Make DERP Region configurable
This commit is contained in:
parent
eb500155e8
commit
eb06054a7b
4 changed files with 41 additions and 21 deletions
17
app.go
17
app.go
|
@ -120,13 +120,16 @@ type OIDCConfig struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type DERPConfig struct {
|
type DERPConfig struct {
|
||||||
ServerEnabled bool
|
ServerEnabled bool
|
||||||
STUNEnabled bool
|
ServerRegionID int
|
||||||
STUNAddr string
|
ServerRegionCode string
|
||||||
URLs []url.URL
|
ServerRegionName string
|
||||||
Paths []string
|
STUNEnabled bool
|
||||||
AutoUpdate bool
|
STUNAddr string
|
||||||
UpdateFrequency time.Duration
|
URLs []url.URL
|
||||||
|
Paths []string
|
||||||
|
AutoUpdate bool
|
||||||
|
UpdateFrequency time.Duration
|
||||||
}
|
}
|
||||||
|
|
||||||
type CLIConfig struct {
|
type CLIConfig struct {
|
||||||
|
|
|
@ -117,7 +117,10 @@ func LoadConfig(path string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetDERPConfig() headscale.DERPConfig {
|
func GetDERPConfig() headscale.DERPConfig {
|
||||||
enabled := viper.GetBool("derp.server.enabled")
|
serverEnabled := viper.GetBool("derp.server.enabled")
|
||||||
|
serverRegionID := viper.GetInt("derp.server.region_id")
|
||||||
|
serverRegionCode := viper.GetString("derp.server.region_code")
|
||||||
|
serverRegionName := viper.GetString("derp.server.region_name")
|
||||||
stunEnabled := viper.GetBool("derp.server.stun.enabled")
|
stunEnabled := viper.GetBool("derp.server.stun.enabled")
|
||||||
stunAddr := viper.GetString("derp.server.stun.listen_addr")
|
stunAddr := viper.GetString("derp.server.stun.listen_addr")
|
||||||
|
|
||||||
|
@ -142,13 +145,16 @@ func GetDERPConfig() headscale.DERPConfig {
|
||||||
updateFrequency := viper.GetDuration("derp.update_frequency")
|
updateFrequency := viper.GetDuration("derp.update_frequency")
|
||||||
|
|
||||||
return headscale.DERPConfig{
|
return headscale.DERPConfig{
|
||||||
ServerEnabled: enabled,
|
ServerEnabled: serverEnabled,
|
||||||
STUNEnabled: stunEnabled,
|
ServerRegionID: serverRegionID,
|
||||||
STUNAddr: stunAddr,
|
ServerRegionCode: serverRegionCode,
|
||||||
URLs: urls,
|
ServerRegionName: serverRegionName,
|
||||||
Paths: paths,
|
STUNEnabled: stunEnabled,
|
||||||
AutoUpdate: autoUpdate,
|
STUNAddr: stunAddr,
|
||||||
UpdateFrequency: updateFrequency,
|
URLs: urls,
|
||||||
|
Paths: paths,
|
||||||
|
AutoUpdate: autoUpdate,
|
||||||
|
UpdateFrequency: updateFrequency,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -60,6 +60,15 @@ derp:
|
||||||
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
|
# Region ID to use for the embedded DERP server.
|
||||||
|
# The local DERP prevails if the region ID collides with other region ID coming from
|
||||||
|
# the regular DERP config.
|
||||||
|
region_id: 999
|
||||||
|
|
||||||
|
# Region code and name are displayed in the Tailscale UI to identify a DERP region
|
||||||
|
region_code: "headscale"
|
||||||
|
region_name: "Headscale Embedded DERP"
|
||||||
|
|
||||||
# If enabled, also listens in the configured address for STUN connections to help on NAT traversal
|
# If enabled, also listens in the configured address for STUN connections to help on NAT traversal
|
||||||
# For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
|
# For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
|
||||||
stun:
|
stun:
|
||||||
|
|
|
@ -62,14 +62,14 @@ func (h *Headscale) generateRegionLocalDERP() (tailcfg.DERPRegion, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
localDERPregion := tailcfg.DERPRegion{
|
localDERPregion := tailcfg.DERPRegion{
|
||||||
RegionID: 999,
|
RegionID: h.cfg.DERP.ServerRegionID,
|
||||||
RegionCode: "headscale",
|
RegionCode: h.cfg.DERP.ServerRegionCode,
|
||||||
RegionName: "Headscale Embedded DERP",
|
RegionName: h.cfg.DERP.ServerRegionName,
|
||||||
Avoid: false,
|
Avoid: false,
|
||||||
Nodes: []*tailcfg.DERPNode{
|
Nodes: []*tailcfg.DERPNode{
|
||||||
{
|
{
|
||||||
Name: "999a",
|
Name: fmt.Sprintf("%d", h.cfg.DERP.ServerRegionID),
|
||||||
RegionID: 999,
|
RegionID: h.cfg.DERP.ServerRegionID,
|
||||||
HostName: host,
|
HostName: host,
|
||||||
DERPPort: port,
|
DERPPort: port,
|
||||||
},
|
},
|
||||||
|
@ -108,6 +108,7 @@ func (h *Headscale) DERPHandler(ctx *gin.Context) {
|
||||||
if !ok {
|
if !ok {
|
||||||
log.Error().Caller().Msg("DERP requires Hijacker interface from Gin")
|
log.Error().Caller().Msg("DERP requires Hijacker interface from Gin")
|
||||||
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
|
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -115,6 +116,7 @@ func (h *Headscale) DERPHandler(ctx *gin.Context) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error().Caller().Err(err).Msgf("Hijack failed")
|
log.Error().Caller().Err(err).Msgf("Hijack failed")
|
||||||
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
|
ctx.String(http.StatusInternalServerError, "HTTP does not support general TCP support")
|
||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -169,7 +171,7 @@ func (h *Headscale) DERPBootstrapDNSHandler(ctx *gin.Context) {
|
||||||
ctx.JSON(http.StatusOK, dnsEntries)
|
ctx.JSON(http.StatusOK, dnsEntries)
|
||||||
}
|
}
|
||||||
|
|
||||||
// ServeSTUN starts a STUN server on the configured addr
|
// ServeSTUN starts a STUN server on the configured addr.
|
||||||
func (h *Headscale) ServeSTUN() {
|
func (h *Headscale) ServeSTUN() {
|
||||||
packetConn, err := net.ListenPacket("udp", h.cfg.DERP.STUNAddr)
|
packetConn, err := net.ListenPacket("udp", h.cfg.DERP.STUNAddr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
Loading…
Reference in a new issue