Documentation
¶
Index ¶
- Constants
- func CheckTag(tag string) error
- func CheckTags(tags []string) error
- func SanitizeTailnetName(name string) string
- func SetDefaultDERPMap(v *tailcfg.DERPMap)
- type ACLPolicy
- func (a ACLPolicy) BuildFilterRules(peers []Machine, dst *Machine) []tailcfg.FilterRule
- func (a ACLPolicy) BuildSSHPolicy(srcs []Machine, dst *Machine) *tailcfg.SSHPolicy
- func (a ACLPolicy) CheckTagOwners(tags []string, p *User) error
- func (a *ACLPolicy) Equal(x *ACLPolicy) bool
- func (a ACLPolicy) FindAutoApprovedIPs(routableIPs []netip.Prefix, tags []string, u *User) []netip.Prefix
- func (ACLPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (ACLPolicy) GormDataType() string
- func (a ACLPolicy) IsValidPeer(src *Machine, dest *Machine) bool
- func (a ACLPolicy) NodeCapabilities(m *Machine) []tailcfg.NodeCapability
- func (i *ACLPolicy) Scan(destination interface{}) error
- func (i ACLPolicy) Value() (driver.Value, error)
- type Account
- type AccountRepository
- type AllowIPs
- type AllowIPsSet
- type ApiKey
- type ApiKeyRepository
- type AuthKey
- type AuthKeyRepository
- type AuthenticationRequest
- type AuthenticationRequestRepository
- type AutoApprovers
- type ControlKeys
- type DERPMap
- type DNSConfig
- type DefaultDERPMap
- type Endpoints
- type HostInfo
- type HuJSON
- type IAMPolicy
- func (i *IAMPolicy) Equal(x *IAMPolicy) bool
- func (i *IAMPolicy) EvaluatePolicy(identity *Identity) (bool, error)
- func (i *IAMPolicy) GetRole(user User) UserRole
- func (IAMPolicy) GormDBDataType(db *gorm.DB, field *schema.Field) string
- func (IAMPolicy) GormDataType() string
- func (i *IAMPolicy) Scan(destination interface{}) error
- func (i IAMPolicy) Value() (driver.Value, error)
- type IP
- type Identity
- type JSONWebKey
- type JSONWebKeys
- type Machine
- func (m *Machine) AdvertisedPrefixes() []string
- func (m *Machine) AllowedPrefixes() []string
- func (m *Machine) CompleteName() string
- func (m *Machine) HasIP(v netip.Addr) bool
- func (m *Machine) HasTag(tag string) bool
- func (m *Machine) HasTags() bool
- func (m *Machine) HasUser(loginName string) bool
- func (m *Machine) IPs() []string
- func (m *Machine) IsAdvertisedExitNode() bool
- func (m *Machine) IsAllowedExitNode() bool
- func (m *Machine) IsAllowedIP(i netip.Addr) bool
- func (m *Machine) IsAllowedIPPrefix(i netip.Prefix) bool
- func (m *Machine) IsExitNode() bool
- func (m *Machine) IsExpired() bool
- type MachineRepository
- type Machines
- type Principal
- type RegistrationRequest
- type RegistrationRequestData
- type RegistrationRequestRepository
- type Repository
- type SSHActionRequest
- type SSHActionRequestRepository
- type ServerConfig
- type StringSet
- type SystemApiKey
- type SystemApiKeyRepository
- type SystemRole
- type Tags
- type Tailnet
- type TailnetRepository
- type User
- type UserRepository
- type UserRole
- type UserType
- type Users
Constants ¶
View Source
const ( AutoGroupSelf = "autogroup:self" AutoGroupMember = "autogroup:member" AutoGroupMembers = "autogroup:members" AutoGroupTagged = "autogroup:tagged" AutoGroupInternet = "autogroup:internet" )
Variables ¶
This section is empty.
Functions ¶
func SanitizeTailnetName ¶ added in v0.2.0
func SetDefaultDERPMap ¶ added in v0.15.0
Types ¶
type ACLPolicy ¶
func (ACLPolicy) BuildFilterRules ¶
func (a ACLPolicy) BuildFilterRules(peers []Machine, dst *Machine) []tailcfg.FilterRule
func (ACLPolicy) BuildSSHPolicy ¶ added in v0.4.0
func (ACLPolicy) FindAutoApprovedIPs ¶ added in v0.2.0
func (ACLPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (ACLPolicy) GormDataType ¶
GormDataType gorm common data type
func (ACLPolicy) NodeCapabilities ¶ added in v0.11.0
func (a ACLPolicy) NodeCapabilities(m *Machine) []tailcfg.NodeCapability
type AccountRepository ¶ added in v0.14.0
type AllowIPs ¶
func (AllowIPs) GormDBDataType ¶
GormDBDataType gorm db data type
func (AllowIPs) GormDataType ¶
GormDataType gorm common data type
type AllowIPsSet ¶
type AllowIPsSet struct {
// contains filtered or unexported fields
}
func NewAllowIPsSet ¶
func NewAllowIPsSet(t AllowIPs) *AllowIPsSet
func (*AllowIPsSet) Add ¶
func (s *AllowIPsSet) Add(t ...netip.Prefix) *AllowIPsSet
func (*AllowIPsSet) Items ¶
func (s *AllowIPsSet) Items() []netip.Prefix
func (*AllowIPsSet) Remove ¶
func (s *AllowIPsSet) Remove(t ...netip.Prefix) *AllowIPsSet
type ApiKey ¶
type ApiKeyRepository ¶ added in v0.14.0
type AuthKey ¶
type AuthKeyRepository ¶ added in v0.14.0
type AuthKeyRepository interface {
GetAuthKey(ctx context.Context, id uint64) (*AuthKey, error)
SaveAuthKey(ctx context.Context, key *AuthKey) error
DeleteAuthKey(ctx context.Context, id uint64) (bool, error)
DeleteAuthKeysByTailnet(ctx context.Context, tailnetID uint64) error
DeleteAuthKeysByUser(ctx context.Context, userID uint64) error
ListAuthKeys(ctx context.Context, tailnetID uint64) ([]AuthKey, error)
ListAuthKeysByTailnetAndUser(ctx context.Context, tailnetID, userID uint64) ([]AuthKey, error)
LoadAuthKey(ctx context.Context, key string) (*AuthKey, error)
}
type AuthenticationRequest ¶
type AuthenticationRequestRepository ¶ added in v0.14.0
type AutoApprovers ¶ added in v0.2.0
type ControlKeys ¶ added in v0.2.0
type ControlKeys struct {
ControlKey tkey.MachinePrivate
LegacyControlKey tkey.MachinePrivate
}
type DERPMap ¶ added in v0.4.0
func GetDefaultDERPMap ¶ added in v0.15.0
func GetDefaultDERPMap() DERPMap
func WrapDERPMap ¶ added in v0.15.0
func (DERPMap) GetDERPMap ¶ added in v0.15.0
func (DERPMap) GormDBDataType ¶ added in v0.4.0
GormDBDataType gorm db data type
func (DERPMap) GormDataType ¶ added in v0.4.0
GormDataType gorm common data type
type DNSConfig ¶
type DNSConfig struct {
HttpsCertsEnabled bool `json:"http_certs"`
MagicDNS bool `json:"magic_dns"`
OverrideLocalDNS bool `json:"override_local_dns"`
Nameservers []string `json:"nameservers"`
Routes map[string][]string `json:"routes"`
SearchDomains []string `json:"search_domains"`
}
func (DNSConfig) GormDBDataType ¶
GormDBDataType gorm db data type
func (DNSConfig) GormDataType ¶
GormDataType gorm common data type
type DefaultDERPMap ¶ added in v0.4.0
type Endpoints ¶
func (Endpoints) GormDBDataType ¶
GormDBDataType gorm db data type
func (Endpoints) GormDataType ¶
GormDataType gorm common data type
type HostInfo ¶
func (HostInfo) GormDBDataType ¶
GormDBDataType gorm db data type
func (HostInfo) GormDataType ¶
GormDataType gorm common data type
