From 0003e30084f0c69469032652dd8ed0fae24a43ac Mon Sep 17 00:00:00 2001 From: Juan Font Alonso Date: Sat, 2 Apr 2022 11:45:18 +0200 Subject: [PATCH 01/17] Suggest English as lingua franca --- .github/ISSUE_TEMPLATE/bug_report.md | 2 ++ .github/ISSUE_TEMPLATE/feature_request.md | 2 ++ .github/ISSUE_TEMPLATE/other_issue.md | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index f090213..d989a84 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -6,6 +6,8 @@ labels: ["bug"] assignees: "" --- + + **Bug description** + **Feature request** diff --git a/.github/ISSUE_TEMPLATE/other_issue.md b/.github/ISSUE_TEMPLATE/other_issue.md index 76811e6..3004a97 100644 --- a/.github/ISSUE_TEMPLATE/other_issue.md +++ b/.github/ISSUE_TEMPLATE/other_issue.md @@ -6,6 +6,8 @@ labels: ["bug"] assignees: "" --- + + **Issue description** From 6e082417128a3b0de55e171683d37a10e8f23cbb Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Wed, 6 Apr 2022 11:05:08 -0300 Subject: [PATCH 02/17] Exit Headscale if ACL policy file cannot be parsed --- cmd/headscale/cli/utils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/headscale/cli/utils.go b/cmd/headscale/cli/utils.go index 768a971..992d125 100644 --- a/cmd/headscale/cli/utils.go +++ b/cmd/headscale/cli/utils.go @@ -408,7 +408,7 @@ func getHeadscaleApp() (*headscale.Headscale, error) { aclPath := absPath(viper.GetString("acl_policy_path")) err = app.LoadACLPolicy(aclPath) if err != nil { - log.Error(). + log.Fatal(). Str("path", aclPath). Err(err). Msg("Could not load the ACL policy") From c3324371d6cb6b0dd73f732e86094def4ccf9c21 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Wed, 6 Apr 2022 18:41:13 -0300 Subject: [PATCH 03/17] Update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d3aa8d5..65d2295 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ ## 0.16.0 (2022-xx-xx) ### Changes - +- Headscale fails to serve if the ACL policy file cannot be parsed [#537](https://github.com/juanfont/headscale/pull/537) - Fix labels cardinality error when registering unknown pre-auth key [#519](https://github.com/juanfont/headscale/pull/519) ## 0.15.0 (2022-03-20) From fa7ef3df2fa6e982dd1a34771683f842c7d300e5 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Thu, 7 Apr 2022 15:21:26 -0300 Subject: [PATCH 04/17] make linter happy --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 65d2295..c970be2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,7 @@ ## 0.16.0 (2022-xx-xx) ### Changes + - Headscale fails to serve if the ACL policy file cannot be parsed [#537](https://github.com/juanfont/headscale/pull/537) - Fix labels cardinality error when registering unknown pre-auth key [#519](https://github.com/juanfont/headscale/pull/519) From 22dd61d8497165c28d51109cf7f9d6b5da404a6d Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Sun, 10 Apr 2022 00:37:13 +0200 Subject: [PATCH 05/17] fixed the issue of sending on closed channel This commit fixes the issue of headscale crashing after sending on a closed channel by moving the channel close to the sender side, instead of the creator. closeChanWithLog is also implemented with generics now. Fixes: https://github.com/juanfont/headscale/issues/342 Signed-off-by: Moritz Poldrack --- poll.go | 68 ++++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 45 insertions(+), 23 deletions(-) diff --git a/poll.go b/poll.go index 15945a9..3bad0b8 100644 --- a/poll.go +++ b/poll.go @@ -175,32 +175,13 @@ func (h *Headscale) PollNetMapHandler(ctx *gin.Context) { Str("machine", machine.Name). Msg("Loading or creating update channel") - // TODO: could probably remove all that duplication once generics land. - closeChanWithLog := func(channel interface{}, name string) { - log.Trace(). - Str("handler", "PollNetMap"). - Str("machine", machine.Name). - Str("channel", "Done"). - Msg(fmt.Sprintf("Closing %s channel", name)) - - switch c := channel.(type) { - case (chan struct{}): - close(c) - - case (chan []byte): - close(c) - } - } - const chanSize = 8 updateChan := make(chan struct{}, chanSize) - defer closeChanWithLog(updateChan, "updateChan") pollDataChan := make(chan []byte, chanSize) - defer closeChanWithLog(pollDataChan, "pollDataChan") + defer closeChanWithLog(pollDataChan, machine.Name, "pollDataChan") keepAliveChan := make(chan []byte) - defer closeChanWithLog(keepAliveChan, "keepAliveChan") if req.OmitPeers && !req.Stream { log.Info(). @@ -273,7 +254,27 @@ func (h *Headscale) PollNetMapStream( updateChan chan struct{}, ) { { - ctx, cancel := context.WithCancel(ctx.Request.Context()) + machine, err := h.GetMachineByMachineKey(machineKey) + if err != nil { + if errors.Is(err, gorm.ErrRecordNotFound) { + log.Warn(). + Str("handler", "PollNetMap"). + Msgf("Ignoring request, cannot find machine with key %s", machineKey.String()) + ctx.String(http.StatusUnauthorized, "") + + return + } + log.Error(). + Str("handler", "PollNetMap"). + Msgf("Failed to fetch machine from the database with Machine key: %s", machineKey.String()) + ctx.String(http.StatusInternalServerError, "") + + return + } + + ctx := context.WithValue(ctx.Request.Context(), "machineName", machine.Name) + + ctx, cancel := context.WithCancel(ctx) defer cancel() go h.scheduledPollWorker( @@ -564,8 +565,8 @@ func (h *Headscale) PollNetMapStream( func (h *Headscale) scheduledPollWorker( ctx context.Context, - updateChan chan<- struct{}, - keepAliveChan chan<- []byte, + updateChan chan struct{}, + keepAliveChan chan []byte, machineKey key.MachinePublic, mapRequest tailcfg.MapRequest, machine *Machine, @@ -573,6 +574,17 @@ func (h *Headscale) scheduledPollWorker( keepAliveTicker := time.NewTicker(keepAliveInterval) updateCheckerTicker := time.NewTicker(updateCheckInterval) + defer closeChanWithLog( + updateChan, + fmt.Sprint(ctx.Value("machineName")), + "updateChan", + ) + defer closeChanWithLog( + keepAliveChan, + fmt.Sprint(ctx.Value("machineName")), + "updateChan", + ) + for { select { case <-ctx.Done(): @@ -606,3 +618,13 @@ func (h *Headscale) scheduledPollWorker( } } } + +func closeChanWithLog[C chan []byte | chan struct{}](channel C, machine, name string) { + log.Trace(). + Str("handler", "PollNetMap"). + Str("machine", machine). + Str("channel", "Done"). + Msg(fmt.Sprintf("Closing %s channel", name)) + + close(channel) +} From 9f03a012fb7faa8cde35ba39addfb287b2ffa5cd Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Sun, 10 Apr 2022 22:47:35 +0200 Subject: [PATCH 06/17] updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d3aa8d5..4408f13 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ ### Changes - Fix labels cardinality error when registering unknown pre-auth key [#519](https://github.com/juanfont/headscale/pull/519) +- Fix send on closed channel crash in polling [#542](https://github.com/juanfont/headscale/pull/542) ## 0.15.0 (2022-03-20) From 1f43c39f93aeb4018b6481365369e07022f09341 Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Mon, 11 Apr 2022 08:54:12 +0200 Subject: [PATCH 07/17] replaced version-at-commit script with git-describe call --- Makefile | 2 +- scripts/version-at-commit.sh | 39 ------------------------------------ 2 files changed, 1 insertion(+), 40 deletions(-) delete mode 100755 scripts/version-at-commit.sh diff --git a/Makefile b/Makefile index 73630d3..a2c225d 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Calculate version -version = $(shell ./scripts/version-at-commit.sh) +version = $(git describe --always --tags --dirty) rwildcard=$(foreach d,$(wildcard $1*),$(call rwildcard,$d/,$2) $(filter $(subst *,%,$2),$d)) diff --git a/scripts/version-at-commit.sh b/scripts/version-at-commit.sh deleted file mode 100755 index 2f7fab8..0000000 --- a/scripts/version-at-commit.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -set -e -o pipefail -commit="$1" -versionglob="v[0-9].[0-9]*.[0-9]*" -devsuffix=".dev" -if [ -z "$commit" ]; then - commit=`git log -n1 --first-parent "--format=format:%h"` -fi - -# automatically assign version -# -# handles the following cases: -# -# 0. no tags on the repository. Print "dev". -# -# 1. no local modifications and commit is directly tagged. Print tag. -# -# 2. no local modifications and commit is not tagged. Take greatest version tag in repo X.Y.Z and assign X.Y.(Z+1). Print that + $devsuffix + $timestamp. -# -# 3. local modifications. Print "dev". - -tags=$(git tag) -if [[ -z "$tags" ]]; then - echo "dev" -elif `git diff --quiet 2>/dev/null`; then - tagged=$(git tag --points-at "$commit") - if [[ -n "$tagged" ]] ; then - echo $tagged - else - nearest_tag=$(git describe --tags --abbrev=0 --match "$versionglob" "$commit") - v=$(echo $nearest_tag | perl -pe 's/(\d+)$/$1+1/e') - isodate=$(TZ=UTC git log -n1 --format=%cd --date=iso "$commit") - ts=$(TZ=UTC date --date="$isodate" "+%Y%m%d%H%M%S") - echo "${v}${devsuffix}${ts}" - fi -else - echo "dev" -fi From c312f8bf4a8e21284b1a1b41c414ad957142b469 Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Mon, 11 Apr 2022 08:56:40 +0200 Subject: [PATCH 08/17] set up Makefile for reproducible builds --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a2c225d..a708a10 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ PROTO_SOURCES = $(call rwildcard,,*.proto) build: - GGO_ENABLED=0 go build -ldflags "-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$(version)" cmd/headscale/headscale.go + GGO_ENABLED=0 go build -trimpath -buildmode=pie -mod=readonly -ldflags "-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$(version)" cmd/headscale/headscale.go dev: lint test build From 8601dd1f4235c52d7f123c7bf802ab2be865978f Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Mon, 11 Apr 2022 14:56:11 +0200 Subject: [PATCH 09/17] fixed CGO disabling --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a708a10..74ecd89 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ PROTO_SOURCES = $(call rwildcard,,*.proto) build: - GGO_ENABLED=0 go build -trimpath -buildmode=pie -mod=readonly -ldflags "-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$(version)" cmd/headscale/headscale.go + CGO_ENABLED=0 go build -trimpath -buildmode=pie -mod=readonly -ldflags "-s -w -X github.com/juanfont/headscale/cmd/headscale/cli.Version=$(version)" cmd/headscale/headscale.go dev: lint test build From 3d8dc9d2bff741089184cc10b5fc5d41eeab5251 Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Mon, 11 Apr 2022 13:43:49 +0200 Subject: [PATCH 10/17] fix discord invite Fixes: https://github.com/juanfont/headscale/issues/533 --- .github/ISSUE_TEMPLATE/config.yml | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 99cc36f..37a8cb8 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -7,5 +7,5 @@ contact_links: url: "https://github.com/juanfont/headscale/blob/main/docs" about: "Find documentation about how to configure and run headscale." - name: "headscale Discord community" - url: "https://discord.com/invite/XcQxk2VHjx" + url: "https://discord.gg/xGj2TuqyxY" about: "Please ask and answer questions about usage of headscale here." diff --git a/README.md b/README.md index 74abc85..7f71241 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ An open source, self-hosted implementation of the Tailscale control server. -Join our [Discord](https://discord.gg/XcQxk2VHjx) server for a chat. +Join our [Discord](https://discord.gg/xGj2TuqyxY) server for a chat. **Note:** Always select the same GitHub tag as the released version you use to ensure you have the correct example configuration and documentation. From be2487f4c00adc153afd8cf7a8e1a9cb2ade354a Mon Sep 17 00:00:00 2001 From: Moritz Poldrack <33086936+mpldr@users.noreply.github.com> Date: Sat, 16 Apr 2022 23:52:06 +0200 Subject: [PATCH 11/17] Clarified systemd friendly path Suggested-by: Rendezvous --- docs/running-headscale-linux.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index 98a67f1..166851b 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -150,7 +150,7 @@ or run all headscale commands as the headscale user: su - headscale ``` -2. In `/etc/headscale/config.yaml`, override the default `headscale` unix socket with a SystemD friendly path: +2. In `/etc/headscale/config.yaml`, override the default `headscale` unix socket with path that is writable by the `headscale` user or group: ```yaml unix_socket: /var/run/headscale/headscale.sock @@ -165,8 +165,7 @@ systemctl daemon-reload 4. Enable and start the new `headscale` service: ```shell -systemctl enable headscale -systemctl start headscale +systemctl enable --now headscale ``` 5. Verify the headscale service: From 41a8c14acb9657f10238da74c9177642cad1b286 Mon Sep 17 00:00:00 2001 From: Moritz Poldrack <33086936+mpldr@users.noreply.github.com> Date: Sat, 16 Apr 2022 23:56:57 +0200 Subject: [PATCH 12/17] add information on how to create a headscale user --- docs/running-headscale-linux.