Ian Roddis
51 lines
1.0 KiB
Django/Jinja
51 lines
1.0 KiB
Django/Jinja
server_url: "https://{{ headscale_domain }}"
|
|
listen_addr: 0.0.0.0:8080
|
|
grpc_listen_addr: 0.0.0.0:50443
|
|
grpc_allow_insecure: false
|
|
|
|
private_key_path: /var/lib/headscale/private.key
|
|
noise:
|
|
private_key_path: /var/lib/headscale/noise_private.key
|
|
|
|
prefixes:
|
|
v6: fd7a:115c:a1e0::/48
|
|
v4: 100.64.0.0/10
|
|
allocation: sequential
|
|
|
|
derp:
|
|
server:
|
|
enabled: false
|
|
urls:
|
|
- https://controlplane.tailscale.com/derpmap/default
|
|
auto_update_enabled: true
|
|
update_frequency: 24h
|
|
|
|
disable_check_updates: true
|
|
ephemeral_node_inactivity_timeout: 30m
|
|
|
|
database:
|
|
type: sqlite
|
|
sqlite:
|
|
path: /var/lib/headscale/db.sqlite
|
|
|
|
log:
|
|
format: text
|
|
level: info
|
|
|
|
dns:
|
|
magic_dns: true
|
|
base_domain: "{{ base_domain }}"
|
|
nameservers:
|
|
global:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
|
|
oidc:
|
|
only_start_if_oidc_is_available: true
|
|
issuer: "https://{{ authentik_domain }}/application/o/headscale/"
|
|
client_id: "headscale"
|
|
client_secret: "changeme_headscale_oidc_secret"
|
|
scope: ["openid", "profile", "email"]
|
|
extra_params:
|
|
domain_hint: "{{ base_domain }}"
|