type HuJSON ¶ added in v0.15.0
type HuJSON[T any] struct { // contains filtered or unexported fields }
type IAMPolicy ¶
type IAMPolicy struct {
Subs []string `json:"subs,omitempty"`
Emails []string `json:"emails,omitempty"`
Filters []string `json:"filters,omitempty"`
Roles map[string]UserRole `json:"roles,omitempty"`
}
func (*IAMPolicy) EvaluatePolicy ¶
func (IAMPolicy) GormDBDataType ¶
GormDBDataType gorm db data type
func (IAMPolicy) GormDataType ¶
GormDataType gorm common data type
type JSONWebKey ¶ added in v0.3.0
type JSONWebKey struct {
Id string
PrivateKey rsa.PrivateKey
CreatedAt time.Time
}
func (JSONWebKey) Public ¶ added in v0.3.0
func (j JSONWebKey) Public() crypto.PublicKey
type JSONWebKeys ¶ added in v0.3.0
type JSONWebKeys struct {
Key JSONWebKey
}
type Machine ¶
type Machine struct {
ID uint64 `gorm:"primary_key"`
Name string
NameIdx uint64
MachineKey string
NodeKey string
DiscoKey string
Ephemeral bool
RegisteredTags Tags
Tags Tags
KeyExpiryDisabled bool
Authorized bool
HostInfo HostInfo
Endpoints Endpoints
AllowIPs AllowIPs
AutoAllowIPs AllowIPs
IPv4 IP
IPv6 IP
CreatedAt time.Time
ExpiresAt time.Time
LastSeen *time.Time
UserID uint64
User User
TailnetID uint64
Tailnet Tailnet
}
func (*Machine) AdvertisedPrefixes ¶ added in v0.2.0
func (*Machine) AllowedPrefixes ¶ added in v0.2.0
func (*Machine) CompleteName ¶ added in v0.3.0
func (*Machine) IsAdvertisedExitNode ¶ added in v0.2.0
func (*Machine) IsAllowedExitNode ¶ added in v0.2.0
func (*Machine) IsExitNode ¶ added in v0.2.0
type MachineRepository ¶ added in v0.14.0
type MachineRepository interface {
SaveMachine(ctx context.Context, m *Machine) error
DeleteMachine(ctx context.Context, id uint64) (bool, error)
GetMachine(ctx context.Context, id uint64) (*Machine, error)
GetMachineByKeyAndUser(ctx context.Context, key string, userID uint64) (*Machine, error)
GetMachineByKeys(ctx context.Context, machineKey string, nodeKey string) (*Machine, error)
CountMachinesWithIPv4(ctx context.Context, ip string) (int64, error)
GetNextMachineNameIndex(ctx context.Context, tailnetID uint64, name string) (uint64, error)
ListMachineByTailnet(ctx context.Context, tailnetID uint64) (Machines, error)
CountMachineByTailnet(ctx context.Context, tailnetID uint64) (int64, error)
DeleteMachineByTailnet(ctx context.Context, tailnetID uint64) error
DeleteMachineByUser(ctx context.Context, userID uint64) error
ListMachinePeers(ctx context.Context, tailnetID uint64, machineID uint64) (Machines, error)
ListInactiveEphemeralMachines(ctx context.Context, checkpoint time.Time) (Machines, error)
SetMachineLastSeen(ctx context.Context, machineID uint64) error
}
type Principal ¶
type Principal struct {
SystemRole SystemRole
User *User
UserRole UserRole
}
func (Principal) IsSystemAdmin ¶
func (Principal) IsTailnetAdmin ¶
func (Principal) IsTailnetMember ¶
func (Principal) UserMatches ¶
type RegistrationRequest ¶
type RegistrationRequestData ¶
type RegistrationRequestData tailcfg.RegisterRequest
func (RegistrationRequestData) GormDBDataType ¶
GormDBDataType gorm db data type
func (RegistrationRequestData) GormDataType ¶
func (RegistrationRequestData) GormDataType() string
GormDataType gorm common data type
func (*RegistrationRequestData) Scan ¶
func (hi *RegistrationRequestData) Scan(destination interface{}) error
