Merge pull request #521 from Niek/patch-1
This commit is contained in:
commit
32522cb482
1 changed files with 19 additions and 5 deletions
|
@ -14,8 +14,8 @@ not work with alternatives like [Podman](https://podman.io). The Docker image ca
|
||||||
1. Prepare a directory on the host Docker node in your directory of choice, used to hold `headscale` configuration and the [SQLite](https://www.sqlite.org/) database:
|
1. Prepare a directory on the host Docker node in your directory of choice, used to hold `headscale` configuration and the [SQLite](https://www.sqlite.org/) database:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
mkdir ./headscale && cd ./headscale
|
mkdir -p ./headscale/config
|
||||||
mkdir ./config
|
cd ./headscale
|
||||||
```
|
```
|
||||||
|
|
||||||
2. Create an empty SQlite datebase in the headscale directory:
|
2. Create an empty SQlite datebase in the headscale directory:
|
||||||
|
@ -45,6 +45,17 @@ touch ./config/config.yaml
|
||||||
```
|
```
|
||||||
|
|
||||||
Modify the config file to your preferences before launching Docker container.
|
Modify the config file to your preferences before launching Docker container.
|
||||||
|
Here are some settings that you likely want:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
server_url: http://your-host-name:8080 # Change to your hostname or host IP
|
||||||
|
# Listen to 0.0.0.0 so it's accessible outside the container
|
||||||
|
metrics_listen_addr: 0.0.0.0:9090
|
||||||
|
# The default /var/lib/headscale path is not writable in the container
|
||||||
|
private_key_path: /etc/headscale/private.key
|
||||||
|
# The default /var/lib/headscale path is not writable in the container
|
||||||
|
db_path: /etc/headscale/db.sqlite
|
||||||
|
```
|
||||||
|
|
||||||
4. Start the headscale server while working in the host headscale directory:
|
4. Start the headscale server while working in the host headscale directory:
|
||||||
|
|
||||||
|
@ -61,6 +72,8 @@ docker run \
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Note: use `0.0.0.0:8080:8080` instead of `127.0.0.1:8080:8080` if you want to expose the container externally.
|
||||||
|
|
||||||
This command will mount `config/` under `/etc/headscale`, forward port 8080 out of the container so the
|
This command will mount `config/` under `/etc/headscale`, forward port 8080 out of the container so the
|
||||||
`headscale` instance becomes available and then detach so headscale runs in the background.
|
`headscale` instance becomes available and then detach so headscale runs in the background.
|
||||||
|
|
||||||
|
@ -87,7 +100,8 @@ curl http://127.0.0.1:9090/metrics
|
||||||
6. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
6. Create a namespace ([tailnet](https://tailscale.com/kb/1136/tailnet/)):
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker exec headscale -- headscale namespaces create myfirstnamespace
|
docker exec headscale \
|
||||||
|
headscale namespaces create myfirstnamespace
|
||||||
```
|
```
|
||||||
|
|
||||||
### Register a machine (normal login)
|
### Register a machine (normal login)
|
||||||
|
@ -101,7 +115,7 @@ tailscale up --login-server YOUR_HEADSCALE_URL
|
||||||
To register a machine when running `headscale` in a container, take the headscale command and pass it to the container:
|
To register a machine when running `headscale` in a container, take the headscale command and pass it to the container:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker exec headscale -- \
|
docker exec headscale \
|
||||||
headscale --namespace myfirstnamespace nodes register --key <YOU_+MACHINE_KEY>
|
headscale --namespace myfirstnamespace nodes register --key <YOU_+MACHINE_KEY>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -110,7 +124,7 @@ docker exec headscale -- \
|
||||||
Generate a key using the command line:
|
Generate a key using the command line:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker exec headscale -- \
|
docker exec headscale \
|
||||||
headscale --namespace myfirstnamespace preauthkeys create --reusable --expiration 24h
|
headscale --namespace myfirstnamespace preauthkeys create --reusable --expiration 24h
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue