Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for PreAuthKey tags/automatic tagging #767

Merged
merged 14 commits into from
Sep 23, 2022
Merged
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
- Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811)
- Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653)
- Add support for generating pre-auth keys with tags [#767](https://github.com/juanfont/headscale/pull/767)

## 0.16.4 (2022-08-21)

Expand Down
12 changes: 6 additions & 6 deletions acls_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ func (s *Suite) TestValidExpandTagOwnersInSources(c *check.C) {
namespace, err := app.CreateNamespace("user1")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("user1", "testmachine")
Expand Down Expand Up @@ -164,7 +164,7 @@ func (s *Suite) TestValidExpandTagOwnersInDestinations(c *check.C) {
namespace, err := app.CreateNamespace("user1")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("user1", "testmachine")
Expand Down Expand Up @@ -214,7 +214,7 @@ func (s *Suite) TestInvalidTagValidNamespace(c *check.C) {
namespace, err := app.CreateNamespace("user1")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("user1", "testmachine")
Expand Down Expand Up @@ -263,7 +263,7 @@ func (s *Suite) TestValidTagInvalidNamespace(c *check.C) {
namespace, err := app.CreateNamespace("user1")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("user1", "webserver")
Expand Down Expand Up @@ -395,7 +395,7 @@ func (s *Suite) TestPortNamespace(c *check.C) {
namespace, err := app.CreateNamespace("testnamespace")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("testnamespace", "testmachine")
Expand Down Expand Up @@ -437,7 +437,7 @@ func (s *Suite) TestPortGroup(c *check.C) {
namespace, err := app.CreateNamespace("testnamespace")
c.Assert(err, check.IsNil)

pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil)
pak, err := app.CreatePreAuthKey(namespace.Name, false, false, nil, nil)
c.Assert(err, check.IsNil)

_, err = app.GetMachine("testnamespace", "testmachine")
Expand Down
25 changes: 24 additions & 1 deletion cmd/headscale/cli/preauthkeys.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package cli
import (
"fmt"
"strconv"
"strings"
"time"

v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
Expand Down Expand Up @@ -33,6 +34,8 @@ func init() {
Bool("ephemeral", false, "Preauthkey for ephemeral nodes")
createPreAuthKeyCmd.Flags().
StringP("expiration", "e", DefaultPreAuthKeyExpiry, "Human-readable expiration of the key (e.g. 30m, 24h)")
createPreAuthKeyCmd.Flags().
StringSlice("tags", []string{}, "Tags to automatically assign to node")
}

var preauthkeysCmd = &cobra.Command{
Expand Down Expand Up @@ -81,7 +84,16 @@ var listPreAuthKeys = &cobra.Command{
}

tableData := pterm.TableData{
{"ID", "Key", "Reusable", "Ephemeral", "Used", "Expiration", "Created"},
{
"ID",
"Key",
"Reusable",
"Ephemeral",
"Used",
"Expiration",
"Created",
"Tags",
},
}
for _, key := range response.PreAuthKeys {
expiration := "-"
Expand All @@ -96,6 +108,14 @@ var listPreAuthKeys = &cobra.Command{
reusable = fmt.Sprintf("%v", key.GetReusable())
}

aclTags := ""

for _, tag := range key.AclTags {
aclTags += "," + tag
}

aclTags = strings.TrimLeft(aclTags, ",")

tableData = append(tableData, []string{
key.GetId(),
key.GetKey(),
Expand All @@ -104,6 +124,7 @@ var listPreAuthKeys = &cobra.Command{
strconv.FormatBool(key.GetUsed()),
expiration,
key.GetCreatedAt().AsTime().Format("2006-01-02 15:04:05"),
aclTags,
})

}
Expand Down Expand Up @@ -136,6 +157,7 @@ var createPreAuthKeyCmd = &cobra.Command{

reusable, _ := cmd.Flags().GetBool("reusable")
ephemeral, _ := cmd.Flags().GetBool("ephemeral")
tags, _ := cmd.Flags().GetStringSlice("tags")

log.Trace().
Bool("reusable", reusable).
Expand All @@ -147,6 +169,7 @@ var createPreAuthKeyCmd = &cobra.Command{
Namespace: namespace,
Reusable: reusable,
Ephemeral: ephemeral,
AclTags: tags,
}

durationStr, _ := cmd.Flags().GetString("expiration")
Expand Down
5 changes: 5 additions & 0 deletions db.go
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,11 @@ func (h *Headscale) initDB() error {
return err
}

err = db.AutoMigrate(&PreAuthKeyACLTag{})
if err != nil {
return err
}

_ = db.Migrator().DropTable("shared_machines")

err = db.AutoMigrate(&APIKey{})
Expand Down
8 changes: 8 additions & 0 deletions dns_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -134,6 +135,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -142,6 +144,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -150,6 +153,7 @@ func (s *Suite) TestDNSConfigMapResponseWithMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand Down Expand Up @@ -269,6 +273,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -277,6 +282,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -285,6 +291,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand All @@ -293,6 +300,7 @@ func (s *Suite) TestDNSConfigMapResponseWithoutMagicDNS(c *check.C) {
false,
false,
nil,
nil,
)
c.Assert(err, check.IsNil)

Expand Down
2 changes: 1 addition & 1 deletion gen/go/headscale/v1/apikey.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion gen/go/headscale/v1/device.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion gen/go/headscale/v1/headscale.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading