feat: add basic login functionality back after main merge

internal/bootstrap/app_bootstrap.go

@@ -34,6 +34,7 @@ type Services struct {
 	ldapService          *service.LdapService
 	oauthBrokerService   *service.OAuthBrokerService
 	oidcService          *service.OIDCService
+	tailscaleService     *service.TailscaleService
 }
 
 type BootstrapApp struct {
@@ -250,6 +251,7 @@ func (app *BootstrapApp) Setup() error {
 
 	runUnix := app.config.Server.SocketPath != ""
 	runHTTP := app.config.Server.SocketPath == "" || app.config.Server.ConcurrentListenersEnabled
+	runTailscale := app.services.tailscaleService != nil
 
 	if runUnix {
 		errChanLen++
@@ -259,6 +261,10 @@ func (app *BootstrapApp) Setup() error {
 		errChanLen++
 	}
 
+	if runTailscale {
+		errChanLen++
+	}
+
 	errChan := make(chan error, errChanLen)
 
 	if app.config.Server.ConcurrentListenersEnabled {
@@ -283,6 +289,15 @@ func (app *BootstrapApp) Setup() error {
 		})
 	}
 
+	// serve to tailscale
+	if runTailscale {
+		app.wg.Go(func() {
+			if err := app.serveTailscale(); err != nil {
+				errChan <- err
+			}
+		})
+	}
+
 	// monitor cancellation and server errors
 	for {
 		select {
@@ -369,7 +384,41 @@ func (app *BootstrapApp) serveUnix() error {
 		return fmt.Errorf("failed to start unix socket listener: %w", err)
 	}
 
-	return <-errChan
+	return nil
+}
+
+func (app *BootstrapApp) serveTailscale() error {
+	app.log.App.Info().Msgf("Starting Tailscale server on %s", app.services.tailscaleService.GetHostname())
+
+	listener, err := app.services.tailscaleService.CreateListener()
+
+	if err != nil {
+		return fmt.Errorf("failed to create tailscale listener: %w", err)
+	}
+
+	server := &http.Server{
+		Handler: app.router.Handler(),
+	}
+
+	shutdown := func() {
+		server.Shutdown(app.ctx)
+		listener.Close()
+	}
+
+	go func() {
+		<-app.ctx.Done()
+		app.log.App.Debug().Msg("Shutting down Tailscale listener")
+		shutdown()
+	}()
+
+	err = server.Serve(listener)
+
+	if err != nil && !errors.Is(err, http.ErrServerClosed) {
+		shutdown()
+		return fmt.Errorf("failed to start tailscale listener: %w", err)
+	}
+
+	return nil
 }
 
 func (app *BootstrapApp) heartbeatRoutine() {

internal/bootstrap/router_bootstrap.go

@@ -24,7 +24,7 @@ func (app *BootstrapApp) setupRouter() error {
 		}
 	}
 
-	contextMiddleware := middleware.NewContextMiddleware(app.log, app.runtime, app.services.authService, app.services.oauthBrokerService)
+	contextMiddleware := middleware.NewContextMiddleware(app.log, app.runtime, app.services.authService, app.services.oauthBrokerService, app.services.tailscaleService)
 	engine.Use(contextMiddleware.Middleware())
 
 	uiMiddleware, err := middleware.NewUIMiddleware()

internal/bootstrap/service_bootstrap.go

@@ -46,13 +46,21 @@ func (app *BootstrapApp) setupServices() error {
 		labelProvider = dockerService
 	}
 
+	tailscaleService, err := service.NewTailscaleService(app.log, app.config, app.ctx, &app.wg)
+
+	if err != nil {
+		app.log.App.Warn().Err(err).Msg("Failed to initialize Tailscale connection, will continue without it")
+	} else {
+		app.services.tailscaleService = tailscaleService
+	}
+
 	accessControlsService := service.NewAccessControlsService(app.log, &labelProvider, app.config.Apps)
 	app.services.accessControlService = accessControlsService
 
 	oauthBrokerService := service.NewOAuthBrokerService(app.log, app.runtime.OAuthProviders, app.ctx)
 	app.services.oauthBrokerService = oauthBrokerService
 
-	authService := service.NewAuthService(app.log, app.config, app.runtime, app.ctx, &app.wg, app.services.ldapService, app.queries, app.services.oauthBrokerService)
+	authService := service.NewAuthService(app.log, app.config, app.runtime, app.ctx, &app.wg, app.services.ldapService, app.queries, app.services.oauthBrokerService, app.services.tailscaleService)
 	app.services.authService = authService
 
 	oidcService, err := service.NewOIDCService(app.log, app.config, app.runtime, app.queries, app.ctx, &app.wg)