tailscale

Commit Graph

Author	SHA1	Message	Date
Jordan Whited	e17abbf461	cmd/tailscale,ipn: add relay-server-port "tailscale set" flag and Prefs field (#15594 ) This flag is currently no-op and hidden. The flag does round trip through the related pref. Subsequent commits will tie them to net/udprelay.Server. There is no corresponding "tailscale up" flag, enabling/disabling of the relay server will only be supported via "tailscale set". This is a string flag in order to support disablement via empty string as a port value of 0 means "enable the server and listen on a random unused port". Disablement via empty string also follows existing flag convention, e.g. advertise-routes. Early internal discussions settled on "tailscale set --relay="<port>", but the author felt this was too ambiguous around client vs server, and may cause confusion in the future if we add related flags. Updates tailscale/corp#27502 Signed-off-by: Jordan Whited <jordan@tailscale.com>	8 months ago
Brad Fitzpatrick	79ff067db3	cmd/tailscale/cli: prevent all dup flags, not just strings The earlier #15534 prevent some dup string flags. This does it for all flag types. Updates #6813 Change-Id: Iec2871448394ea9a5b604310bdbf7b499434bf01 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	8 months ago
Jason O'Donnell	6088ee311f	cmd/tailscale/cli: return error on duplicate multi-value flags (#15534 ) Some CLI flags support multiple values separated by commas. These flags are intended to be declared only once and will silently ignore subsequent instances. This will now throw an error if multiple instances of advertise-tags and advertise-routes are detected. Fixes #6813 Signed-off-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>	8 months ago
Simon Law	e9324236e8	cmd/tailscale: fix default for `tailscale set --accept-routes` The default values for `tailscale up` and `tailscale set` are supposed to agree for all common flags. But they don’t for `--accept-routes` on Windows and from the Mac OS App Store, because `tailscale up` computes this value based on the operating system: user@host:~$ tailscale up --help 2>&1 \| grep -A1 accept-routes --accept-dns, --accept-dns=false accept DNS configuration from the admin panel (default true) user@host:~$ tailscale set --help 2>&1 \| grep -A1 accept-routes --accept-dns, --accept-dns=false accept DNS configuration from the admin panel Luckily, `tailscale set` uses `ipn.MaskedPrefs`, so the default values don’t logically matter. But someone will get the wrong idea if they trust the `tailscale set --help` documentation. In addition, `ipn.Prefs.RouteAll` defaults to true so it disagrees with both of the flags above. This patch makes `--accept-routes` use the same logic for in both commands by hoisting the logic that was buried in `cmd/tailscale/cli` to `ipn.Prefs.DefaultRouteAll`. Then, all three of defaults can agree. Fixes: #15319 Signed-off-by: Simon Law <sfllaw@sfllaw.ca>	8 months ago
Simon Law	7fc9099cf8	cmd/tailscale: fix default for `tailscale set --accept-dns` The default values for `tailscale up` and `tailscale set` are supposed to agree on all common flags. But they don’t for `--accept-dns`: user@host:~$ tailscale up --help 2>&1 \| grep -A1 accept-dns --accept-dns, --accept-dns=false accept DNS configuration from the admin panel (default true) user@host:~$ tailscale set --help 2>&1 \| grep -A1 accept-dns --accept-dns, --accept-dns=false accept DNS configuration from the admin panel Luckily, `tailscale set` uses `ipn.MaskedPrefs`, so the default values don’t logically matter. But someone will get the wrong idea if they trust the `tailscale set --help` documentation. This patch makes `--accept-dns` default to true in both commands and also introduces `TestSetDefaultsMatchUpDefaults` to prevent any future drift. Fixes: #15319 Signed-off-by: Simon Law <sfllaw@sfllaw.ca>	8 months ago
Andrea Gottardo	e3c6ca43d3	cli: present risk warning when setting up app connector on macOS (#14181 )	1 year ago
Andrew Lytvynov	b8af91403d	clientupdate: return true for CanAutoUpdate for macsys (#12746 ) While `clientupdate.Updater` won't be able to apply updates on macsys, we use `clientupdate.CanAutoUpdate` to gate the EditPrefs endpoint in localAPI. We should allow the GUI client to set AutoUpdate.Apply on macsys for it to properly get reported to the control plane. This also allows the tailnet-wide default for auto-updates to propagate to macsys clients. Updates https://github.com/tailscale/corp/issues/21339 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	1 year ago
Andrew Lytvynov	c9179bc261	various: disable stateful filtering by default (#12197 ) After some analysis, stateful filtering is only necessary in tailnets that use `autogroup:danger-all` in `src` in ACLs. And in those cases users explicitly specify that hosts outside of the tailnet should be able to reach their nodes. To fix local DNS breakage in containers, we disable stateful filtering by default. Updates #12108 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Maisem Ali	21abb7f402	cmd/tailscale: add missing set flags for linux We were missing `snat-subnet-routes`, `stateful-filtering` and `netfilter-mode`. Add those to set too. Fixes #12061 Signed-off-by: Maisem Ali <maisem@tailscale.com>	2 years ago
Paul Scott	82394debb7	cmd/tailscale: add shell tab-completion The approach is lifted from cobra: `tailscale completion bash` emits a bash script for configuring the shell's autocomplete: . <( tailscale completion bash ) so that typing: tailscale st<TAB> invokes: tailscale completion __complete -- st RELNOTE=tailscale CLI now supports shell tab-completion Fixes #3793 Signed-off-by: Paul Scott <paul@tailscale.com>	2 years ago
Paul Scott	da4e92bf01	cmd/tailscale/cli: prefix all --help usages with "tailscale ...", some tidying Also capitalises the start of all ShortHelp, allows subcommands to be hidden with a "HIDDEN: " prefix in their ShortHelp, and adds a TS_DUMP_HELP envknob to look at all --help messages together. Fixes #11664 Signed-off-by: Paul Scott <paul@tailscale.com>	2 years ago
Mario Minardi	d2ccfa4edd	cmd/tailscale,ipn/ipnlocal: enable web client over quad 100 by default (#11419 ) Enable the web client over 100.100.100.100 by default. Accepting traffic from [tailnet IP]:5252 still requires setting the `webclient` user pref. Updates https://github.com/tailscale/tailscale/issues/10261 Signed-off-by: Mario Minardi <mario@tailscale.com>	2 years ago
Sonia Appasamy	ea9c7f991a	cli/set: add printout when web client started Prints a helpful message with the web UI's address when running tailscale set --webclient. Updates tailscale/corp#16345 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	2 years ago
Andrew Lytvynov	945cf836ee	ipn: apply tailnet-wide default for auto-updates (#10508 ) When auto-update setting in local Prefs is unset, apply the tailnet default value from control. This only happens once, when we apply the default (or when the user manually overrides it), tailnet default no longer affects the node. Updates #16244 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Andrew Lytvynov	e25f114916	ipn,cmd/tailscale/cli: support hierarchical MaskedPrefs (#10507 ) Some fields if `ipn.Prefs` are structs. `ipn.MaskedPrefs` has a single level of boolean `*Set` flags, which doesn't map well to nested structs within `ipn.Prefs`. Change `MaskedPrefs` and `ApplyEdits` to support `FooSet` struct fields that map to a nested struct of `ipn.Prefs` like `AutoUpdates`. Each struct field in `MaskedPrefs` is just a bundle of more `Set` bool fields or other structs. This allows you to have a `Set` flag for any arbitrarily-nested field of `ipn.Prefs`. Also, make `ApplyEdits` match fields between `Prefs` and `MaskedPrefs` by name instead of order, to make it a bit less finicky. It's probably slower but `ipn.ApplyEdits` should not be in any hot path. As a result, `AutoUpdate.Check` and `AutoUpdate.Apply` fields don't clobber each other when set individually. Updates #16247 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Sonia Appasamy	7a4ba609d9	client/web: show features based on platform support Hiding/disabling UI features when not available on the running client. Updates #10261 Signed-off-by: Sonia Appasamy <sonia@tailscale.com>	2 years ago
Jenny Zhang	d5d84f1a68	cmd/tailscale: also warn about IP forwarding if using CLI set We warn users about IP forwarding being disabled when using `--avertise-routes` in `tailscale up`, this adds the same warnings to `tailscale set`. Updates tailscale/corp#9968 Signed-off-by: Jenny Zhang <jz@tailscale.com>	2 years ago
James Tucker	28684b0538	cmd/tailscale/cli: correct app connector help text in set Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	2 years ago
Will Norris	303a1e86f5	cmd/tailscale: expose --webclient for all builds This removes the dev/unstable build check for the --webclient flag on `tailscale set`, so that it will be included in the next major stable release (1.56) Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	2 years ago
Will Norris	fdbe511c41	cmd/tailscale: add -webclient flag to up and set Initially, only expose this flag on dev and unstable builds. Updates tailscale/corp#14335 Signed-off-by: Will Norris <will@tailscale.com>	2 years ago
James Tucker	ca4c940a4d	ipn: introduce app connector advertisement preference and flags Introduce a preference structure to store the setting for app connector advertisement. Introduce the associated flags: tailscale up --advertise-connector{=true,=false} tailscale set --advertise-connector{=true,=false} ``` % tailscale set --advertise-connector=false % tailscale debug prefs \| jq .AppConnector.Advertise false % tailscale set --advertise-connector=true % tailscale debug prefs \| jq .AppConnector.Advertise true % tailscale up --advertise-connector=false % tailscale debug prefs \| jq .AppConnector.Advertise false % tailscale up --advertise-connector=true % tailscale debug prefs \| jq .AppConnector.Advertise true ``` Updates tailscale/corp#15437 Signed-off-by: James Tucker <james@tailscale.com>	2 years ago
Andrew Lytvynov	21b6d373b0	cmd/tailscale/cli: unhide auto-update flags and mark update as Beta (#9954 ) Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Andrew Lytvynov	d3bc575f35	cmd/tailscale/cli: set Sparkle auto-update on macsys (#9952 ) On `tailscale set --auto-update`, set the Sparkle plist option for it. Also make macsys report not supporting auto-updates over c2n, since they will be triggered by Sparkle locally. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Andrew Lytvynov	593c086866	clientupdate: distinguish when auto-updates are possible (#9896 ) clientupdate.Updater will have a non-nil Update func in a few cases where it doesn't actually perform an update: * on Arch-like distros, where it prints instructions on how to update * on macOS app store version, where it opens the app store page Add a new clientupdate.Arguments field to cause NewUpdater to fail when we hit one of these cases. This results in c2n updates being "not supported" and `tailscale set --auto-update` returning an error. Updates #755 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Kristoffer Dalby	623926a25d	cmd/tailscale: add --posture-checking flag to set Updates #5902 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>	2 years ago
Andrew Lytvynov	34e3450734	cmd/tailscale,ipn: add auto-update flags and prefs (#8861 ) The flags are hidden for now. Adding propagation to tailscaled and persistence only. The prefs field is wrapped in a struct to allow for future expansion (like update schedule). Updates #6907 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>	2 years ago
Brad Fitzpatrick	6e57dee7eb	cmd/viewer, types/views, all: un-special case slice of netip.Prefix Make it just a views.Slice[netip.Prefix] instead of its own named type. Having the special case led to circular dependencies in another WIP PR of mine. Updates #8948 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	2 years ago
Will Norris	69f1324c9e	cmd/tailscale: refactor shared utility methods Refactor two shared functions used by the tailscale cli, calcAdvertiseRoutes and licensesURL. These are used by the web client as well as other tailscale subcommands. The web client is being moved out of the cli package, so move these two functions to new locations. Updates tailscale/corp#13775 Signed-off-by: Will Norris <will@tailscale.com>	2 years ago
Will Norris	71029cea2d	all: update copyright and license headers This updates all source files to use a new standard header for copyright and license declaration. Notably, copyright no longer includes a date, and we now use the standard SPDX-License-Identifier header. This commit was done almost entirely mechanically with perl, and then some minimal manual fixes. Updates #6865 Signed-off-by: Will Norris <will@tailscale.com>	3 years ago
Mihai Parparita	5b8323509f	cmd/tailscale/cli: use "account" instead of "profile" in user-visible text Matches the UI clients Updates #713 Signed-off-by: Mihai Parparita <mihai@tailscale.com>	3 years ago
Brad Fitzpatrick	f710d1cb20	cmd/tailscale/cli: add set --unattended on Windows Fixes #6567 Change-Id: I8cb57196c601466401f8602eb50456e7cf7c31ef Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Maisem Ali	b94b91c168	cmd/tailscale/cli: add ability to set short names for profiles This adds a `--nickname` flag to `tailscale login\|set`. Updates #713 Signed-off-by: Maisem Ali <maisem@tailscale.com>	3 years ago
Maisem Ali	8e85227059	cmd/tailscale/cli: [set] handle selectively modifying routes/exit node Noticed this while debugging something else, we would reset all routes if either `--advertise-exit-node` or `--advertise-routes` were set. This handles correctly updating them. Also added tests. Signed-off-by: Maisem Ali <maisem@tailscale.com>	3 years ago
Brad Fitzpatrick	3336d08d59	cmd/tailscale/cli: make set without args print usage Make "tailscale set" by itself be equivalent to "tailscale set -h" rather than just say "you did it wrong" and make people do another -h step. Change-Id: Iad2b2ddb2595c0121d2536de5b78648f3eded3e3 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>	3 years ago
Maisem Ali	19b5586573	cmd/tailscale/cli: add beginnings of `tailscale set` Signed-off-by: Maisem Ali <maisem@tailscale.com>	3 years ago

35 Commits (e17abbf461c0c014da0b38ec4bf44b00f2bc7ee4)