noncombatant
commented
10 months ago I think this is Updates #9 and Fixes #29.
Closed patrickod closed 9 months ago
noncombatant
commented
10 months ago I think this is Updates #9 and Fixes #29.
willnorris
commented
10 months ago tsnet has the ListenTLS func which does a tiny bit of this for you already. Would it be worth fleshing that out or adding additional helpers that golink could call into? Particularly if we expect this to be a common pattern.
willnorris
commented
10 months ago Though I guess it's also worth keeping in mind that @maisem is working on removing the hard dependence on tsnet (#95), so we can't necessarily assume it will always be tsnet. Maybe the helpers belong in tsweb then? Or maybe this really does just need to be handled in the individual applications, though that would be kind of unfortunate.
maisem
commented
10 months ago tsnet has the ListenTLS func which does a tiny bit of this for you already
Please use ListenTLS. We currently only send down one CertDomain, that may change in the future but programs today should only account for the exact one. There are no promises made on what that would mean in the future or how that would change. ListenTLS aims to abstract that away from the caller.
patrickod
commented
10 months ago Please use ListenTLS. We currently only send down one CertDomain, that may change in the future but programs today should only account for the exact one. There are no promises made on what that would mean in the future or how that would change. ListenTLS aims to abstract that away from the caller.
@maisem thank you - I am not surprised to discover that I was "holding it wrong" so to speak. The latest impl with ListenTLS is much more concise.
Updates tailscale/golink#9 Fixes tailscale/golink#29
On tailnets with TLS enabled serve HTTP traffic with a separate redirectHandler which sends requests to our HTTPS listener destination.
Add
-Lto documented examples of usingcurlto follow these redirects if present.