You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Irbe Krumina
34734ba635
ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets ( #15307 ) ...
This PR adds some custom logic for reading and writing
kube store values that are TLS certs and keys:
1) when store is initialized, lookup additional
TLS Secrets for this node and if found, load TLS certs
from there
2) if the node runs in certs 'read only' mode and
TLS cert and key are not found in the in-memory store,
look those up in a Secret
3) if the node runs in certs 'read only' mode, run
a daily TLS certs reload to memory to get any
renewed certs
Updates tailscale/corp#24795
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
1 year ago
..
auditlog
control/controlclient, ipn: add client audit logging ( #14950 )
1 year ago
conffile
ipn/conffile: don't depend on hujson on iOS/Android
2 years ago
desktop
various: keep tailscale connected when Always On mode is enabled on Windows
1 year ago
ipnauth
control/controlclient, ipn: add client audit logging ( #14950 )
1 year ago
ipnlocal
ipn/ipnlocal: add test for CapMap packet filters
1 year ago
ipnserver
various: keep tailscale connected when Always On mode is enabled on Windows
1 year ago
ipnstate
ipn: update AddPeer to include TaildropTarget ( #15091 )
1 year ago
localapi
ipn/{ipnserver,localapi},tsnet: use ipnauth.Self as the actor in tsnet localapi handlers
1 year ago
policy
ipn,tailconfig: clean up unreleased and removed app connector service
2 years ago
store
ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets ( #15307 )
1 year ago
backend.go
ipn: declare NotifyWatchOpt consts without using iota
1 year ago
conf.go
ipn/conf.go: add VIPServices to tailscaled configfile ( #14345 )
1 year ago
doc.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
ipn_clone.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
ipn_test.go
all: do not depend on the testing package
2 years ago
ipn_view.go
ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate
1 year ago
prefs.go
cmd/tailscale,ipn,tailcfg: add `tailscale advertise` subcommand behind envknob ( #13734 )
2 years ago
prefs_test.go
types/persist: remove Persist.LegacyFrontendPrivateMachineKey
1 year ago
serve.go
tailcfg: add ServiceName
1 year ago
serve_test.go
ipn: [serve] warn that foreground funnel won't work if shields are up ( #14685 )
1 year ago
store.go
ipn: add comment about thread-safety to StateStore
2 years ago
store_test.go
ipn: avoid useless no-op WriteState calls
3 years ago
Irbe Krumina
34734ba635