mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-26 08:53:05 +00:00
Apply suggestions from code review
Thanks for the pointers! Co-authored-by: Juan Font <juanfontalonso@gmail.com>
This commit is contained in:
parent
31662bcd28
commit
45df6e77ff
1 changed files with 8 additions and 4 deletions
|
@ -1,9 +1,13 @@
|
|||
# Running behind a reverse proxy
|
||||
# Running headscale behind a reverse proxy
|
||||
|
||||
Running headscale behind a reverse proxy is useful when running multiple applications on the same server, and you want to reuse the same external IP and port - usually tcp/443 for HTTPS.
|
||||
|
||||
### WebSockets
|
||||
The reverse proxy MUST be configured to support WebSockets, as it is needed for clients running Tailscale v1.30+.
|
||||
|
||||
WebSockets support is required when using the headscale embedded DERP server. In this case, you will also need to expose the UDP port used for STUN (by default, udp/3478). Please check our [config-example.yaml](https://github.com/juanfont/headscale/blob/main/config-example.yaml).
|
||||
|
||||
Running Headscale behind a reverse proxy is suitable for container-based deployments. This is especially useful on a server were port 443 is already being used for other web services.
|
||||
|
||||
### Web Sockets
|
||||
The reverse proxy _must_ be configured to support websockets if you are running headscale 0.17.x+ and tailscale v1.30+.
|
||||
|
||||
### TLS
|
||||
Headscale can be configured not to use TLS, leaving it to the reverse proxy to handle. Add the following configuration values to your headscale config file.
|
||||
|
|
Loading…
Reference in a new issue