cmd/tailscale/cli: add support for tailscale {up,set} --exit-node=auto:any

If the specified exit node string starts with "auto:" (i.e., can be parsed as an ipn.ExitNodeExpression), we update ipn.Prefs.AutoExitNode instead of ipn.Prefs.ExitNodeID. Fixes #16459 Signed-off-by: Nick Khyl <nickk@tailscale.com>
2025-07-09 12:07:44 -05:00
parent cc2f4ac921
commit c5fdf9e1db
3 changed files with 34 additions and 6 deletions
@@ -100,7 +100,7 @@ func newUpFlagSet(goos string, upArgs *upArgsT, cmd string) *flag.FlagSet {
 	upf.BoolVar(&upArgs.acceptRoutes, "accept-routes", acceptRouteDefault(goos), "accept routes advertised by other Tailscale nodes")
 	upf.BoolVar(&upArgs.acceptDNS, "accept-dns", true, "accept DNS configuration from the admin panel")
 	upf.Var(notFalseVar{}, "host-routes", hidden+"install host routes to other Tailscale nodes (must be true as of Tailscale 1.67+)")
-	upf.StringVar(&upArgs.exitNodeIP, "exit-node", "", "Tailscale exit node (IP or base name) for internet traffic, or empty string to not use an exit node")
+	upf.StringVar(&upArgs.exitNodeIP, "exit-node", "", "Tailscale exit node (IP, base name, or auto:any) for internet traffic, or empty string to not use an exit node")
 	upf.BoolVar(&upArgs.exitNodeAllowLANAccess, "exit-node-allow-lan-access", false, "Allow direct access to the local network when routing traffic via an exit node")
 	upf.BoolVar(&upArgs.shieldsUp, "shields-up", false, "don't allow incoming connections")
 	upf.BoolVar(&upArgs.runSSH, "ssh", false, "run an SSH server, permitting access per tailnet admin's declared policy")
@@ -278,7 +278,9 @@ func prefsFromUpArgs(upArgs upArgsT, warnf logger.Logf, st *ipnstate.Status, goo
 		prefs.NetfilterMode = preftype.NetfilterOff
 	}
 	if upArgs.exitNodeIP != "" {
-		if err := prefs.SetExitNodeIP(upArgs.exitNodeIP, st); err != nil {
+		if expr, useAutoExitNode := ipn.ParseAutoExitNodeString(upArgs.exitNodeIP); useAutoExitNode {
+			prefs.AutoExitNode = expr
+		} else if err := prefs.SetExitNodeIP(upArgs.exitNodeIP, st); err != nil {
 			var e ipn.ExitNodeLocalIPError
 			if errors.As(err, &e) {
 				return nil, fmt.Errorf("%w; did you mean --advertise-exit-node?", err)
@@ -408,6 +410,9 @@ func updatePrefs(prefs, curPrefs *ipn.Prefs, env upCheckEnv) (simpleUp bool, jus
 		if env.upArgs.reset {
 			visitFlags = env.flagSet.VisitAll
 		}
+		if prefs.AutoExitNode.IsSet() {
+			justEditMP.AutoExitNodeSet = true
+		}
 		visitFlags(func(f *flag.Flag) {
 			updateMaskedPrefsFromUpOrSetFlag(justEditMP, f.Name)
 		})