Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Headscale: Added an option to set an Access-Control-Allow-Origin resp… #1

Open
wants to merge 45 commits into
base: updated
Choose a base branch
from
Open

Headscale: Added an option to set an Access-Control-Allow-Origin resp… #1

wants to merge 45 commits into from

Conversation

Jisse-Meruma
Copy link

  • [ x ] read the CONTRIBUTING guidelines
  • raised a GitHub issue or discussed it on the projects chat beforehand
  • added unit tests
  • added integration tests
  • [ x ] updated documentation if needed
  • updated CHANGELOG.md

@Jisse-Meruma Jisse-Meruma requested a review from yuri91 December 12, 2024 15:50
@kradalby
Add worker reading extra_records_path from file (juanfont#2271)
380fcdb 
* consolidate scheduled tasks into one goroutine

Signed-off-by: Kristoffer Dalby <[email protected]>

* rename Tailcfg dns struct

Signed-off-by: Kristoffer Dalby <[email protected]>

* add dns.extra_records_path option

Signed-off-by: Kristoffer Dalby <[email protected]>

* prettier lint

Signed-off-by: Kristoffer Dalby <[email protected]>

* go-fmt

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
update oidc part of changelog for 0.24.0 (juanfont#2285)
76d26a7
yuri91
yuri91 requested changes Dec 13, 2024
View reviewed changes
Copy link
Member

@yuri91 yuri91 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

squash the commits together. other than that it looks clean to me.
Make the PR to upstream first thing on Monday (so you don't get potentially pinged on the weekend).

@Jisse-Meruma Jisse-Meruma force-pushed the enable-cors-with-config branch from 2c2085a to 39bd024 Compare December 13, 2024 14:22
@Jisse-Meruma Jisse-Meruma added bug Something isn't working and removed bug Something isn't working labels Dec 13, 2024
@Jisse-Meruma Jisse-Meruma requested a review from yuri91 December 16, 2024 09:24
@kradalby
fix issue where some oidc claim bools are sent as string (juanfont#2297)
5345f19 
Jumpcloud send invalid json, so we need to handle it.

Fixes juanfont#2293

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
fixes to extra-record file watcher (juanfont#2298)
ccc895b 
* Fix excess error message during writes

Fixes juanfont#2290

Signed-off-by: Kristoffer Dalby <[email protected]>

* retry filewatcher on removed files

This should handled if files are deleted and added again, and for rename
scenarios.

Fixes juanfont#2289

Signed-off-by: Kristoffer Dalby <[email protected]>

* test more write and remove in filewatcher

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@Jisse-Meruma Jisse-Meruma force-pushed the enable-cors-with-config branch from 39bd024 to 4183039 Compare December 16, 2024 11:02
showier-drastic and others added 9 commits December 17, 2024 12:11
@showier-drastic
Correct macOS GUI connect guide because there's no ALT key on a mac (j…
7d937c6 
…uanfont#2306)

* Correct macOS GUI connect guide because there's no ALT key on a mac
* also correct macOS GUI connect in hscontrol text
@nadongjun
Add -race Flag to GitHub Action and Fix Data Race in CreateTailscaleN…
e270169 
…odesInUser (juanfont#2038)

* Add -race flag to Makefile and integration tests; fix data race in CreateTailscaleNodesInUser

* Fix data race in ExecuteCommand by using local buffers and mutex

Signed-off-by: Dongjun Na <[email protected]>

* lint

Signed-off-by: Dongjun Na <[email protected]>

---------

Signed-off-by: Dongjun Na <[email protected]>
@nblock
Remove sealos documentation
65304a0 
The referenced version is outdated (0.23.0-beta1) and seems
unmaintained.
@nblock
Changelog: support client verify for DERP
47b405d 
and fix some links

Ref: juanfont#2304
@nblock
Update DNS documentation for dns.extra_records_path
319ce67 
* Describe both ways to add extra DNS records
* Use "extra" instead of "custom" to align with the configuration file
* Include dns.extra_records_path in the configuration file
@nblock
Mention reload and SIGHUP when editing the ACL policy file
3269cfd 
Fixes: juanfont#2284
@nblock
Misc doc updates
0acb2b5
@nblock
Set title for code listings
bbc93a9
@kradalby
bump deps (juanfont#2308)
af4508b 
* Bump go crypto

Closes juanfont#2281

Signed-off-by: Kristoffer Dalby <[email protected]>

* upgrade tailscale

Signed-off-by: Kristoffer Dalby <[email protected]>

* upgrade rest

Signed-off-by: Kristoffer Dalby <[email protected]>

* nix: flake update

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@Jisse-Meruma Jisse-Meruma force-pushed the enable-cors-with-config branch 2 times, most recently from e07c42b to dfad6a1 Compare December 18, 2024 16:27
kradalby and others added 4 commits December 19, 2024 13:10
@kradalby
fix tags not resolving to username if email is present (juanfont#2309)
770f3dc 
* ensure valid tags is populated on user gets too

Signed-off-by: Kristoffer Dalby <[email protected]>

* ensure forced tags are added

Signed-off-by: Kristoffer Dalby <[email protected]>

* remove unused envvar in test

Signed-off-by: Kristoffer Dalby <[email protected]>

* debug log auth/unauth tags in policy man

Signed-off-by: Kristoffer Dalby <[email protected]>

* defer shutdown in tags test

Signed-off-by: Kristoffer Dalby <[email protected]>

* add tag test with groups

Signed-off-by: Kristoffer Dalby <[email protected]>

* add email, display name, picture to create user

Updates juanfont#2166

Signed-off-by: Kristoffer Dalby <[email protected]>

* add ability to set display and email to cli

Signed-off-by: Kristoffer Dalby <[email protected]>

* add email to test users in integration

Signed-off-by: Kristoffer Dalby <[email protected]>

* fix issue where tags were only assigned to email, not username

Fixes juanfont#2300
Fixes juanfont#2307

Signed-off-by: Kristoffer Dalby <[email protected]>

* expand principles to correct login name

and if fix an issue where nodeip principles might not expand to all
relevant IPs instead of taking the first in a prefix.

Signed-off-by: Kristoffer Dalby <[email protected]>

* fix ssh unit test

Signed-off-by: Kristoffer Dalby <[email protected]>

* update cli and oauth tests for users with email

Signed-off-by: Kristoffer Dalby <[email protected]>

* index by test email

Signed-off-by: Kristoffer Dalby <[email protected]>

* fix last test

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@github-actions
flake.lock: Update (juanfont#2313)
9313e5b
@Rorical
feat: Add PKCE Verifier for OIDC (juanfont#2314)
b81420b 
* feat: add PKCE verifier for OIDC

* Update CHANGELOG.md
@github-actions
flake.lock: Update (juanfont#2320)
f9bbfa5
github-actions bot and others added 24 commits January 5, 2025 07:35
@github-actions
flake.lock: Update (juanfont#2324)
41bad2b
@kradalby
Set CSRF cookies for OIDC (juanfont#2328)
fa641e3 
* set state and nounce in oidc to prevent csrf

Fixes juanfont#2276

* try to fix new postgres issue

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@majst01 @nblock
Fix typos
ede4f97
@github-actions
flake.lock: Update (juanfont#2342)
610597b
@gordinmitya
Update apple.md for latest version of iOS (juanfont#2321)
1ab7b31 
The official iOS app now has a simpler login process for custom instances, directly within the app.
@kradalby
allow @ and Log if OIDC username is not consider valid (juanfont#2340)
38aef77
@kradalby
fix nil pointer deref (juanfont#2339)
caad5c6
@kradalby
use headscale server url as domain instead of base_domain (juanfont#2338
e4a3dcc 
)
@kradalby
set changelog date (juanfont#2347)
e88406e
@kradalby
Release docs 0.24 (juanfont#2349)
8076c94 
* correct changelog date

Signed-off-by: Kristoffer Dalby <[email protected]>

* update docs version and copyright

Signed-off-by: Kristoffer Dalby <[email protected]>

* fix deprecated goreleaser key and DRY

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
set oidc.map_legacy_users false (juanfont#2350)
5b986ed
@github-actions
flake.lock: Update (juanfont#2353)
aa76980
@kradalby
relax user validation to allow emails, add tests from various oidc pr…
c1f42cd 
…oviders (juanfont#2364)

* relax user validation to allow emails, add tests from various oidc providers

Signed-off-by: Kristoffer Dalby <[email protected]>

* changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
make it harder to insert invalid routes (juanfont#2371)
615ee5d 
* make it harder to insert invalid routes

Signed-off-by: Kristoffer Dalby <[email protected]>

* dont panic if node is not available for route

Signed-off-by: Kristoffer Dalby <[email protected]>

* update changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
fix postgres migration issue with 0.24 (juanfont#2367)
9e3f945 
* fix postgres migration issue with 0.24

Fixes juanfont#2351

Signed-off-by: Kristoffer Dalby <[email protected]>

* add postgres migration test for 2351

Signed-off-by: Kristoffer Dalby <[email protected]>

* update changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
fix panic if derp update is 0 (juanfont#2368)
d1dbe4e 
* fix panic if derp update is 0

Fixes juanfont#2362

Signed-off-by: Kristoffer Dalby <[email protected]>

* update changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@github-actions
flake.lock: Update (juanfont#2378)
97e5d95
@kradalby
use dedicated registration ID for auth flow (juanfont#2337)
4c8e847
@kradalby
create and rename usernames validated by new func (juanfont#2381)
2c279e0 
Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
simplify findUserByToken in ACL, add missing testcases (juanfont#2388)
7ba6ad3 
* update users doc on unique constraints

Signed-off-by: Kristoffer Dalby <[email protected]>

* simplify finduser func

Signed-off-by: Kristoffer Dalby <[email protected]>

* add initial tests for findUserFromToken

Signed-off-by: Kristoffer Dalby <[email protected]>

* add changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@nblock
Remove routes without a node_id (juanfont#2386)
f44b1d3 
The routes table has a NOT NULL constraint on node_id.

Fixes: juanfont#2376
@kradalby
clean up handler methods, common logging (juanfont#2384)
cd3b8e6 
* clean up handler methods, common logging

Signed-off-by: Kristoffer Dalby <[email protected]>

* streamline http.Error calls

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@kradalby
initial capver packet tracking version (juanfont#2391)
e172c29 
* initial capver packet tracking version

Signed-off-by: Kristoffer Dalby <[email protected]>

* Log the minimum version as client version, not only capver

Signed-off-by: Kristoffer Dalby <[email protected]>

* remove old versions

Signed-off-by: Kristoffer Dalby <[email protected]>

* use capver for integration tests

Signed-off-by: Kristoffer Dalby <[email protected]>

* changelog

Signed-off-by: Kristoffer Dalby <[email protected]>

* patch through m and n key

Signed-off-by: Kristoffer Dalby <[email protected]>

---------

Signed-off-by: Kristoffer Dalby <[email protected]>
@Jisse-Meruma
Headscale: Added an option to set an Access-Control-Allow-Origin resp…
68ce697 
…onse header to enable Cross-Origin Resource Sharing (CORS)
@Jisse-Meruma Jisse-Meruma force-pushed the enable-cors-with-config branch from dfad6a1 to 68ce697 Compare February 5, 2025 11:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuri91 yuri91 yuri91 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@Jisse-Meruma @yuri91 @kradalby @showier-drastic @nadongjun @nblock @Rorical @majst01 @gordinmitya