cmd/tailscale,ipn: add Unix socket support for serve
Based on PR #16700 by @lox, adapted to current codebase. Adds support for proxying HTTP requests to Unix domain sockets via tailscale serve unix:/path/to/socket, enabling exposure of services like Docker, containerd, PHP-FPM over Tailscale without TCP bridging. The implementation includes reasonable protections against exposure of tailscaled's own socket. Adaptations from original PR: - Use net.Dialer.DialContext instead of net.Dial for context propagation - Use http.Transport with Protocols API (current h2c approach, not http2.Transport) - Resolve conflicts with hasScheme variable in ExpandProxyTargetValue Updates #9771 Signed-off-by: Peter A. <ink.splatters@pm.me> Co-authored-by: Lachlan Donald <lachlan@ljd.cc>
This commit is contained in:
Peter A.
committed by
Brad Fitzpatrick
Brad Fitzpatrick
parent
557457f3c2
commit
f4d34f38be
@@ -401,6 +401,7 @@ func run() (err error) {
|
||||
// Install an event bus as early as possible, so that it's
|
||||
// available universally when setting up everything else.
|
||||
sys := tsd.NewSystem()
|
||||
sys.SocketPath = args.socketpath
|
||||
|
||||
// Parse config, if specified, to fail early if it's invalid.
|
||||
var conf *conffile.Config
|
||||
|
||||
Reference in New Issue
Block a user