3 роки тому · 2263d9c44b
--- a/cmd/tsconnect/src/app/app.tsx
+++ b/cmd/tsconnect/src/app/app.tsx
@@ -43,8 +43,26 @@ class App extends Component<{}, AppState> {
 
				       )
			
 
				     }
			
 
				 
			
 
				+    const lockedOut = netMap?.lockedOut
			
 
				+    let lockedOutInstructions
			
 
				+    if (lockedOut) {
			
 
				+      lockedOutInstructions = (
			
 
				+        <div class="container mx-auto px-4 text-center space-y-4">
			
 
				+          <p>This instance of Tailscale Connect needs to be signed, due to
			
 
				+            {" "}<a href="https://tailscale.com/kb/1226/tailnet-lock/" class="link">tailnet lock</a>{" "}
			
 
				+            being enabled on this domain.
			
 
				+          </p>
			
 
				+
			
 
				+          <p>
			
 
				+            Run the following command on a device with a trusted tailnet lock key:
			
 
				+            <pre>tailscale lock sign {netMap.self.nodeKey}</pre>
			
 
				+          </p>
			
 
				+        </div>
			
 
				+      )
			
 
				+    }
			
 
				+
			
 
				     let ssh
			
 
				-    if (ipn && ipnState === "Running" && netMap) {
			
 
				+    if (ipn && ipnState === "Running" && netMap && !lockedOut) {
			
 
				       ssh = <SSH netMap={netMap} ipn={ipn} />
			
 
				     }
			
 
				 
			
@@ -55,6 +73,7 @@ class App extends Component<{}, AppState> {
 
				         <div class="flex-grow flex flex-col justify-center overflow-hidden">
			
 
				           {urlDisplay}
			
 
				           {machineAuthInstructions}
			
 
				+          {lockedOutInstructions}
			
 
				           {ssh}
			
 
				         </div>
			
 
				       </>
			
--- a/cmd/tsconnect/src/app/ssh.tsx
+++ b/cmd/tsconnect/src/app/ssh.tsx
@@ -60,11 +60,11 @@ function SSHSession({
 
				 function NoSSHPeers() {
			
 
				   return (
			
 
				     <div class="container mx-auto px-4 text-center">
			
 
				-      None of your machines have
			
 
				+      None of your machines have{" "}
			
 
				       <a href="https://tailscale.com/kb/1193/tailscale-ssh/" class="link">
			
 
				         Tailscale SSH
			
 
				       </a>
			
 
				-      enabled. Give it a try!
			
 
				+      {" "}enabled. Give it a try!
			
 
				     </div>
			
 
				   )
			
 
				 }
			
--- a/cmd/tsconnect/src/types/wasm_js.d.ts
+++ b/cmd/tsconnect/src/types/wasm_js.d.ts
@@ -63,6 +63,7 @@ declare global {
 
				   type IPNNetMap = {
			
 
				     self: IPNNetMapSelfNode
			
 
				     peers: IPNNetMapPeerNode[]
			
 
				+    lockedOut: boolean
			
 
				   }
			
 
				 
			
 
				   type IPNNetMapNode = {
			
--- a/cmd/tsconnect/wasm/wasm_js.go
+++ b/cmd/tsconnect/wasm/wasm_js.go
@@ -272,6 +272,7 @@ func (i *jsIPN) run(jsCallbacks js.Value) {
 
				 						TailscaleSSHEnabled: p.Hostinfo.TailscaleSSHEnabled(),
			
 
				 					}
			
 
				 				}),
			
 
				+				LockedOut: nm.TKAEnabled && len(nm.SelfNode.KeySignature) == 0,
			
 
				 			}
			
 
				 			if jsonNetMap, err := json.Marshal(jsNetMap); err == nil {
			
 
				 				jsCallbacks.Call("notifyNetMap", string(jsonNetMap))
			
@@ -521,8 +522,9 @@ func (w termWriter) Write(p []byte) (n int, err error) {
 
				 }
			
 
				 
			
 
				 type jsNetMap struct {
			
 
				-	Self  jsNetMapSelfNode   `json:"self"`
			
 
				-	Peers []jsNetMapPeerNode `json:"peers"`
			
 
				+	Self      jsNetMapSelfNode   `json:"self"`
			
 
				+	Peers     []jsNetMapPeerNode `json:"peers"`
			
 
				+	LockedOut bool               `json:"lockedOut"`
			
 
				 }
			
 
				 
			
 
				 type jsNetMapNode struct {
			
--- a/flake.nix
+++ b/flake.nix
@@ -108,6 +108,7 @@
 
				           graphviz
			
 
				           perl
			
 
				           go_1_20
			
 
				+          yarn
			
 
				         ];
			
 
				       };
			
 
				     };