From 098c14f9e00261da3088f9d90412336676087554 Mon Sep 17 00:00:00 2001 From: MacRimi Date: Sat, 14 Mar 2026 19:55:54 +0100 Subject: [PATCH] Update secure-gateway-setup.tsx --- AppImage/components/secure-gateway-setup.tsx | 128 ++++++++++++++++++- 1 file changed, 124 insertions(+), 4 deletions(-) diff --git a/AppImage/components/secure-gateway-setup.tsx b/AppImage/components/secure-gateway-setup.tsx index f879ab3b..7efa19df 100644 --- a/AppImage/components/secure-gateway-setup.tsx +++ b/AppImage/components/secure-gateway-setup.tsx @@ -89,6 +89,13 @@ export function SecureGatewaySetup() { const [showRemoveConfirm, setShowRemoveConfirm] = useState(false) const [showAuthKey, setShowAuthKey] = useState(false) + // Post-deploy confirmation + const [showPostDeployInfo, setShowPostDeployInfo] = useState(false) + const [deployedConfig, setDeployedConfig] = useState>({}) + + // Host IP for "Host Only" mode + const [hostIp, setHostIp] = useState("") + // Password visibility const [visiblePasswords, setVisiblePasswords] = useState>(new Set()) @@ -132,6 +139,11 @@ export function SecureGatewaySetup() { const networksRes = await fetchApi("/api/oci/networks") if (networksRes.success) { setNetworks(networksRes.networks || []) + // Get host IP for "Host Only" mode + const primaryNetwork = networksRes.networks?.find((n: NetworkInfo) => n.recommended) || networksRes.networks?.[0] + if (primaryNetwork?.address) { + setHostIp(primaryNetwork.address) + } } } catch (err) { console.error("Failed to load data:", err) @@ -170,13 +182,19 @@ export function SecureGatewaySetup() { } } - setDeployProgress("Pulling container image...") + // Prepare config - for "host_only" mode, set routes to just the host IP + const deployConfig = { ...config } + if (config.access_mode === "host_only" && hostIp) { + deployConfig.advertise_routes = [`${hostIp}/32`] + } + + setDeployProgress("Creating LXC container...") const result = await fetchApi("/api/oci/deploy", { method: "POST", body: JSON.stringify({ app_id: "secure-gateway", - config: config + config: deployConfig }) }) @@ -193,12 +211,19 @@ export function SecureGatewaySetup() { setDeployProgress("Gateway deployed successfully!") - // Wait and reload status + // Wait and reload status, then show post-deploy info setTimeout(async () => { await loadStatus() setShowWizard(false) setDeploying(false) setCurrentStep(0) + + // Show post-deploy confirmation if user needs to approve routes + const needsApproval = deployConfig.advertise_routes?.length > 0 || deployConfig.exit_node || deployConfig.accept_routes + if (needsApproval) { + setDeployedConfig(deployConfig) + setShowPostDeployInfo(true) + } }, 2000) } catch (err: any) { @@ -539,6 +564,12 @@ export function SecureGatewaySetup() { Access Mode: {config.access_mode === "host_only" ? "Host Only" : config.access_mode === "proxmox_network" ? "Proxmox Network" : "Custom Networks"} + {config.access_mode === "host_only" && hostIp && ( +
+ Host Access: + {hostIp}/32 +
+ )} {(config.access_mode === "proxmox_network" || config.access_mode === "custom") && config.advertise_routes?.length > 0 && (
Networks: @@ -556,6 +587,19 @@ export function SecureGatewaySetup() {
+ {/* Approval notice */} + {(config.access_mode !== "none" || config.exit_node) && !deploying && ( +
+

+ + + After deployment, you{"'"}ll need to approve the subnet routes + {config.exit_node && and exit node} in your Tailscale Admin Console for them to work. + +

+
+ )} + {deploying && (
@@ -717,7 +761,7 @@ export function SecureGatewaySetup() {
{/* Tailscale admin link */} -
+
+ + {/* Post-Deploy Info Dialog */} + + + + + + Gateway Deployed Successfully + + + One more step to complete the setup + + + +
+
+

+ + Action Required in Tailscale Admin +

+

+ You need to approve the following settings in your Tailscale admin console for them to take effect: +

+
    + {deployedConfig.advertise_routes?.length > 0 && ( +
  • + +
    + Subnet Routes: + + {deployedConfig.advertise_routes.join(", ")} + +
    +
    • + )} + {deployedConfig.exit_node && ( +
  • + +
    + Exit Node: + + Route all internet traffic + +
    +
    • + )} +
+
+ +
+

How to approve:

+
    +
  1. Go to Tailscale Admin Console
    2. +
  2. Find the machine "{deployedConfig.hostname || "proxmox-gateway"}"
    3. +
  3. Click on it and approve the pending routes/exit node
    4. +
+
+
+ +
+ + +
+ + ) }