move Config definitions into types

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2023-06-06 10:23:39 +02:00 · 2023-06-06 10:23:39 +02:00 · 2289a2acbf
commit 2289a2acbf
parent c72401a99b
8 changed files with 34 additions and 31 deletions
--- a/hscontrol/app.go
+++ b/hscontrol/app.go
@ -75,7 +75,7 @@ const (

 // Headscale represents the base app of the service.
 type Headscale struct {
-	cfg             *Config
+	cfg             *types.Config
 	db              *db.HSDatabase
 	dbString        string
 	dbType          string
@ -102,7 +102,7 @@ type Headscale struct {
 	cancelStateUpdateChan chan struct{}
 }

-func NewHeadscale(cfg *Config) (*Headscale, error) {
+func NewHeadscale(cfg *types.Config) (*Headscale, error) {
 	privateKey, err := readOrCreatePrivateKey(cfg.PrivateKeyPath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read or create private key: %w", err)
@ -778,13 +778,13 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
 		}

 		switch h.cfg.TLS.LetsEncrypt.ChallengeType {
-		case tlsALPN01ChallengeType:
+		case types.TlsALPN01ChallengeType:
 			// Configuration via autocert with TLS-ALPN-01 (https://tools.ietf.org/html/rfc8737)
 			// The RFC requires that the validation is done on port 443; in other words, headscale
 			// must be reachable on port 443.
 			return certManager.TLSConfig(), nil

-		case http01ChallengeType:
+		case types.Http01ChallengeType:
 			// Configuration via autocert with HTTP-01. This requires listening on
 			// port 80 for the certificate validation in addition to the headscale
 			// service, which can be configured to run on any other port.
--- a/hscontrol/derp.go
+++ b/hscontrol/derp.go
@ -9,6 +9,7 @@ import (
 	"os"
 	"time"

+	"github.com/juanfont/headscale/hscontrol/types"
 	"github.com/rs/zerolog/log"
 	"gopkg.in/yaml.v3"
 	"tailscale.com/tailcfg"
@ -80,7 +81,7 @@ func mergeDERPMaps(derpMaps []*tailcfg.DERPMap) *tailcfg.DERPMap {
 	return &result
 }

-func GetDERPMap(cfg DERPConfig) *tailcfg.DERPMap {
+func GetDERPMap(cfg types.DERPConfig) *tailcfg.DERPMap {
 	derpMaps := make([]*tailcfg.DERPMap, 0)

 	for _, path := range cfg.Paths {
--- a/hscontrol/suite_test.go
+++ b/hscontrol/suite_test.go
@ -5,6 +5,7 @@ import (
 	"os"
 	"testing"

+	"github.com/juanfont/headscale/hscontrol/types"
 	"gopkg.in/check.v1"
 )

@ -38,7 +39,7 @@ func (s *Suite) ResetDB(c *check.C) {
 	if err != nil {
 		c.Fatal(err)
 	}
-	cfg := Config{
+	cfg := types.Config{
 		PrivateKeyPath:      tmpDir + "/private.key",
 		NoisePrivateKeyPath: tmpDir + "/noise_private.key",
 		DBtype:              "sqlite3",
@ -46,7 +47,7 @@ func (s *Suite) ResetDB(c *check.C) {
 		IPPrefixes: []netip.Prefix{
 			netip.MustParsePrefix("10.27.0.0/23"),
 		},
-		OIDC: OIDCConfig{
+		OIDC: types.OIDCConfig{
 			StripEmaildomain: false,
 		},
 	}
--- a/hscontrol/types/config.go
+++ b/hscontrol/types/config.go
@ -1,4 +1,4 @@
-package hscontrol
+package types

 import (
 	"errors"
@ -23,8 +23,8 @@ import (
 )

 const (
-	tlsALPN01ChallengeType = "TLS-ALPN-01"
-	http01ChallengeType    = "HTTP-01"
+	TlsALPN01ChallengeType = "TLS-ALPN-01"
+	Http01ChallengeType    = "HTTP-01"

 	JSONLogFormat = "json"
 	TextLogFormat = "text"
@ -165,7 +165,7 @@ func LoadConfig(path string, isFile bool) error {
 	viper.AutomaticEnv()

 	viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache")
-	viper.SetDefault("tls_letsencrypt_challenge_type", http01ChallengeType)
+	viper.SetDefault("tls_letsencrypt_challenge_type", Http01ChallengeType)

 	viper.SetDefault("log.level", "info")
 	viper.SetDefault("log.format", TextLogFormat)
@ -222,15 +222,15 @@ func LoadConfig(path string, isFile bool) error {
 	}

 	if (viper.GetString("tls_letsencrypt_hostname") != "") &&
-		(viper.GetString("tls_letsencrypt_challenge_type") == tlsALPN01ChallengeType) &&
+		(viper.GetString("tls_letsencrypt_challenge_type") == TlsALPN01ChallengeType) &&
 		(!strings.HasSuffix(viper.GetString("listen_addr"), ":443")) {
 		// this is only a warning because there could be something sitting in front of headscale that redirects the traffic (e.g. an iptables rule)
 		log.Warn().
 			Msg("Warning: when using tls_letsencrypt_hostname with TLS-ALPN-01 as challenge type, headscale must be reachable on port 443, i.e. listen_addr should probably end in :443")
 	}

-	if (viper.GetString("tls_letsencrypt_challenge_type") != http01ChallengeType) &&
-		(viper.GetString("tls_letsencrypt_challenge_type") != tlsALPN01ChallengeType) {
+	if (viper.GetString("tls_letsencrypt_challenge_type") != Http01ChallengeType) &&
+		(viper.GetString("tls_letsencrypt_challenge_type") != TlsALPN01ChallengeType) {
 		errorText += "Fatal config error: the only supported values for tls_letsencrypt_challenge_type are HTTP-01 and TLS-ALPN-01\n"
 	}