A free, open, self-hosted app platform (GNU AGPLv3): one-click app deploys, Traefik reverse proxy with automatic SSL, rootless Docker support, gluetun VPN routing, and a web dashboard to manage it all. Free & open forever to self-host; optional paid hosted services fund it. See PROMISE.md. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
64 lines
3.4 KiB
Plaintext
Executable File
64 lines
3.4 KiB
Plaintext
Executable File
#
|
|
# =============================================================================
|
|
# GENERAL CONFIGURATION
|
|
# =============================================================================
|
|
# APP_NAME = name of application for use in scripts
|
|
# COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is
|
|
# BACKUP = if true, include this application in backup operations
|
|
# HEALTHCHECK = if true, default docker health checks for that container will be enabled
|
|
# BASIC_AUTH_PASS = password for the headscale-ui basic auth; auto-generated, fed to the compose via HEADSCALE_BASIC_AUTH_PASS_TAG
|
|
# MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed)
|
|
#
|
|
CFG_HEADSCALE_APP_NAME=headscale
|
|
CFG_HEADSCALE_BACKUP=true
|
|
CFG_HEADSCALE_COMPOSE_FILE=default
|
|
CFG_HEADSCALE_HEALTHCHECK=true
|
|
CFG_HEADSCALE_BASIC_AUTH_PASS=RANDOMIZEDPASSWORD1
|
|
CFG_HEADSCALE_MONITORING=false
|
|
#
|
|
# =============================================================================
|
|
# METADATA
|
|
# =============================================================================
|
|
# CATEGORY = application category for grouping
|
|
# TITLE = display name for the application
|
|
# DESCRIPTION = short description of the application
|
|
# LONG_DESCRIPTION = detailed description of the application
|
|
# URL = source repository or documentation URL
|
|
# ACTIONS = available actions for this application
|
|
#
|
|
CFG_HEADSCALE_CATEGORY="networking"
|
|
CFG_HEADSCALE_TITLE="Headscale"
|
|
CFG_HEADSCALE_DESCRIPTION="WireGuard VPN Controller"
|
|
CFG_HEADSCALE_LONG_DESCRIPTION="Headscale is an open source, self-hosted implementation of the Tailscale control server that works with the Tailscale client"
|
|
CFG_HEADSCALE_URL="https://github.com/juanfont/headscale"
|
|
CFG_HEADSCALE_ACTIONS="configure|install|restart|shutdown|uninstall"
|
|
#
|
|
# =============================================================================
|
|
# NETWORK CONFIGURATION
|
|
# =============================================================================
|
|
# DOMAIN = number of domain from the general config, useful when using multiple domains
|
|
# HOST_NAME = subdomain name e.g test is the name for test.website.com
|
|
# WHITELIST = if true only allow whitelisted ips (see general config), if false allow all
|
|
#
|
|
CFG_HEADSCALE_DOMAIN=1
|
|
CFG_HEADSCALE_WHITELIST=false
|
|
CFG_HEADSCALE_HOST_NAME=headscale
|
|
CFG_HEADSCALE_NETWORK=default
|
|
#
|
|
# =============================================================================
|
|
# PORT CONFIGURATION
|
|
# =============================================================================
|
|
# PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description
|
|
# - app: application name
|
|
# - name: service identifier (webui, dns, ssh, etc.)
|
|
# - external:internal: port mapping (external can be 'random' for auto-allocation)
|
|
# - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running)
|
|
# - protocol: 'tcp' or 'udp'
|
|
# - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true)
|
|
# - traefik: if true, Traefik handles this port (reverse proxy)
|
|
# - webui: if true, this port serves the main web interface
|
|
# - description: human-readable description of the service
|
|
#
|
|
CFG_HEADSCALE_PORT_1="headscale-service|api|random:8080|private|tcp|false|false|false|Headscale API Server|"
|
|
CFG_HEADSCALE_PORT_2="headscale-webui-service|webui|random:5000|private|tcp|false|true|true|Web UI|"
|