fix(tvl-headscale): restore default ACL policy
I omitted the `acls` section when adding the tag configuration. In "normal" tailscale, emitting this is equivalent to putting the defaults there (i.e. all traffic inside the tailnet is allowed), however in headscale it defaults to blocking everything instead. This meant that internal tailnet traffic wasn't really working correctly anymore. Change-Id: Ic37504e9a8a97b9f8eb3ac173c88201aef1c044a Reviewed-on: https://cl.tvl.fyi/c/depot/+/12972 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
This commit is contained in:
Vincent Ambo
clbot
parent
ddae25ebb5
commit
c30344475c
1 changed files with 6 additions and 0 deletions
|
|
@ -16,6 +16,12 @@
|
||||||
|
|
||||||
let
|
let
|
||||||
acl = with builtins; toFile "headscale-acl.json" (toJSON {
|
acl = with builtins; toFile "headscale-acl.json" (toJSON {
|
||||||
|
acls = [{
|
||||||
|
action = "accept";
|
||||||
|
src = [ "*" ];
|
||||||
|
dst = [ "*:*" ];
|
||||||
|
}];
|
||||||
|
|
||||||
groups."group:builders" = [ "tvl" "tvl-builders" ];
|
groups."group:builders" = [ "tvl" "tvl-builders" ];
|
||||||
tagOwners."tag:builders" = [ "group:builders" ];
|
tagOwners."tag:builders" = [ "group:builders" ];
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue