Merge master

2022-05-16 21:41:46 +02:00 · 2022-05-16 21:41:46 +02:00 · e631c6f7e0
commit e631c6f7e0
parent 163e5c29e4 747d64cdae
44 changed files with 2714 additions and 842 deletions
--- a/cmd/headscale/cli/nodes.go
+++ b/cmd/headscale/cli/nodes.go
@ -13,12 +13,14 @@ import (
 	"github.com/pterm/pterm"
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc/status"
+	"inet.af/netaddr"
 	"tailscale.com/types/key"
 )

 func init() {
 	rootCmd.AddCommand(nodeCmd)
 	listNodesCmd.Flags().StringP("namespace", "n", "", "Filter by namespace")
+	listNodesCmd.Flags().BoolP("tags", "t", false, "Show tags")
 	nodeCmd.AddCommand(listNodesCmd)

 	registerNodeCmd.Flags().StringP("namespace", "n", "", "Namespace")
@ -53,6 +55,31 @@ func init() {
 		log.Fatalf(err.Error())
 	}
 	nodeCmd.AddCommand(deleteNodeCmd)
+
+	moveNodeCmd.Flags().Uint64P("identifier", "i", 0, "Node identifier (ID)")
+
+	err = moveNodeCmd.MarkFlagRequired("identifier")
+	if err != nil {
+		log.Fatalf(err.Error())
+	}
+
+	moveNodeCmd.Flags().StringP("namespace", "n", "", "New namespace")
+
+	err = moveNodeCmd.MarkFlagRequired("namespace")
+	if err != nil {
+		log.Fatalf(err.Error())
+	}
+	nodeCmd.AddCommand(moveNodeCmd)
+
+	tagCmd.Flags().Uint64P("identifier", "i", 0, "Node identifier (ID)")
+
+	err = tagCmd.MarkFlagRequired("identifier")
+	if err != nil {
+		log.Fatalf(err.Error())
+	}
+	tagCmd.Flags().
+		StringSliceP("tags", "t", []string{}, "List of tags to add to the node")
+	nodeCmd.AddCommand(tagCmd)
 }

 var nodeCmd = &cobra.Command{
@ -123,6 +150,12 @@ var listNodesCmd = &cobra.Command{

 			return
 		}
+		showTags, err := cmd.Flags().GetBool("tags")
+		if err != nil {
+			ErrorOutput(err, fmt.Sprintf("Error getting tags flag: %s", err), output)
+
+			return
+		}

 		ctx, client, conn, cancel := getHeadscaleCLIClient()
 		defer cancel()
@ -149,7 +182,7 @@ var listNodesCmd = &cobra.Command{
 			return
 		}

-		tableData, err := nodesToPtables(namespace, response.Machines)
+		tableData, err := nodesToPtables(namespace, showTags, response.Machines)
 		if err != nil {
 			ErrorOutput(err, fmt.Sprintf("Error converting to table: %s", err), output)

@ -351,24 +384,104 @@ var deleteNodeCmd = &cobra.Command{
 	},
 }

+var moveNodeCmd = &cobra.Command{
+	Use:     "move",
+	Short:   "Move node to another namespace",
+	Aliases: []string{"mv"},
+	Run: func(cmd *cobra.Command, args []string) {
+		output, _ := cmd.Flags().GetString("output")
+
+		identifier, err := cmd.Flags().GetUint64("identifier")
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf("Error converting ID to integer: %s", err),
+				output,
+			)
+
+			return
+		}
+
+		namespace, err := cmd.Flags().GetString("namespace")
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf("Error getting namespace: %s", err),
+				output,
+			)
+
+			return
+		}
+
+		ctx, client, conn, cancel := getHeadscaleCLIClient()
+		defer cancel()
+		defer conn.Close()
+
+		getRequest := &v1.GetMachineRequest{
+			MachineId: identifier,
+		}
+
+		_, err = client.GetMachine(ctx, getRequest)
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf(
+					"Error getting node: %s",
+					status.Convert(err).Message(),
+				),
+				output,
+			)
+
+			return
+		}
+
+		moveRequest := &v1.MoveMachineRequest{
+			MachineId: identifier,
+			Namespace: namespace,
+		}
+
+		moveResponse, err := client.MoveMachine(ctx, moveRequest)
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf(
+					"Error moving node: %s",
+					status.Convert(err).Message(),
+				),
+				output,
+			)
+
+			return
+		}
+
+		SuccessOutput(moveResponse.Machine, "Node moved to another namespace", output)
+	},
+}
+
 func nodesToPtables(
 	currentNamespace string,
+	showTags bool,
 	machines []*v1.Machine,
 ) (pterm.TableData, error) {
-	tableData := pterm.TableData{
-		{
-			"ID",
-			"Hostname",
-			"Friendly name",
-			"NodeKey",
-			"Namespace",
-			"IP addresses",
-			"Ephemeral",
-			"Last seen",
-			"Online",
-			"Expired",
-		},
+	tableHeader := []string{
+		"ID",
+		"Name",
+		"NodeKey",
+		"Namespace",
+		"IP addresses",
+		"Ephemeral",
+		"Last seen",
+		"Online",
+		"Expired",
 	}
+	if showTags {
+		tableHeader = append(tableHeader, []string{
+			"ForcedTags",
+			"InvalidTags",
+			"ValidTags",
+		}...)
+	}
+	tableData := pterm.TableData{tableHeader}

 	for _, machine := range machines {
 		var ephemeral bool
@ -412,6 +525,26 @@ func nodesToPtables(
 			expired = pterm.LightRed("yes")
 		}

+		var forcedTags string
+		for _, tag := range machine.ForcedTags {
+			forcedTags += "," + tag
+		}
+		forcedTags = strings.TrimLeft(forcedTags, ",")
+		var invalidTags string
+		for _, tag := range machine.InvalidTags {
+			if !contains(machine.ForcedTags, tag) {
+				invalidTags += "," + pterm.LightRed(tag)
+			}
+		}
+		invalidTags = strings.TrimLeft(invalidTags, ",")
+		var validTags string
+		for _, tag := range machine.ValidTags {
+			if !contains(machine.ForcedTags, tag) {
+				validTags += "," + pterm.LightGreen(tag)
+			}
+		}
+		validTags = strings.TrimLeft(validTags, ",")
+
 		var namespace string
 		if currentNamespace == "" || (currentNamespace == machine.Namespace.Name) {
 			namespace = pterm.LightMagenta(machine.Namespace.Name)
@ -419,22 +552,94 @@ func nodesToPtables(
 			// Shared into this namespace
 			namespace = pterm.LightYellow(machine.Namespace.Name)
 		}
+
+		var IPV4Address string
+		var IPV6Address string
+		for _, addr := range machine.IpAddresses {
+			if netaddr.MustParseIP(addr).Is4() {
+				IPV4Address = addr
+			} else {
+				IPV6Address = addr
+			}
+		}
+
+		nodeData := []string{
+			strconv.FormatUint(machine.Id, headscale.Base10),
+			machine.Name,
+			nodeKey.ShortString(),
+			namespace,
+			strings.Join([]string{IPV4Address, IPV6Address}, ", "),
+			strconv.FormatBool(ephemeral),
+			lastSeenTime,
+			online,
+			expired,
+		}
+		if showTags {
+			nodeData = append(nodeData, []string{forcedTags, invalidTags, validTags}...)
+		}
 		tableData = append(
 			tableData,
-			[]string{
-				strconv.FormatUint(machine.Id, headscale.Base10),
-				machine.Name,
-				machine.GivenName,
-				nodeKey.ShortString(),
-				namespace,
-				strings.Join(machine.IpAddresses, ", "),
-				strconv.FormatBool(ephemeral),
-				lastSeenTime,
-				online,
-				expired,
-			},
+			nodeData,
 		)
 	}

 	return tableData, nil
 }
+
+var tagCmd = &cobra.Command{
+	Use:     "tag",
+	Short:   "Manage the tags of a node",
+	Aliases: []string{"tags", "t"},
+	Run: func(cmd *cobra.Command, args []string) {
+		output, _ := cmd.Flags().GetString("output")
+		ctx, client, conn, cancel := getHeadscaleCLIClient()
+		defer cancel()
+		defer conn.Close()
+
+		// retrieve flags from CLI
+		identifier, err := cmd.Flags().GetUint64("identifier")
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf("Error converting ID to integer: %s", err),
+				output,
+			)
+
+			return
+		}
+		tagsToSet, err := cmd.Flags().GetStringSlice("tags")
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf("Error retrieving list of tags to add to machine, %v", err),
+				output,
+			)
+
+			return
+		}
+
+		// Sending tags to machine
+		request := &v1.SetTagsRequest{
+			MachineId: identifier,
+			Tags:      tagsToSet,
+		}
+		resp, err := client.SetTags(ctx, request)
+		if err != nil {
+			ErrorOutput(
+				err,
+				fmt.Sprintf("Error while sending tags to headscale: %s", err),
+				output,
+			)
+
+			return
+		}
+
+		if resp != nil {
+			SuccessOutput(
+				resp.GetMachine(),
+				"Machine updated",
+				output,
+			)
+		}
+	},
+}
--- a/cmd/headscale/cli/routes.go
+++ b/cmd/headscale/cli/routes.go
@ -24,6 +24,8 @@ func init() {
 	enableRouteCmd.Flags().
 		StringSliceP("route", "r", []string{}, "List (or repeated flags) of routes to enable")
 	enableRouteCmd.Flags().Uint64P("identifier", "i", 0, "Node identifier (ID)")
+	enableRouteCmd.Flags().BoolP("all", "a", false, "All routes from host")
+
 	err = enableRouteCmd.MarkFlagRequired("identifier")
 	if err != nil {
 		log.Fatalf(err.Error())
@ -125,21 +127,43 @@ omit the route you do not want to enable.
 			return
 		}

-		routes, err := cmd.Flags().GetStringSlice("route")
-		if err != nil {
-			ErrorOutput(
-				err,
-				fmt.Sprintf("Error getting routes from flag: %s", err),
-				output,
-			)
-
-			return
-		}
-
 		ctx, client, conn, cancel := getHeadscaleCLIClient()
 		defer cancel()
 		defer conn.Close()

+		var routes []string
+
+		isAll, _ := cmd.Flags().GetBool("all")
+		if isAll {
+			response, err := client.GetMachineRoute(ctx, &v1.GetMachineRouteRequest{
+				MachineId: machineID,
+			})
+			if err != nil {
+				ErrorOutput(
+					err,
+					fmt.Sprintf(
+						"Cannot get machine routes: %s\n",
+						status.Convert(err).Message(),
+					),
+					output,
+				)
+
+				return
+			}
+			routes = response.GetRoutes().GetAdvertisedRoutes()
+		} else {
+			routes, err = cmd.Flags().GetStringSlice("route")
+			if err != nil {
+				ErrorOutput(
+					err,
+					fmt.Sprintf("Error getting routes from flag: %s", err),
+					output,
+				)
+
+				return
+			}
+		}
+
 		request := &v1.EnableMachineRoutesRequest{
 			MachineId: machineID,
 			Routes:    routes,
--- a/cmd/headscale/cli/utils.go
+++ b/cmd/headscale/cli/utils.go
@ -10,10 +10,12 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"reflect"
 	"strconv"
 	"strings"
 	"time"

+	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/juanfont/headscale"
 	v1 "github.com/juanfont/headscale/gen/go/headscale/v1"
 	"github.com/rs/zerolog/log"
@ -67,6 +69,7 @@ func LoadConfig(path string) error {
 	viper.SetDefault("cli.timeout", "5s")
 	viper.SetDefault("cli.insecure", false)

+	viper.SetDefault("oidc.scope", []string{oidc.ScopeOpenID, "profile", "email"})
 	viper.SetDefault("oidc.strip_email_domain", true)

 	if err := viper.ReadInConfig(); err != nil {
@ -127,7 +130,8 @@ func GetDERPConfig() headscale.DERPConfig {
 	stunAddr := viper.GetString("derp.server.stun_listen_addr")

 	if serverEnabled && stunAddr == "" {
-		log.Fatal().Msg("derp.server.stun_listen_addr must be set if derp.server.enabled is true")
+		log.Fatal().
+			Msg("derp.server.stun_listen_addr must be set if derp.server.enabled is true")
 	}

 	urlStrs := viper.GetStringSlice("derp.urls")
@ -367,6 +371,10 @@ func getHeadscaleConfig() headscale.Config {
 			Issuer:           viper.GetString("oidc.issuer"),
 			ClientID:         viper.GetString("oidc.client_id"),
 			ClientSecret:     viper.GetString("oidc.client_secret"),
+			Scope:            viper.GetStringSlice("oidc.scope"),
+			ExtraParams:      viper.GetStringMapString("oidc.extra_params"),
+			AllowedDomains:   viper.GetStringSlice("oidc.allowed_domains"),
+			AllowedUsers:     viper.GetStringSlice("oidc.allowed_users"),
 			StripEmaildomain: viper.GetBool("oidc.strip_email_domain"),
 		},

@ -563,3 +571,13 @@ func GetFileMode(key string) fs.FileMode {

 	return fs.FileMode(mode)
 }
+
+func contains[T string](ts []T, t T) bool {
+	for _, v := range ts {
+		if reflect.DeepEqual(v, t) {
+			return true
+		}
+	}
+
+	return false
+}