diff --git a/.github/label-response/needs-more-info.md b/.github/label-response/needs-more-info.md new file mode 100644 index 00000000..e897d6ac --- /dev/null +++ b/.github/label-response/needs-more-info.md @@ -0,0 +1,80 @@ +Thank you for taking the time to report this issue. + +To help us investigate and resolve this, we need more information. Please provide the following: + +> [!TIP] +> Most issues turn out to be configuration errors rather than bugs. We encourage you to discuss your problem in our [Discord community](https://discord.gg/c84AZQhmpx) **before** opening an issue. The community can often help identify misconfigurations quickly, saving everyone time. + +## Required Information + +### Environment Details + +- **Headscale version**: (run `headscale version`) +- **Tailscale client version**: (run `tailscale version`) +- **Operating System**: (e.g., Ubuntu 24.04, macOS 14, Windows 11) +- **Deployment method**: (binary, Docker, Kubernetes, etc.) +- **Reverse proxy**: (if applicable: nginx, Traefik, Caddy, etc. - include configuration) + +### Debug Information + +Please follow our [Debugging and Troubleshooting Guide](https://headscale.net/stable/ref/debug/) and provide: + +1. **Client netmap dump** (from affected Tailscale client): + + ```bash + tailscale debug netmap > netmap.json + ``` + +2. **Client status dump** (from affected Tailscale client): + + ```bash + tailscale status --json > status.json + ``` + +3. **Tailscale client logs** (if experiencing client issues): + + ```bash + tailscale debug daemon-logs + ``` + + > [!IMPORTANT] + > We need logs from **multiple nodes** to understand the full picture: + > + > - The node(s) initiating connections + > - The node(s) being connected to + > + > Without logs from both sides, we cannot diagnose connectivity issues. + +4. **Headscale server logs** with `log.level: trace` enabled + +5. **Headscale configuration** (with sensitive values redacted - see rules below) + +6. **ACL/Policy configuration** (if using ACLs) + +7. **Proxy/Docker configuration** (if applicable - nginx.conf, docker-compose.yml, Traefik config, etc.) + +## Formatting Requirements + +- **Attach long files** - Do not paste large logs or configurations inline. Use GitHub file attachments or GitHub Gists. +- **Use proper Markdown** - Format code blocks, logs, and configurations with appropriate syntax highlighting. +- **Structure your response** - Use the headings above to organize your information clearly. + +## Redaction Rules + +> [!CAUTION] +> **Replace, do not remove.** Removing information makes debugging impossible. + +When redacting sensitive information: + +- ✅ **Replace consistently** - If you change `alice@company.com` to `user1@example.com`, use `user1@example.com` everywhere (logs, config, policy, etc.) +- ✅ **Use meaningful placeholders** - `user1@example.com`, `bob@example.com`, `my-secret-key` are acceptable +- ❌ **Never remove information** - Gaps in data prevent us from correlating events across logs +- ❌ **Never redact IP addresses** - We need the actual IPs to trace network paths and identify issues + +**If redaction rules are not followed, we will be unable to debug the issue and will have to close it.** + +--- + +**Note:** This issue will be automatically closed in 3 days if no additional information is provided. Once you reply with the requested information, the `needs-more-info` label will be removed automatically. + +If you need help gathering this information, please visit our [Discord community](https://discord.gg/c84AZQhmpx). diff --git a/.github/workflows/needs-more-info-comment.yml b/.github/workflows/needs-more-info-comment.yml new file mode 100644 index 00000000..306e49ef --- /dev/null +++ b/.github/workflows/needs-more-info-comment.yml @@ -0,0 +1,28 @@ +name: Needs More Info - Post Comment + +on: + issues: + types: [labeled] + +jobs: + post-comment: + if: >- + github.event.label.name == 'needs-more-info' && + github.repository == 'juanfont/headscale' + runs-on: ubuntu-latest + permissions: + issues: write + contents: read + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + sparse-checkout: .github/label-response/needs-more-info.md + sparse-checkout-cone-mode: false + + - name: Post instruction comment + run: gh issue comment "$NUMBER" --body-file .github/label-response/needs-more-info.md + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_REPO: ${{ github.repository }} + NUMBER: ${{ github.event.issue.number }} diff --git a/.github/workflows/needs-more-info-timer.yml b/.github/workflows/needs-more-info-timer.yml new file mode 100644 index 00000000..db6013d3 --- /dev/null +++ b/.github/workflows/needs-more-info-timer.yml @@ -0,0 +1,33 @@ +name: Needs More Info - Timer + +on: + schedule: + - cron: "0 0 * * *" # Daily at midnight UTC + issue_comment: + types: [created] + issues: + types: [labeled] + workflow_dispatch: + +jobs: + manage-needs-more-info: + if: >- + github.repository == 'juanfont/headscale' && + (github.event_name != 'issue_comment' || github.event.comment.user.type != 'Bot') + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - name: Manage needs-more-info issues + uses: tiangolo/issue-manager@2fb3484ec9279485df8659e8ec73de262431737d # v0.6.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + config: > + { + "needs-more-info": { + "delay": "P3D", + "message": "This issue has been automatically closed because no additional information was provided within 3 days.\n\nIf you now have the requested information, please feel free to reopen this issue and provide the details. We're happy to help once we have enough context to investigate.\n\nThank you for your understanding.", + "remove_label_on_comment": true, + "remove_label_on_close": true + } + } diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 0915ec2c..12afde93 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -23,5 +23,5 @@ jobs: since being marked as stale." days-before-pr-stale: -1 days-before-pr-close: -1 - exempt-issue-labels: "no-stale-bot" + exempt-issue-labels: "no-stale-bot,needs-more-info" repo-token: ${{ secrets.GITHUB_TOKEN }}