Update examples and docs

This commit is contained in:
Kristoffer Dalby 2022-02-12 19:08:59 +00:00
parent e18078d7f8
commit 58bfea4e64
2 changed files with 16 additions and 1 deletions

View File

@ -16,6 +16,13 @@ server_url: http://127.0.0.1:8080
# #
listen_addr: 0.0.0.0:8080 listen_addr: 0.0.0.0:8080
# Address to listen for gRPC.
# gRPC is used for controlling a headscale server
# remotely with the CLI
# Note: Remote access _only_ works if you have
# valid certificates.
grpc_listen_addr: 0.0.0.0:50443
# Private key used encrypt the traffic between headscale # Private key used encrypt the traffic between headscale
# and Tailscale clients. # and Tailscale clients.
# The private key file which will be # The private key file which will be

View File

@ -7,6 +7,7 @@
- Access to create API keys (local access to the `headscale` server) - Access to create API keys (local access to the `headscale` server)
- `headscale` _must_ be served over TLS/HTTPS - `headscale` _must_ be served over TLS/HTTPS
- Remote access does _not_ support unencrypted traffic. - Remote access does _not_ support unencrypted traffic.
- Port `50443` must be open in the firewall (or port overriden by `grpc_listen_addr` option)
## Goal ## Goal
@ -53,10 +54,17 @@ chmod +x /usr/local/bin/headscale
4. Configure the CLI through Environment Variables 4. Configure the CLI through Environment Variables
```shell ```shell
export HEADSCALE_CLI_ADDRESS="<HEADSCALE ADDRESS>" export HEADSCALE_CLI_ADDRESS="<HEADSCALE ADDRESS>:<PORT>"
export HEADSCALE_CLI_API_KEY="<API KEY FROM PREVIOUS STAGE>" export HEADSCALE_CLI_API_KEY="<API KEY FROM PREVIOUS STAGE>"
``` ```
for example:
```shell
export HEADSCALE_CLI_ADDRESS="headscale.example.com:50443"
export HEADSCALE_CLI_API_KEY="abcde12345"
```
This will tell the `headscale` binary to connect to a remote instance, instead of looking This will tell the `headscale` binary to connect to a remote instance, instead of looking
for a local instance (which is what it does on the server). for a local instance (which is what it does on the server).