From d0a8b89525d1efee3873fbb763fc164b8b67d6a9 Mon Sep 17 00:00:00 2001 From: Mario Minardi Date: Thu, 14 Mar 2024 14:45:21 -0600 Subject: [PATCH] ipn/ipnlocal, tailcfg: add disable-web-client node attribute Add a disable-web-client node attribute and add handling for disabling the web client when this node attribute is set. Updates https://github.com/tailscale/tailscale/issues/10261 --- ipn/ipnlocal/local.go | 7 ++++++- tailcfg/tailcfg.go | 3 +++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index 8a5736b6fc29c..aee9a9f87396c 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -4508,8 +4508,13 @@ func (b *LocalBackend) ShouldRunSSH() bool { return b.sshAtomicBool.Load() && en // call regardless of whether b.mu is held or not. func (b *LocalBackend) ShouldRunWebClient() bool { return b.webClientAtomicBool.Load() } +// setWebClientAtomicBoolLocked sets webClientAtomicBool based on whether +// the RunWebClient pref is set, and whether tailcfg.NodeAttrDisableWebClient +// has been set in the netmap.NetworkMap. +// +// b.mu must be held. func (b *LocalBackend) setWebClientAtomicBoolLocked(nm *netmap.NetworkMap, prefs ipn.PrefsView) { - shouldRun := prefs.Valid() && prefs.RunWebClient() + shouldRun := prefs.Valid() && prefs.RunWebClient() && !hasCapability(nm, tailcfg.NodeAttrDisableWebClient) wasRunning := b.webClientAtomicBool.Swap(shouldRun) if wasRunning && !shouldRun { go b.webClientShutdown() // stop web client diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go index aeb41ce7e918c..8af421e77fd38 100644 --- a/tailcfg/tailcfg.go +++ b/tailcfg/tailcfg.go @@ -2219,6 +2219,9 @@ const ( // NodeAttrSuggestExitNode is applied to each exit node which the control plane has determined // is a recommended exit node. NodeAttrSuggestExitNode NodeCapability = "suggest-exit-node" + + // NodeAttrDisableWebClient disables using the web client. + NodeAttrDisableWebClient NodeCapability = "disable-web-client" ) // SetDNSRequest is a request to add a DNS record.