Make DERP Region configurable

This commit is contained in:
Juan Font Alonso 2022-03-06 17:25:21 +01:00
parent eb500155e8
commit eb06054a7b
4 changed files with 41 additions and 21 deletions

17
app.go
View file

@ -120,13 +120,16 @@ type OIDCConfig struct {
} }
type DERPConfig struct { type DERPConfig struct {
ServerEnabled bool ServerEnabled bool
STUNEnabled bool ServerRegionID int
STUNAddr string ServerRegionCode string
URLs []url.URL ServerRegionName string
Paths []string STUNEnabled bool
AutoUpdate bool STUNAddr string
UpdateFrequency time.Duration URLs []url.URL
Paths []string
AutoUpdate bool
UpdateFrequency time.Duration
} }
type CLIConfig struct { type CLIConfig struct {

View file

@ -117,7 +117,10 @@ func LoadConfig(path string) error {
} }
func GetDERPConfig() headscale.DERPConfig { func GetDERPConfig() headscale.DERPConfig {
enabled := viper.GetBool("derp.server.enabled") serverEnabled := viper.GetBool("derp.server.enabled")
serverRegionID := viper.GetInt("derp.server.region_id")
serverRegionCode := viper.GetString("derp.server.region_code")
serverRegionName := viper.GetString("derp.server.region_name")
stunEnabled := viper.GetBool("derp.server.stun.enabled") stunEnabled := viper.GetBool("derp.server.stun.enabled")
stunAddr := viper.GetString("derp.server.stun.listen_addr") stunAddr := viper.GetString("derp.server.stun.listen_addr")
@ -142,13 +145,16 @@ func GetDERPConfig() headscale.DERPConfig {
updateFrequency := viper.GetDuration("derp.update_frequency") updateFrequency := viper.GetDuration("derp.update_frequency")
return headscale.DERPConfig{ return headscale.DERPConfig{
ServerEnabled: enabled, ServerEnabled: serverEnabled,
STUNEnabled: stunEnabled, ServerRegionID: serverRegionID,
STUNAddr: stunAddr, ServerRegionCode: serverRegionCode,
URLs: urls, ServerRegionName: serverRegionName,
Paths: paths, STUNEnabled: stunEnabled,
AutoUpdate: autoUpdate, STUNAddr: stunAddr,
UpdateFrequency: updateFrequency, URLs: urls,
Paths: paths,
AutoUpdate: autoUpdate,
UpdateFrequency: updateFrequency,
} }
} }

View file

@ -60,6 +60,15 @@ derp:
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place # The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
enabled: false enabled: false
# Region ID to use for the embedded DERP server.
# The local DERP prevails if the region ID collides with other region ID coming from
# the regular DERP config.
region_id: 999
# Region code and name are displayed in the Tailscale UI to identify a DERP region
region_code: "headscale"
region_name: "Headscale Embedded DERP"
# If enabled, also listens in the configured address for STUN connections to help on NAT traversal # If enabled, also listens in the configured address for STUN connections to help on NAT traversal
# For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/ # For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
stun: stun:

View file

@ -62,14 +62,14 @@ func (h *Headscale) generateRegionLocalDERP() (tailcfg.DERPRegion, error) {
} }
localDERPregion := tailcfg.DERPRegion{ localDERPregion := tailcfg.DERPRegion{
RegionID: 999, RegionID: h.cfg.DERP.ServerRegionID,
RegionCode: "headscale", RegionCode: h.cfg.DERP.ServerRegionCode,
RegionName: "Headscale Embedded DERP", RegionName: h.cfg.DERP.ServerRegionName,
Avoid: false, Avoid: false,
Nodes: []*tailcfg.DERPNode{ Nodes: []*tailcfg.DERPNode{
{ {
Name: "999a", Name: fmt.Sprintf("%d", h.cfg.DERP.ServerRegionID),
RegionID: 999, RegionID: h.cfg.DERP.ServerRegionID,
HostName: host, HostName: host,
DERPPort: port, DERPPort: port,
}, },
@ -108,6 +108,7 @@ func (h *Headscale) DERPHandler(ctx *gin.Context) {
if !ok { if !ok {
log.Error().Caller().Msg("DERP requires Hijacker interface from Gin") log.Error().Caller().Msg("DERP requires Hijacker interface from Gin")
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support") ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
return return
} }
@ -115,6 +116,7 @@ func (h *Headscale) DERPHandler(ctx *gin.Context) {
if err != nil { if err != nil {
log.Error().Caller().Err(err).Msgf("Hijack failed") log.Error().Caller().Err(err).Msgf("Hijack failed")
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support") ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
return return
} }
@ -169,7 +171,7 @@ func (h *Headscale) DERPBootstrapDNSHandler(ctx *gin.Context) {
ctx.JSON(http.StatusOK, dnsEntries) ctx.JSON(http.StatusOK, dnsEntries)
} }
// ServeSTUN starts a STUN server on the configured addr // ServeSTUN starts a STUN server on the configured addr.
func (h *Headscale) ServeSTUN() { func (h *Headscale) ServeSTUN() {
packetConn, err := net.ListenPacket("udp", h.cfg.DERP.STUNAddr) packetConn, err := net.ListenPacket("udp", h.cfg.DERP.STUNAddr)
if err != nil { if err != nil {