eyjhb/headscale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

Resolve user to stable unique ID in policy (#2205)

Browse source
This commit is contained in:
Kristoffer Dalby 2024-11-24 00:13:27 +01:00 committed by GitHub
parent 3a2589f1a9
commit fffd23602b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 506 additions and 144 deletions
Download patch file Download diff file Expand all files Collapse all files

8
hscontrol/app.go
View file

@ -1029,14 +1029,18 @@ func (h *Headscale) loadACLPolicy() error {
if err != nil {
return fmt.Errorf("loading nodes from database to validate policy: %w", err)
}
users, err := h.db.ListUsers()
if err != nil {
return fmt.Errorf("loading users from database to validate policy: %w", err)
}
_, err = pol.CompileFilterRules(nodes)
_, err = pol.CompileFilterRules(users, nodes)
if err != nil {
return fmt.Errorf("verifying policy rules: %w", err)
}
if len(nodes) > 0 {
_, err = pol.CompileSSHPolicy(nodes[0], nodes)
_, err = pol.CompileSSHPolicy(nodes[0], users, nodes)
if err != nil {
return fmt.Errorf("verifying SSH rules: %w", err)
}