huanld
dba7b9ba50
checklocks / checklocks (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled
natlab-integrationtest / natlab-integrationtest (push) Has been cancelled
CI / gomod-cache (push) Has been cancelled
CI / race-root-integration (1/4) (push) Has been cancelled
CI / race-root-integration (2/4) (push) Has been cancelled
CI / race-root-integration (3/4) (push) Has been cancelled
CI / race-root-integration (4/4) (push) Has been cancelled
CI / test (-race, amd64, 1/3) (push) Has been cancelled
CI / test (-race, amd64, 2/3) (push) Has been cancelled
CI / test (-race, amd64, 3/3) (push) Has been cancelled
CI / test (386) (push) Has been cancelled
CI / test (amd64) (push) Has been cancelled
CI / Windows (benchmarks) (push) Has been cancelled
CI / Windows (1/2) (push) Has been cancelled
CI / Windows (2/2) (push) Has been cancelled
CI / macos (push) Has been cancelled
CI / privileged (push) Has been cancelled
CI / vm (push) Has been cancelled
CI / cross (386, linux) (push) Has been cancelled
CI / cross (amd64, darwin) (push) Has been cancelled
CI / cross (amd64, freebsd) (push) Has been cancelled
CI / cross (amd64, openbsd) (push) Has been cancelled
CI / cross (amd64, windows) (push) Has been cancelled
CI / cross (arm, 5, linux) (push) Has been cancelled
CI / cross (arm, 7, linux) (push) Has been cancelled
CI / cross (arm64, darwin) (push) Has been cancelled
CI / cross (arm64, linux) (push) Has been cancelled
CI / cross (arm64, windows) (push) Has been cancelled
CI / cross (loong64, linux) (push) Has been cancelled
CI / ios (push) Has been cancelled
CI / crossmin (amd64, illumos) (push) Has been cancelled
CI / crossmin (amd64, plan9) (push) Has been cancelled
CI / crossmin (amd64, solaris) (push) Has been cancelled
CI / crossmin (ppc64, aix) (push) Has been cancelled
CI / android (push) Has been cancelled
CI / wasm (push) Has been cancelled
CI / tailscale_go (push) Has been cancelled
CI / fuzz (push) Has been cancelled
CI / depaware (push) Has been cancelled
CI / go_generate (push) Has been cancelled
CI / make_tidy (push) Has been cancelled
CI / licenses (push) Has been cancelled
CI / staticcheck (macOS) (push) Has been cancelled
CI / staticcheck (Linux) (push) Has been cancelled
CI / staticcheck (Windows) (push) Has been cancelled
CI / staticcheck (Portable (1/4)) (push) Has been cancelled
CI / staticcheck (Portable (2/4)) (push) Has been cancelled
CI / staticcheck (Portable (3/4)) (push) Has been cancelled
CI / staticcheck (Portable (4/4)) (push) Has been cancelled
CI / notify_slack (push) Has been cancelled
CI / merge_blocker (push) Has been cancelled
CI / check_mergeability_strict (push) Has been cancelled
CI / check_mergeability (push) Has been cancelled
Dockerfile build / deploy (push) Has been cancelled
tailscale.com/cmd/vet / vet (push) Has been cancelled
update-flakehub / flakehub-publish (push) Has been cancelled
Tray client fixes for reconnect/add-server failures diagnosed from tray.log: - Treat NoState like NeedsLogin so "Connect" runs the login flow instead of a no-op EditPrefs (fixes reconnect-after-disconnect/quit doing nothing). - Run Logout async on bgCtx with a 30s timeout (was 10s on the per-rebuild ctx) so a slow Headscale logout no longer hits context-deadline-exceeded. - Add optional pre-auth key prompt in Add Server, passed via ipn.Options.AuthKey, for control servers without OIDC (no browser URL). - Drain a queued click after a modal dialog so Add Server no longer re-popups in a loop. - Drop the single-domain whitelist in validateAuthURL (it silently blocked legit OIDC redirects, so the browser never opened); require HTTPS + host. Packaging: bump MSI to 1.0.1, enable high cab compression. Add deploy-tray-1.0.1.ps1 to hot-swap just the tray binary. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
