboJwWAgCg34+/ZZNvZZw=
|
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
|
||||||
github.com/lib/pq v1.10.7/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||||
github.com/lithammer/fuzzysearch v1.1.8 h1:/HIuJnjHuXS8bKaiTMeeDlW2/AyIWk2brx1V8LFgLN4=
|
github.com/lithammer/fuzzysearch v1.1.8 h1:/HIuJnjHuXS8bKaiTMeeDlW2/AyIWk2brx1V8LFgLN4=
|
||||||
github.com/lithammer/fuzzysearch v1.1.8/go.mod h1:IdqeyBClc3FFqSzYq/MXESsS4S0FsZ5ajtkr5xPLts4=
|
github.com/lithammer/fuzzysearch v1.1.8/go.mod h1:IdqeyBClc3FFqSzYq/MXESsS4S0FsZ5ajtkr5xPLts4=
|
||||||
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
|
|
||||||
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
|
|
||||||
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
|
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
|
||||||
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||||
|
@ -324,8 +325,8 @@ github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D
|
||||||
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
||||||
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||||
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||||
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc=
|
||||||
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||||
github.com/mdlayher/genetlink v1.3.2 h1:KdrNKe+CTu+IbZnm/GVUMXSqBBLqcGpRDa0xkQy56gw=
|
github.com/mdlayher/genetlink v1.3.2 h1:KdrNKe+CTu+IbZnm/GVUMXSqBBLqcGpRDa0xkQy56gw=
|
||||||
github.com/mdlayher/genetlink v1.3.2/go.mod h1:tcC3pkCrPUGIKKsCsp0B3AdaaKuHtaxoJRz3cc+528o=
|
github.com/mdlayher/genetlink v1.3.2/go.mod h1:tcC3pkCrPUGIKKsCsp0B3AdaaKuHtaxoJRz3cc+528o=
|
||||||
github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=
|
github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=
|
||||||
|
@ -341,12 +342,12 @@ github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
|
||||||
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
|
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
|
||||||
github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc=
|
github.com/mitchellh/go-ps v1.0.0 h1:i6ampVEEF4wQFF+bkYfwYgY+F/uYJDktmvLPf7qIgjc=
|
||||||
github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg=
|
github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg=
|
||||||
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
|
|
||||||
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
|
||||||
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
|
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
|
||||||
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
|
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
|
||||||
github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
|
github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
|
||||||
github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
|
github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
|
||||||
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
||||||
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
||||||
github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
|
github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
|
||||||
github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
|
github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
|
||||||
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
|
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
|
||||||
|
@ -357,18 +358,16 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
|
||||||
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
|
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
|
||||||
github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
|
github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
|
||||||
github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
|
github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
|
||||||
github.com/opencontainers/runc v1.1.12 h1:BOIssBaW1La0/qbNZHXOOa71dZfZEQOzW7dqQf3phss=
|
github.com/opencontainers/runc v1.1.14 h1:rgSuzbmgz5DUJjeSnw337TxDbRuqjs6iqQck/2weR6w=
|
||||||
github.com/opencontainers/runc v1.1.12/go.mod h1:S+lQwSfncpBha7XTy/5lBwWgm5+y5Ma/O44Ekby9FK8=
|
github.com/opencontainers/runc v1.1.14/go.mod h1:E4C2z+7BxR7GHXp0hAY53mek+x49X1LjPNeMTfRGvOA=
|
||||||
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
|
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
|
||||||
github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0=
|
github.com/orisano/pixelmatch v0.0.0-20220722002657-fb0b55479cde/go.mod h1:nZgzbfBr3hhjoZnS66nKrHmduYNpc34ny7RK4z5/HM0=
|
||||||
github.com/ory/dockertest/v3 v3.10.0 h1:4K3z2VMe8Woe++invjaTB7VRyQXQy5UY+loujO4aNE4=
|
github.com/ory/dockertest/v3 v3.11.0 h1:OiHcxKAvSDUwsEVh2BjxQQc/5EHz9n0va9awCtNGuyA=
|
||||||
github.com/ory/dockertest/v3 v3.10.0/go.mod h1:nr57ZbRWMqfsdGdFNLHz5jjNdDb7VVFnzAeW1n5N1Lg=
|
github.com/ory/dockertest/v3 v3.11.0/go.mod h1:VIPxS1gwT9NpPOrfD3rACs8Y9Z7yhzO4SB194iUDnUI=
|
||||||
github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc=
|
github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
|
||||||
github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
|
github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
|
||||||
github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
|
github.com/petermattis/goid v0.0.0-20240813172612-4fcff4a6cae7 h1:Dx7Ovyv/SFnMFw3fD4oEoeorXc6saIiQ23LrGLth0Gw=
|
||||||
github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
|
github.com/petermattis/goid v0.0.0-20240813172612-4fcff4a6cae7/go.mod h1:pxMtw7cyUw6B2bRH0ZBANSPg+AoSud1I1iyJHI69jH4=
|
||||||
github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5 h1:q2e307iGHPdTGp0hoxKjt1H5pDo6utceo3dQVK3I5XQ=
|
|
||||||
github.com/petermattis/goid v0.0.0-20180202154549-b0b1615b78e5/go.mod h1:jvVRKCrJTQWu0XVbaOlby/2lO20uSCHEMzzplHXte1o=
|
|
||||||
github.com/philip-bui/grpc-zerolog v1.0.1 h1:EMacvLRUd2O1K0eWod27ZP5CY1iTNkhBDLSN+Q4JEvA=
|
github.com/philip-bui/grpc-zerolog v1.0.1 h1:EMacvLRUd2O1K0eWod27ZP5CY1iTNkhBDLSN+Q4JEvA=
|
||||||
github.com/philip-bui/grpc-zerolog v1.0.1/go.mod h1:qXbiq/2X4ZUMMshsqlWyTHOcw7ns+GZmlqZZN05ZHcQ=
|
github.com/philip-bui/grpc-zerolog v1.0.1/go.mod h1:qXbiq/2X4ZUMMshsqlWyTHOcw7ns+GZmlqZZN05ZHcQ=
|
||||||
github.com/pierrec/lz4/v4 v4.1.14/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
|
github.com/pierrec/lz4/v4 v4.1.14/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
|
||||||
|
@ -385,15 +384,17 @@ github.com/pkg/sftp v1.13.6/go.mod h1:tz1ryNURKu77RL+GuCzmoJYxQczL3wLNNpPWagdg4Q
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk=
|
github.com/prometheus-community/pro-bing v0.4.0 h1:YMbv+i08gQz97OZZBwLyvmmQEEzyfyrrjEaAchdy3R4=
|
||||||
github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA=
|
github.com/prometheus-community/pro-bing v0.4.0/go.mod h1:b7wRYZtCcPmt4Sz319BykUU241rWLe1VFXyiyWK/dH4=
|
||||||
|
github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg=
|
||||||
|
github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
|
||||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
|
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
|
||||||
github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
|
github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
|
||||||
github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y=
|
github.com/prometheus/common v0.58.0 h1:N+N8vY4/23r6iYfD3UQZUoJPnUYAo7v6LG5XZxjZTXo=
|
||||||
github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ=
|
github.com/prometheus/common v0.58.0/go.mod h1:GpWM7dewqmVYcd7SmRaiWVe9SSqjf0UrwnYnpEZNuT0=
|
||||||
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
|
github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
|
||||||
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
|
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
||||||
github.com/pterm/pterm v0.12.27/go.mod h1:PhQ89w4i95rhgE+xedAoqous6K9X+r6aSOI2eFF7DZI=
|
github.com/pterm/pterm v0.12.27/go.mod h1:PhQ89w4i95rhgE+xedAoqous6K9X+r6aSOI2eFF7DZI=
|
||||||
github.com/pterm/pterm v0.12.29/go.mod h1:WI3qxgvoQFFGKGjGnJR849gU0TsEOvKn5Q8LlY1U7lg=
|
github.com/pterm/pterm v0.12.29/go.mod h1:WI3qxgvoQFFGKGjGnJR849gU0TsEOvKn5Q8LlY1U7lg=
|
||||||
github.com/pterm/pterm v0.12.30/go.mod h1:MOqLIyMOgmTDz9yorcYbcw+HsgoZo3BQfg2wtl3HEFE=
|
github.com/pterm/pterm v0.12.30/go.mod h1:MOqLIyMOgmTDz9yorcYbcw+HsgoZo3BQfg2wtl3HEFE=
|
||||||
|
@ -403,8 +404,8 @@ github.com/pterm/pterm v0.12.36/go.mod h1:NjiL09hFhT/vWjQHSj1athJpx6H8cjpHXNAK5b
|
||||||
github.com/pterm/pterm v0.12.40/go.mod h1:ffwPLwlbXxP+rxT0GsgDTzS3y3rmpAO1NMjUkGTYf8s=
|
github.com/pterm/pterm v0.12.40/go.mod h1:ffwPLwlbXxP+rxT0GsgDTzS3y3rmpAO1NMjUkGTYf8s=
|
||||||
github.com/pterm/pterm v0.12.79 h1:lH3yrYMhdpeqX9y5Ep1u7DejyHy7NSQg9qrBjF9dFT4=
|
github.com/pterm/pterm v0.12.79 h1:lH3yrYMhdpeqX9y5Ep1u7DejyHy7NSQg9qrBjF9dFT4=
|
||||||
github.com/pterm/pterm v0.12.79/go.mod h1:1v/gzOF1N0FsjbgTHZ1wVycRkKiatFvJSJC4IGaQAAo=
|
github.com/pterm/pterm v0.12.79/go.mod h1:1v/gzOF1N0FsjbgTHZ1wVycRkKiatFvJSJC4IGaQAAo=
|
||||||
github.com/puzpuzpuz/xsync/v3 v3.1.0 h1:EewKT7/LNac5SLiEblJeUu8z5eERHrmRLnMQL2d7qX4=
|
github.com/puzpuzpuz/xsync/v3 v3.4.0 h1:DuVBAdXuGFHv8adVXjWWZ63pJq+NRXOWVXlKDBZ+mJ4=
|
||||||
github.com/puzpuzpuz/xsync/v3 v3.1.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
|
github.com/puzpuzpuz/xsync/v3 v3.4.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
|
||||||
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
|
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
|
||||||
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
|
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
|
||||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||||
|
@ -414,19 +415,17 @@ github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/f
|
||||||
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
|
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
|
||||||
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
|
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
|
||||||
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
|
github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
|
||||||
github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0=
|
github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8=
|
||||||
github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
|
github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss=
|
||||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||||
github.com/safchain/ethtool v0.3.0 h1:gimQJpsI6sc1yIqP/y8GYgiXn/NjgvpM0RNoWLVVmP0=
|
github.com/safchain/ethtool v0.3.0 h1:gimQJpsI6sc1yIqP/y8GYgiXn/NjgvpM0RNoWLVVmP0=
|
||||||
github.com/safchain/ethtool v0.3.0/go.mod h1:SA9BwrgyAqNo7M+uaL6IYbxpm5wk3L7Mm6ocLW+CJUs=
|
github.com/safchain/ethtool v0.3.0/go.mod h1:SA9BwrgyAqNo7M+uaL6IYbxpm5wk3L7Mm6ocLW+CJUs=
|
||||||
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
|
github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk=
|
||||||
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
|
github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0=
|
||||||
github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
|
github.com/samber/lo v1.47.0 h1:z7RynLwP5nbyRscyvcD043DWYoOcYRv3mV8lBeqOCLc=
|
||||||
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
|
github.com/samber/lo v1.47.0/go.mod h1:RmDH9Ct32Qy3gduHQuKJ3gW1fMHAnE/fAzQuf6He5cU=
|
||||||
github.com/samber/lo v1.39.0 h1:4gTz1wUhNYLhFSKl6O+8peW0v2F4BCY034GRpU9WnuA=
|
github.com/sasha-s/go-deadlock v0.3.5 h1:tNCOEEDG6tBqrNDOX35j/7hL5FcFViG6awUGROb2NsU=
|
||||||
github.com/samber/lo v1.39.0/go.mod h1:+m/ZKRl6ClXCE2Lgf3MsQlWfh4bn1bz6CXEOxnEXnEA=
|
github.com/sasha-s/go-deadlock v0.3.5/go.mod h1:bugP6EGbdGYObIlx7pUZtWqlvo8k9H6vCBBsiChJQ5U=
|
||||||
github.com/sasha-s/go-deadlock v0.3.1 h1:sqv7fDNShgjcaxkO0JNcOAlr8B9+cV5Ey/OB71efZx0=
|
|
||||||
github.com/sasha-s/go-deadlock v0.3.1/go.mod h1:F73l+cr82YSh10GxyRI6qZiCgK64VaZjwesgfQ1/iLM=
|
|
||||||
github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
|
github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
|
||||||
github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
|
github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
|
||||||
github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
|
github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
|
||||||
|
@ -437,18 +436,17 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS
|
||||||
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
|
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
|
||||||
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
|
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
|
||||||
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
|
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
|
||||||
github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
|
github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w=
|
||||||
github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
|
github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
|
||||||
github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
|
github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
|
||||||
github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
|
github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
|
||||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||||
github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
|
github.com/spf13/viper v1.20.0-alpha.6 h1:f65Cr/+2qk4GfHC0xqT/isoupQppwN5+VLRztUGTDbY=
|
||||||
github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
|
github.com/spf13/viper v1.20.0-alpha.6/go.mod h1:CGBZzv0c9fOUASm6rfus4wdeIjR/04NOLq1P4KRhX3k=
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
|
||||||
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
|
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
|
||||||
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
|
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
|
||||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||||
|
@ -458,7 +456,6 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
|
||||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||||
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
|
||||||
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
||||||
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||||
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
|
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
|
||||||
|
@ -467,14 +464,14 @@ github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e h1:PtWT87weP
|
||||||
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e/go.mod h1:XrBNfAFN+pwoWuksbFS9Ccxnopa15zJGgXRFN90l3K4=
|
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e/go.mod h1:XrBNfAFN+pwoWuksbFS9Ccxnopa15zJGgXRFN90l3K4=
|
||||||
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 h1:Gzfnfk2TWrk8Jj4P4c1a3CtQyMaTVCznlkLZI++hok4=
|
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 h1:Gzfnfk2TWrk8Jj4P4c1a3CtQyMaTVCznlkLZI++hok4=
|
||||||
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55/go.mod h1:4k4QO+dQ3R5FofL+SanAUZe+/QfeK0+OIuwDIRu2vSg=
|
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55/go.mod h1:4k4QO+dQ3R5FofL+SanAUZe+/QfeK0+OIuwDIRu2vSg=
|
||||||
github.com/tailscale/golang-x-crypto v0.0.0-20240108194725-7ce1f622c780 h1:U0J2CUrrTcc2wmr9tSLYEo+USfwNikRRsmxVLD4eZ7E=
|
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4 h1:rXZGgEa+k2vJM8xT0PoSKfVXwFGPQ3z3CJfmnHJkZZw=
|
||||||
github.com/tailscale/golang-x-crypto v0.0.0-20240108194725-7ce1f622c780/go.mod h1:ikbF+YT089eInTp9f2vmvy4+ZVnW5hzX1q2WknxSprQ=
|
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4/go.mod h1:ikbF+YT089eInTp9f2vmvy4+ZVnW5hzX1q2WknxSprQ=
|
||||||
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 h1:4chzWmimtJPxRs2O36yuGRW3f9SYV+bMTTvMBI0EKio=
|
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 h1:4chzWmimtJPxRs2O36yuGRW3f9SYV+bMTTvMBI0EKio=
|
||||||
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05/go.mod h1:PdCqy9JzfWMJf1H5UJW2ip33/d4YkoKN0r67yKH1mG8=
|
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05/go.mod h1:PdCqy9JzfWMJf1H5UJW2ip33/d4YkoKN0r67yKH1mG8=
|
||||||
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a h1:SJy1Pu0eH1C29XwJucQo73FrleVK6t4kYz4NVhp34Yw=
|
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a h1:SJy1Pu0eH1C29XwJucQo73FrleVK6t4kYz4NVhp34Yw=
|
||||||
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a/go.mod h1:DFSS3NAGHthKo1gTlmEcSBiZrRJXi28rLNd/1udP1c8=
|
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a/go.mod h1:DFSS3NAGHthKo1gTlmEcSBiZrRJXi28rLNd/1udP1c8=
|
||||||
github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85 h1:zrsUcqrG2uQSPhaUPjUQwozcRdDdSxxqhNgNZ3drZFk=
|
github.com/tailscale/netlink v1.1.1-0.20240822203006-4d49adab4de7 h1:uFsXVBE9Qr4ZoF094vE6iYTLDl0qCiKzYXlL6UeWObU=
|
||||||
github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85/go.mod h1:NzVQi3Mleb+qzq8VmcWpSkcSYxXIg0DkI6XDzpVkhJ0=
|
github.com/tailscale/netlink v1.1.1-0.20240822203006-4d49adab4de7/go.mod h1:NzVQi3Mleb+qzq8VmcWpSkcSYxXIg0DkI6XDzpVkhJ0=
|
||||||
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 h1:Gz0rz40FvFVLTBk/K8UNAenb36EbDSnh+q7Z9ldcC8w=
|
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 h1:Gz0rz40FvFVLTBk/K8UNAenb36EbDSnh+q7Z9ldcC8w=
|
||||||
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4/go.mod h1:phI29ccmHQBc+wvroosENp1IF9195449VDnFDhJ4rJU=
|
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4/go.mod h1:phI29ccmHQBc+wvroosENp1IF9195449VDnFDhJ4rJU=
|
||||||
github.com/tailscale/setec v0.0.0-20240314234648-9da8e7407257 h1:6WsbDYsikRNmmbfZoRoyIEA9tfl0aspPAE0t7nBj2B4=
|
github.com/tailscale/setec v0.0.0-20240314234648-9da8e7407257 h1:6WsbDYsikRNmmbfZoRoyIEA9tfl0aspPAE0t7nBj2B4=
|
||||||
|
@ -487,10 +484,10 @@ github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 h1:t
|
||||||
github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1/go.mod h1:agQPE6y6ldqCOui2gkIh7ZMztTkIQKH049tv8siLuNQ=
|
github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1/go.mod h1:agQPE6y6ldqCOui2gkIh7ZMztTkIQKH049tv8siLuNQ=
|
||||||
github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6 h1:l10Gi6w9jxvinoiq15g8OToDdASBni4CyJOdHY1Hr8M=
|
github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6 h1:l10Gi6w9jxvinoiq15g8OToDdASBni4CyJOdHY1Hr8M=
|
||||||
github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6/go.mod h1:ZXRML051h7o4OcI0d3AaILDIad/Xw0IkXaHM17dic1Y=
|
github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6/go.mod h1:ZXRML051h7o4OcI0d3AaILDIad/Xw0IkXaHM17dic1Y=
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754 h1:iazWjqVHE6CbNam7WXRhi33Qad5o7a8LVYgVoILpZdI=
|
github.com/tailscale/wireguard-go v0.0.0-20240905161824-799c1978fafc h1:cezaQN9pvKVaw56Ma5qr/G646uKIYP0yQf+OyWN/okc=
|
||||||
github.com/tailscale/wireguard-go v0.0.0-20240429185444-03c5a0ccf754/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4=
|
github.com/tailscale/wireguard-go v0.0.0-20240905161824-799c1978fafc/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4=
|
||||||
github.com/tailscale/xnet v0.0.0-20240117122442-62b9a7c569f9 h1:81P7rjnikHKTJ75EkjppvbwUfKHDHYk6LJpO5PZy8pA=
|
github.com/tailscale/xnet v0.0.0-20240729143630-8497ac4dab2e h1:zOGKqN5D5hHhiYUp091JqK7DPCqSARyUfduhGUY8Bek=
|
||||||
github.com/tailscale/xnet v0.0.0-20240117122442-62b9a7c569f9/go.mod h1:orPd6JZXXRyuDusYilywte7k094d7dycXXU5YnWsrwg=
|
github.com/tailscale/xnet v0.0.0-20240729143630-8497ac4dab2e/go.mod h1:orPd6JZXXRyuDusYilywte7k094d7dycXXU5YnWsrwg=
|
||||||
github.com/tc-hib/winres v0.2.1 h1:YDE0FiP0VmtRaDn7+aaChp1KiF4owBiJa5l964l5ujA=
|
github.com/tc-hib/winres v0.2.1 h1:YDE0FiP0VmtRaDn7+aaChp1KiF4owBiJa5l964l5ujA=
|
||||||
github.com/tc-hib/winres v0.2.1/go.mod h1:C/JaNhH3KBvhNKVbvdlDWkbMDO9H4fKKDaN7/07SSuk=
|
github.com/tc-hib/winres v0.2.1/go.mod h1:C/JaNhH3KBvhNKVbvdlDWkbMDO9H4fKKDaN7/07SSuk=
|
||||||
github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
|
github.com/tcnksm/go-httpstat v0.2.0 h1:rP7T5e5U2HfmOBmZzGgGZjBQ5/GluWUylujl0tJ04I0=
|
||||||
|
@ -503,8 +500,6 @@ github.com/u-root/u-root v0.12.0 h1:K0AuBFriwr0w/PGS3HawiAw89e3+MU7ks80GpghAsNs=
|
||||||
github.com/u-root/u-root v0.12.0/go.mod h1:FYjTOh4IkIZHhjsd17lb8nYW6udgXdJhG1c0r6u0arI=
|
github.com/u-root/u-root v0.12.0/go.mod h1:FYjTOh4IkIZHhjsd17lb8nYW6udgXdJhG1c0r6u0arI=
|
||||||
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e h1:BA9O3BmlTmpjbvajAwzWx4Wo2TRVdpPXZEeemGQcajw=
|
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e h1:BA9O3BmlTmpjbvajAwzWx4Wo2TRVdpPXZEeemGQcajw=
|
||||||
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e/go.mod h1:eLL9Nub3yfAho7qB0MzZizFhTU2QkLeoVsWdHtDW264=
|
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e/go.mod h1:eLL9Nub3yfAho7qB0MzZizFhTU2QkLeoVsWdHtDW264=
|
||||||
github.com/vishvananda/netlink v1.2.1-beta.2 h1:Llsql0lnQEbHj0I1OuKyp8otXp0r3q0mPkuhwHfStVs=
|
|
||||||
github.com/vishvananda/netlink v1.2.1-beta.2/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho=
|
|
||||||
github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
||||||
github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
|
github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
|
||||||
github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
|
github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
|
||||||
|
@ -538,15 +533,15 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
|
||||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||||
golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
|
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
|
||||||
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
|
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM=
|
golang.org/x/exp v0.0.0-20240823005443-9b4947da3948 h1:kx6Ds3MlpiUHKj7syVnbp57++8WpuKPcR5yjLBjvLEA=
|
||||||
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
|
golang.org/x/exp v0.0.0-20240823005443-9b4947da3948/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ=
|
||||||
golang.org/x/exp/typeparams v0.0.0-20240119083558-1b970713d09a h1:8qmSSA8Gz/1kTrCe0nqR0R3Gb/NDhykzWw2q2mWZydM=
|
golang.org/x/exp/typeparams v0.0.0-20240119083558-1b970713d09a h1:8qmSSA8Gz/1kTrCe0nqR0R3Gb/NDhykzWw2q2mWZydM=
|
||||||
golang.org/x/exp/typeparams v0.0.0-20240119083558-1b970713d09a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
|
golang.org/x/exp/typeparams v0.0.0-20240119083558-1b970713d09a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
|
||||||
golang.org/x/image v0.15.0 h1:kOELfmgrmJlw4Cdb7g/QGuB3CvDrXbqEIww/pNtNBm8=
|
golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
|
||||||
golang.org/x/image v0.15.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
|
golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
|
||||||
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
|
||||||
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
|
||||||
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
|
||||||
|
@ -555,8 +550,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||||
golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
|
golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0=
|
||||||
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
@ -569,11 +564,11 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
|
||||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||||
golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
|
golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
|
||||||
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
|
golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo=
|
golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA=
|
||||||
golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
|
golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
|
||||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
|
@ -582,8 +577,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
|
||||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
|
golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
|
||||||
golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
@ -615,8 +610,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||||
golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
|
golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
|
||||||
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||||
|
@ -624,8 +619,8 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX
|
||||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||||
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||||
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
||||||
golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw=
|
golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
|
||||||
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
|
golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
|
@ -633,8 +628,8 @@ golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||||
golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
|
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
|
||||||
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
|
||||||
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
||||||
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
@ -648,8 +643,8 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY
|
||||||
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||||
golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw=
|
golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24=
|
||||||
golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
|
golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ=
|
||||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
@ -663,26 +658,24 @@ google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7
|
||||||
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
|
||||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240515191416-fc5f0ca64291 h1:4HZJ3Xv1cmrJ+0aFo304Zn79ur1HMxptAE7aCPNLSqc=
|
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc=
|
||||||
google.golang.org/genproto/googleapis/api v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:RGnPtTG7r4i8sPlNyDeikXF99hMM+hN6QMm4ooG9g2g=
|
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 h1:AgADTJarZTBqgjiUzRgfaBchgYB3/WFTC80GPwsMcRI=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ=
|
||||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0=
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
|
||||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||||
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
||||||
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
|
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
|
||||||
google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY=
|
google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c=
|
||||||
google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg=
|
google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
|
||||||
google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
|
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
|
||||||
google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
|
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
||||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||||
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
|
|
||||||
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
|
||||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
@ -692,32 +685,32 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
|
||||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gorm.io/driver/postgres v1.5.7 h1:8ptbNJTDbEmhdr62uReG5BGkdQyeasu/FZHxI0IMGnM=
|
gorm.io/driver/postgres v1.5.9 h1:DkegyItji119OlcaLjqN11kHoUgZ/j13E0jkJZgD6A8=
|
||||||
gorm.io/driver/postgres v1.5.7/go.mod h1:3e019WlBaYI5o5LIdNV+LyxCMNtLOQETBXL2h4chKpA=
|
gorm.io/driver/postgres v1.5.9/go.mod h1:DX3GReXH+3FPWGrrgffdvCk3DQ1dwDPdmbenSkweRGI=
|
||||||
gorm.io/gorm v1.25.10 h1:dQpO+33KalOA+aFYGlK+EfxcI5MbO7EP2yYygwh9h+s=
|
gorm.io/gorm v1.25.11 h1:/Wfyg1B/je1hnDx3sMkX+gAlxrlZpn6X0BXRlwXlvHg=
|
||||||
gorm.io/gorm v1.25.10/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
|
gorm.io/gorm v1.25.11/go.mod h1:xh7N7RHfYlNc5EmcI/El95gXusucDrQnHXe0+CgWcLQ=
|
||||||
gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o=
|
gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
|
||||||
gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g=
|
gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
|
||||||
gvisor.dev/gvisor v0.0.0-20240306221502-ee1e1f6070e3 h1:/8/t5pz/mgdRXhYOIeqqYhFAQLE4DDGegc0Y4ZjyFJM=
|
gvisor.dev/gvisor v0.0.0-20240722211153-64c016c92987 h1:TU8z2Lh3Bbq77w0t1eG8yRlLcNHzZu3x6mhoH2Mk0c8=
|
||||||
gvisor.dev/gvisor v0.0.0-20240306221502-ee1e1f6070e3/go.mod h1:NQHVAzMwvZ+Qe3ElSiHmq9RUm1MdNHpUZ52fiEqvn+0=
|
gvisor.dev/gvisor v0.0.0-20240722211153-64c016c92987/go.mod h1:sxc3Uvk/vHcd3tj7/DHVBoR5wvWT/MmRq2pj7HRJnwU=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.4.7 h1:9MDAWxMoSnB6QoSqiVr7P5mtkT9pOc1kSxchzPCnqJs=
|
honnef.co/go/tools v0.5.1 h1:4bH5o3b5ZULQ4UrBmP+63W9r7qIkqJClEA9ko5YKx+I=
|
||||||
honnef.co/go/tools v0.4.7/go.mod h1:+rnGS1THNh8zMwnd2oVOTL9QF6vmfyG6ZXBULae2uc0=
|
honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs=
|
||||||
howett.net/plist v1.0.0 h1:7CrbWYbPPO/PyNy38b2EB/+gYbjCe2DXBxgtOOZbSQM=
|
howett.net/plist v1.0.0 h1:7CrbWYbPPO/PyNy38b2EB/+gYbjCe2DXBxgtOOZbSQM=
|
||||||
howett.net/plist v1.0.0/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g=
|
howett.net/plist v1.0.0/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g=
|
||||||
modernc.org/cc/v4 v4.21.2 h1:dycHFB/jDc3IyacKipCNSDrjIC0Lm1hyoWOZTRR20Lk=
|
modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ=
|
||||||
modernc.org/cc/v4 v4.21.2/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
|
modernc.org/cc/v4 v4.21.4/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
|
||||||
modernc.org/ccgo/v4 v4.17.7 h1:+MG+Np7uYtsuPvtoH3KtZ1+pqNiJAOqqqVIxggE1iIo=
|
modernc.org/ccgo/v4 v4.21.0 h1:kKPI3dF7RIag8YcToh5ZwDcVMIv6VGa0ED5cvh0LMW4=
|
||||||
modernc.org/ccgo/v4 v4.17.7/go.mod h1:x87xuLLXuJv3Nn5ULTUqJn/HsTMMMiT1Eavo6rz1NiY=
|
modernc.org/ccgo/v4 v4.21.0/go.mod h1:h6kt6H/A2+ew/3MW/p6KEoQmrq/i3pr0J/SiwiaF/g0=
|
||||||
modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
|
modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
|
||||||
modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
|
modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
|
||||||
modernc.org/gc/v2 v2.4.1 h1:9cNzOqPyMJBvrUipmynX0ZohMhcxPtMccYgGOJdOiBw=
|
modernc.org/gc/v2 v2.5.0 h1:bJ9ChznK1L1mUtAQtxi0wi5AtAs5jQuw4PrPHO5pb6M=
|
||||||
modernc.org/gc/v2 v2.4.1/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
|
modernc.org/gc/v2 v2.5.0/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
|
||||||
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI=
|
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI=
|
||||||
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
|
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
|
||||||
modernc.org/libc v1.50.6 h1:72NPEFMyKP01RJrKXS2eLXv35UklKqlJZ1b9P7gSo6I=
|
modernc.org/libc v1.60.1 h1:at373l8IFRTkJIkAU85BIuUoBM4T1b51ds0E1ovPG2s=
|
||||||
modernc.org/libc v1.50.6/go.mod h1:8lr2m1THY5Z3ikGyUc3JhLEQg1oaIBz/AQixw8/eksQ=
|
modernc.org/libc v1.60.1/go.mod h1:xJuobKuNxKH3RUatS7GjR+suWj+5c2K7bi4m/S5arOY=
|
||||||
modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
|
modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
|
||||||
modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
|
modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
|
||||||
modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
|
modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
|
||||||
|
@ -726,15 +719,15 @@ modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
|
||||||
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
|
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
|
||||||
modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
|
modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
|
||||||
modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
|
modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
|
||||||
modernc.org/sqlite v1.29.9 h1:9RhNMklxJs+1596GNuAX+O/6040bvOwacTxuFcRuQow=
|
modernc.org/sqlite v1.32.0 h1:6BM4uGza7bWypsw4fdLRsLxut6bHe4c58VeqjRgST8s=
|
||||||
modernc.org/sqlite v1.29.9/go.mod h1:ItX2a1OVGgNsFh6Dv60JQvGfJfTPHPVpV6DF59akYOA=
|
modernc.org/sqlite v1.32.0/go.mod h1:UqoylwmTb9F+IqXERT8bW9zzOWN8qwAIcLdzeBZs4hA=
|
||||||
modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
|
modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
|
||||||
modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
|
modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
|
||||||
modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
|
modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
|
||||||
modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
|
modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
|
||||||
nhooyr.io/websocket v1.8.10 h1:mv4p+MnGrLDcPlBoWsvPP7XCzTYMXP9F9eIGoKbgx7Q=
|
|
||||||
nhooyr.io/websocket v1.8.10/go.mod h1:rN9OFWIUwuxg4fR5tELlYC04bXYowCP9GX47ivo2l+c=
|
|
||||||
software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k=
|
software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k=
|
||||||
software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=
|
software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=
|
||||||
tailscale.com v1.66.3 h1:jpWat+hiobTtCosSV/c8D6S/ubgROf/S59MaIBdM9pY=
|
tailscale.com v1.75.0-pre.0.20240926101731-7d1160ddaab7 h1:nfRWV6ECxwNvvXKtbqSVstjlEi1BWktzv3FuxWpyyx0=
|
||||||
tailscale.com v1.66.3/go.mod h1:99BIV4U3UPw36Sva04xK2ZsEpVRUkY9jCdEDSAhaNGM=
|
tailscale.com v1.75.0-pre.0.20240926101731-7d1160ddaab7/go.mod h1:xKxYf3B3PuezFlRaMT+VhuVu8XTFUTLy+VCzLPMJVmg=
|
||||||
|
zgo.at/zcache/v2 v2.1.0 h1:USo+ubK+R4vtjw4viGzTe/zjXyPw6R7SK/RL3epBBxs=
|
||||||
|
zgo.at/zcache/v2 v2.1.0/go.mod h1:gyCeoLVo01QjDZynjime8xUGHHMbsLiPyUTBpDGd4Gk=
|
||||||
|
|
265
hscontrol/app.go
265
hscontrol/app.go
|
@ -8,7 +8,7 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
_ "net/http/pprof" //nolint
|
_ "net/http/pprof" // nolint
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
@ -18,7 +18,6 @@ import (
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/coreos/go-oidc/v3/oidc"
|
|
||||||
"github.com/davecgh/go-spew/spew"
|
"github.com/davecgh/go-spew/spew"
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
grpcMiddleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
grpcMiddleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
||||||
|
@ -33,7 +32,6 @@ import (
|
||||||
"github.com/juanfont/headscale/hscontrol/policy"
|
"github.com/juanfont/headscale/hscontrol/policy"
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
"github.com/patrickmn/go-cache"
|
|
||||||
zerolog "github.com/philip-bui/grpc-zerolog"
|
zerolog "github.com/philip-bui/grpc-zerolog"
|
||||||
"github.com/pkg/profile"
|
"github.com/pkg/profile"
|
||||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||||
|
@ -41,7 +39,6 @@ import (
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"golang.org/x/crypto/acme"
|
"golang.org/x/crypto/acme"
|
||||||
"golang.org/x/crypto/acme/autocert"
|
"golang.org/x/crypto/acme/autocert"
|
||||||
"golang.org/x/oauth2"
|
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
"google.golang.org/grpc/codes"
|
"google.golang.org/grpc/codes"
|
||||||
|
@ -57,6 +54,7 @@ import (
|
||||||
"tailscale.com/types/dnstype"
|
"tailscale.com/types/dnstype"
|
||||||
"tailscale.com/types/key"
|
"tailscale.com/types/key"
|
||||||
"tailscale.com/util/dnsname"
|
"tailscale.com/util/dnsname"
|
||||||
|
zcache "zgo.at/zcache/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
@ -79,17 +77,13 @@ const (
|
||||||
registerCacheCleanup = time.Minute * 20
|
registerCacheCleanup = time.Minute * 20
|
||||||
)
|
)
|
||||||
|
|
||||||
// func init() {
|
|
||||||
// deadlock.Opts.DeadlockTimeout = 15 * time.Second
|
|
||||||
// deadlock.Opts.PrintAllCurrentGoroutines = true
|
|
||||||
// }
|
|
||||||
|
|
||||||
// Headscale represents the base app of the service.
|
// Headscale represents the base app of the service.
|
||||||
type Headscale struct {
|
type Headscale struct {
|
||||||
cfg *types.Config
|
cfg *types.Config
|
||||||
db *db.HSDatabase
|
db *db.HSDatabase
|
||||||
ipAlloc *db.IPAllocator
|
ipAlloc *db.IPAllocator
|
||||||
noisePrivateKey *key.MachinePrivate
|
noisePrivateKey *key.MachinePrivate
|
||||||
|
ephemeralGC *db.EphemeralGarbageCollector
|
||||||
|
|
||||||
DERPMap *tailcfg.DERPMap
|
DERPMap *tailcfg.DERPMap
|
||||||
DERPServer *derpServer.DERPServer
|
DERPServer *derpServer.DERPServer
|
||||||
|
@ -99,10 +93,9 @@ type Headscale struct {
|
||||||
mapper *mapper.Mapper
|
mapper *mapper.Mapper
|
||||||
nodeNotifier *notifier.Notifier
|
nodeNotifier *notifier.Notifier
|
||||||
|
|
||||||
oidcProvider *oidc.Provider
|
registrationCache *zcache.Cache[string, types.Node]
|
||||||
oauth2Config *oauth2.Config
|
|
||||||
|
|
||||||
registrationCache *cache.Cache
|
authProvider AuthProvider
|
||||||
|
|
||||||
pollNetMapStreamWG sync.WaitGroup
|
pollNetMapStreamWG sync.WaitGroup
|
||||||
}
|
}
|
||||||
|
@ -127,7 +120,7 @@ func NewHeadscale(cfg *types.Config) (*Headscale, error) {
|
||||||
return nil, fmt.Errorf("failed to read or create Noise protocol private key: %w", err)
|
return nil, fmt.Errorf("failed to read or create Noise protocol private key: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
registrationCache := cache.New(
|
registrationCache := zcache.New[string, types.Node](
|
||||||
registerCacheExpiration,
|
registerCacheExpiration,
|
||||||
registerCacheCleanup,
|
registerCacheCleanup,
|
||||||
)
|
)
|
||||||
|
@ -142,7 +135,9 @@ func NewHeadscale(cfg *types.Config) (*Headscale, error) {
|
||||||
|
|
||||||
app.db, err = db.NewHeadscaleDatabase(
|
app.db, err = db.NewHeadscaleDatabase(
|
||||||
cfg.Database,
|
cfg.Database,
|
||||||
cfg.BaseDomain)
|
cfg.BaseDomain,
|
||||||
|
registrationCache,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -152,16 +147,36 @@ func NewHeadscale(cfg *types.Config) (*Headscale, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
app.ephemeralGC = db.NewEphemeralGarbageCollector(func(ni types.NodeID) {
|
||||||
|
if err := app.db.DeleteEphemeralNode(ni); err != nil {
|
||||||
|
log.Err(err).Uint64("node.id", ni.Uint64()).Msgf("failed to delete ephemeral node")
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
var authProvider AuthProvider
|
||||||
|
authProvider = NewAuthProviderWeb(cfg.ServerURL)
|
||||||
if cfg.OIDC.Issuer != "" {
|
if cfg.OIDC.Issuer != "" {
|
||||||
err = app.initOIDC()
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
||||||
|
defer cancel()
|
||||||
|
oidcProvider, err := NewAuthProviderOIDC(
|
||||||
|
ctx,
|
||||||
|
cfg.ServerURL,
|
||||||
|
&cfg.OIDC,
|
||||||
|
app.db,
|
||||||
|
app.nodeNotifier,
|
||||||
|
app.ipAlloc,
|
||||||
|
)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if cfg.OIDC.OnlyStartIfOIDCIsAvailable {
|
if cfg.OIDC.OnlyStartIfOIDCIsAvailable {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else {
|
} else {
|
||||||
log.Warn().Err(err).Msg("failed to set up OIDC provider, falling back to CLI based authentication")
|
log.Warn().Err(err).Msg("failed to set up OIDC provider, falling back to CLI based authentication")
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
authProvider = oidcProvider
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
app.authProvider = authProvider
|
||||||
|
|
||||||
if app.cfg.DNSConfig != nil && app.cfg.DNSConfig.Proxied { // if MagicDNS
|
if app.cfg.DNSConfig != nil && app.cfg.DNSConfig.Proxied { // if MagicDNS
|
||||||
// TODO(kradalby): revisit why this takes a list.
|
// TODO(kradalby): revisit why this takes a list.
|
||||||
|
@ -216,47 +231,6 @@ func (h *Headscale) redirect(w http.ResponseWriter, req *http.Request) {
|
||||||
http.Redirect(w, req, target, http.StatusFound)
|
http.Redirect(w, req, target, http.StatusFound)
|
||||||
}
|
}
|
||||||
|
|
||||||
// deleteExpireEphemeralNodes deletes ephemeral node records that have not been
|
|
||||||
// seen for longer than h.cfg.EphemeralNodeInactivityTimeout.
|
|
||||||
func (h *Headscale) deleteExpireEphemeralNodes(ctx context.Context, every time.Duration) {
|
|
||||||
ticker := time.NewTicker(every)
|
|
||||||
|
|
||||||
for {
|
|
||||||
select {
|
|
||||||
case <-ctx.Done():
|
|
||||||
ticker.Stop()
|
|
||||||
return
|
|
||||||
case <-ticker.C:
|
|
||||||
var removed []types.NodeID
|
|
||||||
var changed []types.NodeID
|
|
||||||
if err := h.db.Write(func(tx *gorm.DB) error {
|
|
||||||
removed, changed = db.DeleteExpiredEphemeralNodes(tx, h.cfg.EphemeralNodeInactivityTimeout)
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}); err != nil {
|
|
||||||
log.Error().Err(err).Msg("database error while expiring ephemeral nodes")
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
if removed != nil {
|
|
||||||
ctx := types.NotifyCtx(context.Background(), "expire-ephemeral", "na")
|
|
||||||
h.nodeNotifier.NotifyAll(ctx, types.StateUpdate{
|
|
||||||
Type: types.StatePeerRemoved,
|
|
||||||
Removed: removed,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
if changed != nil {
|
|
||||||
ctx := types.NotifyCtx(context.Background(), "expire-ephemeral", "na")
|
|
||||||
h.nodeNotifier.NotifyAll(ctx, types.StateUpdate{
|
|
||||||
Type: types.StatePeerChanged,
|
|
||||||
ChangeNodes: changed,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// expireExpiredNodes expires nodes that have an explicit expiry set
|
// expireExpiredNodes expires nodes that have an explicit expiry set
|
||||||
// after that expiry time has passed.
|
// after that expiry time has passed.
|
||||||
func (h *Headscale) expireExpiredNodes(ctx context.Context, every time.Duration) {
|
func (h *Headscale) expireExpiredNodes(ctx context.Context, every time.Duration) {
|
||||||
|
@ -464,20 +438,19 @@ func (h *Headscale) createRouter(grpcMux *grpcRuntime.ServeMux) *mux.Router {
|
||||||
router := mux.NewRouter()
|
router := mux.NewRouter()
|
||||||
router.Use(prometheusMiddleware)
|
router.Use(prometheusMiddleware)
|
||||||
|
|
||||||
router.HandleFunc(ts2021UpgradePath, h.NoiseUpgradeHandler).Methods(http.MethodPost)
|
router.HandleFunc(ts2021UpgradePath, h.NoiseUpgradeHandler).Methods(http.MethodPost, http.MethodGet)
|
||||||
|
|
||||||
router.HandleFunc("/health", h.HealthHandler).Methods(http.MethodGet)
|
router.HandleFunc("/health", h.HealthHandler).Methods(http.MethodGet)
|
||||||
router.HandleFunc("/key", h.KeyHandler).Methods(http.MethodGet)
|
router.HandleFunc("/key", h.KeyHandler).Methods(http.MethodGet)
|
||||||
router.HandleFunc("/register/{mkey}", h.RegisterWebAPI).Methods(http.MethodGet)
|
router.HandleFunc("/register/{mkey}", h.authProvider.RegisterHandler).Methods(http.MethodGet)
|
||||||
|
|
||||||
router.HandleFunc("/oidc/register/{mkey}", h.RegisterOIDC).Methods(http.MethodGet)
|
if provider, ok := h.authProvider.(*AuthProviderOIDC); ok {
|
||||||
router.HandleFunc("/oidc/callback", h.OIDCCallback).Methods(http.MethodGet)
|
router.HandleFunc("/oidc/callback", provider.OIDCCallbackHandler).Methods(http.MethodGet)
|
||||||
|
}
|
||||||
router.HandleFunc("/apple", h.AppleConfigMessage).Methods(http.MethodGet)
|
router.HandleFunc("/apple", h.AppleConfigMessage).Methods(http.MethodGet)
|
||||||
router.HandleFunc("/apple/{platform}", h.ApplePlatformConfig).
|
router.HandleFunc("/apple/{platform}", h.ApplePlatformConfig).
|
||||||
Methods(http.MethodGet)
|
Methods(http.MethodGet)
|
||||||
router.HandleFunc("/windows", h.WindowsConfigMessage).Methods(http.MethodGet)
|
router.HandleFunc("/windows", h.WindowsConfigMessage).Methods(http.MethodGet)
|
||||||
router.HandleFunc("/windows/tailscale.reg", h.WindowsRegConfig).
|
|
||||||
Methods(http.MethodGet)
|
|
||||||
|
|
||||||
// TODO(kristoffer): move swagger into a package
|
// TODO(kristoffer): move swagger into a package
|
||||||
router.HandleFunc("/swagger", headscale.SwaggerUI).Methods(http.MethodGet)
|
router.HandleFunc("/swagger", headscale.SwaggerUI).Methods(http.MethodGet)
|
||||||
|
@ -516,6 +489,10 @@ func (h *Headscale) Serve() error {
|
||||||
|
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
|
if err = h.loadACLPolicy(); err != nil {
|
||||||
|
return fmt.Errorf("failed to load ACL policy: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
if dumpConfig {
|
if dumpConfig {
|
||||||
spew.Dump(h.cfg)
|
spew.Dump(h.cfg)
|
||||||
}
|
}
|
||||||
|
@ -552,9 +529,18 @@ func (h *Headscale) Serve() error {
|
||||||
return errEmptyInitialDERPMap
|
return errEmptyInitialDERPMap
|
||||||
}
|
}
|
||||||
|
|
||||||
expireEphemeralCtx, expireEphemeralCancel := context.WithCancel(context.Background())
|
// Start ephemeral node garbage collector and schedule all nodes
|
||||||
defer expireEphemeralCancel()
|
// that are already in the database and ephemeral. If they are still
|
||||||
go h.deleteExpireEphemeralNodes(expireEphemeralCtx, updateInterval)
|
// around between restarts, they will reconnect and the GC will
|
||||||
|
// be cancelled.
|
||||||
|
go h.ephemeralGC.Start()
|
||||||
|
ephmNodes, err := h.db.ListEphemeralNodes()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to list ephemeral nodes: %w", err)
|
||||||
|
}
|
||||||
|
for _, node := range ephmNodes {
|
||||||
|
h.ephemeralGC.Schedule(node.ID, h.cfg.EphemeralNodeInactivityTimeout)
|
||||||
|
}
|
||||||
|
|
||||||
expireNodeCtx, expireNodeCancel := context.WithCancel(context.Background())
|
expireNodeCtx, expireNodeCancel := context.WithCancel(context.Background())
|
||||||
defer expireNodeCancel()
|
defer expireNodeCancel()
|
||||||
|
@ -653,27 +639,9 @@ func (h *Headscale) Serve() error {
|
||||||
// https://github.com/soheilhy/cmux/issues/68
|
// https://github.com/soheilhy/cmux/issues/68
|
||||||
// https://github.com/soheilhy/cmux/issues/91
|
// https://github.com/soheilhy/cmux/issues/91
|
||||||
|
|
||||||
grpcTlsConfig := &tls.Config{
|
|
||||||
NextProtos: []string{"http/1.1"},
|
|
||||||
Certificates: make([]tls.Certificate, 1),
|
|
||||||
MinVersion: tls.VersionTLS12,
|
|
||||||
}
|
|
||||||
|
|
||||||
if h.cfg.TLS.GRPCCertPath == "" && h.cfg.TLS.GRPCKeyPath == "" {
|
|
||||||
grpcTlsConfig = tlsConfig
|
|
||||||
} else {
|
|
||||||
grpcTlsConfig.Certificates[0], err = tls.LoadX509KeyPair(h.cfg.TLS.GRPCCertPath, h.cfg.TLS.GRPCKeyPath)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
log.Error().Err(err).Msg("Failed to set up gRPC TLS configuration")
|
|
||||||
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
var grpcServer *grpc.Server
|
var grpcServer *grpc.Server
|
||||||
var grpcListener net.Listener
|
var grpcListener net.Listener
|
||||||
if grpcTlsConfig != nil || h.cfg.GRPCAllowInsecure {
|
if tlsConfig != nil || h.cfg.GRPCAllowInsecure {
|
||||||
log.Info().Msgf("Enabling remote gRPC at %s", h.cfg.GRPCAddr)
|
log.Info().Msgf("Enabling remote gRPC at %s", h.cfg.GRPCAddr)
|
||||||
|
|
||||||
grpcOptions := []grpc.ServerOption{
|
grpcOptions := []grpc.ServerOption{
|
||||||
|
@ -686,9 +654,9 @@ func (h *Headscale) Serve() error {
|
||||||
),
|
),
|
||||||
}
|
}
|
||||||
|
|
||||||
if grpcTlsConfig != nil {
|
if tlsConfig != nil {
|
||||||
grpcOptions = append(grpcOptions,
|
grpcOptions = append(grpcOptions,
|
||||||
grpc.Creds(credentials.NewTLS(grpcTlsConfig)),
|
grpc.Creds(credentials.NewTLS(tlsConfig)),
|
||||||
)
|
)
|
||||||
} else {
|
} else {
|
||||||
log.Warn().Msg("gRPC is running without security")
|
log.Warn().Msg("gRPC is running without security")
|
||||||
|
@ -723,7 +691,7 @@ func (h *Headscale) Serve() error {
|
||||||
Handler: router,
|
Handler: router,
|
||||||
ReadTimeout: types.HTTPTimeout,
|
ReadTimeout: types.HTTPTimeout,
|
||||||
|
|
||||||
// Long polling should not have any timeout, this is overriden
|
// Long polling should not have any timeout, this is overridden
|
||||||
// further down the chain
|
// further down the chain
|
||||||
WriteTimeout: types.HTTPTimeout,
|
WriteTimeout: types.HTTPTimeout,
|
||||||
}
|
}
|
||||||
|
@ -802,17 +770,12 @@ func (h *Headscale) Serve() error {
|
||||||
Msg("Received SIGHUP, reloading ACL and Config")
|
Msg("Received SIGHUP, reloading ACL and Config")
|
||||||
|
|
||||||
// TODO(kradalby): Reload config on SIGHUP
|
// TODO(kradalby): Reload config on SIGHUP
|
||||||
|
if err := h.loadACLPolicy(); err != nil {
|
||||||
|
log.Error().Err(err).Msg("failed to reload ACL policy")
|
||||||
|
}
|
||||||
|
|
||||||
if h.cfg.ACL.PolicyPath != "" {
|
if h.ACLPolicy != nil {
|
||||||
aclPath := util.AbsolutePathFromConfigPath(h.cfg.ACL.PolicyPath)
|
|
||||||
pol, err := policy.LoadACLPolicyFromPath(aclPath)
|
|
||||||
if err != nil {
|
|
||||||
log.Error().Err(err).Msg("Failed to reload ACL policy")
|
|
||||||
}
|
|
||||||
|
|
||||||
h.ACLPolicy = pol
|
|
||||||
log.Info().
|
log.Info().
|
||||||
Str("path", aclPath).
|
|
||||||
Msg("ACL policy successfully reloaded, notifying nodes of change")
|
Msg("ACL policy successfully reloaded, notifying nodes of change")
|
||||||
|
|
||||||
ctx := types.NotifyCtx(context.Background(), "acl-sighup", "na")
|
ctx := types.NotifyCtx(context.Background(), "acl-sighup", "na")
|
||||||
|
@ -820,65 +783,64 @@ func (h *Headscale) Serve() error {
|
||||||
Type: types.StateFullUpdate,
|
Type: types.StateFullUpdate,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
default:
|
default:
|
||||||
trace := log.Trace().Msgf
|
info := func(msg string) { log.Info().Msg(msg) }
|
||||||
log.Info().
|
log.Info().
|
||||||
Str("signal", sig.String()).
|
Str("signal", sig.String()).
|
||||||
Msg("Received signal to stop, shutting down gracefully")
|
Msg("Received signal to stop, shutting down gracefully")
|
||||||
|
|
||||||
expireNodeCancel()
|
expireNodeCancel()
|
||||||
expireEphemeralCancel()
|
h.ephemeralGC.Close()
|
||||||
|
|
||||||
trace("waiting for netmap stream to close")
|
|
||||||
h.pollNetMapStreamWG.Wait()
|
|
||||||
|
|
||||||
// Gracefully shut down servers
|
// Gracefully shut down servers
|
||||||
ctx, cancel := context.WithTimeout(
|
ctx, cancel := context.WithTimeout(
|
||||||
context.Background(),
|
context.Background(),
|
||||||
types.HTTPShutdownTimeout,
|
types.HTTPShutdownTimeout,
|
||||||
)
|
)
|
||||||
trace("shutting down debug http server")
|
info("shutting down debug http server")
|
||||||
if err := debugHTTPServer.Shutdown(ctx); err != nil {
|
if err := debugHTTPServer.Shutdown(ctx); err != nil {
|
||||||
log.Error().Err(err).Msg("Failed to shutdown prometheus http")
|
log.Error().Err(err).Msg("failed to shutdown prometheus http")
|
||||||
}
|
}
|
||||||
trace("shutting down main http server")
|
info("shutting down main http server")
|
||||||
if err := httpServer.Shutdown(ctx); err != nil {
|
if err := httpServer.Shutdown(ctx); err != nil {
|
||||||
log.Error().Err(err).Msg("Failed to shutdown http")
|
log.Error().Err(err).Msg("failed to shutdown http")
|
||||||
}
|
}
|
||||||
|
|
||||||
trace("shutting down grpc server (socket)")
|
info("closing node notifier")
|
||||||
|
h.nodeNotifier.Close()
|
||||||
|
|
||||||
|
info("waiting for netmap stream to close")
|
||||||
|
h.pollNetMapStreamWG.Wait()
|
||||||
|
|
||||||
|
info("shutting down grpc server (socket)")
|
||||||
grpcSocket.GracefulStop()
|
grpcSocket.GracefulStop()
|
||||||
|
|
||||||
if grpcServer != nil {
|
if grpcServer != nil {
|
||||||
trace("shutting down grpc server (external)")
|
info("shutting down grpc server (external)")
|
||||||
grpcServer.GracefulStop()
|
grpcServer.GracefulStop()
|
||||||
grpcListener.Close()
|
grpcListener.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
if tailsqlContext != nil {
|
if tailsqlContext != nil {
|
||||||
trace("shutting down tailsql")
|
info("shutting down tailsql")
|
||||||
tailsqlContext.Done()
|
tailsqlContext.Done()
|
||||||
}
|
}
|
||||||
|
|
||||||
trace("closing node notifier")
|
|
||||||
h.nodeNotifier.Close()
|
|
||||||
|
|
||||||
// Close network listeners
|
// Close network listeners
|
||||||
trace("closing network listeners")
|
info("closing network listeners")
|
||||||
debugHTTPListener.Close()
|
debugHTTPListener.Close()
|
||||||
httpListener.Close()
|
httpListener.Close()
|
||||||
grpcGatewayConn.Close()
|
grpcGatewayConn.Close()
|
||||||
|
|
||||||
// Stop listening (and unlink the socket if unix type):
|
// Stop listening (and unlink the socket if unix type):
|
||||||
trace("closing socket listener")
|
info("closing socket listener")
|
||||||
socketListener.Close()
|
socketListener.Close()
|
||||||
|
|
||||||
// Close db connections
|
// Close db connections
|
||||||
trace("closing database connection")
|
info("closing database connection")
|
||||||
err = h.db.Close()
|
err = h.db.Close()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().Err(err).Msg("Failed to close db")
|
log.Error().Err(err).Msg("failed to close db")
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Info().
|
log.Info().
|
||||||
|
@ -1030,3 +992,74 @@ func readOrCreatePrivateKey(path string) (*key.MachinePrivate, error) {
|
||||||
|
|
||||||
return &machineKey, nil
|
return &machineKey, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (h *Headscale) loadACLPolicy() error {
|
||||||
|
var (
|
||||||
|
pol *policy.ACLPolicy
|
||||||
|
err error
|
||||||
|
)
|
||||||
|
|
||||||
|
switch h.cfg.Policy.Mode {
|
||||||
|
case types.PolicyModeFile:
|
||||||
|
path := h.cfg.Policy.Path
|
||||||
|
|
||||||
|
// It is fine to start headscale without a policy file.
|
||||||
|
if len(path) == 0 {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
absPath := util.AbsolutePathFromConfigPath(path)
|
||||||
|
pol, err = policy.LoadACLPolicyFromPath(absPath)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to load ACL policy from file: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate and reject configuration that would error when applied
|
||||||
|
// when creating a map response. This requires nodes, so there is still
|
||||||
|
// a scenario where they might be allowed if the server has no nodes
|
||||||
|
// yet, but it should help for the general case and for hot reloading
|
||||||
|
// configurations.
|
||||||
|
// Note that this check is only done for file-based policies in this function
|
||||||
|
// as the database-based policies are checked in the gRPC API where it is not
|
||||||
|
// allowed to be written to the database.
|
||||||
|
nodes, err := h.db.ListNodes()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("loading nodes from database to validate policy: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = pol.CompileFilterRules(nodes)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("verifying policy rules: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(nodes) > 0 {
|
||||||
|
_, err = pol.CompileSSHPolicy(nodes[0], nodes)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("verifying SSH rules: %w", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
case types.PolicyModeDB:
|
||||||
|
p, err := h.db.GetPolicy()
|
||||||
|
if err != nil {
|
||||||
|
if errors.Is(err, types.ErrPolicyNotFound) {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return fmt.Errorf("failed to get policy from database: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
pol, err = policy.LoadACLPolicyFromBytes([]byte(p.Data))
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("failed to parse policy: %w", err)
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
log.Fatal().
|
||||||
|
Str("mode", string(h.cfg.Policy.Mode)).
|
||||||
|
Msg("Unknown ACL policy mode")
|
||||||
|
}
|
||||||
|
|
||||||
|
h.ACLPolicy = pol
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
|
@ -6,7 +6,6 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strings"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/juanfont/headscale/hscontrol/db"
|
"github.com/juanfont/headscale/hscontrol/db"
|
||||||
|
@ -16,8 +15,14 @@ import (
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
"tailscale.com/tailcfg"
|
"tailscale.com/tailcfg"
|
||||||
"tailscale.com/types/key"
|
"tailscale.com/types/key"
|
||||||
|
"tailscale.com/types/ptr"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
type AuthProvider interface {
|
||||||
|
RegisterHandler(http.ResponseWriter, *http.Request)
|
||||||
|
AuthURL(key.MachinePublic) string
|
||||||
|
}
|
||||||
|
|
||||||
func logAuthFunc(
|
func logAuthFunc(
|
||||||
registerRequest tailcfg.RegisterRequest,
|
registerRequest tailcfg.RegisterRequest,
|
||||||
machineKey key.MachinePublic,
|
machineKey key.MachinePublic,
|
||||||
|
@ -65,7 +70,7 @@ func (h *Headscale) handleRegister(
|
||||||
regReq tailcfg.RegisterRequest,
|
regReq tailcfg.RegisterRequest,
|
||||||
machineKey key.MachinePublic,
|
machineKey key.MachinePublic,
|
||||||
) {
|
) {
|
||||||
logInfo, logTrace, logErr := logAuthFunc(regReq, machineKey)
|
logInfo, logTrace, _ := logAuthFunc(regReq, machineKey)
|
||||||
now := time.Now().UTC()
|
now := time.Now().UTC()
|
||||||
logTrace("handleRegister called, looking up machine in DB")
|
logTrace("handleRegister called, looking up machine in DB")
|
||||||
node, err := h.db.GetNodeByAnyKey(machineKey, regReq.NodeKey, regReq.OldNodeKey)
|
node, err := h.db.GetNodeByAnyKey(machineKey, regReq.NodeKey, regReq.OldNodeKey)
|
||||||
|
@ -104,16 +109,6 @@ func (h *Headscale) handleRegister(
|
||||||
|
|
||||||
logInfo("Node not found in database, creating new")
|
logInfo("Node not found in database, creating new")
|
||||||
|
|
||||||
givenName, err := h.db.GenerateGivenName(
|
|
||||||
machineKey,
|
|
||||||
regReq.Hostinfo.Hostname,
|
|
||||||
)
|
|
||||||
if err != nil {
|
|
||||||
logErr(err, "Failed to generate given name for node")
|
|
||||||
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// The node did not have a key to authenticate, which means
|
// The node did not have a key to authenticate, which means
|
||||||
// that we rely on a method that calls back some how (OpenID or CLI)
|
// that we rely on a method that calls back some how (OpenID or CLI)
|
||||||
// We create the node and then keep it around until a callback
|
// We create the node and then keep it around until a callback
|
||||||
|
@ -121,7 +116,6 @@ func (h *Headscale) handleRegister(
|
||||||
newNode := types.Node{
|
newNode := types.Node{
|
||||||
MachineKey: machineKey,
|
MachineKey: machineKey,
|
||||||
Hostname: regReq.Hostinfo.Hostname,
|
Hostname: regReq.Hostinfo.Hostname,
|
||||||
GivenName: givenName,
|
|
||||||
NodeKey: regReq.NodeKey,
|
NodeKey: regReq.NodeKey,
|
||||||
LastSeen: &now,
|
LastSeen: &now,
|
||||||
Expiry: &time.Time{},
|
Expiry: &time.Time{},
|
||||||
|
@ -135,7 +129,6 @@ func (h *Headscale) handleRegister(
|
||||||
h.registrationCache.Set(
|
h.registrationCache.Set(
|
||||||
machineKey.String(),
|
machineKey.String(),
|
||||||
newNode,
|
newNode,
|
||||||
registerCacheExpiration,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
h.handleNewNode(writer, regReq, machineKey)
|
h.handleNewNode(writer, regReq, machineKey)
|
||||||
|
@ -174,7 +167,7 @@ func (h *Headscale) handleRegister(
|
||||||
// https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go#L648
|
// https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go#L648
|
||||||
if !regReq.Expiry.IsZero() &&
|
if !regReq.Expiry.IsZero() &&
|
||||||
regReq.Expiry.UTC().Before(now) {
|
regReq.Expiry.UTC().Before(now) {
|
||||||
h.handleNodeLogOut(writer, *node, machineKey)
|
h.handleNodeLogOut(writer, *node)
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -182,7 +175,7 @@ func (h *Headscale) handleRegister(
|
||||||
// If node is not expired, and it is register, we have a already accepted this node,
|
// If node is not expired, and it is register, we have a already accepted this node,
|
||||||
// let it proceed with a valid registration
|
// let it proceed with a valid registration
|
||||||
if !node.IsExpired() {
|
if !node.IsExpired() {
|
||||||
h.handleNodeWithValidRegistration(writer, *node, machineKey)
|
h.handleNodeWithValidRegistration(writer, *node)
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -195,7 +188,6 @@ func (h *Headscale) handleRegister(
|
||||||
writer,
|
writer,
|
||||||
regReq,
|
regReq,
|
||||||
*node,
|
*node,
|
||||||
machineKey,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
return
|
||||||
|
@ -208,7 +200,6 @@ func (h *Headscale) handleRegister(
|
||||||
writer,
|
writer,
|
||||||
regReq,
|
regReq,
|
||||||
*node,
|
*node,
|
||||||
machineKey,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
return
|
||||||
|
@ -236,7 +227,6 @@ func (h *Headscale) handleRegister(
|
||||||
h.registrationCache.Set(
|
h.registrationCache.Set(
|
||||||
machineKey.String(),
|
machineKey.String(),
|
||||||
*node,
|
*node,
|
||||||
registerCacheExpiration,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
return
|
return
|
||||||
|
@ -314,9 +304,8 @@ func (h *Headscale) handleAuthKey(
|
||||||
Msg("node was already registered before, refreshing with new auth key")
|
Msg("node was already registered before, refreshing with new auth key")
|
||||||
|
|
||||||
node.NodeKey = nodeKey
|
node.NodeKey = nodeKey
|
||||||
pakID := uint(pak.ID)
|
if pak.ID != 0 {
|
||||||
if pakID != 0 {
|
node.AuthKeyID = ptr.To(pak.ID)
|
||||||
node.AuthKeyID = &pakID
|
|
||||||
}
|
}
|
||||||
|
|
||||||
node.Expiry = ®isterRequest.Expiry
|
node.Expiry = ®isterRequest.Expiry
|
||||||
|
@ -337,7 +326,6 @@ func (h *Headscale) handleAuthKey(
|
||||||
if len(aclTags) > 0 {
|
if len(aclTags) > 0 {
|
||||||
// This conditional preserves the existing behaviour, although SaaS would reset the tags on auth-key login
|
// This conditional preserves the existing behaviour, although SaaS would reset the tags on auth-key login
|
||||||
err = h.db.SetTags(node.ID, aclTags)
|
err = h.db.SetTags(node.ID, aclTags)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().
|
log.Error().
|
||||||
Caller().
|
Caller().
|
||||||
|
@ -355,21 +343,8 @@ func (h *Headscale) handleAuthKey(
|
||||||
} else {
|
} else {
|
||||||
now := time.Now().UTC()
|
now := time.Now().UTC()
|
||||||
|
|
||||||
givenName, err := h.db.GenerateGivenName(machineKey, registerRequest.Hostinfo.Hostname)
|
|
||||||
if err != nil {
|
|
||||||
log.Error().
|
|
||||||
Caller().
|
|
||||||
Str("func", "RegistrationHandler").
|
|
||||||
Str("hostinfo.name", registerRequest.Hostinfo.Hostname).
|
|
||||||
Err(err).
|
|
||||||
Msg("Failed to generate given name for node")
|
|
||||||
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
nodeToRegister := types.Node{
|
nodeToRegister := types.Node{
|
||||||
Hostname: registerRequest.Hostinfo.Hostname,
|
Hostname: registerRequest.Hostinfo.Hostname,
|
||||||
GivenName: givenName,
|
|
||||||
UserID: pak.User.ID,
|
UserID: pak.User.ID,
|
||||||
User: pak.User,
|
User: pak.User,
|
||||||
MachineKey: machineKey,
|
MachineKey: machineKey,
|
||||||
|
@ -394,7 +369,7 @@ func (h *Headscale) handleAuthKey(
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
pakID := uint(pak.ID)
|
||||||
if pakID != 0 {
|
if pakID != 0 {
|
||||||
nodeToRegister.AuthKeyID = &pakID
|
nodeToRegister.AuthKeyID = ptr.To(pak.ID)
|
||||||
}
|
}
|
||||||
node, err = h.db.RegisterNode(
|
node, err = h.db.RegisterNode(
|
||||||
nodeToRegister,
|
nodeToRegister,
|
||||||
|
@ -411,7 +386,7 @@ func (h *Headscale) handleAuthKey(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
h.db.Write(func(tx *gorm.DB) error {
|
err = h.db.Write(func(tx *gorm.DB) error {
|
||||||
return db.UsePreAuthKey(tx, pak)
|
return db.UsePreAuthKey(tx, pak)
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -472,17 +447,7 @@ func (h *Headscale) handleNewNode(
|
||||||
// The node registration is new, redirect the client to the registration URL
|
// The node registration is new, redirect the client to the registration URL
|
||||||
logTrace("The node seems to be new, sending auth url")
|
logTrace("The node seems to be new, sending auth url")
|
||||||
|
|
||||||
if h.oauth2Config != nil {
|
resp.AuthURL = h.authProvider.AuthURL(machineKey)
|
||||||
resp.AuthURL = fmt.Sprintf(
|
|
||||||
"%s/oidc/register/%s",
|
|
||||||
strings.TrimSuffix(h.cfg.ServerURL, "/"),
|
|
||||||
machineKey.String(),
|
|
||||||
)
|
|
||||||
} else {
|
|
||||||
resp.AuthURL = fmt.Sprintf("%s/register/%s",
|
|
||||||
strings.TrimSuffix(h.cfg.ServerURL, "/"),
|
|
||||||
machineKey.String())
|
|
||||||
}
|
|
||||||
|
|
||||||
respBody, err := json.Marshal(resp)
|
respBody, err := json.Marshal(resp)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -505,7 +470,6 @@ func (h *Headscale) handleNewNode(
|
||||||
func (h *Headscale) handleNodeLogOut(
|
func (h *Headscale) handleNodeLogOut(
|
||||||
writer http.ResponseWriter,
|
writer http.ResponseWriter,
|
||||||
node types.Node,
|
node types.Node,
|
||||||
machineKey key.MachinePublic,
|
|
||||||
) {
|
) {
|
||||||
resp := tailcfg.RegisterResponse{}
|
resp := tailcfg.RegisterResponse{}
|
||||||
|
|
||||||
|
@ -588,7 +552,6 @@ func (h *Headscale) handleNodeLogOut(
|
||||||
func (h *Headscale) handleNodeWithValidRegistration(
|
func (h *Headscale) handleNodeWithValidRegistration(
|
||||||
writer http.ResponseWriter,
|
writer http.ResponseWriter,
|
||||||
node types.Node,
|
node types.Node,
|
||||||
machineKey key.MachinePublic,
|
|
||||||
) {
|
) {
|
||||||
resp := tailcfg.RegisterResponse{}
|
resp := tailcfg.RegisterResponse{}
|
||||||
|
|
||||||
|
@ -634,7 +597,6 @@ func (h *Headscale) handleNodeKeyRefresh(
|
||||||
writer http.ResponseWriter,
|
writer http.ResponseWriter,
|
||||||
registerRequest tailcfg.RegisterRequest,
|
registerRequest tailcfg.RegisterRequest,
|
||||||
node types.Node,
|
node types.Node,
|
||||||
machineKey key.MachinePublic,
|
|
||||||
) {
|
) {
|
||||||
resp := tailcfg.RegisterResponse{}
|
resp := tailcfg.RegisterResponse{}
|
||||||
|
|
||||||
|
@ -710,15 +672,7 @@ func (h *Headscale) handleNodeExpiredOrLoggedOut(
|
||||||
Str("node_key_old", regReq.OldNodeKey.ShortString()).
|
Str("node_key_old", regReq.OldNodeKey.ShortString()).
|
||||||
Msg("Node registration has expired or logged out. Sending a auth url to register")
|
Msg("Node registration has expired or logged out. Sending a auth url to register")
|
||||||
|
|
||||||
if h.oauth2Config != nil {
|
resp.AuthURL = h.authProvider.AuthURL(machineKey)
|
||||||
resp.AuthURL = fmt.Sprintf("%s/oidc/register/%s",
|
|
||||||
strings.TrimSuffix(h.cfg.ServerURL, "/"),
|
|
||||||
machineKey.String())
|
|
||||||
} else {
|
|
||||||
resp.AuthURL = fmt.Sprintf("%s/register/%s",
|
|
||||||
strings.TrimSuffix(h.cfg.ServerURL, "/"),
|
|
||||||
machineKey.String())
|
|
||||||
}
|
|
||||||
|
|
||||||
respBody, err := json.Marshal(resp)
|
respBody, err := json.Marshal(resp)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -3,6 +3,7 @@ package db
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"database/sql"
|
"database/sql"
|
||||||
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
|
@ -13,15 +14,21 @@ import (
|
||||||
|
|
||||||
"github.com/glebarez/sqlite"
|
"github.com/glebarez/sqlite"
|
||||||
"github.com/go-gormigrate/gormigrate/v2"
|
"github.com/go-gormigrate/gormigrate/v2"
|
||||||
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"gorm.io/driver/postgres"
|
"gorm.io/driver/postgres"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
"gorm.io/gorm/logger"
|
"gorm.io/gorm/logger"
|
||||||
|
"gorm.io/gorm/schema"
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"tailscale.com/util/set"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"zgo.at/zcache/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
schema.RegisterSerializer("text", TextSerialiser{})
|
||||||
|
}
|
||||||
|
|
||||||
var errDatabaseNotSupported = errors.New("database type not supported")
|
var errDatabaseNotSupported = errors.New("database type not supported")
|
||||||
|
|
||||||
// KV is a key-value store in a psql table. For future use...
|
// KV is a key-value store in a psql table. For future use...
|
||||||
|
@ -32,7 +39,9 @@ type KV struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type HSDatabase struct {
|
type HSDatabase struct {
|
||||||
DB *gorm.DB
|
DB *gorm.DB
|
||||||
|
cfg *types.DatabaseConfig
|
||||||
|
regCache *zcache.Cache[string, types.Node]
|
||||||
|
|
||||||
baseDomain string
|
baseDomain string
|
||||||
}
|
}
|
||||||
|
@ -42,6 +51,7 @@ type HSDatabase struct {
|
||||||
func NewHeadscaleDatabase(
|
func NewHeadscaleDatabase(
|
||||||
cfg types.DatabaseConfig,
|
cfg types.DatabaseConfig,
|
||||||
baseDomain string,
|
baseDomain string,
|
||||||
|
regCache *zcache.Cache[string, types.Node],
|
||||||
) (*HSDatabase, error) {
|
) (*HSDatabase, error) {
|
||||||
dbConn, err := openDB(cfg)
|
dbConn, err := openDB(cfg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -52,8 +62,8 @@ func NewHeadscaleDatabase(
|
||||||
dbConn,
|
dbConn,
|
||||||
gormigrate.DefaultOptions,
|
gormigrate.DefaultOptions,
|
||||||
[]*gormigrate.Migration{
|
[]*gormigrate.Migration{
|
||||||
// New migrations should be added as transactions at the end of this list.
|
// New migrations must be added as transactions at the end of this list.
|
||||||
// The initial commit here is quite messy, completely out of order and
|
// The initial migration here is quite messy, completely out of order and
|
||||||
// has no versioning and is the tech debt of not having versioned migrations
|
// has no versioning and is the tech debt of not having versioned migrations
|
||||||
// prior to this point. This first migration is all DB changes to bring a DB
|
// prior to this point. This first migration is all DB changes to bring a DB
|
||||||
// up to 0.23.0.
|
// up to 0.23.0.
|
||||||
|
@ -124,6 +134,13 @@ func NewHeadscaleDatabase(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Remove any invalid routes associated with a node that does not exist.
|
||||||
|
if tx.Migrator().HasTable(&types.Route{}) && tx.Migrator().HasTable(&types.Node{}) {
|
||||||
|
err := tx.Exec("delete from routes where node_id not in (select id from nodes)").Error
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
err = tx.AutoMigrate(&types.Route{})
|
err = tx.AutoMigrate(&types.Route{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -183,7 +200,7 @@ func NewHeadscaleDatabase(
|
||||||
|
|
||||||
type NodeAux struct {
|
type NodeAux struct {
|
||||||
ID uint64
|
ID uint64
|
||||||
EnabledRoutes types.IPPrefixes
|
EnabledRoutes []netip.Prefix `gorm:"serializer:json"`
|
||||||
}
|
}
|
||||||
|
|
||||||
nodesAux := []NodeAux{}
|
nodesAux := []NodeAux{}
|
||||||
|
@ -206,7 +223,7 @@ func NewHeadscaleDatabase(
|
||||||
}
|
}
|
||||||
|
|
||||||
err = tx.Preload("Node").
|
err = tx.Preload("Node").
|
||||||
Where("node_id = ? AND prefix = ?", node.ID, types.IPPrefix(prefix)).
|
Where("node_id = ? AND prefix = ?", node.ID, prefix).
|
||||||
First(&types.Route{}).
|
First(&types.Route{}).
|
||||||
Error
|
Error
|
||||||
if err == nil {
|
if err == nil {
|
||||||
|
@ -221,7 +238,7 @@ func NewHeadscaleDatabase(
|
||||||
NodeID: node.ID,
|
NodeID: node.ID,
|
||||||
Advertised: true,
|
Advertised: true,
|
||||||
Enabled: true,
|
Enabled: true,
|
||||||
Prefix: types.IPPrefix(prefix),
|
Prefix: prefix,
|
||||||
}
|
}
|
||||||
if err := tx.Create(&route).Error; err != nil {
|
if err := tx.Create(&route).Error; err != nil {
|
||||||
log.Error().Err(err).Msg("Error creating route")
|
log.Error().Err(err).Msg("Error creating route")
|
||||||
|
@ -250,9 +267,6 @@ func NewHeadscaleDatabase(
|
||||||
|
|
||||||
for item, node := range nodes {
|
for item, node := range nodes {
|
||||||
if node.GivenName == "" {
|
if node.GivenName == "" {
|
||||||
normalizedHostname, err := util.NormalizeToFQDNRulesConfigFromViper(
|
|
||||||
node.Hostname,
|
|
||||||
)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().
|
log.Error().
|
||||||
Caller().
|
Caller().
|
||||||
|
@ -262,7 +276,7 @@ func NewHeadscaleDatabase(
|
||||||
}
|
}
|
||||||
|
|
||||||
err = tx.Model(nodes[item]).Updates(types.Node{
|
err = tx.Model(nodes[item]).Updates(types.Node{
|
||||||
GivenName: normalizedHostname,
|
GivenName: node.Hostname,
|
||||||
}).Error
|
}).Error
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().
|
log.Error().
|
||||||
|
@ -285,7 +299,12 @@ func NewHeadscaleDatabase(
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
err = tx.AutoMigrate(&types.PreAuthKeyACLTag{})
|
type preAuthKeyACLTag struct {
|
||||||
|
ID uint64 `gorm:"primary_key"`
|
||||||
|
PreAuthKeyID uint64
|
||||||
|
Tag string
|
||||||
|
}
|
||||||
|
err = tx.AutoMigrate(&preAuthKeyACLTag{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -331,7 +350,7 @@ func NewHeadscaleDatabase(
|
||||||
// IP v4 and v6 column.
|
// IP v4 and v6 column.
|
||||||
// Note that previously, the list _could_ contain more
|
// Note that previously, the list _could_ contain more
|
||||||
// than two addresses, which should not really happen.
|
// than two addresses, which should not really happen.
|
||||||
// In that case, the first occurence of each type will
|
// In that case, the first occurrence of each type will
|
||||||
// be kept.
|
// be kept.
|
||||||
ID: "2024041121742",
|
ID: "2024041121742",
|
||||||
Migrate: func(tx *gorm.DB) error {
|
Migrate: func(tx *gorm.DB) error {
|
||||||
|
@ -395,15 +414,88 @@ func NewHeadscaleDatabase(
|
||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
ID: "202406021630",
|
||||||
|
Migrate: func(tx *gorm.DB) error {
|
||||||
|
err := tx.AutoMigrate(&types.Policy{})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
},
|
||||||
|
Rollback: func(db *gorm.DB) error { return nil },
|
||||||
|
},
|
||||||
|
// denormalise the ACL tags for preauth keys back onto
|
||||||
|
// the preauth key table. We dont normalise or reuse and
|
||||||
|
// it is just a bunch of work for extra work.
|
||||||
|
{
|
||||||
|
ID: "202409271400",
|
||||||
|
Migrate: func(tx *gorm.DB) error {
|
||||||
|
preauthkeyTags := map[uint64]set.Set[string]{}
|
||||||
|
|
||||||
|
type preAuthKeyACLTag struct {
|
||||||
|
ID uint64 `gorm:"primary_key"`
|
||||||
|
PreAuthKeyID uint64
|
||||||
|
Tag string
|
||||||
|
}
|
||||||
|
|
||||||
|
var aclTags []preAuthKeyACLTag
|
||||||
|
if err := tx.Find(&aclTags).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Store the current tags.
|
||||||
|
for _, tag := range aclTags {
|
||||||
|
if preauthkeyTags[tag.PreAuthKeyID] == nil {
|
||||||
|
preauthkeyTags[tag.PreAuthKeyID] = set.SetOf([]string{tag.Tag})
|
||||||
|
} else {
|
||||||
|
preauthkeyTags[tag.PreAuthKeyID].Add(tag.Tag)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Add tags column and restore the tags.
|
||||||
|
_ = tx.Migrator().AddColumn(&types.PreAuthKey{}, "tags")
|
||||||
|
for keyID, tags := range preauthkeyTags {
|
||||||
|
s := tags.Slice()
|
||||||
|
j, err := json.Marshal(s)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if err := tx.Model(&types.PreAuthKey{}).Where("id = ?", keyID).Update("tags", string(j)).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Drop the old table.
|
||||||
|
_ = tx.Migrator().DropTable(&preAuthKeyACLTag{})
|
||||||
|
return nil
|
||||||
|
},
|
||||||
|
Rollback: func(db *gorm.DB) error { return nil },
|
||||||
|
},
|
||||||
|
{
|
||||||
|
ID: "202407191627",
|
||||||
|
Migrate: func(tx *gorm.DB) error {
|
||||||
|
err := tx.AutoMigrate(&types.User{})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
},
|
||||||
|
Rollback: func(db *gorm.DB) error { return nil },
|
||||||
|
},
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
if err = migrations.Migrate(); err != nil {
|
if err := runMigrations(cfg, dbConn, migrations); err != nil {
|
||||||
log.Fatal().Err(err).Msgf("Migration failed: %v", err)
|
log.Fatal().Err(err).Msgf("Migration failed: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
db := HSDatabase{
|
db := HSDatabase{
|
||||||
DB: dbConn,
|
DB: dbConn,
|
||||||
|
cfg: &cfg,
|
||||||
|
regCache: regCache,
|
||||||
|
|
||||||
baseDomain: baseDomain,
|
baseDomain: baseDomain,
|
||||||
}
|
}
|
||||||
|
@ -415,7 +507,7 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) {
|
||||||
// TODO(kradalby): Integrate this with zerolog
|
// TODO(kradalby): Integrate this with zerolog
|
||||||
var dbLogger logger.Interface
|
var dbLogger logger.Interface
|
||||||
if cfg.Debug {
|
if cfg.Debug {
|
||||||
dbLogger = logger.Default
|
dbLogger = util.NewDBLogWrapper(&log.Logger, cfg.Gorm.SlowThreshold, cfg.Gorm.SkipErrRecordNotFound, cfg.Gorm.ParameterizedQueries)
|
||||||
} else {
|
} else {
|
||||||
dbLogger = logger.Default.LogMode(logger.Silent)
|
dbLogger = logger.Default.LogMode(logger.Silent)
|
||||||
}
|
}
|
||||||
|
@ -436,7 +528,8 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) {
|
||||||
db, err := gorm.Open(
|
db, err := gorm.Open(
|
||||||
sqlite.Open(cfg.Sqlite.Path),
|
sqlite.Open(cfg.Sqlite.Path),
|
||||||
&gorm.Config{
|
&gorm.Config{
|
||||||
Logger: dbLogger,
|
PrepareStmt: cfg.Gorm.PrepareStmt,
|
||||||
|
Logger: dbLogger,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -521,6 +614,70 @@ func openDB(cfg types.DatabaseConfig) (*gorm.DB, error) {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func runMigrations(cfg types.DatabaseConfig, dbConn *gorm.DB, migrations *gormigrate.Gormigrate) error {
|
||||||
|
// Turn off foreign keys for the duration of the migration if using sqllite to
|
||||||
|
// prevent data loss due to the way the GORM migrator handles certain schema
|
||||||
|
// changes.
|
||||||
|
if cfg.Type == types.DatabaseSqlite {
|
||||||
|
var fkEnabled int
|
||||||
|
if err := dbConn.Raw("PRAGMA foreign_keys").Scan(&fkEnabled).Error; err != nil {
|
||||||
|
return fmt.Errorf("checking foreign key status: %w", err)
|
||||||
|
}
|
||||||
|
if fkEnabled == 1 {
|
||||||
|
if err := dbConn.Exec("PRAGMA foreign_keys = OFF").Error; err != nil {
|
||||||
|
return fmt.Errorf("disabling foreign keys: %w", err)
|
||||||
|
}
|
||||||
|
defer dbConn.Exec("PRAGMA foreign_keys = ON")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := migrations.Migrate(); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Since we disabled foreign keys for the migration, we need to check for
|
||||||
|
// constraint violations manually at the end of the migration.
|
||||||
|
if cfg.Type == types.DatabaseSqlite {
|
||||||
|
type constraintViolation struct {
|
||||||
|
Table string
|
||||||
|
RowID int
|
||||||
|
Parent string
|
||||||
|
ConstraintIndex int
|
||||||
|
}
|
||||||
|
|
||||||
|
var violatedConstraints []constraintViolation
|
||||||
|
|
||||||
|
rows, err := dbConn.Raw("PRAGMA foreign_key_check").Rows()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
for rows.Next() {
|
||||||
|
var violation constraintViolation
|
||||||
|
if err := rows.Scan(&violation.Table, &violation.RowID, &violation.Parent, &violation.ConstraintIndex); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
violatedConstraints = append(violatedConstraints, violation)
|
||||||
|
}
|
||||||
|
_ = rows.Close()
|
||||||
|
|
||||||
|
if len(violatedConstraints) > 0 {
|
||||||
|
for _, violation := range violatedConstraints {
|
||||||
|
log.Error().
|
||||||
|
Str("table", violation.Table).
|
||||||
|
Int("row_id", violation.RowID).
|
||||||
|
Str("parent", violation.Parent).
|
||||||
|
Msg("Foreign key constraint violated")
|
||||||
|
}
|
||||||
|
|
||||||
|
return fmt.Errorf("foreign key constraints violated")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
func (hsdb *HSDatabase) PingDB(ctx context.Context) error {
|
func (hsdb *HSDatabase) PingDB(ctx context.Context) error {
|
||||||
ctx, cancel := context.WithTimeout(ctx, time.Second)
|
ctx, cancel := context.WithTimeout(ctx, time.Second)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
@ -538,6 +695,10 @@ func (hsdb *HSDatabase) Close() error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if hsdb.cfg.Type == types.DatabaseSqlite && hsdb.cfg.Sqlite.WriteAheadLog {
|
||||||
|
db.Exec("VACUUM")
|
||||||
|
}
|
||||||
|
|
||||||
return db.Close()
|
return db.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
258
hscontrol/db/db_test.go
Normal file
258
hscontrol/db/db_test.go
Normal file
|
@ -0,0 +1,258 @@
|
||||||
|
package db
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"net/netip"
|
||||||
|
"os"
|
||||||
|
"path/filepath"
|
||||||
|
"slices"
|
||||||
|
"sort"
|
||||||
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/google/go-cmp/cmp"
|
||||||
|
"github.com/google/go-cmp/cmp/cmpopts"
|
||||||
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
"gorm.io/gorm"
|
||||||
|
"zgo.at/zcache/v2"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestMigrations(t *testing.T) {
|
||||||
|
ipp := func(p string) netip.Prefix {
|
||||||
|
return netip.MustParsePrefix(p)
|
||||||
|
}
|
||||||
|
r := func(id uint64, p string, a, e, i bool) types.Route {
|
||||||
|
return types.Route{
|
||||||
|
NodeID: id,
|
||||||
|
Prefix: ipp(p),
|
||||||
|
Advertised: a,
|
||||||
|
Enabled: e,
|
||||||
|
IsPrimary: i,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
dbPath string
|
||||||
|
wantFunc func(*testing.T, *HSDatabase)
|
||||||
|
wantErr string
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
dbPath: "testdata/0-22-3-to-0-23-0-routes-are-dropped-2063.sqlite",
|
||||||
|
wantFunc: func(t *testing.T, h *HSDatabase) {
|
||||||
|
routes, err := Read(h.DB, func(rx *gorm.DB) (types.Routes, error) {
|
||||||
|
return GetRoutes(rx)
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
assert.Len(t, routes, 10)
|
||||||
|
want := types.Routes{
|
||||||
|
r(1, "0.0.0.0/0", true, true, false),
|
||||||
|
r(1, "::/0", true, true, false),
|
||||||
|
r(1, "10.9.110.0/24", true, true, true),
|
||||||
|
r(26, "172.100.100.0/24", true, true, true),
|
||||||
|
r(26, "172.100.100.0/24", true, false, false),
|
||||||
|
r(31, "0.0.0.0/0", true, true, false),
|
||||||
|
r(31, "0.0.0.0/0", true, false, false),
|
||||||
|
r(31, "::/0", true, true, false),
|
||||||
|
r(31, "::/0", true, false, false),
|
||||||
|
r(32, "192.168.0.24/32", true, true, true),
|
||||||
|
}
|
||||||
|
if diff := cmp.Diff(want, routes, cmpopts.IgnoreFields(types.Route{}, "Model", "Node"), util.PrefixComparer); diff != "" {
|
||||||
|
t.Errorf("TestMigrations() mismatch (-want +got):\n%s", diff)
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
dbPath: "testdata/0-22-3-to-0-23-0-routes-fail-foreign-key-2076.sqlite",
|
||||||
|
wantFunc: func(t *testing.T, h *HSDatabase) {
|
||||||
|
routes, err := Read(h.DB, func(rx *gorm.DB) (types.Routes, error) {
|
||||||
|
return GetRoutes(rx)
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
assert.Len(t, routes, 4)
|
||||||
|
want := types.Routes{
|
||||||
|
// These routes exists, but have no nodes associated with them
|
||||||
|
// when the migration starts.
|
||||||
|
// r(1, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(1, "::/0", true, true, false),
|
||||||
|
// r(3, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(3, "::/0", true, true, false),
|
||||||
|
// r(5, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(5, "::/0", true, true, false),
|
||||||
|
// r(6, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(6, "::/0", true, true, false),
|
||||||
|
// r(6, "10.0.0.0/8", true, false, false),
|
||||||
|
// r(7, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(7, "::/0", true, true, false),
|
||||||
|
// r(7, "10.0.0.0/8", true, false, false),
|
||||||
|
// r(9, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(9, "::/0", true, true, false),
|
||||||
|
// r(9, "10.0.0.0/8", true, true, false),
|
||||||
|
// r(11, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(11, "::/0", true, true, false),
|
||||||
|
// r(11, "10.0.0.0/8", true, true, true),
|
||||||
|
// r(12, "0.0.0.0/0", true, true, false),
|
||||||
|
// r(12, "::/0", true, true, false),
|
||||||
|
// r(12, "10.0.0.0/8", true, false, false),
|
||||||
|
//
|
||||||
|
// These nodes exists, so routes should be kept.
|
||||||
|
r(13, "10.0.0.0/8", true, false, false),
|
||||||
|
r(13, "0.0.0.0/0", true, true, false),
|
||||||
|
r(13, "::/0", true, true, false),
|
||||||
|
r(13, "10.18.80.2/32", true, true, true),
|
||||||
|
}
|
||||||
|
if diff := cmp.Diff(want, routes, cmpopts.IgnoreFields(types.Route{}, "Model", "Node"), util.PrefixComparer); diff != "" {
|
||||||
|
t.Errorf("TestMigrations() mismatch (-want +got):\n%s", diff)
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
|
// at 14:15:06 ❯ go run ./cmd/headscale preauthkeys list
|
||||||
|
// ID | Key | Reusable | Ephemeral | Used | Expiration | Created | Tags
|
||||||
|
// 1 | 09b28f.. | false | false | false | 2024-09-27 | 2024-09-27 | tag:derp
|
||||||
|
// 2 | 3112b9.. | false | false | false | 2024-09-27 | 2024-09-27 | tag:derp
|
||||||
|
// 3 | 7c23b9.. | false | false | false | 2024-09-27 | 2024-09-27 | tag:derp,tag:merp
|
||||||
|
// 4 | f20155.. | false | false | false | 2024-09-27 | 2024-09-27 | tag:test
|
||||||
|
// 5 | b212b9.. | false | false | false | 2024-09-27 | 2024-09-27 | tag:test,tag:woop,tag:dedu
|
||||||
|
{
|
||||||
|
dbPath: "testdata/0-23-0-to-0-24-0-preauthkey-tags-table.sqlite",
|
||||||
|
wantFunc: func(t *testing.T, h *HSDatabase) {
|
||||||
|
keys, err := Read(h.DB, func(rx *gorm.DB) ([]types.PreAuthKey, error) {
|
||||||
|
kratest, err := ListPreAuthKeys(rx, "kratest")
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
testkra, err := ListPreAuthKeys(rx, "testkra")
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return append(kratest, testkra...), nil
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
assert.Len(t, keys, 5)
|
||||||
|
want := []types.PreAuthKey{
|
||||||
|
{
|
||||||
|
ID: 1,
|
||||||
|
Tags: []string{"tag:derp"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
ID: 2,
|
||||||
|
Tags: []string{"tag:derp"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
ID: 3,
|
||||||
|
Tags: []string{"tag:derp", "tag:merp"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
ID: 4,
|
||||||
|
Tags: []string{"tag:test"},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
ID: 5,
|
||||||
|
Tags: []string{"tag:test", "tag:woop", "tag:dedu"},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
if diff := cmp.Diff(want, keys, cmp.Comparer(func(a, b []string) bool {
|
||||||
|
sort.Sort(sort.StringSlice(a))
|
||||||
|
sort.Sort(sort.StringSlice(b))
|
||||||
|
return slices.Equal(a, b)
|
||||||
|
}), cmpopts.IgnoreFields(types.PreAuthKey{}, "Key", "UserID", "User", "CreatedAt", "Expiration")); diff != "" {
|
||||||
|
t.Errorf("TestMigrations() mismatch (-want +got):\n%s", diff)
|
||||||
|
}
|
||||||
|
|
||||||
|
if h.DB.Migrator().HasTable("pre_auth_key_acl_tags") {
|
||||||
|
t.Errorf("TestMigrations() table pre_auth_key_acl_tags should not exist")
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
dbPath: "testdata/0-23-0-to-0-24-0-no-more-special-types.sqlite",
|
||||||
|
wantFunc: func(t *testing.T, h *HSDatabase) {
|
||||||
|
nodes, err := Read(h.DB, func(rx *gorm.DB) (types.Nodes, error) {
|
||||||
|
return ListNodes(rx)
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
for _, node := range nodes {
|
||||||
|
assert.Falsef(t, node.MachineKey.IsZero(), "expected non zero machinekey")
|
||||||
|
assert.Contains(t, node.MachineKey.String(), "mkey:")
|
||||||
|
assert.Falsef(t, node.NodeKey.IsZero(), "expected non zero nodekey")
|
||||||
|
assert.Contains(t, node.NodeKey.String(), "nodekey:")
|
||||||
|
assert.Falsef(t, node.DiscoKey.IsZero(), "expected non zero discokey")
|
||||||
|
assert.Contains(t, node.DiscoKey.String(), "discokey:")
|
||||||
|
assert.NotNil(t, node.IPv4)
|
||||||
|
assert.NotNil(t, node.IPv4)
|
||||||
|
assert.Len(t, node.Endpoints, 1)
|
||||||
|
assert.NotNil(t, node.Hostinfo)
|
||||||
|
assert.NotNil(t, node.MachineKey)
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.dbPath, func(t *testing.T) {
|
||||||
|
dbPath, err := testCopyOfDatabase(tt.dbPath)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("copying db for test: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
hsdb, err := NewHeadscaleDatabase(types.DatabaseConfig{
|
||||||
|
Type: "sqlite3",
|
||||||
|
Sqlite: types.SqliteConfig{
|
||||||
|
Path: dbPath,
|
||||||
|
},
|
||||||
|
}, "", emptyCache())
|
||||||
|
if err != nil && tt.wantErr != err.Error() {
|
||||||
|
t.Errorf("TestMigrations() unexpected error = %v, wantErr %v", err, tt.wantErr)
|
||||||
|
}
|
||||||
|
|
||||||
|
if tt.wantFunc != nil {
|
||||||
|
tt.wantFunc(t, hsdb)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func testCopyOfDatabase(src string) (string, error) {
|
||||||
|
sourceFileStat, err := os.Stat(src)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
if !sourceFileStat.Mode().IsRegular() {
|
||||||
|
return "", fmt.Errorf("%s is not a regular file", src)
|
||||||
|
}
|
||||||
|
|
||||||
|
source, err := os.Open(src)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
defer source.Close()
|
||||||
|
|
||||||
|
tmpDir, err := os.MkdirTemp("", "hsdb-test-*")
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
fn := filepath.Base(src)
|
||||||
|
dst := filepath.Join(tmpDir, fn)
|
||||||
|
|
||||||
|
destination, err := os.Create(dst)
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
defer destination.Close()
|
||||||
|
_, err = io.Copy(destination, source)
|
||||||
|
return dst, err
|
||||||
|
}
|
||||||
|
|
||||||
|
func emptyCache() *zcache.Cache[string, types.Node] {
|
||||||
|
return zcache.New[string, types.Node](time.Minute, time.Hour)
|
||||||
|
}
|
|
@ -14,6 +14,7 @@ import (
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"go4.org/netipx"
|
"go4.org/netipx"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
|
"tailscale.com/net/tsaddr"
|
||||||
)
|
)
|
||||||
|
|
||||||
// IPAllocator is a singleton responsible for allocating
|
// IPAllocator is a singleton responsible for allocating
|
||||||
|
@ -76,7 +77,6 @@ func NewIPAllocator(
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("reading IPv6 addresses from database: %w", err)
|
return nil, fmt.Errorf("reading IPv6 addresses from database: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var ips netipx.IPSetBuilder
|
var ips netipx.IPSetBuilder
|
||||||
|
@ -191,8 +191,9 @@ func (i *IPAllocator) next(prev netip.Addr, prefix *netip.Prefix) (*netip.Addr,
|
||||||
return nil, ErrCouldNotAllocateIP
|
return nil, ErrCouldNotAllocateIP
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the IP has already been allocated.
|
// Check if the IP has already been allocated
|
||||||
if set.Contains(ip) {
|
// or if it is a IP reserved by Tailscale.
|
||||||
|
if set.Contains(ip) || isTailscaleReservedIP(ip) {
|
||||||
switch i.strategy {
|
switch i.strategy {
|
||||||
case types.IPAllocationStrategySequential:
|
case types.IPAllocationStrategySequential:
|
||||||
ip = ip.Next()
|
ip = ip.Next()
|
||||||
|
@ -249,6 +250,12 @@ func randomNext(pfx netip.Prefix) (netip.Addr, error) {
|
||||||
return ip, nil
|
return ip, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func isTailscaleReservedIP(ip netip.Addr) bool {
|
||||||
|
return tsaddr.ChromeOSVMRange().Contains(ip) ||
|
||||||
|
tsaddr.TailscaleServiceIP() == ip ||
|
||||||
|
tsaddr.TailscaleServiceIPv6() == ip
|
||||||
|
}
|
||||||
|
|
||||||
// BackfillNodeIPs will take a database transaction, and
|
// BackfillNodeIPs will take a database transaction, and
|
||||||
// iterate through all of the current nodes in headscale
|
// iterate through all of the current nodes in headscale
|
||||||
// and ensure it has IP addresses according to the current
|
// and ensure it has IP addresses according to the current
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
package db
|
package db
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"database/sql"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
"strings"
|
"strings"
|
||||||
|
@ -12,15 +11,20 @@ import (
|
||||||
"github.com/google/go-cmp/cmp/cmpopts"
|
"github.com/google/go-cmp/cmp/cmpopts"
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
"tailscale.com/net/tsaddr"
|
||||||
|
"tailscale.com/types/ptr"
|
||||||
)
|
)
|
||||||
|
|
||||||
var mpp = func(pref string) *netip.Prefix {
|
var mpp = func(pref string) *netip.Prefix {
|
||||||
p := netip.MustParsePrefix(pref)
|
p := netip.MustParsePrefix(pref)
|
||||||
return &p
|
return &p
|
||||||
}
|
}
|
||||||
|
|
||||||
var na = func(pref string) netip.Addr {
|
var na = func(pref string) netip.Addr {
|
||||||
return netip.MustParseAddr(pref)
|
return netip.MustParseAddr(pref)
|
||||||
}
|
}
|
||||||
|
|
||||||
var nap = func(pref string) *netip.Addr {
|
var nap = func(pref string) *netip.Addr {
|
||||||
n := na(pref)
|
n := na(pref)
|
||||||
return &n
|
return &n
|
||||||
|
@ -289,15 +293,7 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
v4 := fmt.Sprintf("100.64.0.%d", i)
|
v4 := fmt.Sprintf("100.64.0.%d", i)
|
||||||
v6 := fmt.Sprintf("fd7a:115c:a1e0::%d", i)
|
v6 := fmt.Sprintf("fd7a:115c:a1e0::%d", i)
|
||||||
return &types.Node{
|
return &types.Node{
|
||||||
IPv4DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: v4,
|
|
||||||
},
|
|
||||||
IPv4: nap(v4),
|
IPv4: nap(v4),
|
||||||
IPv6DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: v6,
|
|
||||||
},
|
|
||||||
IPv6: nap(v6),
|
IPv6: nap(v6),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -329,15 +325,7 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
|
|
||||||
want: types.Nodes{
|
want: types.Nodes{
|
||||||
&types.Node{
|
&types.Node{
|
||||||
IPv4DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "100.64.0.1",
|
|
||||||
},
|
|
||||||
IPv4: nap("100.64.0.1"),
|
IPv4: nap("100.64.0.1"),
|
||||||
IPv6DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "fd7a:115c:a1e0::1",
|
|
||||||
},
|
|
||||||
IPv6: nap("fd7a:115c:a1e0::1"),
|
IPv6: nap("fd7a:115c:a1e0::1"),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -362,15 +350,7 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
|
|
||||||
want: types.Nodes{
|
want: types.Nodes{
|
||||||
&types.Node{
|
&types.Node{
|
||||||
IPv4DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "100.64.0.1",
|
|
||||||
},
|
|
||||||
IPv4: nap("100.64.0.1"),
|
IPv4: nap("100.64.0.1"),
|
||||||
IPv6DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "fd7a:115c:a1e0::1",
|
|
||||||
},
|
|
||||||
IPv6: nap("fd7a:115c:a1e0::1"),
|
IPv6: nap("fd7a:115c:a1e0::1"),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -395,10 +375,6 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
|
|
||||||
want: types.Nodes{
|
want: types.Nodes{
|
||||||
&types.Node{
|
&types.Node{
|
||||||
IPv4DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "100.64.0.1",
|
|
||||||
},
|
|
||||||
IPv4: nap("100.64.0.1"),
|
IPv4: nap("100.64.0.1"),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -423,10 +399,6 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
|
|
||||||
want: types.Nodes{
|
want: types.Nodes{
|
||||||
&types.Node{
|
&types.Node{
|
||||||
IPv6DatabaseField: sql.NullString{
|
|
||||||
Valid: true,
|
|
||||||
String: "fd7a:115c:a1e0::1",
|
|
||||||
},
|
|
||||||
IPv6: nap("fd7a:115c:a1e0::1"),
|
IPv6: nap("fd7a:115c:a1e0::1"),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -472,13 +444,9 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
|
|
||||||
comps := append(util.Comparers, cmpopts.IgnoreFields(types.Node{},
|
comps := append(util.Comparers, cmpopts.IgnoreFields(types.Node{},
|
||||||
"ID",
|
"ID",
|
||||||
"MachineKeyDatabaseField",
|
|
||||||
"NodeKeyDatabaseField",
|
|
||||||
"DiscoKeyDatabaseField",
|
|
||||||
"User",
|
"User",
|
||||||
"UserID",
|
"UserID",
|
||||||
"Endpoints",
|
"Endpoints",
|
||||||
"HostinfoDatabaseField",
|
|
||||||
"Hostinfo",
|
"Hostinfo",
|
||||||
"Routes",
|
"Routes",
|
||||||
"CreatedAt",
|
"CreatedAt",
|
||||||
|
@ -512,3 +480,26 @@ func TestBackfillIPAddresses(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestIPAllocatorNextNoReservedIPs(t *testing.T) {
|
||||||
|
alloc, err := NewIPAllocator(db, ptr.To(tsaddr.CGNATRange()), ptr.To(tsaddr.TailscaleULARange()), types.IPAllocationStrategySequential)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("failed to set up ip alloc: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate that we do not give out 100.100.100.100
|
||||||
|
nextQuad100, err := alloc.next(na("100.100.100.99"), ptr.To(tsaddr.CGNATRange()))
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, na("100.100.100.101"), *nextQuad100)
|
||||||
|
|
||||||
|
// Validate that we do not give out fd7a:115c:a1e0::53
|
||||||
|
nextQuad100v6, err := alloc.next(na("fd7a:115c:a1e0::52"), ptr.To(tsaddr.TailscaleULARange()))
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, na("fd7a:115c:a1e0::54"), *nextQuad100v6)
|
||||||
|
|
||||||
|
// Validate that we do not give out fd7a:115c:a1e0::53
|
||||||
|
nextChrome, err := alloc.next(na("100.115.91.255"), ptr.To(tsaddr.CGNATRange()))
|
||||||
|
t.Logf("chrome: %s", nextChrome.String())
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, na("100.115.94.0"), *nextChrome)
|
||||||
|
}
|
||||||
|
|
|
@ -1,15 +1,17 @@
|
||||||
package db
|
package db
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
|
"slices"
|
||||||
"sort"
|
"sort"
|
||||||
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
"github.com/patrickmn/go-cache"
|
|
||||||
"github.com/puzpuzpuz/xsync/v3"
|
"github.com/puzpuzpuz/xsync/v3"
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
|
@ -78,18 +80,15 @@ func ListNodes(tx *gorm.DB) (types.Nodes, error) {
|
||||||
return nodes, nil
|
return nodes, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func listNodesByGivenName(tx *gorm.DB, givenName string) (types.Nodes, error) {
|
func (hsdb *HSDatabase) ListEphemeralNodes() (types.Nodes, error) {
|
||||||
nodes := types.Nodes{}
|
return Read(hsdb.DB, func(rx *gorm.DB) (types.Nodes, error) {
|
||||||
if err := tx.
|
nodes := types.Nodes{}
|
||||||
Preload("AuthKey").
|
if err := rx.Joins("AuthKey").Where(`"AuthKey"."ephemeral" = true`).Find(&nodes).Error; err != nil {
|
||||||
Preload("AuthKey.User").
|
return nil, err
|
||||||
Preload("User").
|
}
|
||||||
Preload("Routes").
|
|
||||||
Where("given_name = ?", givenName).Find(&nodes).Error; err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
return nodes, nil
|
return nodes, nil
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hsdb *HSDatabase) getNode(user string, name string) (*types.Node, error) {
|
func (hsdb *HSDatabase) getNode(user string, name string) (*types.Node, error) {
|
||||||
|
@ -208,21 +207,26 @@ func SetTags(
|
||||||
) error {
|
) error {
|
||||||
if len(tags) == 0 {
|
if len(tags) == 0 {
|
||||||
// if no tags are provided, we remove all forced tags
|
// if no tags are provided, we remove all forced tags
|
||||||
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("forced_tags", types.StringList{}).Error; err != nil {
|
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("forced_tags", "[]").Error; err != nil {
|
||||||
return fmt.Errorf("failed to remove tags for node in the database: %w", err)
|
return fmt.Errorf("failed to remove tags for node in the database: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
var newTags types.StringList
|
var newTags []string
|
||||||
for _, tag := range tags {
|
for _, tag := range tags {
|
||||||
if !util.StringOrPrefixListContains(newTags, tag) {
|
if !slices.Contains(newTags, tag) {
|
||||||
newTags = append(newTags, tag)
|
newTags = append(newTags, tag)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("forced_tags", newTags).Error; err != nil {
|
b, err := json.Marshal(newTags)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("forced_tags", string(b)).Error; err != nil {
|
||||||
return fmt.Errorf("failed to update tags for node in the database: %w", err)
|
return fmt.Errorf("failed to update tags for node in the database: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -230,9 +234,9 @@ func SetTags(
|
||||||
}
|
}
|
||||||
|
|
||||||
// RenameNode takes a Node struct and a new GivenName for the nodes
|
// RenameNode takes a Node struct and a new GivenName for the nodes
|
||||||
// and renames it.
|
// and renames it. If the name is not unique, it will return an error.
|
||||||
func RenameNode(tx *gorm.DB,
|
func RenameNode(tx *gorm.DB,
|
||||||
nodeID uint64, newName string,
|
nodeID types.NodeID, newName string,
|
||||||
) error {
|
) error {
|
||||||
err := util.CheckForFQDNRules(
|
err := util.CheckForFQDNRules(
|
||||||
newName,
|
newName,
|
||||||
|
@ -241,6 +245,15 @@ func RenameNode(tx *gorm.DB,
|
||||||
return fmt.Errorf("renaming node: %w", err)
|
return fmt.Errorf("renaming node: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uniq, err := isUnqiueName(tx, newName)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("checking if name is unique: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if !uniq {
|
||||||
|
return fmt.Errorf("name is not unique: %s", newName)
|
||||||
|
}
|
||||||
|
|
||||||
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("given_name", newName).Error; err != nil {
|
if err := tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("given_name", newName).Error; err != nil {
|
||||||
return fmt.Errorf("failed to rename node in the database: %w", err)
|
return fmt.Errorf("failed to rename node in the database: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -286,32 +299,37 @@ func DeleteNode(tx *gorm.DB,
|
||||||
return changed, nil
|
return changed, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DeleteEphemeralNode deletes a Node from the database, note that this method
|
||||||
|
// will remove it straight, and not notify any changes or consider any routes.
|
||||||
|
// It is intended for Ephemeral nodes.
|
||||||
|
func (hsdb *HSDatabase) DeleteEphemeralNode(
|
||||||
|
nodeID types.NodeID,
|
||||||
|
) error {
|
||||||
|
return hsdb.Write(func(tx *gorm.DB) error {
|
||||||
|
if err := tx.Unscoped().Delete(&types.Node{}, nodeID).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
// SetLastSeen sets a node's last seen field indicating that we
|
// SetLastSeen sets a node's last seen field indicating that we
|
||||||
// have recently communicating with this node.
|
// have recently communicating with this node.
|
||||||
func SetLastSeen(tx *gorm.DB, nodeID types.NodeID, lastSeen time.Time) error {
|
func SetLastSeen(tx *gorm.DB, nodeID types.NodeID, lastSeen time.Time) error {
|
||||||
return tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("last_seen", lastSeen).Error
|
return tx.Model(&types.Node{}).Where("id = ?", nodeID).Update("last_seen", lastSeen).Error
|
||||||
}
|
}
|
||||||
|
|
||||||
func RegisterNodeFromAuthCallback(
|
func (hsdb *HSDatabase) RegisterNodeFromAuthCallback(
|
||||||
tx *gorm.DB,
|
|
||||||
cache *cache.Cache,
|
|
||||||
mkey key.MachinePublic,
|
mkey key.MachinePublic,
|
||||||
userName string,
|
userID types.UserID,
|
||||||
nodeExpiry *time.Time,
|
nodeExpiry *time.Time,
|
||||||
registrationMethod string,
|
registrationMethod string,
|
||||||
ipv4 *netip.Addr,
|
ipv4 *netip.Addr,
|
||||||
ipv6 *netip.Addr,
|
ipv6 *netip.Addr,
|
||||||
) (*types.Node, error) {
|
) (*types.Node, error) {
|
||||||
log.Debug().
|
return Write(hsdb.DB, func(tx *gorm.DB) (*types.Node, error) {
|
||||||
Str("machine_key", mkey.ShortString()).
|
if node, ok := hsdb.regCache.Get(mkey.String()); ok {
|
||||||
Str("userName", userName).
|
user, err := GetUserByID(tx, userID)
|
||||||
Str("registrationMethod", registrationMethod).
|
|
||||||
Str("expiresAt", fmt.Sprintf("%v", nodeExpiry)).
|
|
||||||
Msg("Registering node from API/CLI or auth callback")
|
|
||||||
|
|
||||||
if nodeInterface, ok := cache.Get(mkey.String()); ok {
|
|
||||||
if registrationNode, ok := nodeInterface.(types.Node); ok {
|
|
||||||
user, err := GetUser(tx, userName)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf(
|
return nil, fmt.Errorf(
|
||||||
"failed to find user in register node from auth callback, %w",
|
"failed to find user in register node from auth callback, %w",
|
||||||
|
@ -319,37 +337,42 @@ func RegisterNodeFromAuthCallback(
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Debug().
|
||||||
|
Str("machine_key", mkey.ShortString()).
|
||||||
|
Str("username", user.Username()).
|
||||||
|
Str("registrationMethod", registrationMethod).
|
||||||
|
Str("expiresAt", fmt.Sprintf("%v", nodeExpiry)).
|
||||||
|
Msg("Registering node from API/CLI or auth callback")
|
||||||
|
|
||||||
// Registration of expired node with different user
|
// Registration of expired node with different user
|
||||||
if registrationNode.ID != 0 &&
|
if node.ID != 0 &&
|
||||||
registrationNode.UserID != user.ID {
|
node.UserID != user.ID {
|
||||||
return nil, ErrDifferentRegisteredUser
|
return nil, ErrDifferentRegisteredUser
|
||||||
}
|
}
|
||||||
|
|
||||||
registrationNode.UserID = user.ID
|
node.UserID = user.ID
|
||||||
registrationNode.User = *user
|
node.User = *user
|
||||||
registrationNode.RegisterMethod = registrationMethod
|
node.RegisterMethod = registrationMethod
|
||||||
|
|
||||||
if nodeExpiry != nil {
|
if nodeExpiry != nil {
|
||||||
registrationNode.Expiry = nodeExpiry
|
node.Expiry = nodeExpiry
|
||||||
}
|
}
|
||||||
|
|
||||||
node, err := RegisterNode(
|
node, err := RegisterNode(
|
||||||
tx,
|
tx,
|
||||||
registrationNode,
|
node,
|
||||||
ipv4, ipv6,
|
ipv4, ipv6,
|
||||||
)
|
)
|
||||||
|
|
||||||
if err == nil {
|
if err == nil {
|
||||||
cache.Delete(mkey.String())
|
hsdb.regCache.Delete(mkey.String())
|
||||||
}
|
}
|
||||||
|
|
||||||
return node, err
|
return node, err
|
||||||
} else {
|
|
||||||
return nil, ErrCouldNotConvertNodeInterface
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
return nil, ErrNodeNotFoundRegistrationCache
|
return nil, ErrNodeNotFoundRegistrationCache
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hsdb *HSDatabase) RegisterNode(node types.Node, ipv4 *netip.Addr, ipv6 *netip.Addr) (*types.Node, error) {
|
func (hsdb *HSDatabase) RegisterNode(node types.Node, ipv4 *netip.Addr, ipv6 *netip.Addr) (*types.Node, error) {
|
||||||
|
@ -364,7 +387,7 @@ func RegisterNode(tx *gorm.DB, node types.Node, ipv4 *netip.Addr, ipv6 *netip.Ad
|
||||||
Str("node", node.Hostname).
|
Str("node", node.Hostname).
|
||||||
Str("machine_key", node.MachineKey.ShortString()).
|
Str("machine_key", node.MachineKey.ShortString()).
|
||||||
Str("node_key", node.NodeKey.ShortString()).
|
Str("node_key", node.NodeKey.ShortString()).
|
||||||
Str("user", node.User.Name).
|
Str("user", node.User.Username()).
|
||||||
Msg("Registering node")
|
Msg("Registering node")
|
||||||
|
|
||||||
// If the node exists and it already has IP(s), we just save it
|
// If the node exists and it already has IP(s), we just save it
|
||||||
|
@ -380,7 +403,7 @@ func RegisterNode(tx *gorm.DB, node types.Node, ipv4 *netip.Addr, ipv6 *netip.Ad
|
||||||
Str("node", node.Hostname).
|
Str("node", node.Hostname).
|
||||||
Str("machine_key", node.MachineKey.ShortString()).
|
Str("machine_key", node.MachineKey.ShortString()).
|
||||||
Str("node_key", node.NodeKey.ShortString()).
|
Str("node_key", node.NodeKey.ShortString()).
|
||||||
Str("user", node.User.Name).
|
Str("user", node.User.Username()).
|
||||||
Msg("Node authorized again")
|
Msg("Node authorized again")
|
||||||
|
|
||||||
return &node, nil
|
return &node, nil
|
||||||
|
@ -389,6 +412,15 @@ func RegisterNode(tx *gorm.DB, node types.Node, ipv4 *netip.Addr, ipv6 *netip.Ad
|
||||||
node.IPv4 = ipv4
|
node.IPv4 = ipv4
|
||||||
node.IPv6 = ipv6
|
node.IPv6 = ipv6
|
||||||
|
|
||||||
|
if node.GivenName == "" {
|
||||||
|
givenName, err := ensureUniqueGivenName(tx, node.Hostname)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("failed to ensure unique given name: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
node.GivenName = givenName
|
||||||
|
}
|
||||||
|
|
||||||
if err := tx.Save(&node).Error; err != nil {
|
if err := tx.Save(&node).Error; err != nil {
|
||||||
return nil, fmt.Errorf("failed register(save) node in the database: %w", err)
|
return nil, fmt.Errorf("failed register(save) node in the database: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -508,34 +540,24 @@ func IsRoutesEnabled(tx *gorm.DB, node *types.Node, routeStr string) bool {
|
||||||
|
|
||||||
func (hsdb *HSDatabase) enableRoutes(
|
func (hsdb *HSDatabase) enableRoutes(
|
||||||
node *types.Node,
|
node *types.Node,
|
||||||
routeStrs ...string,
|
newRoutes ...netip.Prefix,
|
||||||
) (*types.StateUpdate, error) {
|
) (*types.StateUpdate, error) {
|
||||||
return Write(hsdb.DB, func(tx *gorm.DB) (*types.StateUpdate, error) {
|
return Write(hsdb.DB, func(tx *gorm.DB) (*types.StateUpdate, error) {
|
||||||
return enableRoutes(tx, node, routeStrs...)
|
return enableRoutes(tx, node, newRoutes...)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// enableRoutes enables new routes based on a list of new routes.
|
// enableRoutes enables new routes based on a list of new routes.
|
||||||
func enableRoutes(tx *gorm.DB,
|
func enableRoutes(tx *gorm.DB,
|
||||||
node *types.Node, routeStrs ...string,
|
node *types.Node, newRoutes ...netip.Prefix,
|
||||||
) (*types.StateUpdate, error) {
|
) (*types.StateUpdate, error) {
|
||||||
newRoutes := make([]netip.Prefix, len(routeStrs))
|
|
||||||
for index, routeStr := range routeStrs {
|
|
||||||
route, err := netip.ParsePrefix(routeStr)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
newRoutes[index] = route
|
|
||||||
}
|
|
||||||
|
|
||||||
advertisedRoutes, err := GetAdvertisedRoutes(tx, node)
|
advertisedRoutes, err := GetAdvertisedRoutes(tx, node)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, newRoute := range newRoutes {
|
for _, newRoute := range newRoutes {
|
||||||
if !util.StringOrPrefixListContains(advertisedRoutes, newRoute) {
|
if !slices.Contains(advertisedRoutes, newRoute) {
|
||||||
return nil, fmt.Errorf(
|
return nil, fmt.Errorf(
|
||||||
"route (%s) is not available on node %s: %w",
|
"route (%s) is not available on node %s: %w",
|
||||||
node.Hostname,
|
node.Hostname,
|
||||||
|
@ -548,7 +570,7 @@ func enableRoutes(tx *gorm.DB,
|
||||||
for _, prefix := range newRoutes {
|
for _, prefix := range newRoutes {
|
||||||
route := types.Route{}
|
route := types.Route{}
|
||||||
err := tx.Preload("Node").
|
err := tx.Preload("Node").
|
||||||
Where("node_id = ? AND prefix = ?", node.ID, types.IPPrefix(prefix)).
|
Where("node_id = ? AND prefix = ?", node.ID, prefix.String()).
|
||||||
First(&route).Error
|
First(&route).Error
|
||||||
if err == nil {
|
if err == nil {
|
||||||
route.Enabled = true
|
route.Enabled = true
|
||||||
|
@ -577,12 +599,6 @@ func enableRoutes(tx *gorm.DB,
|
||||||
|
|
||||||
node.Routes = nRoutes
|
node.Routes = nRoutes
|
||||||
|
|
||||||
log.Trace().
|
|
||||||
Caller().
|
|
||||||
Str("node", node.Hostname).
|
|
||||||
Strs("routes", routeStrs).
|
|
||||||
Msg("enabling routes")
|
|
||||||
|
|
||||||
return &types.StateUpdate{
|
return &types.StateUpdate{
|
||||||
Type: types.StatePeerChanged,
|
Type: types.StatePeerChanged,
|
||||||
ChangeNodes: []types.NodeID{node.ID},
|
ChangeNodes: []types.NodeID{node.ID},
|
||||||
|
@ -591,18 +607,16 @@ func enableRoutes(tx *gorm.DB,
|
||||||
}
|
}
|
||||||
|
|
||||||
func generateGivenName(suppliedName string, randomSuffix bool) (string, error) {
|
func generateGivenName(suppliedName string, randomSuffix bool) (string, error) {
|
||||||
normalizedHostname, err := util.NormalizeToFQDNRulesConfigFromViper(
|
suppliedName = util.ConvertWithFQDNRules(suppliedName)
|
||||||
suppliedName,
|
if len(suppliedName) > util.LabelHostnameLength {
|
||||||
)
|
return "", types.ErrHostnameTooLong
|
||||||
if err != nil {
|
|
||||||
return "", err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if randomSuffix {
|
if randomSuffix {
|
||||||
// Trim if a hostname will be longer than 63 chars after adding the hash.
|
// Trim if a hostname will be longer than 63 chars after adding the hash.
