Rebase fork 3#5
Open
afhammad wants to merge 81 commits into
Open
Conversation
Signed-off-by: Sam Lijin <dev@sxlijin.com>
When loading stats from the database, map IDs back to their canonical short name, which is what we want to show in the frontend. This is only called once on cold start, so performance of loading all links isn't a big concern. Fixes tailscale#13 Signed-off-by: Will Norris <will@tailscale.com>
Currently, the special "tagged-devices" user (which exists for any tagged devices in the tailnet) can own go links. This change permits tagged devices to continue to create go links, but skips over them for ownership checks, allowing any human user can take over ownership. Fixes tailscale#37 Signed-off-by: Will Norris <will@tailscale.com>
Updates the log msg to use owner. Signed-off-by: Simon Hayward <simonhayward@users.noreply.github.com>
Fixes tailscale#42 Signed-off-by: Will Norris <will@tailscale.com>
Use a build image built for the native architecture so that it doesn't run in emulation mode. Switch to Chainguard's wolfi/glibc build image. This limits our build architectures to just amd64 and arm64, but that is sufficient for our needs. Updates tailscale#42 Updates tailscale#43 Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Manuel Coppotelli <hi@manuel.coppotelli.me>
* Add Flake file (Nix package, NixOS module) This commit adds a Flake.nix file allowing Nix users to consume this repo with `nix build`, `nix run` and adds a NixOS module to quickly spin up the service. * add github action file for nix build --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> Co-authored-by: Xe Iaso <me@xeiaso.net>
Fixes tailscale#51 Signed-off-by: Will Norris <will@tailscale.com>
PR tailscale#12 changes directory used by Docker image. This commit updates the fly.io instructions to use the same directory. Signed-off-by: Gabriel Wong <gabriel@bifrost.ai>
Signed-off-by: Gabriel Wong <gabriel@bifrost.ai>
Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Will Norris <will@tailscale.com>
Add "User" to the expansion environment for links. The intent here it support personalized go links such as: go/mycal => https://calendar.google.com/calendar/embed?src={{.User}} That's not a terribly interesting example, but there are others I intend to use internally. Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Felix Heilmeyer <code@fehe.eu>
Signed-off-by: Maisem Ali <maisem@tailscale.com>
Signed-off-by: Maisem Ali <maisem@tailscale.com>
It's not uncommon to have multiple links pointing to the same destination, for example to handle different spellings of a word or because different people created them at different times. A common best practice is to select one as the "primary" link and point the others to that link as "aliases". This change updates resolveLink to follow those aliases so that the final destination is returned when using `golink -resolve-from-backup`. Signed-off-by: Will Norris <will@tailscale.com>
Also check error returned from tmpl.Execute. Refactor currentUser to make the logic a little simpler, and make it a package var for easier testing. Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Will Norris <will@tailscale.com>
To delete a link, go to its page in `.detail` and click on the "Delete" button. Stats for the deleted link are removed as well. Co-authored-by: Will Norris <will@tailscale.com> Signed-off-by: Gabriel Wong <gabriel@bifrost.ai> Signed-off-by: Will Norris <will@tailscale.com>
If the current user can't be determined (either because of a legitimate
error within the localapi client, or the user is coming through a subnet
router and doesn't have a Tailscale IP address), and the
-allow-unknown-users flag is set, then go ahead and save new links
without an owner.
By saving links without an owner, these unknown users can continue to
modify the link, and actual Tailscale users can take ownership. Once the
link is owned, it can no longer be modified by anyone other than the
owner.
Links that use the current user by having `{{ .User }}` in their long
URL cannot be resolved by unknown users and will return an error.
Fixes tailscale#60
Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Will Norris <will@tailscale.com>
bump version again, back to the latest commit on main, rather than the latest released version. Otherwise, this causes issues in tailscale's corp repo (sadly). Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Resolve broken nix build due to us using Go 1.21 to build a 1.22 minimum package. Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>
We have fixed the issue in the corp repo that required us to use pseudo-versions for the tailscale.com module here. So we can now switch to the latest stable version. Signed-off-by: Will Norris <will@tailscale.com>
we've had support for enabling the web UI in tsnet apps from the beginning, but I don't think we've ever actually used it anywhere. some of the settings exposed through the web ui don't make a ton of sense for tsnet, and might not even work. But we're working toward being able to enable the web ui on clients by default (with all of the existing restrictions and ACL enforcement in place), and golink seemed like a good playground to try it in a tsnet app. Signed-off-by: Will Norris <will@tailscale.com>
Fixes tailscale#107 Signed-off-by: Will Norris <will@tailscale.com>
If you visit a non-existent go link, we render the home page and pre- populate the "short" input with the name of the link, and autofocus the "long" input so that you can simply paste a long URL and submit. It is common (at least at Tailscale) to create go links that correspond to the name of a device on the tailnet. For example, go/who points to http://who/. With this change, when you visit a non-existent go link, we check to see if a peer exists on the tailnet with that name, and if so we suggest that as the long URL. Signed-off-by: Will Norris <will@tailscale.com>
Also, fix a lint. Fixes tailscale#116 Signed-off-by: Chris Palmer <cpalmer@tailscale.com>
Updates tailscale#18 Updates tailscale#22 Updates tailscale#86 Updates tailscale#120 Signed-off-by: Will Norris <will@tailscale.com>
golink is a tsnet service, and Tailscale's data plane is very good at monitoring for changes to network state and reacting to them. As such, it doesn't need to wait for network-online.target, it can start up concurrently with everything else and shorten the long pole of bootup. Additionally, network-online.target is an antipattern in systemd that almost never means what people want it to mean. "Online" has no precise definition, and (I posit) almost never matches the ideal version of "online" that people have in their mind. It specifically does _not_ mean that the network functions, or that any particular flavor of connectivity exists. A machine behind a captive portal is "online" for the purposes of bootup, and so is a machine that got a DHCP lease but is having all its packets blackholed. Systemd has a whole page of documentation on "what does online even mean", because this is such a recurring point of confusion: https://systemd.io/NETWORK_ONLINE/ It is almost always wrong to depend on network-online.target, and I wish it was named slow-down-boot-for-no-reason.target, which is how most downstream programs use it. </rant>, the point is, golink is a well-behaved service that reacts to connectivity changes on the fly (it has to, that's what tailscale does), and so can be started concurrently with networking and other services.
Add a "Match" template func, which uses regexp.MatchString to match a value against a regular expression pattern. Fixes tailscale#125 Signed-off-by: Will Norris <will@tailscale.com>
we've never tagged stable releases, but should really do so. This change will cause our docker images to be tagged following typical semver fashion... the initial `v1.0.0` release will be tagged `v1`, `v1.0`, `v1.0.0`, and `latest`. Updates tailscale#104 Signed-off-by: Will Norris <will@tailscale.com>
Two fixes, both of which would be sufficient on their own, but are both still worth doing: - redirect /.detail/ URLs to always use canonical link names. For example, for a go/foo link, a request to /.detail/F-O-O will redirect to /.detail/foo. - use the canonical link short name for xsrf token generation and validation, rather than the user-provided short name. Fixes tailscale#128 Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Paul Scott <paul@tailscale.com>
Signed-off-by: Will Norris <will@tailscale.com> Co-authored-by: Will Norris <will@tailscale.com>
This allows us to include the custom hostname in the sample form. Updates tailscale#133 Signed-off-by: Will Norris <will@tailscale.com>
Chainguard removed arm/v7 support from their free images: https://www.chainguard.dev/unchained/changes-to-static-git-and-busybox-developer-images Switch to the official `go` image for builds and distroless for packaging. Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
* Update to Tailscale v1.72.0 Signed-off-by: Andrea Gottardo <andrea@gottardo.me> * Bump to v1.72.1 Signed-off-by: Andrea Gottardo <andrea@gottardo.me> --------- Signed-off-by: Andrea Gottardo <andrea@gottardo.me>
When resolving links from an offline backup, this creates extra noise. Updates tailscale/corp#22700 Signed-off-by: Will Norris <will@tailscale.com>
Without the git CLI, `go build` will not produce the embedded VCS metadata that's used to report the commit hash in node version string. This fixes the `1.72.1-ERR-BuildInfo` version string reported to Tailscale. Fixes tailscale#140 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
Signed-off-by: Peyton Walters <peyton@modal.com>
We need TrimPrefix and ToUpper for some links at Tailscale, and might as well ToLower as well at that point. Updates tailscale#10 Change-Id: Ia101a4a3005adb9118051b3416f5a64a4a45987d Signed-off-by: Will Norris <will@tailscale.com>
Updates tailscale#144 Change-Id: Ia101a4a3005adb9118051b3416f5a64a4a45987d Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Keli Velazquez <keli@tailscale.com>
By default, the directory chosen by tsnet is based on the name of the binary. Allow the operator to set it explicitly, to avoid confusing deployments. Signed-off-by: M. J. Fromberger <fromberger@tailscale.com>
* go.mod: use latest corp build of tailscale Signed-off-by: Keli Velazquez <keli@tailscale.com>
It's not uncommon for auto-linkers or simple copy/paste errors to accidentally include trailing punctuation in a golink. When resolving links, if the initial link was not found, then try again with common punctuation (that is invalid in link names anyway) removed. Fixes tailscale#148 Change-Id: Ia101a4a3005adb9118051b3416f5a64a4a45987d Signed-off-by: Will Norris <will@tailscale.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
I resolved the conflicts on the branch but somehow github is still showing them in the PR..