Closed willnorris closed 11 months ago
@willnorris If it’s not too much to ask, could you rebase this from the main branch? I’ve merged a number of vulnerability fixes, version bumps and some earlier new functionality PRs?
Done. The Tailscale version bump helped me realize I forgot to exclude Mullvad exit nodes, so that was great! I also added some tests, to make clear what is happening.
Awesome: thanks for the contribution @willnorris!
This allows us to respond to node additions, removals, and renames in near-realtime instead of waiting a minute for the next poll event. Protect DNS entries map in a RWMutex.
This also uses the Tailscale computed hostname for DNS entries, rather than the reported hostname from the operating system. These can differ if another host already exists on the tailnet with that name, or if an admin has manually changed the name in the Tailscale admin panel. This now ensures that we are using the same hostname that's actually used on the tailnet.
This change also removes entries for nodes that have been shared into the tailnet. These hosts don't have unique names within the tailnet and must be addressed using the FQDN for their own tailnet. Because of that, I'm not sure that it ever makes sense to add DNS entries for these nodes, but this leaves a TODO to reconsider that in the future.