Setup a seperate, non-tls, no auth, socket grpc
This commit is contained in:
parent
1c9b1ea91a
commit
8db45a4e75
1 changed files with 10 additions and 5 deletions
15
app.go
15
app.go
|
@ -261,11 +261,11 @@ func (h *Headscale) grpcAuthenticationInterceptor(ctx context.Context,
|
||||||
p, _ := peer.FromContext(ctx)
|
p, _ := peer.FromContext(ctx)
|
||||||
|
|
||||||
// TODO(kradalby): Figure out what @ means (socket wise) and if it can be exploited
|
// TODO(kradalby): Figure out what @ means (socket wise) and if it can be exploited
|
||||||
if p.Addr.String() == "@" {
|
// if p.Addr.String() == "@" {
|
||||||
log.Trace().Caller().Str("client_address", p.Addr.String()).Msg("Client connecting over socket")
|
// log.Trace().Caller().Str("client_address", p.Addr.String()).Msg("Client connecting over socket")
|
||||||
|
|
||||||
return handler(ctx, req)
|
// return handler(ctx, req)
|
||||||
}
|
// }
|
||||||
|
|
||||||
log.Trace().Caller().Str("client_address", p.Addr.String()).Msg("Client is trying to authenticate")
|
log.Trace().Caller().Str("client_address", p.Addr.String()).Msg("Client is trying to authenticate")
|
||||||
|
|
||||||
|
@ -467,12 +467,17 @@ func (h *Headscale) Serve() error {
|
||||||
|
|
||||||
grpcServer := grpc.NewServer(grpcOptions...)
|
grpcServer := grpc.NewServer(grpcOptions...)
|
||||||
|
|
||||||
|
// Start the local gRPC server without TLS and without authentication
|
||||||
|
grpcSocket := grpc.NewServer()
|
||||||
|
|
||||||
apiV1.RegisterHeadscaleServiceServer(grpcServer, newHeadscaleV1APIServer(h))
|
apiV1.RegisterHeadscaleServiceServer(grpcServer, newHeadscaleV1APIServer(h))
|
||||||
|
apiV1.RegisterHeadscaleServiceServer(grpcSocket, newHeadscaleV1APIServer(h))
|
||||||
reflection.Register(grpcServer)
|
reflection.Register(grpcServer)
|
||||||
|
reflection.Register(grpcSocket)
|
||||||
|
|
||||||
g := new(errgroup.Group)
|
g := new(errgroup.Group)
|
||||||
|
|
||||||
g.Go(func() error { return grpcServer.Serve(socketListener) })
|
g.Go(func() error { return grpcSocket.Serve(socketListener) })
|
||||||
|
|
||||||
// TODO(kradalby): Verify if we need the same TLS setup for gRPC as HTTP
|
// TODO(kradalby): Verify if we need the same TLS setup for gRPC as HTTP
|
||||||
g.Go(func() error { return grpcServer.Serve(grpcListener) })
|
g.Go(func() error { return grpcServer.Serve(grpcListener) })
|
||||||
|
|
Loading…
Reference in a new issue