feat(acl): update frequently the aclRules

This call should be done quite at each modification of a server resources like RequestTags.
When a server changes it's tag we should rebuild the ACL rules.

When a server is added to headscale we also should update the ACLRules.
This commit is contained in:
Adrien Raffin 2022-02-06 17:55:12 +01:00 committed by Adrien Raffin-Caboisse
parent fb45138fc1
commit 97eac3b938
No known key found for this signature in database
GPG key ID: 7FB60532DEBEAD6A

View file

@ -91,6 +91,12 @@ func (h *Headscale) PollNetMapHandler(ctx *gin.Context) {
machine.DiscoKey = DiscoPublicKeyStripPrefix(req.DiscoKey) machine.DiscoKey = DiscoPublicKeyStripPrefix(req.DiscoKey)
now := time.Now().UTC() now := time.Now().UTC()
// update ACLRules with peer informations (to update server tags if necessary)
err = h.UpdateACLRules()
if err != nil {
log.Error().Caller().Str("func", "handleAuthKey").Str("machine", machine.Name).Err(err)
}
// From Tailscale client: // From Tailscale client:
// //
// ReadOnly is whether the client just wants to fetch the MapResponse, // ReadOnly is whether the client just wants to fetch the MapResponse,