sami7777/dashcaddy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Tailscale route prefix mismatch and increase health check timeout

Browse Source 
Mount Tailscale router at /tailscale prefix so all 10 routes resolve
to /api/tailscale/* as expected by middleware, audit logger, and
frontend. Previously 5 routes (status, config, check-connection,
devices, protect-service) resolved to /api/* instead, with config
colliding with the settings route. Strip redundant /tailscale/ prefix
from OAuth routes that were compensating for the missing mount prefix.

Increase default health check timeout from 10s to 20s to reduce false
positives on slower services.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Sami
2026-03-14 18:44:01 -07:00
parent df0daaad46
commit 70b818c2bd
4 changed files with 27 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
dashcaddy-api/routes/tailscale.js
View File

@@ -177,7 +177,7 @@ module.exports = function(ctx) {
// ── Tailscale API Integration (OAuth 2.0) ──
// Save OAuth client credentials + validate by exchanging for a token
router.post('/tailscale/oauth-config', ctx.asyncHandler(async (req, res) => {
router.post('/oauth-config', ctx.asyncHandler(async (req, res) => {
const { clientId, clientSecret, tailnet } = req.body;
if (!clientId || !clientSecret || !tailnet) {
@@ -235,7 +235,7 @@ module.exports = function(ctx) {
}, 'tailscale-oauth-config'));
// Remove OAuth credentials and disable API sync
router.delete('/tailscale/oauth-config', ctx.asyncHandler(async (req, res) => {
router.delete('/oauth-config', ctx.asyncHandler(async (req, res) => {
await ctx.credentialManager.delete('tailscale.oauth.client_id');
await ctx.credentialManager.delete('tailscale.oauth.client_secret');
@@ -250,7 +250,7 @@ module.exports = function(ctx) {
}, 'tailscale-oauth-delete'));
// Get enriched device list from Tailscale API
router.get('/tailscale/api-devices', ctx.asyncHandler(async (req, res) => {
router.get('/api-devices', ctx.asyncHandler(async (req, res) => {
if (!ctx.tailscale.config.oauthConfigured) {
return ctx.errorResponse(res, 400, 'Tailscale API not configured. Set up OAuth first.');
}
@@ -264,7 +264,7 @@ module.exports = function(ctx) {
}, 'tailscale-api-devices'));
// Manually trigger an API sync
router.post('/tailscale/sync', ctx.asyncHandler(async (req, res) => {
router.post('/sync', ctx.asyncHandler(async (req, res) => {
if (!ctx.tailscale.config.oauthConfigured) {
return ctx.errorResponse(res, 400, 'Tailscale API not configured. Set up OAuth first.');
}
@@ -279,7 +279,7 @@ module.exports = function(ctx) {
}, 'tailscale-sync'));
// Fetch ACL policy (read-only)
router.get('/tailscale/acl', ctx.asyncHandler(async (req, res) => {
router.get('/acl', ctx.asyncHandler(async (req, res) => {
const token = await ctx.tailscale.getAccessToken();
const tailnet = ctx.tailscale.config.tailnet;
if (!token || !tailnet) {