TS_SERVE_CONFIG is ignored when HTTPS is not enabled #14495
Labels
Comments
|
For those arriving here and looking for a workaround when using tailscale through a docker compose file to serve a non-HTTPS set of services, the following has worked for me as part of the tailscale service directive: where |
irbekrm
added a commit
that referenced
this issue
Jan 5, 2025
…in tailnets with HTTPS disabled Fixes an issue where, if a tailnet has HTTPS disabled, no serve config set via TS_SERVE_CONFIG was loaded, even if it did not contain an HTTPS endpoint. Now serve config provided to containerboot is considered invalid for tailnets with no HTTPS only if there is an HTTPS endpoint defined in the config. Fixes #14495 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jan 5, 2025
…ain HTTPS endpoint in tailnets with HTTPS disabled Fixes an issue where, if a tailnet has HTTPS disabled, no serve config set via TS_SERVE_CONFIG was loaded, even if it does not contain an HTTPS endpoint. Now for tailnets with HTTPS disabled serve config provided to containerboot is considered invalid (and therefore not loaded) only if there is an HTTPS endpoint defined in the config. Fixes #14495 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
irbekrm
added a commit
that referenced
this issue
Jan 5, 2025
…ain HTTPS endpoint in tailnets with HTTPS disabled Fixes an issue where, if a tailnet has HTTPS disabled, no serve config set via TS_SERVE_CONFIG was loaded, even if it does not contain an HTTPS endpoint. Now for tailnets with HTTPS disabled serve config provided to containerboot is considered invalid (and therefore not loaded) only if there is an HTTPS endpoint defined in the config. Fixes #14495 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What is the issue?
When I tried to use the
TS_SERVE_CONFIGenvironment variable (documentation referenced below) to set a serve config when deploying Tailscale in K3s (Kubernetes), the serve config was not being set (as observed bytailscale serve status --jsonand inspectingtailscaled.statefile, and serve itself not working). No error message is being displayed either. After investigating, I believe I found the offending code with a relevantTODOitem, referenced below.Tailscale currently fails to start if the file referenced by
TS_SERVE_CONFIGis missing or malformed, but not when it is being ignored. I think at the very least, Tailscale should show an error message or even fail to start, if this issue is more complicated than simply removing the if statement.For anyone wondering, the current workaround is to use
cat config.json | tailscale serve set-raw, butset-rawis an undocumented feature that might be gone anytime.In any case, thank you very much for this software! Tailscale is really convenient to use and I am willing to hack around it if it means that I can avoid other less convenient alternatives.
References:
tailscale/cmd/containerboot/serve.go
Lines 92 to 96 in c43c5ca
Steps to reproduce
No response
Are there any recent changes that introduced the issue?
No response
OS
No response
OS version
No response
Tailscale version
1.78.3
Other software
No response
Bug report
No response
The text was updated successfully, but these errors were encountered: