cmd/tsconnect: pop CTA to make everything work with tailnet lock

Signed-off-by: Tom DNetto <tom@tailscale.com>
pull/7477/head
Tom DNetto 2 years ago committed by Tom
parent 387b68fe11
commit 2263d9c44b

@ -43,8 +43,26 @@ class App extends Component<{}, AppState> {
) )
} }
const lockedOut = netMap?.lockedOut
let lockedOutInstructions
if (lockedOut) {
lockedOutInstructions = (
<div class="container mx-auto px-4 text-center space-y-4">
<p>This instance of Tailscale Connect needs to be signed, due to
{" "}<a href="https://tailscale.com/kb/1226/tailnet-lock/" class="link">tailnet lock</a>{" "}
being enabled on this domain.
</p>
<p>
Run the following command on a device with a trusted tailnet lock key:
<pre>tailscale lock sign {netMap.self.nodeKey}</pre>
</p>
</div>
)
}
let ssh let ssh
if (ipn && ipnState === "Running" && netMap) { if (ipn && ipnState === "Running" && netMap && !lockedOut) {
ssh = <SSH netMap={netMap} ipn={ipn} /> ssh = <SSH netMap={netMap} ipn={ipn} />
} }
@ -55,6 +73,7 @@ class App extends Component<{}, AppState> {
<div class="flex-grow flex flex-col justify-center overflow-hidden"> <div class="flex-grow flex flex-col justify-center overflow-hidden">
{urlDisplay} {urlDisplay}
{machineAuthInstructions} {machineAuthInstructions}
{lockedOutInstructions}
{ssh} {ssh}
</div> </div>
</> </>

@ -60,11 +60,11 @@ function SSHSession({
function NoSSHPeers() { function NoSSHPeers() {
return ( return (
<div class="container mx-auto px-4 text-center"> <div class="container mx-auto px-4 text-center">
None of your machines have None of your machines have{" "}
<a href="https://tailscale.com/kb/1193/tailscale-ssh/" class="link"> <a href="https://tailscale.com/kb/1193/tailscale-ssh/" class="link">
Tailscale SSH Tailscale SSH
</a> </a>
enabled. Give it a try! {" "}enabled. Give it a try!
</div> </div>
) )
} }

@ -63,6 +63,7 @@ declare global {
type IPNNetMap = { type IPNNetMap = {
self: IPNNetMapSelfNode self: IPNNetMapSelfNode
peers: IPNNetMapPeerNode[] peers: IPNNetMapPeerNode[]
lockedOut: boolean
} }
type IPNNetMapNode = { type IPNNetMapNode = {

@ -272,6 +272,7 @@ func (i *jsIPN) run(jsCallbacks js.Value) {
TailscaleSSHEnabled: p.Hostinfo.TailscaleSSHEnabled(), TailscaleSSHEnabled: p.Hostinfo.TailscaleSSHEnabled(),
} }
}), }),
LockedOut: nm.TKAEnabled && len(nm.SelfNode.KeySignature) == 0,
} }
if jsonNetMap, err := json.Marshal(jsNetMap); err == nil { if jsonNetMap, err := json.Marshal(jsNetMap); err == nil {
jsCallbacks.Call("notifyNetMap", string(jsonNetMap)) jsCallbacks.Call("notifyNetMap", string(jsonNetMap))
@ -521,8 +522,9 @@ func (w termWriter) Write(p []byte) (n int, err error) {
} }
type jsNetMap struct { type jsNetMap struct {
Self jsNetMapSelfNode `json:"self"` Self jsNetMapSelfNode `json:"self"`
Peers []jsNetMapPeerNode `json:"peers"` Peers []jsNetMapPeerNode `json:"peers"`
LockedOut bool `json:"lockedOut"`
} }
type jsNetMapNode struct { type jsNetMapNode struct {

@ -108,6 +108,7 @@
graphviz graphviz
perl perl
go_1_20 go_1_20
yarn
]; ];
}; };
}; };

Loading…
Cancel
Save