Documentation
¶
Index ¶
- Constants
- func CheckTag(tag string) error
- func CheckTags(tags []string) error
- func SanitizeTailnetName(name string) string
- type ACL
- type ACLPolicy
- func (a ACLPolicy) BuildFilterRules(srcs []Machine, dst *Machine) []tailcfg.FilterRule
- func (a ACLPolicy) BuildSSHPolicy(srcs []Machine, dst *Machine) *tailcfg.SSHPolicy
- func (a ACLPolicy) CheckTagOwners(tags []string, p *User) error
- func (a ACLPolicy) FindAutoApprovedIPs(routableIPs []netip.Prefix, tags []string, u *User) []netip.Prefix
- func (ACLPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (ACLPolicy) GormDataType() string
- func (a ACLPolicy) IsTagOwner(tags []string, p *User) bool
- func (a ACLPolicy) IsValidPeer(src *Machine, dest *Machine) bool
- func (i *ACLPolicy) Scan(destination interface{}) error
- func (i ACLPolicy) Value() (driver.Value, error)
- type Account
- type AllowIPs
- type AllowIPsSet
- type ApiKey
- type AuthKey
- type AuthenticationRequest
- type AutoApprovers
- type ControlKeys
- type DERPMap
- type DNSConfig
- type DefaultDERPMap
- type Endpoints
- type HostInfo
- type IAMPolicy
- func (i *IAMPolicy) EvaluatePolicy(identity *Identity) (bool, error)
- func (i *IAMPolicy) GetRole(user User) UserRole
- func (IAMPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (IAMPolicy) GormDataType() string
- func (i *IAMPolicy) Scan(destination interface{}) error
- func (i IAMPolicy) Value() (driver.Value, error)
- type IP
- type Identity
- type JSONWebKey
- type JSONWebKeys
- type Machine
- func (m *Machine) AdvertisedPrefixes() []string
- func (m *Machine) AllowedPrefixes() []string
- func (m *Machine) CompleteName() string
- func (m *Machine) HasIP(v netip.Addr) bool
- func (m *Machine) HasTag(tag string) bool
- func (m *Machine) HasTags() bool
- func (m *Machine) HasUser(loginName string) bool
- func (m *Machine) IPs() []string
- func (m *Machine) IsAdvertisedExitNode() bool
- func (m *Machine) IsAllowedExitNode() bool
- func (m *Machine) IsAllowedIP(i netip.Addr) bool
- func (m *Machine) IsAllowedIPPrefix(i netip.Prefix) bool
- func (m *Machine) IsExitNode() bool
- func (m *Machine) IsExpired() bool
- type Machines
- type Principal
- type RegistrationRequest
- type RegistrationRequestData
- type Repository
- type SSHActionRequest
- type SSHRule
- type ServerConfig
- type StringSet
- type SystemApiKey
- type SystemRole
- type Tags
- type Tailnet
- type User
- type UserRole
- type UserType
- type Users
Constants ¶
View Source
const ( AutoGroupSelf = "autogroup:self" AutoGroupMembers = "autogroup:members" AutoGroupInternet = "autogroup:internet" )
Variables ¶
This section is empty.
