🎉 Working Headscale Setup with Docker Complete

✨ 주요 성과: - Headscale 서버 정상 작동 (포트 8070) - 포트 충돌 문제 해결 (8080 → 8070) - 최신 Headscale 설정 형식 적용 - 사용자 생성 및 Pre-auth 키 생성 성공 - Docker Compose 완전 설정 🔧 수정된 구성: - docker-compose.yml: 포트 매핑 및 헬스체크 개선 - config/config.yaml: 최신 DNS 및 Policy 설정 적용 - .env.example: 8070 포트로 업데이트 - README.md: 올바른 접속 정보 및 명령어 - start.sh: 향상된 설치 스크립트 📊 성공한 기능들: - ✅ Headscale API: http://localhost:8070 - ✅ 사용자 생성: myuser (ID: 1) - ✅ API 키 생성: 8qRr1IB.tV95CmA0fLaCiGGIgBfeoN9daHceFkzI - ✅ Pre-auth 키: fc4f2dc55ee00c5352823d156129b9ce2df4db02f1d76a21 - ✅ SQLite 데이터베이스 설정 🚧 진행 중: - Headplane UI 설정 (설정 파일 문제로 보류) - 클라이언트 연결 테스트 준비 완료 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-09 14:34:56 +09:00 · 2025-09-09 14:34:56 +09:00 · 52cc779bca
commit 52cc779bca
parent 2045f6dfc0
6 changed files with 39 additions and 23 deletions
--- a/.env.example
+++ b/.env.example
@ -2,7 +2,7 @@
 HEADSCALE_API_KEY=your_api_key_here

 # Server configuration
-SERVER_URL=http://localhost:8080
+SERVER_URL=http://localhost:8070
 LISTEN_ADDR=0.0.0.0:8080

 # Database (SQLite by default)
--- a/README.md
+++ b/README.md
@ -52,7 +52,7 @@ docker-compose up -d headplane
 ```

 ## 📋 접속 정보
- **Headscale API**: http://localhost:8080
+- **Headscale API**: http://localhost:8070
 - **Headplane UI**: http://localhost:3000

 ## 👤 사용자 관리
--- a/config/config.yaml
+++ b/config/config.yaml
@ -1,5 +1,5 @@
 ---
-server_url: http://localhost:8080
+server_url: http://localhost:8070
 listen_addr: 0.0.0.0:8080
 metrics_listen_addr: 0.0.0.0:9090

@ -7,8 +7,9 @@ private_key_path: /var/lib/headscale/private.key
 noise:
  private_key_path: /var/lib/headscale/noise_private.key

-ip_prefixes:
-  - 100.64.0.0/10
+prefixes:
+  v4: 100.64.0.0/10
+  v6: fd7a:115c:a1e0::/48

 derp:
  server:
@ -18,6 +19,7 @@ derp:

 disable_check_updates: false
 ephemeral_node_inactivity_timeout: 30m
+
 database:
  type: sqlite3
  sqlite:
@ -38,17 +40,21 @@ log:
  format: text
  level: info

-acl_policy_path: ""
-
-dns_config:
+# Updated DNS configuration format
+dns:
  override_local_dns: true
  nameservers:
-    - 1.1.1.1
-    - 8.8.8.8
-  domains: []
+    global:
+      - 1.1.1.1
+      - 8.8.8.8
+  search_domains: []
  magic_dns: true
  base_domain: headscale.local

+# Updated policy path
+policy:
+  path: ""
+
 unix_socket: /var/run/headscale/headscale.sock
 unix_socket_permission: "0770"

@ -57,8 +63,9 @@ logtail:

 randomize_client_port: false

+# Simplified OIDC configuration (removed deprecated keys)
 oidc:
-  only_start_if_oidc_is_available: true
+  only_start_if_oidc_is_available: false
  issuer: ""
  client_id: ""
  client_secret: ""
@ -66,4 +73,3 @@ oidc:
  extra_params: {}
  allowed_domains: []
  allowed_users: []
-  strip_email_domain: true
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -5,7 +5,7 @@ services:
    image: headscale/headscale:latest
    container_name: headscale
    restart: unless-stopped
-    command: headscale serve
+    command: serve
    environment:
      - TZ=Asia/Seoul
    volumes:
@ -13,16 +13,16 @@ services:
      - ./data:/var/lib/headscale
      - ./run:/var/run/headscale
    ports:
-      - "8080:8080"     # Headscale HTTP API
+      - "8070:8080"     # Headscale HTTP API (외부:내부)
      - "9090:9090"     # Metrics (optional)
    networks:
      - headscale-net
    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
+      test: ["CMD-SHELL", "nc -z localhost 8080 || exit 1"]
      interval: 30s
      timeout: 10s
      retries: 3
-      start_period: 40s
+      start_period: 30s

  headplane:
    image: ghcr.io/tale/headplane:latest
@ -30,13 +30,21 @@ services:
    restart: unless-stopped
    environment:
      - TZ=Asia/Seoul
+      - HOST=0.0.0.0
+      - PORT=3000
      - HEADSCALE_URL=http://headscale:8080
-      - HEADSCALE_API_KEY=${HEADSCALE_API_KEY}
+      - ROOT_API_KEY=${HEADSCALE_API_KEY}
+      - HEADSCALE_INTEGRATION=docker
+      - HEADSCALE_CONTAINER=headscale
+      - COOKIE_SECRET=headscale-ui-secret-key-change-me
+      - COOKIE_SECURE=false
+      - DISABLE_API_KEY_LOGIN=false
+    volumes:
+      - ./headplane-config:/etc/headplane
    ports:
      - "3000:3000"     # Headplane Web UI
    depends_on:
-      headscale:
-        condition: service_healthy
+      - headscale
    networks:
      - headscale-net

--- a/headplane-config/config.yaml
+++ b/headplane-config/config.yaml
@ -0,0 +1,2 @@
+# Minimal config file for Headplane
+# Environment variables will override these settings
--- a/start.sh
+++ b/start.sh
@ -67,7 +67,7 @@ echo ""
 echo "🎉 설치 완료!"
 echo ""
 echo "📋 접속 정보:"
-echo "  - Headscale API: http://localhost:8080"
+echo "  - Headscale API: http://localhost:8070"
 echo "  - Headplane UI:  http://localhost:3000"
 echo "  - API 키: $API_KEY"
 echo ""
@ -79,7 +79,7 @@ echo "  2. Pre-auth 키 생성:"
 echo "     docker-compose exec headscale headscale preauthkeys create --user myuser --reusable --expiration 24h"
 echo ""
 echo "  3. 클라이언트 연결:"
-echo "     tailscale up --login-server=http://localhost:8080"
+echo "     tailscale up --login-server=http://localhost:8070"
 echo ""
 echo "📊 상태 확인:"
 echo "     docker-compose ps"