---
# This is an Ansible playbook example to set up Headscale
# (for a self-managed tailscale deployment)
#
# Includes:
#
# - headscale (control-plane server)
# - headscale-ui (web UI for managing headscale)
# - labels to configure Traefik-2 reverse-proxy
# - ### currently exposes the ports for local connections, for debugging
#
# Configuration:
#
# - `templates/config.yaml.j2`:
# config used by this role, with customisations and variables
#
# - `templates/config-example.yaml`:
# a copy of upstream config example, with documentation
#
# Usage:
#
# - set up by running your playbook
# (add `-e pull=yes` to update to the latest docker images)
# - tell your tailscale clients to connect to:
# - access headscale admin web page at:
# The following is an example of how a playbook can import the role:
- name: "Set up headscale"
hosts: example.org
vars:
pull: false
become: yes
tasks:
- import_role: name=headscale
# example of tags you may wish to use for this task
tags: headscale
# the following variable must be defined to use the role
vars:
# the (sub)domain of this server
# (your reverse-proxy will route it)
# (use just a (sub)domain; a URL path part is NOT currently supported)
headscale_domain: headscale.example.org
# where to store the config file and the database on your server
headscale_dir: /home/headscale
# namespaces ("tailnets") to create (and/or you can create them manually)
headscale_namespaces:
- my_tailnet_name
# whether to update to the latest docker images
headscale_pull: "{{ pull }}"