mirror of
https://github.com/juanfont/headscale.git
synced 2025-08-15 00:27:42 +00:00
Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time, if we use a certificate it must be valid... otherwise Tailscale wont connect (does not have an Insecure option). So there is no option to expose insecure here
This commit is contained in:
Juan Font Alonso
@@ -57,12 +57,9 @@ ip_prefixes:
|
||||
derp:
|
||||
server:
|
||||
# If enabled, runs the embedded DERP server and merges it into the rest of the DERP config
|
||||
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
||||
enabled: false
|
||||
|
||||
# Insecure mode is recommended only for tests. It indicates the tailscale clients
|
||||
# to use insecure connections to this server.
|
||||
insecure: false
|
||||
|
||||
# List of externally available DERP maps encoded in JSON
|
||||
urls:
|
||||
- https://controlplane.tailscale.com/derpmap/default
|
||||
|
||||
Reference in New Issue
Block a user