This patch adds a notification for updates for macos clients when they
are on an old version.
This is how it looks:
<img width="497" alt="image"
src="https://github.com/user-attachments/assets/829044fd-e8bc-4b47-b64d-67b8ef72adb0">
The orange dot is shown regardless of the notification being dismissed.
If the notification is dismissed by the "Dismiss this version" button,
until there's no new version there won't be notifications.
Updates are check at the start of firezone and every 6 hours after. This
is saved in `UserDefaults`.
Permissions for notifications needs to be allowed so that it's show,
this should be done by the `requestAuthorization`
Also, when an update is available a new `Update available...` option
appears in the menu
<img width="230" alt="image"
src="https://github.com/user-attachments/assets/16d7fea8-3cf5-4711-9d42-5c49faffe6c8">
This option, same as the notification takes you to the appstore.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
The `expect` attribute is similar to `allow` in that it will silence a
particular lint. In addition to `allow` however, `expect` will fail as
soon as the lint is no longer emitted. This ensures we don't end up with
stale `allow` attributes in our codebase. Additionally, it provides a
way of adding a `reason` to document, why the lint is being suppressed.
Instead of forcing NIx users of the respository (me) to install RA
globally, we can install the equivalent version of whatever Rust version
we depend on.
Bumps androidx.test:runner from 1.6.1 to 1.6.2.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[@fontsource/source-sans-3](https://github.com/fontsource/font-files/tree/HEAD/fonts/google/source-sans-3)
from 5.0.20 to 5.1.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/fontsource/font-files/commits/HEAD/fonts/google/source-sans-3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the com-android group in /kotlin/android with 1 update:
com.android.application.
Updates `com.android.application` from 8.5.1 to 8.6.0
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [flowbite](https://github.com/themesberg/flowbite) from 2.4.1 to
2.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite/releases">flowbite's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.1</h2>
<ul>
<li>fix plugin import error from the config file</li>
</ul>
<h2>v2.5.0</h2>
<ul>
<li>added new DataTable plugin and examples</li>
<li>minor bug fixes and improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="362ad079dc"><code>362ad07</code></a>
chore(version): update to <code>v2.5.1</code></li>
<li><a
href="b30fd48555"><code>b30fd48</code></a>
fix(plugin): remove import</li>
<li><a
href="878ced1b62"><code>878ced1</code></a>
docs(datatables): add to readme</li>
<li><a
href="09105b8429"><code>09105b8</code></a>
chore(version): bump to <code>2.5.0</code></li>
<li><a
href="70411d572a"><code>70411d5</code></a>
docs(datatables): add docs for js init, options, and methods</li>
<li><a
href="fc26a5e4c9"><code>fc26a5e</code></a>
feat(datatables): finish coding the dropdowns for exporting</li>
<li><a
href="bab0a3317f"><code>bab0a33</code></a>
feat(datatables): inject export dropdown button inside table header</li>
<li><a
href="f842793de9"><code>f842793</code></a>
feat(datatables): add basic export files feature</li>
<li><a
href="e56f601069"><code>e56f601</code></a>
docs(datatables): finish row selection example and docs</li>
<li><a
href="ba771d4738"><code>ba771d4</code></a>
feat(datatables): add row selection example</li>
<li>Additional commits viewable in <a
href="https://github.com/themesberg/flowbite/compare/v2.4.1...v2.5.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Refs #6547, this fixes a similar error message but it's not the same
exact issue.
When IPv6 is disabled on a system, our call to set the MTU was failing
with error code 0x80070490. This patch allows some of the MTU-related
syscalls to fail with a warning log.
To replicate the issue, run this command to set a registry value to
disable IPv6, then reboot the system:
`reg add
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters"
/v DisabledComponents /t REG_DWORD /d 255 /f`
```[tasklist]
- [x] Update changelog
- [x] Apply PR feedback
```
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
On Windows, the network notifier always notifies once at startup. We
make the DNS notifier and Linux match this behavior, and we assert it in
the unit test.
Part of a yak shave towards removing Tauri.
In #6592, we started tracking our connected gateways to correctly model,
which packets get dropped as part of establishing new connections. We
forgot to clear this when connections are being reset, causing some test
failures.
The CAA can't be set for a domain that has a CNAME record, see
https://letsencrypt.org/docs/caa/
> Note also that CAA checking follows CNAME redirects, just like all
other DNS requests. If
“[community.example.org](http://community.example.org/)” is a CNAME to
“[example.forum.com](http://example.forum.com/)”, the CA will respect
any CAA records that are set on
“[example.forum.com](http://example.forum.com/)”. It is not allowed for
a domain name with a CNAME record to have any other records, so there
cannot be conflicts between CAA records on the original name and CAA
records on the target of the redirect.
This PR adds support for ECS metadata API
(https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint-v4.html)
in order to discover hostname.
It also adds jq in the runtime image
Unlike EC2 or GCP VM, ECS tasks do not have a DNS record, we can only
use their IP as RELEASE_HOSTNAME. So I use their IPv4, IPv6 only
networks are therefore not supported.
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from
3.4.7 to 3.4.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/releases">tailwindcss's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.10</h2>
<h3>Fixed</h3>
<ul>
<li>Bump versions of plugins in the Standalone CLI (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14185">#14185</a>)</li>
</ul>
<h2>v3.4.9</h2>
<h3>Fixed</h3>
<ul>
<li>No longer warns when broad glob patterns are detecting
<code>vendor</code> folders</li>
</ul>
<h2>v3.4.8</h2>
<h3>Fixed</h3>
<ul>
<li>Fix minification when using nested CSS (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14105">#14105</a>)</li>
<li>Warn when broad glob patterns are used in the content configuration
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14140">#14140</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tailwindlabs/tailwindcss/blob/v3.4.10/CHANGELOG.md">tailwindcss's
changelog</a>.</em></p>
<blockquote>
<h2>[3.4.10] - 2024-08-13</h2>
<h3>Fixed</h3>
<ul>
<li>Bump versions of plugins in the Standalone CLI (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14185">#14185</a>)</li>
</ul>
<h2>[3.4.9] - 2024-08-08</h2>
<h3>Fixed</h3>
<ul>
<li>No longer warns when broad glob patterns are detecting
<code>vendor</code> folders</li>
</ul>
<h2>[3.4.8] - 2024-08-07</h2>
<h3>Fixed</h3>
<ul>
<li>Fix minification when using nested CSS (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14105">#14105</a>)</li>
<li>Warn when broad glob patterns are used in the content configuration
(<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/pull/14140">#14140</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f07dbff2a7"><code>f07dbff</code></a>
3.4.10</li>
<li><a
href="c4f23621e1"><code>c4f2362</code></a>
Bump versions of plugins in the Standalone CLI (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/issues/14185">#14185</a>)</li>
<li><a
href="f65023efb9"><code>f65023e</code></a>
3.4.9</li>
<li><a
href="702ba6aaee"><code>702ba6a</code></a>
Don't warn about broad globs in vendor folders (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/issues/14147">#14147</a>)</li>
<li><a
href="1676118af9"><code>1676118</code></a>
3.4.8</li>
<li><a
href="69c81f2583"><code>69c81f2</code></a>
rename <code>master</code> to <code>main</code></li>
<li><a
href="858696a8bc"><code>858696a</code></a>
Warn when broad glob patterns are used in the content configuration (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/issues/14140">#14140</a>)</li>
<li><a
href="1f23c2e842"><code>1f23c2e</code></a>
Bump to latest cssnano v6 (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/issues/14105">#14105</a>)</li>
<li><a
href="28bd90eefb"><code>28bd90e</code></a>
Automate checksum generation for standalone CLI (<a
href="https://redirect.github.com/tailwindlabs/tailwindcss/issues/14081">#14081</a>)</li>
<li>See full diff in <a
href="https://github.com/tailwindlabs/tailwindcss/compare/v3.4.7...v3.4.10">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [flowbite](https://github.com/themesberg/flowbite) from 2.4.1 to
2.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/themesberg/flowbite/releases">flowbite's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.1</h2>
<ul>
<li>fix plugin import error from the config file</li>
</ul>
<h2>v2.5.0</h2>
<ul>
<li>added new DataTable plugin and examples</li>
<li>minor bug fixes and improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="362ad079dc"><code>362ad07</code></a>
chore(version): update to <code>v2.5.1</code></li>
<li><a
href="b30fd48555"><code>b30fd48</code></a>
fix(plugin): remove import</li>
<li><a
href="878ced1b62"><code>878ced1</code></a>
docs(datatables): add to readme</li>
<li><a
href="09105b8429"><code>09105b8</code></a>
chore(version): bump to <code>2.5.0</code></li>
<li><a
href="70411d572a"><code>70411d5</code></a>
docs(datatables): add docs for js init, options, and methods</li>
<li><a
href="fc26a5e4c9"><code>fc26a5e</code></a>
feat(datatables): finish coding the dropdowns for exporting</li>
<li><a
href="bab0a3317f"><code>bab0a33</code></a>
feat(datatables): inject export dropdown button inside table header</li>
<li><a
href="f842793de9"><code>f842793</code></a>
feat(datatables): add basic export files feature</li>
<li><a
href="e56f601069"><code>e56f601</code></a>
docs(datatables): finish row selection example and docs</li>
<li><a
href="ba771d4738"><code>ba771d4</code></a>
feat(datatables): add row selection example</li>
<li>Additional commits viewable in <a
href="https://github.com/themesberg/flowbite/compare/v2.4.1...v2.5.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The actual size of the send and receive buffers is OS-dependent. To aid
debugging with customer-submitted logs, we now print the size of the
send and receive buffers of each UDP socket.
