Documentation
¶
Overview ¶
Package tailscale provides a minimal control plane API client for internal use. A full client for 3rd party use is available at tailscale.com/client/tailscale/v2. The internal client is provided to avoid having to import that whole package.
Index ¶
- Variables
- func HandleErrorResponse(b []byte, resp *http.Response) error
- func SendRequest(c *Client, req *http.Request) ([]byte, *http.Response, error)
- type APIKey
- type AuthMethod
- type Client
- func (client *Client) CreateOrUpdateVIPService(ctx context.Context, svc *VIPService) error
- func (client *Client) DeleteVIPService(ctx context.Context, name tailcfg.ServiceName) error
- func (client *Client) GetVIPService(ctx context.Context, name tailcfg.ServiceName) (*VIPService, error)
- func (client *Client) ListVIPServices(ctx context.Context) (*VIPServiceList, error)
- type Device
- type DeviceFieldsOpts
- type ErrResponse
- type Key
- type KeyCapabilities
- type KeyDeviceCapabilities
- type KeyDeviceCreateCapabilities
- type VIPService
- type VIPServiceList
Constants ¶
This section is empty.
Variables ¶
var HookResolveAuthKey feature.Hook[func(ctx context.Context, authKey string, tags []string) (string, error)]
HookResolveAuthKey resolves to [oauthkey.ResolveAuthKey] when the corresponding feature tag is enabled in the build process.
authKey is a standard device auth key or an OAuth client secret to resolve into an auth key. tags is the list of tags being advertised by the client (required to be provided for the OAuth secret case, and required to be the same as the list of tags for which the OAuth secret is allowed to issue auth keys).
var HookResolveAuthKeyViaWIF feature.Hook[func(ctx context.Context, baseURL, clientID, idToken string, tags []string) (string, error)]
HookResolveAuthKeyViaWIF resolves to [identityfederation.ResolveAuthKey] when the corresponding feature tag is enabled in the build process.
baseURL is the URL of the control server used for token exchange and authkey generation. clientID is the federated client ID used for token exchange, the format is <tailnet ID>/<oauth client ID> idToken is the Identity token from the identity provider tags is the list of tags to be associated with the auth key
Functions ¶
func HandleErrorResponse ¶
HandleErrorResponse is an alias to tailscale.com/client/tailscale.
Types ¶
type AuthMethod ¶
type AuthMethod = tsclient.AuthMethod
AuthMethod is an alias to tailscale.com/client/tailscale.
type Client ¶
Client is a wrapper of tailscale.com/client/tailscale.
func NewClient ¶
func NewClient(tailnet string, auth AuthMethod) *Client
NewClient is an alias to tailscale.com/client/tailscale.
func (*Client) CreateOrUpdateVIPService ¶
func (client *Client) CreateOrUpdateVIPService(ctx context.Context, svc *VIPService) error
CreateOrUpdateVIPService creates or updates a VIPService by its name. Caller must ensure that, if the VIPService already exists, the VIPService is fetched first to ensure that any auto-allocated IP addresses are not lost during the update. If the VIPService was created without any IP addresses explicitly set (so that they were auto-allocated by Tailscale) any subsequent request to this function that does not set any IP addresses will error.
func (*Client) DeleteVIPService ¶
DeleteVIPService deletes a VIPService by its name. It returns an error if the VIPService does not exist or if the deletion fails.
func (*Client) GetVIPService ¶
func (client *Client) GetVIPService(ctx context.Context, name tailcfg.ServiceName) (*VIPService, error)
GetVIPService retrieves a VIPService by its name. It returns 404 if the VIPService is not found.
func (*Client) ListVIPServices ¶ added in v1.86.0
func (client *Client) ListVIPServices(ctx context.Context) (*VIPServiceList, error)
ListVIPServices retrieves all existing Services and returns them as a list.
type DeviceFieldsOpts ¶
type DeviceFieldsOpts = tsclient.DeviceFieldsOpts
DeviceFieldsOpts is an alias to tailscale.com/client/tailscale.
type ErrResponse ¶
type ErrResponse = tsclient.ErrResponse
ErrResponse is an alias to tailscale.com/client/tailscale.
type KeyCapabilities ¶
type KeyCapabilities = tsclient.KeyCapabilities
KeyCapabilities is an alias to tailscale.com/client/tailscale.
type KeyDeviceCapabilities ¶
type KeyDeviceCapabilities = tsclient.KeyDeviceCapabilities
KeyDeviceCapabilities is an alias to tailscale.com/client/tailscale.
type KeyDeviceCreateCapabilities ¶
type KeyDeviceCreateCapabilities = tsclient.KeyDeviceCreateCapabilities
KeyDeviceCreateCapabilities is an alias to tailscale.com/client/tailscale.
type VIPService ¶
type VIPService struct {
// Name is a VIPService name in form svc:<leftmost-label-of-service-DNS-name>.
Name tailcfg.ServiceName `json:"name,omitempty"`
// Addrs are the IP addresses of the VIP Service. There are two addresses:
// the first is IPv4 and the second is IPv6.
// When creating a new VIP Service, the IP addresses are optional: if no
// addresses are specified then they will be selected. If an IPv4 address is
// specified at index 0, then that address will attempt to be used. An IPv6
// address can not be specified upon creation.
Addrs []string `json:"addrs,omitempty"`
// Comment is an optional text string for display in the admin panel.
Comment string `json:"comment,omitempty"`
// Annotations are optional key-value pairs that can be used to store arbitrary metadata.
Annotations map[string]string `json:"annotations,omitempty"`
// Ports are the ports of a VIPService that will be configured via Tailscale serve config.
// If set, any node wishing to advertise this VIPService must have this port configured via Tailscale serve.
Ports []string `json:"ports,omitempty"`
// Tags are optional ACL tags that will be applied to the VIPService.
Tags []string `json:"tags,omitempty"`
}
VIPService is a Tailscale VIPService with Tailscale API JSON representation.
type VIPServiceList ¶ added in v1.86.0
type VIPServiceList struct {
VIPServices []VIPService `json:"vipServices"`
}
VIPServiceList represents the JSON response to the list VIP Services API.
Source Files