mirror of
https://github.com/juanfont/headscale.git
synced 2025-01-19 02:10:04 +09:00
Update DNS documentation for dns.extra_records_path
* Describe both ways to add extra DNS records * Use "extra" instead of "custom" to align with the configuration file * Include dns.extra_records_path in the configuration file
This commit is contained in:
parent
47b405d6c6
commit
319ce67c87
3 changed files with 66 additions and 30 deletions
|
@ -301,7 +301,7 @@ dns:
|
||||||
search_domains: []
|
search_domains: []
|
||||||
|
|
||||||
# Extra DNS records
|
# Extra DNS records
|
||||||
# so far only A-records are supported (on the tailscale side)
|
# so far only A and AAAA records are supported (on the tailscale side)
|
||||||
# See: docs/ref/dns.md
|
# See: docs/ref/dns.md
|
||||||
extra_records: []
|
extra_records: []
|
||||||
# - name: "grafana.myvpn.example.com"
|
# - name: "grafana.myvpn.example.com"
|
||||||
|
@ -310,6 +310,10 @@ dns:
|
||||||
#
|
#
|
||||||
# # you can also put it in one line
|
# # you can also put it in one line
|
||||||
# - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.3" }
|
# - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.3" }
|
||||||
|
#
|
||||||
|
# Alternatively, extra DNS records can be loaded from a JSON file.
|
||||||
|
# Headscale processes this file on each change.
|
||||||
|
# extra_records_path: /var/lib/headscale/extra-records.json
|
||||||
|
|
||||||
# Unix socket used for the CLI to connect without authentication
|
# Unix socket used for the CLI to connect without authentication
|
||||||
# Note: for production you will want to set this to something like:
|
# Note: for production you will want to set this to something like:
|
||||||
|
|
|
@ -12,7 +12,7 @@ provides on overview of headscale's feature and compatibility with the Tailscale
|
||||||
- [x] [MagicDNS](https://tailscale.com/kb/1081/magicdns)
|
- [x] [MagicDNS](https://tailscale.com/kb/1081/magicdns)
|
||||||
- [x] [Global and restricted nameservers (split DNS)](https://tailscale.com/kb/1054/dns#nameservers)
|
- [x] [Global and restricted nameservers (split DNS)](https://tailscale.com/kb/1054/dns#nameservers)
|
||||||
- [x] [search domains](https://tailscale.com/kb/1054/dns#search-domains)
|
- [x] [search domains](https://tailscale.com/kb/1054/dns#search-domains)
|
||||||
- [x] [Extra DNS records (headscale only)](../ref/dns.md#setting-custom-dns-records)
|
- [x] [Extra DNS records (headscale only)](../ref/dns.md#setting-extra-dns-records)
|
||||||
- [x] [Taildrop (File Sharing)](https://tailscale.com/kb/1106/taildrop)
|
- [x] [Taildrop (File Sharing)](https://tailscale.com/kb/1106/taildrop)
|
||||||
- [x] Routing advertising (including exit nodes)
|
- [x] Routing advertising (including exit nodes)
|
||||||
- [x] Dual stack (IPv4 and IPv6)
|
- [x] Dual stack (IPv4 and IPv6)
|
||||||
|
|
|
@ -1,44 +1,76 @@
|
||||||
# DNS
|
# DNS
|
||||||
|
|
||||||
Headscale supports [most DNS features](../about/features.md) from Tailscale and DNS releated settings can be configured
|
Headscale supports [most DNS features](../about/features.md) from Tailscale. DNS releated settings can be configured
|
||||||
in the [configuration file](./configuration.md) within the `dns` section.
|
within `dns` section of the [configuration file](./configuration.md).
|
||||||
|
|
||||||
## Setting custom DNS records
|
## Setting extra DNS records
|
||||||
|
|
||||||
!!! warning "Community documentation"
|
Headscale allows to set extra DNS records which are made available via
|
||||||
|
[MagicDNS](https://tailscale.com/kb/1081/magicdns). Extra DNS records can be configured either via static entries in the
|
||||||
|
[configuration file](./configuration.md) or from a JSON file that Headscale continously watches for changes:
|
||||||
|
|
||||||
This page is not actively maintained by the headscale authors and is
|
* Use the `dns.extra_records` option in the [configuration file](./configuration.md) for entries that are static and
|
||||||
written by community members. It is _not_ verified by headscale developers.
|
don't change while Headscale is running. Those entries are processed when Headscale is starting up and changes to the
|
||||||
|
configuration require a restart of Headscale.
|
||||||
|
* For dynamic DNS records that may be added, updated or removed while Headscale is running or DNS records that are
|
||||||
|
generated by scripts the option `dns.extra_records_path` in the [configuration file](./configuration.md) is useful.
|
||||||
|
Set it to the absolute path of the JSON file containing DNS records and Headscale processes this file as it detects
|
||||||
|
changes.
|
||||||
|
|
||||||
**It might be outdated and it might miss necessary steps**.
|
An example use case is to serve multiple apps on the same host via a reverse proxy like NGINX, in this case a Prometheus
|
||||||
|
monitoring stack. This allows to nicely access the service with "http://grafana.myvpn.example.com" instead of the
|
||||||
Headscale allows to set custom DNS records which are made available via
|
hostname and port combination "http://hostname-in-magic-dns.myvpn.example.com:3000".
|
||||||
[MagicDNS](https://tailscale.com/kb/1081/magicdns). An example use case is to serve multiple apps on the same host via a
|
|
||||||
reverse proxy like NGINX, in this case a Prometheus monitoring stack. This allows to nicely access the service with
|
|
||||||
"http://grafana.myvpn.example.com" instead of the hostname and port combination
|
|
||||||
"http://hostname-in-magic-dns.myvpn.example.com:3000".
|
|
||||||
|
|
||||||
!!! warning "Limitations"
|
!!! warning "Limitations"
|
||||||
|
|
||||||
[Not all types of records are supported](https://github.com/tailscale/tailscale/blob/6edf357b96b28ee1be659a70232c0135b2ffedfd/ipn/ipnlocal/local.go#L2989-L3007), especially no CNAME records.
|
Currently, [only A and AAAA records are processed by Tailscale](https://github.com/tailscale/tailscale/blob/v1.78.3/ipn/ipnlocal/local.go#L4461-L4479).
|
||||||
|
|
||||||
1. Update the [configuration file](./configuration.md) to contain the desired records like so:
|
|
||||||
|
1. Configure extra DNS records using one of the available configuration options:
|
||||||
|
|
||||||
|
=== "Static entries, via `dns.extra_records`"
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
dns:
|
dns:
|
||||||
...
|
...
|
||||||
extra_records:
|
extra_records:
|
||||||
- name: "prometheus.myvpn.example.com"
|
- name: "grafana.myvpn.example.com"
|
||||||
type: "A"
|
type: "A"
|
||||||
value: "100.64.0.3"
|
value: "100.64.0.3"
|
||||||
|
|
||||||
- name: "grafana.myvpn.example.com"
|
- name: "prometheus.myvpn.example.com"
|
||||||
type: "A"
|
type: "A"
|
||||||
value: "100.64.0.3"
|
value: "100.64.0.3"
|
||||||
...
|
...
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Restart your headscale instance.
|
Restart your headscale instance.
|
||||||
|
|
||||||
|
=== "Dynamic entries, via `dns.extra_records_path`"
|
||||||
|
|
||||||
|
```json
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"name": "grafana.myvpn.example.com",
|
||||||
|
"type": "A",
|
||||||
|
"value": "100.64.0.3"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "prometheus.myvpn.example.com",
|
||||||
|
"type": "A",
|
||||||
|
"value": "100.64.0.3"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
```
|
||||||
|
|
||||||
|
Headscale picks up changes to the above JSON file automatically.
|
||||||
|
|
||||||
|
!!! tip "Good to know"
|
||||||
|
|
||||||
|
* The `dns.extra_records_path` option in the [configuration file](./configuration.md) needs to reference the
|
||||||
|
JSON file containing extra DNS records.
|
||||||
|
* Be sure to "sort keys" and produce a stable output in case you generate the JSON file with a script.
|
||||||
|
Headscale uses a checksum to detect changes to the file and a stable output avoids unnecessary processing.
|
||||||
|
|
||||||
1. Verify that DNS records are properly set using the DNS querying tool of your choice:
|
1. Verify that DNS records are properly set using the DNS querying tool of your choice:
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue