feat(acl): update frequently the aclRules
This call should be done quite at each modification of a server resources like RequestTags. When a server changes it's tag we should rebuild the ACL rules. When a server is added to headscale we also should update the ACLRules.
This commit is contained in:
parent
fb45138fc1
commit
97eac3b938
1 changed files with 6 additions and 0 deletions
6
poll.go
6
poll.go
|
@ -91,6 +91,12 @@ func (h *Headscale) PollNetMapHandler(ctx *gin.Context) {
|
||||||
machine.DiscoKey = DiscoPublicKeyStripPrefix(req.DiscoKey)
|
machine.DiscoKey = DiscoPublicKeyStripPrefix(req.DiscoKey)
|
||||||
now := time.Now().UTC()
|
now := time.Now().UTC()
|
||||||
|
|
||||||
|
// update ACLRules with peer informations (to update server tags if necessary)
|
||||||
|
err = h.UpdateACLRules()
|
||||||
|
if err != nil {
|
||||||
|
log.Error().Caller().Str("func", "handleAuthKey").Str("machine", machine.Name).Err(err)
|
||||||
|
}
|
||||||
|
|
||||||
// From Tailscale client:
|
// From Tailscale client:
|
||||||
//
|
//
|
||||||
// ReadOnly is whether the client just wants to fetch the MapResponse,
|
// ReadOnly is whether the client just wants to fetch the MapResponse,
|
||||||
|
|
Loading…
Reference in a new issue