From 745696b310b921266a7242a18101e955acc7b6b1 Mon Sep 17 00:00:00 2001 From: zakaria Date: Fri, 4 Mar 2022 12:11:43 +1000 Subject: [PATCH 1/8] docs: fix mistake in ACME challenge type comment --- config-example.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-example.yaml b/config-example.yaml index c28b608..a8c3f28 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -123,7 +123,7 @@ tls_client_auth_mode: relaxed tls_letsencrypt_cache_dir: /var/lib/headscale/cache # Type of ACME challenge to use, currently supported types: -# HTTP-01 or TLS_ALPN-01 +# HTTP-01 or TLS-ALPN-01 # See [docs/tls.md](docs/tls.md) for more information tls_letsencrypt_challenge_type: HTTP-01 # When HTTP-01 challenge is chosen, letsencrypt must set up a From b342cf0240eac731db756399130d62382ca7ad28 Mon Sep 17 00:00:00 2001 From: e-zk Date: Fri, 4 Mar 2022 17:56:54 +1000 Subject: [PATCH 2/8] feat(windows): cleanup /apple endpoint - rename the gin function to AppleConfigMessage - use
 +  for code blocks
- add headscale heading
- reword some sections
---
 app.go                |  2 +-
 apple_mobileconfig.go | 17 +++++++++--------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/app.go b/app.go
index 763fdfe..4c1d201 100644
--- a/app.go
+++ b/app.go
@@ -456,7 +456,7 @@ func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *gin.Engine {
 	router.POST("/machine/:id", h.RegistrationHandler)
 	router.GET("/oidc/register/:mkey", h.RegisterOIDC)
 	router.GET("/oidc/callback", h.OIDCCallback)
-	router.GET("/apple", h.AppleMobileConfig)
+	router.GET("/apple", h.AppleConfigMessage)
 	router.GET("/apple/:platform", h.ApplePlatformConfig)
 	router.GET("/swagger", SwaggerUI)
 	router.GET("/swagger/v1/openapiv2.json", SwaggerAPIv1)
diff --git a/apple_mobileconfig.go b/apple_mobileconfig.go
index 69f61a6..137276d 100644
--- a/apple_mobileconfig.go
+++ b/apple_mobileconfig.go
@@ -11,26 +11,27 @@ import (
 	"github.com/rs/zerolog/log"
 )
 
-// AppleMobileConfig shows a simple message in the browser to point to the CLI
-// Listens in /register.
-func (h *Headscale) AppleMobileConfig(ctx *gin.Context) {
+// AppleConfigMessage shows a simple message in the browser to point the user
+// to the iOS/MacOS profile and instructions for how to install it
+func (h *Headscale) AppleConfigMessage(ctx *gin.Context) {
 	appleTemplate := template.Must(template.New("apple").Parse(`
 
 	
-		

Apple configuration profiles

+

headscale

+

Apple configuration profiles

This page provides configuration profiles for the official Tailscale clients for iOS and macOS.

- The profiles will configure Tailscale.app to use {{.Url}} as its control server. + The profiles will configure Tailscale.app to use {{.URL}} as its control server.

Caution

-

You should always inspect the profile before installing it:

+

You should always download and inspect the profile before installing it:

-

curl {{.Url}}/apple/macos

+
curl {{.URL}}/apple/macos

Profiles

From 12a50ac8ac79d05a5f896633b4809fea32034810 Mon Sep 17 00:00:00 2001 From: e-zk Date: Fri, 4 Mar 2022 19:37:55 +1000 Subject: [PATCH 3/8] feat(windows): add /windows endpoint for Windows configuration - registry file /windows/tailscale.reg is generated, filling in the associated control server URL - also includes CLI instructions - fix /apple incorrect template: 'Url' is supposed to be '.URL' --- app.go | 2 + apple_mobileconfig.go | 106 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 108 insertions(+) diff --git a/app.go b/app.go index 4c1d201..682d8e4 100644 --- a/app.go +++ b/app.go @@ -458,6 +458,8 @@ func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *gin.Engine { router.GET("/oidc/callback", h.OIDCCallback) router.GET("/apple", h.AppleConfigMessage) router.GET("/apple/:platform", h.ApplePlatformConfig) + router.GET("/windows", h.WindowsConfigMessage) + router.GET("/windows/tailscale.reg", h.WindowsRegConfig) router.GET("/swagger", SwaggerUI) router.GET("/swagger/v1/openapiv2.json", SwaggerAPIv1) diff --git a/apple_mobileconfig.go b/apple_mobileconfig.go index 137276d..86273e7 100644 --- a/apple_mobileconfig.go +++ b/apple_mobileconfig.go @@ -11,6 +11,100 @@ import ( "github.com/rs/zerolog/log" ) +// WindowsConfigMessage shows a simple message in the browser for how to +// configure the Windows tailscale client. +func (h *Headscale) WindowsConfigMessage(ctx *gin.Context) { + winTemplate := template.Must(template.New("windows").Parse(` + + +

headscale

+

Windows registry configuration

+

+ This page provides Windows registry information for the official Windows Tailscale client. +

+

+ The registry file will configure Tailscale to use {{.URL}} as its control server. +

+

Caution

+

You should always download and inspect the registry file before installing it:

+
curl {{.URL}}/windows/tailscale.reg
+ +

Installation

+

Headscale can be set to the default server by running the registry file:

+ +

+ Windows registry file +

+ +
    +
  1. Download the registry file, then run it
  2. +
  3. Follow the prompts
  4. +
  5. Install and run the official windows Tailscale client
  6. +
  7. When the installation has finished, start Tailscale, and log in by clicking the icon in the system tray
  8. +
+

Or

+

Open command prompt with Administrator rights. Issue the following commands to add the required registry entries:

+
+REG ADD "HKLM\Software\Tailscale IPN" /v UnattendedMode /t REG_SZ /d always
+REG ADD "HKLM\Software\Tailscale IPN" /v LoginURL /t REG_SZ /d "{{.URL}}"
+

+ Restart Tailscale and log in. +

+ + +`)) + + config := map[string]interface{}{ + "URL": h.cfg.ServerURL, + } + + var payload bytes.Buffer + if err := winTemplate.Execute(&payload, config); err != nil { + log.Error(). + Str("handler", "WindowsRegConfig"). + Err(err). + Msg("Could not render Windows index template") + ctx.Data( + http.StatusInternalServerError, + "text/html; charset=utf-8", + []byte("Could not render Windows index template"), + ) + + return + } + + ctx.Data(http.StatusOK, "text/html; charset=utf-8", payload.Bytes()) +} + +// WindowsRegConfig generates and serves the .reg file +// pre-configured to the headscale server address +func (h *Headscale) WindowsRegConfig(ctx *gin.Context) { + config := WindowsRegistryConfig{ + URL: h.cfg.ServerURL, + } + + var content bytes.Buffer + if err := windowsRegTemplate.Execute(&content, config); err != nil { + log.Error(). + Str("handler", "WindowsRegConfig"). + Err(err). + Msg("Could not render Apple macOS template") + ctx.Data( + http.StatusInternalServerError, + "text/html; charset=utf-8", + []byte("Could not render Windows registry template"), + ) + + return + } + + ctx.Data( + http.StatusOK, + "text/x-ms-regedit; charset=utf-8", + content.Bytes(), + ) +} + // AppleConfigMessage shows a simple message in the browser to point the user // to the iOS/MacOS profile and instructions for how to install it func (h *Headscale) AppleConfigMessage(ctx *gin.Context) { @@ -193,6 +287,10 @@ func (h *Headscale) ApplePlatformConfig(ctx *gin.Context) { ) } +type WindowsRegistryConfig struct { + URL string +} + type AppleMobileConfig struct { UUID uuid.UUID URL string @@ -204,6 +302,14 @@ type AppleMobilePlatformConfig struct { URL string } +var windowsRegTemplate = textTemplate.Must( + textTemplate.New("windowsconfig").Parse(`Windows Registry Editor Version 5.00 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Tailscale IPN] +"UnattendedMode"="always" +"LoginURL"="{{.URL}}" +`)) + var commonTemplate = textTemplate.Must( textTemplate.New("mobileconfig").Parse(` From f9e0c13890891b3696b5587824c96077ff65f717 Mon Sep 17 00:00:00 2001 From: e-zk Date: Fri, 4 Mar 2022 19:52:42 +1000 Subject: [PATCH 4/8] docs: update CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1186bad..dc34ab9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ - Add support for writing ACL files with YAML [#359](https://github.com/juanfont/headscale/pull/359) - Users can now use emails in ACL's groups [#372](https://github.com/juanfont/headscale/issues/372) - Add shorthand aliases for commands and subcommands [#376](https://github.com/juanfont/headscale/pull/376) +- Add `/windows` endpoint for Windows configuration instructions + registry file download [#392](https://github.com/juanfont/headscale/pull/392) ### Changes From d69dada8ff7be8c2e13cd4e6c67e97481b2810d7 Mon Sep 17 00:00:00 2001 From: e-zk Date: Fri, 4 Mar 2022 20:03:49 +1000 Subject: [PATCH 5/8] feat(windows): rename apple_mobileconfig.go => platform_config.go rename apple_mobileconfig.go to platform_config.go since the file includes configuration info for multiple platforms now. --- apple_mobileconfig.go => platform_config.go | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename apple_mobileconfig.go => platform_config.go (100%) diff --git a/apple_mobileconfig.go b/platform_config.go similarity index 100% rename from apple_mobileconfig.go rename to platform_config.go From 575f33d18326df526214f58949a5834738b0dbaa Mon Sep 17 00:00:00 2001 From: e-zk Date: Fri, 4 Mar 2022 20:35:09 +1000 Subject: [PATCH 6/8] docs: fix comments to comply with golangci-lint --- platform_config.go | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/platform_config.go b/platform_config.go index 86273e7..d36a37c 100644 --- a/platform_config.go +++ b/platform_config.go @@ -11,8 +11,7 @@ import ( "github.com/rs/zerolog/log" ) -// WindowsConfigMessage shows a simple message in the browser for how to -// configure the Windows tailscale client. +// WindowsConfigMessage shows a simple message in the browser for how to configure the Windows Tailscale client. func (h *Headscale) WindowsConfigMessage(ctx *gin.Context) { winTemplate := template.Must(template.New("windows").Parse(` @@ -76,8 +75,7 @@ REG ADD "HKLM\Software\Tailscale IPN" /v LoginURL /t REG_SZ /d "{{.URL}}" ctx.Data(http.StatusOK, "text/html; charset=utf-8", payload.Bytes()) } -// WindowsRegConfig generates and serves the .reg file -// pre-configured to the headscale server address +// WindowsRegConfig generates and serves a .reg file configured with the Headscale server address. func (h *Headscale) WindowsRegConfig(ctx *gin.Context) { config := WindowsRegistryConfig{ URL: h.cfg.ServerURL, @@ -105,8 +103,7 @@ func (h *Headscale) WindowsRegConfig(ctx *gin.Context) { ) } -// AppleConfigMessage shows a simple message in the browser to point the user -// to the iOS/MacOS profile and instructions for how to install it +// AppleConfigMessage shows a simple message in the browser to point the user to the iOS/MacOS profile and instructions for how to install it. func (h *Headscale) AppleConfigMessage(ctx *gin.Context) { appleTemplate := template.Must(template.New("apple").Parse(` From a70669fca7614790bdf1f506dabcd1a89efbbdff Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 4 Mar 2022 11:04:12 +0000 Subject: [PATCH 7/8] docs(README): update contributors --- README.md | 43 +++++++++++++++++++++++++------------------ 1 file changed, 25 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index d9d050f..1b97b1a 100644 --- a/README.md +++ b/README.md @@ -198,6 +198,13 @@ make build Alessandro (Ale) Segala + + + e-zk/ +
+ e-zk +
+ unreality/ @@ -206,10 +213,10 @@ make build - - e-zk/ + + Nico/
- e-zk + Nico
@@ -226,6 +233,8 @@ make build Aaron Bieber + + Fernando @@ -233,8 +242,6 @@ make build Fernando De Lucchi - - Hoàng @@ -270,6 +277,8 @@ make build Silver Bullet + + Stefan @@ -277,13 +286,11 @@ make build Stefan Majer - - - - fincac/ + + lachy2849/
- fincac + lachy2849
@@ -314,6 +321,8 @@ make build Arthur Woimbée + + Bryan @@ -321,8 +330,6 @@ make build Bryan Stenson - - Felix @@ -358,6 +365,8 @@ make build Jim Tittsler + + Pierre @@ -365,8 +374,6 @@ make build Pierre Carru - - rcursaru/ @@ -402,6 +409,8 @@ make build Teteros + + The @@ -409,8 +418,6 @@ make build The Gitter Badger - - Tianon @@ -446,6 +453,8 @@ make build derelm + + ignoramous/ @@ -453,8 +462,6 @@ make build ignoramous - - lion24/ From 35efd8f95a5f33aebbd4e1377b55232d713299c7 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 5 Mar 2022 00:09:36 +0000 Subject: [PATCH 8/8] chore(deps): update dependency docker.io/golang to v1.17.8 --- Dockerfile | 2 +- Dockerfile.alpine | 2 +- Dockerfile.debug | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 86f5bd4..3ab9c1d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Builder image -FROM docker.io/golang:1.17.7-bullseye AS build +FROM docker.io/golang:1.17.8-bullseye AS build ENV GOPATH /go WORKDIR /go/src/headscale diff --git a/Dockerfile.alpine b/Dockerfile.alpine index af88434..1f0d635 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -1,5 +1,5 @@ # Builder image -FROM docker.io/golang:1.17.7-alpine AS build +FROM docker.io/golang:1.17.8-alpine AS build ENV GOPATH /go WORKDIR /go/src/headscale diff --git a/Dockerfile.debug b/Dockerfile.debug index 38385ce..e73c064 100644 --- a/Dockerfile.debug +++ b/Dockerfile.debug @@ -1,5 +1,5 @@ # Builder image -FROM docker.io/golang:1.17.7-bullseye AS build +FROM docker.io/golang:1.17.8-bullseye AS build ENV GOPATH /go WORKDIR /go/src/headscale