Merge branch 'main' into hs2021-v2

This commit is contained in:
Juan Font 2022-08-18 17:56:56 +02:00 committed by GitHub
commit 67ffebc30a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 19 additions and 4 deletions

View file

@ -2,6 +2,14 @@
## 0.17.0 (2022-XX-XX) ## 0.17.0 (2022-XX-XX)
- Add ability to connect to PostgreSQL over TLS/SSL [#745](https://github.com/juanfont/headscale/pull/745)
## 0.16.3 (2022-08-17)
### Changes
- Fix issue with OIDC authentication [#747](https://github.com/juanfont/headscale/pull/747)
## 0.16.2 (2022-08-14) ## 0.16.2 (2022-08-14)
### Changes ### Changes
@ -125,7 +133,7 @@ This is a part of aligning `headscale`'s behaviour with Tailscale's upstream beh
- OpenID Connect users will be mapped per namespaces - OpenID Connect users will be mapped per namespaces
- Each user will get its own namespace, created if it does not exist - Each user will get its own namespace, created if it does not exist
- `oidc.domain_map` option has been removed - `oidc.domain_map` option has been removed
- `strip_email_domain` option has been added (see [config-example.yaml](./config_example.yaml)) - `strip_email_domain` option has been added (see [config-example.yaml](./config-example.yaml))
### Changes ### Changes

6
app.go
View file

@ -145,12 +145,16 @@ func NewHeadscale(cfg *Config) (*Headscale, error) {
switch cfg.DBtype { switch cfg.DBtype {
case Postgres: case Postgres:
dbString = fmt.Sprintf( dbString = fmt.Sprintf(
"host=%s dbname=%s user=%s sslmode=disable", "host=%s dbname=%s user=%s",
cfg.DBhost, cfg.DBhost,
cfg.DBname, cfg.DBname,
cfg.DBuser, cfg.DBuser,
) )
if !cfg.DBssl {
dbString += " sslmode=disable"
}
if cfg.DBport != 0 { if cfg.DBport != 0 {
dbString += fmt.Sprintf(" port=%d", cfg.DBport) dbString += fmt.Sprintf(" port=%d", cfg.DBport)
} }

View file

@ -128,6 +128,7 @@ db_path: /var/lib/headscale/db.sqlite
# db_name: headscale # db_name: headscale
# db_user: foo # db_user: foo
# db_pass: bar # db_pass: bar
# db_ssl: false
### TLS configuration ### TLS configuration
# #

View file

@ -48,6 +48,7 @@ type Config struct {
DBname string DBname string
DBuser string DBuser string
DBpass string DBpass string
DBssl bool
TLS TLSConfig TLS TLSConfig
@ -514,6 +515,7 @@ func GetHeadscaleConfig() (*Config, error) {
DBname: viper.GetString("db_name"), DBname: viper.GetString("db_name"),
DBuser: viper.GetString("db_user"), DBuser: viper.GetString("db_user"),
DBpass: viper.GetString("db_pass"), DBpass: viper.GetString("db_pass"),
DBssl: viper.GetBool("db_ssl"),
TLS: GetTLSConfig(), TLS: GetTLSConfig(),

View file

@ -318,7 +318,7 @@ func extractIDTokenClaims(
idToken *oidc.IDToken, idToken *oidc.IDToken,
) (*IDTokenClaims, error) { ) (*IDTokenClaims, error) {
var claims IDTokenClaims var claims IDTokenClaims
if err := idToken.Claims(claims); err != nil { if err := idToken.Claims(&claims); err != nil {
log.Error(). log.Error().
Err(err). Err(err).
Caller(). Caller().

View file

@ -83,7 +83,7 @@ func SwaggerAPIv1(
writer http.ResponseWriter, writer http.ResponseWriter,
req *http.Request, req *http.Request,
) { ) {
writer.Header().Set("Content-Type", "application/json; charset=utf-88") writer.Header().Set("Content-Type", "application/json; charset=utf-8")
writer.WriteHeader(http.StatusOK) writer.WriteHeader(http.StatusOK)
if _, err := writer.Write(apiV1JSON); err != nil { if _, err := writer.Write(apiV1JSON); err != nil {
log.Error(). log.Error().