adding default for tls_client_auth_mode

This commit is contained in:
Justin Angel 2022-01-30 07:26:28 -05:00
parent c98a559b4d
commit d44b2a7c01

View file

@ -85,6 +85,13 @@ acme_email: ""
# Domain name to request a TLS certificate for: # Domain name to request a TLS certificate for:
tls_letsencrypt_hostname: "" tls_letsencrypt_hostname: ""
# Client (Tailscale/Browser) authentication mode (mTLS)
# Acceptable values:
# - disabled: client authentication disabled
# - relaxed: client certificate is required but not verified
# - enforced: client certificate is required and verified
tls_client_auth_mode: disabled
# Path to store certificates and metadata needed by # Path to store certificates and metadata needed by
# letsencrypt # letsencrypt
tls_letsencrypt_cache_dir: /var/lib/headscale/cache tls_letsencrypt_cache_dir: /var/lib/headscale/cache