mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity
34734ba635
tailscale/ipn
History
Irbe Krumina 34734ba635
ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets (#15307) 
This PR adds some custom logic for reading and writing
kube store values that are TLS certs and keys:
1) when store is initialized, lookup additional
TLS Secrets for this node and if found, load TLS certs
from there
2) if the node runs in certs 'read only' mode and
TLS cert and key are not found in the in-memory store,
look those up in a Secret
3) if the node runs in certs 'read only' mode, run
a daily TLS certs reload to memory to get any
renewed certs

Updates tailscale/corp#24795

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2025-03-18 15:09:22 +00:00
..
auditlog control/controlclient, ipn: add client audit logging (#14950) 2025-03-12 10:37:03 -04:00
conffile ipn/conffile: don't depend on hujson on iOS/Android 2024-10-10 09:14:36 -07:00
desktop various: keep tailscale connected when Always On mode is enabled on Windows 2025-02-14 16:40:54 -06:00
ipnauth control/controlclient, ipn: add client audit logging (#14950) 2025-03-12 10:37:03 -04:00
ipnlocal ipn/ipnlocal: add test for CapMap packet filters 2025-03-17 11:24:54 +00:00
ipnserver various: keep tailscale connected when Always On mode is enabled on Windows 2025-02-14 16:40:54 -06:00
ipnstate ipn: update AddPeer to include TaildropTarget (#15091) 2025-02-28 14:17:28 -08:00
localapi ipn/{ipnserver,localapi},tsnet: use ipnauth.Self as the actor in tsnet localapi handlers 2025-02-04 16:37:30 -06:00
policy ipn,tailconfig: clean up unreleased and removed app connector service 2023-11-09 22:36:52 -08:00
store ipn/store/kubestore,kube,envknob,cmd/tailscaled/depaware.txt: allow kubestore read/write custom TLS secrets (#15307) 2025-03-18 15:09:22 +00:00
backend.go ipn: declare NotifyWatchOpt consts without using iota 2025-01-04 18:43:27 -08:00
conf.go ipn/conf.go: add VIPServices to tailscaled configfile (#14345) 2025-01-10 06:33:58 +00:00
doc.go ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate 2025-01-30 18:12:54 -06:00
ipn_clone.go ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate 2025-01-30 18:12:54 -06:00
ipn_test.go all: do not depend on the testing package 2024-05-24 05:23:36 -07:00
ipn_view.go ipn: generate LoginProfileView and use it instead of *LoginProfile where appropriate 2025-01-30 18:12:54 -06:00
prefs_test.go types/persist: remove Persist.LegacyFrontendPrivateMachineKey 2025-01-27 22:01:50 +00:00
prefs.go cmd/tailscale,ipn,tailcfg: add tailscale advertise subcommand behind envknob (#13734) 2024-10-16 19:08:06 -04:00
serve_test.go ipn: [serve] warn that foreground funnel won't work if shields are up (#14685) 2025-01-19 19:00:21 +00:00
serve.go tailcfg: add ServiceName 2025-01-22 15:27:46 -05:00
store_test.go ipn: avoid useless no-op WriteState calls 2023-08-07 08:44:24 -07:00
store.go ipn: add comment about thread-safety to StateStore 2024-03-06 12:42:18 -06:00