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index 166851b..55b002f 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -30,6 +30,8 @@ mkdir -p /etc/headscale # Directory for Database, and other variable data (like certificates) mkdir -p /var/lib/headscale +# or if you create a headscale user: +useradd -md /var/lib/headscale/ -rUs /usr/bin/nologin headscale ``` 4. Create an empty SQLite database: From 7ce0bd053c2ceebbdac931d2a01799dfba65a8a7 Mon Sep 17 00:00:00 2001 From: Moritz Poldrack <33086936+mpldr@users.noreply.github.com> Date: Sat, 16 Apr 2022 23:58:05 +0200 Subject: [PATCH 13/17] removed leading whitespace --- docs/running-headscale-linux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index 55b002f..e3e9699 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -52,7 +52,7 @@ from the [headscale repository](../) 6. Start the headscale server: ```shell - headscale serve +headscale serve ``` This command will start `headscale` in the current terminal session. From 9254afff2ddb48b6e60688ddad83abd6441893ec Mon Sep 17 00:00:00 2001 From: Kristoffer Dalby Date: Thu, 21 Apr 2022 09:06:13 +0100 Subject: [PATCH 14/17] Add direnv and nix output to gitignore --- .gitignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index d047cbf..5556580 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,7 @@ derp.yaml .idea test_output/ + +# Nix and direnv +.direnv/ +result From 580c72bf167f48fad9b534ad50c3247334480eff Mon Sep 17 00:00:00 2001 From: Kristoffer Dalby Date: Thu, 21 Apr 2022 09:06:30 +0100 Subject: [PATCH 15/17] Update discord link so it does not grant temp memberships --- README.md | 2 +- docs/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7f71241..8631eb9 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ An open source, self-hosted implementation of the Tailscale control server. -Join our [Discord](https://discord.gg/xGj2TuqyxY) server for a chat. +Join our [Discord](https://discord.gg/c84AZQhmpx) server for a chat. **Note:** Always select the same GitHub tag as the released version you use to ensure you have the correct example configuration and documentation. diff --git a/docs/README.md b/docs/README.md index 7a3080e..459a6c2 100644 --- a/docs/README.md +++ b/docs/README.md @@ -3,7 +3,7 @@ This page contains the official and community contributed documentation for `headscale`. If you are having trouble with following the documentation or get unexpected results, -please ask on [Discord](https://discord.gg/XcQxk2VHjx) instead of opening an Issue. +please ask on [Discord](https://discord.gg/c84AZQhmpx) instead of opening an Issue. ## Official documentation From 6dd9e93346b2d8a55540c855ea8ce976a51fceef Mon Sep 17 00:00:00 2001 From: Moritz Poldrack Date: Thu, 21 Apr 2022 11:00:17 +0200 Subject: [PATCH 16/17] expanded arguments in useradd to be easier to understand for beginners --- docs/running-headscale-linux.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index e3e9699..89d02e8 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -31,7 +31,13 @@ mkdir -p /etc/headscale # Directory for Database, and other variable data (like certificates) mkdir -p /var/lib/headscale # or if you create a headscale user: -useradd -md /var/lib/headscale/ -rUs /usr/bin/nologin headscale +useradd \ + --create-home \ + --home-dir /var/lib/headscale/ \ + --system \ + --user-group \ + --shell /usr/bin/nologin \ + headscale ``` 4. Create an empty SQLite database: From c8ed1f0f432b77786b4f167699c60e450209fe06 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 21 Apr 2022 11:51:30 +0000 Subject: [PATCH 17/17] docs(README): update contributors --- README.md | 45 ++++++++++++++++++++++++++------------------- 1 file changed, 26 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 8631eb9..b64482d 100644 --- a/README.md +++ b/README.md @@ -206,6 +206,13 @@ make build Alessandro (Ale) Segala + + + Nico/ +
+ Nico +
+ unreality/ @@ -214,10 +221,10 @@ make build - - Nico/ + + Moritz
- Nico + Moritz Poldrack
@@ -227,6 +234,8 @@ make build Niek van der Maas + + Eugen @@ -234,8 +243,6 @@ make build Eugen Biegler - - Aaron @@ -271,6 +278,8 @@ make build Michael G. + + Paul @@ -278,8 +287,6 @@ make build Paul Tötterman - - Artem @@ -315,6 +322,8 @@ make build lachy2849 + + thomas/ @@ -322,8 +331,6 @@ make build thomas - - Abraham @@ -359,6 +366,8 @@ make build Carson Yang + + Felix @@ -366,8 +375,6 @@ make build Felix Kronlage-Dammers - - Felix @@ -403,6 +410,8 @@ make build Pierre Carru + + rcursaru/ @@ -410,8 +419,6 @@ make build rcursaru - - WhiteSource @@ -447,6 +454,8 @@ make build Teteros + + The @@ -454,8 +463,6 @@ make build The Gitter Badger - - Tianon @@ -491,6 +498,8 @@ make build ZiYuan + + bravechamp/ @@ -498,8 +507,6 @@ make build bravechamp - - derelm/ @@ -535,6 +542,8 @@ make build pernila + + Wakeful-Cloud/ @@ -542,8 +551,6 @@ make build Wakeful-Cloud - - zy/