NotificationsYou must be signed in to change notification settings
Fork907
Star10k

Commit23bedfa

committed

feat: vpn uses WorkspaceHostnameSuffix for DNS names

1 parent6cee450 commit23bedfaCopy full SHA for 23bedfa

File tree

5 files changed

+215

-153

lines changed

codersdk/workspacesdk
- workspacesdk.go
tailnet
- controllers.go
- controllers_test.go
vpn
- client.go
- client_test.go

5 files changed

+215

-153

lines changed

`‎codersdk/workspacesdk/workspacesdk.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -143,7 +143,7 @@ type AgentConnectionInfo struct {`
`143`	`143`	DERPMap*tailcfg.DERPMap`json:"derp_map"`
`144`	`144`	DERPForceWebSocketsbool`json:"derp_force_websockets"`
`145`	`145`	DisableDirectConnectionsbool`json:"disable_direct_connections"`
`146`		-HostnameSuffixstring`json:"hostname_suffix"`
	`146`	+HostnameSuffixstring`json:"hostname_suffix,omitempty"`
`147`	`147`	`}`
`148`	`148`
`149`	`149`	`func (c*Client)AgentConnectionInfoGeneric(ctx context.Context) (AgentConnectionInfo,error) {`

`‎tailnet/controllers.go`

Lines changed: 25 additions & 15 deletions

Original file line number	Diff line number	Diff line change
`@@ -863,11 +863,12 @@ func (r *basicResumeTokenRefresher) refresh() {`
`863`	`863`	`}`
`864`	`864`
`865`	`865`	`typeTunnelAllWorkspaceUpdatesControllerstruct {`
`866`		`-coordCtrl*TunnelSrcCoordController`
`867`		`-dnsHostSetterDNSHostsSetter`
`868`		`-updateHandlerUpdatesHandler`
`869`		`-ownerUsernamestring`
`870`		`-logger slog.Logger`
	`866`	`+coordCtrl*TunnelSrcCoordController`
	`867`	`+dnsHostSetterDNSHostsSetter`
	`868`	`+dnsNameOptionsDNSNameOptions`
	`869`	`+updateHandlerUpdatesHandler`
	`870`	`+ownerUsernamestring`
	`871`	`+logger slog.Logger`
`871`	`872`
`872`	`873`	`mu sync.Mutex`
`873`	`874`	`updater*tunnelUpdater`
`@@ -882,37 +883,39 @@ type Workspace struct {`
`882`	`883`	`agentsmap[uuid.UUID]*Agent`
`883`	`884`	`}`
`884`	`885`
	`886`	`+typeDNSNameOptionsstruct {`
	`887`	`+Suffixstring`
	`888`	`+}`
	`889`	`+`
`885`	`890`	`// updateDNSNames updates the DNS names for all agents in the workspace.`
`886`	`891`	`// DNS hosts must be all lowercase, or the resolver won't be able to find them.`
`887`	`892`	`// Usernames are globally unique & case-insensitive.`
`888`	`893`	`// Workspace names are unique per-user & case-insensitive.`
`889`	`894`	`// Agent names are unique per-workspace & case-insensitive.`
`890`		`-func (w*Workspace)updateDNSNames()error {`
	`895`	`+func (w*Workspace)updateDNSNames(optionsDNSNameOptions)error {`
`891`	`896`	`wsName:=strings.ToLower(w.Name)`
`892`	`897`	`username:=strings.ToLower(w.ownerUsername)`
`893`	`898`	`forid,a:=rangew.agents {`
`894`	`899`	`agentName:=strings.ToLower(a.Name)`
`895`	`900`	`names:=make(map[dnsname.FQDN][]netip.Addr)`
`896`	`901`	`// TODO: technically, DNS labels cannot start with numbers, but the rules are often not`
`897`	`902`	`// strictly enforced.`
`898`		`-fqdn,err:=dnsname.ToFQDN(fmt.Sprintf("%s.%s.me.coder.",agentName,wsName))`
	`903`	`+fqdn,err:=dnsname.ToFQDN(fmt.Sprintf("%s.%s.me.%s.",agentName,wsName,options.Suffix))`
`899`	`904`	`iferr!=nil {`
`900`	`905`	`returnerr`
`901`	`906`	`}`
`902`	`907`	`names[fqdn]= []netip.Addr{CoderServicePrefix.AddrFromUUID(a.ID)}`
`903`		`-fqdn,err=dnsname.ToFQDN(fmt.Sprintf("%s.%s.%s.coder.",agentName,wsName,username))`
	`908`	`+fqdn,err=dnsname.ToFQDN(fmt.Sprintf("%s.%s.%s.%s.",agentName,wsName,username,options.Suffix))`
`904`	`909`	`iferr!=nil {`
`905`	`910`	`returnerr`
`906`	`911`	`}`
`907`	`912`	`names[fqdn]= []netip.Addr{CoderServicePrefix.AddrFromUUID(a.ID)}`
`908`	`913`	`iflen(w.agents)==1 {`
`909`		`-fqdn,err:=dnsname.ToFQDN(fmt.Sprintf("%s.coder.",wsName))`
	`914`	`+fqdn,err=dnsname.ToFQDN(fmt.Sprintf("%s.%s.",wsName,options.Suffix))`
`910`	`915`	`iferr!=nil {`
`911`	`916`	`returnerr`
`912`	`917`	`}`
`913`		`-for_,a:=rangew.agents {`
`914`		`-names[fqdn]= []netip.Addr{CoderServicePrefix.AddrFromUUID(a.ID)}`
`915`		`-}`
	`918`	`+names[fqdn]= []netip.Addr{CoderServicePrefix.AddrFromUUID(a.ID)}`
`916`	`919`	`}`
`917`	`920`	`a.Hosts=names`
`918`	`921`	`w.agents[id]=a`
`@@ -949,6 +952,7 @@ func (t *TunnelAllWorkspaceUpdatesController) New(client WorkspaceUpdatesClient)`
`949`	`952`	`logger:t.logger,`
`950`	`953`	`coordCtrl:t.coordCtrl,`
`951`	`954`	`dnsHostsSetter:t.dnsHostSetter,`
	`955`	`+dnsNameOptions:t.dnsNameOptions,`
`952`	`956`	`updateHandler:t.updateHandler,`
`953`	`957`	`ownerUsername:t.ownerUsername,`
`954`	`958`	`recvLoopDone:make(chanstruct{}),`
`@@ -995,6 +999,7 @@ type tunnelUpdater struct {`
`995`	`999`	`updateHandlerUpdatesHandler`
`996`	`1000`	`ownerUsernamestring`
`997`	`1001`	`recvLoopDonechanstruct{}`
	`1002`	`+dnsNameOptionsDNSNameOptions`
`998`	`1003`
`999`	`1004`	`sync.Mutex`
`1000`	`1005`	`workspacesmap[uuid.UUID]*Workspace`
`@@ -1249,7 +1254,7 @@ func (t *tunnelUpdater) allAgentIDsLocked() []uuid.UUID {`
`1249`	`1254`	`func (t*tunnelUpdater)updateDNSNamesLocked()map[dnsname.FQDN][]netip.Addr {`
`1250`	`1255`	`names:=make(map[dnsname.FQDN][]netip.Addr)`
`1251`	`1256`	`for_,w:=ranget.workspaces {`
`1252`		`-err:=w.updateDNSNames()`
	`1257`	`+err:=w.updateDNSNames(t.dnsNameOptions)`
`1253`	`1258`	`iferr!=nil {`
`1254`	`1259`	`// This should never happen in production, because converting the FQDN only fails`
`1255`	`1260`	`// if names are too long, and we put strict length limits on agent, workspace, and user`
`@@ -1272,10 +1277,11 @@ type TunnelAllOption func(t *TunnelAllWorkspaceUpdatesController)`
`1272`	`1277`
`1273`	`1278`	`// WithDNS configures the tunnelAllWorkspaceUpdatesController to set DNS names for all workspaces`
`1274`	`1279`	`// and agents it learns about.`
`1275`		`-funcWithDNS(dDNSHostsSetter,ownerUsernamestring)TunnelAllOption {`
	`1280`	`+funcWithDNS(dDNSHostsSetter,ownerUsernamestring,optionsDNSNameOptions)TunnelAllOption {`
`1276`	`1281`	`returnfunc(t*TunnelAllWorkspaceUpdatesController) {`
`1277`	`1282`	`t.dnsHostSetter=d`
`1278`	`1283`	`t.ownerUsername=ownerUsername`
	`1284`	`+t.dnsNameOptions=options`
`1279`	`1285`	`}`
`1280`	`1286`	`}`
`1281`	`1287`
`@@ -1291,7 +1297,11 @@ func WithHandler(h UpdatesHandler) TunnelAllOption {`
`1291`	`1297`	`funcNewTunnelAllWorkspaceUpdatesController(`
`1292`	`1298`	`logger slog.Logger,c*TunnelSrcCoordController,opts...TunnelAllOption,`
`1293`	`1299`	`)*TunnelAllWorkspaceUpdatesController {`
`1294`		`-t:=&TunnelAllWorkspaceUpdatesController{logger:logger,coordCtrl:c}`
	`1300`	`+t:=&TunnelAllWorkspaceUpdatesController{`
	`1301`	`+logger:logger,`
	`1302`	`+coordCtrl:c,`
	`1303`	`+dnsNameOptions:DNSNameOptions{"coder"},`
	`1304`	`+}`
`1295`	`1305`	`for_,opt:=rangeopts {`
`1296`	`1306`	`opt(t)`
`1297`	`1307`	`}`

`‎tailnet/controllers_test.go`

Lines changed: 17 additions & 17 deletions

Original file line number	Diff line number	Diff line change
`@@ -1521,7 +1521,7 @@ func TestTunnelAllWorkspaceUpdatesController_Initial(t *testing.T) {`
`1521`	`1521`	`fUH:=newFakeUpdateHandler(ctx,t)`
`1522`	`1522`	`fDNS:=newFakeDNSSetter(ctx,t)`
`1523`	`1523`	`coordC,updateC,updateCtrl:=setupConnectedAllWorkspaceUpdatesController(ctx,t,logger,`
`1524`		`-tailnet.WithDNS(fDNS,"testy"),`
	`1524`	`+tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:"mctest"}),`
`1525`	`1525`	`tailnet.WithHandler(fUH),`
`1526`	`1526`	`)`
`1527`	`1527`
`@@ -1563,13 +1563,13 @@ func TestTunnelAllWorkspaceUpdatesController_Initial(t *testing.T) {`
`1563`	`1563`
`1564`	`1564`	`// Also triggers setting DNS hosts`
`1565`	`1565`	`expectedDNS:=map[dnsname.FQDN][]netip.Addr{`
`1566`		`-"w1a1.w1.me.coder.": {ws1a1IP},`
`1567`		`-"w2a1.w2.me.coder.": {w2a1IP},`
`1568`		`-"w2a2.w2.me.coder.": {w2a2IP},`
`1569`		`-"w1a1.w1.testy.coder.": {ws1a1IP},`
`1570`		`-"w2a1.w2.testy.coder.": {w2a1IP},`
`1571`		`-"w2a2.w2.testy.coder.": {w2a2IP},`
`1572`		`-"w1.coder.": {ws1a1IP},`
	`1566`	`+"w1a1.w1.me.mctest.": {ws1a1IP},`
	`1567`	`+"w2a1.w2.me.mctest.": {w2a1IP},`
	`1568`	`+"w2a2.w2.me.mctest.": {w2a2IP},`
	`1569`	`+"w1a1.w1.testy.mctest.": {ws1a1IP},`
	`1570`	`+"w2a1.w2.testy.mctest.": {w2a1IP},`
	`1571`	`+"w2a2.w2.testy.mctest.": {w2a2IP},`
	`1572`	`+"w1.mctest.": {ws1a1IP},`
`1573`	`1573`	`}`
`1574`	`1574`	`dnsCall:=testutil.RequireRecvCtx(ctx,t,fDNS.calls)`
`1575`	`1575`	`require.Equal(t,expectedDNS,dnsCall.hosts)`
`@@ -1584,23 +1584,23 @@ func TestTunnelAllWorkspaceUpdatesController_Initial(t *testing.T) {`
`1584`	`1584`	`{`
`1585`	`1585`	`ID:w1a1ID,Name:"w1a1",WorkspaceID:w1ID,`
`1586`	`1586`	`Hosts:map[dnsname.FQDN][]netip.Addr{`
`1587`		`-"w1.coder.": {ws1a1IP},`
`1588`		`-"w1a1.w1.me.coder.": {ws1a1IP},`
`1589`		`-"w1a1.w1.testy.coder.": {ws1a1IP},`
	`1587`	`+"w1.mctest.": {ws1a1IP},`
	`1588`	`+"w1a1.w1.me.mctest.": {ws1a1IP},`
	`1589`	`+"w1a1.w1.testy.mctest.": {ws1a1IP},`
`1590`	`1590`	`},`
`1591`	`1591`	`},`
`1592`	`1592`	`{`
`1593`	`1593`	`ID:w2a1ID,Name:"w2a1",WorkspaceID:w2ID,`
`1594`	`1594`	`Hosts:map[dnsname.FQDN][]netip.Addr{`
`1595`		`-"w2a1.w2.me.coder.": {w2a1IP},`
`1596`		`-"w2a1.w2.testy.coder.": {w2a1IP},`
	`1595`	`+"w2a1.w2.me.mctest.": {w2a1IP},`
	`1596`	`+"w2a1.w2.testy.mctest.": {w2a1IP},`
`1597`	`1597`	`},`
`1598`	`1598`	`},`
`1599`	`1599`	`{`
`1600`	`1600`	`ID:w2a2ID,Name:"w2a2",WorkspaceID:w2ID,`
`1601`	`1601`	`Hosts:map[dnsname.FQDN][]netip.Addr{`
`1602`		`-"w2a2.w2.me.coder.": {w2a2IP},`
`1603`		`-"w2a2.w2.testy.coder.": {w2a2IP},`
	`1602`	`+"w2a2.w2.me.mctest.": {w2a2IP},`
	`1603`	`+"w2a2.w2.testy.mctest.": {w2a2IP},`
`1604`	`1604`	`},`
`1605`	`1605`	`},`
`1606`	`1606`	`},`
`@@ -1632,7 +1632,7 @@ func TestTunnelAllWorkspaceUpdatesController_DeleteAgent(t *testing.T) {`
`1632`	`1632`	`fUH:=newFakeUpdateHandler(ctx,t)`
`1633`	`1633`	`fDNS:=newFakeDNSSetter(ctx,t)`
`1634`	`1634`	`coordC,updateC,updateCtrl:=setupConnectedAllWorkspaceUpdatesController(ctx,t,logger,`
`1635`		`-tailnet.WithDNS(fDNS,"testy"),`
	`1635`	`+tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:"coder"}),`
`1636`	`1636`	`tailnet.WithHandler(fUH),`
`1637`	`1637`	`)`
`1638`	`1638`
`@@ -1775,7 +1775,7 @@ func TestTunnelAllWorkspaceUpdatesController_DNSError(t *testing.T) {`
`1775`	`1775`	`fConn:=&fakeCoordinatee{}`
`1776`	`1776`	`tsc:=tailnet.NewTunnelSrcCoordController(logger,fConn)`
`1777`	`1777`	`uut:=tailnet.NewTunnelAllWorkspaceUpdatesController(logger,tsc,`
`1778`		`-tailnet.WithDNS(fDNS,"testy"),`
	`1778`	`+tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:"coder"}),`
`1779`	`1779`	`)`
`1780`	`1780`
`1781`	`1781`	`updateC:=newFakeWorkspaceUpdateClient(ctx,t)`

