Commit Graph

78 Commits (e72f2b77918f1bdd73422b200f9cb22395bb16af)

Author SHA1 Message Date
Irbe Krumina 1a08ea5990
cmd/k8s-operator: operator can create subnetrouter (#9505)
* k8s-operator,cmd/k8s-operator,Makefile,scripts,.github/workflows: add Connector kube CRD.

Connector CRD allows users to configure the Tailscale Kubernetes operator
to deploy a subnet router to expose cluster CIDRs or
other CIDRs available from within the cluster
to their tailnet.

Also adds various CRD related machinery to
generate CRD YAML, deep copy implementations etc.

Engineers will now have to run
'make kube-generate-all` after changing kube files
to ensure that all generated files are up to date.

* cmd/k8s-operator,k8s-operator: reconcile Connector resources

Reconcile Connector resources, create/delete subnetrouter resources in response to changes to Connector(s).

Connector reconciler will not be started unless
ENABLE_CONNECTOR env var is set to true.
This means that users who don't want to use the alpha
Connector custom resource don't have to install the Connector
CRD to their cluster.
For users who do want to use it the flow is:
- install the CRD
- install the operator (via Helm chart or using static manifests).
For Helm users set .values.enableConnector to true, for static
manifest users, set ENABLE_CONNECTOR to true in the static manifest.

Updates tailscale/tailscale#502


Signed-off-by: Irbe Krumina <irbe@tailscale.com>
12 months ago
Aaron Klotz db39a43f06 util/winutil: add support for restarting Windows processes in specific sessions
This PR is all about adding functionality that will enable the installer's
upgrade sequence to terminate processes belonging to the previous version,
and then subsequently restart instances belonging to the new version within
the session(s) corresponding to the processes that were killed.

There are multiple parts to this:

* We add support for the Restart Manager APIs, which allow us to query the
  OS for a list of processes locking specific files;
* We add the RestartableProcess and RestartableProcesses types that query
  additional information about the running processes that will allow us
  to correctly restart them in the future. These types also provide the
  ability to terminate the processes.
* We add the StartProcessInSession family of APIs that permit us to create
  new processes within specific sessions. This is needed in order to
  properly attach a new GUI process to the same RDP session and desktop that
  its previously-terminated counterpart would have been running in.
* I tweaked the winutil token APIs again.
* A lot of this stuff is pretty hard to test without a very elaborate
  harness, but I added a unit test for the most complicated part (though it
  requires LocalSystem to run).

Updates https://github.com/tailscale/corp/issues/13998

Signed-off-by: Aaron Klotz <aaron@tailscale.com>
1 year ago
Sonia Appasamy 5f40b8a0bc scripts/check_license_headers: enforce license on ts/tsx files
Enforcing inclusion of our OSS license at the top of .ts and .tsx
files. Also updates any relevant files in the repo that were
previously missing the license comment. An additional `@license`
comment is added to client/web/src/index.tsx to preserve the
license in generated Javascript.

Updates #10261

Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
1 year ago
Denton Gentry 535db01b3f scripts/installer: add Kaisen, Garuda, Fedora-Asahi.
Fixes https://github.com/tailscale/tailscale/issues/8648
Fixes https://github.com/tailscale/tailscale/issues/8737
Fixes https://github.com/tailscale/tailscale/issues/9087

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1 year ago
Denton Gentry 1b8a538953 scripts/installer.sh: add CloudLinux and Alibaba Linux
Fixes https://github.com/tailscale/tailscale/issues/9010

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1 year ago
Denton Gentry 4940a718a1 scripts/installer.sh: set Deepin to a debian version
Deepin Linux 20.x reports its version as "apricot"
Set it to bullseye, the Debian version it corresponds to.

Also fix the installer CI: OpenSUSE Leap appears to have removed
curl from the base image recently, we have to install it now.

Fixes https://github.com/tailscale/tailscale/issues/8850
Updates https://github.com/tailscale/tailscale/issues/7862
Updates https://github.com/tailscale/corp/issues/8952

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
1 year ago
Denton Gentry 4321d1d6e9 scripts/installer.sh: add sle-micro-rancher.
Fixes https://github.com/tailscale/tailscale/issues/5633

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 67882ad35d scripts/installer.sh: add BlendOS support.
Fixes https://github.com/tailscale/tailscale/issues/8100

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Anton Tolchanov 787fc41fa4 scripts/installer.sh: check connectivity with pkgs.tailscale.com
Installer script relies on pkgs.tailscale.com being reachable, both for
checking what Linux distros are supported, but also for actually
downloading repo configuration files, gpg keys and packages themselves.

This change adds a simple reachability check which will print an error
message when pkgs.tailscale.com is not reachable.

Fixes https://github.com/tailscale/corp/issues/8952

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2 years ago
Anton Tolchanov 1f4a34588b .github: test installer script in CI in docker
Every time we change `installer.sh`, run it in a few docker
containers based on different Linux distros, just as a simple test.

Also includes a few changes to the installer script itself to make
installation work in docker:
- install dnf config-manager command before running it
- run zypper in non-interactive mode
- update pacman indexes before installing packages

Updates https://github.com/tailscale/corp/issues/8952

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2 years ago
Denton Gentry c791e64881 scripts/installer: add Deepin, RisiOS.
Fixes https://github.com/tailscale/tailscale/issues/7862
Fixes https://github.com/tailscale/tailscale/issues/7899

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry ed10a1769b scripts/installer.sh: check Photon OS version with pkg server.
Photon OS support crossed streams with using pkgserve to check
for supported versions 6f9aed1656.
Make Photon OS also rely on pkgserve.

Updates https://github.com/tailscale/tailscale/issues/7651
Updates https://github.com/tailscale/corp/issues/8952

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry d5abdd915e scripts/installer: add VMWare PhotonOS.
Fixes https://github.com/tailscale/tailscale/issues/7651

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Anton Tolchanov 6f9aed1656 scripts: use pkg server to determine supported deb/rpm distros
Fixes https://github.com/tailscale/corp/issues/8952

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2 years ago
Denton Gentry cc3806056f scripts/installer.sh: Add Ubuntu Lunar Lobster 23.04.
pkgs.tailscale.com added support in January, need to
add it to the installer script.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 047b324933 scripts/installer: add PureOS and Amazon Linux Next
Fixes https://github.com/tailscale/tailscale/issues/7410

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 6dabb34c7f scripts/installer.sh: add GalliumOS and Sangoma Linux
Fixes https://github.com/tailscale/tailscale/issues/6541
Fixes https://github.com/tailscale/tailscale/issues/6555

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 1ba0b7fd79 scripts/installer.sh: add postmarketos support.
Fixes https://github.com/tailscale/tailscale/issues/7300

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 01d58c9b61 scripts/installer.sh: add Mendel OS and OpenMandriva.
Fixes https://github.com/tailscale/tailscale/issues/6926
Fixes https://github.com/tailscale/tailscale/issues/7076

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Will Norris 947c14793a all: update tools that manage copyright headers
Update all code generation tools, and those that check for license
headers to use the new standard header.

Also update copyright statement in LICENSE file.

Fixes #6865

Signed-off-by: Will Norris <will@tailscale.com>
2 years ago
Will Norris 71029cea2d all: update copyright and license headers
This updates all source files to use a new standard header for copyright
and license declaration.  Notably, copyright no longer includes a date,
and we now use the standard SPDX-License-Identifier header.

This commit was done almost entirely mechanically with perl, and then
some minimal manual fixes.

Updates #6865

Signed-off-by: Will Norris <will@tailscale.com>
2 years ago
Anton Tolchanov b49aa6ac31 scripts: explicitly install tailscale-archive-keyring
This will ensure that the `tailscale-archive-keyring` Debian package
gets installed by the installer script.

Updates #3151

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2 years ago
Brad Fitzpatrick 71a7b8581d cmd/tailscale/cli: make "update" work on Windows
Updates #6995

Co-authored-by: Aaron Klotz <aaron@tailscale.com>
Change-Id: I16622f43156a70b6fbc8205239fd489d7378d57b
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2 years ago
Brad Fitzpatrick 10eec37cd9 scripts: permit 2023 in license headers
Change-Id: Ia018cb8491871c8bf756c454d085780b75512962
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2 years ago
Denton Gentry 2a1f1c79ca scripts/installer.sh: add SUSE Enterprise Server.
Fixes https://github.com/tailscale/tailscale/issues/6840

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 446057d613 scripts/installer.sh: add Nobara Linux.
Fixes https://github.com/tailscale/tailscale/issues/5763

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 3d8eda5b72 scripts/install.sh: add RHEL7.
Fixes https://github.com/tailscale/tailscale/issues/5729

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 5677ed1e85 scripts/installer.sh: add Debian Sid (rolling release)
There is no VERSION_ID.

root@sid:~# cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux bookworm/sid"
NAME="Debian GNU/Linux"
VERSION_CODENAME=bookworm
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

Fixes https://github.com/tailscale/tailscale/issues/5522

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 798dba14eb scripts/install.sh: add openSUSE Leap 15.4
Fixes https://github.com/tailscale/tailscale/issues/6095

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 9beb07b4ff scripts/install.sh: add Ubuntu Kinetic Kudu
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 51d488673a scripts/installer.sh: add OSMC
Fixes https://github.com/tailscale/tailscale/issues/4960

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 1c0286e98a scripts/installer.sh: add `-y` for unattended install
Fixes https://github.com/tailscale/tailscale/issues/5377

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Denton Gentry 5d731ca13f installer.sh: add manjaro-arm & EndeavourOS.
Fixes https://github.com/tailscale/tailscale/issues/5192
Fixes https://github.com/tailscale/tailscale/issues/5284

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Aaron Klotz 446d03e108 scripts: update check_license_headers.sh to skip zsyscall_windows.go
Signed-off-by: Aaron Klotz <aaron@tailscale.com>
2 years ago
Denton Gentry e6572a0f08 install.sh: Add archarm and Raspbian Stretch
Fixes https://github.com/tailscale/tailscale/issues/4959
Fixes https://github.com/tailscale/tailscale/issues/4897

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
2 years ago
Sofiane Hamlaoui 1007983159 Adding pkg for Freebsd installation
Signed-off-by: Sofiane Hamlaoui <s0fianehaml40u1@gmail.com>
2 years ago
Sofiane Hamlaoui 51cc0e503b adding --noconfirm to pacman installation
Signed-off-by: Sofiane Hamlaoui <s0fianehaml40u1@gmail.com>
2 years ago
Denton Gentry 0f95eaa8bb scripts/installer: fix elementaryOS
c2b907c965 moved UBUNTU_VERSION out
of the ubuntu case and into linuxmint, but linuxmint wasn't the
only Ubuntu-based system which needed it. Restore UBUNTU_VERSION
handling in the ubuntu case.

Break elementaryOS out into its own handling so we can get the
version number handling correct for keyring support.
Tested on an elementaryOS 6.1 VM.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry 36af49ae7f install.sh: add RHEL9.
Fixes https://github.com/tailscale/tailscale/issues/4718

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry afb3f62b01 scripts/installer.sh: add Xen Enterprise
Tested on a VM running Xen Enterprise 8.2.1.
https://xcp-ng.org/
Fixes https://github.com/tailscale/tailscale/issues/4655

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry 13f75b9667 scripts/install: add Alma Linux.
Tested using an Alma Linux 8.5 VM.
Updates https://github.com/tailscale/tailscale/issues/2915

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry c2b907c965 scripts/installer: support LinuxMint Debian.
The primary distribution for LinuxMint is based on Ubuntu,
but there is an alternate Debian-based distribution called
LMDE. Both variations identify themselves as "linuxmint"

We added UBUNTU_VERSION to the Ubuntu handling for linuxmint,
the only distribution so far found to do this. Instead, split
linuxmint out into its own case and use either UBUNTU_VERSION
or DEBIAN_VERSION, whichever is present.

Tested on an LMDE 5 (elsie) VM.

Updates https://github.com/tailscale/tailscale/issues/2915

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry 61868f281e scripts/installer: call emerge with --ask=n
Fixes https://github.com/tailscale/tailscale/issues/4354

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Denton Gentry db7da6622a scripts/installer: add ParrotOS support
Support ParrotSec https://parrotsec.org/
Tested using a Parrot 5.0 VM.

Updates https://github.com/tailscale/tailscale/issues/2915

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago
Simon Deziel eaf5591953 scripts: install gnupg only when apt-key is needed
apt-key depends on gnupg but apt-key itself if not used
on modern systems (APT_KEY_TYPE=keyring).

Signed-off-by: Simon Deziel <simon@sdeziel.info>
3 years ago
Xe Iaso a45f8accdb
scripts/installer: add Ubuntu 22.04 LTS Jammy Jellyfish (#3955)
Signed-off-by: Xe Iaso <xe@tailscale.com>
3 years ago
Xe Iaso b4947be0c8
scripts/installer: automagically run apt update (#3939)
When running this script against a totally fresh out of the box Debian
11 image, sometimes it will fail to run because it doesn't have a
package list cached. This patch adds an `apt-get update` to ensure that
the local package cache is up to date.

Signed-off-by: Xe Iaso <xe@tailscale.com>
3 years ago
Jay Stapleton 39d173e5fc add -y flag for xbps to allow installation on void
Signed-off-by: Jay Stapleton <jay@tailscale.com>
3 years ago
Jay Stapleton c8551c8a67 add -y flag for xbps to allow installation on void 3 years ago
Denton Gentry 16652ae52c installer.sh: accommodate linuxmint versioning.
Recent linuxmint releases now use VERSION_CODENAME for
a linuxmint release (like "uma") and set UBUNTU_CODENAME to
the Ubuntu release they branched from.

Tested in a linuxmint 20.2 VM.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
3 years ago