feat(agent): v0.3.5 Windows inbound forwarding, UI actions, lifecycle
- Configure tailscale serve automatically for each instance on Windows userspace networking. - Add local UI buttons: start/stop/reset/delete instances (stop/start preserve volumes). - Clean shutdown: stop tailscaled and instances, notify server with instance_stopped. - Restart tailscaled on agent boot using persisted state when pre-auth key is absent. - Sync instance stopped/deleted status to dashboard (server/lib/websocket.ts). - Security: include prior authz/scoping changes across API routes, ephemeral pre-auth keys, ACL policy, internal API key. - Update SUIVI_VPN_ONDEMAND.md and docs/ONBOARDING_CLIENT.md. - Bump agent version to 0.3.5.
This commit is contained in:
@@ -0,0 +1,31 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
)
|
||||
|
||||
const nodeTokenFileName = "node.token"
|
||||
|
||||
func nodeTokenPath(dataDir string) string {
|
||||
return filepath.Join(dataDir, nodeTokenFileName)
|
||||
}
|
||||
|
||||
// loadNodeToken reads the persisted node authentication token, if any.
|
||||
func loadNodeToken(dataDir string) (string, error) {
|
||||
path := nodeTokenPath(dataDir)
|
||||
data, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return string(data), nil
|
||||
}
|
||||
|
||||
// saveNodeToken persists the node authentication token with restrictive permissions.
|
||||
func saveNodeToken(dataDir string, token string) error {
|
||||
if err := os.MkdirAll(dataDir, 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
path := nodeTokenPath(dataDir)
|
||||
return os.WriteFile(path, []byte(token), 0600)
|
||||
}
|
||||
Reference in New Issue
Block a user