wg-aws/roles/headscale-server/templates/config.yaml

---
# Headscale configuration
# addresses. ports and paths
server_url: "https://{{ headscale_hostname }}"
listen_addr: 0.0.0.0:443
metrics_listen_addr: 127.0.0.1:9090
grpc_listen_addr: 127.0.0.1:50443
grpc_allow_insecure: false
private_key_path: /var/lib/headscale/private.key
noise:
  private_key_path: /var/lib/headscale/noise_private.key
# IP ranges & dns
# IP ranges & dns
prefixes:
  v6: fd7a:115c:a1e0::/48
  v4: 10.13.100.0/24
dns:
  #override_local_dns: true
  nameservers:
    global:
    - 1.1.1.1
  magic_dns: true
  base_domain: {{ headscale_base_domain }}

# DERP
derp:
  server:
    enabled: true
    region_id: 999
    region_code: "aws-headscale-maecki"
    region_name: "aws-headscale-maecki"
    stun_listen_addr: "0.0.0.0:3478"
    private_key_path: /var/lib/headscale/derp_server_private.key
  paths: []
  auto_update_enabled: false
  update_frequency: 24h

# DB
database:
  type: sqlite3
  sqlite:
    path: /var/lib/headscale/db.sqlite

# TLS
acme_url: https://acme-v02.api.letsencrypt.org/directory
acme_email: ""
tls_letsencrypt_hostname: "{{ headscale_hostname }}"
tls_letsencrypt_cache_dir: /var/lib/headscale/cache
tls_letsencrypt_challenge_type: HTTP-01
tls_letsencrypt_listen: ":http"
basic headscale installation 2023-05-19 10:49:23 +02:00			`---`
			`# Headscale configuration`
			`# addresses. ports and paths`
			`server_url: "https://{{ headscale_hostname }}"`
			`listen_addr: 0.0.0.0:443`
			`metrics_listen_addr: 127.0.0.1:9090`
			`grpc_listen_addr: 127.0.0.1:50443`
			`grpc_allow_insecure: false`
			`private_key_path: /var/lib/headscale/private.key`
			`noise:`
			`private_key_path: /var/lib/headscale/noise_private.key`
			`# IP ranges & dns`
Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`# IP ranges & dns`
			`prefixes:`
			`v6: fd7a:115c:a1e0::/48`
			`v4: 10.13.100.0/24`
			`dns:`
			`#override_local_dns: true`
basic headscale installation 2023-05-19 10:49:23 +02:00			`nameservers:`
Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`global:`
			`- 1.1.1.1`
basic headscale installation 2023-05-19 10:49:23 +02:00			`magic_dns: true`
			`base_domain: {{ headscale_base_domain }}`

			`# DERP`
			`derp:`
			`server:`
DERP & Exit-Node 2023-05-19 11:08:46 +02:00			`enabled: true`
			`region_id: 999`
			`region_code: "aws-headscale-maecki"`
			`region_name: "aws-headscale-maecki"`
			`stun_listen_addr: "0.0.0.0:3478"`
Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`private_key_path: /var/lib/headscale/derp_server_private.key`
DERP & Exit-Node 2023-05-19 11:08:46 +02:00			`paths: []`
			`auto_update_enabled: false`
			`update_frequency: 24h`
basic headscale installation 2023-05-19 10:49:23 +02:00
			`# DB`
Updated headscale version and new config file format 2025-01-17 21:23:19 +01:00			`database:`
			`type: sqlite3`
			`sqlite:`
			`path: /var/lib/headscale/db.sqlite`
basic headscale installation 2023-05-19 10:49:23 +02:00
			`# TLS`
			`acme_url: https://acme-v02.api.letsencrypt.org/directory`
			`acme_email: ""`
			`tls_letsencrypt_hostname: "{{ headscale_hostname }}"`
			`tls_letsencrypt_cache_dir: /var/lib/headscale/cache`
			`tls_letsencrypt_challenge_type: HTTP-01`
			`tls_letsencrypt_listen: ":http"`