|
||||||
trimmedHostnameLength := util.LabelHostnameLength - NodeGivenNameHashLength - NodeGivenNameTrimSize
|
trimmedHostnameLength := util.LabelHostnameLength - NodeGivenNameHashLength - NodeGivenNameTrimSize
|
||||||
if len(normalizedHostname) > trimmedHostnameLength {
|
if len(suppliedName) > trimmedHostnameLength {
|
||||||
normalizedHostname = normalizedHostname[:trimmedHostnameLength]
|
suppliedName = suppliedName[:trimmedHostnameLength]
|
||||||
}
|
}
|
||||||
|
|
||||||
suffix, err := util.GenerateRandomStringDNSSafe(NodeGivenNameHashLength)
|
suffix, err := util.GenerateRandomStringDNSSafe(NodeGivenNameHashLength)
|
||||||
|
@ -610,46 +624,38 @@ func generateGivenName(suppliedName string, randomSuffix bool) (string, error) {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
normalizedHostname += "-" + suffix
|
suppliedName += "-" + suffix
|
||||||
}
|
}
|
||||||
|
|
||||||
return normalizedHostname, nil
|
return suppliedName, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (hsdb *HSDatabase) GenerateGivenName(
|
func isUnqiueName(tx *gorm.DB, name string) (bool, error) {
|
||||||
mkey key.MachinePublic,
|
nodes := types.Nodes{}
|
||||||
suppliedName string,
|
if err := tx.
|
||||||
) (string, error) {
|
Where("given_name = ?", name).Find(&nodes).Error; err != nil {
|
||||||
return Read(hsdb.DB, func(rx *gorm.DB) (string, error) {
|
return false, err
|
||||||
return GenerateGivenName(rx, mkey, suppliedName)
|
}
|
||||||
})
|
|
||||||
|
return len(nodes) == 0, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenerateGivenName(
|
func ensureUniqueGivenName(
|
||||||
tx *gorm.DB,
|
tx *gorm.DB,
|
||||||
mkey key.MachinePublic,
|
name string,
|
||||||
suppliedName string,
|
|
||||||
) (string, error) {
|
) (string, error) {
|
||||||
givenName, err := generateGivenName(suppliedName, false)
|
givenName, err := generateGivenName(name, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Tailscale rules (may differ) https://tailscale.com/kb/1098/machine-names/
|
unique, err := isUnqiueName(tx, givenName)
|
||||||
nodes, err := listNodesByGivenName(tx, givenName)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
var nodeFound *types.Node
|
if !unique {
|
||||||
for idx, node := range nodes {
|
postfixedName, err := generateGivenName(name, true)
|
||||||
if node.GivenName == givenName {
|
|
||||||
nodeFound = nodes[idx]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if nodeFound != nil && nodeFound.MachineKey.String() != mkey.String() {
|
|
||||||
postfixedName, err := generateGivenName(suppliedName, true)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
@ -660,51 +666,6 @@ func GenerateGivenName(
|
||||||
return givenName, nil
|
return givenName, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func DeleteExpiredEphemeralNodes(tx *gorm.DB,
|
|
||||||
inactivityThreshold time.Duration,
|
|
||||||
) ([]types.NodeID, []types.NodeID) {
|
|
||||||
users, err := ListUsers(tx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
var expired []types.NodeID
|
|
||||||
var changedNodes []types.NodeID
|
|
||||||
for _, user := range users {
|
|
||||||
nodes, err := ListNodesByUser(tx, user.Name)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
for idx, node := range nodes {
|
|
||||||
if node.IsEphemeral() && node.LastSeen != nil &&
|
|
||||||
time.Now().
|
|
||||||
After(node.LastSeen.Add(inactivityThreshold)) {
|
|
||||||
expired = append(expired, node.ID)
|
|
||||||
|
|
||||||
log.Info().
|
|
||||||
Str("node", node.Hostname).
|
|
||||||
Msg("Ephemeral client removed from database")
|
|
||||||
|
|
||||||
// empty isConnected map as ephemeral nodes are not routes
|
|
||||||
changed, err := DeleteNode(tx, nodes[idx], nil)
|
|
||||||
if err != nil {
|
|
||||||
log.Error().
|
|
||||||
Err(err).
|
|
||||||
Str("node", node.Hostname).
|
|
||||||
Msg("🤮 Cannot delete ephemeral node from the database")
|
|
||||||
}
|
|
||||||
|
|
||||||
changedNodes = append(changedNodes, changed...)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO(kradalby): needs to be moved out of transaction
|
|
||||||
}
|
|
||||||
|
|
||||||
return expired, changedNodes
|
|
||||||
}
|
|
||||||
|
|
||||||
func ExpireExpiredNodes(tx *gorm.DB,
|
func ExpireExpiredNodes(tx *gorm.DB,
|
||||||
lastCheck time.Time,
|
lastCheck time.Time,
|
||||||
) (time.Time, types.StateUpdate, bool) {
|
) (time.Time, types.StateUpdate, bool) {
|
||||||
|
@ -737,3 +698,77 @@ func ExpireExpiredNodes(tx *gorm.DB,
|
||||||
|
|
||||||
return started, types.StateUpdate{}, false
|
return started, types.StateUpdate{}, false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// EphemeralGarbageCollector is a garbage collector that will delete nodes after
|
||||||
|
// a certain amount of time.
|
||||||
|
// It is used to delete ephemeral nodes that have disconnected and should be
|
||||||
|
// cleaned up.
|
||||||
|
type EphemeralGarbageCollector struct {
|
||||||
|
mu sync.Mutex
|
||||||
|
|
||||||
|
deleteFunc func(types.NodeID)
|
||||||
|
toBeDeleted map[types.NodeID]*time.Timer
|
||||||
|
|
||||||
|
deleteCh chan types.NodeID
|
||||||
|
cancelCh chan struct{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewEphemeralGarbageCollector creates a new EphemeralGarbageCollector, it takes
|
||||||
|
// a deleteFunc that will be called when a node is scheduled for deletion.
|
||||||
|
func NewEphemeralGarbageCollector(deleteFunc func(types.NodeID)) *EphemeralGarbageCollector {
|
||||||
|
return &EphemeralGarbageCollector{
|
||||||
|
toBeDeleted: make(map[types.NodeID]*time.Timer),
|
||||||
|
deleteCh: make(chan types.NodeID, 10),
|
||||||
|
cancelCh: make(chan struct{}),
|
||||||
|
deleteFunc: deleteFunc,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Close stops the garbage collector.
|
||||||
|
func (e *EphemeralGarbageCollector) Close() {
|
||||||
|
e.cancelCh <- struct{}{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Schedule schedules a node for deletion after the expiry duration.
|
||||||
|
func (e *EphemeralGarbageCollector) Schedule(nodeID types.NodeID, expiry time.Duration) {
|
||||||
|
e.mu.Lock()
|
||||||
|
timer := time.NewTimer(expiry)
|
||||||
|
e.toBeDeleted[nodeID] = timer
|
||||||
|
e.mu.Unlock()
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
select {
|
||||||
|
case _, ok := <-timer.C:
|
||||||
|
if ok {
|
||||||
|
e.deleteCh <- nodeID
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
}
|
||||||
|
|
||||||
|
// Cancel cancels the deletion of a node.
|
||||||
|
func (e *EphemeralGarbageCollector) Cancel(nodeID types.NodeID) {
|
||||||
|
e.mu.Lock()
|
||||||
|
defer e.mu.Unlock()
|
||||||
|
|
||||||
|
if timer, ok := e.toBeDeleted[nodeID]; ok {
|
||||||
|
timer.Stop()
|
||||||
|
delete(e.toBeDeleted, nodeID)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Start starts the garbage collector.
|
||||||
|
func (e *EphemeralGarbageCollector) Start() {
|
||||||
|
for {
|
||||||
|
select {
|
||||||
|
case <-e.cancelCh:
|
||||||
|
return
|
||||||
|
case nodeID := <-e.deleteCh:
|
||||||
|
e.mu.Lock()
|
||||||
|
delete(e.toBeDeleted, nodeID)
|
||||||
|
e.mu.Unlock()
|
||||||
|
|
||||||
|
go e.deleteFunc(nodeID)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -1,20 +1,28 @@
|
||||||
package db
|
package db
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/rand"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"math/big"
|
||||||
"net/netip"
|
"net/netip"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strconv"
|
"strconv"
|
||||||
|
"sync"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/google/go-cmp/cmp"
|
||||||
"github.com/juanfont/headscale/hscontrol/policy"
|
"github.com/juanfont/headscale/hscontrol/policy"
|
||||||
"github.com/juanfont/headscale/hscontrol/types"
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
"github.com/juanfont/headscale/hscontrol/util"
|
"github.com/juanfont/headscale/hscontrol/util"
|
||||||
"github.com/puzpuzpuz/xsync/v3"
|
"github.com/puzpuzpuz/xsync/v3"
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
"gopkg.in/check.v1"
|
"gopkg.in/check.v1"
|
||||||
|
"gorm.io/gorm"
|
||||||
|
"tailscale.com/net/tsaddr"
|
||||||
"tailscale.com/tailcfg"
|
"tailscale.com/tailcfg"
|
||||||
"tailscale.com/types/key"
|
"tailscale.com/types/key"
|
||||||
|
"tailscale.com/types/ptr"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (s *Suite) TestGetNode(c *check.C) {
|
func (s *Suite) TestGetNode(c *check.C) {
|
||||||
|
@ -29,7 +37,6 @@ func (s *Suite) TestGetNode(c *check.C) {
|
||||||
|
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
pakID := uint(pak.ID)
|
|
||||||
|
|
||||||
node := &types.Node{
|
node := &types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
|
@ -38,7 +45,7 @@ func (s *Suite) TestGetNode(c *check.C) {
|
||||||
Hostname: "testnode",
|
Hostname: "testnode",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
}
|
}
|
||||||
trx := db.DB.Save(node)
|
trx := db.DB.Save(node)
|
||||||
c.Assert(trx.Error, check.IsNil)
|
c.Assert(trx.Error, check.IsNil)
|
||||||
|
@ -60,7 +67,6 @@ func (s *Suite) TestGetNodeByID(c *check.C) {
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
node := types.Node{
|
node := types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
MachineKey: machineKey.Public(),
|
MachineKey: machineKey.Public(),
|
||||||
|
@ -68,7 +74,7 @@ func (s *Suite) TestGetNodeByID(c *check.C) {
|
||||||
Hostname: "testnode",
|
Hostname: "testnode",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
}
|
}
|
||||||
trx := db.DB.Save(&node)
|
trx := db.DB.Save(&node)
|
||||||
c.Assert(trx.Error, check.IsNil)
|
c.Assert(trx.Error, check.IsNil)
|
||||||
|
@ -92,7 +98,6 @@ func (s *Suite) TestGetNodeByAnyNodeKey(c *check.C) {
|
||||||
|
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
node := types.Node{
|
node := types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
MachineKey: machineKey.Public(),
|
MachineKey: machineKey.Public(),
|
||||||
|
@ -100,7 +105,7 @@ func (s *Suite) TestGetNodeByAnyNodeKey(c *check.C) {
|
||||||
Hostname: "testnode",
|
Hostname: "testnode",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
}
|
}
|
||||||
trx := db.DB.Save(&node)
|
trx := db.DB.Save(&node)
|
||||||
c.Assert(trx.Error, check.IsNil)
|
c.Assert(trx.Error, check.IsNil)
|
||||||
|
@ -144,7 +149,6 @@ func (s *Suite) TestListPeers(c *check.C) {
|
||||||
_, err = db.GetNodeByID(0)
|
_, err = db.GetNodeByID(0)
|
||||||
c.Assert(err, check.NotNil)
|
c.Assert(err, check.NotNil)
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
for index := 0; index <= 10; index++ {
|
for index := 0; index <= 10; index++ {
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
|
@ -156,7 +160,7 @@ func (s *Suite) TestListPeers(c *check.C) {
|
||||||
Hostname: "testnode" + strconv.Itoa(index),
|
Hostname: "testnode" + strconv.Itoa(index),
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
}
|
}
|
||||||
trx := db.DB.Save(&node)
|
trx := db.DB.Save(&node)
|
||||||
c.Assert(trx.Error, check.IsNil)
|
c.Assert(trx.Error, check.IsNil)
|
||||||
|
@ -196,9 +200,8 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
for index := 0; index <= 10; index++ {
|
for index := 0; index <= 10; index++ {
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
pakID := uint(stor[index%2].key.ID)
|
|
||||||
|
|
||||||
v4 := netip.MustParseAddr(fmt.Sprintf("100.64.0.%v", strconv.Itoa(index+1)))
|
v4 := netip.MustParseAddr(fmt.Sprintf("100.64.0.%d", index+1))
|
||||||
node := types.Node{
|
node := types.Node{
|
||||||
ID: types.NodeID(index),
|
ID: types.NodeID(index),
|
||||||
MachineKey: machineKey.Public(),
|
MachineKey: machineKey.Public(),
|
||||||
|
@ -207,7 +210,7 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
Hostname: "testnode" + strconv.Itoa(index),
|
Hostname: "testnode" + strconv.Itoa(index),
|
||||||
UserID: stor[index%2].user.ID,
|
UserID: stor[index%2].user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(stor[index%2].key.ID),
|
||||||
}
|
}
|
||||||
trx := db.DB.Save(&node)
|
trx := db.DB.Save(&node)
|
||||||
c.Assert(trx.Error, check.IsNil)
|
c.Assert(trx.Error, check.IsNil)
|
||||||
|
@ -236,6 +239,8 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
|
|
||||||
adminNode, err := db.GetNodeByID(1)
|
adminNode, err := db.GetNodeByID(1)
|
||||||
c.Logf("Node(%v), user: %v", adminNode.Hostname, adminNode.User)
|
c.Logf("Node(%v), user: %v", adminNode.Hostname, adminNode.User)
|
||||||
|
c.Assert(adminNode.IPv4, check.NotNil)
|
||||||
|
c.Assert(adminNode.IPv6, check.IsNil)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
|
||||||
testNode, err := db.GetNodeByID(2)
|
testNode, err := db.GetNodeByID(2)
|
||||||
|
@ -244,9 +249,11 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
|
|
||||||
adminPeers, err := db.ListPeers(adminNode.ID)
|
adminPeers, err := db.ListPeers(adminNode.ID)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
c.Assert(len(adminPeers), check.Equals, 9)
|
||||||
|
|
||||||
testPeers, err := db.ListPeers(testNode.ID)
|
testPeers, err := db.ListPeers(testNode.ID)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
c.Assert(len(testPeers), check.Equals, 9)
|
||||||
|
|
||||||
adminRules, _, err := policy.GenerateFilterAndSSHRulesForTests(aclPolicy, adminNode, adminPeers)
|
adminRules, _, err := policy.GenerateFilterAndSSHRulesForTests(aclPolicy, adminNode, adminPeers)
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
@ -256,14 +263,14 @@ func (s *Suite) TestGetACLFilteredPeers(c *check.C) {
|
||||||
|
|
||||||
peersOfAdminNode := policy.FilterNodesByACL(adminNode, adminPeers, adminRules)
|
peersOfAdminNode := policy.FilterNodesByACL(adminNode, adminPeers, adminRules)
|
||||||
peersOfTestNode := policy.FilterNodesByACL(testNode, testPeers, testRules)
|
peersOfTestNode := policy.FilterNodesByACL(testNode, testPeers, testRules)
|
||||||
|
c.Log(peersOfAdminNode)
|
||||||
c.Log(peersOfTestNode)
|
c.Log(peersOfTestNode)
|
||||||
|
|
||||||
c.Assert(len(peersOfTestNode), check.Equals, 9)
|
c.Assert(len(peersOfTestNode), check.Equals, 9)
|
||||||
c.Assert(peersOfTestNode[0].Hostname, check.Equals, "testnode1")
|
c.Assert(peersOfTestNode[0].Hostname, check.Equals, "testnode1")
|
||||||
c.Assert(peersOfTestNode[1].Hostname, check.Equals, "testnode3")
|
c.Assert(peersOfTestNode[1].Hostname, check.Equals, "testnode3")
|
||||||
c.Assert(peersOfTestNode[3].Hostname, check.Equals, "testnode5")
|
c.Assert(peersOfTestNode[3].Hostname, check.Equals, "testnode5")
|
||||||
|
|
||||||
c.Log(peersOfAdminNode)
|
|
||||||
c.Assert(len(peersOfAdminNode), check.Equals, 9)
|
c.Assert(len(peersOfAdminNode), check.Equals, 9)
|
||||||
c.Assert(peersOfAdminNode[0].Hostname, check.Equals, "testnode2")
|
c.Assert(peersOfAdminNode[0].Hostname, check.Equals, "testnode2")
|
||||||
c.Assert(peersOfAdminNode[2].Hostname, check.Equals, "testnode4")
|
c.Assert(peersOfAdminNode[2].Hostname, check.Equals, "testnode4")
|
||||||
|
@ -282,7 +289,6 @@ func (s *Suite) TestExpireNode(c *check.C) {
|
||||||
|
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
pakID := uint(pak.ID)
|
|
||||||
|
|
||||||
node := &types.Node{
|
node := &types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
|
@ -291,7 +297,7 @@ func (s *Suite) TestExpireNode(c *check.C) {
|
||||||
Hostname: "testnode",
|
Hostname: "testnode",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
Expiry: &time.Time{},
|
Expiry: &time.Time{},
|
||||||
}
|
}
|
||||||
db.DB.Save(node)
|
db.DB.Save(node)
|
||||||
|
@ -312,52 +318,6 @@ func (s *Suite) TestExpireNode(c *check.C) {
|
||||||
c.Assert(nodeFromDB.IsExpired(), check.Equals, true)
|
c.Assert(nodeFromDB.IsExpired(), check.Equals, true)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Suite) TestGenerateGivenName(c *check.C) {
|
|
||||||
user1, err := db.CreateUser("user-1")
|
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
|
|
||||||
pak, err := db.CreatePreAuthKey(user1.Name, false, false, nil, nil)
|
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
|
|
||||||
_, err = db.getNode("user-1", "testnode")
|
|
||||||
c.Assert(err, check.NotNil)
|
|
||||||
|
|
||||||
nodeKey := key.NewNode()
|
|
||||||
machineKey := key.NewMachine()
|
|
||||||
|
|
||||||
machineKey2 := key.NewMachine()
|
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
node := &types.Node{
|
|
||||||
ID: 0,
|
|
||||||
MachineKey: machineKey.Public(),
|
|
||||||
NodeKey: nodeKey.Public(),
|
|
||||||
Hostname: "hostname-1",
|
|
||||||
GivenName: "hostname-1",
|
|
||||||
UserID: user1.ID,
|
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
|
||||||
AuthKeyID: &pakID,
|
|
||||||
}
|
|
||||||
|
|
||||||
trx := db.DB.Save(node)
|
|
||||||
c.Assert(trx.Error, check.IsNil)
|
|
||||||
|
|
||||||
givenName, err := db.GenerateGivenName(machineKey2.Public(), "hostname-2")
|
|
||||||
comment := check.Commentf("Same user, unique nodes, unique hostnames, no conflict")
|
|
||||||
c.Assert(err, check.IsNil, comment)
|
|
||||||
c.Assert(givenName, check.Equals, "hostname-2", comment)
|
|
||||||
|
|
||||||
givenName, err = db.GenerateGivenName(machineKey.Public(), "hostname-1")
|
|
||||||
comment = check.Commentf("Same user, same node, same hostname, no conflict")
|
|
||||||
c.Assert(err, check.IsNil, comment)
|
|
||||||
c.Assert(givenName, check.Equals, "hostname-1", comment)
|
|
||||||
|
|
||||||
givenName, err = db.GenerateGivenName(machineKey2.Public(), "hostname-1")
|
|
||||||
comment = check.Commentf("Same user, unique nodes, same hostname, conflict")
|
|
||||||
c.Assert(err, check.IsNil, comment)
|
|
||||||
c.Assert(givenName, check.Matches, fmt.Sprintf("^hostname-1-[a-z0-9]{%d}$", NodeGivenNameHashLength), comment)
