linting/formatting

app.go

@@ -87,9 +87,9 @@ type Config struct {
 	TLSLetsEncryptCacheDir      string
 	TLSLetsEncryptChallengeType string
 
-	TLSCertPath         string
-	TLSKeyPath          string
-    TLSClientAuthMode   string
+	TLSCertPath       string
+	TLSKeyPath        string
+	TLSClientAuthMode string
 
 	ACMEURL   string
 	ACMEEmail string
@@ -646,28 +646,28 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
 			log.Warn().Msg("Listening with TLS but ServerURL does not start with https://")
 		}
 
-        var client_auth_mode tls.ClientAuthType
-        if(h.cfg.TLSClientAuthMode == "disabled"){
-            // Client cert is _not_ required.
-            client_auth_mode = tls.NoClientCert
-        }else if (h.cfg.TLSClientAuthMode == "relaxed"){
-            // Client cert required, but not verified.
-            client_auth_mode = tls.RequireAnyClientCert
-        }else if (h.cfg.TLSClientAuthMode == "enforced"){
-            // Client cert is required and verified.
-            client_auth_mode = tls.RequireAndVerifyClientCert
-        }else{
-            return nil, errors.New(
-                "Invalid tls_client_auth_mode provided: " +
-                h.cfg.TLSClientAuthMode)
-        }
-
-        log.Info().Msg(fmt.Sprintf(
-            "Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.",
-            h.cfg.TLSClientAuthMode))
+		var clientAuthMode tls.ClientAuthType
+		if h.cfg.TLSClientAuthMode == "disabled" {
+			// Client cert is _not_ required.
+			clientAuthMode = tls.NoClientCert
+		} else if h.cfg.TLSClientAuthMode == "relaxed" {
+			// Client cert required, but not verified.
+			clientAuthMode = tls.RequireAnyClientCert
+		} else if h.cfg.TLSClientAuthMode == "enforced" {
+			// Client cert is required and verified.
+			clientAuthMode = tls.RequireAndVerifyClientCert
+		} else {
+			return nil, errors.New(
+				"Invalid tls_clientAuthMode provided: " +
+					h.cfg.TLSClientAuthMode)
+		}
+
+		log.Info().Msg(fmt.Sprintf(
+			"Client authentication (mTLS) is \"%s\". See the docs to learn about configuring this setting.",
+			h.cfg.TLSClientAuthMode))
 
 		tlsConfig := &tls.Config{
-			ClientAuth:   client_auth_mode,
+			ClientAuth:   clientAuthMode,
 			NextProtos:   []string{"http/1.1"},
 			Certificates: make([]tls.Certificate, 1),
 			MinVersion:   tls.VersionTLS12,

cmd/headscale/cli/utils.go

@@ -40,7 +40,7 @@ func LoadConfig(path string) error {
 
 	viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache")
 	viper.SetDefault("tls_letsencrypt_challenge_type", "HTTP-01")
-    viper.SetDefault("tls_client_auth_mode", "disabled")
+	viper.SetDefault("tls_client_auth_mode", "disabled")
 
 	viper.SetDefault("ip_prefix", "100.64.0.0/10")
 
@@ -82,10 +82,10 @@ func LoadConfig(path string) error {
 		errorText += "Fatal config error: server_url must start with https:// or http://\n"
 	}
 
-    auth_mode := viper.GetString("tls_client_auth_mode")
-    if (auth_mode != "disabled" && auth_mode != "relaxed" && auth_mode != "enforced"){
-        errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced."
-    }
+	clientAuthMode := viper.GetString("tls_client_auth_mode")
+	if clientAuthMode != "disabled" && clientAuthMode != "relaxed" && clientAuthMode != "enforced" {
+		errorText += "Invalid tls_client_auth_mode supplied. Accepted values: disabled, relaxed, enforced."
+	}
 
 	if errorText != "" {
 		//nolint
@@ -256,9 +256,9 @@ func getHeadscaleConfig() headscale.Config {
 		),
 		TLSLetsEncryptChallengeType: viper.GetString("tls_letsencrypt_challenge_type"),
 
-		TLSCertPath: absPath(viper.GetString("tls_cert_path")),
-		TLSKeyPath:  absPath(viper.GetString("tls_key_path")),
-        TLSClientAuthMode: viper.GetString("tls_client_auth_mode"),
+		TLSCertPath:       absPath(viper.GetString("tls_cert_path")),
+		TLSKeyPath:        absPath(viper.GetString("tls_key_path")),
+		TLSClientAuthMode: viper.GetString("tls_client_auth_mode"),
 
 		DNSConfig: dnsConfig,