github juanfont/headscale v0.23.0-alpha3

latest releases: v0.23.0, v0.23.0-rc.1, v0.23.0-beta.5...
pre-release10 months ago

Changelog

This release is mainly a code reorganisation and refactoring, significantly improving the maintainability of the codebase. This should allow us to improve further and make it easier for the maintainers to keep on top of the project.

Please remember to always back up your database between versions

Here is a short summary of the broad topics of changes:

Code has been organised into modules, reducing use of global variables/objects, isolating concerns and “putting the right things in the logical place”.

The new policy and mapper package, containing the ACL/Policy logic and the logic for creating the data served to clients (the network “map”) has been rewritten and improved. This change has allowed us to finish SSH support and add additional tests throughout the code to ensure correctness.

The “poller”, or streaming logic has been rewritten and instead of keeping track of the latest updates, checking at a fixed interval, it now uses go channels, implemented in our new notifier package and it allows us to send updates to connected clients immediately. This should both improve performance and potential latency before a client picks up an update.

Headscale now supports sending “delta” updates, thanks to the new mapper and poller logic, allowing us to only inform nodes about new nodes, changed nodes and removed nodes. Previously we sent the entire state of the network every time an update was due.

While we have a pretty good test harness for validating our changes, we have rewritten over 10000 lines of code and bugs are expected. We need help testing this release. In addition, while we think the performance should in general be better, there might be regressions in parts of the platform, particularly where we prioritised correctness over speed.

There are also several bugfixes that has been encountered and fixed as part of implementing these changes, particularly
after improving the test harness as part of adopting #1460.

BREAKING

  • Code reorganisation, a lot of code has moved, please review the following PRs accordingly #1473
  • API: Machine is now Node #1553
  • Remove support for older Tailscale clients #1611
    • The latest supported client is 1.36
  • Headscale checks that at least one DERP is defined at start #1564
    • If no DERP is configured, the server will fail to start, this can be because it cannot load the DERPMap from file or url.
  • Embedded DERP server requires a private key #1611

Changes

Use versioned migrations #1644
Make the OIDC callback page better #1484
SSH support #1487
State management has been improved #1492
Use error group handling to ensure tests actually pass #1535 based on #1460
Fix hang on SIGTERM #1492 taken from #1480
Send logs to stderr by default #1524
Fix TS-2023-006 security UPnP issue #1563
Turn off gRPC logging #1640 fixes #1259
Added the possibility to manually create a DERP-map entry which can be customized, instead of automatically creating it. #1565

Commits

  • 7e8bf4b Add Customization Options to DERP Map entry of integrated DERP server (#1565)
  • 054b06d add 1.54 and 1.56 to integration tests (#1652)
  • 55ca078 embed (hidden) tailsql for debugging (#1663)
  • 65376e2 ensure renabled auto-approve routes works (#1670)
  • a592ae5 fix issue where advertise tags causes hang (#1669)
  • 3b10328 implement selfupdate and pass expiry (#1647)
  • 1e22f17 node selfupdate and fix subnet router when ACL is enabled (#1673)

Don't miss a new headscale release

NewReleases is sending notifications on new releases.