hscontrol

package
v0.28.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 4, 2026 License: BSD-3-Clause Imports: 89 Imported by: 1

Documentation

Overview

nolint

Index

Constants

View Source 
const (
	AuthPrefix = "Bearer "
)
View Source 
const (
	// The CapabilityVersion is used by Tailscale clients to indicate
	// their codebase version. Tailscale clients can communicate over TS2021
	// from CapabilityVersion 28, but we only have good support for it
	// since https://github.com/tailscale/tailscale/pull/4323 (Noise in any HTTPS port).
	//
	// Related to this change, there is https://github.com/tailscale/tailscale/pull/5379,
	// where CapabilityVersion 39 is introduced to indicate #4323 was merged.
	//
	// See also https://github.com/tailscale/tailscale/blob/main/tailcfg/tailcfg.go
	NoiseCapabilityVersion = 39
)

Variables

View Source 
var ErrRegisterMethodCLIDoesNotSupportExpire = errors.New(
	"machines registered with CLI does not support expire",
)

Functions

func BlankHandler added in v0.28.0 

func BlankHandler(writer http.ResponseWriter, res *http.Request)

BlankHandler returns a blank page with favicon linked.

func FaviconHandler added in v0.28.0 

func FaviconHandler(writer http.ResponseWriter, req *http.Request)

Types

type AppleMobileConfig 

type AppleMobileConfig struct {
	UUID    uuid.UUID
	URL     string
	Payload string
}

type AppleMobilePlatformConfig 

type AppleMobilePlatformConfig struct {
	UUID uuid.UUID
	URL  string
}

type AuthProvider added in v0.24.0 

type AuthProvider interface {
	RegisterHandler(http.ResponseWriter, *http.Request)
	AuthURL(types.RegistrationID) string
}

type AuthProviderOIDC added in v0.24.0 

type AuthProviderOIDC struct {
	// contains filtered or unexported fields
}

func NewAuthProviderOIDC added in v0.24.0 

func NewAuthProviderOIDC(
	ctx context.Context,
	h *Headscale,
	serverURL string,
	cfg *types.OIDCConfig,
) (*AuthProviderOIDC, error)

func (*AuthProviderOIDC) AuthURL added in v0.24.0 

func (a *AuthProviderOIDC) AuthURL(registrationID types.RegistrationID) string

func (*AuthProviderOIDC) OIDCCallbackHandler added in v0.24.0 

func (a *AuthProviderOIDC) OIDCCallbackHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

OIDCCallbackHandler handles the callback from the OIDC endpoint Retrieves the nkey from the state cache and adds the node to the users email user TODO: A confirmation page for new nodes should be added to avoid phishing vulnerabilities TODO: Add groups information from OIDC tokens into node HostInfo Listens in /oidc/callback.

func (*AuthProviderOIDC) RegisterHandler added in v0.24.0 

func (a *AuthProviderOIDC) RegisterHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

RegisterHandler registers the OIDC callback handler with the given router. It puts NodeKey in cache so the callback can retrieve it using the oidc state param. Listens in /register/:registration_id.

type AuthProviderWeb added in v0.24.0 

type AuthProviderWeb struct {
	// contains filtered or unexported fields
}

func NewAuthProviderWeb added in v0.24.0 

func NewAuthProviderWeb(serverURL string) *AuthProviderWeb

func (*AuthProviderWeb) AuthURL added in v0.24.0 

func (a *AuthProviderWeb) AuthURL(registrationId types.RegistrationID) string

func (*AuthProviderWeb) RegisterHandler added in v0.24.0 

func (a *AuthProviderWeb) RegisterHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

RegisterWebAPI shows a simple message in the browser to point to the CLI Listens in /register/:registration_id.

