mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-26 17:03:06 +00:00
Docs/ACLs: Wording, add intermediary router example
This commit is contained in:
Nico Rey
parent
1c9b1c0579
commit
b9f0fabb5c
1 changed files with 6 additions and 2 deletions
|
|
@ -5,12 +5,15 @@ ACL's are the most useful).
|
||||||
|
|
||||||
We have a small company with a boss, an admin, two developers and an intern.
|
We have a small company with a boss, an admin, two developers and an intern.
|
||||||
|
|
||||||
The boss should have access to all servers but not to the users hosts. Admin
|
The boss should have access to all servers but not to the user's hosts. Admin
|
||||||
should also have access to all hosts except that their permissions should be
|
should also have access to all hosts except that their permissions should be
|
||||||
limited to maintaining the hosts (for example purposes). The developers can do
|
limited to maintaining the hosts (for example purposes). The developers can do
|
||||||
anything they want on dev hosts, but only watch on productions hosts. Intern
|
anything they want on dev hosts but only watch on productions hosts. Intern
|
||||||
can only interact with the development servers.
|
can only interact with the development servers.
|
||||||
|
|
||||||
|
There's an additional server that acts as a router, connecting the VPN users
|
||||||
|
to an internal network 10.20.0.0/16
|
||||||
|
|
||||||
Each user have at least a device connected to the network and we have some
|
Each user have at least a device connected to the network and we have some
|
||||||
servers.
|
servers.
|
||||||
|
|
||||||
|
|
@ -19,6 +22,7 @@ servers.
|
||||||
- app-server1.prod
|
- app-server1.prod
|
||||||
- app-server1.dev
|
- app-server1.dev
|
||||||
- billing.internal
|
- billing.internal
|
||||||
|
- router.internal
|
||||||
|
|
||||||
## Setup of the network
|
## Setup of the network
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue