Documentation ¶
Index ¶
- Constants
- func CheckTag(tag string) error
- func CheckTags(tags []string) error
- func SanitizeTailnetName(name string) string
- type ACL
- type ACLPolicy
- func (a ACLPolicy) BuildFilterRules(srcs []Machine, dst *Machine) []tailcfg.FilterRule
- func (a ACLPolicy) BuildSSHPolicy(srcs []Machine, dst *Machine) *tailcfg.SSHPolicy
- func (a ACLPolicy) CheckTagOwners(tags []string, p *User) error
- func (a ACLPolicy) FindAutoApprovedIPs(routableIPs []netip.Prefix, tags []string, u *User) []netip.Prefix
- func (ACLPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (ACLPolicy) GormDataType() string
- func (a ACLPolicy) IsTagOwner(tags []string, p *User) bool
- func (a ACLPolicy) IsValidPeer(src *Machine, dest *Machine) bool
- func (i *ACLPolicy) Scan(destination interface{}) error
- func (i ACLPolicy) Value() (driver.Value, error)
- type Account
- type AllowIPs
- type AllowIPsSet
- type ApiKey
- type AuthKey
- type AuthenticationRequest
- type AutoApprovers
- type ControlKeys
- type DERPMap
- type DNSConfig
- type DefaultDERPMap
- type Endpoints
- type HostInfo
- type IAMPolicy
- func (i *IAMPolicy) EvaluatePolicy(identity *Identity) (bool, error)
- func (i *IAMPolicy) GetRole(user User) UserRole
- func (IAMPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (IAMPolicy) GormDataType() string
- func (i *IAMPolicy) Scan(destination interface{}) error
- func (i IAMPolicy) Value() (driver.Value, error)
- type IP
- type Identity
- type JSONWebKey
- type JSONWebKeys
- type Machine
- func (m *Machine) AdvertisedPrefixes() []string
- func (m *Machine) AllowedPrefixes() []string
- func (m *Machine) CompleteName() string
- func (m *Machine) HasIP(v netip.Addr) bool
- func (m *Machine) HasTag(tag string) bool
- func (m *Machine) HasTags() bool
- func (m *Machine) HasUser(loginName string) bool
- func (m *Machine) IPs() []string
- func (m *Machine) IsAdvertisedExitNode() bool
- func (m *Machine) IsAllowedExitNode() bool
- func (m *Machine) IsAllowedIP(i netip.Addr) bool
- func (m *Machine) IsAllowedIPPrefix(i netip.Prefix) bool
- func (m *Machine) IsExitNode() bool
- func (m *Machine) IsExpired() bool
- type Machines
- type Principal
- type RegistrationRequest
- type RegistrationRequestData
- type Repository
- type SSHActionRequest
- type SSHRule
- type ServerConfig
- type StringSet
- type SystemApiKey
- type SystemRole
- type Tags
- type Tailnet
- type User
- type UserRole
- type UserType
- type Users
Constants ¶
View Source
const ( AutoGroupSelf = "autogroup:self" AutoGroupMembers = "autogroup:members" AutoGroupInternet = "autogroup:internet" )
Variables ¶
This section is empty.
Functions ¶
func SanitizeTailnetName ¶ added in v0.2.0
Types ¶
type ACLPolicy ¶
type ACLPolicy struct { Groups map[string][]string `json:"groups,omitempty"` Hosts map[string]string `json:"hosts,omitempty"` ACLs []ACL `json:"acls"` TagOwners map[string][]string `json:"tagowners"` AutoApprovers AutoApprovers `json:"autoApprovers"` SSHRules []SSHRule `json:"ssh"` }
func DefaultPolicy ¶
func DefaultPolicy() ACLPolicy
func (ACLPolicy) BuildFilterRules ¶
func (a ACLPolicy) BuildFilterRules(srcs []Machine, dst *Machine) []tailcfg.FilterRule
func (ACLPolicy) BuildSSHPolicy ¶ added in v0.4.0
func (ACLPolicy) FindAutoApprovedIPs ¶ added in v0.2.0
func (ACLPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (ACLPolicy) GormDataType ¶
GormDataType gorm common data type
type AllowIPs ¶
func (AllowIPs) GormDBDataType ¶
GormDBDataType gorm db data type
func (AllowIPs) GormDataType ¶
GormDataType gorm common data type
type AllowIPsSet ¶
type AllowIPsSet struct {
// contains filtered or unexported fields
}
func NewAllowIPsSet ¶
func NewAllowIPsSet(t AllowIPs) *AllowIPsSet
func (*AllowIPsSet) Add ¶
func (s *AllowIPsSet) Add(t ...netip.Prefix) *AllowIPsSet
func (*AllowIPsSet) Items ¶
func (s *AllowIPsSet) Items() []netip.Prefix
func (*AllowIPsSet) Remove ¶
func (s *AllowIPsSet) Remove(t ...netip.Prefix) *AllowIPsSet
type ApiKey ¶
type AuthKey ¶
type AuthenticationRequest ¶
type AutoApprovers ¶ added in v0.2.0
type ControlKeys ¶ added in v0.2.0
type ControlKeys struct { ControlKey tkey.MachinePrivate LegacyControlKey tkey.MachinePrivate }
type DERPMap ¶ added in v0.4.0
func (DERPMap) GormDBDataType ¶ added in v0.4.0
GormDBDataType gorm db data type
func (DERPMap) GormDataType ¶ added in v0.4.0
GormDataType gorm common data type
type DNSConfig ¶
type DNSConfig struct { HttpsCertsEnabled bool `json:"http_certs"` MagicDNS bool `json:"magic_dns"` OverrideLocalDNS bool `json:"override_local_dns"` Nameservers []string `json:"nameservers"` Routes map[string][]string `json:"routes"` }
func (DNSConfig) GormDBDataType ¶
GormDBDataType gorm db data type
func (DNSConfig) GormDataType ¶
GormDataType gorm common data type
type DefaultDERPMap ¶ added in v0.4.0
type Endpoints ¶
type Endpoints []string
func (Endpoints) GormDBDataType ¶
GormDBDataType gorm db data type
func (Endpoints) GormDataType ¶
GormDataType gorm common data type
type HostInfo ¶
func (HostInfo) GormDBDataType ¶
GormDBDataType gorm db data type
func (HostInfo) GormDataType ¶
GormDataType gorm common data type
type IAMPolicy ¶
type IAMPolicy struct { Subs []string `json:"subs,omitempty"` Emails []string `json:"emails,omitempty"` Filters []string `json:"filters,omitempty"` Roles map[string]UserRole `json:"roles,omitempty"` }
func (*IAMPolicy) EvaluatePolicy ¶
func (IAMPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (IAMPolicy) GormDataType ¶
GormDataType gorm common data type
type JSONWebKey ¶ added in v0.3.0
type JSONWebKey struct { Id string PrivateKey rsa.PrivateKey CreatedAt time.Time }
func (JSONWebKey) Public ¶ added in v0.3.0
func (j JSONWebKey) Public() crypto.PublicKey
type JSONWebKeys ¶ added in v0.3.0
type JSONWebKeys struct {
Key JSONWebKey
}
type Machine ¶
type Machine struct { ID uint64 `gorm:"primary_key"` Name string NameIdx uint64 MachineKey string NodeKey string DiscoKey string Ephemeral bool RegisteredTags Tags Tags Tags KeyExpiryDisabled bool HostInfo HostInfo Endpoints Endpoints AllowIPs AllowIPs AutoAllowIPs AllowIPs IPv4 IP IPv6 IP CreatedAt time.Time ExpiresAt time.Time LastSeen *time.Time UserID uint64 User User TailnetID uint64 Tailnet Tailnet }
func (*Machine) AdvertisedPrefixes ¶ added in v0.2.0
func (*Machine) AllowedPrefixes ¶ added in v0.2.0
func (*Machine) CompleteName ¶ added in v0.3.0
func (*Machine) IsAdvertisedExitNode ¶ added in v0.2.0
func (*Machine) IsAllowedExitNode ¶ added in v0.2.0
func (*Machine) IsExitNode ¶ added in v0.2.0
type Principal ¶
type Principal struct { SystemRole SystemRole User *User UserRole UserRole }
func (Principal) IsSystemAdmin ¶
func (Principal) IsTailnetAdmin ¶
func (Principal) IsTailnetMember ¶
func (Principal) UserMatches ¶
type RegistrationRequest ¶
type RegistrationRequest struct { MachineKey string `gorm:"primary_key"` Key string Data RegistrationRequestData CreatedAt time.Time Authenticated bool Error string }
func (*RegistrationRequest) IsFinished ¶
func (r *RegistrationRequest) IsFinished() bool
type RegistrationRequestData ¶
type RegistrationRequestData tailcfg.RegisterRequest
func (RegistrationRequestData) GormDBDataType ¶
GormDBDataType gorm db data type
func (RegistrationRequestData) GormDataType ¶
func (RegistrationRequestData) GormDataType() string
GormDataType gorm common data type
func (*RegistrationRequestData) Scan ¶
func (hi *RegistrationRequestData) Scan(destination interface{}) error
type Repository ¶
type Repository interface { GetControlKeys(ctx context.Context) (*ControlKeys, error) SetControlKeys(ctx context.Context, keys *ControlKeys) error GetJSONWebKeySet(ctx context.Context) (*JSONWebKeys, error) SetJSONWebKeySet(ctx context.Context, keys *JSONWebKeys) error GetDERPMap(ctx context.Context) (*DERPMap, error) SetDERPMap(ctx context.Context, v *DERPMap) error GetAccount(ctx context.Context, accountID uint64) (*Account, error) GetOrCreateAccount(ctx context.Context, externalID, loginName string) (*Account, bool, error) SaveTailnet(ctx context.Context, tailnet *Tailnet) error GetOrCreateTailnet(ctx context.Context, name string, iamPolicy IAMPolicy) (*Tailnet, bool, error) GetTailnet(ctx context.Context, id uint64) (*Tailnet, error) GetTailnetByAlias(ctx context.Context, alias string) (*Tailnet, error) ListTailnets(ctx context.Context) ([]Tailnet, error) DeleteTailnet(ctx context.Context, id uint64) error