cmd/tailscale/cli: add new flag --force-reauth to up subcommand (#717)

Signed-off-by: Halulu <lzjluzijie@gmail.com>
reviewable/pr727/r1
halulu 4 years ago committed by GitHub
parent 9b07517f18
commit 3af2d671e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -15,6 +15,7 @@ import (
"runtime" "runtime"
"strconv" "strconv"
"strings" "strings"
"sync"
"github.com/peterbourgon/ff/v2/ffcli" "github.com/peterbourgon/ff/v2/ffcli"
"github.com/tailscale/wireguard-go/wgcfg" "github.com/tailscale/wireguard-go/wgcfg"
@ -53,6 +54,7 @@ specify any flags, options are reset to their default.
upf.BoolVar(&upArgs.acceptDNS, "accept-dns", true, "accept DNS configuration from the admin panel") upf.BoolVar(&upArgs.acceptDNS, "accept-dns", true, "accept DNS configuration from the admin panel")
upf.BoolVar(&upArgs.singleRoutes, "host-routes", true, "install host routes to other Tailscale nodes") upf.BoolVar(&upArgs.singleRoutes, "host-routes", true, "install host routes to other Tailscale nodes")
upf.BoolVar(&upArgs.shieldsUp, "shields-up", false, "don't allow incoming connections") upf.BoolVar(&upArgs.shieldsUp, "shields-up", false, "don't allow incoming connections")
upf.BoolVar(&upArgs.forceReauth, "force-reauth", false, "force reauthentication")
upf.StringVar(&upArgs.advertiseTags, "advertise-tags", "", "ACL tags to request (comma-separated, e.g. eng,montreal,ssh)") upf.StringVar(&upArgs.advertiseTags, "advertise-tags", "", "ACL tags to request (comma-separated, e.g. eng,montreal,ssh)")
upf.StringVar(&upArgs.authKey, "authkey", "", "node authorization key") upf.StringVar(&upArgs.authKey, "authkey", "", "node authorization key")
upf.StringVar(&upArgs.hostname, "hostname", "", "hostname to use instead of the one provided by the OS") upf.StringVar(&upArgs.hostname, "hostname", "", "hostname to use instead of the one provided by the OS")
@ -75,6 +77,7 @@ var upArgs struct {
acceptDNS bool acceptDNS bool
singleRoutes bool singleRoutes bool
shieldsUp bool shieldsUp bool
forceReauth bool
advertiseRoutes string advertiseRoutes string
advertiseTags string advertiseTags string
enableDERP bool enableDERP bool
@ -212,6 +215,8 @@ func runUp(ctx context.Context, args []string) error {
defer cancel() defer cancel()
var printed bool var printed bool
var loginOnce sync.Once
startLoginInteractive := func() { loginOnce.Do(func() { bc.StartLoginInteractive() }) }
bc.SetPrefs(prefs) bc.SetPrefs(prefs)
opts := ipn.Options{ opts := ipn.Options{
@ -225,7 +230,7 @@ func runUp(ctx context.Context, args []string) error {
switch *s { switch *s {
case ipn.NeedsLogin: case ipn.NeedsLogin:
printed = true printed = true
bc.StartLoginInteractive() startLoginInteractive()
case ipn.NeedsMachineAuth: case ipn.NeedsMachineAuth:
printed = true printed = true
fmt.Fprintf(os.Stderr, "\nTo authorize your machine, visit (as admin):\n\n\t%s/admin/machines\n\n", upArgs.server) fmt.Fprintf(os.Stderr, "\nTo authorize your machine, visit (as admin):\n\n\t%s/admin/machines\n\n", upArgs.server)
@ -251,6 +256,10 @@ func runUp(ctx context.Context, args []string) error {
// ephemeral frontends that read/modify/write state, once // ephemeral frontends that read/modify/write state, once
// Windows/Mac state is moved into backend. // Windows/Mac state is moved into backend.
bc.Start(opts) bc.Start(opts)
if upArgs.forceReauth {
printed = true
startLoginInteractive()
}
pump(ctx, bc, c) pump(ctx, bc, c)
return nil return nil

Loading…
Cancel
Save