hscontrol

package

v0.23.0 Latest Latest Go to latest Published: Sep 18, 2024 License: BSD-3-Clause Imports: 82 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/juanfont/headscale

Links

Open Source Insights

Documentation ¶

Overview ¶

nolint

Index ¶

Constants
Variables
type AppleMobileConfig
type AppleMobilePlatformConfig
type Headscale
- func NewHeadscale(cfg *types.Config) (*Headscale, error)
type IDTokenClaims

Constants ¶

View Source

const (
	AuthPrefix = "Bearer "
)

View Source

const (
	MinimumCapVersion tailcfg.CapabilityVersion = 61
)

View Source

const (
	// The CapabilityVersion is used by Tailscale clients to indicate
	// their codebase version. Tailscale clients can communicate over TS2021
	// from CapabilityVersion 28, but we only have good support for it
	// since https://github.com/tailscale/tailscale/pull/4323 (Noise in any HTTPS port).
	//
	// Related to this change, there is https://github.com/tailscale/tailscale/pull/5379,
	// where CapabilityVersion 39 is introduced to indicate #4323 was merged.
	//
	// See also https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go
	NoiseCapabilityVersion = 39
)

Variables ¶

View Source

var ErrNoCapabilityVersion = errors.New("no capability version set")

View Source

var ErrRegisterMethodCLIDoesNotSupportExpire = errors.New(
	"machines registered with CLI does not support expire",
)

Functions ¶

This section is empty.

Types ¶

type AppleMobileConfig ¶

type AppleMobileConfig struct {
	UUID    uuid.UUID
	URL     string
	Payload string
}

type AppleMobilePlatformConfig ¶

type AppleMobilePlatformConfig struct {
	UUID uuid.UUID
	URL  string
}

type Headscale ¶

type Headscale struct {
	DERPMap    *tailcfg.DERPMap
	DERPServer *derpServer.DERPServer

	ACLPolicy *policy.ACLPolicy
	// contains filtered or unexported fields
}

Headscale represents the base app of the service.

func NewHeadscale ¶

func NewHeadscale(cfg *types.Config) (*Headscale, error)

func (*Headscale) AppleConfigMessage ¶

func (h *Headscale) AppleConfigMessage(
	writer http.ResponseWriter,
	req *http.Request,
)

AppleConfigMessage shows a simple message in the browser to point the user to the iOS/MacOS profile and instructions for how to install it.

func (*Headscale) ApplePlatformConfig ¶

func (h *Headscale) ApplePlatformConfig(
	writer http.ResponseWriter,
	req *http.Request,
)

func (*Headscale) HealthHandler ¶

func (h *Headscale) HealthHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

func (*Headscale) KeyHandler ¶

func (h *Headscale) KeyHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

KeyHandler provides the Headscale pub key Listens in /key.

func (*Headscale) NoiseUpgradeHandler ¶

func (h *Headscale) NoiseUpgradeHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

NoiseUpgradeHandler is to upgrade the connection and hijack the net.Conn in order to use the Noise-based TS2021 protocol. Listens in /ts2021.

func (*Headscale) OIDCCallback ¶

func (h *Headscale) OIDCCallback(
	writer http.ResponseWriter,
	req *http.Request,
)

OIDCCallback handles the callback from the OIDC endpoint Retrieves the nkey from the state cache and adds the node to the users email user TODO: A confirmation page for new nodes should be added to avoid phishing vulnerabilities TODO: Add groups information from OIDC tokens into node HostInfo Listens in /oidc/callback.

func (*Headscale) RegisterOIDC ¶

func (h *Headscale) RegisterOIDC(
	writer http.ResponseWriter,
	req *http.Request,
)

RegisterOIDC redirects to the OIDC provider for authentication Puts NodeKey in cache so the callback can retrieve it using the oidc state param Listens in /oidc/register/:mKey.

func (*Headscale) RegisterWebAPI ¶

func (h *Headscale) RegisterWebAPI(
	writer http.ResponseWriter,
	req *http.Request,
)

RegisterWebAPI shows a simple message in the browser to point to the CLI Listens in /register/:nkey.

This is not part of the Tailscale control API, as we could send whatever URL in the RegisterResponse.AuthURL field.

func (*Headscale) Serve ¶

func (h *Headscale) Serve() error

Serve launches the HTTP and gRPC server service Headscale and the API.

func (*Headscale) WindowsConfigMessage ¶

func (h *Headscale) WindowsConfigMessage(
	writer http.ResponseWriter,
	req *http.Request,
)

WindowsConfigMessage shows a simple message in the browser for how to configure the Windows Tailscale client.

type IDTokenClaims ¶

type IDTokenClaims struct {
	Name     string   `json:"name,omitempty"`
	Groups   []string `json:"groups,omitempty"`
	Email    string   `json:"email"`
	Username string   `json:"preferred_username,omitempty"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
db
derp
server
mapper
notifier
policy
matcher
types
util

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL