Closed patrickod closed 9 months ago
I think this is Updates #9 and Fixes #29.
tsnet has the ListenTLS
func which does a tiny bit of this for you already. Would it be worth fleshing that out or adding additional helpers that golink could call into? Particularly if we expect this to be a common pattern.
Though I guess it's also worth keeping in mind that @maisem is working on removing the hard dependence on tsnet (#95), so we can't necessarily assume it will always be tsnet. Maybe the helpers belong in tsweb then? Or maybe this really does just need to be handled in the individual applications, though that would be kind of unfortunate.
tsnet has the ListenTLS func which does a tiny bit of this for you already
Please use ListenTLS. We currently only send down one CertDomain, that may change in the future but programs today should only account for the exact one. There are no promises made on what that would mean in the future or how that would change. ListenTLS aims to abstract that away from the caller.
Please use ListenTLS. We currently only send down one CertDomain, that may change in the future but programs today should only account for the exact one. There are no promises made on what that would mean in the future or how that would change. ListenTLS aims to abstract that away from the caller.
@maisem thank you - I am not surprised to discover that I was "holding it wrong" so to speak. The latest impl with ListenTLS
is much more concise.
Updates tailscale/golink#9 Fixes tailscale/golink#29
On tailnets with TLS enabled serve HTTP traffic with a separate redirectHandler which sends requests to our HTTPS listener destination.
Add
-L
to documented examples of usingcurl
to follow these redirects if present.