starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-03-21 17:09:30 +01:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

Explicitly mention that a headscale username should *not* end with @

Browse Source 
See: #3149
This commit is contained in:
Florian Preinstorfer
2026-03-20 19:34:12 +01:00
committed by nblock
parent 568baf3d02
commit efd83da14e
3 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/ref/oidc.md
View File

@@ -191,8 +191,10 @@ You may refer to users in the Headscale policy via:
!!! note "A user identifier in the policy must contain a single `@`" !!! note "A user identifier in the policy must contain a single `@`"
The Headscale policy requires a single `@` to reference a user. If the username or provider identifier doesn't The Headscale policy requires a single `@` to reference a user. If the username or provider identifier doesn't
already contain a single `@`, it needs to be appended at the end. For example: the username `ssmith` has to be already contain a single `@`, it needs to be appended at the end. For example: the Headscale username `ssmith` has
written as `ssmith@` to be correctly identified as user within the policy. to be written as `ssmith@` to be correctly identified as user within the policy.
Ensure that the Headscale username itself does not end with `@`.
!!! warning "Email address or username might be updated by users" !!! warning "Email address or username might be updated by users"

7
docs/ref/registration.md
View File

@@ -33,7 +33,8 @@ node can be approved with:
- [Headscale API](api.md) - [Headscale API](api.md)
- Or delegated to an identity provider via [OpenID Connect](oidc.md) - Or delegated to an identity provider via [OpenID Connect](oidc.md)
Web authentication relies on the presence of a Headscale user. Use the `headscale users` command to create a new user: Web authentication relies on the presence of a Headscale user. Use the `headscale users` command to create a new
user[^1]:
```console ```console
headscale users create <USER> headscale users create <USER>
@@ -98,7 +99,7 @@ Its best suited for automation.
=== "Personal devices" === "Personal devices"
A personal node is always assigned to a Headscale user. Use the `headscale users` command to create a new user: A personal node is always assigned to a Headscale user. Use the `headscale users` command to create a new user[^1]:
```console ```console
headscale users create <USER> headscale users create <USER>
@@ -139,3 +140,5 @@ Its best suited for automation.
The registration of a tagged node is complete and it should be listed as "online" in the output of The registration of a tagged node is complete and it should be listed as "online" in the output of
`headscale nodes list`. The "User" column displays `tagged-devices` as the owner of the node. See the "Tags" column for the list of `headscale nodes list`. The "User" column displays `tagged-devices` as the owner of the node. See the "Tags" column for the list of
assigned tags. assigned tags.
[^1]: [Ensure that the Headscale username does not end with `@`.](oidc.md#reference-a-user-in-the-policy)

4
docs/usage/getting-started.md
View File

@@ -61,7 +61,7 @@ options, run:
## Manage headscale users ## Manage headscale users
In headscale, a node (also known as machine or device) is [typically assigned to a headscale In headscale, a node (also known as machine or device) is [typically assigned to a headscale
user](../ref/registration.md#identity-model). Such a headscale user may have many nodes assigned to them and can be user](../ref/registration.md#identity-model). Such a headscale user[^1] may have many nodes assigned to them and can be
managed with the `headscale users` command. Invoke the built-in help for more information: `headscale users --help`. managed with the `headscale users` command. Invoke the built-in help for more information: `headscale users --help`.
### Create a headscale user ### Create a headscale user
@@ -149,3 +149,5 @@ The command returns the preauthkey on success which is used to connect a node to
```shell ```shell
tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY> tailscale up --login-server <YOUR_HEADSCALE_URL> --authkey <YOUR_AUTH_KEY>
``` ```
[^1]: [Ensure that the Headscale username does not end with `@`.](../ref/oidc.md#reference-a-user-in-the-policy)