From 52cc779bca8221023def9fbd1e3617644d3a2ba1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EC=8B=9C=EA=B3=A8=EC=95=BD=EC=82=AC?= Date: Tue, 9 Sep 2025 14:34:56 +0900 Subject: [PATCH] =?UTF-8?q?=F0=9F=8E=89=20Working=20Headscale=20Setup=20wi?= =?UTF-8?q?th=20Docker=20Complete?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ✨ 주요 성과: - Headscale 서버 정상 작동 (포트 8070) - 포트 충돌 문제 해결 (8080 → 8070) - 최신 Headscale 설정 형식 적용 - 사용자 생성 및 Pre-auth 키 생성 성공 - Docker Compose 완전 설정 🔧 수정된 구성: - docker-compose.yml: 포트 매핑 및 헬스체크 개선 - config/config.yaml: 최신 DNS 및 Policy 설정 적용 - .env.example: 8070 포트로 업데이트 - README.md: 올바른 접속 정보 및 명령어 - start.sh: 향상된 설치 스크립트 📊 성공한 기능들: - ✅ Headscale API: http://localhost:8070 - ✅ 사용자 생성: myuser (ID: 1) - ✅ API 키 생성: 8qRr1IB.tV95CmA0fLaCiGGIgBfeoN9daHceFkzI - ✅ Pre-auth 키: fc4f2dc55ee00c5352823d156129b9ce2df4db02f1d76a21 - ✅ SQLite 데이터베이스 설정 🚧 진행 중: - Headplane UI 설정 (설정 파일 문제로 보류) - 클라이언트 연결 테스트 준비 완료 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .env.example | 2 +- README.md | 2 +- config/config.yaml | 30 ++++++++++++++++++------------ docker-compose.yml | 22 +++++++++++++++------- headplane-config/config.yaml | 2 ++ start.sh | 4 ++-- 6 files changed, 39 insertions(+), 23 deletions(-) create mode 100644 headplane-config/config.yaml diff --git a/.env.example b/.env.example index c22cf5d..d7d5511 100644 --- a/.env.example +++ b/.env.example @@ -2,7 +2,7 @@ HEADSCALE_API_KEY=your_api_key_here # Server configuration -SERVER_URL=http://localhost:8080 +SERVER_URL=http://localhost:8070 LISTEN_ADDR=0.0.0.0:8080 # Database (SQLite by default) diff --git a/README.md b/README.md index 85fcef4..a4fbd82 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ docker-compose up -d headplane ``` ## 📋 접속 정보 -- **Headscale API**: http://localhost:8080 +- **Headscale API**: http://localhost:8070 - **Headplane UI**: http://localhost:3000 ## 👤 사용자 관리 diff --git a/config/config.yaml b/config/config.yaml index ed7478a..b187b47 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -1,5 +1,5 @@ --- -server_url: http://localhost:8080 +server_url: http://localhost:8070 listen_addr: 0.0.0.0:8080 metrics_listen_addr: 0.0.0.0:9090 @@ -7,8 +7,9 @@ private_key_path: /var/lib/headscale/private.key noise: private_key_path: /var/lib/headscale/noise_private.key -ip_prefixes: - - 100.64.0.0/10 +prefixes: + v4: 100.64.0.0/10 + v6: fd7a:115c:a1e0::/48 derp: server: @@ -18,6 +19,7 @@ derp: disable_check_updates: false ephemeral_node_inactivity_timeout: 30m + database: type: sqlite3 sqlite: @@ -38,17 +40,21 @@ log: format: text level: info -acl_policy_path: "" - -dns_config: +# Updated DNS configuration format +dns: override_local_dns: true nameservers: - - 1.1.1.1 - - 8.8.8.8 - domains: [] + global: + - 1.1.1.1 + - 8.8.8.8 + search_domains: [] magic_dns: true base_domain: headscale.local +# Updated policy path +policy: + path: "" + unix_socket: /var/run/headscale/headscale.sock unix_socket_permission: "0770" @@ -57,13 +63,13 @@ logtail: randomize_client_port: false +# Simplified OIDC configuration (removed deprecated keys) oidc: - only_start_if_oidc_is_available: true + only_start_if_oidc_is_available: false issuer: "" client_id: "" client_secret: "" scope: ["openid", "profile", "email"] extra_params: {} allowed_domains: [] - allowed_users: [] - strip_email_domain: true \ No newline at end of file + allowed_users: [] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index d7d340d..16ab3d4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: image: headscale/headscale:latest container_name: headscale restart: unless-stopped - command: headscale serve + command: serve environment: - TZ=Asia/Seoul volumes: @@ -13,16 +13,16 @@ services: - ./data:/var/lib/headscale - ./run:/var/run/headscale ports: - - "8080:8080" # Headscale HTTP API + - "8070:8080" # Headscale HTTP API (외부:내부) - "9090:9090" # Metrics (optional) networks: - headscale-net healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/health"] + test: ["CMD-SHELL", "nc -z localhost 8080 || exit 1"] interval: 30s timeout: 10s retries: 3 - start_period: 40s + start_period: 30s headplane: image: ghcr.io/tale/headplane:latest @@ -30,13 +30,21 @@ services: restart: unless-stopped environment: - TZ=Asia/Seoul + - HOST=0.0.0.0 + - PORT=3000 - HEADSCALE_URL=http://headscale:8080 - - HEADSCALE_API_KEY=${HEADSCALE_API_KEY} + - ROOT_API_KEY=${HEADSCALE_API_KEY} + - HEADSCALE_INTEGRATION=docker + - HEADSCALE_CONTAINER=headscale + - COOKIE_SECRET=headscale-ui-secret-key-change-me + - COOKIE_SECURE=false + - DISABLE_API_KEY_LOGIN=false + volumes: + - ./headplane-config:/etc/headplane ports: - "3000:3000" # Headplane Web UI depends_on: - headscale: - condition: service_healthy + - headscale networks: - headscale-net diff --git a/headplane-config/config.yaml b/headplane-config/config.yaml new file mode 100644 index 0000000..ca46e2a --- /dev/null +++ b/headplane-config/config.yaml @@ -0,0 +1,2 @@ +# Minimal config file for Headplane +# Environment variables will override these settings \ No newline at end of file diff --git a/start.sh b/start.sh index f6629ce..6dde00f 100755 --- a/start.sh +++ b/start.sh @@ -67,7 +67,7 @@ echo "" echo "🎉 설치 완료!" echo "" echo "📋 접속 정보:" -echo " - Headscale API: http://localhost:8080" +echo " - Headscale API: http://localhost:8070" echo " - Headplane UI: http://localhost:3000" echo " - API 키: $API_KEY" echo "" @@ -79,7 +79,7 @@ echo " 2. Pre-auth 키 생성:" echo " docker-compose exec headscale headscale preauthkeys create --user myuser --reusable --expiration 24h" echo "" echo " 3. 클라이언트 연결:" -echo " tailscale up --login-server=http://localhost:8080" +echo " tailscale up --login-server=http://localhost:8070" echo "" echo "📊 상태 확인:" echo " docker-compose ps"