Add apple endpoint to readme

This commit is contained in:
Kristoffer Dalby 2021-09-26 20:47:39 +01:00
parent 59c3d4bcfe
commit 237a14858a
No known key found for this signature in database
GPG key ID: 09F62DC067465735

View file

@ -22,20 +22,17 @@ Headscale implements this coordination server.
- [x] Namespace support (~equivalent to multi-user in Tailscale.com) - [x] Namespace support (~equivalent to multi-user in Tailscale.com)
- [x] Routing (advertise & accept, including exit nodes) - [x] Routing (advertise & accept, including exit nodes)
- [x] Node registration via pre-auth keys (including reusable keys, and ephemeral node support) - [x] Node registration via pre-auth keys (including reusable keys, and ephemeral node support)
- [X] JSON-formatted output - [x] JSON-formatted output
- [X] ACLs - [x] ACLs
- [X] Support for alternative IP ranges in the tailnets (default Tailscale's 100.64.0.0/10) - [x] Support for alternative IP ranges in the tailnets (default Tailscale's 100.64.0.0/10)
- [X] DNS (passing DNS servers to nodes) - [x] DNS (passing DNS servers to nodes)
- [X] Share nodes between ~~users~~ namespaces - [x] Share nodes between ~~users~~ namespaces
- [ ] MagicDNS / Smart DNS - [ ] MagicDNS / Smart DNS
## Roadmap 🤷 ## Roadmap 🤷
Suggestions/PRs welcomed! Suggestions/PRs welcomed!
## Running it ## Running it
1. Download the Headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your PATH or use the docker container 1. Download the Headscale binary https://github.com/juanfont/headscale/releases, and place it somewhere in your PATH or use the docker container
@ -43,6 +40,7 @@ Suggestions/PRs welcomed!
```shell ```shell
docker pull headscale/headscale:x.x.x docker pull headscale/headscale:x.x.x
``` ```
<!-- <!--
or or
```shell ```shell
@ -57,6 +55,7 @@ Suggestions/PRs welcomed!
``` ```
3. Set some stuff up (headscale Wireguard keys & the config.json file) 3. Set some stuff up (headscale Wireguard keys & the config.json file)
```shell ```shell
wg genkey > private.key wg genkey > private.key
wg pubkey < private.key > public.key # not needed wg pubkey < private.key > public.key # not needed
@ -69,24 +68,31 @@ Suggestions/PRs welcomed!
``` ```
4. Create a namespace (a namespace is a 'tailnet', a group of Tailscale nodes that can talk to each other) 4. Create a namespace (a namespace is a 'tailnet', a group of Tailscale nodes that can talk to each other)
```shell ```shell
headscale namespaces create myfirstnamespace headscale namespaces create myfirstnamespace
``` ```
or docker: or docker:
```shell ```shell
docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale namespace create myfirstnamespace docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale namespace create myfirstnamespace
``` ```
5. Run the server 5. Run the server
```shell ```shell
headscale serve headscale serve
``` ```
or docker: or docker:
```shell ```shell
docker run -v $(pwd)/private.key:/private.key -v $(pwd)/config.json:/config.json -v $(pwd)/derb.yaml:/derb.yaml -p 127.0.0.1:8080:8080 headscale/headscale:x.x.x headscale serve docker run -v $(pwd)/private.key:/private.key -v $(pwd)/config.json:/config.json -v $(pwd)/derb.yaml:/derb.yaml -p 127.0.0.1:8080:8080 headscale/headscale:x.x.x headscale serve
``` ```
6. If you used tailscale.com before in your nodes, make sure you clear the tailscaled data folder 6. If you used tailscale.com before in your nodes, make sure you clear the tailscaled data folder
```shell ```shell
systemctl stop tailscaled systemctl stop tailscaled
rm -fr /var/lib/tailscale rm -fr /var/lib/tailscale
@ -94,6 +100,7 @@ Suggestions/PRs welcomed!
``` ```
7. Add your first machine 7. Add your first machine
```shell ```shell
tailscale up -login-server YOUR_HEADSCALE_URL tailscale up -login-server YOUR_HEADSCALE_URL
``` ```
@ -101,10 +108,13 @@ Suggestions/PRs welcomed!
8. Navigate to the URL you will get with `tailscale up`, where you'll find your machine key. 8. Navigate to the URL you will get with `tailscale up`, where you'll find your machine key.
9. In the server, register your machine to a namespace with the CLI 9. In the server, register your machine to a namespace with the CLI
```shell ```shell
headscale -n myfirstnamespace node register YOURMACHINEKEY headscale -n myfirstnamespace node register YOURMACHINEKEY
``` ```
or docker: or docker:
```shell ```shell
docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace node register YOURMACHINEKEY docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace node register YOURMACHINEKEY
``` ```
@ -116,6 +126,7 @@ Alternatively, you can use Auth Keys to register your machines:
headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h
``` ```
or docker: or docker:
```shell ```shell
docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h docker run -v ./private.key:/private.key -v ./config.json:/config.json headscale/headscale:x.x.x headscale -n myfirstnamespace preauthkeys create --reusable --expiration 24h
``` ```
@ -129,7 +140,6 @@ If you create an authkey with the `--ephemeral` flag, that key will create ephem
Please bear in mind that all the commands from headscale support adding `-o json` or `-o json-line` to get a nicely JSON-formatted output. Please bear in mind that all the commands from headscale support adding `-o json` or `-o json-line` to get a nicely JSON-formatted output.
## Configuration reference ## Configuration reference
Headscale's configuration file is named `config.json` or `config.yaml`. Headscale will look for it in `/etc/headscale`, `~/.headscale` and finally the directory from where the Headscale binary is executed. Headscale's configuration file is named `config.json` or `config.yaml`. Headscale will look for it in `/etc/headscale`, `~/.headscale` and finally the directory from where the Headscale binary is executed.
@ -145,6 +155,7 @@ Headscale's configuration file is named `config.json` or `config.yaml`. Headscal
``` ```
"log_level": "debug" "log_level": "debug"
``` ```
`log_level` can be used to set the Log level for Headscale, it defaults to `debug`, and the available levels are: `trace`, `debug`, `info`, `warn` and `error`. `log_level` can be used to set the Log level for Headscale, it defaults to `debug`, and the available levels are: `trace`, `debug`, `info`, `warn` and `error`.
``` ```
@ -175,7 +186,6 @@ Headscale's configuration file is named `config.json` or `config.yaml`. Headscal
The fields starting with `db_` are used for the PostgreSQL connection information. The fields starting with `db_` are used for the PostgreSQL connection information.
### Running the service via TLS (optional) ### Running the service via TLS (optional)
``` ```
@ -213,17 +223,17 @@ For instance, instead of referring to users when defining groups you must
Please check https://tailscale.com/kb/1018/acls/, and `./tests/acls/` in this repo for working examples. Please check https://tailscale.com/kb/1018/acls/, and `./tests/acls/` in this repo for working examples.
### Apple devices
An endpoint with information on how to connect your Apple devices (currently macOS only) is available at `/apple` on your running instance.
## Disclaimer ## Disclaimer
1. We have nothing to do with Tailscale, or Tailscale Inc. 1. We have nothing to do with Tailscale, or Tailscale Inc.
2. The purpose of writing this was to learn how Tailscale works. 2. The purpose of writing this was to learn how Tailscale works.
## More on Tailscale ## More on Tailscale
- https://tailscale.com/blog/how-tailscale-works/ - https://tailscale.com/blog/how-tailscale-works/
- https://tailscale.com/blog/tailscale-key-management/ - https://tailscale.com/blog/tailscale-key-management/
- https://tailscale.com/blog/an-unlikely-database-migration/ - https://tailscale.com/blog/an-unlikely-database-migration/