Wade Simmons
448f06a378
Merge remote-tracking branch 'origin/master' into multiport
2026-05-27 22:24:53 -04:00
Nate Brown
625f58b84a
Record my local details in the dns server if enabled ( #1716 )
2026-05-15 15:36:44 -05:00
Nate Brown
213dd46588
Stop leaking goroutines past Control.Stop, consolidate punching in Punchy ( #1708 )
2026-05-06 16:21:16 -05:00
Wade Simmons
bb3c70da2e
WIP
2026-05-06 14:31:11 -04:00
Wade Simmons
2f50b3c54f
Merge remote-tracking branch 'origin/master' into multiport
2026-05-06 14:26:49 -04:00
Nate Brown
33c2d7277c
Reduce HandshakeManager complexity a little bit ( #1701 )
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / Run extra smoke tests (push) Failing after 3s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-05-01 13:21:38 -05:00
Nate Brown
1ab1f71dba
Make stats a server we can reconfigure and start/stop ( #1670 )
gofmt / Run gofmt (push) Failing after 2s
smoke-extra / Run extra smoke tests (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 3s
Build and test / Build all and test on ubuntu-linux (push) Failing after 2s
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-04-27 12:25:24 -05:00
Nate Brown
d0f02ba873
Switch to slog, remove logrus ( #1672 )
2026-04-27 09:41:47 -05:00
Nate Brown
2f4532f102
No more dns globals, proper cleanup on shutdown ( #1667 )
2026-04-21 12:41:10 -05:00
Jack Doan
e80b9830a3
Remove more os.Exit calls and give a more reliable wait for stop function (attempt 3) ( #1661 )
2026-04-20 16:08:26 -05:00
Wade Simmons
422fc2ad1e
go fix ( #1608 )
gofmt / Run gofmt (push) Failing after 3s
smoke-extra / Run extra smoke tests (push) Failing after 2s
smoke / Run multi node smoke test (push) Failing after 2s
Build and test / Build all and test on ubuntu-linux (push) Failing after 2s
Build and test / Build and test on linux with boringcrypto (push) Failing after 3s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
2026-02-17 11:42:14 -05:00
Wade Simmons
0824035906
Merge remote-tracking branch 'origin/master' into multiport
2026-01-21 10:58:11 -05:00
Nate Brown
1283ff0db4
Add option to control accepting recv_error ( #1569 )
2026-01-13 00:00:27 -06:00
Wade Simmons
510a8912a9
Merge remote-tracking branch 'origin/master' into multiport
2025-12-04 15:22:14 -05:00
Wade Simmons
36c890eaad
populate default Build version if missing ( #1386 )
...
* populate default Build version if missing
Use the Go module information built into the binary if the Build var
wasn't set during the build.
This means if you install via a specific tag, you get:
go install github.com/slackhq/nebula/cmd/nebula@v1.9.5
$ nebula -version
Version: 1.9.5
And if you install master, you get:
go install github.com/slackhq/nebula/cmd/nebula@master
$ nebula -version
Version: 1.9.5-0.20250408154034-18279ed17b10
* also default in the library
* cleanup
2025-11-14 08:58:15 -05:00
Wade Simmons
48f1ae98ba
switch to go.yaml.in/yaml ( #1478 )
...
The `gopkg.in/yaml.v3` library has been declared as Unmaintained:
- https://github.com/go-yaml/yaml?tab=readme-ov-file#this-project-is-unmaintained
The YAML org has taken over maintaining it and now publishes it as
`go.yaml.in/yaml`:
- https://github.com/yaml/go-yaml
2025-11-12 10:26:22 -05:00
Jack Doan
0f305d5397
don't block startup on failure to configure SSH ( #1520 )
2025-11-05 10:41:56 -06:00
Wade Simmons
ae9de47dd9
Merge remote-tracking branch 'origin/master' into multiport
2025-07-11 12:57:52 -04:00
Nate Brown
52623820c2
Drop inactive tunnels ( #1427 )
2025-07-03 09:58:37 -05:00
Wade Simmons
879852c32a
upgrade to yaml.v3 ( #1148 )
...
gofmt / Run gofmt (push) Successful in 37s
smoke-extra / Run extra smoke tests (push) Failing after 20s
smoke / Run multi node smoke test (push) Failing after 1m25s
Build and test / Build all and test on ubuntu-linux (push) Failing after 18m51s
Build and test / Build and test on linux with boringcrypto (push) Failing after 2m44s
Build and test / Build and test on linux with pkcs11 (push) Failing after 2m27s
Build and test / Build and test on macos-latest (push) Has been cancelled
Build and test / Build and test on windows-latest (push) Has been cancelled
* upgrade to yaml.v3
The main nice fix here is that maps unmarshal into `map[string]any`
instead of `map[any]any`, so it cleans things up a bit.
* add config.AsBool
Since yaml.v3 doesn't automatically convert yes to bool now, for
backwards compat
* use type aliases for m
* more cleanup
* more cleanup
* more cleanup
* go mod cleanup
2025-03-31 16:08:34 -04:00
Wade Simmons
f36db374ac
Merge remote-tracking branch 'origin/master' into multiport
2025-03-06 16:11:32 -05:00
Nate Brown
d97ed57a19
V2 certificate format ( #1216 )
...
Co-authored-by: Nate Brown <nbrown.us@gmail.com >
Co-authored-by: Jack Doan <jackdoan@rivian.com >
Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com >
Co-authored-by: Jack Doan <me@jackdoan.com >
2025-03-06 11:28:26 -06:00
Nate Brown
08ac65362e
Cert interface ( #1212 )
2024-10-10 18:00:22 -05:00
Wade Simmons
dabce8a1b4
Merge tag 'v1.9.4' into multiport
...
1.9.4 Release
2024-09-13 10:17:59 -04:00
Jack Doan
248cf194cd
fix integer wraparound in the calculation of handshake timeouts on 32-bit targets ( #1185 )
...
Fixes : #1169
2024-08-13 09:25:18 -04:00
Nate Brown
e264a0ff88
Switch most everything to netip in prep for ipv6 in the overlay ( #1173 )
2024-07-31 10:18:56 -05:00
Wade Simmons
b445d14ddb
Merge remote-tracking branch 'origin/master' into multiport
2024-05-08 11:22:19 -04:00
Nate Brown
a390125935
Support reloading preferred_ranges ( #1043 )
2024-04-03 22:14:51 -05:00
Wade Simmons
659d7fece6
Merge tag 'v1.8.2' into multiport
...
1.8.2 Release
2024-01-26 10:45:15 -05:00
Wade Simmons
0564d0a2cf
when listen.port is zero, fix multiple routines ( #1057 )
...
This used to work correctly because when the multiple routines work was
first added in #382 , but an important part to discover the listen port
before opening the other listeners on the same socket was lost in this
PR: #653 .
This change should fix the regression and allow multiple routines to
work correctly when listen.port is set to `0`.
Thanks to @rawdigits for tracking down and discovering this regression.
2024-01-08 13:49:44 -05:00
Ben Ritcey
01cddb8013
Added firewall.rules.hash metric ( #1010 )
...
* Added firewall.rules.hash metric
Added a FNV-1 hash of the firewall rules as a Prometheus value.
* Switch FNV has to int64, include both hashes in log messages
* Use a uint32 for the FNV hash
Let go-metrics cast the uint32 to a int64, so it won't be lossy
when it eventually emits a float64 Prometheus metric.
2023-11-28 11:56:47 -05:00
Tristan Rice
1083279a45
add gvisor based service library ( #965 )
...
* add service/ library
2023-11-21 11:50:18 -05:00
Nate Brown
3356e03d85
Default pki.disconnect_invalid to true and make it reloadable ( #859 )
2023-11-13 12:39:38 -06:00
Lars Lehtonen
77a8ce1712
main: fix dropped error ( #1002 )
...
This isn't an actual issue because the current implementation of NewSSHServer never returns an error (https://github.com/slackhq/nebula/blob/v1.7.2/sshd/server.go#L56 ), but still good to fix so no surprises happen in the future.
2023-10-31 10:32:08 -04:00
Wade Simmons
f2aef0d6eb
Merge remote-tracking branch 'origin/master' into multiport
2023-10-27 08:48:13 -04:00
Nate Brown
076ebc6c6e
Simplify getting a hostinfo or starting a handshake with one ( #954 )
2023-08-21 18:51:45 -05:00
Nate Brown
5a131b2975
Combine ca, cert, and key handling ( #952 )
2023-08-14 21:32:40 -05:00
Nate Brown
223cc6e660
Limit how often a busy tunnel can requery the lighthouse ( #940 )
...
Co-authored-by: Wade Simmons <wadey@slack-corp.com >
2023-08-08 13:26:41 -05:00
Caleb Jasik
ed00f5d530
Remove unused config code (last edited 4yrs ago) ( #938 )
2023-07-31 15:59:20 -05:00
Nate Brown
14d0106716
Send the lh update worker into its own routine instead of taking over the reload routine ( #935 )
2023-07-27 14:38:10 -05:00
Nate Brown
a10baeee92
Pull hostmap and pending hostmap apart, remove unused functions ( #843 )
2023-07-24 12:37:52 -05:00
Nate Brown
3bbf5f4e67
Use an interface for udp conns ( #901 )
2023-06-14 10:48:52 -05:00
Wade Simmons
0e593ad582
Merge branch 'master' into multiport
2023-05-09 15:37:30 -04:00
brad-defined
bd9cc01d62
Dns static lookerupper ( #796 )
...
* Support lighthouse DNS names, and regularly resolve the name in a background goroutine to discover DNS updates.
2023-05-09 11:22:08 -04:00
Wade Simmons
28ecfcbc03
Merge remote-tracking branch 'origin/master' into multiport
2023-05-03 10:50:06 -04:00
Nate Brown
3cb4e0ef57
Allow listen.host to contain names ( #825 )
2023-04-05 11:29:26 -05:00
Wade Simmons
e71059a410
Merge remote-tracking branch 'origin/master' into multiport
2023-04-03 11:30:41 -04:00
Nate Brown
ee8e1348e9
Use connection manager to drive NAT maintenance ( #835 )
...
Co-authored-by: brad-defined <77982333+brad-defined@users.noreply.github.com >
2023-03-31 15:45:05 -05:00
Wade Simmons
aec7f5f865
Merge remote-tracking branch 'origin/master' into multiport
2023-03-13 15:07:32 -04:00
Tricia
0fc4d8192f
log network as String to match the other log event in interface.go that emits network ( #811 )
...
Co-authored-by: Tricia Bogen <tbogen@slack-corp.com >
2023-01-23 14:05:35 -05:00