Functions ¶
func SanitizeTailnetName ¶ added in v0.2.0
Types ¶
type ACLPolicy ¶
type ACLPolicy struct {
Groups map[string][]string `json:"groups,omitempty"`
Hosts map[string]string `json:"hosts,omitempty"`
ACLs []ACL `json:"acls"`
TagOwners map[string][]string `json:"tagowners"`
AutoApprovers *AutoApprovers `json:"autoApprovers"`
SSHRules []SSHRule `json:"ssh"`
}
func DefaultPolicy ¶
func DefaultPolicy() ACLPolicy
func (ACLPolicy) BuildFilterRules ¶
func (a ACLPolicy) BuildFilterRules(srcs []Machine, dst *Machine) []tailcfg.FilterRule
func (ACLPolicy) BuildSSHPolicy ¶ added in v0.4.0
func (ACLPolicy) FindAutoApprovedIPs ¶ added in v0.2.0
func (ACLPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (ACLPolicy) GormDataType ¶
GormDataType gorm common data type
type AllowIPs ¶
func (AllowIPs) GormDBDataType ¶
GormDBDataType gorm db data type
func (AllowIPs) GormDataType ¶
GormDataType gorm common data type
type AllowIPsSet ¶
type AllowIPsSet struct {
// contains filtered or unexported fields
}
func NewAllowIPsSet ¶
func NewAllowIPsSet(t AllowIPs) *AllowIPsSet
func (*AllowIPsSet) Add ¶
func (s *AllowIPsSet) Add(t ...netip.Prefix) *AllowIPsSet
func (*AllowIPsSet) Items ¶
func (s *AllowIPsSet) Items() []netip.Prefix
func (*AllowIPsSet) Remove ¶
func (s *AllowIPsSet) Remove(t ...netip.Prefix) *AllowIPsSet
type ApiKey ¶
type AuthKey ¶
type AuthenticationRequest ¶
type AutoApprovers ¶ added in v0.2.0
type ControlKeys ¶ added in v0.2.0
type ControlKeys struct {
ControlKey tkey.MachinePrivate
LegacyControlKey tkey.MachinePrivate
}
type DERPMap ¶ added in v0.4.0
func (DERPMap) GormDBDataType ¶ added in v0.4.0
GormDBDataType gorm db data type
func (DERPMap) GormDataType ¶ added in v0.4.0
GormDataType gorm common data type
type DNSConfig ¶
type DNSConfig struct {
HttpsCertsEnabled bool `json:"http_certs"`
MagicDNS bool `json:"magic_dns"`
OverrideLocalDNS bool `json:"override_local_dns"`
Nameservers []string `json:"nameservers"`
Routes map[string][]string `json:"routes"`
}
func (DNSConfig) GormDBDataType ¶
GormDBDataType gorm db data type
func (DNSConfig) GormDataType ¶
GormDataType gorm common data type
type DefaultDERPMap ¶ added in v0.4.0
type Endpoints ¶
type Endpoints []string
func (Endpoints) GormDBDataType ¶
GormDBDataType gorm db data type
func (Endpoints) GormDataType ¶
GormDataType gorm common data type
type HostInfo ¶
func (HostInfo) GormDBDataType ¶
GormDBDataType gorm db data type
func (HostInfo) GormDataType ¶
GormDataType gorm common data type
type IAMPolicy ¶
type IAMPolicy struct {
Subs []string `json:"subs,omitempty"`
Emails []string `json:"emails,omitempty"`
Filters []string `json:"filters,omitempty"`
Roles map[string]UserRole `json:"roles,omitempty"`
}
func (*IAMPolicy) EvaluatePolicy ¶
func (IAMPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (IAMPolicy) GormDataType ¶
GormDataType gorm common data type
type JSONWebKey ¶ added in v0.3.0
type JSONWebKey struct {
Id string
PrivateKey rsa.PrivateKey
CreatedAt time.Time
}
func (JSONWebKey) Public ¶ added in v0.3.0
func (j JSONWebKey) Public() crypto.PublicKey
type JSONWebKeys ¶ added in v0.3.0
type JSONWebKeys struct {
Key JSONWebKey
}
type Machine ¶
type Machine struct {
ID uint64 `gorm:"primary_key"`
Name string
NameIdx uint64
MachineKey string
NodeKey string
DiscoKey string
Ephemeral bool
RegisteredTags Tags
Tags Tags
KeyExpiryDisabled bool
Authorized bool
HostInfo HostInfo
Endpoints Endpoints
AllowIPs AllowIPs
AutoAllowIPs AllowIPs
IPv4 IP
IPv6 IP
CreatedAt time.Time
ExpiresAt time.Time
LastSeen *time.Time
UserID uint64
User User
TailnetID uint64
Tailnet Tailnet
}
func (*Machine) AdvertisedPrefixes ¶ added in v0.2.0
func (*Machine) AllowedPrefixes ¶ added in v0.2.0
func (*Machine) CompleteName ¶ added in v0.3.0
func (*Machine) IsAdvertisedExitNode ¶ added in v0.2.0
func (*Machine) IsAllowedExitNode ¶ added in v0.2.0
func (*Machine) IsExitNode ¶ added in v0.2.0
type Principal ¶
type Principal struct {
SystemRole SystemRole
User *User
UserRole UserRole
}
func (Principal) IsSystemAdmin ¶
func (Principal) IsTailnetAdmin ¶
func (Principal) IsTailnetMember ¶
func (Principal) UserMatches ¶
type RegistrationRequest ¶
type RegistrationRequest struct {
MachineKey string `gorm:"primary_key"`
Key string
Data RegistrationRequestData
CreatedAt time.Time
Authenticated bool
Error string
UserID uint64
}
func (*RegistrationRequest) IsFinished ¶
func (r *RegistrationRequest) IsFinished() bool
type RegistrationRequestData ¶
type RegistrationRequestData tailcfg.RegisterRequest
func (RegistrationRequestData) GormDBDataType ¶
GormDBDataType gorm db data type
func (RegistrationRequestData) GormDataType ¶
func (RegistrationRequestData) GormDataType() string
GormDataType gorm common data type
func (*RegistrationRequestData) Scan ¶
func (hi *RegistrationRequestData) Scan(destination interface{}) error
type Repository ¶
type Repository interface {
GetControlKeys(ctx context.Context) (*ControlKeys, error)
SetControlKeys(ctx context.Context, keys *ControlKeys) error
GetJSONWebKeySet(ctx context.Context) (*JSONWebKeys, error)
SetJSONWebKeySet(ctx context.Context, keys *JSONWebKeys) error
GetDERPMap(ctx context.Context) (*DERPMap, error)
SetDERPMap(ctx context.Context, v *DERPMap) error
GetAccount(ctx context.Context, accountID uint64) (*Account, error)
GetOrCreateAccount(ctx context.Context, externalID, loginName string) (*Account, bool, error)
SaveTailnet(ctx context.Context, tailnet *Tailnet) error
GetOrCreateTailnet(ctx context.Context, name string, iamPolicy IAMPolicy) (*Tailnet, bool, error)
GetTailnet(ctx context.Context, id uint64) (*Tailnet, error)
GetTailnetByAlias(ctx context.Context, alias string) (*Tailnet, error)
ListTailnets(ctx context.Context) ([]Tailnet, error)
DeleteTailnet(ctx context.Context, id uint64) error
SaveSystemApiKey(ctx context.Context, key *SystemApiKey) error
LoadSystemApiKey(ctx context.Context, key string) (*SystemApiKey, error)
SaveApiKey(ctx context.Context, key *ApiKey) error
LoadApiKey(ctx context.Context, key string) (*ApiKey, error)
DeleteApiKeysByTailnet(ctx context.Context, tailnetID uint64) error
DeleteApiKeysByUser(ctx context.Context, userID uint64) error
GetAuthKey(ctx context.Context, id uint64) (*AuthKey, error)
SaveAuthKey(ctx context.Context, key *AuthKey) error
DeleteAuthKey(ctx context.Context, id uint64) (bool, error)
DeleteAuthKeysByTailnet(ctx context.Context, tailnetID uint64) error
DeleteAuthKeysByUser(ctx context.Context, userID uint64) error
ListAuthKeys(ctx context.Context, tailnetID uint64) ([]AuthKey, error)
ListAuthKeysByTailnetAndUser(ctx context.Context, tailnetID, userID uint64) ([]AuthKey, error)
LoadAuthKey(ctx context.Context, key string) (*AuthKey, error)