SaveSystemApiKey(ctx context.Context, key *SystemApiKey) error LoadSystemApiKey(ctx context.Context, key string) (*SystemApiKey, error) SaveApiKey(ctx context.Context, key *ApiKey) error LoadApiKey(ctx context.Context, key string) (*ApiKey, error) DeleteApiKeysByTailnet(ctx context.Context, tailnetID uint64) error DeleteApiKeysByUser(ctx context.Context, userID uint64) error GetAuthKey(ctx context.Context, id uint64) (*AuthKey, error) SaveAuthKey(ctx context.Context, key *AuthKey) error DeleteAuthKey(ctx context.Context, id uint64) (bool, error) DeleteAuthKeysByTailnet(ctx context.Context, tailnetID uint64) error DeleteAuthKeysByUser(ctx context.Context, userID uint64) error ListAuthKeys(ctx context.Context, tailnetID uint64) ([]AuthKey, error) ListAuthKeysByTailnetAndUser(ctx context.Context, tailnetID, userID uint64) ([]AuthKey, error) LoadAuthKey(ctx context.Context, key string) (*AuthKey, error) GetOrCreateServiceUser(ctx context.Context, tailnet *Tailnet) (*User, bool, error) GetOrCreateUserWithAccount(ctx context.Context, tailnet *Tailnet, account *Account) (*User, bool, error) GetUser(ctx context.Context, userID uint64) (*User, error) DeleteUser(ctx context.Context, userID uint64) error ListUsers(ctx context.Context, tailnetID uint64) (Users, error) DeleteUsersByTailnet(ctx context.Context, tailnetID uint64) error SaveMachine(ctx context.Context, m *Machine) error DeleteMachine(ctx context.Context, id uint64) (bool, error) GetMachine(ctx context.Context, id uint64) (*Machine, error) GetMachineByKey(ctx context.Context, tailnetID uint64, key string) (*Machine, error) GetMachineByKeys(ctx context.Context, machineKey string, nodeKey string) (*Machine, error) CountMachinesWithIPv4(ctx context.Context, ip string) (int64, error) GetNextMachineNameIndex(ctx context.Context, tailnetID uint64, name string) (uint64, error) ListMachineByTailnet(ctx context.Context, tailnetID uint64) (Machines, error) CountMachineByTailnet(ctx context.Context, tailnetID uint64) (int64, error) DeleteMachineByTailnet(ctx context.Context, tailnetID uint64) error DeleteMachineByUser(ctx context.Context, userID uint64) error ListMachinePeers(ctx context.Context, tailnetID uint64, key string) (Machines, error) ListInactiveEphemeralMachines(ctx context.Context, checkpoint time.Time) (Machines, error) SetMachineLastSeen(ctx context.Context, machineID uint64) error SaveRegistrationRequest(ctx context.Context, request *RegistrationRequest) error GetRegistrationRequestByKey(ctx context.Context, key string) (*RegistrationRequest, error) GetRegistrationRequestByMachineKey(ctx context.Context, key string) (*RegistrationRequest, error) SaveAuthenticationRequest(ctx context.Context, session *AuthenticationRequest) error GetAuthenticationRequest(ctx context.Context, key string) (*AuthenticationRequest, error) DeleteAuthenticationRequest(ctx context.Context, key string) error SaveSSHActionRequest(ctx context.Context, session *SSHActionRequest) error GetSSHActionRequest(ctx context.Context, key string) (*SSHActionRequest, error) DeleteSSHActionRequest(ctx context.Context, key string) error Transaction(func(rp Repository) error) error }
func NewRepository ¶
func NewRepository(db *gorm.DB) Repository
type SSHActionRequest ¶ added in v0.4.0
type ServerConfig ¶
type ServerConfig struct { Key configKey `gorm:"primary_key"` Value []byte }
type SystemApiKey ¶
type SystemApiKey struct { ID uint64 `gorm:"primary_key"` Key string Hash string CreatedAt time.Time ExpiresAt *time.Time AccountID uint64 Account Account }
func CreateSystemApiKey ¶
func CreateSystemApiKey(account *Account, expiresAt *time.Time) (string, *SystemApiKey)
type SystemRole ¶
type SystemRole string
const ( SystemRoleNone SystemRole = "" SystemRoleAdmin SystemRole = "admin" )
func (SystemRole) IsAdmin ¶
func (s SystemRole) IsAdmin() bool
type Tailnet ¶
type Tailnet struct { ID uint64 `gorm:"primary_key"` Name string Alias *string DNSConfig DNSConfig IAMPolicy IAMPolicy ACLPolicy ACLPolicy DERPMap DERPMap ServiceCollectionEnabled bool FileSharingEnabled bool SSHEnabled bool }
func (Tailnet) GetDERPMap ¶ added in v0.4.0
Click to show internal directories.
Click to hide internal directories.