Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Customization Options to DERP Map entry of integrated DERP server #1565

Merged
merged 17 commits into from
Jan 16, 2024

Conversation

alexhalbi
Copy link
Contributor

@alexhalbi alexhalbi commented Sep 28, 2023

This Pull request adds a draft for the possibility to add the IPv4 and IPv6 address to the DERP map for the integrated DERP server.
This enables the DERP server to be reachable by clients, if they are using an Exit-Node via the DERP server and loose DNS connection.

This happens for example when restarting Headscale and the Exit-Node on the same time. It is also possible that this happens if Headscale is restarted and one of the nodes, does not reconnect successfully to the integrated DERP server and tries to communicate DNS through it.

If you take a look into the default derp map, all of them have their IPs in the list, the integrated DERP server does never have it's IP in the list.
See https://pkg.go.dev/tailscale.com/tailcfg#DERPNode for reference.

Furthermore this request adds the possibility to disable the automatic creation of the integrated DERP map entry completely and adds the possibility to use the integrated DERP server with a completely custom etry in the derp.paths.

This enables even more customization, by fully leveraging the official DERPRegion and DERPNode configuration file, which is currently overwriten.
This should also implement #1514.

https://tailscale.com/kb/1118/custom-derp-servers/#step-2-adding-derp-servers-to-your-tailnet

  • read the CONTRIBUTING guidelines
  • raised a GitHub issue or discussed it on the projects chat beforehand
  • added unit tests
  • added integration tests
  • updated documentation if needed
  • updated CHANGELOG.md

config-example.yaml Outdated Show resolved Hide resolved
config-example.yaml Outdated Show resolved Hide resolved
@alexhalbi
Copy link
Contributor Author

Hi @kradalby,
Please have a look, if the new variant including the changes in 46d2890 could be merged.
Thanks,
Alex

@kradalby
Copy link
Collaborator

@alexhalbi could you rebase and try again fixing the lint issues? The tests should be retrying a bit now and should pass.

@kradalby
Copy link
Collaborator

oh and a changelog entry.

@alexhalbi
Copy link
Contributor Author

@alexhalbi could you rebase and try again fixing the lint issues? The tests should be retrying a bit now and should pass.
The changes I made exclusively impact the following files: config.go, config-example.yaml, derp_server.go, and app.go. Despite running the "make lint" command and encountering numerous errors, it's important to note that none of these errors pertain to the modifications I made. Therefore, please ignore the lint job failures.

I fixed lint errors in config-example.yaml which I created

oh and a changelog entry.

I added an entry, I hope it is okay for you.

@kradalby
Copy link
Collaborator

kradalby commented Jan 2, 2024

@alexhalbi Looks good now, I rewrote some of the git history as it ended up with some massive commits in the middle proposing this as a 4000 LOC change.

Please double check that I didnt miss anything in the rebasing.

CHANGELOG.md Outdated
@@ -1,5 +1,9 @@
# CHANGELOG

### Changes

Added the possibility to manually create a DERP-map entry which can be customized, instead of automatically creating it. [#1565](https://github.com/juanfont/headscale/pull/1565)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually, can you move this under 0.23.0?

@alexhalbi
Copy link
Contributor Author

Hi,
I moved the changelog entry and we checked everything. It should be all in the branch thanks.

@kradalby kradalby merged commit 7e8bf4b into juanfont:main Jan 16, 2024
48 checks passed
@yqs112358
Copy link

Hello, so how can we set something like "InsecureForTests": true in local derp.yaml?
Sorry but I have not found any examples and something like that in the repo🤔

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants