2021-10-19 18:17:08 -04:00
|
|
|
---
|
2021-10-22 13:27:11 -04:00
|
|
|
# The url clients will connect to.
|
|
|
|
# Typically this will be a domain.
|
2021-10-19 18:17:08 -04:00
|
|
|
server_url: http://127.0.0.1:8080
|
2021-10-22 13:27:11 -04:00
|
|
|
|
|
|
|
# Address to listen to / bind to on the server
|
2021-10-19 18:17:08 -04:00
|
|
|
listen_addr: 0.0.0.0:8080
|
2021-10-22 13:27:11 -04:00
|
|
|
|
|
|
|
# Path to WireGuard private key file
|
2021-10-19 18:17:08 -04:00
|
|
|
private_key_path: private.key
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-24 16:30:51 -04:00
|
|
|
derp:
|
|
|
|
# List of externally available DERP maps encoded in JSON
|
|
|
|
urls:
|
|
|
|
- https://controlplane.tailscale.com/derpmap/default
|
|
|
|
|
|
|
|
# Locally available DERP map files encoded in YAML
|
|
|
|
paths:
|
|
|
|
- derp-example.yaml
|
|
|
|
|
|
|
|
# If enabled, a worker will be set up to periodically
|
|
|
|
# refresh the given sources and update the derpmap
|
|
|
|
# will be set up.
|
|
|
|
auto_update_enabled: true
|
|
|
|
|
|
|
|
# How often should we check for updates?
|
|
|
|
update_frequency: 24h
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-23 05:40:15 -04:00
|
|
|
# Disables the automatic check for updates on startup
|
|
|
|
disable_check_updates: false
|
2021-10-19 18:17:08 -04:00
|
|
|
ephemeral_node_inactivity_timeout: 30m
|
|
|
|
|
2021-10-22 13:27:11 -04:00
|
|
|
# SQLite config
|
2021-10-20 17:27:59 -04:00
|
|
|
db_type: sqlite3
|
|
|
|
db_path: db.sqlite
|
2021-10-19 18:17:08 -04:00
|
|
|
|
2021-10-22 13:14:29 -04:00
|
|
|
# # Postgres config
|
|
|
|
# db_type: postgres
|
|
|
|
# db_host: localhost
|
|
|
|
# db_port: 5432
|
|
|
|
# db_name: headscale
|
|
|
|
# db_user: foo
|
|
|
|
# db_pass: bar
|
|
|
|
|
2021-10-19 18:17:08 -04:00
|
|
|
acme_url: https://acme-v02.api.letsencrypt.org/directory
|
2021-10-22 13:14:29 -04:00
|
|
|
acme_email: ""
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-22 13:14:29 -04:00
|
|
|
tls_letsencrypt_hostname: ""
|
2021-10-19 18:17:08 -04:00
|
|
|
tls_letsencrypt_listen: ":http"
|
|
|
|
tls_letsencrypt_cache_dir: ".cache"
|
|
|
|
tls_letsencrypt_challenge_type: HTTP-01
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-22 13:14:29 -04:00
|
|
|
tls_cert_path: ""
|
|
|
|
tls_key_path: ""
|
2021-10-22 13:27:11 -04:00
|
|
|
|
|
|
|
# Path to a file containg ACL policies.
|
2021-10-22 13:14:29 -04:00
|
|
|
acl_policy_path: ""
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-19 18:17:08 -04:00
|
|
|
dns_config:
|
2021-10-22 13:27:11 -04:00
|
|
|
# Upstream DNS servers
|
2021-10-19 18:17:08 -04:00
|
|
|
nameservers:
|
2021-10-22 13:14:29 -04:00
|
|
|
- 1.1.1.1
|
2021-10-19 18:17:08 -04:00
|
|
|
domains: []
|
2021-10-22 13:27:11 -04:00
|
|
|
|
2021-10-19 18:17:08 -04:00
|
|
|
magic_dns: true
|
|
|
|
base_domain: example.com
|
2021-10-30 10:08:16 -04:00
|
|
|
|
|
|
|
# Unix socket used for the CLI to connect without authentication
|
|
|
|
# Note: for local development, you probably want to change this to:
|
|
|
|
# unix_socket: ./headscale.sock
|
|
|
|
unix_socket: /var/run/headscale.sock
|