mirror of
https://github.com/juanfont/headscale.git
synced 2026-01-11 20:00:28 +01:00
[Bug] ERR noise upgrade failed error #932
Closed
opened 2025-12-29 02:26:19 +01:00 by adam
·
17 comments
No Branch/Tag Specified
main
update_flake_lock_action
gh-pages
kradalby/release-v0.27.2
dependabot/go_modules/golang.org/x/crypto-0.45.0
dependabot/go_modules/github.com/opencontainers/runc-1.3.3
copilot/investigate-headscale-issue-2788
copilot/investigate-visibility-issue-2788
copilot/investigate-issue-2833
copilot/debug-issue-2846
copilot/fix-issue-2847
dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0
dependabot/go_modules/github.com/docker/docker-28.3.3incompatible
kradalby/cli-experiement3
doc/0.26.1
doc/0.25.1
doc/0.25.0
doc/0.24.3
doc/0.24.2
doc/0.24.1
doc/0.24.0
kradalby/build-docker-on-pr
topic/docu-versioning
topic/docker-kos
juanfont/fix-crash-node-id
juanfont/better-disclaimer
update-contributors
topic/prettier
revert-1893-add-test-stage-to-docs
add-test-stage-to-docs
remove-node-check-interval
fix-empty-prefix
fix-ephemeral-reusable
bug_report-debuginfo
autogroups
logs-to-stderr
revert-1414-topic/fix_unix_socket
rename-machine-node
port-embedded-derp-tests-v2
port-derp-tests
duplicate-word-linter
update-tailscale-1.36
warn-against-apache
ko-fi-link
more-acl-tests
fix-typo-standalone
parallel-nolint
tparallel-fix
rerouting
ssh-changelog-docs
oidc-cleanup
web-auth-flow-tests
kradalby-gh-runner
fix-proto-lint
remove-funding-links
go-1.19
enable-1.30-in-tests
0.16.x
cosmetic-changes-integration
tmp-fix-integration-docker
fix-integration-docker
configurable-update-interval
show-nodes-online
hs2021
acl-syntax-fixes
ts2021-implementation
fix-spurious-updates
unstable-integration-tests
mandatory-stun
embedded-derp
prtemplate-fix
v0.28.0-beta.1
v0.27.2-rc.1
v0.27.1
v0.27.0
v0.27.0-beta.2
v0.27.0-beta.1
v0.26.1
v0.26.0
v0.26.0-beta.2
v0.26.0-beta.1
v0.25.1
v0.25.0
v0.25.0-beta.2
v0.24.3
v0.25.0-beta.1
v0.24.2
v0.24.1
v0.24.0
v0.24.0-beta.2
v0.24.0-beta.1
v0.23.0
v0.23.0-rc.1
v0.23.0-beta.5
v0.23.0-beta.4
v0.23.0-beta3
v0.23.0-beta2
v0.23.0-beta1
v0.23.0-alpha12
v0.23.0-alpha11
v0.23.0-alpha10
v0.23.0-alpha9
v0.23.0-alpha8
v0.23.0-alpha7
v0.23.0-alpha6
v0.23.0-alpha5
v0.23.0-alpha4
v0.23.0-alpha4-docker-ko-test9
v0.23.0-alpha4-docker-ko-test8
v0.23.0-alpha4-docker-ko-test7
v0.23.0-alpha4-docker-ko-test6
v0.23.0-alpha4-docker-ko-test5
v0.23.0-alpha-docker-release-test-debug2
v0.23.0-alpha-docker-release-test-debug
v0.23.0-alpha4-docker-ko-test4
v0.23.0-alpha4-docker-ko-test3
v0.23.0-alpha4-docker-ko-test2
v0.23.0-alpha4-docker-ko-test
v0.23.0-alpha3
v0.23.0-alpha2
v0.23.0-alpha1
v0.22.3
v0.22.2
v0.23.0-alpha-docker-release-test
v0.22.1
v0.22.0
v0.22.0-alpha3
v0.22.0-alpha2
v0.22.0-alpha1
v0.22.0-nfpmtest
v0.21.0
v0.20.0
v0.19.0
v0.19.0-beta2
v0.19.0-beta1
v0.18.0
v0.18.0-beta4
v0.18.0-beta3
v0.18.0-beta2
v0.18.0-beta1
v0.17.1
v0.17.0
v0.17.0-beta5
v0.17.0-beta4
v0.17.0-beta3
v0.17.0-beta2
v0.17.0-beta1
v0.17.0-alpha4
v0.17.0-alpha3
v0.17.0-alpha2
v0.17.0-alpha1
v0.16.4
v0.16.3
v0.16.2
v0.16.1
v0.16.0
v0.16.0-beta7
v0.16.0-beta6
v0.16.0-beta5
v0.16.0-beta4
v0.16.0-beta3
v0.16.0-beta2
v0.16.0-beta1
v0.15.0
v0.15.0-beta6
v0.15.0-beta5
v0.15.0-beta4
v0.15.0-beta3
v0.15.0-beta2
v0.15.0-beta1
v0.14.0
v0.14.0-beta2
v0.14.0-beta1
v0.13.0
v0.13.0-beta3
v0.13.0-beta2
v0.13.0-beta1
upstream/v0.12.4
v0.12.4
v0.12.3
v0.12.2
v0.12.2-beta1
v0.12.1
v0.12.0-beta2
v0.12.0-beta1
v0.11.0
v0.10.8
v0.10.7
v0.10.6
v0.10.5
v0.10.4
v0.10.3
v0.10.2
v0.10.1
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.1
v0.7.0
v0.6.1
v0.6.0
v0.5.2
v0.5.1
v0.5.0
v0.4.0
v0.3.6
v0.3.5
v0.3.4
v0.3.3
v0.3.2
v0.3.1
v0.3.0
v0.2.2
v0.2.1
v0.2.0
v0.1.1
v0.1.0
Labels
Clear labels
CLI
DERP
DNS
Nix
OIDC
SSH
bug
database
documentation
duplicate
enhancement
faq
good first issue
grants
help wanted
might-come
needs design doc
needs investigation
no-stale-bot
out of scope
performance
policy 📝
pull-request
question
regression
routes
stale
tags
tailscale-feature-gap
well described ❤️
wontfix
Mirrored from GitHub Pull Request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: starred/headscale#932
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @SysAdminSmith on GitHub (Jan 31, 2025).