This is not part of the Tailscale control API, as we could send whatever URL in the RegisterResponse.AuthURL field.

type DebugBatcherInfo added in v0.27.0 

type DebugBatcherInfo struct {
	ConnectedNodes map[string]DebugBatcherNodeInfo `json:"connected_nodes"` // NodeID -> node connection info
	TotalNodes     int                             `json:"total_nodes"`
}

DebugBatcherInfo represents batcher connection information in a structured format.

type DebugBatcherNodeInfo added in v0.27.0 

type DebugBatcherNodeInfo struct {
	Connected         bool `json:"connected"`
	ActiveConnections int  `json:"active_connections"`
}

DebugBatcherNodeInfo represents connection information for a single node.

type HTTPError added in v0.25.0 

type HTTPError struct {
	Code int    // HTTP response code to send to client; 0 means 500
	Msg  string // Response body to send to client
	Err  error  // Detailed error to log on the server
}

HTTPError represents an error that is surfaced to the user via web.

func NewHTTPError added in v0.25.0 

func NewHTTPError(code int, msg string, err error) HTTPError

Error returns an HTTPError containing the given information.

func (HTTPError) Error added in v0.25.0 

func (e HTTPError) Error() string

func (HTTPError) Unwrap added in v0.25.0 

func (e HTTPError) Unwrap() error

type Headscale 

type Headscale struct {
	DERPServer *derpServer.DERPServer
	// contains filtered or unexported fields
}

Headscale represents the base app of the service.

func NewHeadscale 

func NewHeadscale(cfg *types.Config) (*Headscale, error)

func (*Headscale) AppleConfigMessage 

func (h *Headscale) AppleConfigMessage(
	writer http.ResponseWriter,
	req *http.Request,
)

AppleConfigMessage shows a simple message in the browser to point the user to the iOS/MacOS profile and instructions for how to install it.

func (*Headscale) ApplePlatformConfig 

func (h *Headscale) ApplePlatformConfig(
	writer http.ResponseWriter,
	req *http.Request,
)

func (*Headscale) Change added in v0.27.0 

func (h *Headscale) Change(cs ...change.Change)

Change is used to send changes to nodes. All change should be enqueued here and empty will be automatically ignored.

func (*Headscale) HealthHandler 

func (h *Headscale) HealthHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

func (*Headscale) KeyHandler 

func (h *Headscale) KeyHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

KeyHandler provides the Headscale pub key Listens in /key.

func (*Headscale) NoiseUpgradeHandler 

func (h *Headscale) NoiseUpgradeHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

NoiseUpgradeHandler is to upgrade the connection and hijack the net.Conn in order to use the Noise-based TS2021 protocol. Listens in /ts2021.

func (*Headscale) RobotsHandler added in v0.27.0 

func (h *Headscale) RobotsHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

func (*Headscale) Serve 

func (h *Headscale) Serve() error

Serve launches the HTTP and gRPC server service Headscale and the API.

func (*Headscale) VerifyHandler added in v0.24.0 

func (h *Headscale) VerifyHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

VerifyHandler see https://github.com/tailscale/tailscale/blob/964282d34f06ecc06ce644769c66b0b31d118340/derp/derp_server.go#L1159 DERP use verifyClientsURL to verify whether a client is allowed to connect to the DERP server.

func (*Headscale) VersionHandler added in v0.27.0 

func (h *Headscale) VersionHandler(
	writer http.ResponseWriter,
	req *http.Request,
)

VersionHandler returns version information about the Headscale server Listens in /version.

func (*Headscale) WindowsConfigMessage 

func (h *Headscale) WindowsConfigMessage(
	writer http.ResponseWriter,
	req *http.Request,
)

WindowsConfigMessage shows a simple message in the browser for how to configure the Windows Tailscale client.

type RegistrationInfo added in v0.24.0 

type RegistrationInfo struct {
	RegistrationID types.RegistrationID
	Verifier       *string
}

RegistrationInfo contains both machine key and verifier information for OIDC validation.

Source Files

View all Source files

Directories

Path Synopsis
Package assets provides embedded static assets for Headscale.
 Package assets provides embedded static assets for Headscale.
db
sqliteconfig
Package sqliteconfig provides type-safe configuration for SQLite databases with proper enum validation and URL generation for modernc.org/sqlite driver.
 Package sqliteconfig provides type-safe configuration for SQLite databases with proper enum validation and URL generation for modernc.org/sqlite driver.
server
matcher
policyutil
v2
change

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.