fix: include tailnetDns in wide-area beacons

2025-12-20 15:02:23 +01:00
parent 554d9bc6ce
commit 044f525eb8
5 changed files with 23 additions and 1 deletions
--- a/docs/bonjour.md
+++ b/docs/bonjour.md
@@ -60,6 +60,7 @@ In the Tailscale admin console:
 - Add split DNS so the domain `clawdis.internal` uses that nameserver.

 Once clients accept tailnet DNS, iOS nodes can browse `_clawdis-bridge._tcp` in `clawdis.internal.` without multicast.
+Wide-area beacons also include `tailnetDns` (when available) so the macOS app can auto-fill SSH targets off-LAN.

 ### Bridge listener security (recommended)

--- a/docs/discovery.md
+++ b/docs/discovery.md
@@ -70,7 +70,7 @@ Disable/override:
 For London/Vienna style setups, Bonjour won’t help. The recommended “direct” target is:
 - Tailscale MagicDNS name (preferred) or a stable tailnet IP.

-If the gateway can detect it is running under Tailscale, it publishes `tailnetDns` as an optional hint for clients.
+If the gateway can detect it is running under Tailscale, it publishes `tailnetDns` as an optional hint for clients (including wide-area beacons).

 ### 3) Manual / SSH target

--- a/src/gateway/server.ts
+++ b/src/gateway/server.ts
@@ -2096,6 +2096,7 @@ export async function startGatewayServer(
          displayName: formatBonjourInstanceName(machineDisplayName),
          tailnetIPv4,
          tailnetIPv6: tailnetIPv6 ?? undefined,
+          tailnetDns,
        });
        defaultRuntime.log(
          `discovery: wide-area DNS-SD ${result.changed ? "updated" : "unchanged"} (${WIDE_AREA_DISCOVERY_DOMAIN} → ${result.zonePath})`,
--- a/src/infra/widearea-dns.test.ts
+++ b/src/infra/widearea-dns.test.ts
@@ -28,4 +28,20 @@ describe("wide-area DNS-SD zone rendering", () => {
    );
    expect(txt).toContain(`displayName=Mac Studio (Clawdis)`);
  });
+
+  it("includes tailnetDns when provided", () => {
+    const txt = renderWideAreaBridgeZoneText({
+      serial: 2025121701,
+      bridgePort: 18790,
+      displayName: "Mac Studio (Clawdis)",
+      tailnetIPv4: "100.123.224.76",
+      tailnetDns: "peters-mac-studio-1.sheep-coho.ts.net",
+      hostLabel: "studio-london",
+      instanceLabel: "studio-london",
+    });
+
+    expect(txt).toContain(
+      `tailnetDns=peters-mac-studio-1.sheep-coho.ts.net`,
+    );
+  });
 });
--- a/src/infra/widearea-dns.ts
+++ b/src/infra/widearea-dns.ts
@@ -75,6 +75,7 @@ export type WideAreaBridgeZoneOpts = {
  tailnetIPv6?: string;
  instanceLabel?: string;
  hostLabel?: string;
+  tailnetDns?: string;
 };

 function renderZone(opts: WideAreaBridgeZoneOpts & { serial: number }): string {
@@ -90,6 +91,9 @@ function renderZone(opts: WideAreaBridgeZoneOpts & { serial: number }): string {
    `transport=bridge`,
    `bridgePort=${opts.bridgePort}`,
  ];
+  if (opts.tailnetDns?.trim()) {
+    txt.push(`tailnetDns=${opts.tailnetDns.trim()}`);
+  }

  const records: string[] = [];