Commit Graph

  • 6aec195e3e util/syspolicy/setting: update Snapshot to use Go 1.23 iterators Nick Khyl 2024-10-08 12:32:28 -0500
  • 0de94b0dee cmd/tailscale,ipn,tailcfg: add --advertise-services flag to up/set Naman Sood 2024-10-08 14:15:44 -0400
  • 841eaacb07 net/sockstats: quiet some log spam in release builds Brad Fitzpatrick 2024-10-08 10:34:08 -0700
  • 861dc3631c
    cmd/{k8s-operator,containerboot},kube/egressservices: fix Pod IP check for dual stack clusters (#13721) Irbe Krumina 2024-10-08 18:35:23 +0100
  • 284efe1719 net/sockstats: quiet some log spam in release builds Brad Fitzpatrick 2024-10-08 10:34:08 -0700
  • 8ee7f82bf4 net/netcheck: don't panic if a region has no Nodes Andrew Dunham 2024-10-08 12:27:00 -0400
  • 8846446d90 cmd/{k8s-operator,containerboot},kube/egressservices: fix Pod IP check for dual stack clusters Irbe Krumina 2024-10-08 13:47:07 +0100
  • 68aa92ff5a net/netcheck: don't panic if a region has no Nodes Andrew Dunham 2024-10-08 12:27:00 -0400
  • 36cb2e4e5f
    cmd/k8s-operator,k8s-operator: use default ProxyClass if set for ProxyGroup (#13720) Tom Proctor 2024-10-08 17:34:34 +0100
  • cba2e76568
    cmd/containerboot: simplify k8s setup logic (#13627) Tom Proctor 2024-10-08 17:13:00 +0100
  • 05db6efd77 Fix up double error logs, docs Tom Proctor 2024-10-08 16:44:15 +0100
  • 5f946134d7 kube/egressservices: improve egress ports config readability Tom Proctor 2024-10-08 14:41:23 +0100
  • f0066171a7
    wgengine: instrument with usermetrics Kristoffer Dalby 2024-09-25 17:20:56 +0200
  • 10038588d0 cmd/k8s-operator,k8s-operator: use default ProxyClass if set for ProxyGroup Tom Proctor 2024-10-08 13:02:20 +0100
  • 866714a894
    .github: Bump github/codeql-action from 3.26.9 to 3.26.11 (#13710) dependabot[bot] 2024-10-07 22:15:40 -0600
  • cbb9c75bc9
    .github: Bump actions/checkout from 3.6.0 to 4.2.1 dependabot[bot] 2024-10-08 02:49:07 +0000
  • 266c14d6ca
    .github: Bump actions/cache from 4.0.2 to 4.1.0 (#13711) dependabot[bot] 2024-10-07 20:48:06 -0600
  • 0fd2daf666 net/dns/resolver: add tests for using a forwarder with multiple upstream resolvers Nick Khyl 2024-10-07 17:08:22 -0500
  • 008b0b8b2b ipn/ipnlocal: clear app connector storage on 'down' fran/fix-appc-routes Fran Bull 2024-10-07 14:09:56 -0700
  • 9a73462ea4 types/lazy: add DeferredInit type Nick Hill 2024-10-06 10:41:11 -0500
  • f3de4e96a8 derp: fix omitted word in comment Brad Fitzpatrick 2024-10-07 12:12:49 -0700
  • 890aacc100 derp: fix omitted word in comment Brad Fitzpatrick 2024-10-07 12:12:49 -0700
  • 7f016baa87
    cmd/k8s-operator,k8s-operator: create ConfigMap for egress services + small fixes for egress services (#13715) Irbe Krumina 2024-10-07 20:12:56 +0100
  • a0120a91a8 code review feedback Irbe Krumina 2024-10-07 19:51:32 +0100
  • 38f236c725 derp: add server metric for batch write sizes Brad Fitzpatrick 2024-10-04 18:05:23 -0700
  • c588c36233
    types/key: use tlpub: in error message (#13707) Erisa A 2024-10-07 17:28:45 +0100
  • b7079b93ba cmd/k8s-operator: create ConfigMap for egress services Irbe Krumina 2024-10-07 16:58:45 +0100
  • 0a92a23a69 cmd/k8s-operator,k8s-operator: fix label selector for egress HA + small fixes Irbe Krumina 2024-10-07 16:50:54 +0100
  • cb10eddc26 tool/gocross: fix argument order to find Brad Fitzpatrick 2024-10-07 08:01:42 -0700
  • 58d63eebce tool/gocross: fix argument order to find Brad Fitzpatrick 2024-10-07 08:01:42 -0700
  • 413ab9a0f9 types/lazy: add DeferredInit type Nick Hill 2024-10-06 10:41:11 -0500
  • 1cecc43522 VIP irbekrm/egressconfig Irbe Krumina 2024-10-07 15:16:49 +0100
  • e48cddfbb3
    cmd/{containerboot,k8s-operator},k8s-operator,kube: add ProxyGroup controller (#13684) Tom Proctor 2024-10-07 14:58:45 +0100
  • aef3cf1c08 Fix unit test Tom Proctor 2024-10-07 14:50:43 +0100
  • ecfbf7ca76 Thread through default tags and firewall mode, inline and fix envs Tom Proctor 2024-10-07 14:45:25 +0100
  • 7024018660
    .github: Bump actions/cache from 4.0.2 to 4.1.0 dependabot[bot] 2024-10-07 11:45:20 +0000
  • ef654fc1b5
    .github: Bump github/codeql-action from 3.26.9 to 3.26.11 dependabot[bot] 2024-10-07 11:45:16 +0000
  • 6c56ff03f7
    .github: Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 dependabot/github_actions/golangci/golangci-lint-action-6.1.1 dependabot[bot] 2024-10-07 11:45:07 +0000
  • 6d8acc2677
    types/key: use tlpub: in error message Erisa A 2024-10-06 01:20:39 +0000
  • 1005cbc1e4 tailscaleroot: panic if tailscale_go build tag but Go toolchain mismatch Brad Fitzpatrick 2024-10-06 12:12:44 -0700
  • dcab45e82b tailscaleroot: panic if tailscale_go build tag but Go toolchain mismatch Brad Fitzpatrick 2024-10-06 12:12:44 -0700
  • c48cc08de2 wgengine: stop conntrack log spam about Canonical net probes Brad Fitzpatrick 2024-10-04 18:20:06 -0700
  • fdefa75bdc wgengine: stop conntrack log spam about Canonical net probes Brad Fitzpatrick 2024-10-04 18:20:06 -0700
  • 9e9e57c3e2 derp: add server metric for batch write sizes Brad Fitzpatrick 2024-10-04 18:05:23 -0700
  • 8413086c30 net/dns/resolver: update (*forwarder).forwardWithDestChan to always return an error unless it sends a response to responseChan Nick Hill 2024-10-04 15:11:46 -0500
  • efb284fcfc net/dns/resolver: translate 5xx DoH server errors into SERVFAIL DNS responses Nick Hill 2024-10-04 12:34:41 -0500
  • fccb0dd14d net/dns/resolver: forward SERVFAIL responses over PeerDNS Nick Hill 2024-10-04 12:23:34 -0500
  • 12f1bc7c77 envknob: support disk-based envknobs on the macsys build Andrew Dunham 2024-10-04 16:52:11 -0400
  • d69a3b8465 envknob: support disk-based envknobs on the macsys build Andrew Dunham 2024-10-04 16:52:11 -0400
  • 62eaaa0baa
    derp: extend the sclient write deadline to avoid possible i/o timeouts James Tucker 2024-10-04 12:36:28 -0700
  • 101bd89efd use labels more consistent with existing proxies Tom Proctor 2024-10-04 20:45:47 +0100
  • e1d2b459b1 partial code review comments Tom Proctor 2024-10-04 20:23:32 +0100
  • 4ad3f01225
    safeweb: allow passing http.Server in safeweb.Config (#13688) Patrick O'Doherty 2024-10-04 19:57:00 +0100
  • 048214f598 make kube-generate-all Tom Proctor 2024-10-04 19:52:55 +0100
  • f615fae69f
    safeweb: allow passing http.Server in safeweb.Config Patrick O'Doherty 2024-10-04 11:28:24 -0700
  • aeb772e615 Partial code comments Tom Proctor 2024-10-04 19:49:00 +0100
  • 85ce16b0d6 Add controller unit tests Tom Proctor 2024-10-04 19:32:55 +0100
  • 810c84b659 logtail: remove LowMemory mode 13685-low-memory-mode-in-logtail-may-no-longer-be-needed Andrea Gottardo 2024-10-04 09:48:29 -0700
  • 8fdffb8da0
    hostinfo: update SetPackage doc with new Android values (#13537) kari-ts 2024-10-04 09:35:19 -0700
  • c751a21876 net/dns: close idle DoH connections when entering sleep mode angott/doh-clients-sleep-mode Andrea Gottardo 2024-10-03 13:30:07 -0700
  • f30d85310c
    cmd/tailscale/cli: don't print disablement secrets if init fails (#13673) Erisa A 2024-10-04 16:01:48 +0100
  • 4fe99c6c1f taildrop: add test for directory utils yqs112358 2024-09-30 09:15:58 +0800
  • ebe685431c taildrop: extract directory in direct file mode yqs112358 2024-09-28 20:43:44 +0800
  • 0cf20bae6f taildrop: support directory in cli yqs112358 2024-09-26 22:48:11 +0800
  • 30bf4be9ed
    cmd/tailscale/cli: small grammar change Erisa A 2024-10-04 14:58:25 +0100
  • 072c0214a7
    cmd/tailscale/cli: changes from code review Erisa A 2024-10-04 14:57:21 +0100
  • 94b7cac11a
    cmd/tailscale/cli: don't print disablement secrets if init fails Erisa A 2024-10-03 13:38:34 +0100
  • fa0b70739d Review feedback Tom Proctor 2024-10-04 14:30:32 +0100
  • aebba51df8 Fix rebase issues Tom Proctor 2024-10-04 14:22:38 +0100
  • 64776a0277 cmd/{containerboot,k8s-operator},k8s-operator,kube: add ProxyGroup controller Tom Proctor 2024-10-04 13:31:20 +0100
  • 28f9dcb8bb go.mod.sri: update SRI hash for go.mod changes flakes Flakes Updater 2024-10-04 12:12:23 +0000
  • e8bb5d1be5
    cmd/{k8s-operator,containerboot},k8s-operator,kube: reconcile ExternalName Services for ProxyGroup (#13635) Irbe Krumina 2024-10-04 13:11:35 +0100
  • 11cf7b8235 code review feedback Irbe Krumina 2024-10-03 13:04:13 +0100
  • 9bd158cc09
    cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed (#13658) Irbe Krumina 2024-10-03 20:15:00 +0100
  • a3c6a3a34f
    safeweb: add StrictTransportSecurityOptions config (#13679) Patrick O'Doherty 2024-10-03 19:38:29 +0100
  • 86f9f1a5cd
    safeweb: add StrictTransportSecurityOptions config Patrick O'Doherty 2024-10-03 11:05:38 -0700
  • dc60c8d786 ssh/tailssh: pass window size pixels in IoctlSetWinsize events Brad Fitzpatrick 2024-10-03 09:05:29 -0700
  • 58c6bc2991 logpolicy: force TLS 1.3 handshake Andrea Gottardo 2024-10-02 11:20:49 -0700
  • 5f88b65764 wgengine/netstack: check userspace ping success on Windows Brad Fitzpatrick 2024-10-02 10:01:46 -0700
  • 30ca17c02c ssh/tailssh: pass window size pixels in IoctlSetWinsize events Brad Fitzpatrick 2024-10-03 09:05:29 -0700
  • 1f8eea53a8 control/controlclient: include HTTP status string in error message too Brad Fitzpatrick 2024-10-03 08:30:27 -0700
  • 648b0b487e control/controlclient: include HTTP status string in error message too Brad Fitzpatrick 2024-10-03 08:30:27 -0700
  • 9c39145672 wgengine/netstack: check userspace ping success on Windows Brad Fitzpatrick 2024-10-02 10:01:46 -0700
  • 6f694da912 wgengine/magicsock: avoid log spam from ReceiveFunc on shutdown Brad Fitzpatrick 2024-10-02 18:10:20 -0700
  • 09ec2f39b5
    tailcfg: add func to check for known valid ServiceProtos (#13668) Naman Sood 2024-10-02 22:54:02 -0400
  • 491d197df4 tailcfg: add func to check for known valid ServiceProtos Naman Sood 2024-10-02 22:39:15 -0400
  • 38c4c87f2f wgengine/magicsock: avoid log spam from ReceiveFunc on shutdown Brad Fitzpatrick 2024-10-02 18:10:20 -0700
  • 383120c534 ipn/ipnlocal: don't run portlist code unless service collection is on Brad Fitzpatrick 2024-10-02 16:55:01 -0700
  • 482522ae30 ipn/ipnlocal: don't run portlist code unless service collection is on Brad Fitzpatrick 2024-10-02 16:55:01 -0700
  • d837e0252f wf/firewall: allow link-local multicast for permitted local routes when the killswitch is on on Windows Nick Khyl 2024-10-02 17:34:21 -0500
  • 3a6666e374 wf/firewall: allow link-local multicast for permitted local routes when the killswitch is on on Windows Nick Khyl 2024-10-02 17:34:21 -0500
  • b8af93310a tstest: add the start of a testing wishlist Brad Fitzpatrick 2024-10-02 16:01:45 -0700
  • 37e4d2b759 tstest: add the start of a testing wishlist Brad Fitzpatrick 2024-10-02 16:01:45 -0700
  • 7f76064167 cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed Irbe Krumina 2024-10-02 19:55:37 +0100
  • 4e04bacaa4 logpolicy: force TLS 1.3 handshake Andrea Gottardo 2024-10-02 11:20:49 -0700
  • 6de6ab015f
    net/dns: tweak DoH timeout, limit MaxConnsPerHost, require TLS 1.3 (#13564) Andrea Gottardo 2024-10-02 09:26:11 -0700
  • 16f01e6ee4 net/dns: tweak DoH timeout, limit MaxConnsPerHost, require TLS 1.3 Andrea Gottardo 2024-09-24 14:46:50 -0700
  • a01b545441 control/control{client,http}: don't noise dial localhost:443 in http-only tests Brad Fitzpatrick 2024-10-01 20:08:55 -0700
  • 6b03e18975 control/controlhttp: rename a param from addr to optAddr for clarity Brad Fitzpatrick 2024-10-01 20:07:58 -0700
  • f49d218cfe net/dnscache: don't fall back to an IPv6 dial if we don't have IPv6 Brad Fitzpatrick 2024-10-01 20:03:32 -0700