From 8b5e8b7dfc2b8915cbb2172a0bdf579bbea5122a Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Thu, 10 Mar 2022 08:59:28 -0500 Subject: [PATCH 1/7] Refresh expired machine on re-auth - closes #489 --- api.go | 79 +++++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 51 insertions(+), 28 deletions(-) diff --git a/api.go b/api.go index 1023e6f..323e3e7 100644 --- a/api.go +++ b/api.go @@ -568,8 +568,13 @@ func (h *Headscale) handleAuthKey( Str("func", "handleAuthKey"). Str("machine", registerRequest.Hostinfo.Hostname). Msg("Failed authentication via AuthKey") - machineRegistrations.WithLabelValues("new", RegisterMethodAuthKey, "error", pak.Namespace.Name). - Inc() + + if pak != nil { + machineRegistrations.WithLabelValues("new", RegisterMethodAuthKey, "error", pak.Namespace.Name). + Inc() + } else { + machineRegistrations.WithLabelValues("new", RegisterMethodAuthKey, "error").Inc() + } return } @@ -580,35 +585,53 @@ func (h *Headscale) handleAuthKey( Msg("Authentication key was valid, proceeding to acquire IP addresses") nodeKey := NodePublicKeyStripPrefix(registerRequest.NodeKey) - now := time.Now().UTC() - machineToRegister := Machine{ - Name: registerRequest.Hostinfo.Hostname, - NamespaceID: pak.Namespace.ID, - MachineKey: machineKeyStr, - RegisterMethod: RegisterMethodAuthKey, - Expiry: ®isterRequest.Expiry, - NodeKey: nodeKey, - LastSeen: &now, - AuthKeyID: uint(pak.ID), - } - - machine, err := h.RegisterMachine( - machineToRegister, - ) - if err != nil { - log.Error(). + // retrieve machine information if it exist + // The error is not important, because if it does not + // exist, then this is a new machine and we will move + // on to registration. + machine, _ := h.GetMachineByMachineKey(machineKey) + if machine != nil { + log.Trace(). Caller(). - Err(err). - Msg("could not register machine") - machineRegistrations.WithLabelValues("new", RegisterMethodAuthKey, "error", pak.Namespace.Name). - Inc() - ctx.String( - http.StatusInternalServerError, - "could not register machine", - ) + Str("machine", machine.Name). + Msg("machine already registered, refreshing with new auth key") - return + machine.NodeKey = nodeKey + machine.AuthKeyID = uint(pak.ID) + h.RefreshMachine(machine, registerRequest.Expiry) + + } else { + + now := time.Now().UTC() + machineToRegister := Machine{ + Name: registerRequest.Hostinfo.Hostname, + NamespaceID: pak.Namespace.ID, + MachineKey: machineKeyStr, + RegisterMethod: RegisterMethodAuthKey, + Expiry: ®isterRequest.Expiry, + NodeKey: nodeKey, + LastSeen: &now, + AuthKeyID: uint(pak.ID), + } + + machine, err = h.RegisterMachine( + machineToRegister, + ) + if err != nil { + log.Error(). + Caller(). + Err(err). + Msg("could not register machine") + machineRegistrations.WithLabelValues("new", RegisterMethodAuthKey, "error", pak.Namespace.Name). + Inc() + ctx.String( + http.StatusInternalServerError, + "could not register machine", + ) + + return + } } h.UsePreAuthKey(pak) From af081e9fd3ff304d58893057d0a2902531fdc786 Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Thu, 10 Mar 2022 10:22:21 -0500 Subject: [PATCH 2/7] fixed lint errors --- api.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/api.go b/api.go index 323e3e7..ffa1aeb 100644 --- a/api.go +++ b/api.go @@ -600,7 +600,6 @@ func (h *Headscale) handleAuthKey( machine.NodeKey = nodeKey machine.AuthKeyID = uint(pak.ID) h.RefreshMachine(machine, registerRequest.Expiry) - } else { now := time.Now().UTC() @@ -614,7 +613,7 @@ func (h *Headscale) handleAuthKey( LastSeen: &now, AuthKeyID: uint(pak.ID), } - + machine, err = h.RegisterMachine( machineToRegister, ) @@ -629,9 +628,9 @@ func (h *Headscale) handleAuthKey( http.StatusInternalServerError, "could not register machine", ) - + return - } + } } h.UsePreAuthKey(pak) From 082a852c5e946fe7e58f0a94a332372d923fa7b5 Mon Sep 17 00:00:00 2001 From: Mevan Samaratunga Date: Thu, 10 Mar 2022 10:40:20 -0500 Subject: [PATCH 3/7] fixed linting recommendation --- api.go | 1 - 1 file changed, 1 deletion(-) diff --git a/api.go b/api.go index ffa1aeb..eab8076 100644 --- a/api.go +++ b/api.go @@ -601,7 +601,6 @@ func (h *Headscale) handleAuthKey( machine.AuthKeyID = uint(pak.ID) h.RefreshMachine(machine, registerRequest.Expiry) } else { - now := time.Now().UTC() machineToRegister := Machine{ Name: registerRequest.Hostinfo.Hostname, From 18ee6274e17c55e392f6ddacf2a7ff158f8c2b6c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 10 Mar 2022 19:50:59 +0000 Subject: [PATCH 4/7] docs(README): update contributors --- README.md | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index d74b19f..7bb7018 100644 --- a/README.md +++ b/README.md @@ -250,6 +250,13 @@ make build Hoàng Đức Hiếu + + + Mevan +
+ Mevan Samaratunga +
+ Michael @@ -271,6 +278,8 @@ make build Casey Marshall + + Silver @@ -278,8 +287,6 @@ make build Silver Bullet - - Stefan @@ -315,6 +322,8 @@ make build Artem Klevtsov + + Arthur @@ -322,8 +331,6 @@ make build Arthur Woimbée - - Bryan @@ -359,6 +366,8 @@ make build Jamie Greeff + + Jim @@ -366,8 +375,6 @@ make build Jim Tittsler - - Pierre @@ -403,6 +410,8 @@ make build Shaanan Cohney + + Tanner/ @@ -410,8 +419,6 @@ make build Tanner - - Teteros/ @@ -447,6 +454,8 @@ make build Zakhar Bessarab + + ZiYuan/ @@ -454,8 +463,6 @@ make build ZiYuan - - derelm/ @@ -491,6 +498,8 @@ make build Wakeful-Cloud + + zy/ From 0bfa5302a7d70d30066df5d2408cf720a17e8399 Mon Sep 17 00:00:00 2001 From: bravechamp <48980452+bravechamp@users.noreply.github.com> Date: Tue, 15 Mar 2022 16:05:56 +0300 Subject: [PATCH 5/7] Fix API access By allowing API keys to be validated --- app.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/app.go b/app.go index f1426bb..1809f95 100644 --- a/app.go +++ b/app.go @@ -409,8 +409,6 @@ func (h *Headscale) httpAuthenticationMiddleware(ctx *gin.Context) { return } - ctx.AbortWithStatus(http.StatusUnauthorized) - valid, err := h.ValidateAPIKey(strings.TrimPrefix(authHeader, AuthPrefix)) if err != nil { log.Error(). From 537ecb8db0abdb5112c77626d1dc9e379dad4f5d Mon Sep 17 00:00:00 2001 From: Yang Bin Date: Thu, 17 Mar 2022 09:25:42 +0800 Subject: [PATCH 6/7] =?UTF-8?q?docs:=20fixed=20`/metrics`=20endpoint=20`80?= =?UTF-8?q?80=20=E2=86=92=209090`,=20reference=20`config-example.yaml`?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/running-headscale-container.md | 3 ++- docs/running-headscale-linux.md | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/running-headscale-container.md b/docs/running-headscale-container.md index d39f4d4..36e63de 100644 --- a/docs/running-headscale-container.md +++ b/docs/running-headscale-container.md @@ -55,6 +55,7 @@ docker run \ --rm \ --volume $(pwd)/config:/etc/headscale/ \ --publish 127.0.0.1:8080:8080 \ + --publish 127.0.0.1:9090:9090 \ headscale/headscale: \ headscale serve @@ -80,7 +81,7 @@ docker ps Verify `headscale` is available: ```shell -curl http://127.0.0.1:8080/metrics +curl http://127.0.0.1:9090/metrics ``` 6. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)): diff --git a/docs/running-headscale-linux.md b/docs/running-headscale-linux.md index 09e43dc..1e9d11c 100644 --- a/docs/running-headscale-linux.md +++ b/docs/running-headscale-linux.md @@ -67,7 +67,7 @@ To run `headscale` in the background, please follow the steps in the [SystemD se Verify `headscale` is available: ```shell -curl http://127.0.0.1:8080/metrics +curl http://127.0.0.1:9090/metrics ``` 8. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)): From ade9552736e6d4271f46bebacaa65144c464e1d5 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 17 Mar 2022 06:38:00 +0000 Subject: [PATCH 7/7] docs(README): update contributors --- README.md | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 7bb7018..596c258 100644 --- a/README.md +++ b/README.md @@ -447,6 +447,15 @@ make build Tjerk Woudsma + + + Yang +
+ Yang Bin +
+ + + Zakhar @@ -454,8 +463,6 @@ make build Zakhar Bessarab - - ZiYuan/ @@ -463,6 +470,13 @@ make build ZiYuan + + + bravechamp/ +
+ bravechamp +
+ derelm/ @@ -484,6 +498,8 @@ make build lion24 + + pernila/ @@ -498,8 +514,6 @@ make build Wakeful-Cloud - - zy/