leviathonbeast/ionscale
1
0
Fork 0
mirror of https://github.com/jsiebens/ionscale.git synced 2026-03-31 15:07:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: add support for ssh acl policies

Browse Source
This commit is contained in:
Johan Siebens
2022-10-06 20:49:05 +02:00
parent c70a4cfe6a
commit ddc65d2df9
24 changed files with 1627 additions and 209 deletions
Download Patch File Download Diff File Expand all files Collapse all files
proto/ionscale/v1/acl.proto
+8
View File
@@ -29,6 +29,7 @@ message ACLPolicy {
repeated ACL acls = 3;
map<string, google.protobuf.ListValue> tagowners = 4;
AutoApprovers autoapprovers = 5;
repeated SSHRule ssh = 6;
}
message ACL {
@@ -40,4 +41,11 @@ message ACL {
message AutoApprovers {
map<string, google.protobuf.ListValue> routes = 1;
repeated string exitnode = 2;
}
message SSHRule {
string action = 1;
repeated string src = 2;
repeated string dst = 3;
repeated string users = 4;
}
proto/ionscale/v1/ionscale.proto
+2
View File
@@ -38,6 +38,8 @@ service IonscaleService {
rpc DisableFileSharing (DisableFileSharingRequest) returns (DisableFileSharingResponse) {}
rpc EnabledServiceCollection (EnableServiceCollectionRequest) returns (EnableServiceCollectionResponse) {}
rpc DisableServiceCollection (DisableServiceCollectionRequest) returns (DisableServiceCollectionResponse) {}
rpc EnabledSSH (EnableSSHRequest) returns (EnableSSHResponse) {}
rpc DisableSSH (DisableSSHRequest) returns (DisableSSHResponse) {}
rpc GetDNSConfig (GetDNSConfigRequest) returns (GetDNSConfigResponse) {}
rpc SetDNSConfig (SetDNSConfigRequest) returns (SetDNSConfigResponse) {}
proto/ionscale/v1/tailnets.proto
+15
View File
@@ -91,4 +91,19 @@ message DisableServiceCollectionRequest {
}
message DisableServiceCollectionResponse {
}
message EnableSSHRequest {
uint64 tailnet_id = 1;
}
message EnableSSHResponse {
}
message DisableSSHRequest {
uint64 tailnet_id = 1;
}
message DisableSSHResponse {
}