a414f03a59
- Configure tailscale serve automatically for each instance on Windows userspace networking. - Add local UI buttons: start/stop/reset/delete instances (stop/start preserve volumes). - Clean shutdown: stop tailscaled and instances, notify server with instance_stopped. - Restart tailscaled on agent boot using persisted state when pre-auth key is absent. - Sync instance stopped/deleted status to dashboard (server/lib/websocket.ts). - Security: include prior authz/scoping changes across API routes, ephemeral pre-auth keys, ACL policy, internal API key. - Update SUIVI_VPN_ONDEMAND.md and docs/ONBOARDING_CLIENT.md. - Bump agent version to 0.3.5.
32 lines
734 B
Go
32 lines
734 B
Go
package main
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
)
|
|
|
|
const nodeTokenFileName = "node.token"
|
|
|
|
func nodeTokenPath(dataDir string) string {
|
|
return filepath.Join(dataDir, nodeTokenFileName)
|
|
}
|
|
|
|
// loadNodeToken reads the persisted node authentication token, if any.
|
|
func loadNodeToken(dataDir string) (string, error) {
|
|
path := nodeTokenPath(dataDir)
|
|
data, err := os.ReadFile(path)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
return string(data), nil
|
|
}
|
|
|
|
// saveNodeToken persists the node authentication token with restrictive permissions.
|
|
func saveNodeToken(dataDir string, token string) error {
|
|
if err := os.MkdirAll(dataDir, 0755); err != nil {
|
|
return err
|
|
}
|
|
path := nodeTokenPath(dataDir)
|
|
return os.WriteFile(path, []byte(token), 0600)
|
|
}
|