Closed prom3theu5 closed 1 year ago
This is out of scope for this project, we do not support Docker or Reverse proxies (caddy).
Strange as you have a k3s example lol Not everyone wants to have a droplet running a k8s runtime
no drama :P
Those examples are unsupported and community organised, but I agree, it was a week moment.
Happy for you to contribute your script to the unsupported section, but we often find that we end up supporting them, and we are therefore sceptical.
After the script finished, an API key must be created to be able to log in from the UI.
docker exec <headscale container> headscale apikeys create -e <expire-interval>
So for this docker you need to run this line on the server to get one:
docker exec headscale headscale apikeys create -e 9999d
(9999d = 27 years)This auto-install script is creating a docker for THIS UI . (Not the most-contributed one.)
You need to create both api.<yourdomain>
and dashboard.<yourdomain>
domains, because * wildcard may not work with your DNS provider
The ZeroSSL may not be able to create / process your SSL by Caddy, because it needs the ZeroSSL API Key
, which you can get if you log in to zeroSSL Developer menu , copy and insert to caddyfile at: cert_issuer zerossl <your-API-key>
I've also added EAB too to make sure it works:
{
cert_issuer zerossl <zero-ssl-api-key>
# ZeroSSL account
acme_ca https://acme.zerossl.com/v2/DV90
email info@my-email-address.xyz
acme_eab {
key_id <zero-ssl-key_id>
mac_key <zero-ssl-mac_key>
}
}
The script should ask for
For me: the final "Headscale setup is now complete. ... " part did not show. (After showing "Testing Caddy setup (please be patient, this may take 1-2 minutes)" ... the script exited immediately) But it is working!
Should call the docker exec headscale headscale apikeys create -e 9999d
line itself to generate the necessary API key.
Maybe the other UI would be better.
Headscale Quickstart script
Would it be beneficial to include quick start docker scripting that setups up a base instance of headscale, containerised along with headscale-ui, and expose them through Caddy?
I have one I use here: https://github.com/SimCubeLtd/headscale-quickstart, which when running will allow you to be setup in about 2 mins
It's interactive similar to the Netmaker quick-start, only it deploys 3 containers: Headscale, Headscale-ui and Caddy, and I massively prefer this project over netmaker.
Base config is UI and Headscale running on http, with them both exposed through Caddy which will setup TLS with a requested cert at startup (based on either the custom email address you add during the script execution that it will ask you for, or the random email address it automatically generates during install - This SSL cert comes from ZeroSSL, but it could come from lets encrypt too)
After running, you'd copy and past the create apikey command, and then paste that api key into the web dashboard settings page