From b74fd78dac269694d342452c7cb14ea47509af77 Mon Sep 17 00:00:00 2001
From: Sam Sheridan <sam@sheridan.uk>
Date: Thu, 4 Dec 2025 13:21:47 +0000
Subject: [PATCH 1/3] security/tailscale make pre-auth key optional, allows use
 of AuthURL too

---
 .../app/controllers/OPNsense/Tailscale/forms/authentication.xml | 2 +-
 .../mvc/app/models/OPNsense/Tailscale/Authentication.xml        | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/tailscale/src/opnsense/mvc/app/controllers/OPNsense/Tailscale/forms/authentication.xml b/security/tailscale/src/opnsense/mvc/app/controllers/OPNsense/Tailscale/forms/authentication.xml
index b2bcae8b3..bba0c86af 100644
--- a/security/tailscale/src/opnsense/mvc/app/controllers/OPNsense/Tailscale/forms/authentication.xml
+++ b/security/tailscale/src/opnsense/mvc/app/controllers/OPNsense/Tailscale/forms/authentication.xml
@@ -9,6 +9,6 @@
         <id>authentication.preAuthKey</id>
         <label>Pre-authentication Key</label>
         <type>text</type>
-        <help>Use a non-reusable auth key and disable expiration</help>
+        <help>Use a non-reusable auth key and disable expiration (optional). If not specified use AuthURL from Status page</help>
     </field>
 </form>
diff --git a/security/tailscale/src/opnsense/mvc/app/models/OPNsense/Tailscale/Authentication.xml b/security/tailscale/src/opnsense/mvc/app/models/OPNsense/Tailscale/Authentication.xml
index b1b404f48..dce55a679 100644
--- a/security/tailscale/src/opnsense/mvc/app/models/OPNsense/Tailscale/Authentication.xml
+++ b/security/tailscale/src/opnsense/mvc/app/models/OPNsense/Tailscale/Authentication.xml
@@ -8,7 +8,7 @@
             <ValidationMessage>Please enter a valid URL</ValidationMessage>
         </loginServer>
         <preAuthKey type="TextField">
-            <Required>Y</Required>
+            <Required>N</Required>
         </preAuthKey>
     </items>
 </model>

From 0abbd00f0ec8711d289231505647dcacc3d5e64e Mon Sep 17 00:00:00 2001
From: Sam Sheridan <sam@sheridan.uk>
Date: Thu, 4 Dec 2025 13:29:31 +0000
Subject: [PATCH 2/3] Updated pkg-descr to reflect optional auth key

---
 security/tailscale/pkg-descr | 1 +
 1 file changed, 1 insertion(+)

diff --git a/security/tailscale/pkg-descr b/security/tailscale/pkg-descr
index b2066fa79..0ca830b13 100644
--- a/security/tailscale/pkg-descr
+++ b/security/tailscale/pkg-descr
@@ -8,6 +8,7 @@ Plugin Changelog
 
 1.3
 
+* set pre-auth key field in UI to optional, enables registration via pre-auth key or AuthURL from status page
 * modify RC script to prevent re-using auth key if already authenticated
 
 1.2

From c4ca2f02b5e7190b454ed6cb7aa77177fffdfd6e Mon Sep 17 00:00:00 2001
From: Sam Sheridan <sam@sheridan.uk>
Date: Fri, 5 Dec 2025 02:32:53 +0000
Subject: [PATCH 3/3] bump version

---
 security/tailscale/Makefile  | 2 +-
 security/tailscale/pkg-descr | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/security/tailscale/Makefile b/security/tailscale/Makefile
index 6c95b7cd0..67a3f4be5 100644
--- a/security/tailscale/Makefile
+++ b/security/tailscale/Makefile
@@ -1,5 +1,5 @@
 PLUGIN_NAME=		tailscale
-PLUGIN_VERSION=		1.3
+PLUGIN_VERSION=		1.4
 PLUGIN_COMMENT=		VPN mesh securely connecting clients using WireGuard
 PLUGIN_DEPENDS=		tailscale
 PLUGIN_MAINTAINER=	sam@sheridan.uk
diff --git a/security/tailscale/pkg-descr b/security/tailscale/pkg-descr
index 0ca830b13..2676046f4 100644
--- a/security/tailscale/pkg-descr
+++ b/security/tailscale/pkg-descr
@@ -6,9 +6,12 @@ https://tailscale.com/
 Plugin Changelog
 ================
 
-1.3
+1.4
 
 * set pre-auth key field in UI to optional, enables registration via pre-auth key or AuthURL from status page
+
+1.3
+
 * modify RC script to prevent re-using auth key if already authenticated
 
 1.2