Fix Headscale connection: auto-detect LAN vs external network

Same-LAN PVE hosts can't reach head.pharmq.kr via public IP (NAT hairpinning).
Script now pings 192.168.0.100 to detect LAN and uses direct IP:8070 instead.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

pharmq-setup.sh

@@ -18,7 +18,9 @@ set -euo pipefail
 # ============================================================
 # 설정
 # ============================================================
-HEADSCALE_SERVER="http://head.pharmq.kr"
+HEADSCALE_SERVER=""  # 자동 감지 (LAN: 직접 IP, 외부: 도메인)
+HEADSCALE_SERVER_LAN="http://192.168.0.100:8070"
+HEADSCALE_SERVER_EXT="http://head.pharmq.kr"
 PREAUTH_KEY="b46923995afeaec90e588168f2e1bf99801775e8657ce003"
 
 # PBS 설정
@@ -168,6 +170,18 @@ EOF
 phase2_tailscale_pve() {
     print_phase "Phase 2/8: PVE Host Tailscale 등록"
 
+    # Headscale 서버 주소 자동 감지 (LAN vs 외부)
+    if [ -z "$HEADSCALE_SERVER" ]; then
+        print_step "Headscale 서버 접근 경로 감지 중..."
+        if ping -c1 -W2 192.168.0.100 >/dev/null 2>&1; then
+            HEADSCALE_SERVER="$HEADSCALE_SERVER_LAN"
+            print_ok "LAN 감지 → 직접 연결 ($HEADSCALE_SERVER)"
+        else
+            HEADSCALE_SERVER="$HEADSCALE_SERVER_EXT"
+            print_ok "외부 네트워크 → 도메인 경유 ($HEADSCALE_SERVER)"
+        fi
+    fi
+
     # Tailscale 설치
     if ! command -v tailscale >/dev/null 2>&1; then
         print_step "Tailscale 설치 중..."