As the final step in removing `pnet_packet`, we need to introduce `-Mut`
equivalent slices for UDP, TCP and ICMP packets. As a starting point,
introducing `UpdHeaderSliceMut` and `TcpHeaderSliceMut` is fairly
trivial. The ICMP variants are a bit trickier because those are
different for IPv4 and IPv6. Additionally, ICMP for IPv4 is quite
complex because it can have a variable header length. Additionally. for
both variants, the values in byte range 5-8 are semantically different
depending on the ICMP code.
This requires us to design an API that balances ergonomics and
correctness. Technically, an ICMP identifier and sequence can only be
set if the ICMP code is "echo request" or "echo reply". However, adding
an additional parsing step to guarantee this in the type system is quite
verbose.
The trade-off implemented in this PR allows to us to directly write to
the byte 5-8 using the `set_identifier` and `set_sequence` functions. To
catch errors early, this functions have debug-assertions built in that
ensure that the packet is indeed an ICMP echo packet.
Resolves: #6366.
Currently, we have two structs for representing IP packets: `IpPacket`
and `MutableIpPacket`. As the name suggests, they mostly differ in
mutability. This design was originally inspired by the `pnet_packet`
crate which we based our `IpPacket` on. With subsequent iterations, we
added more and more functionality onto our `IpPacket`, like NAT64 &
NAT46 translation. As a result of that, the `MutableIpPacket` is no
longer directly based on `pnet_packet` but instead just keeps an
internal buffer.
This duplication can be resolved by merging the two structs into a
single `IpPacket`. We do this by first replacing all usages of
`IpPacket` with `MutableIpPacket`, deleting `IpPacket` and renaming
`MutableIpPacket` to `IpPacket`. The final design now has different
`self`-receivers: Some functions take `&self`, some `&mut self` and some
consume the packet using `self`.
This results in a more ergonomic usage of `IpPacket` across the codebase
and deletes a fair bit of code. It also takes us one step closer towards
using `etherparse` for all our IP packet interaction-needs. Lastly, I am
currently exploring a performance-optimisation idea that stack-allocates
all IP packets and for that, the current split between `IpPacket` and
`MutableIpPacket` does not really work.
Related: #6366.
Why:
* `trust.firezone.dev` is actually being hosted by `trust.oneleet.com`
which means Oneleet needs to issue the cert for `trust.firezone.dev` and
can't use the Google CA used for the rest of `firezone.dev`.
Closes#6661
The lifetime of the returned packet is actually already `'static`,
meaning we don't need to call `to_owned`.
Related: #6366.
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: firezone <firezone@firezones-MacBook-Air.local>
Self-hosted users often forget to deploy relays. Without relays,
`snownet` cannot establish any connections because we never figure out
our server-reflexive address and local host address. Even if relays are
configured, if STUN / TURN is blocked, we may end up with no relays.
In that case, any newly created connection will very likely fail unless
new TURN servers are added within the 10s timeout that we have when
waiting for candidates. To make it easier to detect these situations, we
log a warning if we see that a new connection is being created without
any active relays.
One may argue that we should just disallow the connection altogether,
i.e. return a `Result`. Yet, this situation happens so rarely that
having to handle this `Result` further up the stack is quite the
ergonomic hit.