GetOrCreateServiceUser(ctx context.Context, tailnet *Tailnet) (*User, bool, error)
GetOrCreateUserWithAccount(ctx context.Context, tailnet *Tailnet, account *Account) (*User, bool, error)
GetUser(ctx context.Context, userID uint64) (*User, error)
DeleteUser(ctx context.Context, userID uint64) error
ListUsers(ctx context.Context, tailnetID uint64) (Users, error)
DeleteUsersByTailnet(ctx context.Context, tailnetID uint64) error
SaveMachine(ctx context.Context, m *Machine) error
DeleteMachine(ctx context.Context, id uint64) (bool, error)
GetMachine(ctx context.Context, id uint64) (*Machine, error)
GetMachineByKey(ctx context.Context, tailnetID uint64, key string) (*Machine, error)
GetMachineByKeys(ctx context.Context, machineKey string, nodeKey string) (*Machine, error)
CountMachinesWithIPv4(ctx context.Context, ip string) (int64, error)
GetNextMachineNameIndex(ctx context.Context, tailnetID uint64, name string) (uint64, error)
ListMachineByTailnet(ctx context.Context, tailnetID uint64) (Machines, error)
CountMachineByTailnet(ctx context.Context, tailnetID uint64) (int64, error)
DeleteMachineByTailnet(ctx context.Context, tailnetID uint64) error
DeleteMachineByUser(ctx context.Context, userID uint64) error
ListMachinePeers(ctx context.Context, tailnetID uint64, key string) (Machines, error)
ListInactiveEphemeralMachines(ctx context.Context, checkpoint time.Time) (Machines, error)
SetMachineLastSeen(ctx context.Context, machineID uint64) error
SaveRegistrationRequest(ctx context.Context, request *RegistrationRequest) error
GetRegistrationRequestByKey(ctx context.Context, key string) (*RegistrationRequest, error)
GetRegistrationRequestByMachineKey(ctx context.Context, key string) (*RegistrationRequest, error)
SaveAuthenticationRequest(ctx context.Context, session *AuthenticationRequest) error
GetAuthenticationRequest(ctx context.Context, key string) (*AuthenticationRequest, error)
DeleteAuthenticationRequest(ctx context.Context, key string) error
SaveSSHActionRequest(ctx context.Context, session *SSHActionRequest) error
GetSSHActionRequest(ctx context.Context, key string) (*SSHActionRequest, error)
DeleteSSHActionRequest(ctx context.Context, key string) error
Transaction(func(rp Repository) error) error
}
func NewRepository ¶
func NewRepository(db *gorm.DB) Repository
type SSHActionRequest ¶ added in v0.4.0
type ServerConfig ¶
type ServerConfig struct {
Key configKey `gorm:"primary_key"`
Value []byte
}
type SystemApiKey ¶
type SystemApiKey struct {
ID uint64 `gorm:"primary_key"`
Key string
Hash string
CreatedAt time.Time
ExpiresAt *time.Time
AccountID uint64
Account Account
}
func CreateSystemApiKey ¶
func CreateSystemApiKey(account *Account, expiresAt *time.Time) (string, *SystemApiKey)
type SystemRole ¶
type SystemRole string
const ( SystemRoleNone SystemRole = "" SystemRoleAdmin SystemRole = "admin" )
func (SystemRole) IsAdmin ¶
func (s SystemRole) IsAdmin() bool
type Tailnet ¶
type Tailnet struct {
ID uint64 `gorm:"primary_key"`
Name string
DNSConfig DNSConfig
IAMPolicy IAMPolicy
ACLPolicy ACLPolicy
DERPMap DERPMap
ServiceCollectionEnabled bool
FileSharingEnabled bool
SSHEnabled bool
MachineAuthorizationEnabled bool
}
func (Tailnet) GetDERPMap ¶ added in v0.4.0
Source Files
Click to show internal directories.
Click to hide internal directories.