|
|
@@ -10,13 +10,13 @@
|
|
|
#
|
|
|
# https://myheadscale.example.com:443
|
|
|
#
|
|
|
-server_url: http://localhost:8080
|
|
|
+server_url: http://localhost:27896
|
|
|
|
|
|
# Address to listen to / bind to on the server
|
|
|
#
|
|
|
# For production:
|
|
|
# listen_addr: 0.0.0.0:8080
|
|
|
-listen_addr: 0.0.0.0:8080
|
|
|
+listen_addr: 0.0.0.0:27896
|
|
|
|
|
|
# Address to listen to /metrics, you may want
|
|
|
# to keep this endpoint private to your internal
|
|
|
@@ -76,7 +76,7 @@ derp:
|
|
|
server:
|
|
|
# If enabled, runs the embedded DERP server and merges it into the rest of the DERP config
|
|
|
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
|
|
- enabled: true
|
|
|
+ enabled: false
|
|
|
|
|
|
# Region ID to use for the embedded DERP server.
|
|
|
# The local DERP prevails if the region ID collides with other region ID coming from
|
|
|
@@ -91,7 +91,7 @@ derp:
|
|
|
# When the embedded DERP server is enabled stun_listen_addr MUST be defined.
|
|
|
#
|
|
|
# For more details on how this works, check this great article: https://tailscale.com/blog/how-tailscale-works/
|
|
|
- stun_listen_addr: "0.0.0.0:3478"
|
|
|
+ stun_listen_addr: "0.0.0.0:10997"
|
|
|
|
|
|
# Private key used to encrypt the traffic between headscale DERP
|
|
|
# and Tailscale clients.
|
|
|
@@ -106,12 +106,12 @@ derp:
|
|
|
|
|
|
# For better connection stability (especially when using an Exit-Node and DNS is not working),
|
|
|
# it is possible to optionally add the public IPv4 and IPv6 address to the Derp-Map using:
|
|
|
- ipv4: 1.2.3.4
|
|
|
- ipv6: 2001:db8::1
|
|
|
+ ipv4: 101.126.130.39
|
|
|
+ # ipv6: 2001:db8::1
|
|
|
|
|
|
# List of externally available DERP maps encoded in JSON
|
|
|
- urls:
|
|
|
- - https://controlplane.tailscale.com/derpmap/default
|
|
|
+ # urls:
|
|
|
+ # - https://controlplane.tailscale.com/derpmap/default
|
|
|
|
|
|
# Locally available DERP map files encoded in YAML
|
|
|
#
|
|
|
@@ -121,7 +121,8 @@ derp:
|
|
|
#
|
|
|
# paths:
|
|
|
# - /etc/headscale/derp-example.yaml
|
|
|
- paths: []
|
|
|
+ paths:
|
|
|
+ - /etc/headscale/derp.yaml
|
|
|
|
|
|
# If enabled, a worker will be set up to periodically
|
|
|
# refresh the given sources and update the derpmap
|
|
|
@@ -272,7 +273,7 @@ dns:
|
|
|
# `base_domain` must be a FQDN, without the trailing dot.
|
|
|
# The FQDN of the hosts will be
|
|
|
# `hostname.base_domain` (e.g., _myhost.example.com_).
|
|
|
- base_domain: h.l
|
|
|
+ base_domain: lan
|
|
|
|
|
|
# List of DNS servers to expose to clients.
|
|
|
nameservers:
|
|
|
@@ -313,7 +314,7 @@ dns:
|
|
|
#
|
|
|
# Alternatively, extra DNS records can be loaded from a JSON file.
|
|
|
# Headscale processes this file on each change.
|
|
|
- # extra_records_path: /var/lib/headscale/extra-records.json
|
|
|
+ extra_records_path: /var/lib/headscale/extra-records.json
|
|
|
|
|
|
# Unix socket used for the CLI to connect without authentication
|
|
|
# Note: for production you will want to set this to something like:
|