`‎vpn/client.go`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -107,6 +107,11 @@ func (client) NewConn(initCtx context.Context, serverURL url.URL, token string`
`107`	`107`	`iferr!=nil {`
`108`	`108`	`returnnil,xerrors.Errorf("get connection info: %w",err)`
`109`	`109`	`}`
	`110`	`+// default to DNS suffix of "coder" if the server hasn't set it (might be too old).`
	`111`	`+dnsNameOptions:= tailnet.DNSNameOptions{Suffix:"coder"}`
	`112`	`+ifconnInfo.HostnameSuffix!="" {`
	`113`	`+dnsNameOptions.Suffix=connInfo.HostnameSuffix`
	`114`	`+}`
`110`	`115`
`111`	`116`	`headers.Set(codersdk.SessionTokenHeader,token)`
`112`	`117`	`dialer:=workspacesdk.NewWebsocketDialer(options.Logger,rpcURL,&websocket.DialOptions{`
`@@ -148,7 +153,7 @@ func (client) NewConn(initCtx context.Context, serverURL url.URL, token string`
`148`	`153`	`updatesCtrl:=tailnet.NewTunnelAllWorkspaceUpdatesController(`
`149`	`154`	`options.Logger,`
`150`	`155`	`coordCtrl,`
`151`		`-tailnet.WithDNS(conn,me.Username),`
	`156`	`+tailnet.WithDNS(conn,me.Username,dnsNameOptions),`
`152`	`157`	`tailnet.WithHandler(options.UpdateHandler),`
`153`	`158`	`)`
`154`	`159`	`controller.WorkspaceUpdatesCtrl=updatesCtrl`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit23bedfa

File tree

5 files changed

5 files changed

`‎codersdk/workspacesdk/workspacesdk.go`

`‎tailnet/controllers.go`

`‎tailnet/controllers_test.go`

`‎vpn/client.go`

0 commit comments