Is this a support request?
Is there an existing issue for this?
Current Behavior
When attempting to use custom certificates (backed by a trusted CA; purchased through Comodo) I get the following:
Expected Behavior
I expect the cert to work. openssl verifies it to include leaf, intermediate, and root certs. The key matches the pem. Cert and key are chown'd headscale:headscale with 644 600, respectively
Steps To Reproduce
Modify config to use custom certificates
Start headscale
Environment
Runtime environment
Anything else?
The Headscale server is hosted in Azure
@Cobertos commented on GitHub (Feb 1, 2025):
Is this just an error that shows up with any new headscale server? I'm seeing this in journalctl on my old headscale server (Oct 4 2024) and then just earlier today in journalctl when I started up a new headscale instance on a separate machine.
EDIT: To clarify, it showed up for an hour or so in the logs after first startup and then never showed up again. (As the subsequent comment describes)
EDIT: For addtional context, my machines are self-hosted at home. The old one was Debian and the new one is Raspbian. No containers, no reverse proxy (punched a hole right through the router to the machine with headscale). The nodes do work as intended now
@SysAdminSmith commented on GitHub (Feb 1, 2025):
I have no idea. It literally stopped showing up a few hours ago for me. Makes me itchy not knowing the cause/solution
@ycsh-w commented on GitHub (Feb 1, 2025):
I am not sure if this is related to custom certificate or not. I am upgrading from 0.23 and just modified my config file and restarted, and I am seeing this now.
@nblock commented on GitHub (Feb 1, 2025):
When exactly does this happen? (e.g. when a new node connects for the first time, or when an existing node connects, or just random connections from the Internet)?
Do your tailscale clients work as expected?
Is there some "proxy/security" thing in Azure configured, maybe something that messes with Websocket POST?
Probably related: https://github.com/juanfont/headscale/issues/1295
@SysAdminSmith commented on GitHub (Feb 1, 2025):
I have been unable to correlate it to any specific event. The nodes seem to work as intended but I haven't had time to implement any ACLs (which were not functioning at all and ultimately led to a reinstall of the server and all nodes back during 0.24.0 and 0.24.1)
@nblock commented on GitHub (Feb 1, 2025):
That makes it hard to narrow it down or reproduce. I checked several instances and have not seen this once. Can you test your setup without Azure? Like on some cheap VPS (hint: not cloudflare)?
This is probably unrelated to ACLs as the error message indicates problems during connection establishment.
How often does this error occur? Just once in a while or repeatedly?
@mawanasad commented on GitHub (Feb 17, 2025):
Did you delete a machine from the node list and joined it again? I think there are some old key exchanges happening at headscale end that are not valid anymore once you deleted the old node.
@Darcsis commented on GitHub (Feb 23, 2025):
This same issue is occuring for my new install of headscale running behind a traefik RP. I am running the headscale server in a docker container on an debian 12 Vps.
At start up the error messages come every few seconds.
@kradalby commented on GitHub (Feb 23, 2025):
@Darcsis can you try without traefik? I would not be surprised if it is the proxies fault.
@Darcsis commented on GitHub (Feb 27, 2025):
@kradalby ok so after some reading on the discord and github, someone pointed to the drop version >1.62 as the reason for the error. is this something that i need to configure on the headscale server?
-sort a noob
@kradalby commented on GitHub (Feb 27, 2025):
Do you have versions older than 1.62?
@Darcsis commented on GitHub (Feb 27, 2025):
on my tailscale clients, no the only one i have connected to the server currently is running 1.70.0
@kradalby commented on GitHub (Feb 27, 2025):
then I would expect it to be unrelated, this is probably something to discuss in discord rather than github.
@jonny190 commented on GitHub (Mar 12, 2025):
@kradalby i'm having the same issue with the logs getting spammed every second and i am running an earlier version on PFSense
and a tailscale update returns "already running stable version 1.54.0"
@jonny190 commented on GitHub (Mar 12, 2025):
ended up up dating via https://forum.netgate.com/topic/174525/how-to-update-to-the-latest-tailscale-version/116
@github-actions[bot] commented on GitHub (Jun 11, 2025):
This issue is stale because it has been open for 90 days with no activity.
@github-actions[bot] commented on GitHub (Jun 18, 2025):
This issue was closed because it has been inactive for 14 days since being marked as stale.