53 lines
1.8 KiB
YAML
53 lines
1.8 KiB
YAML
---
|
|
# This is an Ansible playbook example to set up Headscale
|
|
# (for a self-managed tailscale deployment)
|
|
#
|
|
# Includes:
|
|
#
|
|
# - headscale (control-plane server)
|
|
# - headscale-ui (web UI for managing headscale)
|
|
# - labels to configure Traefik-2 reverse-proxy
|
|
# - ### currently hard-codes a Traefik middleware 'chain@authelia'
|
|
# - ### currently exposes the ports for local connections, for debugging
|
|
#
|
|
# Configuration:
|
|
#
|
|
# - `templates/config.yaml.j2`:
|
|
# config used by this role, with customisations and variables
|
|
#
|
|
# - `templates/config-example.yaml`:
|
|
# a copy of upstream config example, with documentation
|
|
#
|
|
# Usage:
|
|
#
|
|
# - set up by running your playbook
|
|
# (add `-e pull=yes` to update to the latest docker images)
|
|
# - tell your tailscale clients to connect to: <https://$headscale_domain/>
|
|
# - access headscale admin web page at: <https://$headscale_domain/web>
|
|
|
|
# The following is an example of how a playbook can import the role:
|
|
|
|
- name: "Set up headscale"
|
|
hosts: example.org
|
|
vars:
|
|
pull: false
|
|
become: yes
|
|
|
|
roles:
|
|
|
|
- role: headscale
|
|
# example of tags you may wish to use for this task
|
|
tags: headscale
|
|
# the following variables must be defined to use the role
|
|
vars:
|
|
# the (sub)domain of this server
|
|
# (your reverse-proxy will route it)
|
|
# (use just a (sub)domain; a URL path part is NOT currently supported)
|
|
headscale_domain: headscale.example.org
|
|
# where to store the config file and the database on your server
|
|
headscale_dir: /home/headscale
|
|
# namespaces ("tailnets") to create (and/or you can create them manually)
|
|
headscale_namespaces:
|
|
- my_tailnet_name
|
|
# whether to update to the latest docker images
|
|
headscale_pull: "{{ pull }}"
|