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *Suite) TestSetTags(c *check.C) {
|
func (s *Suite) TestSetTags(c *check.C) {
|
||||||
user, err := db.CreateUser("test")
|
user, err := db.CreateUser("test")
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
|
@ -371,7 +331,6 @@ func (s *Suite) TestSetTags(c *check.C) {
|
||||||
nodeKey := key.NewNode()
|
nodeKey := key.NewNode()
|
||||||
machineKey := key.NewMachine()
|
machineKey := key.NewMachine()
|
||||||
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
node := &types.Node{
|
node := &types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
MachineKey: machineKey.Public(),
|
MachineKey: machineKey.Public(),
|
||||||
|
@ -379,7 +338,7 @@ func (s *Suite) TestSetTags(c *check.C) {
|
||||||
Hostname: "testnode",
|
Hostname: "testnode",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
}
|
}
|
||||||
|
|
||||||
trx := db.DB.Save(node)
|
trx := db.DB.Save(node)
|
||||||
|
@ -391,7 +350,7 @@ func (s *Suite) TestSetTags(c *check.C) {
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
node, err = db.getNode("test", "testnode")
|
node, err = db.getNode("test", "testnode")
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
c.Assert(node.ForcedTags, check.DeepEquals, types.StringList(sTags))
|
c.Assert(node.ForcedTags, check.DeepEquals, sTags)
|
||||||
|
|
||||||
// assign duplicate tags, expect no errors but no doubles in DB
|
// assign duplicate tags, expect no errors but no doubles in DB
|
||||||
eTags := []string{"tag:bar", "tag:test", "tag:unknown", "tag:test"}
|
eTags := []string{"tag:bar", "tag:test", "tag:unknown", "tag:test"}
|
||||||
|
@ -402,7 +361,7 @@ func (s *Suite) TestSetTags(c *check.C) {
|
||||||
c.Assert(
|
c.Assert(
|
||||||
node.ForcedTags,
|
node.ForcedTags,
|
||||||
check.DeepEquals,
|
check.DeepEquals,
|
||||||
types.StringList([]string{"tag:bar", "tag:test", "tag:unknown"}),
|
[]string{"tag:bar", "tag:test", "tag:unknown"},
|
||||||
)
|
)
|
||||||
|
|
||||||
// test removing tags
|
// test removing tags
|
||||||
|
@ -410,7 +369,7 @@ func (s *Suite) TestSetTags(c *check.C) {
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
node, err = db.getNode("test", "testnode")
|
node, err = db.getNode("test", "testnode")
|
||||||
c.Assert(err, check.IsNil)
|
c.Assert(err, check.IsNil)
|
||||||
c.Assert(node.ForcedTags, check.DeepEquals, types.StringList([]string{}))
|
c.Assert(node.ForcedTags, check.DeepEquals, []string{})
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestHeadscale_generateGivenName(t *testing.T) {
|
func TestHeadscale_generateGivenName(t *testing.T) {
|
||||||
|
@ -433,6 +392,15 @@ func TestHeadscale_generateGivenName(t *testing.T) {
|
||||||
want: regexp.MustCompile("^testnode$"),
|
want: regexp.MustCompile("^testnode$"),
|
||||||
wantErr: false,
|
wantErr: false,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "UPPERCASE node name generation",
|
||||||
|
args: args{
|
||||||
|
suppliedName: "TestNode",
|
||||||
|
randomSuffix: false,
|
||||||
|
},
|
||||||
|
want: regexp.MustCompile("^testnode$"),
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "node name with 53 chars",
|
name: "node name with 53 chars",
|
||||||
args: args{
|
args: args{
|
||||||
|
@ -520,8 +488,37 @@ func TestHeadscale_generateGivenName(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Suite) TestAutoApproveRoutes(c *check.C) {
|
func TestAutoApproveRoutes(t *testing.T) {
|
||||||
acl := []byte(`
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
acl string
|
||||||
|
routes []netip.Prefix
|
||||||
|
want []netip.Prefix
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "2068-approve-issue-sub",
|
||||||
|
acl: `
|
||||||
|
{
|
||||||
|
"groups": {
|
||||||
|
"group:k8s": ["test"]
|
||||||
|
},
|
||||||
|
|
||||||
|
"acls": [
|
||||||
|
{"action": "accept", "users": ["*"], "ports": ["*:*"]},
|
||||||
|
],
|
||||||
|
|
||||||
|
"autoApprovers": {
|
||||||
|
"routes": {
|
||||||
|
"10.42.0.0/16": ["test"],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}`,
|
||||||
|
routes: []netip.Prefix{netip.MustParsePrefix("10.42.7.0/24")},
|
||||||
|
want: []netip.Prefix{netip.MustParsePrefix("10.42.7.0/24")},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "2068-approve-issue-sub",
|
||||||
|
acl: `
|
||||||
{
|
{
|
||||||
"tagOwners": {
|
"tagOwners": {
|
||||||
"tag:exit": ["test"],
|
"tag:exit": ["test"],
|
||||||
|
@ -542,60 +539,306 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) {
|
||||||
"10.11.0.0/16": ["test"],
|
"10.11.0.0/16": ["test"],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}`,
|
||||||
`)
|
routes: []netip.Prefix{
|
||||||
|
tsaddr.AllIPv4(),
|
||||||
|
tsaddr.AllIPv6(),
|
||||||
|
netip.MustParsePrefix("10.10.0.0/16"),
|
||||||
|
netip.MustParsePrefix("10.11.0.0/24"),
|
||||||
|
},
|
||||||
|
want: []netip.Prefix{
|
||||||
|
tsaddr.AllIPv4(),
|
||||||
|
netip.MustParsePrefix("10.10.0.0/16"),
|
||||||
|
netip.MustParsePrefix("10.11.0.0/24"),
|
||||||
|
tsaddr.AllIPv6(),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
pol, err := policy.LoadACLPolicyFromBytes(acl, "hujson")
|
for _, tt := range tests {
|
||||||
c.Assert(err, check.IsNil)
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
c.Assert(pol, check.NotNil)
|
adb, err := newTestDB()
|
||||||
|
assert.NoError(t, err)
|
||||||
|
pol, err := policy.LoadACLPolicyFromBytes([]byte(tt.acl))
|
||||||
|
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.NotNil(t, pol)
|
||||||
|
|
||||||
|
user, err := adb.CreateUser("test")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
pak, err := adb.CreatePreAuthKey(user.Name, false, false, nil, nil)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
nodeKey := key.NewNode()
|
||||||
|
machineKey := key.NewMachine()
|
||||||
|
|
||||||
|
v4 := netip.MustParseAddr("100.64.0.1")
|
||||||
|
node := types.Node{
|
||||||
|
ID: 0,
|
||||||
|
MachineKey: machineKey.Public(),
|
||||||
|
NodeKey: nodeKey.Public(),
|
||||||
|
Hostname: "test",
|
||||||
|
UserID: user.ID,
|
||||||
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
|
Hostinfo: &tailcfg.Hostinfo{
|
||||||
|
RequestTags: []string{"tag:exit"},
|
||||||
|
RoutableIPs: tt.routes,
|
||||||
|
},
|
||||||
|
IPv4: &v4,
|
||||||
|
}
|
||||||
|
|
||||||
|
trx := adb.DB.Save(&node)
|
||||||
|
assert.NoError(t, trx.Error)
|
||||||
|
|
||||||
|
sendUpdate, err := adb.SaveNodeRoutes(&node)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.False(t, sendUpdate)
|
||||||
|
|
||||||
|
node0ByID, err := adb.GetNodeByID(0)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
// TODO(kradalby): Check state update
|
||||||
|
err = adb.EnableAutoApprovedRoutes(pol, node0ByID)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
enabledRoutes, err := adb.GetEnabledRoutes(node0ByID)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Len(t, enabledRoutes, len(tt.want))
|
||||||
|
|
||||||
|
tsaddr.SortPrefixes(enabledRoutes)
|
||||||
|
|
||||||
|
if diff := cmp.Diff(tt.want, enabledRoutes, util.Comparers...); diff != "" {
|
||||||
|
t.Errorf("unexpected enabled routes (-want +got):\n%s", diff)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestEphemeralGarbageCollectorOrder(t *testing.T) {
|
||||||
|
want := []types.NodeID{1, 3}
|
||||||
|
got := []types.NodeID{}
|
||||||
|
var mu sync.Mutex
|
||||||
|
|
||||||
|
e := NewEphemeralGarbageCollector(func(ni types.NodeID) {
|
||||||
|
mu.Lock()
|
||||||
|
defer mu.Unlock()
|
||||||
|
got = append(got, ni)
|
||||||
|
})
|
||||||
|
go e.Start()
|
||||||
|
|
||||||
|
go e.Schedule(1, 1*time.Second)
|
||||||
|
go e.Schedule(2, 2*time.Second)
|
||||||
|
go e.Schedule(3, 3*time.Second)
|
||||||
|
go e.Schedule(4, 4*time.Second)
|
||||||
|
|
||||||
|
time.Sleep(time.Second)
|
||||||
|
go e.Cancel(2)
|
||||||
|
go e.Cancel(4)
|
||||||
|
|
||||||
|
time.Sleep(6 * time.Second)
|
||||||
|
|
||||||
|
e.Close()
|
||||||
|
|
||||||
|
mu.Lock()
|
||||||
|
defer mu.Unlock()
|
||||||
|
|
||||||
|
if diff := cmp.Diff(want, got); diff != "" {
|
||||||
|
t.Errorf("wrong nodes deleted, unexpected result (-want +got):\n%s", diff)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestEphemeralGarbageCollectorLoads(t *testing.T) {
|
||||||
|
var got []types.NodeID
|
||||||
|
var mu sync.Mutex
|
||||||
|
|
||||||
|
want := 1000
|
||||||
|
|
||||||
|
e := NewEphemeralGarbageCollector(func(ni types.NodeID) {
|
||||||
|
mu.Lock()
|
||||||
|
defer mu.Unlock()
|
||||||
|
|
||||||
|
time.Sleep(time.Duration(generateRandomNumber(t, 3)) * time.Millisecond)
|
||||||
|
got = append(got, ni)
|
||||||
|
})
|
||||||
|
go e.Start()
|
||||||
|
|
||||||
|
for i := 0; i < want; i++ {
|
||||||
|
go e.Schedule(types.NodeID(i), 1*time.Second)
|
||||||
|
}
|
||||||
|
|
||||||
|
time.Sleep(10 * time.Second)
|
||||||
|
|
||||||
|
e.Close()
|
||||||
|
|
||||||
|
mu.Lock()
|
||||||
|
defer mu.Unlock()
|
||||||
|
|
||||||
|
if len(got) != want {
|
||||||
|
t.Errorf("expected %d, got %d", want, len(got))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func generateRandomNumber(t *testing.T, max int64) int64 {
|
||||||
|
t.Helper()
|
||||||
|
maxB := big.NewInt(max)
|
||||||
|
n, err := rand.Int(rand.Reader, maxB)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("getting random number: %s", err)
|
||||||
|
}
|
||||||
|
return n.Int64() + 1
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestListEphemeralNodes(t *testing.T) {
|
||||||
|
db, err := newTestDB()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("creating db: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
user, err := db.CreateUser("test")
|
user, err := db.CreateUser("test")
|
||||||
c.Assert(err, check.IsNil)
|
assert.NoError(t, err)
|
||||||
|
|
||||||
pak, err := db.CreatePreAuthKey(user.Name, false, false, nil, nil)
|
pak, err := db.CreatePreAuthKey(user.Name, false, false, nil, nil)
|
||||||
c.Assert(err, check.IsNil)
|
assert.NoError(t, err)
|
||||||
|
|
||||||
nodeKey := key.NewNode()
|
pakEph, err := db.CreatePreAuthKey(user.Name, false, true, nil, nil)
|
||||||
machineKey := key.NewMachine()
|
assert.NoError(t, err)
|
||||||
|
|
||||||
defaultRouteV4 := netip.MustParsePrefix("0.0.0.0/0")
|
|
||||||
defaultRouteV6 := netip.MustParsePrefix("::/0")
|
|
||||||
route1 := netip.MustParsePrefix("10.10.0.0/16")
|
|
||||||
// Check if a subprefix of an autoapproved route is approved
|
|
||||||
route2 := netip.MustParsePrefix("10.11.0.0/24")
|
|
||||||
|
|
||||||
v4 := netip.MustParseAddr("100.64.0.1")
|
|
||||||
pakID := uint(pak.ID)
|
|
||||||
node := types.Node{
|
node := types.Node{
|
||||||
ID: 0,
|
ID: 0,
|
||||||
MachineKey: machineKey.Public(),
|
MachineKey: key.NewMachine().Public(),
|
||||||
NodeKey: nodeKey.Public(),
|
NodeKey: key.NewNode().Public(),
|
||||||
Hostname: "test",
|
Hostname: "test",
|
||||||
UserID: user.ID,
|
UserID: user.ID,
|
||||||
RegisterMethod: util.RegisterMethodAuthKey,
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
AuthKeyID: &pakID,
|
AuthKeyID: ptr.To(pak.ID),
|
||||||
Hostinfo: &tailcfg.Hostinfo{
|
|
||||||
RequestTags: []string{"tag:exit"},
|
|
||||||
RoutableIPs: []netip.Prefix{defaultRouteV4, defaultRouteV6, route1, route2},
|
|
||||||
},
|
|
||||||
IPv4: &v4,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
trx := db.DB.Save(&node)
|
nodeEph := types.Node{
|
||||||
c.Assert(trx.Error, check.IsNil)
|
ID: 0,
|
||||||
|
MachineKey: key.NewMachine().Public(),
|
||||||
|
NodeKey: key.NewNode().Public(),
|
||||||
|
Hostname: "ephemeral",
|
||||||
|
UserID: user.ID,
|
||||||
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
|
AuthKeyID: ptr.To(pakEph.ID),
|
||||||
|
}
|
||||||
|
|
||||||
sendUpdate, err := db.SaveNodeRoutes(&node)
|
err = db.DB.Save(&node).Error
|
||||||
c.Assert(err, check.IsNil)
|
assert.NoError(t, err)
|
||||||
c.Assert(sendUpdate, check.Equals, false)
|
|
||||||
|
|
||||||
node0ByID, err := db.GetNodeByID(0)
|
err = db.DB.Save(&nodeEph).Error
|
||||||
c.Assert(err, check.IsNil)
|
assert.NoError(t, err)
|
||||||
|
|
||||||
// TODO(kradalby): Check state update
|
nodes, err := db.ListNodes()
|
||||||
err = db.EnableAutoApprovedRoutes(pol, node0ByID)
|
assert.NoError(t, err)
|
||||||
c.Assert(err, check.IsNil)
|
|
||||||
|
|
||||||
enabledRoutes, err := db.GetEnabledRoutes(node0ByID)
|
ephemeralNodes, err := db.ListEphemeralNodes()
|
||||||
c.Assert(err, check.IsNil)
|
assert.NoError(t, err)
|
||||||
c.Assert(enabledRoutes, check.HasLen, 4)
|
|
||||||
|
assert.Len(t, nodes, 2)
|
||||||
|
assert.Len(t, ephemeralNodes, 1)
|
||||||
|
|
||||||
|
assert.Equal(t, nodeEph.ID, ephemeralNodes[0].ID)
|
||||||
|
assert.Equal(t, nodeEph.AuthKeyID, ephemeralNodes[0].AuthKeyID)
|
||||||
|
assert.Equal(t, nodeEph.UserID, ephemeralNodes[0].UserID)
|
||||||
|
assert.Equal(t, nodeEph.Hostname, ephemeralNodes[0].Hostname)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestRenameNode(t *testing.T) {
|
||||||
|
db, err := newTestDB()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("creating db: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
user, err := db.CreateUser("test")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
user2, err := db.CreateUser("test2")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
node := types.Node{
|
||||||
|
ID: 0,
|
||||||
|
MachineKey: key.NewMachine().Public(),
|
||||||
|
NodeKey: key.NewNode().Public(),
|
||||||
|
Hostname: "test",
|
||||||
|
UserID: user.ID,
|
||||||
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
|
}
|
||||||
|
|
||||||
|
node2 := types.Node{
|
||||||
|
ID: 0,
|
||||||
|
MachineKey: key.NewMachine().Public(),
|
||||||
|
NodeKey: key.NewNode().Public(),
|
||||||
|
Hostname: "test",
|
||||||
|
UserID: user2.ID,
|
||||||
|
RegisterMethod: util.RegisterMethodAuthKey,
|
||||||
|
}
|
||||||
|
|
||||||
|
err = db.DB.Save(&node).Error
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
err = db.DB.Save(&node2).Error
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
err = db.DB.Transaction(func(tx *gorm.DB) error {
|
||||||
|
_, err := RegisterNode(tx, node, nil, nil)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
_, err = RegisterNode(tx, node2, nil, nil)
|
||||||
|
return err
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
nodes, err := db.ListNodes()
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
assert.Len(t, nodes, 2)
|
||||||
|
|
||||||
|
t.Logf("node1 %s %s", nodes[0].Hostname, nodes[0].GivenName)
|
||||||
|
t.Logf("node2 %s %s", nodes[1].Hostname, nodes[1].GivenName)
|
||||||
|
|
||||||
|
assert.Equal(t, nodes[0].Hostname, nodes[0].GivenName)
|
||||||
|
assert.NotEqual(t, nodes[1].Hostname, nodes[1].GivenName)
|
||||||
|
assert.Equal(t, nodes[0].Hostname, nodes[1].Hostname)
|
||||||
|
assert.NotEqual(t, nodes[0].Hostname, nodes[1].GivenName)
|
||||||
|
assert.Contains(t, nodes[1].GivenName, nodes[0].Hostname)
|
||||||
|
assert.Equal(t, nodes[0].GivenName, nodes[1].Hostname)
|
||||||
|
assert.Len(t, nodes[0].Hostname, 4)
|
||||||
|
assert.Len(t, nodes[1].Hostname, 4)
|
||||||
|
assert.Len(t, nodes[0].GivenName, 4)
|
||||||
|
assert.Len(t, nodes[1].GivenName, 13)
|
||||||
|
|
||||||
|
// Nodes can be renamed to a unique name
|
||||||
|
err = db.Write(func(tx *gorm.DB) error {
|
||||||
|
return RenameNode(tx, nodes[0].ID, "newname")
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
nodes, err = db.ListNodes()
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Len(t, nodes, 2)
|
||||||
|
assert.Equal(t, nodes[0].Hostname, "test")
|
||||||
|
assert.Equal(t, nodes[0].GivenName, "newname")
|
||||||
|
|
||||||
|
// Nodes can reuse name that is no longer used
|
||||||
|
err = db.Write(func(tx *gorm.DB) error {
|
||||||
|
return RenameNode(tx, nodes[1].ID, "test")
|
||||||
|
})
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
nodes, err = db.ListNodes()
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Len(t, nodes, 2)
|
||||||
|
assert.Equal(t, nodes[0].Hostname, "test")
|
||||||
|
assert.Equal(t, nodes[0].GivenName, "newname")
|
||||||
|
assert.Equal(t, nodes[1].GivenName, "test")
|
||||||
|
|
||||||
|
// Nodes cannot be renamed to used names
|
||||||
|
err = db.Write(func(tx *gorm.DB) error {
|
||||||
|
return RenameNode(tx, nodes[0].ID, "test")
|
||||||
|
})
|
||||||
|
assert.ErrorContains(t, err, "name is not unique")
|
||||||
}
|
}
|
||||||
|
|
43
hscontrol/db/policy.go
Normal file
43
hscontrol/db/policy.go
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
package db
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
|
||||||
|
"github.com/juanfont/headscale/hscontrol/types"
|
||||||
|
"gorm.io/gorm"
|
||||||
|
"gorm.io/gorm/clause"
|
||||||
|
)
|
||||||
|
|
||||||
|
// SetPolicy sets the policy in the database.
|
||||||
|
func (hsdb *HSDatabase) SetPolicy(policy string) (*types.Policy, error) {
|
||||||
|
// Create a new policy.
|
||||||
|
p := types.Policy{
|
||||||
|
Data: policy,
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := hsdb.DB.Clauses(clause.Returning{}).Create(&p).Error; err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &p, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetPolicy returns the latest policy in the database.
|
||||||
|
func (hsdb *HSDatabase) GetPolicy() (*types.Policy, error) {
|
||||||
|
var p types.Policy
|
||||||
|
|
||||||
|
// Query:
|
||||||
|
// SELECT * FROM policies ORDER BY id DESC LIMIT 1;
|
||||||
|
if err := hsdb.DB.
|
||||||
|
Order("id DESC").
|
||||||
|
Limit(1).
|
||||||
|
First(&p).Error; err != nil {
|
||||||
|
if errors.Is(err, gorm.ErrRecordNotFound) {
|
||||||
|
return nil, types.ErrPolicyNotFound
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &p, nil
|
||||||
|
}
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue