tailscale

Commit Graph

Author	SHA1	Message	Date
Sonia Appasamy	7a4ba609d9	client/web: show features based on platform support Hiding/disabling UI features when not available on the running client. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Sonia Appasamy	7d61b827e8	client/web: adjust colors and some UI margins Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Sonia Appasamy	b155c7a091	client/web: move postcss config into package.json A little cleanup. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Aaron Klotz	db39a43f06	util/winutil: add support for restarting Windows processes in specific sessions This PR is all about adding functionality that will enable the installer's upgrade sequence to terminate processes belonging to the previous version, and then subsequently restart instances belonging to the new version within the session(s) corresponding to the processes that were killed. There are multiple parts to this: * We add support for the Restart Manager APIs, which allow us to query the OS for a list of processes locking specific files; * We add the RestartableProcess and RestartableProcesses types that query additional information about the running processes that will allow us to correctly restart them in the future. These types also provide the ability to terminate the processes. * We add the StartProcessInSession family of APIs that permit us to create new processes within specific sessions. This is needed in order to properly attach a new GUI process to the same RDP session and desktop that its previously-terminated counterpart would have been running in. * I tweaked the winutil token APIs again. * A lot of this stuff is pretty hard to test without a very elaborate harness, but I added a unit test for the most complicated part (though it requires LocalSystem to run). Updates https://github.com/tailscale/corp/issues/13998 Signed-off-by: Aaron Klotz <aaron@tailscale.com>	6 months ago
Andrew Lytvynov	59d1077e28	clientupdate: cleanup tailscale binary copies on Windows (#10433 ) When updating on Windows, we make a copy of the tailscale.exe file in a temp directory to perform the update, because the original tailscale.exe gets deleted during the update. This can eat up disk space if a machine is stuck doing repeated failed update attempts. Clean up old copies explicitly before making a new one, same as we do with MSIs. Updates #10082 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	6 months ago
Marwan Sulaiman	b819f66eb1	tsweb: propagate RequestID via context and entire request The recent addition of RequestID was only populated if the HTTP Request had returned an error. This meant that the underlying handler has no access to this request id and any logs it may have emitted were impossible to correlate to that request id. Therefore, this PR adds a middleware to generate request ids and pass them through the request context. The tsweb.StdHandler automatically populates this request id if the middleware is being used. Finally, inner handlers can use the context to retrieve that same request id and use it so that all logs and events can be correlated. Updates #2549 Signed-off-by: Marwan Sulaiman <marwan@tailscale.com>	6 months ago
Juergen Knaack	c27aa9e7ff	net/dns: fix darwin dns resolver files putting each nameserver on one line in /etc/resolver/<domain> fixes: #10134 Signed-off-by: Juergen Knaack <jk@jk-1.de>	6 months ago
Sonia Appasamy	cbd0b60743	client/web: remove ControlAdminURL override Was setting this for testing, snuck into the merged version. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Sonia Appasamy	bcc9b44cb1	client/web: hide admin panel links for non-tailscale control servers Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Claire Wang	8af503b0c5	syspolicy: add exit node related policies (#10172 ) Adds policy keys ExitNodeID and ExitNodeIP. Uses the policy keys to determine the exit node in preferences. Fixes tailscale/corp#15683 Signed-off-by: Claire Wang <claire@tailscale.com>	6 months ago
Sonia Appasamy	ecd1ccb917	client/web: add subnet routes view Add UI view for mutating the node's advertised subnet routes. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Sonia Appasamy	7aa981ba49	client/web: remove duplicate WhoIs call Fixes a TODO in web.authorizeRequest. `getSession` calls `WhoIs` already. Call `getSession` earlier in `authorizeRequest` so we can avoid the duplicate `WhoIs` check on the same request. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Sonia Appasamy	bc4e303846	ipn/ipnstate: add AllowedIPs to PeerStatus Adds AllowedIPs to PeerStatus, allowing for easier lookup of the routes allowed to be routed to a node. Will be using the AllowedIPs of the self node from the web client interface to display approval status of advertised routes. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Andrew Lytvynov	ac4b416c5b	cmd/tailscale,ipn/ipnlocal: pass available update as health message (#10420 ) To be consistent with the formatting of other warnings, pass available update health message instead of handling ClientVersion in he CLI. Fixes #10312 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	6 months ago
Will Norris	26db9775f8	client/web: skip check mode for non-tailscale.com control servers (#10413 ) client/web: skip check mode for non-tailscale.com control servers Only enforce check mode if the control server URL ends in ".tailscale.com". This allows the web client to be used with headscale (or other) control servers while we work with the project to add check mode support (tracked in juanfont/headscale#1623). Updates #10261 Co-authored-by: Sonia Appasamy <sonia@tailscale.com> Signed-off-by: Sonia Appasamy <sonia@tailscale.com> Signed-off-by: Will Norris <will@tailscale.com>	6 months ago
Sonia Appasamy	ab0e25beaa	client/web: fix Vite dev server build error `6e30c9d1f` added eslint to the web client. As a part of that change, the existing yarn.lock file was removed and yarn install run to build with a clean yarn dependencies set with latest versions. This caused a change in the "vite-plugin-rewrite-all" package that fails at build time with our existing vite config. This is a known bug with some suggested fixes: https://vitejs.dev/guide/troubleshooting.html#this-package-is-esm-only Rather than editing our package.json type, this commit reverts back the yarn.lock file to it's contents at the commit just before `6e30c9d1f` and then only runs yarn install to add the new eslint packages, rather than installing the latest versions of all packages. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Tom DNetto	8a660a6513	ipn/ipnlocal: update hostinfo when app connector state is toggled Updates: https://github.com/tailscale/corp/issues/16041 Signed-off-by: Tom DNetto <tom@tailscale.com>	6 months ago
Sonia Appasamy	6e30c9d1fe	client/web: add eslint Add eslint to require stricter typescript rules, particularly around required hook dependencies. This commit also updates any files that were now throwing errors with eslint. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Andrew Lytvynov	5a9e935597	clientupdate: implement update for Unraid (#10344 ) Use the [`plugin` CLI](https://forums.unraid.net/topic/72240-solved-is-there-a-way-to-installuninstall-plugins-from-script/#comment-676870) to fetch and apply the update. Updates https://github.com/tailscale/tailscale/issues/10184 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	6 months ago
Jordan Whited	5e861c3871	wgengine/netstack: disable RACK on Windows (#10402 ) Updates #9707 Signed-off-by: Jordan Whited <jordan@tailscale.com>	6 months ago
Sonia Appasamy	5f40b8a0bc	scripts/check_license_headers: enforce license on ts/tsx files Enforcing inclusion of our OSS license at the top of .ts and .tsx files. Also updates any relevant files in the repo that were previously missing the license comment. An additional `@license` comment is added to client/web/src/index.tsx to preserve the license in generated Javascript. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Jenny Zhang	09b4914916	tka: clarify field comment Updates #cleanup Signed-off-by: Jenny Zhang <jz@tailscale.com>	6 months ago
Denton Gentry	67f3b2a525	tsnet: add CapturePcap method for debugging Application code can call the tsnet s.CapturePcap(filename) method to write all packets, sent and received, to a pcap file. The cleartext packets are written, outside the Wireguard tunnel. This is expected to be useful for debugging. Updates https://github.com/tailscale/tailscale/issues/9707 Signed-off-by: Denton Gentry <dgentry@tailscale.com>	6 months ago
Sonia Appasamy	b247435d66	client/web: scroll exit node dropdown to top on search When search input changes, reset the scroll to the top of the dropdown list. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	6 months ago
Jenny Zhang	d5d84f1a68	cmd/tailscale: also warn about IP forwarding if using CLI set We warn users about IP forwarding being disabled when using `--avertise-routes` in `tailscale up`, this adds the same warnings to `tailscale set`. Updates tailscale/corp#9968 Signed-off-by: Jenny Zhang <jz@tailscale.com>	6 months ago
Irbe Krumina	18ceb4e1f6	cmd/{containerboot,k8s-operator}: allow users to define tailnet egress target by FQDN (#10360 ) * cmd/containerboot: proxy traffic to tailnet target defined by FQDN Add a new Service annotation tailscale.com/tailnet-fqdn that users can use to specify a tailnet target for which an egress proxy should be deployed in the cluster. Updates tailscale/tailscale#10280 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	6 months ago
David Anderson	2a01df97b8	flake.nix: use vendorHash instead of vendorSha256 vendorSha256 is getting retired, and throws warning in builds. Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	6 months ago
Flakes Updater	6b395f6385	go.mod.sri: update SRI hash for go.mod changes Signed-off-by: Flakes Updater <noreply+flakes-updater@tailscale.com>	6 months ago
Charlotte Brandhorst-Satzkorn	9e63bf5fd6	words: crikey! what a beauty of a list If I have to add a tail, or a scale, mate, I will add it. Updates tailscale/corp#14698 Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>	6 months ago
Tom DNetto	611e0a5bcc	appc,ipn/local: support wildcard when matching app-connectors Updates: ENG-2453 Signed-off-by: Tom DNetto <tom@tailscale.com>	6 months ago
Jordan Whited	1af7f5b549	wgengine/magicsock: fix typo in Conn.handlePingLocked() (#10365 ) Updates #cleanup Signed-off-by: Jordan Whited <jordan@tailscale.com>	6 months ago
Andrew Dunham	5aa7687b21	util/httpm: don't run test if .git doesn't exist Updates #9635 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I9089200f9327605036c88fc12834acece0c11694	6 months ago
Claire Wang	afacf2e368	containerboot: Add TS_ACCEPT_ROUTES (#10176 ) Fixes tailscale/corp#15596 Signed-off-by: Claire Wang <claire@tailscale.com>	6 months ago
Gabriel Martinez	128d3ad1a9	cmd/k8s-operator: helm chart add missing keys (#10296 ) * cmd/k8s-operator: add missing keys to Helm values file Updates #10182 Signed-off-by: Gabriel Martinez <gabrielmartinez@sisti.pt>	6 months ago
Jordan Whited	e1d0d26686	go.mod: bump wireguard-go (#10352 ) This pulls in tailscale/wireguard-go@8cc8b8b and tailscale/wireguard-go@cc193a0, which improve throughput and latency under load. Updates tailscale/corp#11061 Signed-off-by: Jordan Whited <jordan@tailscale.com>	6 months ago
Cole Helbling	a8647b3c37	flake: fixup version embedding (#9997 ) It looks like `gitCommitStamp` is the new "entrypoint" for setting this information. Fixes #9996. Signed-off-by: Cole Helbling <cole.helbling@determinate.systems>	6 months ago
Percy Wegmann	17501ea31a	ci: report test coverage to coveralls.io This records test coverage for the amd64 no race tests and uploads the results to coveralls.io. Updates #cleanup Signed-off-by: Ox Cart <ox.to.a.cart@gmail.com>	6 months ago
Irbe Krumina	66471710f8	cmd/k8s-operator: truncate long StatefulSet name prefixes (#10343 ) Kubernetes can generate StatefulSet names that are too long and result in invalid Pod revision hash label values. Calculate whether a StatefulSet name generated for a Service or Ingress will be too long and if so, truncate it. Updates tailscale/tailscale#10284 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	6 months ago
Andrew Lytvynov	2c1f14d9e6	util/set: implement json.Marshaler/Unmarshaler (#10308 ) Marshal as a JSON list instead of a map. Because set elements are `comparable` and not `cmp.Ordered`, we cannot easily sort the items before marshaling. Updates #cleanup Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	6 months ago
Irbe Krumina	dd8bc9ba03	cmd/k8s-operator: log user/group impersonated by apiserver proxy (#10334 ) Updates tailscale/tailscale#10127 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	6 months ago
Irbe Krumina	4f80f403be	cmd/k8s-operator: fix chart syntax error (#10333 ) Updates #9222 Signed-off-by: Irbe Krumina <irbe@tailscale.com>	6 months ago
License Updater	2fa219440b	licenses: update android licenses Signed-off-by: License Updater <noreply+license-updater@tailscale.com>	7 months ago
David Anderson	f867392970	cmd/tailscale/cli: add debug function to print the netmap It's possible to do this with a combination of watch-ipn and jq, but looking at the netmap while debugging is quite common, so it's nice to have a one-shot command to get it. Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	7 months ago
David Anderson	fd22145b52	cmd/tailscale/cli: make 'debug watch-ipn' play nice with jq jq doens't like non-json output in the json stream, and works more happily when the input stream EOFs at some point. Move non-json words to stderr, and add a parameter to stop watching and exit after some number of objects. Updates #cleanup Signed-off-by: David Anderson <danderson@tailscale.com>	7 months ago
Ryan Petris	c4855fe0ea	Fix Empty Resolver Set Config.singleResolverSet returns true if all routes have the same resolvers, even if the routes have no resolvers. If none of the routes have a specific resolver, the default should be used instead. Therefore, check for more than 0 instead of nil. Signed-off-by: Ryan Petris <ryan@petris.net>	7 months ago
Uri Gorelik	b88929edf8	Fix potential goroutine leak in syncs/watchdog.go Depending on how the preemption will occur, in some scenarios sendc would have blocked indefinitely even after cancelling the context. Fixes #10315 Signed-off-by: Uri Gorelik <uri.gore@gmail.com>	7 months ago
Flakes Updater	e7cad78b00	go.mod.sri: update SRI hash for go.mod changes Signed-off-by: Flakes Updater <noreply+flakes-updater@tailscale.com>	7 months ago
OSS Updater	fc8488fac0	go.mod: update web-client-prebuilt module Signed-off-by: OSS Updater <noreply+oss-updater@tailscale.com>	7 months ago
Will Norris	42dc843a87	client/web: add advanced login options This adds an expandable section of the login view to allow users to specify an auth key and an alternate control URL. Input and Collapsible components and accompanying styles were brought over from the adminpanel. Updates #10261 Signed-off-by: Will Norris <will@tailscale.com>	7 months ago
Flakes Updater	f0613ab606	go.mod.sri: update SRI hash for go.mod changes Signed-off-by: Flakes Updater <noreply+flakes-updater@tailscale.com>	7 months ago

1 2 3 4 5 ...

6854 Commits (7a4ba609d90c3962434f17ec40b8bfcd23001762) All Branches Search

6854 Commits (7a4ba609d90c3962434f17ec40b8bfcd23001762)

All Branches