c8ebbede54
This PR removes the complicated session management introduced in https://github.com/juanfont/headscale/pull/1791 which kept track of the sessions in a map, in addition to the channel already kept track of in the notifier. Instead of trying to close the mapsession, it will now be replaced by the new one and closed after so all new updates goes to the right place. The map session serve function is also split into a streaming and a non-streaming version for better readability. RemoveNode in the notifier will not remove a node if the channel is not matching the one that has been passed (e.g. it has been replaced with a new one). A new tuning parameter has been added to added to set timeout before the notifier gives up to send an update to a node. Add a keep alive resetter so we wait with sending keep alives if a node has just received an update. In addition it adds a bunch of env debug flags that can be set: - `HEADSCALE_DEBUG_HIGH_CARDINALITY_METRICS`: make certain metrics include per node.id, not recommended to use in prod. - `HEADSCALE_DEBUG_PROFILING_ENABLED`: activate tracing - `HEADSCALE_DEBUG_PROFILING_PATH`: where to store traces - `HEADSCALE_DEBUG_DUMP_CONFIG`: calls `spew.Dump` on the config object startup - `HEADSCALE_DEBUG_DEADLOCK`: enable go-deadlock to dump goroutines if it looks like a deadlock has occured, enabled in integration tests. Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
173 lines
4.9 KiB
Nix
173 lines
4.9 KiB
Nix
{
|
|
description = "headscale - Open Source Tailscale Control server";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
|
flake-utils.url = "github:numtide/flake-utils";
|
|
};
|
|
|
|
outputs = {
|
|
self,
|
|
nixpkgs,
|
|
flake-utils,
|
|
...
|
|
}: let
|
|
headscaleVersion =
|
|
if (self ? shortRev)
|
|
then self.shortRev
|
|
else "dev";
|
|
in
|
|
{
|
|
overlay = _: prev: let
|
|
pkgs = nixpkgs.legacyPackages.${prev.system};
|
|
in rec {
|
|
headscale = pkgs.buildGo122Module rec {
|
|
pname = "headscale";
|
|
version = headscaleVersion;
|
|
src = pkgs.lib.cleanSource self;
|
|
|
|
# Only run unit tests when testing a build
|
|
checkFlags = ["-short"];
|
|
|
|
# When updating go.mod or go.sum, a new sha will need to be calculated,
|
|
# update this if you have a mismatch after doing a change to thos files.
|
|
vendorHash = "sha256-EorT2AVwA3usly/LcNor6r5UIhLCdj3L4O4ilgTIC2o=";
|
|
|
|
subPackages = ["cmd/headscale"];
|
|
|
|
ldflags = ["-s" "-w" "-X github.com/juanfont/headscale/cmd/headscale/cli.Version=v${version}"];
|
|
};
|
|
|
|
protoc-gen-grpc-gateway = pkgs.buildGoModule rec {
|
|
pname = "grpc-gateway";
|
|
version = "2.19.1";
|
|
|
|
src = pkgs.fetchFromGitHub {
|
|
owner = "grpc-ecosystem";
|
|
repo = "grpc-gateway";
|
|
rev = "v${version}";
|
|
sha256 = "sha256-CdGQpQfOSimeio8v1lZ7xzE/oAS2qFyu+uN+H9i7vpo=";
|
|
};
|
|
|
|
vendorHash = "sha256-no7kZGpf/VOuceC3J+izGFQp5aMS3b+Rn+x4BFZ2zgs=";
|
|
|
|
nativeBuildInputs = [pkgs.installShellFiles];
|
|
|
|
subPackages = ["protoc-gen-grpc-gateway" "protoc-gen-openapiv2"];
|
|
};
|
|
};
|
|
}
|
|
// flake-utils.lib.eachDefaultSystem
|
|
(system: let
|
|
pkgs = import nixpkgs {
|
|
overlays = [self.overlay];
|
|
inherit system;
|
|
};
|
|
buildDeps = with pkgs; [git go_1_22 gnumake];
|
|
devDeps = with pkgs;
|
|
buildDeps
|
|
++ [
|
|
golangci-lint
|
|
golines
|
|
nodePackages.prettier
|
|
goreleaser
|
|
nfpm
|
|
gotestsum
|
|
gotests
|
|
ksh
|
|
ko
|
|
yq-go
|
|
ripgrep
|
|
|
|
# 'dot' is needed for pprof graphs
|
|
# go tool pprof -http=: <source>
|
|
graphviz
|
|
|
|
# Protobuf dependencies
|
|
protobuf
|
|
protoc-gen-go
|
|
protoc-gen-go-grpc
|
|
protoc-gen-grpc-gateway
|
|
buf
|
|
clang-tools # clang-format
|
|
];
|
|
|
|
# Add entry to build a docker image with headscale
|
|
# caveat: only works on Linux
|
|
#
|
|
# Usage:
|
|
# nix build .#headscale-docker
|
|
# docker load < result
|
|
headscale-docker = pkgs.dockerTools.buildLayeredImage {
|
|
name = "headscale";
|
|
tag = headscaleVersion;
|
|
contents = [pkgs.headscale];
|
|
config.Entrypoint = [(pkgs.headscale + "/bin/headscale")];
|
|
};
|
|
in rec {
|
|
# `nix develop`
|
|
devShell = pkgs.mkShell {
|
|
buildInputs =
|
|
devDeps
|
|
++ [
|
|
(pkgs.writeShellScriptBin
|
|
"nix-vendor-sri"
|
|
''
|
|
set -eu
|
|
|
|
OUT=$(mktemp -d -t nar-hash-XXXXXX)
|
|
rm -rf "$OUT"
|
|
|
|
go mod vendor -o "$OUT"
|
|
go run tailscale.com/cmd/nardump --sri "$OUT"
|
|
rm -rf "$OUT"
|
|
'')
|
|
|
|
(pkgs.writeShellScriptBin
|
|
"go-mod-update-all"
|
|
''
|
|
cat go.mod | ${pkgs.silver-searcher}/bin/ag "\t" | ${pkgs.silver-searcher}/bin/ag -v indirect | ${pkgs.gawk}/bin/awk '{print $1}' | ${pkgs.findutils}/bin/xargs go get -u
|
|
go mod tidy
|
|
'')
|
|
];
|
|
|
|
shellHook = ''
|
|
export PATH="$PWD/result/bin:$PATH"
|
|
'';
|
|
};
|
|
|
|
# `nix build`
|
|
packages = with pkgs; {
|
|
inherit headscale;
|
|
inherit headscale-docker;
|
|
};
|
|
defaultPackage = pkgs.headscale;
|
|
|
|
# `nix run`
|
|
apps.headscale = flake-utils.lib.mkApp {
|
|
drv = packages.headscale;
|
|
};
|
|
apps.default = apps.headscale;
|
|
|
|
checks = {
|
|
format =
|
|
pkgs.runCommand "check-format"
|
|
{
|
|
buildInputs = with pkgs; [
|
|
gnumake
|
|
nixpkgs-fmt
|
|
golangci-lint
|
|
nodePackages.prettier
|
|
golines
|
|
clang-tools
|
|
];
|
|
} ''
|
|
${pkgs.nixpkgs-fmt}/bin/nixpkgs-fmt ${./.}
|
|
${pkgs.golangci-lint}/bin/golangci-lint run --fix --timeout 10m
|
|
${pkgs.nodePackages.prettier}/bin/prettier --write '**/**.{ts,js,md,yaml,yml,sass,css,scss,html}'
|
|
${pkgs.golines}/bin/golines --max-len=88 --base-formatter=gofumpt -w ${./.}
|
|
${pkgs.clang-tools}/bin/clang-format -style="{BasedOnStyle: Google, IndentWidth: 4, AlignConsecutiveDeclarations: true, AlignConsecutiveAssignments: true, ColumnLimit: 0}" -i ${./.}
|
|
'';
|
|
};
|
|
});
|
|
}
|