NotificationsYou must be signed in to change notification settings
Fork905
Star10k

Commit9e2af3e

authored

feat: add configurable DNS match domain for tailnet connections (#17336)

Use the hostname suffix to set the DNS match domain when creating a Tailnet as part of the vpn `Tunnel`.part of:#16828

1 parent69aa365 commit9e2af3eCopy full SHA for 9e2af3e

File tree

6 files changed

+65

-34

lines changed

tailnet
vpn
- client.go

6 files changed

+65

-34

lines changed

`‎tailnet/configmaps.go`

Lines changed: 17 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,10 @@ const lostTimeout = 15 * time.Minute`
`36`	`36`
`37`	`37`	`// CoderDNSSuffix is the default DNS suffix that we append to Coder DNS`
`38`	`38`	`// records.`
`39`		`-constCoderDNSSuffix="coder."`
	`39`	`+const (`
	`40`	`+CoderDNSSuffix="coder"`
	`41`	`+CoderDNSSuffixFQDN=dnsname.FQDN(CoderDNSSuffix+".")`
	`42`	`+)`
`40`	`43`
`41`	`44`	`// engineConfigurable is the subset of wgengine.Engine that we use for configuration.`
`42`	`45`	`//`
`@@ -69,20 +72,26 @@ type configMaps struct {`
`69`	`72`	`filterDirtybool`
`70`	`73`	`closingbool`
`71`	`74`
`72`		`-engineengineConfigurable`
`73`		`-static netmap.NetworkMap`
	`75`	`+engineengineConfigurable`
	`76`	`+static netmap.NetworkMap`
	`77`	`+`
`74`	`78`	`hostsmap[dnsname.FQDN][]netip.Addr`
`75`	`79`	`peersmap[uuid.UUID]*peerLifecycle`
`76`	`80`	`addresses []netip.Prefix`
`77`	`81`	`derpMap*tailcfg.DERPMap`
`78`	`82`	`logger slog.Logger`
`79`	`83`	`blockEndpointsbool`
	`84`	`+matchDomain dnsname.FQDN`
`80`	`85`
`81`	`86`	`// for testing`
`82`	`87`	`clock quartz.Clock`
`83`	`88`	`}`
`84`	`89`
`85`		`-funcnewConfigMaps(logger slog.Logger,engineengineConfigurable,nodeID tailcfg.NodeID,nodeKey key.NodePrivate,discoKey key.DiscoPublic)*configMaps {`
	`90`	`+funcnewConfigMaps(`
	`91`	`+logger slog.Logger,engineengineConfigurable,`
	`92`	`+nodeID tailcfg.NodeID,nodeKey key.NodePrivate,discoKey key.DiscoPublic,`
	`93`	`+matchDomain dnsname.FQDN,`
	`94`	`+)*configMaps {`
`86`	`95`	`pubKey:=nodeKey.Public()`
`87`	`96`	`c:=&configMaps{`
`88`	`97`	`phased:phased{Cond:*(sync.NewCond(&sync.Mutex{}))},`
`@@ -125,8 +134,9 @@ func newConfigMaps(logger slog.Logger, engine engineConfigurable, nodeID tailcfg`
`125`	`134`	`Caps: []filter.CapMatch{},`
`126`	`135`	`}},`
`127`	`136`	`},`
`128`		`-peers:make(map[uuid.UUID]*peerLifecycle),`
`129`		`-clock:quartz.NewReal(),`
	`137`	`+peers:make(map[uuid.UUID]*peerLifecycle),`
	`138`	`+matchDomain:matchDomain,`
	`139`	`+clock:quartz.NewReal(),`
`130`	`140`	`}`
`131`	`141`	`goc.configLoop()`
`132`	`142`	`returnc`
`@@ -338,7 +348,7 @@ func (c configMaps) reconfig(nm netmap.NetworkMap, hosts map[dnsname.FQDN][]ne`
`338`	`348`	`dnsCfg.Hosts=hosts`
`339`	`349`	`dnsCfg.OnlyIPv6=true`
`340`	`350`	`dnsCfg.Routes=map[dnsname.FQDN][]*dnstype.Resolver{`
`341`		`-CoderDNSSuffix:nil,`
	`351`	`+c.matchDomain:nil,`
`342`	`352`	`}`
`343`	`353`	`}`
`344`	`354`	`cfg,err:=nmcfg.WGCfg(nm,Logger(c.logger.Named("net.wgconfig")),netmap.AllowSingleHosts,"")`

`‎tailnet/configmaps_internal_test.go`

Lines changed: 24 additions & 21 deletions

Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ func TestConfigMaps_setAddresses_different(t *testing.T) {`
`34`	`34`	`nodePrivateKey:=key.NewNode()`
`35`	`35`	`nodeID:=tailcfg.NodeID(5)`
`36`	`36`	`discoKey:=key.NewDisco()`
`37`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`37`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`38`	`38`	`deferuut.close()`
`39`	`39`
`40`	`40`	`addrs:= []netip.Prefix{netip.MustParsePrefix("192.168.0.200/32")}`
`@@ -93,7 +93,7 @@ func TestConfigMaps_setAddresses_same(t *testing.T) {`
`93`	`93`	`nodeID:=tailcfg.NodeID(5)`
`94`	`94`	`discoKey:=key.NewDisco()`
`95`	`95`	`addrs:= []netip.Prefix{netip.MustParsePrefix("192.168.0.200/32")}`
`96`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`96`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`97`	`97`	`deferuut.close()`
`98`	`98`
`99`	`99`	`// Given: addresses already set`
`@@ -123,7 +123,7 @@ func TestConfigMaps_updatePeers_new(t *testing.T) {`
`123`	`123`	`nodePrivateKey:=key.NewNode()`
`124`	`124`	`nodeID:=tailcfg.NodeID(5)`
`125`	`125`	`discoKey:=key.NewDisco()`
`126`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`126`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`127`	`127`	`deferuut.close()`
`128`	`128`
`129`	`129`	`p1ID:= uuid.UUID{1}`
`@@ -193,7 +193,7 @@ func TestConfigMaps_updatePeers_new_waitForHandshake_neverConfigures(t *testing.`
`193`	`193`	`nodePrivateKey:=key.NewNode()`
`194`	`194`	`nodeID:=tailcfg.NodeID(5)`
`195`	`195`	`discoKey:=key.NewDisco()`
`196`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`196`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`197`	`197`	`deferuut.close()`
`198`	`198`	`mClock:=quartz.NewMock(t)`
`199`	`199`	`uut.clock=mClock`
`@@ -237,7 +237,7 @@ func TestConfigMaps_updatePeers_new_waitForHandshake_outOfOrder(t *testing.T) {`
`237`	`237`	`nodePrivateKey:=key.NewNode()`
`238`	`238`	`nodeID:=tailcfg.NodeID(5)`
`239`	`239`	`discoKey:=key.NewDisco()`
`240`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`240`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`241`	`241`	`deferuut.close()`
`242`	`242`	`mClock:=quartz.NewMock(t)`
`243`	`243`	`uut.clock=mClock`
`@@ -308,7 +308,7 @@ func TestConfigMaps_updatePeers_new_waitForHandshake(t *testing.T) {`
`308`	`308`	`nodePrivateKey:=key.NewNode()`
`309`	`309`	`nodeID:=tailcfg.NodeID(5)`
`310`	`310`	`discoKey:=key.NewDisco()`
`311`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`311`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`312`	`312`	`deferuut.close()`
`313`	`313`	`mClock:=quartz.NewMock(t)`
`314`	`314`	`uut.clock=mClock`
`@@ -379,7 +379,7 @@ func TestConfigMaps_updatePeers_new_waitForHandshake_timeout(t *testing.T) {`
`379`	`379`	`nodePrivateKey:=key.NewNode()`
`380`	`380`	`nodeID:=tailcfg.NodeID(5)`
`381`	`381`	`discoKey:=key.NewDisco()`
`382`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`382`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`383`	`383`	`deferuut.close()`
`384`	`384`	`mClock:=quartz.NewMock(t)`
`385`	`385`	`uut.clock=mClock`
`@@ -437,7 +437,7 @@ func TestConfigMaps_updatePeers_same(t *testing.T) {`
`437`	`437`	`nodePrivateKey:=key.NewNode()`
`438`	`438`	`nodeID:=tailcfg.NodeID(5)`
`439`	`439`	`discoKey:=key.NewDisco()`
`440`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`440`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`441`	`441`	`deferuut.close()`
`442`	`442`
`443`	`443`	`// Then: we don't configure`
`@@ -496,7 +496,7 @@ func TestConfigMaps_updatePeers_disconnect(t *testing.T) {`
`496`	`496`	`nodePrivateKey:=key.NewNode()`
`497`	`497`	`nodeID:=tailcfg.NodeID(5)`
`498`	`498`	`discoKey:=key.NewDisco()`
`499`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`499`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`500`	`500`	`deferuut.close()`
`501`	`501`
`502`	`502`	`p1ID:= uuid.UUID{1}`
`@@ -564,7 +564,7 @@ func TestConfigMaps_updatePeers_lost(t *testing.T) {`
`564`	`564`	`nodePrivateKey:=key.NewNode()`
`565`	`565`	`nodeID:=tailcfg.NodeID(5)`
`566`	`566`	`discoKey:=key.NewDisco()`
`567`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`567`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`568`	`568`	`deferuut.close()`
`569`	`569`	`mClock:=quartz.NewMock(t)`
`570`	`570`	`start:=mClock.Now()`
`@@ -649,7 +649,7 @@ func TestConfigMaps_updatePeers_lost_and_found(t *testing.T) {`
`649`	`649`	`nodePrivateKey:=key.NewNode()`
`650`	`650`	`nodeID:=tailcfg.NodeID(5)`
`651`	`651`	`discoKey:=key.NewDisco()`
`652`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`652`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`653`	`653`	`deferuut.close()`
`654`	`654`	`mClock:=quartz.NewMock(t)`
`655`	`655`	`start:=mClock.Now()`
`@@ -734,7 +734,7 @@ func TestConfigMaps_setAllPeersLost(t *testing.T) {`
`734`	`734`	`nodePrivateKey:=key.NewNode()`
`735`	`735`	`nodeID:=tailcfg.NodeID(5)`
`736`	`736`	`discoKey:=key.NewDisco()`
`737`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`737`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`738`	`738`	`deferuut.close()`
`739`	`739`	`mClock:=quartz.NewMock(t)`
`740`	`740`	`start:=mClock.Now()`
`@@ -820,7 +820,7 @@ func TestConfigMaps_setBlockEndpoints_different(t *testing.T) {`
`820`	`820`	`nodePrivateKey:=key.NewNode()`
`821`	`821`	`nodeID:=tailcfg.NodeID(5)`
`822`	`822`	`discoKey:=key.NewDisco()`
`823`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`823`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`824`	`824`	`deferuut.close()`
`825`	`825`
`826`	`826`	`p1ID:=uuid.MustParse("10000000-0000-0000-0000-000000000000")`
`@@ -864,7 +864,7 @@ func TestConfigMaps_setBlockEndpoints_same(t *testing.T) {`
`864`	`864`	`nodePrivateKey:=key.NewNode()`
`865`	`865`	`nodeID:=tailcfg.NodeID(5)`
`866`	`866`	`discoKey:=key.NewDisco()`
`867`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`867`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`868`	`868`	`deferuut.close()`
`869`	`869`
`870`	`870`	`p1ID:=uuid.MustParse("10000000-0000-0000-0000-000000000000")`
`@@ -907,7 +907,7 @@ func TestConfigMaps_setDERPMap_different(t *testing.T) {`
`907`	`907`	`nodePrivateKey:=key.NewNode()`
`908`	`908`	`nodeID:=tailcfg.NodeID(5)`
`909`	`909`	`discoKey:=key.NewDisco()`
`910`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`910`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`911`	`911`	`deferuut.close()`
`912`	`912`
`913`	`913`	`derpMap:=&tailcfg.DERPMap{`
`@@ -948,7 +948,7 @@ func TestConfigMaps_setDERPMap_same(t *testing.T) {`
`948`	`948`	`nodePrivateKey:=key.NewNode()`
`949`	`949`	`nodeID:=tailcfg.NodeID(5)`
`950`	`950`	`discoKey:=key.NewDisco()`
`951`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`951`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`952`	`952`	`deferuut.close()`
`953`	`953`
`954`	`954`	`// Given: DERP Map already set`
`@@ -1017,7 +1017,7 @@ func TestConfigMaps_fillPeerDiagnostics(t *testing.T) {`
`1017`	`1017`	`nodePrivateKey:=key.NewNode()`
`1018`	`1018`	`nodeID:=tailcfg.NodeID(5)`
`1019`	`1019`	`discoKey:=key.NewDisco()`
`1020`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`1020`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`1021`	`1021`	`deferuut.close()`
`1022`	`1022`
`1023`	`1023`	`// Given: DERP Map and peer already set`
`@@ -1125,7 +1125,7 @@ func TestConfigMaps_updatePeers_nonexist(t *testing.T) {`
`1125`	`1125`	`nodePrivateKey:=key.NewNode()`
`1126`	`1126`	`nodeID:=tailcfg.NodeID(5)`
`1127`	`1127`	`discoKey:=key.NewDisco()`
`1128`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`1128`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),CoderDNSSuffixFQDN)`
`1129`	`1129`	`deferuut.close()`
`1130`	`1130`
`1131`	`1131`	`// Then: we don't configure`
`@@ -1166,7 +1166,8 @@ func TestConfigMaps_addRemoveHosts(t *testing.T) {`
`1166`	`1166`	`nodePrivateKey:=key.NewNode()`
`1167`	`1167`	`nodeID:=tailcfg.NodeID(5)`
`1168`	`1168`	`discoKey:=key.NewDisco()`
`1169`		`-uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public())`
	`1169`	`+suffix:=dnsname.FQDN("test.")`
	`1170`	`+uut:=newConfigMaps(logger,fEng,nodeID,nodePrivateKey,discoKey.Public(),suffix)`
`1170`	`1171`	`deferuut.close()`
`1171`	`1172`
`1172`	`1173`	`addr1:=CoderServicePrefix.AddrFromUUID(uuid.New())`
`@@ -1190,8 +1191,10 @@ func TestConfigMaps_addRemoveHosts(t *testing.T) {`
`1190`	`1191`	`req:=testutil.RequireRecvCtx(ctx,t,fEng.reconfig)`
`1191`	`1192`	`require.Equal(t,req.dnsCfg,&dns.Config{`
`1192`	`1193`	`Routes:map[dnsname.FQDN][]*dnstype.Resolver{`
`1193`		`-CoderDNSSuffix:nil,`
	`1194`	`+suffix:nil,`
`1194`	`1195`	`},`
	`1196`	`+// Note that host names and Routes are independent --- so we faithfully reproduce the hosts, even though`
	`1197`	`+// they don't match the route.`
`1195`	`1198`	`Hosts:map[dnsname.FQDN][]netip.Addr{`
`1196`	`1199`	`"agent.myws.me.coder.": {`
`1197`	`1200`	`addr1,`
`@@ -1219,7 +1222,7 @@ func TestConfigMaps_addRemoveHosts(t *testing.T) {`
`1219`	`1222`	`req=testutil.RequireRecvCtx(ctx,t,fEng.reconfig)`
`1220`	`1223`	`require.Equal(t,req.dnsCfg,&dns.Config{`
`1221`	`1224`	`Routes:map[dnsname.FQDN][]*dnstype.Resolver{`
`1222`		`-CoderDNSSuffix:nil,`
	`1225`	`+suffix:nil,`
`1223`	`1226`	`},`
`1224`	`1227`	`Hosts:map[dnsname.FQDN][]netip.Addr{`
`1225`	`1228`	`"newagent.myws.me.coder.": {`

`‎tailnet/conn.go`

Lines changed: 12 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -120,6 +120,9 @@ type Options struct {`
`120`	`120`	`// WireguardMonitor is optional, and is passed to the underlying wireguard`
`121`	`121`	`// engine.`
`122`	`122`	`WireguardMonitor*netmon.Monitor`
	`123`	`+// DNSMatchDomain is the DNS suffix to use as a match domain. Only relevant for TUN connections that configure the`
	`124`	`+// OS DNS resolver.`
	`125`	`+DNSMatchDomainstring`
`123`	`126`	`}`
`124`	`127`
`125`	`128`	`// TelemetrySink allows tailnet.Conn to send network telemetry to the Coder`
`@@ -267,12 +270,21 @@ func NewConn(options Options) (conn Conn, err error) {`
`267`	`270`	`netStack.ProcessLocalIPs=true`
`268`	`271`	`}`
`269`	`272`
	`273`	`+ifoptions.DNSMatchDomain=="" {`
	`274`	`+options.DNSMatchDomain=CoderDNSSuffix`
	`275`	`+}`
	`276`	`+matchDomain,err:=dnsname.ToFQDN(options.DNSMatchDomain+".")`
	`277`	`+iferr!=nil {`
	`278`	`+returnnil,xerrors.Errorf("convert hostname suffix (%s) to fully-qualified domain: %w",`
	`279`	`+options.DNSMatchDomain,err)`
	`280`	`+}`
`270`	`281`	`cfgMaps:=newConfigMaps(`
`271`	`282`	`options.Logger,`
`272`	`283`	`wireguardEngine,`
`273`	`284`	`nodeID,`
`274`	`285`	`nodePrivateKey,`
`275`	`286`	`magicConn.DiscoPublicKey(),`
	`287`	`+matchDomain,`
`276`	`288`	`)`
`277`	`289`	`cfgMaps.setAddresses(options.Addresses)`
`278`	`290`	`ifoptions.DERPMap!=nil {`

`‎tailnet/controllers.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1309,7 +1309,7 @@ func NewTunnelAllWorkspaceUpdatesController(`
`1309`	`1309`	`t:=&TunnelAllWorkspaceUpdatesController{`
`1310`	`1310`	`logger:logger,`
`1311`	`1311`	`coordCtrl:c,`
`1312`		`-dnsNameOptions:DNSNameOptions{"coder"},`
	`1312`	`+dnsNameOptions:DNSNameOptions{CoderDNSSuffix},`
`1313`	`1313`	`}`
`1314`	`1314`	`for_,opt:=rangeopts {`
`1315`	`1315`	`opt(t)`

`‎tailnet/controllers_test.go`

Lines changed: 6 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -1637,7 +1637,7 @@ func TestTunnelAllWorkspaceUpdatesController_DeleteAgent(t *testing.T) {`
`1637`	`1637`	`fUH:=newFakeUpdateHandler(ctx,t)`
`1638`	`1638`	`fDNS:=newFakeDNSSetter(ctx,t)`
`1639`	`1639`	`coordC,updateC,updateCtrl:=setupConnectedAllWorkspaceUpdatesController(ctx,t,logger,`
`1640`		`-tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:"coder"}),`
	`1640`	`+tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:tailnet.CoderDNSSuffix}),`
`1641`	`1641`	`tailnet.WithHandler(fUH),`
`1642`	`1642`	`)`
`1643`	`1643`
`@@ -1664,7 +1664,8 @@ func TestTunnelAllWorkspaceUpdatesController_DeleteAgent(t *testing.T) {`
`1664`	`1664`	`require.Equal(t,w1a1ID[:],coordCall.req.GetAddTunnel().GetId())`
`1665`	`1665`	`testutil.RequireSendCtx(ctx,t,coordCall.err,nil)`
`1666`	`1666`
`1667`		`-expectedCoderConnectFQDN,err:=dnsname.ToFQDN(fmt.Sprintf(tailnet.IsCoderConnectEnabledFmtString,"coder"))`
	`1667`	`+expectedCoderConnectFQDN,err:=dnsname.ToFQDN(`
	`1668`	`+fmt.Sprintf(tailnet.IsCoderConnectEnabledFmtString,tailnet.CoderDNSSuffix))`
`1668`	`1669`	`require.NoError(t,err)`
`1669`	`1670`
`1670`	`1671`	`// DNS for w1a1`
`@@ -1785,7 +1786,7 @@ func TestTunnelAllWorkspaceUpdatesController_DNSError(t *testing.T) {`
`1785`	`1786`	`fConn:=&fakeCoordinatee{}`
`1786`	`1787`	`tsc:=tailnet.NewTunnelSrcCoordController(logger,fConn)`
`1787`	`1788`	`uut:=tailnet.NewTunnelAllWorkspaceUpdatesController(logger,tsc,`
`1788`		`-tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:"coder"}),`
	`1789`	`+tailnet.WithDNS(fDNS,"testy", tailnet.DNSNameOptions{Suffix:tailnet.CoderDNSSuffix}),`
`1789`	`1790`	`)`
`1790`	`1791`
`1791`	`1792`	`updateC:=newFakeWorkspaceUpdateClient(ctx,t)`
`@@ -1806,7 +1807,8 @@ func TestTunnelAllWorkspaceUpdatesController_DNSError(t *testing.T) {`
`1806`	`1807`	`upRecvCall:=testutil.RequireRecvCtx(ctx,t,updateC.recv)`
`1807`	`1808`	`testutil.RequireSendCtx(ctx,t,upRecvCall.resp,initUp)`
`1808`	`1809`
`1809`		`-expectedCoderConnectFQDN,err:=dnsname.ToFQDN(fmt.Sprintf(tailnet.IsCoderConnectEnabledFmtString,"coder"))`
	`1810`	`+expectedCoderConnectFQDN,err:=dnsname.ToFQDN(`
	`1811`	`+fmt.Sprintf(tailnet.IsCoderConnectEnabledFmtString,tailnet.CoderDNSSuffix))`
`1810`	`1812`	`require.NoError(t,err)`
`1811`	`1813`
`1812`	`1814`	`// DNS for w1a1`

`‎vpn/client.go`

Lines changed: 5 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ import (`
`7`	`7`	`"net/url"`
`8`	`8`
`9`	`9`	`"golang.org/x/xerrors"`
	`10`	`+`
`10`	`11`	`"tailscale.com/net/dns"`
`11`	`12`	`"tailscale.com/net/netmon"`
`12`	`13`	`"tailscale.com/wgengine/router"`
`@@ -108,9 +109,11 @@ func (client) NewConn(initCtx context.Context, serverURL url.URL, token string`
`108`	`109`	`returnnil,xerrors.Errorf("get connection info: %w",err)`
`109`	`110`	`}`
`110`	`111`	`// default to DNS suffix of "coder" if the server hasn't set it (might be too old).`
`111`		`-dnsNameOptions:= tailnet.DNSNameOptions{Suffix:"coder"}`
	`112`	`+dnsNameOptions:= tailnet.DNSNameOptions{Suffix:tailnet.CoderDNSSuffix}`
	`113`	`+dnsMatch:=tailnet.CoderDNSSuffix`
`112`	`114`	`ifconnInfo.HostnameSuffix!="" {`
`113`	`115`	`dnsNameOptions.Suffix=connInfo.HostnameSuffix`
	`116`	`+dnsMatch=connInfo.HostnameSuffix`
`114`	`117`	`}`
`115`	`118`
`116`	`119`	`headers.Set(codersdk.SessionTokenHeader,token)`
`@@ -134,6 +137,7 @@ func (client) NewConn(initCtx context.Context, serverURL url.URL, token string`
`134`	`137`	`Router:options.Router,`
`135`	`138`	`TUNDev:options.TUNDevice,`
`136`	`139`	`WireguardMonitor:options.WireguardMonitor,`
	`140`	`+DNSMatchDomain:dnsMatch,`
`137`	`141`	`})`
`138`	`142`	`iferr!=nil {`
`139`	`143`	`returnnil,xerrors.Errorf("create tailnet: %w",err)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9e2af3e

File tree

6 files changed

6 files changed

`‎tailnet/configmaps.go`

`‎tailnet/configmaps_internal_test.go`

`‎tailnet/conn.go`

`‎tailnet/controllers.go`

`‎tailnet/controllers_test.go`

`‎vpn/client.go`

0 commit comments