Merge pull request #248 from negbie/main
This commit is contained in:
commit
3fb3db6f20
4 changed files with 14 additions and 3 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -17,6 +17,8 @@
|
||||||
/headscale
|
/headscale
|
||||||
config.json
|
config.json
|
||||||
config.yaml
|
config.yaml
|
||||||
|
derp.yaml
|
||||||
|
*.hujson
|
||||||
*.key
|
*.key
|
||||||
/db.sqlite
|
/db.sqlite
|
||||||
*.sqlite3
|
*.sqlite3
|
||||||
|
|
7
acls.go
7
acls.go
|
@ -34,6 +34,11 @@ const (
|
||||||
|
|
||||||
// LoadACLPolicy loads the ACL policy from the specify path, and generates the ACL rules.
|
// LoadACLPolicy loads the ACL policy from the specify path, and generates the ACL rules.
|
||||||
func (h *Headscale) LoadACLPolicy(path string) error {
|
func (h *Headscale) LoadACLPolicy(path string) error {
|
||||||
|
log.Debug().
|
||||||
|
Str("func", "LoadACLPolicy").
|
||||||
|
Str("path", path).
|
||||||
|
Msg("Loading ACL policy from path")
|
||||||
|
|
||||||
policyFile, err := os.Open(path)
|
policyFile, err := os.Open(path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -67,6 +72,8 @@ func (h *Headscale) LoadACLPolicy(path string) error {
|
||||||
}
|
}
|
||||||
h.aclRules = rules
|
h.aclRules = rules
|
||||||
|
|
||||||
|
log.Trace().Interface("ACL", rules).Msg("ACL rules generated")
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
6
app.go
6
app.go
|
@ -418,12 +418,12 @@ func (h *Headscale) Serve() error {
|
||||||
|
|
||||||
err = h.ensureUnixSocketIsAbsent()
|
err = h.ensureUnixSocketIsAbsent()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
return fmt.Errorf("unable to remove old socket file: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
socketListener, err := net.Listen("unix", h.cfg.UnixSocket)
|
socketListener, err := net.Listen("unix", h.cfg.UnixSocket)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
return fmt.Errorf("failed to set up gRPC socket: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Handle common process-killing signals so we can gracefully shut down:
|
// Handle common process-killing signals so we can gracefully shut down:
|
||||||
|
@ -441,7 +441,7 @@ func (h *Headscale) Serve() error {
|
||||||
|
|
||||||
networkListener, err := net.Listen("tcp", h.cfg.Addr)
|
networkListener, err := net.Listen("tcp", h.cfg.Addr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
return fmt.Errorf("failed to bind to TCP address: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create the cmux object that will multiplex 2 protocols on the same port.
|
// Create the cmux object that will multiplex 2 protocols on the same port.
|
||||||
|
|
|
@ -54,6 +54,8 @@ tls_letsencrypt_challenge_type: HTTP-01
|
||||||
tls_cert_path: ""
|
tls_cert_path: ""
|
||||||
tls_key_path: ""
|
tls_key_path: ""
|
||||||
|
|
||||||
|
log_level: info
|
||||||
|
|
||||||
# Path to a file containg ACL policies.
|
# Path to a file containg ACL policies.
|
||||||
acl_policy_path: ""
|
acl_policy_path: ""
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue