miragenetwork / mirageserver Goto Github PK
View Code? Open in Web Editor NEW蜃境:基于Headscale修改的带WebUI开源版本Tailscale控制器
Home Page: https://www.gps.moe
License: BSD 3-Clause "New" or "Revised" License
蜃境:基于Headscale修改的带WebUI开源版本Tailscale控制器
Home Page: https://www.gps.moe
License: BSD 3-Clause "New" or "Revised" License
为了快速达到堪用水平,我们在控制器处理中有很多粗糙的地方(包括部分来自HS的),这些优先级不算高,但在方便时我们需要调整优化它们:
现象:
在管理员控制台修改组织的DNS配置(比如,开关override ),客户端在不进行断开重连的状态下不会应用新的配置。
初步调试信息:
1、控制台修改配置后,控制台能够即时显示正确的新配置,数据库中能够即时看到更新配置数据;
2、客户端从未收到与更新DNS配置有关的数据信息(应当不是客户端问题);
3、(以override为例)追踪控制器代码运行,在GetDNSConfig函数中,me.Organization.OverrideLocal一行进行覆写配置判断。在控制台进行配置后,先会调用一次到这里,用于返回给控制台更新后数据进行确认,此时断点显示数据为更新后数据。之后因为生成mapResponse,会针对每个在线客户端再次调用这里,就会在断点到此处后发现数据为各个客户端自己的旧数据。
4、结合3,因为在调用过程中依次使用了machine外键到user,user再外键到组织,所以可能存在因为这一方面导致的数据为缓存数据的问题。
RT
如题~
如题
超管页面集成github登录,然后使用 sdp 地址登录报错
{"level":"warn","time":"2023-09-18 16:49:49","message":"未能从Cookie读取到OIDC Token!"}
{"level":"error","caller":"/root/tmp/MirageServer/controller/oidc.go:45","error":"oidc: issuer did not match the issuer returned by provider, expected \"https://sdp.xx.club/issuer\" got \"https://vpn.xx.club/issuer\"","time":"2023-09-18 16:49:52","message":"Could not retrieve OIDC Config: oidc: issuer did not match the issuer returned by provider, expected \"https://sdp.xx.club/issuer\" got \"https://vpn.xx.club/issuer\""}
{"level":"warn","error":"oidc: issuer did not match the issuer returned by provider, expected \"https://sdp.xx.club/issuer\" got \"https://vpn.xx.club/issuer\"","time":"2023-09-18 16:49:52","message":"failed to set up OIDC provider, falling back to CLI based authentication"}
2023/09/18 16:49:52 http: panic serving 172.20.0.2:40922: runtime error: invalid memory address or nil pointer dereference
goroutine 852 [running]:
net/http.(*conn).serve.func1()
/usr/local/go/src/net/http/server.go:1868 +0xb9
panic({0x1dba4a0?, 0x362da50?})
/usr/local/go/src/runtime/panic.go:920 +0x270
golang.org/x/oauth2.(*Config).AuthCodeURL(0x0, {0xc0007483c0, 0x19}, {0xc00035b880, 0x2, 0x10?})
/root/go/pkg/mod/golang.org/x/[email protected]/oauth2.go:153 +0x5d
MirageNetwork/MirageServer/controller.(*Mirage).doDexLogin(0xc0000d20e0, {0x25f0920, 0xc0000d3340}, 0x1f3f120?, {0xc0007483c0, 0x19}, {0xc000a6c8a9, 0x6})
/root/tmp/MirageServer/controller/console_auth.go:103 +0x495
MirageNetwork/MirageServer/controller.(*Mirage).doLogin(0xc0000d20e0, {0x25f0920, 0xc0000d3340}, 0xc000818000)
/root/tmp/MirageServer/controller/console_auth.go:77 +0x79d
net/http.HandlerFunc.ServeHTTP(0xc0007ddf00?, {0x25f0920?, 0xc0000d3340?}, 0x1?)
/usr/local/go/src/net/http/server.go:2136 +0x29
github.com/gorilla/mux.(*Router).ServeHTTP(0xc000942300, {0x25f0920, 0xc0000d3340}, 0xc0007dde00)
/root/go/pkg/mod/github.com/gorilla/[email protected]/mux.go:210 +0x1c5
net/http.serverHandler.ServeHTTP({0x25ec200?}, {0x25f0920?, 0xc0000d3340?}, 0x6?)
/usr/local/go/src/net/http/server.go:2938 +0x8e
net/http.(*conn).serve(0xc0000a1ef0, {0x25f68b0, 0xc0009ff230})
/usr/local/go/src/net/http/server.go:2009 +0x5f4
created by net/http.(*Server).Serve in goroutine 482
/usr/local/go/src/net/http/server.go:3086 +0x5cb
需求:
增加一个租户管理员通过控制台将租户内某台机器通过邀请链接分享给另一个租户的能力。
需要调研的点:
受邀请方需要登录才能接受邀请将该分享机器接收入网,但是这个受邀方登录的账户是否需要具备管理员权限?
RT
代码更新本地直接编译有问题
GOROOT=/opt/homebrew/Cellar/go/1.21.0/libexec #gosetup
GOPATH=/Users/cly/go #gosetup
/opt/homebrew/Cellar/go/1.21.0/libexec/bin/go list -m -json -mod=readonly all #gosetup
go: cannot load module dex listed in go.work file: open dex/go.mod: no such file or directory
go: cannot load module MirageClient listed in go.work file: open MirageClient/go.mod: no such file or directory
package main
import (
"os"
"MirageNetwork/MirageServer/controller"
"MirageNetwork/MirageServer/controller"
这一行包貌似不在MirageNetwork下
描述:
我们集成的dex在对接三方认证上起到了很大的便利作用,但是发现的问题是,当在控制台进行过登录后,在注销后或者其他期望是重新进行三方认证的时候,似乎并不能强制再次在三方认证进行完整的认证流程。
因为已经弃用dex自己的页面,所以它没报错页面,最后是生成报错页面出错
{"level":"debug","handler":"/key","v":"61","time":"2023-04-26 14:23:52","message":"New noise client"} 2023/04/26 14:23:52 http: panic serving 172.18.0.2:41188: runtime error: invalid memory address or nil pointer dereference goroutine 41719 [running]: net/http.(*conn).serve.func1() /usr/local/go/src/net/http/server.go:1854 +0xbf panic({0x1e14760, 0x356fd20}) /usr/local/go/src/runtime/panic.go:890 +0x263 github.com/dexidp/dex/server.(*templates).err(0x0, 0xc000df4200, {0x25ecb50, 0xc000474000}, 0x1?, {0xc00015c900, 0x79}) /root/MirageServer/dex/server/templates.go:343 +0xf5 github.com/dexidp/dex/server.(*Server).renderError(0xc0004bedc0, 0x1a?, {0x25ecb50?, 0xc000474000?}, 0x1?, {0xc00015c900?, 0x0?}) /root/MirageServer/dex/server/handlers.go:1379 +0x3e github.com/dexidp/dex/server.(*Server).handleConnectorCallback(0xc0004bedc0, {0x25ecb50, 0xc000474000}, 0xc000df4200) /root/MirageServer/dex/server/handlers.go:492 +0xe98 github.com/dexidp/dex/server.InitDexServer.func5({0x25ecb50, 0xc000474000}, 0xc000df4200) /root/MirageServer/dex/server/wrapper.go:153 +0x129 net/http.HandlerFunc.ServeHTTP(0xc000df4100?, {0x25ecb50?, 0xc000474000?}, 0x800?) /usr/local/go/src/net/http/server.go:2122 +0x2f github.com/gorilla/mux.(*Router).ServeHTTP(0xc000164300, {0x25ecb50, 0xc000474000}, 0xc000df4000) /root/go/pkg/mod/github.com/gorilla/[email protected]/mux.go:210 +0x1cf net/http.serverHandler.ServeHTTP({0xc00070a090?}, {0x25ecb50, 0xc000474000}, 0xc000df4000) /usr/local/go/src/net/http/server.go:2936 +0x316 net/http.(*conn).serve(0xc0002f8000, {0x25edeb0, 0xc000ade0c0}) /usr/local/go/src/net/http/server.go:1995 +0x612 created by net/http.(*Server).Serve /usr/local/go/src/net/http/server.go:3089 +0x5ed {"level":"debug","error":"EOF","time":"2023-04-26 14:23:53","message":"The HTTP2 server was closed"} {"level":"debug","caller":"/root/MirageServer/controller/protocol_common.go:122","machine":"Work","machine_key":"[QD2le]","node_key":"[dazUH]","node_key_old":"[NpiHR]","follow_up":"https://sdp.matesafe.cn/a/447783b796a7","time":"2023-04-26 14:23:53","message":"Machine is waiting for interactive login"}
是否有计划继续更新?
docker编译工作流https://github.com/chenxudong2020/docker_builder/actions/workflows/Build_MirageServer.yml
dockerfile文件:
https://github.com/chenxudong2020/docker_builder/blob/main/MirageServer/Dockerfile
编译的docker运行脚本:
docker run --restart always -p 8081:8081 --name mirageserver -d
registry.cn-hangzhou.aliyuncs.com/dubux/mirageserver:latest
运行查看日志docker logs mirageserver
在超管配置小程序端后无法登陆,小程序后端正常获取用户信息,用户登录界面扫码登录后还停留登录界面,后端提示无法获取token
大佬,Debian 12上,下载了Release里的程序,直接运行。然后nginx做了反代,打开页面点绑定管理员的时候都可以弹出那个什么验证的弹窗。但是继续就会在页面右下角弹窗提示“Server responed with error. The message is: error-创建超管凭证失败”
使用了M1 Mac上的Safari,最新的Chrome,Windows 11上面的Chrome,都是一样的情况。
请教下这个是什么原因?
虽然主要服务于国人,但也有一些实际需求导致必须实现部分i18n能力支持
根据TS官方行为模式:
节点密钥“永不过期”开关自开转关时,对于原本距离过期多于30分钟的,按原过期时间处理,对于原本距离过期时间小于30分钟(含已过期)的,按照展期30分钟处理。
同时,需要在节点配置菜单对于已过期节点增加“临时展期“菜单项,等同于打开并关闭”永不过期“的操作
这部分初步目标是,更简便、更统一、更丰富功能特性的DERP(中文名:司南)组件。
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.