type RegistrationRequestRepository ¶ added in v0.14.0
type RegistrationRequestRepository interface {
SaveRegistrationRequest(ctx context.Context, request *RegistrationRequest) error
GetRegistrationRequestByKey(ctx context.Context, key string) (*RegistrationRequest, error)
GetRegistrationRequestByMachineKey(ctx context.Context, key string) (*RegistrationRequest, error)
}
type Repository ¶
type Repository interface {
AccountRepository
ApiKeyRepository
SystemApiKeyRepository
AuthKeyRepository
MachineRepository
TailnetRepository
UserRepository
AuthenticationRequestRepository
RegistrationRequestRepository
SSHActionRequestRepository
GetControlKeys(ctx context.Context) (*ControlKeys, error)
SetControlKeys(ctx context.Context, keys *ControlKeys) error
GetJSONWebKeySet(ctx context.Context) (*JSONWebKeys, error)
SetJSONWebKeySet(ctx context.Context, keys *JSONWebKeys) error
Transaction(func(rp Repository) error) error
}
func NewRepository ¶
func NewRepository(db *gorm.DB) Repository
type SSHActionRequest ¶ added in v0.4.0
type SSHActionRequestRepository ¶ added in v0.14.0
type ServerConfig ¶
type ServerConfig struct {
Key configKey `gorm:"primary_key"`
Value []byte
}
type SystemApiKey ¶
type SystemApiKey struct {
ID uint64 `gorm:"primary_key"`
Key string
Hash string
CreatedAt time.Time
ExpiresAt *time.Time
AccountID uint64
Account Account
}
func CreateSystemApiKey ¶
func CreateSystemApiKey(account *Account, expiresAt *time.Time) (string, *SystemApiKey)
type SystemApiKeyRepository ¶ added in v0.14.0
type SystemApiKeyRepository interface {
SaveSystemApiKey(ctx context.Context, key *SystemApiKey) error
LoadSystemApiKey(ctx context.Context, key string) (*SystemApiKey, error)
}
type SystemRole ¶
type SystemRole string
const ( SystemRoleNone SystemRole = "" SystemRoleAdmin SystemRole = "admin" )
func (SystemRole) IsAdmin ¶
func (s SystemRole) IsAdmin() bool
type Tailnet ¶
type Tailnet struct {
ID uint64 `gorm:"primary_key"`
Name string
DNSConfig DNSConfig
IAMPolicy HuJSON[IAMPolicy]
ACLPolicy HuJSON[ACLPolicy]
DERPMap DERPMap
ServiceCollectionEnabled bool
FileSharingEnabled bool
SSHEnabled bool
MachineAuthorizationEnabled bool
}
func (Tailnet) GetDERPMap ¶ added in v0.4.0
type TailnetRepository ¶ added in v0.14.0
type TailnetRepository interface {
SaveTailnet(ctx context.Context, tailnet *Tailnet) error
GetTailnet(ctx context.Context, id uint64) (*Tailnet, error)
GetTailnetByName(ctx context.Context, name string) (*Tailnet, error)
ListTailnets(ctx context.Context) ([]Tailnet, error)
DeleteTailnet(ctx context.Context, id uint64) error
}
type UserRepository ¶ added in v0.14.0
type UserRepository interface {
GetOrCreateServiceUser(ctx context.Context, tailnet *Tailnet) (*User, bool, error)
GetOrCreateUserWithAccount(ctx context.Context, tailnet *Tailnet, account *Account) (*User, bool, error)
GetUser(ctx context.Context, userID uint64) (*User, error)
DeleteUser(ctx context.Context, userID uint64) error
ListUsers(ctx context.Context, tailnetID uint64) (Users, error)
DeleteUsersByTailnet(ctx context.Context, tailnetID uint64) error
SetUserLastAuthenticated(ctx context.Context, userID uint64, timestamp time.Time) error
}
Source Files
¶
Click to show internal directories.
Click to hide internal directories.