Documentation ¶
Index ¶
- Constants
- Variables
- func AssignNodeToUser(tx *gorm.DB, node *types.Node, username string) error
- func CreatePreAuthKey(tx *gorm.DB, userName string, reusable bool, ephemeral bool, ...) (*types.PreAuthKey, error)
- func CreateUser(tx *gorm.DB, name string) (*types.User, error)
- func DeleteNode(tx *gorm.DB, node *types.Node, ...) ([]types.NodeID, error)
- func DeleteRoute(tx *gorm.DB, id uint64, isLikelyConnected *xsync.MapOf[types.NodeID, bool]) ([]types.NodeID, error)
- func DestroyPreAuthKey(tx *gorm.DB, pak types.PreAuthKey) error
- func DestroyUser(tx *gorm.DB, name string) error
- func DisableRoute(tx *gorm.DB, id uint64, isLikelyConnected *xsync.MapOf[types.NodeID, bool]) ([]types.NodeID, error)
- func EnableAutoApprovedRoutes(tx *gorm.DB, aclPolicy *policy.ACLPolicy, node *types.Node) error
- func EnableRoute(tx *gorm.DB, id uint64) (*types.StateUpdate, error)
- func ExpireExpiredNodes(tx *gorm.DB, lastCheck time.Time) (time.Time, types.StateUpdate, bool)
- func ExpirePreAuthKey(tx *gorm.DB, k *types.PreAuthKey) error
- func FailoverNodeRoutesIfNeccessary(tx *gorm.DB, isLikelyConnected *xsync.MapOf[types.NodeID, bool], ...) (*types.StateUpdate, error)
- func GetAdvertisedRoutes(tx *gorm.DB, node *types.Node) ([]netip.Prefix, error)
- func GetEnabledRoutes(tx *gorm.DB, node *types.Node) ([]netip.Prefix, error)
- func GetNodeAdvertisedRoutes(tx *gorm.DB, node *types.Node) (types.Routes, error)
- func GetNodeByAnyKey(tx *gorm.DB, machineKey key.MachinePublic, nodeKey key.NodePublic, ...) (*types.Node, error)
- func GetNodeByID(tx *gorm.DB, id types.NodeID) (*types.Node, error)
- func GetNodeByMachineKey(tx *gorm.DB, machineKey key.MachinePublic) (*types.Node, error)
- func GetNodePrimaryRoutes(tx *gorm.DB, node *types.Node) (types.Routes, error)
- func GetNodeRoutes(tx *gorm.DB, node *types.Node) (types.Routes, error)
- func GetPreAuthKey(tx *gorm.DB, user string, key string) (*types.PreAuthKey, error)
- func GetRoute(tx *gorm.DB, id uint64) (*types.Route, error)
- func GetRoutes(tx *gorm.DB) (types.Routes, error)
- func GetUser(tx *gorm.DB, name string) (*types.User, error)
- func IsRoutesEnabled(tx *gorm.DB, node *types.Node, routeStr string) bool
- func ListNodes(tx *gorm.DB) (types.Nodes, error)
- func ListNodesByUser(tx *gorm.DB, name string) (types.Nodes, error)
- func ListPeers(tx *gorm.DB, nodeID types.NodeID) (types.Nodes, error)
- func ListPreAuthKeys(tx *gorm.DB, userName string) ([]types.PreAuthKey, error)
- func ListUsers(tx *gorm.DB) ([]types.User, error)
- func NodeSave(tx *gorm.DB, node *types.Node) error
- func NodeSetExpiry(tx *gorm.DB, nodeID types.NodeID, expiry time.Time) error
- func NodeSetMachineKey(tx *gorm.DB, node *types.Node, machineKey key.MachinePublic) error
- func NodeSetNodeKey(tx *gorm.DB, node *types.Node, nodeKey key.NodePublic) error
- func Read[T any](db *gorm.DB, fn func(rx *gorm.DB) (T, error)) (T, error)
- func RegisterNode(tx *gorm.DB, node types.Node, ipv4 *netip.Addr, ipv6 *netip.Addr) (*types.Node, error)
- func RegisterNodeFromAuthCallback(tx *gorm.DB, cache *cache.Cache, mkey key.MachinePublic, userName string, ...) (*types.Node, error)
- func RenameNode(tx *gorm.DB, nodeID types.NodeID, newName string) error
- func RenameUser(tx *gorm.DB, oldName, newName string) error
- func SaveNodeRoutes(tx *gorm.DB, node *types.Node) (bool, error)
- func SetLastSeen(tx *gorm.DB, nodeID types.NodeID, lastSeen time.Time) error
- func SetTags(tx *gorm.DB, nodeID types.NodeID, tags []string) error
- func UsePreAuthKey(tx *gorm.DB, k *types.PreAuthKey) error
- func ValidatePreAuthKey(tx *gorm.DB, k string) (*types.PreAuthKey, error)
- func Write[T any](db *gorm.DB, fn func(tx *gorm.DB) (T, error)) (T, error)
- type EphemeralGarbageCollector
- type HSDatabase
- func (hsdb *HSDatabase) AssignNodeToUser(node *types.Node, username string) error
- func (db *HSDatabase) BackfillNodeIPs(i *IPAllocator) ([]string, error)
- func (hsdb *HSDatabase) Close() error
- func (hsdb *HSDatabase) CreateAPIKey(expiration *time.Time) (string, *types.APIKey, error)
- func (hsdb *HSDatabase) CreatePreAuthKey(userName string, reusable bool, ephemeral bool, expiration *time.Time, ...) (*types.PreAuthKey, error)
- func (hsdb *HSDatabase) CreateUser(name string) (*types.User, error)
- func (hsdb *HSDatabase) DeleteEphemeralNode(nodeID types.NodeID) error
- func (hsdb *HSDatabase) DeleteNode(node *types.Node, isLikelyConnected *xsync.MapOf[types.NodeID, bool]) ([]types.NodeID, error)
- func (hsdb *HSDatabase) DeleteRoute(id uint64, isLikelyConnected *xsync.MapOf[types.NodeID, bool]) ([]types.NodeID, error)
- func (hsdb *HSDatabase) DestroyAPIKey(key types.APIKey) error
- func (hsdb *HSDatabase) DestroyUser(name string) error
- func (hsdb *HSDatabase) EnableAutoApprovedRoutes(aclPolicy *policy.ACLPolicy, node *types.Node) error
- func (hsdb *HSDatabase) ExpireAPIKey(key *types.APIKey) error
- func (hsdb *HSDatabase) ExpirePreAuthKey(k *types.PreAuthKey) error
- func (hsdb *HSDatabase) GetAPIKey(prefix string) (*types.APIKey, error)
- func (hsdb *HSDatabase) GetAPIKeyByID(id uint64) (*types.APIKey, error)
- func (hsdb *HSDatabase) GetAdvertisedRoutes(node *types.Node) ([]netip.Prefix, error)
- func (hsdb *HSDatabase) GetEnabledRoutes(node *types.Node) ([]netip.Prefix, error)
- func (hsdb *HSDatabase) GetNodeByAnyKey(machineKey key.MachinePublic, nodeKey key.NodePublic, ...) (*types.Node, error)
- func (hsdb *HSDatabase) GetNodeByID(id types.NodeID) (*types.Node, error)
- func (hsdb *HSDatabase) GetNodeByMachineKey(machineKey key.MachinePublic) (*types.Node, error)
- func (hsdb *HSDatabase) GetNodePrimaryRoutes(node *types.Node) (types.Routes, error)
- func (hsdb *HSDatabase) GetNodeRoutes(node *types.Node) (types.Routes, error)
- func (hsdb *HSDatabase) GetPolicy() (*types.Policy, error)
- func (hsdb *HSDatabase) GetUser(name string) (*types.User, error)
- func (hsdb *HSDatabase) ListAPIKeys() ([]types.APIKey, error)
- func (hsdb *HSDatabase) ListEphemeralNodes() (types.Nodes, error)
- func (hsdb *HSDatabase) ListNodes() (types.Nodes, error)
- func (hsdb *HSDatabase) ListPeers(nodeID types.NodeID) (types.Nodes, error)
- func (hsdb *HSDatabase) ListPreAuthKeys(userName string) ([]types.PreAuthKey, error)
- func (hsdb *HSDatabase) ListUsers() ([]types.User, error)
- func (hsdb *HSDatabase) NodeSetExpiry(nodeID types.NodeID, expiry time.Time) error
- func (hsdb *HSDatabase) NodeSetMachineKey(node *types.Node, machineKey key.MachinePublic) error
- func (hsdb *HSDatabase) PingDB(ctx context.Context) error
- func (hsdb *HSDatabase) Read(fn func(rx *gorm.DB) error) error
- func (hsdb *HSDatabase) RegisterNode(node types.Node, ipv4 *netip.Addr, ipv6 *netip.Addr) (*types.Node, error)
- func (hsdb *HSDatabase) RenameUser(oldName, newName string) error
- func (hsdb *HSDatabase) SaveNodeRoutes(node *types.Node) (bool, error)
- func (hsdb *HSDatabase) SetPolicy(policy string) (*types.Policy, error)
- func (hsdb *HSDatabase) SetTags(nodeID types.NodeID, tags []string) error
- func (hsdb *HSDatabase) ValidateAPIKey(keyStr string) (bool, error)
- func (hsdb *HSDatabase) ValidatePreAuthKey(k string) (*types.PreAuthKey, error)
- func (hsdb *HSDatabase) Write(fn func(tx *gorm.DB) error) error
- type IPAllocator
- type KV
Constants ¶
const ( NodeGivenNameHashLength = 8 NodeGivenNameTrimSize = 2 )
Variables ¶
var ( ErrNodeNotFound = errors.New("node not found") ErrNodeRouteIsNotAvailable = errors.New("route is not available on node") ErrNodeNotFoundRegistrationCache = errors.New( "node not found in registration cache", ) ErrCouldNotConvertNodeInterface = errors.New("failed to convert node interface") ErrDifferentRegisteredUser = errors.New( "node was previously registered with a different user", ) )
var ( ErrPreAuthKeyNotFound = errors.New("AuthKey not found") ErrPreAuthKeyExpired = errors.New("AuthKey expired") ErrSingleUseAuthKeyHasBeenUsed = errors.New("AuthKey has already been used") ErrUserMismatch = errors.New("user mismatch") ErrPreAuthKeyACLTagInvalid = errors.New("AuthKey tag is invalid") )
var ( ErrUserExists = errors.New("user already exists") ErrUserNotFound = errors.New("user not found") ErrUserStillHasNodes = errors.New("user not empty: node(s) found") )
var ErrAPIKeyFailedToParse = errors.New("failed to parse ApiKey")
var ErrCouldNotAllocateIP = errors.New("failed to allocate IP")
var ErrRouteIsNotAvailable = errors.New("route is not available")
Functions ¶
func AssignNodeToUser ¶
AssignNodeToUser assigns a Node to a user.
func CreatePreAuthKey ¶
func CreatePreAuthKey( tx *gorm.DB, userName string, reusable bool, ephemeral bool, expiration *time.Time, aclTags []string, ) (*types.PreAuthKey, error)
CreatePreAuthKey creates a new PreAuthKey in a user, and returns it.
func CreateUser ¶
CreateUser creates a new User. Returns error if could not be created or another user already exists.
func DeleteNode ¶
func DeleteNode(tx *gorm.DB, node *types.Node, isLikelyConnected *xsync.MapOf[types.NodeID, bool], ) ([]types.NodeID, error)
DeleteNode deletes a Node from the database. Caller is responsible for notifying all of change.
func DeleteRoute ¶
func DestroyPreAuthKey ¶
func DestroyPreAuthKey(tx *gorm.DB, pak types.PreAuthKey) error
DestroyPreAuthKey destroys a preauthkey. Returns error if the PreAuthKey does not exist.
func DestroyUser ¶
DestroyUser destroys a User. Returns error if the User does not exist or if there are nodes associated with it.
func DisableRoute ¶
func EnableAutoApprovedRoutes ¶
EnableAutoApprovedRoutes enables any routes advertised by a node that match the ACL autoApprovers policy.
func EnableRoute ¶
func ExpireExpiredNodes ¶
func ExpirePreAuthKey ¶
func ExpirePreAuthKey(tx *gorm.DB, k *types.PreAuthKey) error
MarkExpirePreAuthKey marks a PreAuthKey as expired.
func FailoverNodeRoutesIfNeccessary ¶
func FailoverNodeRoutesIfNeccessary( tx *gorm.DB, isLikelyConnected *xsync.MapOf[types.NodeID, bool], node *types.Node, ) (*types.StateUpdate, error)
FailoverNodeRoutesIfNeccessary takes a node and checks if the node's route need to be failed over to another host. If needed, the failover will be attempted.
func GetAdvertisedRoutes ¶
GetAdvertisedRoutes returns the routes that are be advertised by the given node.
func GetEnabledRoutes ¶
GetEnabledRoutes returns the routes that are enabled for the node.
func GetNodeAdvertisedRoutes ¶
func GetNodeByAnyKey ¶
func GetNodeByAnyKey( tx *gorm.DB, machineKey key.MachinePublic, nodeKey key.NodePublic, oldNodeKey key.NodePublic, ) (*types.Node, error)
GetNodeByAnyKey finds a Node by its MachineKey, its current NodeKey or the old one, and returns the Node struct. TODO(kradalby): see if we can remove this.
func GetNodeByID ¶
GetNodeByID finds a Node by ID and returns the Node struct.
func GetNodeByMachineKey ¶
GetNodeByMachineKey finds a Node by its MachineKey and returns the Node struct.
func GetNodePrimaryRoutes ¶
getNodePrimaryRoutes returns the routes that are enabled and marked as primary (for subnet failover) Exit nodes are not considered for this, as they are never marked as Primary.
func GetPreAuthKey ¶
GetPreAuthKey returns a PreAuthKey for a given key.
func ListNodesByUser ¶
ListNodesByUser gets all the nodes in a given user.
func ListPeers ¶
ListPeers returns all peers of node, regardless of any Policy or if the node is expired.
func ListPreAuthKeys ¶
ListPreAuthKeys returns the list of PreAuthKeys for a user.
func NodeSave ¶
NodeSave saves a node object to the database, prefer to use a specific save method rather than this. It is intended to be used when we are changing or. TODO(kradalby): Remove this func, just use Save.
func NodeSetExpiry ¶
NodeSetExpiry takes a Node struct and a new expiry time.
func NodeSetMachineKey ¶
NodeSetMachineKey sets the node key of a node and saves it to the database.
func NodeSetNodeKey ¶
NodeSetNodeKey sets the node key of a node and saves it to the database.
func RegisterNode ¶
func RegisterNode(tx *gorm.DB, node types.Node, ipv4 *netip.Addr, ipv6 *netip.Addr) (*types.Node, error)
RegisterNode is executed from the CLI to register a new Node using its MachineKey.
func RenameNode ¶
RenameNode takes a Node struct and a new GivenName for the nodes and renames it. If the name is not unique, it will return an error.
func RenameUser ¶
RenameUser renames a User. Returns error if the User does not exist or if another User exists with the new name.
func SaveNodeRoutes ¶
SaveNodeRoutes takes a node and updates the database with the new routes. It returns a bool whether an update should be sent as the saved route impacts nodes.
func SetLastSeen ¶
SetLastSeen sets a node's last seen field indicating that we have recently communicating with this node.
func UsePreAuthKey ¶
func UsePreAuthKey(tx *gorm.DB, k *types.PreAuthKey) error
UsePreAuthKey marks a PreAuthKey as used.
func ValidatePreAuthKey ¶
ValidatePreAuthKey does the heavy lifting for validation of the PreAuthKey coming from a node If returns no error and a PreAuthKey, it can be used.
