Closed aderumier closed 1 year ago
joaophi
commented
1 year ago Hi, I'm not sure what you want. Are you unable to use the extension with a custom login-server or do you want me to add an UI setting? If it's the later I don't know how it would work because this extension doesn't handle the authentication process.
aderumier
commented
1 year ago Hi,
currently it's not working, because login-server can't be setup with "tailscale set ..." like you do for other values.
It's need to be used as argument in tailscale up
"tailscale up --login-server https://yourfqdn.server"
So, what I would like, is to add the option in the gui and use it in tailscale up.
About authent, it's less important, but here the process:
For the authentification (I don't known how it's working with official tailscale), I'm using oidc. When tailscale up is launched, if the previous oidc session is expired, it give me this message
~/tailscale up --login-server https://....
To authenticate, visit:
https://yourheadscalefqdn443/oidc/register/nodekey:7a170acc018d021ee0b4ded06ed6d8cd8b5583eb7134e55ac09671a48970013e
Then I need to authenticate manually through a browser. (If they are a way to parse this url and auto-open the link, it could be wonderful !)
Then when the browser have authentified, the "tailscale up" command return "Success."
~/tailscale up --login-server https://....
To authenticate, visit:
https://yourheadscalefqdn443/oidc/register/nodekey:7a170acc018d021ee0b4ded06ed6d8cd8b5583eb7134e55ac09671a48970013e
Success.(after the first login, I can simply logout/login without re-authenticate, until the oidc session is valid in headscale)
joaophi
commented
1 year ago Yeah, but you have do pass --login-server only the first time, after that you can simply use tailscale up without args. I was able to use the extension with a custom login server when testing in my machine.
Hi,
it could be great to be able to define custom login-server for users using headscale
https://github.com/juanfont/headscale