61 lines
2.8 KiB
PowerShell
61 lines
2.8 KiB
PowerShell
# deploy-tray-1.0.1.ps1 — replace installed tray with the freshly built 1.0.1 binary.
|
|
# Only the tray changed (NoState/login, logout, add-server auth-key, popup-loop, auth-URL fixes),
|
|
# so the tailscaled service is left untouched (VPN stays up).
|
|
$ErrorActionPreference = "Stop"
|
|
|
|
$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(
|
|
[Security.Principal.WindowsBuiltInRole]::Administrator)
|
|
if (-not $isAdmin) {
|
|
$log = "$env:TEMP\deploy-tray-1.0.1-log.txt"
|
|
Remove-Item $log -ErrorAction SilentlyContinue
|
|
Start-Process powershell -Verb RunAs -Wait `
|
|
-ArgumentList "-ExecutionPolicy Bypass -File `"$PSCommandPath`""
|
|
Start-Sleep -Milliseconds 600
|
|
if (Test-Path $log) { Get-Content $log } else { Write-Warning "No log / UAC denied" }
|
|
exit
|
|
}
|
|
|
|
Start-Transcript -Path "$env:TEMP\deploy-tray-1.0.1-log.txt" -Force | Out-Null
|
|
|
|
$src = "C:\Users\huanld\tailscale\dist\tailscale-tray.exe"
|
|
$dest = "C:\Program Files (x86)\Tailscale-Custom\tailscale-tray.exe"
|
|
|
|
if (-not (Test-Path $src)) { Write-Error "Khong tim thay build moi: $src"; Stop-Transcript | Out-Null; exit 1 }
|
|
|
|
# Best-effort code signing (matches existing deploy scripts; tray runs fine unsigned too).
|
|
$cert = Get-ChildItem Cert:\LocalMachine\My -ErrorAction SilentlyContinue |
|
|
Where-Object { $_.Subject -match "Tailscale-Custom" -and $_.HasPrivateKey } |
|
|
Sort-Object NotAfter -Descending | Select-Object -First 1
|
|
if ($cert) {
|
|
try {
|
|
$r = Set-AuthenticodeSignature -FilePath $src -Certificate $cert -HashAlgorithm SHA256 -ErrorAction Stop
|
|
Write-Host "[sign] $($r.Status)"
|
|
} catch { Write-Host "[sign] SKIP: $($_.Exception.Message)" }
|
|
} else { Write-Host "[sign] no cert, deploying unsigned (giong ban cu)" }
|
|
|
|
Write-Host "==> Dung tray cu..."
|
|
Stop-Process -Name tailscale-tray -Force -ErrorAction SilentlyContinue
|
|
Start-Sleep -Seconds 1
|
|
|
|
Write-Host "==> Copy binary 1.0.1 -> Program Files (x86)..."
|
|
Copy-Item $src $dest -Force
|
|
$fi = Get-Item $dest
|
|
Write-Host " $dest"
|
|
Write-Host " $([math]::Round($fi.Length/1MB,2)) MB | $($fi.LastWriteTime)"
|
|
|
|
# Launch the tray in the interactive desktop session (not the elevated session 0
|
|
# this script may run in) via a one-shot scheduled task running as the logged-in user.
|
|
Write-Host "==> Khoi dong tray moi trong session nguoi dung..."
|
|
$activeUser = (Get-CimInstance Win32_ComputerSystem).UserName # DOMAIN\user of console session
|
|
$task = "TS-Custom-Tray-Deploy-Launch"
|
|
schtasks /Create /TN $task /TR "`"$dest`"" /SC ONCE /ST 23:59 /RL LIMITED /F /IT /RU $activeUser | Out-Null
|
|
schtasks /Run /TN $task | Out-Null
|
|
Start-Sleep -Seconds 3
|
|
schtasks /Delete /TN $task /F | Out-Null
|
|
|
|
$p = Get-Process tailscale-tray -ErrorAction SilentlyContinue | Select-Object -First 1
|
|
Write-Host " Started PID=$($p.Id) Path=$($p.Path)"
|
|
|
|
Write-Host "==> HOAN THANH (1.0.1)"
|
|
Stop-Transcript | Out-Null
|