File tree Expand file tree Collapse file tree 1 file changed +23
-0
lines changed
Expand file tree Collapse file tree 1 file changed +23
-0
lines changed Original file line number Diff line number Diff line change @@ -64,6 +64,29 @@ new policy code passes all of our tests.
6464 ` @ ` should be appended at the end. For example, if your user is ` john ` , it
6565 must be written as ` john@ ` in the policy.
6666
67+ <details >
68+
69+ <summary >Migration notes when the policy is stored in the database.</summary >
70+
71+ This section ** only** applies if the policy is stored in the database.
72+
73+ Headscale won't start with an invalid policy and this also means that the policy
74+ can't be updated with the CLI. One may migrate a policy stored in the database
75+ following these steps:
76+
77+ * Dump the policy to a file while still running Headscale 0.25:
78+ ` headscale policy get > policy.json `
79+ * Create a dummy policy (here: allow all):
80+ ` echo '{"acls":[{"action":"accept","src":["*"],"dst":["*:*"]}]}' > dummy.json `
81+ * Load the dummy policy into Headscale 0.25:
82+ ` headscale policy set --file dummy.json `
83+ * Edit ` policy.json ` and migrate to policy V2
84+ * Update to Headscale 0.26
85+ * Load the modified policy V2:
86+ ` headscale policy set --file policy.json `
87+
88+ </details >
89+
6790** SSH**
6891
6992The SSH policy has been reworked to be more consistent with the rest of the
You can’t perform that action at this time.
0 commit comments