Types ¶
type EphemeralGarbageCollector ¶
type EphemeralGarbageCollector struct {
// contains filtered or unexported fields
}
EphemeralGarbageCollector is a garbage collector that will delete nodes after a certain amount of time. It is used to delete ephemeral nodes that have disconnected and should be cleaned up.
func NewEphemeralGarbageCollector ¶
func NewEphemeralGarbageCollector(deleteFunc func(types.NodeID)) *EphemeralGarbageCollector
NewEphemeralGarbageCollector creates a new EphemeralGarbageCollector, it takes a deleteFunc that will be called when a node is scheduled for deletion.
func (*EphemeralGarbageCollector) Cancel ¶
func (e *EphemeralGarbageCollector) Cancel(nodeID types.NodeID)
Cancel cancels the deletion of a node.
func (*EphemeralGarbageCollector) Close ¶
func (e *EphemeralGarbageCollector) Close()
Close stops the garbage collector.
func (*EphemeralGarbageCollector) Schedule ¶
func (e *EphemeralGarbageCollector) Schedule(nodeID types.NodeID, expiry time.Duration)
Schedule schedules a node for deletion after the expiry duration.
func (*EphemeralGarbageCollector) Start ¶
func (e *EphemeralGarbageCollector) Start()
Start starts the garbage collector.
type HSDatabase ¶
func NewHeadscaleDatabase ¶
func NewHeadscaleDatabase( cfg types.DatabaseConfig, baseDomain string, ) (*HSDatabase, error)
TODO(kradalby): assemble this struct from toptions or something typed rather than arguments.
func (*HSDatabase) AssignNodeToUser ¶
func (hsdb *HSDatabase) AssignNodeToUser(node *types.Node, username string) error
func (*HSDatabase) BackfillNodeIPs ¶
func (db *HSDatabase) BackfillNodeIPs(i *IPAllocator) ([]string, error)
BackfillNodeIPs will take a database transaction, and iterate through all of the current nodes in headscale and ensure it has IP addresses according to the current configuration. This means that if both IPv4 and IPv6 is set in the config, and some nodes are missing that type of IP, it will be added. If a prefix type has been removed (IPv4 or IPv6), it will remove the IPs in that family from the node.
func (*HSDatabase) Close ¶
func (hsdb *HSDatabase) Close() error
func (*HSDatabase) CreateAPIKey ¶
CreateAPIKey creates a new ApiKey in a user, and returns it.
func (*HSDatabase) CreatePreAuthKey ¶
func (hsdb *HSDatabase) CreatePreAuthKey( userName string, reusable bool, ephemeral bool, expiration *time.Time, aclTags []string, ) (*types.PreAuthKey, error)
func (*HSDatabase) CreateUser ¶
func (hsdb *HSDatabase) CreateUser(name string) (*types.User, error)
func (*HSDatabase) DeleteEphemeralNode ¶
func (hsdb *HSDatabase) DeleteEphemeralNode( nodeID types.NodeID, ) error
DeleteEphemeralNode deletes a Node from the database, note that this method will remove it straight, and not notify any changes or consider any routes. It is intended for Ephemeral nodes.
func (*HSDatabase) DeleteNode ¶
func (*HSDatabase) DeleteRoute ¶
func (*HSDatabase) DestroyAPIKey ¶
func (hsdb *HSDatabase) DestroyAPIKey(key types.APIKey) error
DestroyAPIKey destroys a ApiKey. Returns error if the ApiKey does not exist.
func (*HSDatabase) DestroyUser ¶
func (hsdb *HSDatabase) DestroyUser(name string) error
func (*HSDatabase) EnableAutoApprovedRoutes ¶
func (*HSDatabase) ExpireAPIKey ¶
func (hsdb *HSDatabase) ExpireAPIKey(key *types.APIKey) error
ExpireAPIKey marks a ApiKey as expired.
func (*HSDatabase) ExpirePreAuthKey ¶
func (hsdb *HSDatabase) ExpirePreAuthKey(k *types.PreAuthKey) error
func (*HSDatabase) GetAPIKey ¶
func (hsdb *HSDatabase) GetAPIKey(prefix string) (*types.APIKey, error)
GetAPIKey returns a ApiKey for a given key.
func (*HSDatabase) GetAPIKeyByID ¶
func (hsdb *HSDatabase) GetAPIKeyByID(id uint64) (*types.APIKey, error)
GetAPIKeyByID returns a ApiKey for a given id.
func (*HSDatabase) GetAdvertisedRoutes ¶
func (*HSDatabase) GetEnabledRoutes ¶
func (*HSDatabase) GetNodeByAnyKey ¶
func (hsdb *HSDatabase) GetNodeByAnyKey( machineKey key.MachinePublic, nodeKey key.NodePublic, oldNodeKey key.NodePublic, ) (*types.Node, error)
func (*HSDatabase) GetNodeByID ¶
func (*HSDatabase) GetNodeByMachineKey ¶
func (hsdb *HSDatabase) GetNodeByMachineKey(machineKey key.MachinePublic) (*types.Node, error)
func (*HSDatabase) GetNodePrimaryRoutes ¶
func (*HSDatabase) GetNodeRoutes ¶
func (*HSDatabase) GetPolicy ¶
func (hsdb *HSDatabase) GetPolicy() (*types.Policy, error)
GetPolicy returns the latest policy in the database.
func (*HSDatabase) ListAPIKeys ¶
func (hsdb *HSDatabase) ListAPIKeys() ([]types.APIKey, error)
ListAPIKeys returns the list of ApiKeys for a user.
func (*HSDatabase) ListEphemeralNodes ¶
func (hsdb *HSDatabase) ListEphemeralNodes() (types.Nodes, error)
func (*HSDatabase) ListPreAuthKeys ¶
func (hsdb *HSDatabase) ListPreAuthKeys(userName string) ([]types.PreAuthKey, error)
func (*HSDatabase) NodeSetExpiry ¶
func (*HSDatabase) NodeSetMachineKey ¶
func (hsdb *HSDatabase) NodeSetMachineKey( node *types.Node, machineKey key.MachinePublic, ) error
func (*HSDatabase) RegisterNode ¶
func (*HSDatabase) RenameUser ¶
func (hsdb *HSDatabase) RenameUser(oldName, newName string) error
func (*HSDatabase) SaveNodeRoutes ¶
func (hsdb *HSDatabase) SaveNodeRoutes(node *types.Node) (bool, error)
func (*HSDatabase) SetPolicy ¶
func (hsdb *HSDatabase) SetPolicy(policy string) (*types.Policy, error)
SetPolicy sets the policy in the database.
func (*HSDatabase) SetTags ¶
func (hsdb *HSDatabase) SetTags( nodeID types.NodeID, tags []string, ) error
func (*HSDatabase) ValidateAPIKey ¶
func (hsdb *HSDatabase) ValidateAPIKey(keyStr string) (bool, error)
func (*HSDatabase) ValidatePreAuthKey ¶
func (hsdb *HSDatabase) ValidatePreAuthKey(k string) (*types.PreAuthKey, error)
type IPAllocator ¶
type IPAllocator struct {
// contains filtered or unexported fields
}
IPAllocator is a singleton responsible for allocating IP addresses for nodes and making sure the same address is not handed out twice. There can only be one and it needs to be created before any other database writes occur.
func NewIPAllocator ¶
func NewIPAllocator( db *HSDatabase, prefix4, prefix6 *netip.Prefix, strategy types.IPAllocationStrategy, ) (*IPAllocator, error)
NewIPAllocator returns a new IPAllocator singleton which can be used to hand out unique IP addresses within the provided IPv4 and IPv6 prefix. It needs to be created when headscale starts and needs to finish its read transaction before any writes to the database occur.