installation for a noob

[thesabear]

Hi everyone, I am n desperate need of help to get running. I am trying to use the docker-compose example Traefik Configuration or this. Upon running the compose file, editing only the volumes info to storage spaces on my server, I hit a roadblock. I can access the UI at http://localhost/web but have no joy entering the API I create using headscale apikeys create --expiration 90d.

I am a new user to Treafik and still learning in terms of networking and am really struggling to get this configured and running smoothly. Any advice on how to proceed here would be greatly appreciated. Best

[bartclone]

Not really clear what the key-problem is. Any logs?

Reading your question…this is not a real beginners-product, so start slow. Bit by bit, part for part. what can you get to work, what not. Document and log to the detail, so you can give / we can get insight.

This stack (and Traefik) is a great product, but not for everyone - you’ll need a thorough understanding of networking, containers etc. If you are fine with that, and willing to learn, you’ll get there!

[thesabear]

I am absolutely willing to learn and build my knowledge base as a non-IT certified/qualified person . I have been on my homelab journey for around 6 months and teaching myself and learning as I go.

I do have a separate bare metal pfsense firewall at the front of my network and on this I have set up and been using HA proxy for my services, so have not tried using Traefik before and have zero experience with it. For testing this stack, I have created a new virtual machine on my Proxmox installation and installed docker, docker-compose, and portainer.

Here is my docker-compose: version: '3.9' services: headscale: image: headscale/headscale:latest pull_policy: always container_name: headscale restart: unless-stopped command: headscale serve volumes:

• /mnt/samsungssd/docker/headscale-traefik/config:/etc/headscale
• /mnt/samsungssd/docker/headscale-traefik/data:/var/lib/headscale labels:
• traefik.enable=true
• traefik.http.routers.headscale-rtr.rule=PathPrefix(/) # you might want to add: && Host(your.domain.name)"

• traefik.http.services.headscale-svc.loadbalancer.server.port=8080

  headscale-ui: image: ghcr.io/gurucomputing/headscale-ui:latest pull_policy: always container_name: headscale-ui restart: unless-stopped labels:

• traefik.enable=true
• traefik.http.routers.headscale-ui-rtr.rule=PathPrefix(/web) # you might want to add: && Host(your.domain.name)"

• traefik.http.services.headscale-ui-svc.loadbalancer.server.port=80

  traefik: image: traefik:latest pull_policy: always restart: unless-stopped container_name: traefik command:

• --api.insecure=true # remove in production
• --providers.docker
• --entrypoints.web.address=:80
• --entrypoints.websecure.address=:443
• --global.sendAnonymousUsage=false ports:
• 80:80
• 443:443
• 8080:8080 # web UI (enabled with api.insecure) volumes:
• /var/run/docker.sock:/var/run/docker.sock:ro
• ./traefik/certificates:/certificates

Here is my config.yaml for headscale; config.yaml.txt

Here are the requested logs; _traefik_logs.txt _headscale_logs.txt _headscale-ui_logs.txt

All 3 services are up and running and I can access the headscale UI if I browse to http://localhost/web, however when I try to enter the API Key I keep getting a "TypeError:Failed to Fetch. API test did not succeed.Headscale might be down or API settings may need to be set. change server settings in the settings page"

For the Headscale URL I have entered https://hs.xxx.xxx:443 but no success with getting this working.

Best

[routerino]

Can't help you with traefik sorry, never used it. I typically recommend caddy for simple reverse proxying.

I did write a guide for headscale here, but honestly I wouldn't start with headscale if you're struggling. I'd start with wireguard, learn how wireguard works, then move to more complex VPN solutions (or just stick with wireguard).

[Area45]

I was just having this issue too with Traefik 2. I was able to resolve the issue by adding :443 to the server url in the config.yml for headscale (example below). Then in headscale ui settings making sure the same url is being used as you've already stated you have entered (http://headscale.yoururl.com:443). Hope this helps

ex. server_url: http://headscale.yoururl.com:443